Software `/` code `/` prosody

Annotate

util-src/crypto.c @ 12694:26a004c96ef8

util.paseto: Implementation of PASETO v4.public tokens PASETO provides an alternative to JWT with the promise of fewer implementation pitfalls. The v4.public algorithm allows asymmetric cryptographically-verified token issuance and validation. In summary, such tokens can be issued by one party and securely verified by any other party independently using the public key of the issuer. This has a number of potential applications in a decentralized network and ecosystem such as XMPP. For example, such tokens could be combined with XEP-0317 to allow hats to be verified even in the context of a third-party MUC service.

author	Matthew Wild <mwild1@gmail.com>
date	Fri, 24 Jun 2022 17:03:28 +0100
parent	12693:7c5afbdcbc77
child	12697:916871447b2f

rev	line source
12693 7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	1 /* Prosody IM
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	2 -- Copyright (C) 2022 Matthew Wild
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	3 --
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	4 -- This project is MIT/X11 licensed. Please see the
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	5 -- COPYING file in the source package for more information.
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	6 --
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	7 */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	8
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	9 /*
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	10 * crypto.c
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	11 * Lua library for cryptographic operations using OpenSSL
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	12 */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	13
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	14 #include <string.h>
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	15 #include <stdlib.h>
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	16
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	17 #ifdef _MSC_VER
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	18 typedef unsigned __int32 uint32_t;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	19 #else
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	20 #include <inttypes.h>
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	21 #endif
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	22
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	23 #include "lua.h"
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	24 #include "lauxlib.h"
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	25 #include <openssl/crypto.h>
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	26 #include <openssl/ecdsa.h>
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	27 #include <openssl/err.h>
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	28 #include <openssl/evp.h>
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	29 #include <openssl/obj_mac.h>
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	30 #include <openssl/pem.h>
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	31
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	32 #if (LUA_VERSION_NUM == 501)
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	33 #define luaL_setfuncs(L, R, N) luaL_register(L, NULL, R)
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	34 #endif
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	35
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	36 #include "managed_pointer.h"
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	37
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	38 #define PKEY_MT_TAG "util.crypto key"
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	39
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	40 static BIO* new_memory_BIO() {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	41 return BIO_new(BIO_s_mem());
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	42 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	43
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	44 MANAGED_POINTER_ALLOCATOR(new_managed_EVP_MD_CTX, EVP_MD_CTX*, EVP_MD_CTX_new, EVP_MD_CTX_free)
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	45 MANAGED_POINTER_ALLOCATOR(new_managed_BIO_s_mem, BIO*, new_memory_BIO, BIO_free)
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	46 MANAGED_POINTER_ALLOCATOR(new_managed_EVP_CIPHER_CTX, EVP_CIPHER_CTX*, EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_free)
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	47
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	48 static EVP_PKEY* pkey_from_arg(lua_State *L, int idx, const int type, const int require_private) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	49 EVP_PKEY pkey = (EVP_PKEY**)luaL_checkudata(L, idx, PKEY_MT_TAG);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	50 if(type \|\| require_private) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	51 lua_getuservalue(L, idx);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	52 if(type != 0) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	53 lua_getfield(L, -1, "type");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	54 if(lua_tointeger(L, -1) != type) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	55 luaL_argerror(L, idx, "unexpected key type");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	56 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	57 lua_pop(L, 1);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	58 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	59 if(require_private != 0) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	60 lua_getfield(L, -1, "private");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	61 if(lua_toboolean(L, -1) != 1) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	62 luaL_argerror(L, idx, "private key expected, got public key only");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	63 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	64 lua_pop(L, 1);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	65 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	66 lua_pop(L, 1);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	67 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	68 return pkey;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	69 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	70
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	71 static int Lpkey_finalizer(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	72 EVP_PKEY *pkey = pkey_from_arg(L, 1, 0, 0);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	73 EVP_PKEY_free(pkey);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	74 return 0;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	75 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	76
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	77 static int Lpkey_meth_get_type(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	78 EVP_PKEY *pkey = pkey_from_arg(L, 1, 0, 0);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	79
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	80 int key_type = EVP_PKEY_id(pkey);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	81 lua_pushstring(L, OBJ_nid2sn(key_type));
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	82 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	83 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	84
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	85 static int base_evp_sign(lua_State L, const int key_type, const EVP_MD digest_type) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	86 EVP_PKEY *pkey = pkey_from_arg(L, 1, key_type, 1);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	87 luaL_Buffer sigbuf;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	88
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	89 size_t msg_len;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	90 const unsigned char* msg = (unsigned char*)lua_tolstring(L, 2, &msg_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	91
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	92 size_t sig_len;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	93 unsigned char *sig = NULL;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	94 EVP_MD_CTX *md_ctx = new_managed_EVP_MD_CTX(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	95
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	96 if(EVP_DigestSignInit(md_ctx, NULL, digest_type, NULL, pkey) != 1) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	97 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	98 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	99 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	100 if(EVP_DigestSign(md_ctx, NULL, &sig_len, msg, msg_len) != 1) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	101 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	102 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	103 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	104
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	105 // COMPAT w/ Lua 5.1
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	106 luaL_buffinit(L, &sigbuf);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	107 sig = memset(luaL_prepbuffer(&sigbuf), 0, sig_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	108
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	109 if(EVP_DigestSign(md_ctx, sig, &sig_len, msg, msg_len) != 1) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	110 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	111 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	112 else {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	113 luaL_addsize(&sigbuf, sig_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	114 luaL_pushresult(&sigbuf);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	115 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	116 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	117
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	118 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	119 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	120
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	121 static int base_evp_verify(lua_State L, const int key_type, const EVP_MD digest_type) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	122 EVP_PKEY *pkey = pkey_from_arg(L, 1, key_type, 0);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	123
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	124 size_t msg_len;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	125 const unsigned char msg = (unsigned char)luaL_checklstring(L, 2, &msg_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	126
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	127 size_t sig_len;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	128 const unsigned char sig = (unsigned char)luaL_checklstring(L, 3, &sig_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	129
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	130 EVP_MD_CTX *md_ctx = EVP_MD_CTX_new();
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	131
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	132 if(EVP_DigestVerifyInit(md_ctx, NULL, digest_type, NULL, pkey) != 1) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	133 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	134 goto cleanup;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	135 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	136 int result = EVP_DigestVerify(md_ctx, sig, sig_len, msg, msg_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	137 if(result == 0) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	138 lua_pushboolean(L, 0);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	139 } else if(result != 1) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	140 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	141 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	142 else {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	143 lua_pushboolean(L, 1);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	144 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	145 cleanup:
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	146 EVP_MD_CTX_free(md_ctx);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	147 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	148 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	149
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	150 static int Lpkey_meth_public_pem(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	151 char *data;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	152 size_t bytes;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	153 EVP_PKEY *pkey = pkey_from_arg(L, 1, 0, 0);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	154 BIO *bio = new_managed_BIO_s_mem(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	155 if(PEM_write_bio_PUBKEY(bio, pkey)) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	156 bytes = BIO_get_mem_data(bio, &data);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	157 if (bytes > 0) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	158 lua_pushlstring(L, data, bytes);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	159 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	160 else {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	161 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	162 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	163 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	164 else {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	165 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	166 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	167 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	168 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	169
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	170 static int Lpkey_meth_private_pem(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	171 char *data;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	172 size_t bytes;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	173 EVP_PKEY *pkey = pkey_from_arg(L, 1, 0, 1);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	174 BIO *bio = new_managed_BIO_s_mem(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	175
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	176 if(PEM_write_bio_PrivateKey(bio, pkey, NULL, NULL, 0, NULL, NULL)) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	177 bytes = BIO_get_mem_data(bio, &data);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	178 if (bytes > 0) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	179 lua_pushlstring(L, data, bytes);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	180 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	181 else {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	182 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	183 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	184 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	185 else {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	186 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	187 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	188 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	189 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	190
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	191 /* ecdsa_sha256_sign(key, data) */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	192 static int Lecdsa_sha256_sign(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	193 return base_evp_sign(L, NID_X9_62_id_ecPublicKey, EVP_sha256());
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	194 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	195
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	196 /* ecdsa_sha256_verify(key, data, sig) */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	197 static int Lecdsa_sha256_verify(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	198 return base_evp_verify(L, NID_X9_62_id_ecPublicKey, EVP_sha256());
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	199 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	200
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	201 static int push_pkey(lua_State L, EVP_PKEY pkey, const int type, const int privkey) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	202 EVP_PKEY *ud = lua_newuserdata(L, sizeof(EVP_PKEY));
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	203 *ud = pkey;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	204 luaL_newmetatable(L, PKEY_MT_TAG);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	205 lua_setmetatable(L, -2);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	206
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	207 /* Set some info about the key and attach it as a user value */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	208 lua_newtable(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	209 if(type != 0) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	210 lua_pushinteger(L, type);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	211 lua_setfield(L, -2, "type");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	212 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	213 if(privkey != 0) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	214 lua_pushboolean(L, 1);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	215 lua_setfield(L, -2, "private");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	216 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	217 lua_setuservalue(L, -2);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	218 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	219 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	220
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	221 static int Lgenerate_ed25519_keypair(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	222 EVP_PKEY *pkey = NULL;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	223 EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED25519, NULL);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	224
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	225 /* Generate key */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	226 EVP_PKEY_keygen_init(pctx);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	227 EVP_PKEY_keygen(pctx, &pkey);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	228 EVP_PKEY_CTX_free(pctx);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	229
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	230 push_pkey(L, pkey, NID_ED25519, 1);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	231 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	232 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	233
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	234 static int Limport_private_pem(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	235 EVP_PKEY *pkey = NULL;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	236
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	237 size_t privkey_bytes;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	238 const char* privkey_data;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	239 BIO *bio = new_managed_BIO_s_mem(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	240
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	241 privkey_data = luaL_checklstring(L, 1, &privkey_bytes);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	242 BIO_write(bio, privkey_data, privkey_bytes);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	243 pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	244 if (pkey) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	245 push_pkey(L, pkey, EVP_PKEY_id(pkey), 1);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	246 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	247 else {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	248 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	249 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	250
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	251 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	252 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	253
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	254 static int Limport_public_pem(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	255 EVP_PKEY *pkey = NULL;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	256
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	257 size_t pubkey_bytes;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	258 const char* pubkey_data;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	259 BIO *bio = new_managed_BIO_s_mem(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	260
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	261 pubkey_data = luaL_checklstring(L, 1, &pubkey_bytes);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	262 BIO_write(bio, pubkey_data, pubkey_bytes);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	263 pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	264 if (pkey) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	265 push_pkey(L, pkey, EVP_PKEY_id(pkey), 0);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	266 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	267 else {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	268 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	269 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	270
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	271 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	272 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	273
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	274 static int Led25519_sign(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	275 return base_evp_sign(L, NID_ED25519, NULL);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	276 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	277
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	278 static int Led25519_verify(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	279 return base_evp_verify(L, NID_ED25519, NULL);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	280 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	281
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	282 /* gcm_encrypt(key, iv, plaintext) */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	283 static int Laes_gcm_encrypt(lua_State L, const EVP_CIPHER cipher, const unsigned char expected_key_len) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	284 EVP_CIPHER_CTX *ctx;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	285 luaL_Buffer ciphertext_buffer;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	286
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	287 size_t key_len, iv_len, plaintext_len;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	288 int ciphertext_len, final_len;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	289
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	290 const unsigned char key = (unsigned char)luaL_checklstring(L, 1, &key_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	291 const unsigned char iv = (unsigned char)luaL_checklstring(L, 2, &iv_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	292 const unsigned char plaintext = (unsigned char)luaL_checklstring(L, 3, &plaintext_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	293
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	294 if(key_len != expected_key_len) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	295 return luaL_error(L, "key must be %d bytes", expected_key_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	296 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	297 luaL_argcheck(L, iv_len == 12, 2, "iv must be 12 bytes");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	298 if(lua_gettop(L) > 3) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	299 return luaL_error(L, "Expected 3 arguments, got %d", lua_gettop(L));
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	300 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	301
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	302 // Create and initialise the context
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	303 ctx = new_managed_EVP_CIPHER_CTX(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	304
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	305 // Initialise the encryption operation
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	306 if(1 != EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL)) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	307 return luaL_error(L, "Error while initializing encryption engine");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	308 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	309
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	310 // Initialise key and IV
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	311 if(1 != EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv)) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	312 return luaL_error(L, "Error while initializing key/iv");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	313 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	314
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	315 luaL_buffinit(L, &ciphertext_buffer);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	316 unsigned char ciphertext = (unsigned char)luaL_prepbuffsize(&ciphertext_buffer, plaintext_len+16);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	317
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	318 if(1 != EVP_EncryptUpdate(ctx, ciphertext, &ciphertext_len, plaintext, plaintext_len)) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	319 return luaL_error(L, "Error while encrypting data");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	320 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	321
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	322 /*
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	323 * Finalise the encryption. Normally ciphertext bytes may be written at
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	324 * this stage, but this does not occur in GCM mode
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	325 */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	326 if(1 != EVP_EncryptFinal_ex(ctx, ciphertext + ciphertext_len, &final_len)) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	327 return luaL_error(L, "Error while encrypting final data");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	328 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	329 if(final_len != 0) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	330 return luaL_error(L, "Non-zero final data");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	331 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	332
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	333 /* Get the tag */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	334 if(1 != EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16, ciphertext + ciphertext_len)) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	335 return luaL_error(L, "Unable to read AEAD tag of encrypted data");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	336 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	337
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	338 luaL_addsize(&ciphertext_buffer, ciphertext_len + 16);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	339 luaL_pushresult(&ciphertext_buffer);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	340
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	341 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	342 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	343
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	344 static int Laes_128_gcm_encrypt(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	345 return Laes_gcm_encrypt(L, EVP_aes_128_gcm(), 16);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	346 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	347
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	348 static int Laes_256_gcm_encrypt(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	349 return Laes_gcm_encrypt(L, EVP_aes_256_gcm(), 32);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	350 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	351
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	352 /* gcm_decrypt(key, iv, ciphertext) */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	353 static int Laes_gcm_decrypt(lua_State L, const EVP_CIPHER cipher, const unsigned char expected_key_len) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	354 EVP_CIPHER_CTX *ctx;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	355 luaL_Buffer plaintext_buffer;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	356
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	357 size_t key_len, iv_len, ciphertext_len;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	358 int plaintext_len, final_len;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	359
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	360 const unsigned char key = (unsigned char)luaL_checklstring(L, 1, &key_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	361 const unsigned char iv = (unsigned char)luaL_checklstring(L, 2, &iv_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	362 const unsigned char ciphertext = (unsigned char)luaL_checklstring(L, 3, &ciphertext_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	363
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	364 if(key_len != expected_key_len) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	365 return luaL_error(L, "key must be %d bytes", expected_key_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	366 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	367 luaL_argcheck(L, iv_len == 12, 2, "iv must be 12 bytes");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	368 luaL_argcheck(L, ciphertext_len > 16, 3, "ciphertext must be at least 16 bytes (including tag)");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	369 if(lua_gettop(L) > 3) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	370 return luaL_error(L, "Expected 3 arguments, got %d", lua_gettop(L));
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	371 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	372
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	373 /* Create and initialise the context */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	374 ctx = new_managed_EVP_CIPHER_CTX(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	375
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	376 /* Initialise the decryption operation. */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	377 if(!EVP_DecryptInit_ex(ctx, cipher, NULL, NULL, NULL)) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	378 return luaL_error(L, "Error while initializing decryption engine");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	379 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	380
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	381 /* Initialise key and IV */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	382 if(!EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv)) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	383 return luaL_error(L, "Error while initializing key/iv");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	384 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	385
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	386 luaL_buffinit(L, &plaintext_buffer);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	387 unsigned char plaintext = (unsigned char)luaL_prepbuffsize(&plaintext_buffer, ciphertext_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	388
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	389 /*
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	390 * Provide the message to be decrypted, and obtain the plaintext output.
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	391 * EVP_DecryptUpdate can be called multiple times if necessary
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	392 */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	393 if(!EVP_DecryptUpdate(ctx, plaintext, &plaintext_len, ciphertext, ciphertext_len-16)) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	394 return luaL_error(L, "Error while decrypting data");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	395 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	396
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	397 /* Set expected tag value. Works in OpenSSL 1.0.1d and later */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	398 if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16, (unsigned char*)ciphertext + (ciphertext_len-16))) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	399 return luaL_error(L, "Error while processing authentication tag");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	400 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	401
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	402 /*
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	403 * Finalise the decryption. A positive return value indicates success,
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	404 * anything else is a failure - the plaintext is not trustworthy.
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	405 */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	406 int ret = EVP_DecryptFinal_ex(ctx, plaintext + plaintext_len, &final_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	407
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	408 if(ret <= 0) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	409 /* Verify failed */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	410 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	411 lua_pushliteral(L, "verify-failed");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	412 return 2;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	413 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	414
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	415 luaL_addsize(&plaintext_buffer, plaintext_len + final_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	416 luaL_pushresult(&plaintext_buffer);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	417 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	418 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	419
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	420 static int Laes_128_gcm_decrypt(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	421 return Laes_gcm_decrypt(L, EVP_aes_128_gcm(), 16);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	422 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	423
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	424 static int Laes_256_gcm_decrypt(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	425 return Laes_gcm_decrypt(L, EVP_aes_256_gcm(), 32);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	426 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	427
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	428 /* r, s = parse_ecdsa_sig(sig_der) */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	429 static int Lparse_ecdsa_signature(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	430 ECDSA_SIG *sig;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	431 size_t sig_der_len;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	432 const unsigned char sig_der = (unsigned char)luaL_checklstring(L, 1, &sig_der_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	433 const BIGNUM r, s;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	434 luaL_Buffer rb, sb;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	435 int rlen, slen;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	436
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	437 sig = d2i_ECDSA_SIG(NULL, &sig_der, sig_der_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	438
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	439 if(sig == NULL) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	440 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	441 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	442 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	443
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	444 ECDSA_SIG_get0(sig, &r, &s);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	445
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	446 rlen = BN_num_bytes(r);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	447 slen = BN_num_bytes(s);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	448
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	449 // COMPAT w/ Lua 5.1
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	450 #if LUAL_BUFFERSIZE < 32
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	451 #error Configured LUAL_BUFFERSIZE is too small for this operation
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	452 #endif
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	453
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	454 luaL_buffinit(L, &rb);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	455 BN_bn2bin(r, (unsigned char*)luaL_prepbuffer(&rb));
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	456 luaL_addsize(&rb, rlen);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	457 luaL_pushresult(&rb);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	458
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	459 luaL_buffinit(L, &sb);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	460 BN_bn2bin(s, (unsigned char*)luaL_prepbuffer(&sb));
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	461 luaL_addsize(&sb, slen);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	462 luaL_pushresult(&sb);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	463
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	464 ECDSA_SIG_free(sig);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	465
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	466 return 2;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	467 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	468
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	469 /* sig_der = build_ecdsa_signature(r, s) */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	470 static int Lbuild_ecdsa_signature(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	471 ECDSA_SIG *sig = ECDSA_SIG_new();
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	472 BIGNUM r, s;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	473 luaL_Buffer sigbuf;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	474
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	475 size_t rlen, slen;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	476 const unsigned char rbin, sbin;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	477
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	478 rbin = (unsigned char*)luaL_checklstring(L, 1, &rlen);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	479 sbin = (unsigned char*)luaL_checklstring(L, 2, &slen);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	480
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	481 r = BN_bin2bn(rbin, (int)rlen, NULL);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	482 s = BN_bin2bn(sbin, (int)slen, NULL);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	483
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	484 ECDSA_SIG_set0(sig, r, s);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	485
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	486 luaL_buffinit(L, &sigbuf);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	487
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	488 // COMPAT w/ Lua 5.1
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	489 #if LUAL_BUFFERSIZE < 128
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	490 #error Configured LUAL_BUFFERSIZE is too small for this operation
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	491 #endif
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	492
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	493 unsigned char buffer = (unsigned char)luaL_prepbuffer(&sigbuf);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	494 int len = i2d_ECDSA_SIG(sig, &buffer);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	495 luaL_addsize(&sigbuf, len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	496 luaL_pushresult(&sigbuf);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	497
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	498 ECDSA_SIG_free(sig);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	499
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	500 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	501 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	502
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	503 static const luaL_Reg Reg[] = {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	504 { "ed25519_sign", Led25519_sign },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	505 { "ed25519_verify", Led25519_verify },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	506 { "aes_128_gcm_encrypt", Laes_128_gcm_encrypt },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	507 { "aes_128_gcm_decrypt", Laes_128_gcm_decrypt },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	508 { "aes_256_gcm_encrypt", Laes_256_gcm_encrypt },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	509 { "aes_256_gcm_decrypt", Laes_256_gcm_decrypt },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	510 { "ecdsa_sha256_sign", Lecdsa_sha256_sign },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	511 { "ecdsa_sha256_verify", Lecdsa_sha256_verify },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	512 { "generate_ed25519_keypair", Lgenerate_ed25519_keypair },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	513 { "import_private_pem", Limport_private_pem },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	514 { "import_public_pem", Limport_public_pem },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	515 { "parse_ecdsa_signature", Lparse_ecdsa_signature },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	516 { "build_ecdsa_signature", Lbuild_ecdsa_signature },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	517 { NULL, NULL }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	518 };
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	519
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	520 static const luaL_Reg KeyMethods[] = {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	521 { "private_pem", Lpkey_meth_private_pem },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	522 { "public_pem", Lpkey_meth_public_pem },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	523 { "get_type", Lpkey_meth_get_type },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	524 { NULL, NULL }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	525 };
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	526
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	527 static const luaL_Reg KeyMetatable[] = {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	528 { "__gc", Lpkey_finalizer },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	529 { NULL, NULL }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	530 };
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	531
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	532 LUALIB_API int luaopen_util_crypto(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	533 #if (LUA_VERSION_NUM > 501)
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	534 luaL_checkversion(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	535 #endif
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	536
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	537 /* Initialize pkey metatable */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	538 luaL_newmetatable(L, PKEY_MT_TAG);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	539 luaL_setfuncs(L, KeyMetatable, 0);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	540 lua_newtable(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	541 luaL_setfuncs(L, KeyMethods, 0);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	542 lua_setfield(L, -2, "__index");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	543 lua_pop(L, 1);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	544
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	545 /* Initialize lib table */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	546 lua_newtable(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	547 luaL_setfuncs(L, Reg, 0);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	548 lua_pushliteral(L, "-3.14");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	549 lua_setfield(L, -2, "version");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	550 #ifdef OPENSSL_VERSION
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	551 lua_pushstring(L, OpenSSL_version(OPENSSL_VERSION));
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	552 lua_setfield(L, -2, "_LIBCRYPTO_VERSION");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	553 #endif
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	554 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto Matthew Wild <mwild1@gmail.com> parents: diff changeset	555 }

prosody

26a004c96ef8

util-src/crypto.c

Software / code / prosody

Annotate

util-src/crypto.c @ 12694:26a004c96ef8

Software `/` code `/` prosody