prosody
f63176781940
util-src/crypto.c

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Comparison

util-src/crypto.c @ 12702:f63176781940

util.crypto: More digests for sign/verify, use macros for clarity/consistency
author Matthew Wild <mwild1@gmail.com>
date Sat, 02 Jul 2022 14:59:52 +0100
parent 12698:999663b4e39d
child 12714:82bca7191f13
comparison
equal deleted inserted replaced
12701:8e402a2ae1b8 12702:f63176781940
199 lua_pushnil(L); 199 lua_pushnil(L);
200 } 200 }
201 return 1; 201 return 1;
202 } 202 }
203 203
204 /* ecdsa_sha256_sign(key, data) */
205 static int Lecdsa_sha256_sign(lua_State *L) {
206 return base_evp_sign(L, NID_X9_62_id_ecPublicKey, EVP_sha256());
207 }
208
209 /* ecdsa_sha256_verify(key, data, sig) */
210 static int Lecdsa_sha256_verify(lua_State *L) {
211 return base_evp_verify(L, NID_X9_62_id_ecPublicKey, EVP_sha256());
212 }
213
214 static int push_pkey(lua_State *L, EVP_PKEY *pkey, const int type, const int privkey) { 204 static int push_pkey(lua_State *L, EVP_PKEY *pkey, const int type, const int privkey) {
215 EVP_PKEY **ud = lua_newuserdata(L, sizeof(EVP_PKEY*)); 205 EVP_PKEY **ud = lua_newuserdata(L, sizeof(EVP_PKEY*));
216 *ud = pkey; 206 *ud = pkey;
217 luaL_newmetatable(L, PKEY_MT_TAG); 207 luaL_newmetatable(L, PKEY_MT_TAG);
218 lua_setmetatable(L, -2); 208 lua_setmetatable(L, -2);
288 return base_evp_sign(L, NID_ED25519, NULL); 278 return base_evp_sign(L, NID_ED25519, NULL);
289 } 279 }
290 280
291 static int Led25519_verify(lua_State *L) { 281 static int Led25519_verify(lua_State *L) {
292 return base_evp_verify(L, NID_ED25519, NULL); 282 return base_evp_verify(L, NID_ED25519, NULL);
293 }
294
295 static int Lrsassa_pkcs1_256_sign(lua_State *L) {
296 return base_evp_sign(L, NID_rsaEncryption, EVP_sha256());
297 }
298
299 static int Lrsassa_pkcs1_256_verify(lua_State *L) {
300 return base_evp_verify(L, NID_rsaEncryption, EVP_sha256());
301 }
302
303 static int Lrsassa_pss_256_sign(lua_State *L) {
304 return base_evp_sign(L, NID_rsassaPss, EVP_sha256());
305 }
306
307 static int Lrsassa_pss_256_verify(lua_State *L) {
308 return base_evp_verify(L, NID_rsassaPss, EVP_sha256());
309 } 283 }
310 284
311 /* gcm_encrypt(key, iv, plaintext) */ 285 /* gcm_encrypt(key, iv, plaintext) */
312 static int Laes_gcm_encrypt(lua_State *L, const EVP_CIPHER *cipher, const unsigned char expected_key_len) { 286 static int Laes_gcm_encrypt(lua_State *L, const EVP_CIPHER *cipher, const unsigned char expected_key_len) {
313 EVP_CIPHER_CTX *ctx; 287 EVP_CIPHER_CTX *ctx;
527 ECDSA_SIG_free(sig); 501 ECDSA_SIG_free(sig);
528 502
529 return 1; 503 return 1;
530 } 504 }
531 505
506 #define REG_SIGN_VERIFY(algorithm, digest) \
507 { #algorithm "_" #digest "_sign", L ## algorithm ## _ ## digest ## _sign },\
508 { #algorithm "_" #digest "_verify", L ## algorithm ## _ ## digest ## _verify },
509
510 #define IMPL_SIGN_VERIFY(algorithm, key_type, digest) \
511 static int L ## algorithm ## _ ## digest ## _sign(lua_State *L) { \
512 return base_evp_sign(L, key_type, EVP_ ## digest()); \
513 } \
514 static int L ## algorithm ## _ ## digest ## _verify(lua_State *L) { \
515 return base_evp_verify(L, key_type, EVP_ ## digest()); \
516 }
517
518 IMPL_SIGN_VERIFY(ecdsa, NID_X9_62_id_ecPublicKey, sha256)
519 IMPL_SIGN_VERIFY(ecdsa, NID_X9_62_id_ecPublicKey, sha384)
520 IMPL_SIGN_VERIFY(ecdsa, NID_X9_62_id_ecPublicKey, sha512)
521
522 IMPL_SIGN_VERIFY(rsassa_pkcs1, NID_rsaEncryption, sha256)
523 IMPL_SIGN_VERIFY(rsassa_pkcs1, NID_rsaEncryption, sha384)
524 IMPL_SIGN_VERIFY(rsassa_pkcs1, NID_rsaEncryption, sha512)
525
526 IMPL_SIGN_VERIFY(rsassa_pss, NID_rsassaPss, sha256)
527 IMPL_SIGN_VERIFY(rsassa_pss, NID_rsassaPss, sha384)
528 IMPL_SIGN_VERIFY(rsassa_pss, NID_rsassaPss, sha512)
529
532 static const luaL_Reg Reg[] = { 530 static const luaL_Reg Reg[] = {
533 { "ed25519_sign", Led25519_sign }, 531 { "ed25519_sign", Led25519_sign },
534 { "ed25519_verify", Led25519_verify }, 532 { "ed25519_verify", Led25519_verify },
535 { "rsassa_pkcs1_256_sign", Lrsassa_pkcs1_256_sign }, 533
536 { "rsassa_pkcs1_256_verify", Lrsassa_pkcs1_256_verify }, 534 REG_SIGN_VERIFY(ecdsa, sha256)
537 { "rsassa_pss_256_sign", Lrsassa_pss_256_sign }, 535 REG_SIGN_VERIFY(ecdsa, sha384)
538 { "rsassa_pss_256_verify", Lrsassa_pss_256_verify }, 536 REG_SIGN_VERIFY(ecdsa, sha512)
537
538 REG_SIGN_VERIFY(rsassa_pkcs1, sha256)
539 REG_SIGN_VERIFY(rsassa_pkcs1, sha384)
540 REG_SIGN_VERIFY(rsassa_pkcs1, sha512)
541
542 REG_SIGN_VERIFY(rsassa_pss, sha256)
543 REG_SIGN_VERIFY(rsassa_pss, sha384)
544 REG_SIGN_VERIFY(rsassa_pss, sha512)
545
539 { "aes_128_gcm_encrypt", Laes_128_gcm_encrypt }, 546 { "aes_128_gcm_encrypt", Laes_128_gcm_encrypt },
540 { "aes_128_gcm_decrypt", Laes_128_gcm_decrypt }, 547 { "aes_128_gcm_decrypt", Laes_128_gcm_decrypt },
541 { "aes_256_gcm_encrypt", Laes_256_gcm_encrypt }, 548 { "aes_256_gcm_encrypt", Laes_256_gcm_encrypt },
542 { "aes_256_gcm_decrypt", Laes_256_gcm_decrypt }, 549 { "aes_256_gcm_decrypt", Laes_256_gcm_decrypt },
543 { "ecdsa_sha256_sign", Lecdsa_sha256_sign }, 550
544 { "ecdsa_sha256_verify", Lecdsa_sha256_verify },
545 { "generate_ed25519_keypair", Lgenerate_ed25519_keypair }, 551 { "generate_ed25519_keypair", Lgenerate_ed25519_keypair },
552
546 { "import_private_pem", Limport_private_pem }, 553 { "import_private_pem", Limport_private_pem },
547 { "import_public_pem", Limport_public_pem }, 554 { "import_public_pem", Limport_public_pem },
555
548 { "parse_ecdsa_signature", Lparse_ecdsa_signature }, 556 { "parse_ecdsa_signature", Lparse_ecdsa_signature },
549 { "build_ecdsa_signature", Lbuild_ecdsa_signature }, 557 { "build_ecdsa_signature", Lbuild_ecdsa_signature },
550 { NULL, NULL } 558 { NULL, NULL }
551 }; 559 };
552 560