Annotate

util-src/crypto.c @ 12694:26a004c96ef8

util.paseto: Implementation of PASETO v4.public tokens PASETO provides an alternative to JWT with the promise of fewer implementation pitfalls. The v4.public algorithm allows asymmetric cryptographically-verified token issuance and validation. In summary, such tokens can be issued by one party and securely verified by any other party independently using the public key of the issuer. This has a number of potential applications in a decentralized network and ecosystem such as XMPP. For example, such tokens could be combined with XEP-0317 to allow hats to be verified even in the context of a third-party MUC service.
author Matthew Wild <mwild1@gmail.com>
date Fri, 24 Jun 2022 17:03:28 +0100
parent 12693:7c5afbdcbc77
child 12697:916871447b2f
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
12693
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1 /* Prosody IM
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2 -- Copyright (C) 2022 Matthew Wild
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3 --
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4 -- This project is MIT/X11 licensed. Please see the
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5 -- COPYING file in the source package for more information.
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6 --
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
7 */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
8
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
9 /*
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
10 * crypto.c
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
11 * Lua library for cryptographic operations using OpenSSL
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
12 */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
13
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
14 #include <string.h>
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
15 #include <stdlib.h>
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
16
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
17 #ifdef _MSC_VER
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
18 typedef unsigned __int32 uint32_t;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
19 #else
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
20 #include <inttypes.h>
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
21 #endif
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
22
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
23 #include "lua.h"
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
24 #include "lauxlib.h"
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
25 #include <openssl/crypto.h>
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
26 #include <openssl/ecdsa.h>
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
27 #include <openssl/err.h>
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
28 #include <openssl/evp.h>
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
29 #include <openssl/obj_mac.h>
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
30 #include <openssl/pem.h>
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
31
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
32 #if (LUA_VERSION_NUM == 501)
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
33 #define luaL_setfuncs(L, R, N) luaL_register(L, NULL, R)
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
34 #endif
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
35
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
36 #include "managed_pointer.h"
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
37
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
38 #define PKEY_MT_TAG "util.crypto key"
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
39
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
40 static BIO* new_memory_BIO() {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
41 return BIO_new(BIO_s_mem());
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
42 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
43
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
44 MANAGED_POINTER_ALLOCATOR(new_managed_EVP_MD_CTX, EVP_MD_CTX*, EVP_MD_CTX_new, EVP_MD_CTX_free)
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
45 MANAGED_POINTER_ALLOCATOR(new_managed_BIO_s_mem, BIO*, new_memory_BIO, BIO_free)
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
46 MANAGED_POINTER_ALLOCATOR(new_managed_EVP_CIPHER_CTX, EVP_CIPHER_CTX*, EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_free)
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
47
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
48 static EVP_PKEY* pkey_from_arg(lua_State *L, int idx, const int type, const int require_private) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
49 EVP_PKEY *pkey = *(EVP_PKEY**)luaL_checkudata(L, idx, PKEY_MT_TAG);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
50 if(type || require_private) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
51 lua_getuservalue(L, idx);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
52 if(type != 0) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
53 lua_getfield(L, -1, "type");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
54 if(lua_tointeger(L, -1) != type) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
55 luaL_argerror(L, idx, "unexpected key type");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
56 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
57 lua_pop(L, 1);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
58 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
59 if(require_private != 0) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
60 lua_getfield(L, -1, "private");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
61 if(lua_toboolean(L, -1) != 1) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
62 luaL_argerror(L, idx, "private key expected, got public key only");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
63 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
64 lua_pop(L, 1);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
65 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
66 lua_pop(L, 1);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
67 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
68 return pkey;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
69 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
70
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
71 static int Lpkey_finalizer(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
72 EVP_PKEY *pkey = pkey_from_arg(L, 1, 0, 0);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
73 EVP_PKEY_free(pkey);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
74 return 0;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
75 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
76
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
77 static int Lpkey_meth_get_type(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
78 EVP_PKEY *pkey = pkey_from_arg(L, 1, 0, 0);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
79
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
80 int key_type = EVP_PKEY_id(pkey);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
81 lua_pushstring(L, OBJ_nid2sn(key_type));
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
82 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
83 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
84
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
85 static int base_evp_sign(lua_State *L, const int key_type, const EVP_MD *digest_type) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
86 EVP_PKEY *pkey = pkey_from_arg(L, 1, key_type, 1);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
87 luaL_Buffer sigbuf;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
88
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
89 size_t msg_len;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
90 const unsigned char* msg = (unsigned char*)lua_tolstring(L, 2, &msg_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
91
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
92 size_t sig_len;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
93 unsigned char *sig = NULL;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
94 EVP_MD_CTX *md_ctx = new_managed_EVP_MD_CTX(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
95
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
96 if(EVP_DigestSignInit(md_ctx, NULL, digest_type, NULL, pkey) != 1) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
97 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
98 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
99 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
100 if(EVP_DigestSign(md_ctx, NULL, &sig_len, msg, msg_len) != 1) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
101 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
102 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
103 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
104
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
105 // COMPAT w/ Lua 5.1
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
106 luaL_buffinit(L, &sigbuf);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
107 sig = memset(luaL_prepbuffer(&sigbuf), 0, sig_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
108
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
109 if(EVP_DigestSign(md_ctx, sig, &sig_len, msg, msg_len) != 1) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
110 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
111 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
112 else {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
113 luaL_addsize(&sigbuf, sig_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
114 luaL_pushresult(&sigbuf);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
115 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
116 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
117
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
118 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
119 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
120
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
121 static int base_evp_verify(lua_State *L, const int key_type, const EVP_MD *digest_type) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
122 EVP_PKEY *pkey = pkey_from_arg(L, 1, key_type, 0);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
123
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
124 size_t msg_len;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
125 const unsigned char *msg = (unsigned char*)luaL_checklstring(L, 2, &msg_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
126
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
127 size_t sig_len;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
128 const unsigned char *sig = (unsigned char*)luaL_checklstring(L, 3, &sig_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
129
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
130 EVP_MD_CTX *md_ctx = EVP_MD_CTX_new();
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
131
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
132 if(EVP_DigestVerifyInit(md_ctx, NULL, digest_type, NULL, pkey) != 1) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
133 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
134 goto cleanup;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
135 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
136 int result = EVP_DigestVerify(md_ctx, sig, sig_len, msg, msg_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
137 if(result == 0) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
138 lua_pushboolean(L, 0);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
139 } else if(result != 1) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
140 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
141 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
142 else {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
143 lua_pushboolean(L, 1);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
144 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
145 cleanup:
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
146 EVP_MD_CTX_free(md_ctx);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
147 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
148 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
149
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
150 static int Lpkey_meth_public_pem(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
151 char *data;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
152 size_t bytes;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
153 EVP_PKEY *pkey = pkey_from_arg(L, 1, 0, 0);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
154 BIO *bio = new_managed_BIO_s_mem(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
155 if(PEM_write_bio_PUBKEY(bio, pkey)) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
156 bytes = BIO_get_mem_data(bio, &data);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
157 if (bytes > 0) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
158 lua_pushlstring(L, data, bytes);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
159 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
160 else {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
161 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
162 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
163 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
164 else {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
165 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
166 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
167 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
168 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
169
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
170 static int Lpkey_meth_private_pem(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
171 char *data;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
172 size_t bytes;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
173 EVP_PKEY *pkey = pkey_from_arg(L, 1, 0, 1);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
174 BIO *bio = new_managed_BIO_s_mem(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
175
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
176 if(PEM_write_bio_PrivateKey(bio, pkey, NULL, NULL, 0, NULL, NULL)) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
177 bytes = BIO_get_mem_data(bio, &data);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
178 if (bytes > 0) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
179 lua_pushlstring(L, data, bytes);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
180 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
181 else {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
182 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
183 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
184 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
185 else {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
186 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
187 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
188 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
189 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
190
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
191 /* ecdsa_sha256_sign(key, data) */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
192 static int Lecdsa_sha256_sign(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
193 return base_evp_sign(L, NID_X9_62_id_ecPublicKey, EVP_sha256());
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
194 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
195
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
196 /* ecdsa_sha256_verify(key, data, sig) */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
197 static int Lecdsa_sha256_verify(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
198 return base_evp_verify(L, NID_X9_62_id_ecPublicKey, EVP_sha256());
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
199 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
200
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
201 static int push_pkey(lua_State *L, EVP_PKEY *pkey, const int type, const int privkey) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
202 EVP_PKEY **ud = lua_newuserdata(L, sizeof(EVP_PKEY*));
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
203 *ud = pkey;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
204 luaL_newmetatable(L, PKEY_MT_TAG);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
205 lua_setmetatable(L, -2);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
206
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
207 /* Set some info about the key and attach it as a user value */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
208 lua_newtable(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
209 if(type != 0) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
210 lua_pushinteger(L, type);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
211 lua_setfield(L, -2, "type");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
212 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
213 if(privkey != 0) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
214 lua_pushboolean(L, 1);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
215 lua_setfield(L, -2, "private");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
216 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
217 lua_setuservalue(L, -2);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
218 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
219 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
220
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
221 static int Lgenerate_ed25519_keypair(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
222 EVP_PKEY *pkey = NULL;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
223 EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED25519, NULL);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
224
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
225 /* Generate key */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
226 EVP_PKEY_keygen_init(pctx);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
227 EVP_PKEY_keygen(pctx, &pkey);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
228 EVP_PKEY_CTX_free(pctx);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
229
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
230 push_pkey(L, pkey, NID_ED25519, 1);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
231 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
232 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
233
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
234 static int Limport_private_pem(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
235 EVP_PKEY *pkey = NULL;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
236
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
237 size_t privkey_bytes;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
238 const char* privkey_data;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
239 BIO *bio = new_managed_BIO_s_mem(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
240
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
241 privkey_data = luaL_checklstring(L, 1, &privkey_bytes);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
242 BIO_write(bio, privkey_data, privkey_bytes);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
243 pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
244 if (pkey) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
245 push_pkey(L, pkey, EVP_PKEY_id(pkey), 1);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
246 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
247 else {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
248 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
249 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
250
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
251 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
252 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
253
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
254 static int Limport_public_pem(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
255 EVP_PKEY *pkey = NULL;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
256
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
257 size_t pubkey_bytes;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
258 const char* pubkey_data;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
259 BIO *bio = new_managed_BIO_s_mem(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
260
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
261 pubkey_data = luaL_checklstring(L, 1, &pubkey_bytes);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
262 BIO_write(bio, pubkey_data, pubkey_bytes);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
263 pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
264 if (pkey) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
265 push_pkey(L, pkey, EVP_PKEY_id(pkey), 0);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
266 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
267 else {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
268 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
269 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
270
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
271 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
272 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
273
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
274 static int Led25519_sign(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
275 return base_evp_sign(L, NID_ED25519, NULL);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
276 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
277
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
278 static int Led25519_verify(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
279 return base_evp_verify(L, NID_ED25519, NULL);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
280 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
281
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
282 /* gcm_encrypt(key, iv, plaintext) */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
283 static int Laes_gcm_encrypt(lua_State *L, const EVP_CIPHER *cipher, const unsigned char expected_key_len) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
284 EVP_CIPHER_CTX *ctx;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
285 luaL_Buffer ciphertext_buffer;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
286
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
287 size_t key_len, iv_len, plaintext_len;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
288 int ciphertext_len, final_len;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
289
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
290 const unsigned char *key = (unsigned char*)luaL_checklstring(L, 1, &key_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
291 const unsigned char *iv = (unsigned char*)luaL_checklstring(L, 2, &iv_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
292 const unsigned char *plaintext = (unsigned char*)luaL_checklstring(L, 3, &plaintext_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
293
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
294 if(key_len != expected_key_len) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
295 return luaL_error(L, "key must be %d bytes", expected_key_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
296 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
297 luaL_argcheck(L, iv_len == 12, 2, "iv must be 12 bytes");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
298 if(lua_gettop(L) > 3) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
299 return luaL_error(L, "Expected 3 arguments, got %d", lua_gettop(L));
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
300 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
301
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
302 // Create and initialise the context
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
303 ctx = new_managed_EVP_CIPHER_CTX(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
304
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
305 // Initialise the encryption operation
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
306 if(1 != EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL)) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
307 return luaL_error(L, "Error while initializing encryption engine");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
308 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
309
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
310 // Initialise key and IV
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
311 if(1 != EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv)) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
312 return luaL_error(L, "Error while initializing key/iv");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
313 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
314
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
315 luaL_buffinit(L, &ciphertext_buffer);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
316 unsigned char *ciphertext = (unsigned char*)luaL_prepbuffsize(&ciphertext_buffer, plaintext_len+16);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
317
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
318 if(1 != EVP_EncryptUpdate(ctx, ciphertext, &ciphertext_len, plaintext, plaintext_len)) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
319 return luaL_error(L, "Error while encrypting data");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
320 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
321
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
322 /*
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
323 * Finalise the encryption. Normally ciphertext bytes may be written at
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
324 * this stage, but this does not occur in GCM mode
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
325 */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
326 if(1 != EVP_EncryptFinal_ex(ctx, ciphertext + ciphertext_len, &final_len)) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
327 return luaL_error(L, "Error while encrypting final data");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
328 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
329 if(final_len != 0) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
330 return luaL_error(L, "Non-zero final data");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
331 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
332
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
333 /* Get the tag */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
334 if(1 != EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16, ciphertext + ciphertext_len)) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
335 return luaL_error(L, "Unable to read AEAD tag of encrypted data");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
336 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
337
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
338 luaL_addsize(&ciphertext_buffer, ciphertext_len + 16);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
339 luaL_pushresult(&ciphertext_buffer);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
340
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
341 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
342 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
343
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
344 static int Laes_128_gcm_encrypt(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
345 return Laes_gcm_encrypt(L, EVP_aes_128_gcm(), 16);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
346 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
347
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
348 static int Laes_256_gcm_encrypt(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
349 return Laes_gcm_encrypt(L, EVP_aes_256_gcm(), 32);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
350 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
351
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
352 /* gcm_decrypt(key, iv, ciphertext) */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
353 static int Laes_gcm_decrypt(lua_State *L, const EVP_CIPHER *cipher, const unsigned char expected_key_len) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
354 EVP_CIPHER_CTX *ctx;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
355 luaL_Buffer plaintext_buffer;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
356
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
357 size_t key_len, iv_len, ciphertext_len;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
358 int plaintext_len, final_len;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
359
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
360 const unsigned char *key = (unsigned char*)luaL_checklstring(L, 1, &key_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
361 const unsigned char *iv = (unsigned char*)luaL_checklstring(L, 2, &iv_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
362 const unsigned char *ciphertext = (unsigned char*)luaL_checklstring(L, 3, &ciphertext_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
363
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
364 if(key_len != expected_key_len) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
365 return luaL_error(L, "key must be %d bytes", expected_key_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
366 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
367 luaL_argcheck(L, iv_len == 12, 2, "iv must be 12 bytes");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
368 luaL_argcheck(L, ciphertext_len > 16, 3, "ciphertext must be at least 16 bytes (including tag)");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
369 if(lua_gettop(L) > 3) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
370 return luaL_error(L, "Expected 3 arguments, got %d", lua_gettop(L));
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
371 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
372
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
373 /* Create and initialise the context */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
374 ctx = new_managed_EVP_CIPHER_CTX(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
375
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
376 /* Initialise the decryption operation. */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
377 if(!EVP_DecryptInit_ex(ctx, cipher, NULL, NULL, NULL)) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
378 return luaL_error(L, "Error while initializing decryption engine");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
379 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
380
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
381 /* Initialise key and IV */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
382 if(!EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv)) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
383 return luaL_error(L, "Error while initializing key/iv");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
384 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
385
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
386 luaL_buffinit(L, &plaintext_buffer);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
387 unsigned char *plaintext = (unsigned char*)luaL_prepbuffsize(&plaintext_buffer, ciphertext_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
388
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
389 /*
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
390 * Provide the message to be decrypted, and obtain the plaintext output.
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
391 * EVP_DecryptUpdate can be called multiple times if necessary
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
392 */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
393 if(!EVP_DecryptUpdate(ctx, plaintext, &plaintext_len, ciphertext, ciphertext_len-16)) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
394 return luaL_error(L, "Error while decrypting data");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
395 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
396
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
397 /* Set expected tag value. Works in OpenSSL 1.0.1d and later */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
398 if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16, (unsigned char*)ciphertext + (ciphertext_len-16))) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
399 return luaL_error(L, "Error while processing authentication tag");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
400 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
401
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
402 /*
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
403 * Finalise the decryption. A positive return value indicates success,
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
404 * anything else is a failure - the plaintext is not trustworthy.
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
405 */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
406 int ret = EVP_DecryptFinal_ex(ctx, plaintext + plaintext_len, &final_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
407
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
408 if(ret <= 0) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
409 /* Verify failed */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
410 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
411 lua_pushliteral(L, "verify-failed");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
412 return 2;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
413 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
414
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
415 luaL_addsize(&plaintext_buffer, plaintext_len + final_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
416 luaL_pushresult(&plaintext_buffer);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
417 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
418 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
419
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
420 static int Laes_128_gcm_decrypt(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
421 return Laes_gcm_decrypt(L, EVP_aes_128_gcm(), 16);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
422 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
423
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
424 static int Laes_256_gcm_decrypt(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
425 return Laes_gcm_decrypt(L, EVP_aes_256_gcm(), 32);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
426 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
427
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
428 /* r, s = parse_ecdsa_sig(sig_der) */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
429 static int Lparse_ecdsa_signature(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
430 ECDSA_SIG *sig;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
431 size_t sig_der_len;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
432 const unsigned char *sig_der = (unsigned char*)luaL_checklstring(L, 1, &sig_der_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
433 const BIGNUM *r, *s;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
434 luaL_Buffer rb, sb;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
435 int rlen, slen;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
436
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
437 sig = d2i_ECDSA_SIG(NULL, &sig_der, sig_der_len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
438
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
439 if(sig == NULL) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
440 lua_pushnil(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
441 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
442 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
443
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
444 ECDSA_SIG_get0(sig, &r, &s);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
445
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
446 rlen = BN_num_bytes(r);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
447 slen = BN_num_bytes(s);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
448
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
449 // COMPAT w/ Lua 5.1
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
450 #if LUAL_BUFFERSIZE < 32
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
451 #error Configured LUAL_BUFFERSIZE is too small for this operation
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
452 #endif
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
453
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
454 luaL_buffinit(L, &rb);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
455 BN_bn2bin(r, (unsigned char*)luaL_prepbuffer(&rb));
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
456 luaL_addsize(&rb, rlen);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
457 luaL_pushresult(&rb);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
458
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
459 luaL_buffinit(L, &sb);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
460 BN_bn2bin(s, (unsigned char*)luaL_prepbuffer(&sb));
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
461 luaL_addsize(&sb, slen);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
462 luaL_pushresult(&sb);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
463
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
464 ECDSA_SIG_free(sig);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
465
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
466 return 2;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
467 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
468
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
469 /* sig_der = build_ecdsa_signature(r, s) */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
470 static int Lbuild_ecdsa_signature(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
471 ECDSA_SIG *sig = ECDSA_SIG_new();
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
472 BIGNUM *r, *s;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
473 luaL_Buffer sigbuf;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
474
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
475 size_t rlen, slen;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
476 const unsigned char *rbin, *sbin;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
477
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
478 rbin = (unsigned char*)luaL_checklstring(L, 1, &rlen);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
479 sbin = (unsigned char*)luaL_checklstring(L, 2, &slen);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
480
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
481 r = BN_bin2bn(rbin, (int)rlen, NULL);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
482 s = BN_bin2bn(sbin, (int)slen, NULL);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
483
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
484 ECDSA_SIG_set0(sig, r, s);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
485
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
486 luaL_buffinit(L, &sigbuf);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
487
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
488 // COMPAT w/ Lua 5.1
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
489 #if LUAL_BUFFERSIZE < 128
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
490 #error Configured LUAL_BUFFERSIZE is too small for this operation
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
491 #endif
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
492
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
493 unsigned char *buffer = (unsigned char*)luaL_prepbuffer(&sigbuf);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
494 int len = i2d_ECDSA_SIG(sig, &buffer);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
495 luaL_addsize(&sigbuf, len);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
496 luaL_pushresult(&sigbuf);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
497
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
498 ECDSA_SIG_free(sig);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
499
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
500 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
501 }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
502
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
503 static const luaL_Reg Reg[] = {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
504 { "ed25519_sign", Led25519_sign },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
505 { "ed25519_verify", Led25519_verify },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
506 { "aes_128_gcm_encrypt", Laes_128_gcm_encrypt },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
507 { "aes_128_gcm_decrypt", Laes_128_gcm_decrypt },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
508 { "aes_256_gcm_encrypt", Laes_256_gcm_encrypt },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
509 { "aes_256_gcm_decrypt", Laes_256_gcm_decrypt },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
510 { "ecdsa_sha256_sign", Lecdsa_sha256_sign },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
511 { "ecdsa_sha256_verify", Lecdsa_sha256_verify },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
512 { "generate_ed25519_keypair", Lgenerate_ed25519_keypair },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
513 { "import_private_pem", Limport_private_pem },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
514 { "import_public_pem", Limport_public_pem },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
515 { "parse_ecdsa_signature", Lparse_ecdsa_signature },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
516 { "build_ecdsa_signature", Lbuild_ecdsa_signature },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
517 { NULL, NULL }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
518 };
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
519
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
520 static const luaL_Reg KeyMethods[] = {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
521 { "private_pem", Lpkey_meth_private_pem },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
522 { "public_pem", Lpkey_meth_public_pem },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
523 { "get_type", Lpkey_meth_get_type },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
524 { NULL, NULL }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
525 };
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
526
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
527 static const luaL_Reg KeyMetatable[] = {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
528 { "__gc", Lpkey_finalizer },
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
529 { NULL, NULL }
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
530 };
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
531
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
532 LUALIB_API int luaopen_util_crypto(lua_State *L) {
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
533 #if (LUA_VERSION_NUM > 501)
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
534 luaL_checkversion(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
535 #endif
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
536
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
537 /* Initialize pkey metatable */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
538 luaL_newmetatable(L, PKEY_MT_TAG);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
539 luaL_setfuncs(L, KeyMetatable, 0);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
540 lua_newtable(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
541 luaL_setfuncs(L, KeyMethods, 0);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
542 lua_setfield(L, -2, "__index");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
543 lua_pop(L, 1);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
544
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
545 /* Initialize lib table */
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
546 lua_newtable(L);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
547 luaL_setfuncs(L, Reg, 0);
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
548 lua_pushliteral(L, "-3.14");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
549 lua_setfield(L, -2, "version");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
550 #ifdef OPENSSL_VERSION
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
551 lua_pushstring(L, OpenSSL_version(OPENSSL_VERSION));
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
552 lua_setfield(L, -2, "_LIBCRYPTO_VERSION");
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
553 #endif
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
554 return 1;
7c5afbdcbc77 util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
555 }