Skip to content

Commit 0a358f8

Browse files
kunkkukunkku
committed
pkey: PEM password callback
1 parent 7ef0c5a commit 0a358f8

File tree

1 file changed

+15
-11
lines changed

1 file changed

+15
-11
lines changed

src/openssl.c

Lines changed: 15 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -3418,9 +3418,15 @@ static void pushbiostring(lua_State *L) {
34183418

34193419

34203420
static int pem_pw_cb(char *buf, int size, int rwflag, void *u) {
3421-
if (!u)
3421+
lua_State *L = (lua_State *) u;
3422+
3423+
if (lua_isnil(L, -1) || (lua_isfunction(L, -1) && lua_pcall(L, 0, 1, 0)))
3424+
return 0;
3425+
3426+
const char *pass = lua_tostring(L, -1);
3427+
if (!pass)
34223428
return 0;
3423-
char *pass = (char *) u;
3429+
34243430
strncpy(buf, pass, size);
34253431
return MIN(strlen(pass), (unsigned int) size);
34263432
} /* pem_password_cb() */
@@ -3636,7 +3642,7 @@ static int pk_new(lua_State *L) {
36363642
} else if (lua_isstring(L, 1)) {
36373643
int type = optencoding(L, 2, "*", X509_ANY|X509_PEM|X509_DER);
36383644
int pubonly = 0, prvtonly = 0;
3639-
const char *opt, *data, *pass;
3645+
const char *opt, *data;
36403646
size_t len;
36413647
BIO *bio;
36423648
EVP_PKEY *pub = NULL, *prvt = NULL;
@@ -3654,9 +3660,6 @@ static int pk_new(lua_State *L) {
36543660
}
36553661

36563662
data = luaL_checklstring(L, 1, &len);
3657-
pass = luaL_optstring(L, 4, NULL);
3658-
3659-
ud = prepsimple(L, PKEY_CLASS);
36603663

36613664
if (!(bio = BIO_new_mem_buf((void *)data, len)))
36623665
return auxL_error(L, auxL_EOPENSSL, "pkey.new");
@@ -3670,14 +3673,14 @@ static int pk_new(lua_State *L) {
36703673
*/
36713674
BIO_reset(bio);
36723675

3673-
if (!(pub = PEM_read_bio_PUBKEY(bio, NULL, pem_pw_cb, pass)))
3676+
if (!(pub = PEM_read_bio_PUBKEY(bio, NULL, pem_pw_cb, L)))
36743677
goterr = 1;
36753678
}
36763679

36773680
if (!pubonly && !prvt) {
36783681
BIO_reset(bio);
36793682

3680-
if (!(prvt = PEM_read_bio_PrivateKey(bio, NULL, pem_pw_cb, pass)))
3683+
if (!(prvt = PEM_read_bio_PrivateKey(bio, NULL, pem_pw_cb, L)))
36813684
goterr = 1;
36823685
}
36833686
}
@@ -3698,6 +3701,8 @@ static int pk_new(lua_State *L) {
36983701
}
36993702
}
37003703

3704+
ud = prepsimple(L, PKEY_CLASS);
3705+
37013706
if (prvt) {
37023707
#if 0
37033708
/* TODO: Determine if this is necessary. */
@@ -4100,17 +4105,16 @@ static int pk_toPEM(lua_State *L) {
41004105
static int pk_getPrivateKey(lua_State *L) {
41014106
EVP_PKEY *key = checksimple(L, 1, PKEY_CLASS);
41024107
const char *cname = luaL_optstring(L, 2, NULL);
4103-
const char *pass = NULL;
41044108
EVP_CIPHER *cipher = NULL;
4109+
lua_settop(L, 3);
41054110

41064111
if (cname) {
4107-
pass = luaL_checkstring(L, 3);
41084112
cipher = EVP_get_cipherbyname(cname);
41094113
if (!cipher)
41104114
return luaL_error(L, "pkey:getPrivateKey: unknown cipher: %s", cname);
41114115
}
41124116

4113-
if (!PEM_write_bio_PrivateKey(getbio(L), key, cipher, NULL, 0, pem_pw_cb, pass))
4117+
if (!PEM_write_bio_PrivateKey(getbio(L), key, cipher, NULL, 0, pem_pw_cb, L))
41144118
return auxL_error(L, auxL_EOPENSSL, "pkey:getPrivateKey");
41154119
pushbiostring(L);
41164120
return 1;

0 commit comments

Comments
 (0)