static int openssl_ocsp_request_parse(lua_State*L) { OCSP_REQUEST *req = CHECK_OBJECT(1, OCSP_REQUEST, "openssl.ocsp_request"); int utf8 = lua_isnoneornil(L, 2) ? 1 : lua_toboolean(L, 2); OCSP_REQINFO *inf = req->tbsRequest; OCSP_SIGNATURE *sig = req->optionalSignature; BIO* bio = BIO_new(BIO_s_mem()); int i, num; lua_newtable(L); AUXILIAR_SET(L, -1, "version", ASN1_INTEGER_get(inf->version), integer); if (inf->requestorName) { opensl_push_general_name(L, inf->requestorName, utf8); lua_setfield(L, -2, "requestorName"); } num = sk_OCSP_ONEREQ_num(inf->requestList); lua_newtable(L); for (i = 0; i < num; i++) { OCSP_ONEREQ *one = sk_OCSP_ONEREQ_value(inf->requestList, i); OCSP_CERTID *a = one->reqCert; lua_newtable(L); { openssl_push_x509_algor(L, a->hashAlgorithm); lua_setfield(L, -2, "hashAlgorithm"); PUSH_ASN1_OCTET_STRING(L, a->issuerNameHash); lua_setfield(L, -2, "issuerNameHash"); PUSH_ASN1_OCTET_STRING(L, a->issuerKeyHash); lua_setfield(L, -2, "issuerKeyHash"); PUSH_ASN1_INTEGER(L, a->serialNumber); lua_setfield(L, -2, "serialNumber"); } lua_rawseti(L, -2, i + 1); } lua_setfield(L, -2, "requestList"); if (inf->requestExtensions){ STACK_OF(X509_EXTENSION) *extensions = sk_X509_EXTENSION_dup(inf->requestExtensions); PUSH_OBJECT(extensions,"openssl.stack_of_x509_extension"); lua_setfield(L,-2, "extensions"); } if (sig) { BIO_reset(bio); X509_signature_print(bio, sig->signatureAlgorithm, sig->signature); for (i = 0; i < sk_X509_num(sig->certs); i++) { X509_print(bio, sk_X509_value(sig->certs, i)); PEM_write_bio_X509(bio, sk_X509_value(sig->certs, i)); } } BIO_free(bio); return 1; }
static int openssl_ts_req_msg_imprint(lua_State*L) { TS_REQ* req = CHECK_OBJECT(1, TS_REQ, "openssl.ts_req"); if (lua_isnone(L, 2)) { TS_MSG_IMPRINT * msg = TS_REQ_get_msg_imprint(req); if (msg) { ASN1_OCTET_STRING *s = TS_MSG_IMPRINT_get_msg(msg); X509_ALGOR *a = TS_MSG_IMPRINT_get_algo(msg); PUSH_ASN1_OCTET_STRING(L, s); openssl_push_x509_algor(L, a); ASN1_OCTET_STRING_free(s); X509_ALGOR_free(a); return 2; } return 1; } else { size_t size; const char* data = luaL_checklstring(L, 2, &size); const EVP_MD* md = lua_isnoneornil(L, 3) ? EVP_get_digestbyname("sha1") : get_digest(L, 3); TS_MSG_IMPRINT *msg = TS_MSG_IMPRINT_new(); int ret = TS_MSG_IMPRINT_set_msg(msg, (unsigned char*)data, size); if (ret == 1) { X509_ALGOR* alg = X509_ALGOR_new(); X509_ALGOR_set_md(alg, md); if (ret == 1) { ret = TS_MSG_IMPRINT_set_algo(msg, alg); if (ret == 1) ret = TS_REQ_set_msg_imprint(req, msg); } X509_ALGOR_free(alg); } TS_MSG_IMPRINT_free(msg); return openssl_pushresult(L, ret); } };
static int openssl_xext_totable(lua_State* L, X509_EXTENSION *x) { lua_newtable(L); openssl_push_asn1object(L, x->object); lua_setfield(L, -2, "object"); PUSH_ASN1_OCTET_STRING(L, x->value); lua_setfield(L, -2, "value"); AUXILIAR_SET(L, -1, "critical", x->critical, boolean); switch (x->object->nid) { case NID_subject_alt_name: { int i; int n_general_names; STACK_OF(GENERAL_NAME) *values = X509V3_EXT_d2i(x); if (values == NULL) break; /* Push ret[oid] */ openssl_push_asn1object(L, x->object); lua_newtable(L); n_general_names = sk_GENERAL_NAME_num(values); for (i = 0; i < n_general_names; i++) { GENERAL_NAME *general_name = sk_GENERAL_NAME_value(values, i); openssl_push_general_name(L, general_name); lua_rawseti(L, -2, i + 1); } lua_settable(L, -3); } default: break; } return 1; };
int openssl_push_general_name(lua_State*L, const GENERAL_NAME* general_name) { lua_newtable(L); switch (general_name->type) { case GEN_OTHERNAME: { OTHERNAME *otherName = general_name->d.otherName; lua_newtable(L); openssl_push_asn1object(L, otherName->type_id); PUSH_ASN1_STRING(L, otherName->value->value.asn1_string); lua_settable(L, -3); lua_setfield(L, -2, "otherName"); lua_pushstring(L, "otherName"); lua_setfield(L, -2, "type"); break; } case GEN_EMAIL: PUSH_ASN1_STRING(L, general_name->d.rfc822Name); lua_setfield(L, -2, "rfc822Name"); lua_pushstring(L, "rfc822Name"); lua_setfield(L, -2, "type"); break; case GEN_DNS: PUSH_ASN1_STRING(L, general_name->d.dNSName); lua_setfield(L, -2, "dNSName"); lua_pushstring(L, "dNSName"); lua_setfield(L, -2, "type"); break; case GEN_X400: openssl_push_asn1type(L, general_name->d.x400Address); lua_setfield(L, -2, "x400Address"); lua_pushstring(L, "x400Address"); lua_setfield(L, -2, "type"); break; case GEN_DIRNAME: { X509_NAME* xn = general_name->d.directoryName; openssl_push_xname_asobject(L, xn); lua_setfield(L, -2, "directoryName"); lua_pushstring(L, "directoryName"); lua_setfield(L, -2, "type"); } break; case GEN_URI: PUSH_ASN1_STRING(L, general_name->d.uniformResourceIdentifier); lua_setfield(L, -2, "uniformResourceIdentifier"); lua_pushstring(L, "uniformResourceIdentifier"); lua_setfield(L, -2, "type"); break; case GEN_IPADD: lua_newtable(L); PUSH_ASN1_OCTET_STRING(L, general_name->d.iPAddress); lua_setfield(L, -2, "iPAddress"); lua_pushstring(L, "iPAddress"); lua_setfield(L, -2, "type"); break; case GEN_EDIPARTY: lua_newtable(L); PUSH_ASN1_STRING(L, general_name->d.ediPartyName->nameAssigner); lua_setfield(L, -2, "nameAssigner"); PUSH_ASN1_STRING(L, general_name->d.ediPartyName->partyName); lua_setfield(L, -2, "partyName"); lua_setfield(L, -2, "ediPartyName"); lua_pushstring(L, "ediPartyName"); lua_setfield(L, -2, "type"); break; case GEN_RID: lua_newtable(L); openssl_push_asn1object(L, general_name->d.registeredID); lua_setfield(L, -2, "registeredID"); lua_pushstring(L, "registeredID"); lua_setfield(L, -2, "type"); break; default: lua_pushstring(L, "unsupport"); lua_setfield(L, -2, "type"); } return 1; };
int openssl_xext_totable(lua_State* L, X509_EXTENSION *x, int utf8) { lua_newtable(L); openssl_push_asn1object(L, x->object); lua_setfield(L, -2, "object"); PUSH_ASN1_OCTET_STRING(L, x->value); lua_setfield(L,-2, "value"); AUXILIAR_SET(L, -1, "critical", x->critical, boolean); switch (x->object->nid) { case NID_subject_alt_name: { int i; int n_general_names; STACK_OF(GENERAL_NAME) *values = X509V3_EXT_d2i(x); if (values == NULL) break; /* Push ret[oid] */ openssl_push_asn1object(L, x->object); lua_newtable(L); n_general_names = sk_GENERAL_NAME_num(values); for (i = 0; i < n_general_names; i++) { GENERAL_NAME *general_name = sk_GENERAL_NAME_value(values, i); switch (general_name->type) { case GEN_OTHERNAME: { OTHERNAME *otherName = general_name->d.otherName; lua_newtable(L); openssl_push_asn1object(L, otherName->type_id); PUSH_ASN1_STRING(L, otherName->value->value.asn1_string, utf8); lua_settable(L, -3); lua_setfield(L, -2, "otherName"); lua_pushstring(L, "otherName"); lua_rawseti(L, -2, i+1); break; } case GEN_EMAIL: lua_newtable(L); PUSH_ASN1_STRING(L, general_name->d.rfc822Name, utf8); lua_pushstring(L, "rfc822Name"); lua_settable(L, -3); lua_pushstring(L, "rfc822Name"); lua_rawseti(L, -2, i+1); break; case GEN_DNS: lua_newtable(L); PUSH_ASN1_STRING(L, general_name->d.dNSName, utf8); lua_setfield(L, -2, "dNSName"); lua_pushstring(L, "dNSName"); lua_rawseti(L, -2, i+1); break; case GEN_X400: lua_newtable(L); openssl_push_asn1type(L, general_name->d.x400Address); lua_setfield(L, -2, "x400Address"); lua_pushstring(L, "x400Address"); lua_rawseti(L, -2, i+1); break; case GEN_DIRNAME: { X509_NAME* xn = general_name->d.directoryName; lua_newtable(L); PUSH_OBJECT(X509_NAME_dup(xn), "openssl.x509_name"); lua_setfield(L, -2, "directoryName"); lua_pushstring(L, "directoryName"); lua_rawseti(L, -2, i+1); } break; case GEN_URI: lua_newtable(L); PUSH_ASN1_STRING(L, general_name->d.uniformResourceIdentifier, utf8); lua_setfield(L, -2, "uniformResourceIdentifier"); lua_pushstring(L, "uniformResourceIdentifier"); lua_rawseti(L, -2, i+1); break; case GEN_IPADD: lua_newtable(L); PUSH_ASN1_OCTET_STRING(L, general_name->d.iPAddress); lua_setfield(L, -2, "iPAddress"); lua_pushstring(L, "iPAddress"); lua_rawseti(L, -2, i+1); break; case GEN_EDIPARTY: lua_newtable(L); lua_newtable(L); PUSH_ASN1_STRING(L, general_name->d.ediPartyName->nameAssigner,utf8); lua_setfield(L, -2, "nameAssigner"); PUSH_ASN1_STRING(L, general_name->d.ediPartyName->partyName,utf8); lua_setfield(L, -2, "partyName"); lua_setfield(L, -2, "ediPartyName"); lua_pushstring(L, "ediPartyName"); lua_rawseti(L, -2, i+1); break; case GEN_RID: lua_newtable(L); openssl_push_asn1object(L, general_name->d.registeredID); lua_setfield(L, -2, "registeredID"); lua_pushstring(L, "registeredID"); lua_rawseti(L, -2, i+1); break; } } lua_settable(L, -3); } default: break; } return 1; };