Exemple #1
0
/***
verify x509_req signature
@function verify
@treturn boolean result true for verify pass
*/
static LUA_FUNCTION(openssl_csr_verify)
{
  X509_REQ *csr = CHECK_OBJECT(1, X509_REQ, "openssl.x509_req");
  EVP_PKEY * self_key = X509_REQ_get_pubkey(csr);
  if (self_key)
  {
    lua_pushboolean(L, X509_REQ_verify(csr, self_key) == 1);
    EVP_PKEY_free(self_key);
  }
  else
    lua_pushboolean(L, 0);
  return 1;
};
Exemple #2
0
NUITKA_MAY_BE_UNUSED static bool EXCEPTION_MATCH_BOOL_SINGLE( PyObject *exception_value, PyObject *exception_checked )
{
    CHECK_OBJECT( exception_value );
    CHECK_OBJECT( exception_checked );

    // We need to check the class.
    if ( PyExceptionInstance_Check( exception_value ) )
    {
        exception_value = PyExceptionInstance_Class( exception_value );
    }

    // Lets be optimistic. If it matches, we would be wasting our time.
    if ( exception_value == exception_checked )
    {
        return true;
    }

    if ( PyExceptionClass_Check( exception_value ) )
    {
        // Save the current exception, if any, we must preserve it.
        PyObject *save_exception_type, *save_exception_value;
        PyTracebackObject *save_exception_tb;
        FETCH_ERROR_OCCURRED( &save_exception_type, &save_exception_value, &save_exception_tb );

        int res = PyObject_IsSubclass( exception_value, exception_checked );

        // This function must not fail, so print the error here */
        if (unlikely( res == -1 ))
        {
            PyErr_WriteUnraisable( exception_value );
        }

        RESTORE_ERROR_OCCURRED( save_exception_type, save_exception_value, save_exception_tb );

        return res == 1;
    }

    return false;
}
Exemple #3
0
static int openssl_engine_name(lua_State*L){
	ENGINE* eng = CHECK_OBJECT(1,ENGINE,"openssl.engine");
	const char*id = NULL;
	int ret = 0;
	if(lua_isstring(L, 2)){
		id = luaL_checkstring(L, 2);
		ret = ENGINE_set_name(eng,id);
		lua_pushboolean(L, ret);
		return 1;
	}
	lua_pushstring(L, ENGINE_get_name(eng));
	return 1;
}
Exemple #4
0
static LUA_FUNCTION(openssl_ts_req_export)
{
  TS_REQ *ts_req = CHECK_OBJECT(1, TS_REQ, "openssl.ts_req");
  unsigned char *data = NULL;
  int len = i2d_TS_REQ(ts_req, &data);
  if (len > 0)
  {
    lua_pushlstring(L, data, (size_t)len);
    OPENSSL_free(data);
    return 1;
  }
  return 0;
}
Exemple #5
0
static LUA_FUNCTION(openssl_digest_info)
{
  EVP_MD *md = CHECK_OBJECT(1, EVP_MD, "openssl.evp_digest");
  lua_newtable(L);
  AUXILIAR_SET(L, -1, "nid", EVP_MD_nid(md), integer);
  AUXILIAR_SET(L, -1, "name", EVP_MD_name(md), string);
  AUXILIAR_SET(L, -1, "size", EVP_MD_size(md), integer);
  AUXILIAR_SET(L, -1, "block_size", EVP_MD_block_size(md), integer);

  AUXILIAR_SET(L, -1, "pkey_type", EVP_MD_pkey_type(md), integer);
  AUXILIAR_SET(L, -1, "flags", EVP_MD_type(md), integer);
  return 1;
}
Exemple #6
0
static LUA_FUNCTION(openssl_digest_ctx_reset)
{
  EVP_MD_CTX *ctx = CHECK_OBJECT(1, EVP_MD_CTX, "openssl.evp_digest_ctx");
  const EVP_MD *md = EVP_MD_CTX_md(ctx);
  ENGINE* e = ctx->engine;
  int ret = EVP_MD_CTX_cleanup(ctx);
  if (ret)
  {
    EVP_MD_CTX_init(ctx);
    EVP_DigestInit_ex(ctx, md, e);
  }
  return openssl_pushresult(L, ret);
}
Exemple #7
0
static int openssl_cms_content(lua_State *L)
{
  CMS_ContentInfo *cms = CHECK_OBJECT(1, CMS_ContentInfo, "openssl.cms");
  ASN1_OCTET_STRING** content = CMS_get0_content(cms);
  if (content && *content)
  {

    lua_pushnil(L);
    return 1;
  }
  lua_pushnil(L);
  return 1;
}
Exemple #8
0
/** @ingroup SystemInfo
 * @brief Get the configuration parameters used to initialize the API.
 *
 * This function returns the configuration parameters that were used to 
 * initialize the API.
 *
 * @param value_p WO: Pointer in which to store revision info.
 *
 * @par Externals:
 *    None.
 *
 * @return 
 *    N8_STATUS_OK: The function worked correctly.
 *    N8_INVALID_OBJECT: The output pointer is NULL.
 *
 * @par Errors:
 *    N8_INVALID_OBJECT as described in the return section.
 *   
 * @par Locks:
 *    None.
 *
 * @par Assumptions:
 *    This function can not be called until the initialization of the API
 *    is complete. The value_p pointer points to a "reasonable" location.
 *****************************************************************************/
static N8_Status_t setInitInfo(N8_Buffer_t *value_p)
{
    N8_Status_t  ret = N8_STATUS_OK;

    DBG(("setInitInfo\n"));
    do
    {
       CHECK_OBJECT(value_p, ret);
       n8_getConfigInfo((N8_ConfigAPI_t *)value_p);
    }while (FALSE);
    DBG(("setInitInfo - OK\n"));
    return ret;
}
Exemple #9
0
/* mem */
static LUA_FUNCTION(openssl_bio_get_mem)
{
  BIO* bio = CHECK_OBJECT(1, BIO, "openssl.bio");
  if (BIO_method_type(bio) == BIO_TYPE_MEM)
  {
    BUF_MEM* mem;
    BIO_get_mem_ptr(bio, &mem);
    lua_pushlstring(L, mem->data, mem->length);
    return 1;
  }
  luaL_error(L, "#1 BIO must be memory type");
  return 0;
}
Exemple #10
0
static LUA_FUNCTION(openssl_verifyInit)
{
  const EVP_MD *md = get_digest(L, 1);
  EVP_PKEY* pkey = CHECK_OBJECT(2, EVP_PKEY, "openssl.evp_pkey");
  ENGINE*     e = lua_gettop(L) > 2 ? CHECK_OBJECT(3, ENGINE, "openssl.engine") : NULL;
  EVP_PKEY_CTX *pctx = 0;
  EVP_MD_CTX *ctx = EVP_MD_CTX_create();
  luaL_argcheck(L, !openssl_pkey_is_private(pkey), 2, "need public key");
  if (ctx)
  {
    int ret = EVP_DigestVerifyInit(ctx, &pctx, md, e, pkey);
    if (ret)
    {
      PUSH_OBJECT(ctx, "openssl.evp_digest_ctx");
    }
    else
      return openssl_pushresult(L, ret);
  }
  else
    lua_pushnil(L);
  return 1;
}
Exemple #11
0
static int openssl_xext_export(lua_State* L)
{
  X509_EXTENSION *x = CHECK_OBJECT(1, X509_EXTENSION, "openssl.x509_extension");
  unsigned char* p = NULL;
  int len = i2d_X509_EXTENSION(x, &p);
  if (len > 0)
  {
    lua_pushlstring(L, (const char *) p, len);
  }
  else
    lua_pushnil(L);
  return 1;
};
Exemple #12
0
static int openssl_cms_EncryptedData_decrypt(lua_State*L)
{
  CMS_ContentInfo *cms = CHECK_OBJECT(1, CMS_ContentInfo, "openssl.cms");
  size_t klen;
  const char* key = luaL_checklstring(L, 2, &klen);
  BIO* dcont = load_bio_object(L, 3);
  BIO* out = load_bio_object(L, 4);
  unsigned int flags = luaL_optint(L, 5, 0);

  int ret = CMS_EncryptedData_decrypt(cms, (const unsigned char*)key, klen, dcont, out, flags);

  return openssl_pushresult(L, ret);
}
Exemple #13
0
static LUA_FUNCTION(openssl_pkcs7_verify)
{
  int ret = 0;
  PKCS7 *p7 = CHECK_OBJECT(1, PKCS7, "openssl.pkcs7");
  STACK_OF(X509) *signers = lua_isnoneornil(L, 2) ? NULL : openssl_sk_x509_fromtable(L, 2);
  X509_STORE *store = lua_isnoneornil(L, 3) ? NULL : CHECK_OBJECT(3, X509_STORE, "openssl.x509_store");
  BIO* in = lua_isnoneornil(L, 4) ? NULL : load_bio_object(L, 4);
  long flags = luaL_optint(L, 5, 0);
  BIO* out = BIO_new(BIO_s_mem());
  if (!store)
    flags |= PKCS7_NOVERIFY;
  if (PKCS7_verify(p7, signers, store, in, out, flags) == 1)
  {
    if (out && (flags & PKCS7_DETACHED) == 0)
    {
      BUF_MEM *bio_buf;

      BIO_get_mem_ptr(out, &bio_buf);
      lua_pushlstring(L, bio_buf->data, bio_buf->length);
    }
    else
    {
      lua_pushboolean(L, 1);
    }
    ret += 1;
  }
  else
  {
    ret = openssl_pushresult(L, 0);
  }
  if (signers)
    sk_X509_pop_free(signers, X509_free);
  if (out)
    BIO_free(out);
  if (in)
    BIO_free(in);
  return ret;
}
Exemple #14
0
static int openssl_xname_info(lua_State*L)
{
  X509_NAME* name = CHECK_OBJECT(1, X509_NAME, "openssl.x509_name");
  int i;
  int n_entries = X509_NAME_entry_count(name);
  lua_newtable(L);
  for (i = 0; i < n_entries; i++)
  {
    X509_NAME_ENTRY* entry = X509_NAME_get_entry(name, i);
    openssl_push_xname_entry(L, entry);
    lua_rawseti(L, -2, i + 1);
  }
  return 1;
};
Exemple #15
0
static int openssl_xname_digest(lua_State*L)
{
  X509_NAME* xname = CHECK_OBJECT(1, X509_NAME, "openssl.x509_name");
  const EVP_MD* md = get_digest(L, 2);
  unsigned char buf [EVP_MAX_MD_SIZE];
  unsigned int len = sizeof(buf);

  int ret = X509_NAME_digest(xname, md, buf, &len);
  if (ret == 1)
    lua_pushlstring(L, (const char *) buf, len);
  else
    return openssl_pushresult(L, ret);
  return 1;
};
Exemple #16
0
static int openssl_xname_i2d(lua_State*L)
{
  X509_NAME* xn = CHECK_OBJECT(1, X509_NAME, "openssl.x509_name");
  unsigned char* out = NULL;
  int len = i2d_X509_NAME(xn, &out);
  if (len > 0)
  {
    lua_pushlstring(L, (const char *)out, len);
    CRYPTO_free(out);
    return 1;
  }
  else
    return openssl_pushresult(L, len);
};
Exemple #17
0
/***
return x509_name as table

@function info
@tparam[opt=false] boolean asobject table key will use asn1_object or short name of asn1_object
@treturn table names
@see new
*/
static int openssl_xname_info(lua_State*L)
{
  X509_NAME* name = CHECK_OBJECT(1, X509_NAME, "openssl.x509_name");
  int obj = lua_isnoneornil(L, 2) ? 0 : lua_toboolean(L, 2);
  int i, n;
  lua_newtable(L);
  for (i = 0, n = X509_NAME_entry_count(name); i < n; i++)
  {
    X509_NAME_ENTRY* entry = X509_NAME_get_entry(name, i);
    openssl_push_xname_entry(L, entry, obj);
    lua_rawseti(L, -2, i + 1);
  }
  return 1;
};
Exemple #18
0
static LUA_FUNCTION(openssl_digest)
{
  const EVP_MD *md = NULL;
  if (lua_istable(L, 1))
  {
    if (lua_getmetatable(L, 1) && lua_equal(L, 1, -1))
    {
      lua_pop(L, 1);
      lua_remove(L, 1);
    }
    else
      luaL_error(L, "call function with invalid state");
  }
  if (lua_isstring(L, 1))
  {
    md = EVP_get_digestbyname(lua_tostring(L, 1));
  }
  else if (auxiliar_isclass(L, "openssl.evp_digest", 1))
  {
    md = CHECK_OBJECT(1, EVP_MD, "openssl.evp_digest");
  }
  else
    luaL_error(L, "argument #1 must be a string identity digest method or an openssl.evp_digest object");

  if (md)
  {
    size_t inl;
    unsigned char buf[EVP_MAX_MD_SIZE];
    unsigned int  blen = sizeof(buf);
    const char* in = luaL_checklstring(L, 2, &inl);
    int raw = (lua_isnoneornil(L, 3)) ? 0 : lua_toboolean(L, 3);
    int status = EVP_Digest(in, inl, buf, &blen, md, NULL);
    if (status)
    {
      if (raw)
        lua_pushlstring(L, (const char*)buf, blen);
      else
      {
        char hex[2 * EVP_MAX_MD_SIZE + 1];
        to_hex((const char*) buf, blen, hex);
        lua_pushstring(L, hex);
      }
    }
    else
      luaL_error(L, "EVP_Digest method fail");
  }
  else
    luaL_error(L, "argument #1 is not a valid digest algorithm or openssl.evp_digest object");
  return 1;
};
Exemple #19
0
static int openssl_xattr_type(lua_State*L)
{
  X509_ATTRIBUTE* attr = CHECK_OBJECT(1, X509_ATTRIBUTE, "openssl.x509_attribute");
  int loc = luaL_optint(L, 2, 0);
  ASN1_TYPE *type = X509_ATTRIBUTE_get0_type(attr, loc);
  if (type)
  {
    openssl_push_asn1type(L, type);;
    return 1;
  }
  else
    lua_pushnil(L);
  return 1;
}
Exemple #20
0
static int openssl_ssl_peer(lua_State*L)
{
  SSL* s = CHECK_OBJECT(1, SSL, "openssl.ssl");
  X509* x = SSL_get_peer_certificate(s);
  STACK_OF(X509) *sk = SSL_get_peer_cert_chain(s);
  PUSH_OBJECT(x, "openssl.x509");
  if (sk)
  {
    sk = openssl_sk_x509_dup(sk);
    PUSH_OBJECT(sk, "openssl.stack_of_x509");
    return 2;
  }
  return 1;
}
Exemple #21
0
 void assembleRequest( const string &ns, BSONObj query, int nToReturn, int nToSkip, const BSONObj *fieldsToReturn, int queryOptions, Message &toSend ) {
     CHECK_OBJECT( query , "assembleRequest query" );
     // see query.h for the protocol we are using here.
     BufBuilder b;
     int opts = queryOptions;
     b.append(opts);
     b.append(ns.c_str());
     b.append(nToSkip);
     b.append(nToReturn);
     query.appendSelfToBufBuilder(b);
     if ( fieldsToReturn )
         fieldsToReturn->appendSelfToBufBuilder(b);
     toSend.setData(dbQuery, b.buf(), b.len());
 }
Exemple #22
0
static void RAISE_GENERATOR_EXCEPTION( struct Nuitka_GeneratorObject *generator )
{
    CHECK_OBJECT( generator->m_exception_type );

    RESTORE_ERROR_OCCURRED(
        generator->m_exception_type,
        generator->m_exception_value,
        generator->m_exception_tb
    );

    generator->m_exception_type = NULL;
    generator->m_exception_value = NULL;
    generator->m_exception_tb = NULL;
}
Exemple #23
0
NUITKA_MAY_BE_UNUSED static bool BINARY_OPERATION_INPLACE( binary_api api, PyObject **operand1, PyObject *operand2 )
{
    assert( operand1 );
    CHECK_OBJECT( *operand1 );
    CHECK_OBJECT( operand2 );

    // TODO: There is not really much point in these things.
    PyObject *result = BINARY_OPERATION( api, *operand1, operand2 );

    if (unlikely( result == NULL ))
    {
        return false;
    }

    // We got an object handed, that we have to release.
    Py_DECREF( *operand1 );

    // That's our return value then. As we use a dedicated variable, it's
    // OK that way.
    *operand1 = result;

    return true;
}
Exemple #24
0
static int openssl_xext_critical(lua_State* L)
{
  X509_EXTENSION *x = CHECK_OBJECT(1, X509_EXTENSION, "openssl.x509_extension");
  if (lua_isnone(L, 2))
  {
    lua_pushboolean(L, X509_EXTENSION_get_critical(x));
    return 1;
  }
  else
  {
    int ret = X509_EXTENSION_set_critical(x, lua_toboolean(L, 2));
    return openssl_pushresult(L, ret);
  }
};
Exemple #25
0
static int openssl_ssl_ctx_timeout(lua_State*L)
{
  SSL_CTX* ctx = CHECK_OBJECT(1, SSL_CTX, "openssl.ssl_ctx");
  long t;
  if (!lua_isnoneornil(L, 2))
  {
    t = SSL_CTX_set_timeout(ctx, luaL_checkint(L, 2));
    lua_pushinteger(L, t);
    return 1;
  }
  t = SSL_CTX_get_timeout(ctx);
  lua_pushinteger(L, t);
  return 1;
}
Exemple #26
0
static int openssl_engine_flags(lua_State*L)
{
  ENGINE* eng = CHECK_OBJECT(1, ENGINE, "openssl.engine");
  int ret = 0;
  if (lua_isstring(L, 2))
  {
    int flags = luaL_checkint(L, 2);
    ret = ENGINE_set_flags(eng, flags);
    lua_pushboolean(L, ret);
    return 1;
  }
  lua_pushinteger(L, ENGINE_get_flags(eng));
  return 1;
}
Exemple #27
0
static LUA_FUNCTION(openssl_crl_add_revocked)
{
  X509_CRL *crl = CHECK_OBJECT(1, X509_CRL, "openssl.x509_crl");
  BIGNUM* sn = BN_get(L, 2);
  time_t t = lua_tointeger(L, 3);
  int reason = reason_get(L, 4);

  int ret = 0;
  X509_REVOKED* revoked = create_revoked(L, sn, t, reason);
  ret = X509_CRL_add0_revoked(crl, revoked);
  lua_pushboolean(L, ret);
  BN_free(sn);
  return 1;
}
Exemple #28
0
PyObject *FIND_ATTRIBUTE_IN_CLASS(PyClassObject *klass, PyObject *attr_name) {
    CHECK_OBJECT(klass);
    CHECK_OBJECT(attr_name);

    assert(PyClass_Check(klass));
    assert(PyString_CheckExact(attr_name));

    PyObject *result = GET_STRING_DICT_VALUE((PyDictObject *)klass->cl_dict, (PyStringObject *)attr_name);

    if (result == NULL) {
        Py_ssize_t base_count = PyTuple_Size(klass->cl_bases);

        for (Py_ssize_t i = 0; i < base_count; i++) {
            result = FIND_ATTRIBUTE_IN_CLASS((PyClassObject *)PyTuple_GetItem(klass->cl_bases, i), attr_name);

            if (result != NULL) {
                break;
            }
        }
    }

    return result;
}
Exemple #29
0
static LUA_FUNCTION(openssl_bio_get_ssl)
{
  BIO* bio = CHECK_OBJECT(1, BIO, "openssl.bio");
  SSL* ssl = NULL;
  int ret = BIO_get_ssl(bio, &ssl);
  if (ret == 1)
  {
    openssl_newvalue(L, ssl);
    PUSH_OBJECT(ssl, "openssl.ssl");
    openssl_refrence(L, ssl, +1);
    return 1;
  }
  return 0;
}
Exemple #30
0
NUITKA_MAY_BE_UNUSED static PyObject *IMPORT_NAME( PyObject *module, PyObject *import_name )
{
    CHECK_OBJECT( module );
    CHECK_OBJECT( import_name );

    PyObject *result = PyObject_GetAttr( module, import_name );

    if (unlikely( result == NULL ))
    {
        if ( EXCEPTION_MATCH_BOOL_SINGLE( GET_ERROR_OCCURRED(), PyExc_AttributeError ) )
        {
#if PYTHON_VERSION < 340
            PyErr_Format( PyExc_ImportError, "cannot import name %s", Nuitka_String_AsString( import_name ));
#else
            PyErr_Format( PyExc_ImportError, "cannot import name '%s'", Nuitka_String_AsString( import_name ));
#endif
        }

        return NULL;
    }

    return result;
}