Skip to content

Commit e60b60a

Browse files
kunkkukunkku
committed
pkey: PEM password callback
1 parent 2bac24a commit e60b60a

File tree

1 file changed

+18
-11
lines changed

1 file changed

+18
-11
lines changed

src/openssl.c

Lines changed: 18 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -3270,9 +3270,18 @@ static void pushbiostring(lua_State *L) {
32703270

32713271

32723272
static int pem_pw_cb(char *buf, int size, int rwflag, void *u) {
3273-
if (!u)
3273+
lua_State *L = (lua_State *) u;
3274+
3275+
if (lua_isnil(L, -1))
32743276
return 0;
3275-
char *pass = (char *) u;
3277+
3278+
if (lua_isfunction(L, -1))
3279+
lua_call(L, 0, 1);
3280+
3281+
const char *pass = lua_tostring(L, -1);
3282+
if (!pass)
3283+
return 0;
3284+
32763285
strncpy(buf, pass, size);
32773286
return MIN(strlen(pass), (unsigned int) size);
32783287
} /* pem_password_cb() */
@@ -3488,7 +3497,7 @@ static int pk_new(lua_State *L) {
34883497
} else if (lua_isstring(L, 1)) {
34893498
int type = optencoding(L, 2, "*", X509_ANY|X509_PEM|X509_DER);
34903499
int pubonly = 0, prvtonly = 0;
3491-
const char *opt, *data, *pass;
3500+
const char *opt, *data;
34923501
size_t len;
34933502
BIO *bio;
34943503
EVP_PKEY *pub = NULL, *prvt = NULL;
@@ -3506,9 +3515,6 @@ static int pk_new(lua_State *L) {
35063515
}
35073516

35083517
data = luaL_checklstring(L, 1, &len);
3509-
pass = luaL_optstring(L, 4, NULL);
3510-
3511-
ud = prepsimple(L, PKEY_CLASS);
35123518

35133519
if (!(bio = BIO_new_mem_buf((void *)data, len)))
35143520
return auxL_error(L, auxL_EOPENSSL, "pkey.new");
@@ -3522,14 +3528,14 @@ static int pk_new(lua_State *L) {
35223528
*/
35233529
BIO_reset(bio);
35243530

3525-
if (!(pub = PEM_read_bio_PUBKEY(bio, NULL, pem_pw_cb, pass)))
3531+
if (!(pub = PEM_read_bio_PUBKEY(bio, NULL, pem_pw_cb, L)))
35263532
goterr = 1;
35273533
}
35283534

35293535
if (!pubonly && !prvt) {
35303536
BIO_reset(bio);
35313537

3532-
if (!(prvt = PEM_read_bio_PrivateKey(bio, NULL, pem_pw_cb, pass)))
3538+
if (!(prvt = PEM_read_bio_PrivateKey(bio, NULL, pem_pw_cb, L)))
35333539
goterr = 1;
35343540
}
35353541
}
@@ -3550,6 +3556,8 @@ static int pk_new(lua_State *L) {
35503556
}
35513557
}
35523558

3559+
ud = prepsimple(L, PKEY_CLASS);
3560+
35533561
if (prvt) {
35543562
#if 0
35553563
/* TODO: Determine if this is necessary. */
@@ -3959,17 +3967,16 @@ static int pk_toPEM(lua_State *L) {
39593967
static int pk_getPrivateKey(lua_State *L) {
39603968
EVP_PKEY *key = checksimple(L, 1, PKEY_CLASS);
39613969
const char *cname = luaL_optstring(L, 2, NULL);
3962-
const char *pass = NULL;
39633970
EVP_CIPHER *cipher = NULL;
3971+
lua_settop(L, 3);
39643972

39653973
if (cname) {
3966-
pass = luaL_checkstring(L, 3);
39673974
cipher = EVP_get_cipherbyname(cname);
39683975
if (!cipher)
39693976
return luaL_error(L, "pkey:getPrivateKey: unknown cipher: %s", cname);
39703977
}
39713978

3972-
if (!PEM_write_bio_PrivateKey(getbio(L), key, cipher, NULL, 0, pem_pw_cb, pass))
3979+
if (!PEM_write_bio_PrivateKey(getbio(L), key, cipher, NULL, 0, pem_pw_cb, L))
39733980
return auxL_error(L, auxL_EOPENSSL, "pkey:getPrivateKey");
39743981
pushbiostring(L);
39753982
return 1;

0 commit comments

Comments
 (0)