mirrors/aports
3
0
Fork 0
mirror of https://gitlab.alpinelinux.org/alpine/aports.git synced 2025-04-19 18:26:44 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
aports/main/lua-ossl/0007-pkey.new-decryption.patch
Kaarle Ritvanen 96eb0e947a main/lua-ossl: align with latest patch set 
available at https://github.com/wahern/luaossl/pull/128

Earlier, an empty password was returned when the callback raised a Lua
error. Now the error is propagated to the OpenSSL level.

This commit also enables the -dbg subpackage.
2025-02-12 15:07:18 +02:00

96 lines
2.8 KiB
Diff
Raw Permalink Blame History

From e66093e81cacacfabed9519b9cf4d58db6424256 Mon Sep 17 00:00:00 2001
From: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
Date: Mon, 30 Apr 2018 13:49:57 +0300
Subject: [PATCH 7/9] pkey.new: decryption
---
src/openssl.c | 30 ++++++++++++++++++++++++------
1 file changed, 24 insertions(+), 6 deletions(-)
diff --git a/src/openssl.c b/src/openssl.c
index 9de08b4..dd46fb9 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -31,7 +31,7 @@
#include <limits.h> /* INT_MAX INT_MIN LLONG_MAX LLONG_MIN UCHAR_MAX ULLONG_MAX */
#include <stdint.h> /* uintptr_t */
-#include <string.h> /* memset(3) strerror_r(3) strlen(3) */
+#include <string.h> /* memset(3) strerror_r(3) strlen(3) strncpy(3) */
#include <math.h> /* INFINITY fabs(3) floor(3) frexp(3) fmod(3) round(3) isfinite(3) */
#include <time.h> /* struct tm time_t strptime(3) time(2) */
#include <ctype.h> /* isdigit(3), isxdigit(3), tolower(3) */
@@ -4062,6 +4062,15 @@ static BIO *getbio(lua_State *L) {
} /* getbio() */
+static int pem_pw_cb(char *buf, int size, int rwflag, void *u) {
+ if (!u)
+ return -1;
+ char *pass = (char *) u;
+ strncpy(buf, pass, size);
+ return MIN(strlen(pass), (unsigned int) size);
+} /* pem_pw_cb() */
+
+
static int pk_new(lua_State *L) {
EVP_PKEY **ud;
@@ -4301,7 +4310,7 @@ static int pk_new(lua_State *L) {
} else if (lua_isstring(L, 1)) {
int format;
int pubonly = 0, prvtonly = 0;
- const char *type, *data;
+ const char *type, *data, *pass;
size_t len;
BIO *bio;
EVP_PKEY *pub = NULL, *prvt = NULL;
@@ -4311,10 +4320,12 @@ static int pk_new(lua_State *L) {
lua_pop(L, 1);
lua_getfield(L, 2, "format");
lua_getfield(L, 2, "type");
+ lua_getfield(L, 2, "password");
lua_remove(L, 2);
- }
+ } else
+ lua_pushnil(L);
- /* #1 key, #2 format, #3 type */
+ /* #1 key, #2 format, #3 type, #4 password or callback */
data = luaL_checklstring(L, 1, &len);
format = optencoding(L, 2, "*", X509_ANY|X509_PEM|X509_DER);
@@ -4330,6 +4341,13 @@ static int pk_new(lua_State *L) {
}
}
+ pass = luaL_optstring(L, 4, NULL);
+ if (pass) {
+ if (format == X509_DER)
+ return luaL_error(L, "decryption supported only for PEM keys");
+ else format = X509_PEM;
+ }
+
ud = prepsimple(L, PKEY_CLASS);
if (!(bio = BIO_new_mem_buf((void *)data, len)))
@@ -4344,14 +4362,14 @@ static int pk_new(lua_State *L) {
*/
BIO_reset(bio);
- if (!(pub = PEM_read_bio_PUBKEY(bio, NULL, 0, "")))
+ if (!(pub = PEM_read_bio_PUBKEY(bio, NULL, pem_pw_cb, pass)))
goterr = 1;
}
if (!pubonly && !prvt) {
BIO_reset(bio);
- if (!(prvt = PEM_read_bio_PrivateKey(bio, NULL, 0, "")))
+ if (!(prvt = PEM_read_bio_PrivateKey(bio, NULL, pem_pw_cb, pass)))
goterr = 1;
}
}
--
2.48.1
Reference in a new issue View git blame Copy permalink