コード例 #1
ファイル: crl.c プロジェクト: Udo/lua-openssl
static LUA_FUNCTION(openssl_crl_new)
  X509* x509 = lua_isnoneornil(L, 1) ? NULL : CHECK_OBJECT(1, X509, "openssl.x509");
  time_t lastUpdate = luaL_optinteger(L, 3, (lua_Integer)time(&lastUpdate));
  time_t nextUpdate = luaL_optinteger(L, 4, (lua_Integer)(lastUpdate + 7 * 24 * 3600));
  long version = luaL_optint(L, 5, 1);

  X509_CRL * crl = NULL;
  ASN1_TIME *ltm, *ntm;

  if (!lua_isnoneornil(L, 2))
    luaL_checktype(L, 2, LUA_TTABLE);

  crl = X509_CRL_new();
  X509_CRL_set_version(crl, version);
  if (x509)
    X509_CRL_set_issuer_name(crl, X509_get_subject_name(x509));

  ltm = ASN1_TIME_new();
  ntm = ASN1_TIME_new();
  ASN1_TIME_set(ltm, lastUpdate);
  ASN1_TIME_set(ntm, nextUpdate);
  X509_CRL_set_lastUpdate(crl, ltm);
  X509_CRL_set_nextUpdate(crl, ntm);

  if (lua_istable(L, 2) && lua_objlen(L, 2) > 0)
    int i;
    int n = lua_objlen(L, 2);

    for (i = 1; i <= n; i++)
      lua_rawgeti(L, 2, i);
      if (lua_istable(L, -1))
        X509_REVOKED *revoked;

        lua_getfield(L, -1, "reason");
        lua_getfield(L, -2, "time");
        lua_getfield(L, -3, "sn");

        revoked = create_revoked(L, BN_get(L, -1), lua_tointeger(L, -2), reason_get(L, -3));
        if (revoked)
          X509_CRL_add0_revoked(crl, revoked);
        lua_pop(L, 3);
      lua_pop(L, 1);

  PUSH_OBJECT(crl, "openssl.x509_crl");
  return 1;
コード例 #2
ファイル: crl.c プロジェクト: Udo/lua-openssl
static LUA_FUNCTION(openssl_crl_add_revocked)
  X509_CRL *crl = CHECK_OBJECT(1, X509_CRL, "openssl.x509_crl");
  BIGNUM* sn = BN_get(L, 2);
  time_t t = lua_tointeger(L, 3);
  int reason = reason_get(L, 4);

  int ret = 0;
  X509_REVOKED* revoked = create_revoked(L, sn, t, reason);
  ret = X509_CRL_add0_revoked(crl, revoked);
  lua_pushboolean(L, ret);
  return 1;
コード例 #3
ファイル: ots.c プロジェクト: Shaddy1884/lua-openssl
static int openssl_ts_req_nonce(lua_State*L)
  TS_REQ* req = CHECK_OBJECT(1, TS_REQ, "openssl.ts_req");
  if (lua_isnone(L, 2))
    const ASN1_INTEGER* ai = TS_REQ_get_nonce(req);
    BIGNUM *bn;
    bn = ASN1_INTEGER_to_BN(ai, NULL);
    PUSH_OBJECT(bn, "openssl.bn");
    return 2;
    BIGNUM *bn = BN_get(L, 2);
    ASN1_INTEGER *ai = BN_to_ASN1_INTEGER(bn, NULL);
    int ret = TS_REQ_set_nonce(req, ai);
    return openssl_pushresult(L, ret);
コード例 #4
ファイル: crl.c プロジェクト: sdgdsffdsfff/lua-openssl
static LUA_FUNCTION(openssl_crl_new)
  int i;
  int n = lua_gettop(L);
  X509_CRL * crl = X509_CRL_new();
  int ret = X509_CRL_set_version(crl, 0);
  X509* cacert = NULL;
  EVP_PKEY* capkey = NULL;
  const EVP_MD* md = NULL;
  int step;

  for (i = 1; ret == 1 && i <= n; i++)
    if (i == 1)
      luaL_argcheck(L, lua_istable(L, 1), 1, "must be table contains rovked entry table{reason,time,sn}");
      if (lua_rawlen(L, i) > 0)
        int j, m;
        m = lua_rawlen(L, i);

        for (j = 1; ret == 1 && j <= m; j++)
          X509_REVOKED *revoked;
          BIGNUM* sn;
          lua_rawgeti(L, i, j);
          luaL_checktable(L, -1);

          lua_getfield(L, -1, "reason");
          lua_getfield(L, -2, "time");
          lua_getfield(L, -3, "sn");
          sn = BN_get(L, -1);
          revoked = create_revoked(sn, lua_tointeger(L, -2), reason_get(L, -3));
          if (revoked)
            ret = X509_CRL_add0_revoked(crl, revoked);
          lua_pop(L, 3);
          lua_pop(L, 1);
    if (i == 2)
      cacert = CHECK_OBJECT(2, X509, "openssl.x509");
      ret = X509_CRL_set_issuer_name(crl, X509_get_issuer_name(cacert));
    if (i == 3)
      capkey = CHECK_OBJECT(3, EVP_PKEY, "openssl.evp_pkey");
      luaL_argcheck(L, openssl_pkey_is_private(capkey), 3, "must be private key");
      luaL_argcheck(L, X509_check_private_key(cacert, capkey) == 1, 3, "evp_pkey not match with x509 in #2");
  md = lua_isnoneornil(L, 4) ? EVP_get_digestbyname("sha1") : get_digest(L, 4);
  step = lua_isnoneornil(L, 5) ? 7 * 24 * 3600 : luaL_checkint(L, 5);

  if (ret == 1)
    time_t lastUpdate;
    time_t nextUpdate;
    ASN1_TIME *ltm, *ntm;

    nextUpdate = lastUpdate + step;

    ltm = ASN1_TIME_new();
    ntm = ASN1_TIME_new();
    ASN1_TIME_set(ltm, lastUpdate);
    ASN1_TIME_set(ntm, nextUpdate);
    ret = X509_CRL_set_lastUpdate(crl, ltm);
    if (ret == 1)
      ret = X509_CRL_set_nextUpdate(crl, ntm);
  if (cacert && capkey && md)
    ret = (X509_CRL_sign(crl, capkey, md) == EVP_PKEY_size(capkey));
  if (ret == 1)
    PUSH_OBJECT(crl, "openssl.x509_crl");
    return openssl_pushresult(L, ret);

  return 1;