21310072613

Committed 24 Jan 2026 05:30AM UTC coverage: 88.396% (-5.5%) from 93.89%

Build # 21310072613

Build Type

push

travis-ci

Committed by

zhaozg

Commit Message

Correct the function's type definition for portability

Coverage Stats

5 of 5 new or added lines in 2 files covered. (100.0%)

515 existing lines in 15 files now uncovered.

9149 of 10350 relevant lines covered (88.4%)

1287.19 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

96.88

/src/openssl.c

/***
Openssl binding for Lua, provide openssl full function in lua.

@module openssl
@usage
  openssl = require('openssl')
*/

#include "openssl.h"
#include <openssl/asn1.h>
#include <openssl/engine.h>
#include <openssl/opensslconf.h>
#include <openssl/ssl.h>

#include "private.h"
#ifndef OPENSSL_NO_CMS
#include <openssl/cms.h>
#endif

/***
get lua-openssl version
@function version
@tparam[opt] boolean format result will be number when set true, or string
@treturn lua-openssl version, lua version, openssl version
*/
static int
openssl_version(lua_State *L)
{
  int num = lua_isnone(L, 1) ? 0 : auxiliar_checkboolean(L, 1);
  if (num) {
    lua_pushinteger(L, LOPENSSL_VERSION_NUM);
    lua_pushinteger(L, LUA_VERSION_NUM);
#ifdef LIBRESSL_VERSION_NUMBER
    lua_pushinteger(L, LIBRESSL_VERSION_NUMBER);
#else
    lua_pushinteger(L, OPENSSL_VERSION_NUMBER);
#endif
  } else {
    lua_pushstring(L, LOPENSSL_VERSION);
    lua_pushstring(L, LUA_VERSION);
    lua_pushstring(L, OPENSSL_VERSION_TEXT);
  }
  return 3;
}

/***
hex encode or decode string
@function hex
@tparam string str
@tparam[opt=true] boolean encode true to encoed, false to decode
@treturn string
*/
static int openssl_hex(lua_State *L)
{
  size_t      l = 0;
  const char *s = luaL_checklstring(L, 1, &l);
  int         encode = lua_isnone(L, 2) ? 1 : lua_toboolean(L, 2);
  char       *h = NULL;

  if (l == 0) {
    lua_pushstring(L, "");
    return 1;
  }
  if (encode) {
    h = OPENSSL_malloc(2 * l + 1);
    l = bin2hex((const unsigned char *)s, h, l);
  } else {
    h = OPENSSL_malloc(l / 2 + 1);
    l = hex2bin(s, (unsigned char *)h, l);
  };
  lua_pushlstring(L, (const char *)h, l);
  OPENSSL_free(h);

  return 1;
}

/***
base64 encode or decode
@function base64
@tparam string|bio input
@tparam[opt=true] boolean encode true to encoed, false to decode
@tparam[opt=true] boolean NO_NL default true without newline, false with newline
@treturn string
*/
static int openssl_base64(lua_State *L)
{
  BIO     *inp = load_bio_object(L, 1);
  int      encode = lua_isnone(L, 2) ? 1 : lua_toboolean(L, 2);
  int      nonl = lua_isnone(L, 3) ? BIO_FLAGS_BASE64_NO_NL
                                   : (lua_toboolean(L, 3) ? BIO_FLAGS_BASE64_NO_NL : 0);
  BIO     *b64 = BIO_new(BIO_f_base64());
  BIO     *out = BIO_new(BIO_s_mem());
  BUF_MEM *mem = { 0 };
  int      ret = 0;

  BIO_set_flags(b64, nonl);
  if (encode) {
    BIO_push(b64, out);
    BIO_get_mem_ptr(inp, &mem);
    BIO_write(b64, mem->data, mem->length);
    (void)BIO_flush(b64);
  } else {
    char inbuf[512];
    int  inlen;
    BIO_push(b64, inp);
    while ((inlen = BIO_read(b64, inbuf, 512)) > 0) BIO_write(out, inbuf, inlen);
    (void)BIO_flush(out);
  }

  BIO_get_mem_ptr(out, &mem);
  if (mem->length > 0) {
    lua_pushlstring(L, mem->data, mem->length);
    ret = 1;
  }
  BIO_free_all(b64);
  if (encode)
    BIO_free(inp);
  else
    BIO_free(out);
  return ret;
}

static void
list_callback(const OBJ_NAME *obj, void *arg)
{
  lua_State *L = (lua_State *)arg;
  int        idx = (int)lua_rawlen(L, -1);
  lua_pushstring(L, obj->name);
  lua_rawseti(L, -2, idx + 1);
}

/***
get method names
@function list
@tparam string type support 'cipher','digests','pkeys','comps'
@treturn table as array
*/
static int openssl_list(lua_State *L)
{
  static int options[] = { OBJ_NAME_TYPE_MD_METH,
                           OBJ_NAME_TYPE_CIPHER_METH,
#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x30900000L
                           /* NOTE: libressl 4.0.0 */
                           OBJ_NAME_TYPE_PKEY_METH,
                           OBJ_NAME_TYPE_COMP_METH
#endif
  };
  static const char *names[] = { "digests",
                                 "ciphers",
#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x30900000L
                                 "pkeys",
                                 "comps",
#endif
                                 NULL };
  int type = auxiliar_checkoption(L, 1, NULL, names, options);
  lua_createtable(L, 0, 0);
  OBJ_NAME_do_all_sorted(type, list_callback, L);
  return 1;
}

/***
get last or given error infomation

Most lua-openssl function or methods return nil or false when error or
failed, followed by string type error _reason_ and number type error _code_,
_code_ can pass to openssl.error() to get more error information.

@function error
@tparam[opt] number error, default use ERR_get_error() return value
@treturn string reason
@treturn string library name
@treturn number errcode
@treturn string function name if available
@treturn boolean indicates whether a given error code is a fatal error
*/
static int openssl_error_string(lua_State *L)
{
  unsigned long val = ERR_get_error();
  if (val == 0) return 0;

  val = (unsigned long)luaL_optinteger(L, 1, val);

  lua_pushstring(L, ERR_reason_error_string(val));
  lua_pushstring(L, ERR_lib_error_string(val));
  lua_pushinteger(L, val);

#if (OPENSSL_VERSION_NUMBER < 0x30000000L)
  lua_pushstring(L, ERR_func_error_string(val));
#else
  lua_pushnil(L);
#endif

#ifdef ERR_FATAL_ERROR
  lua_pushboolean(L, ERR_FATAL_ERROR(val));
#else
  lua_pushnil(L);
#endif

  return 5;
}

/***
Empties the current thread's error queue, helps reduce memory usage.
@function clear_error
*/
static int openssl_clear_error(lua_State *L)
{
  ERR_clear_error();
  return 0;
}

/***
Fetch all error strings from current thread's error queue, and empty the error queue.
@function errors
@treturn string
*/
static int openssl_errors(lua_State *L)
{
  int  ret = 0;
  BIO *out = BIO_new(BIO_s_mem());
  if (out) {
    BUF_MEM *mem;

    ERR_print_errors(out);
    BIO_get_mem_ptr(out, &mem);
    lua_pushlstring(L, mem->data, mem->length);
    BIO_free(out);

    ERR_clear_error();
    ret = 1;
  }
  return ret;
}

/***
mixes the num bytes at buf into the PRNG state.
@function rand_add
@tparam string seed data to seed random generator
@tparam number entropy the lower bound of an estimate of how much randomness is contained in buf,
measured in bytes.
*/
static int
openssl_random_add(lua_State *L)
{
  size_t      num = 0;
  const void *buf = luaL_checklstring(L, 1, &num);
  double      entropy = luaL_optinteger(L, 2, num);

  RAND_add(buf, num, entropy);
  return 0;
}

/***
load rand seed from file
@function rand_load
@tparam[opt=nil] string file path to laod seed, default openssl management
@treturn boolean result
*/
static int
openssl_random_load(lua_State *L)
{
  const char *file = luaL_optstring(L, 1, NULL);
  char        buffer[MAX_PATH];
  int         ret = 0, len = luaL_optinteger(L, 2, 2048);

  if (file == NULL) file = RAND_file_name(buffer, sizeof buffer);
  ret = RAND_load_file(file, len);

  lua_pushboolean(L, ret);
  return 1;
}

/***
save rand seed to file
@function rand_write
@tparam[opt=nil] string file path to save seed, default openssl management
@treturn bool result
*/
static int
openssl_random_write(lua_State *L)
{
  const char *file = luaL_optstring(L, 1, NULL);
  char        buffer[MAX_PATH];
  int         ret = 0;

  if (file == NULL) file = RAND_file_name(buffer, sizeof buffer);
#ifndef OPENSSL_NO_EGD
  ret = RAND_egd(file);
  /* we try if the given filename is an EGD socket.
     if it is, we don't write anything back to the file.
   */
#endif
  if (ret != 1) ret = RAND_write_file(file);

  return openssl_pushresult(L, ret);
}

/***
get random generator state
@function rand_status
@tparam boolean result true for sucess
*/
static int
openssl_random_status(lua_State *L)
{
  lua_pushboolean(L, RAND_status());
  return 1;
}

/***
get random bytes
@function random
@tparam number length
@treturn string
*/
static int openssl_random_bytes(lua_State *L)
{
  long length = luaL_checkint(L, 1);

  char *buffer = NULL;
  int   ret = 0;

  luaL_argcheck(L, length > 0, 1, "must greater than 0");

  buffer = malloc(length + 1);
  ret = RAND_bytes((byte *)buffer, length);
  if (ret == 1) {
    lua_pushlstring(L, buffer, length);
  }
  free(buffer);
  return ret == 1 ? 1 : openssl_pushresult(L, ret);
}

/***
set FIPS mode
@function FIPS_mode
@tparam boolean fips true enable FIPS mode, false disable it.
@treturn boolean success
*/

/***
get FIPS mode
@function FIPS_mode
@treturn boolean return true when FIPS mode enabled, false when FIPS mode disabled.
*/
static int
openssl_fips_mode(lua_State *L)
{
  int ret = 0;
#if !defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER < 0x30000000L)
  int on = 0;
  if (lua_isnone(L, 1)) {
    lua_pushboolean(L, FIPS_mode());
    ret = 1;
  } else {
    on = auxiliar_checkboolean(L, 1);
    ret = FIPS_mode_set(on);
    ret = openssl_pushresult(L, ret);
  }
#endif

  return ret;
}

#ifndef OPENSSL_NO_CRYPTO_MDEBUG
/***
get memory leak report
@function mem_leaks
@treturn string memory leak report from OpenSSL
*/
static int
openssl_mem_leaks(lua_State *L)
{
  BIO     *bio = BIO_new(BIO_s_mem());
  BUF_MEM *mem;

  CRYPTO_mem_leaks(bio);
  BIO_get_mem_ptr(bio, &mem);
  lua_pushlstring(L, mem->data, mem->length);
  BIO_free(bio);
  return 1;
}
#endif

/***
get openssl engine object
@function engine
@tparam string engine_id
@treturn engine
*/
static const luaL_Reg eay_functions[] = {
  { "version",     openssl_version       },
  { "list",        openssl_list          },
  { "hex",         openssl_hex           },
  { "base64",      openssl_base64        },
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
  { "mem_leaks",   openssl_mem_leaks     },
#endif
  { "rand_status", openssl_random_status },
  { "rand_add",    openssl_random_add    },
  { "rand_load",   openssl_random_load   },
  { "rand_write",  openssl_random_write  },
  { "random",      openssl_random_bytes  },

  { "clear_error", openssl_clear_error   },
  { "error",       openssl_error_string  },
  { "errors",      openssl_errors        },
#ifndef OPENSSL_NO_ENGINE
  { "engine",      openssl_engine        },
#endif
  { "FIPS_mode",   openssl_fips_mode     },

  { NULL,          NULL                  }
};

#if defined(OPENSSL_THREADS) && \
    (OPENSSL_VERSION_NUMBER < 0x30000000L || defined(LIBRESSL_VERSION_NUMBER))
void CRYPTO_thread_setup(void);
void CRYPTO_thread_cleanup(void);
#endif

#if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L
#include <stdatomic.h>
static atomic_int _guard = 0;
#else
static volatile int _guard = 0;
#endif

static void
openssl_finalize(void)
{
#if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L
  if (atomic_fetch_add_explicit(&_guard, -1, memory_order_relaxed) != 1) return;
#else
  if (--_guard == 1) return;
#endif

#if (OPENSSL_VERSION_NUMBER < 0x30000000L || defined(LIBRESSL_VERSION_NUMBER))
#if !defined(LIBRESSL_VERSION_NUMBER)
  FIPS_mode_set(0);
#endif

  CONF_modules_unload(1);

#if (OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER))
  OBJ_cleanup();
  EVP_cleanup();
#ifndef OPENSSL_NO_ENGINE
  ENGINE_cleanup();
#endif

  CRYPTO_cleanup_all_ex_data();
  ERR_remove_thread_state(NULL);
  RAND_cleanup();
  ERR_free_strings();
#if !defined(OPENSSL_NO_COMP) && !defined(LIBRESSL_VERSION_NUMBER)
  COMP_zlib_cleanup();
#endif

  CRYPTO_THREADID_set_callback(NULL);
  CRYPTO_set_locking_callback(NULL);

#if defined(OPENSSL_THREADS)
  CRYPTO_thread_cleanup();
#endif

  CONF_modules_free();

#endif /* (OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) */

#ifndef OPENSSL_NO_CRYPTO_MDEBUG
#if !(defined(OPENSSL_NO_STDIO) || defined(OPENSSL_NO_FP_API))
#if defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10101000L
  CRYPTO_mem_leaks_fp(stderr);
#else
  if (CRYPTO_mem_leaks_fp(stderr) != 1) {
    fprintf(stderr,
            "Please report a bug on https://github.com/zhaozg/lua-openssl."
            "And if can, please provide a reproduce method and minimal code.\n"
            "\n\tThank You.");
  }
#endif
#endif /* OPENSSL_NO_STDIO or OPENSSL_NO_FP_API */
#endif /* OPENSSL_NO_CRYPTO_MDEBUG */
#else


#endif
}

static void
openssl_initialize()
{
#if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L
  if (atomic_fetch_add_explicit(&_guard, 1, memory_order_relaxed) > 0) return;
#else
  if (++_guard > 0) return;
#endif


#if (OPENSSL_VERSION_NUMBER < 0x30000000L || defined(LIBRESSL_VERSION_NUMBER))
  atexit(openssl_finalize);

  CRYPTO_thread_setup();

#if (OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER))
  OpenSSL_add_all_ciphers();
  OpenSSL_add_all_digests();
  SSL_library_init();

  ERR_load_crypto_strings();
#endif

  ERR_load_ERR_strings();
  ERR_load_EVP_strings();

  ERR_load_SSL_strings();
  ERR_load_BN_strings();
#ifndef OPENSSL_NO_CMS
  ERR_load_CMS_strings();
#endif

#if (OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER))
#ifndef OPENSSL_NO_ENGINE
  ENGINE_load_openssl();
#endif
#endif

  ENGINE_load_builtin_engines();

  RAND_seed(LOPENSSL_VERSION LUA_VERSION OPENSSL_VERSION_TEXT,
            sizeof(LOPENSSL_VERSION LUA_VERSION OPENSSL_VERSION_TEXT));
#else
  OPENSSL_init_ssl(OPENSSL_INIT_ENGINE_ALL_BUILTIN |
                   OPENSSL_INIT_ENGINE_OPENSSL |
                   OPENSSL_INIT_LOAD_CRYPTO_STRINGS |
                   OPENSSL_INIT_LOAD_SSL_STRINGS |
                   OPENSSL_INIT_ADD_ALL_CIPHERS |
                   OPENSSL_INIT_ADD_ALL_DIGESTS,
                   NULL);
#endif

#ifdef LOAD_ENGINE_CUSTOM
  LOAD_ENGINE_CUSTOM
#endif
}

#ifndef LUA_RIDX_MAINTHREAD
#define LUA_RIDX_MAINTHREAD 1
#endif
lua_State *openssl_mainthread(lua_State *L)
{
  lua_rawgeti(L, LUA_REGISTRYINDEX, LUA_RIDX_MAINTHREAD);
  lua_State *mainL = lua_tothread(L, -1);
  lua_pop(L, 1);
  return mainL ? mainL : L;
}

LUALIB_API int
luaopen_openssl(lua_State *L)
{
  openssl_initialize();

  lua_newtable(L);

  luaL_setfuncs(L, eay_functions, 0);

#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x30900000L
  /* NOTE: refact lhash/conf module */
  openssl_register_lhash(L);
#endif

#ifndef OPENSSL_NO_ENGINE
  openssl_register_engine(L);
#endif

  luaopen_bio(L);
  lua_setfield(L, -2, "bio");

  luaopen_asn1(L);
  lua_setfield(L, -2, "asn1");

  luaopen_digest(L);
  lua_setfield(L, -2, "digest");

  luaopen_cipher(L);
  lua_setfield(L, -2, "cipher");

  luaopen_hmac(L);
  lua_setfield(L, -2, "hmac");

#if (OPENSSL_VERSION_NUMBER >= 0x30000000L) && !defined(LIBRESSL_VERSION_NUMBER)
  luaopen_mac(L);
  lua_setfield(L, -2, "mac");
  luaopen_param(L);
  lua_setfield(L, -2, "param");
  luaopen_provider(L);
  lua_setfield(L, -2, "provider");
#endif
  luaopen_kdf(L);
  lua_setfield(L, -2, "kdf");

  luaopen_pkey(L);
  lua_setfield(L, -2, "pkey");

#ifdef EVP_PKEY_EC
  luaopen_ec(L);
  lua_setfield(L, -2, "ec");
#endif

  luaopen_x509(L);
  lua_setfield(L, -2, "x509");

  luaopen_pkcs7(L);
  lua_setfield(L, -2, "pkcs7");

  luaopen_pkcs12(L);
  lua_setfield(L, -2, "pkcs12");

  luaopen_ocsp(L);
  lua_setfield(L, -2, "ocsp");

#ifdef OPENSSL_HAVE_TS
  /* timestamp handling */
  luaopen_ts(L);
  lua_setfield(L, -2, "ts");
#endif

  luaopen_cms(L);
  lua_setfield(L, -2, "cms");

  luaopen_ssl(L);
  lua_setfield(L, -2, "ssl");

  /* third part */
  luaopen_bn(L);
  lua_setfield(L, -2, "bn");

  luaopen_rsa(L);
  lua_setfield(L, -2, "rsa");
  luaopen_dsa(L);
  lua_setfield(L, -2, "dsa");
  luaopen_dh(L);
  lua_setfield(L, -2, "dh");

#ifndef OPENSSL_NO_SRP
  luaopen_srp(L);
  lua_setfield(L, -2, "srp");
#endif

#ifdef ENABLE_OPENSSL_GLOBAL
  lua_pushvalue(L, -1);
  lua_setglobal(L, "openssl");
#endif

  return 1;
}

1	/***
2	Openssl binding for Lua, provide openssl full function in lua.
3
4	@module openssl
5	@usage
6	openssl = require('openssl')
7	*/
8
9	#include "openssl.h"
10	#include <openssl/asn1.h>
11	#include <openssl/engine.h>
12	#include <openssl/opensslconf.h>
13	#include <openssl/ssl.h>
14
15	#include "private.h"
16	#ifndef OPENSSL_NO_CMS
17	#include <openssl/cms.h>
18	#endif
19
20	/***
21	get lua-openssl version
22	@function version
23	@tparam[opt] boolean format result will be number when set true, or string
24	@treturn lua-openssl version, lua version, openssl version
25	*/
26	static int
27	openssl_version(lua_State *L)	6✔
28	{
29	int num = lua_isnone(L, 1) ? 0 : auxiliar_checkboolean(L, 1);	6✔
30	if (num) {	6✔
31	lua_pushinteger(L, LOPENSSL_VERSION_NUM);	4✔
32	lua_pushinteger(L, LUA_VERSION_NUM);	4✔
33	#ifdef LIBRESSL_VERSION_NUMBER
34	lua_pushinteger(L, LIBRESSL_VERSION_NUMBER);
35	#else
36	lua_pushinteger(L, OPENSSL_VERSION_NUMBER);	4✔
37	#endif
38	} else {
39	lua_pushstring(L, LOPENSSL_VERSION);	2✔
40	lua_pushstring(L, LUA_VERSION);	2✔
41	lua_pushstring(L, OPENSSL_VERSION_TEXT);	2✔
42	}
43	return 3;	6✔
44	}
45
46	/***
47	hex encode or decode string
48	@function hex
49	@tparam string str
50	@tparam[opt=true] boolean encode true to encoed, false to decode
51	@treturn string
52	*/
53	static int openssl_hex(lua_State *L)	39✔
54	{
55	size_t l = 0;	39✔
56	const char *s = luaL_checklstring(L, 1, &l);	39✔
57	int encode = lua_isnone(L, 2) ? 1 : lua_toboolean(L, 2);	39✔
58	char *h = NULL;	39✔
59
60	if (l == 0) {	39✔
61	lua_pushstring(L, "");	1✔
62	return 1;	1✔
63	}
64	if (encode) {	38✔
65	h = OPENSSL_malloc(2 * l + 1);	37✔
66	l = bin2hex((const unsigned char *)s, h, l);	37✔
67	} else {
68	h = OPENSSL_malloc(l / 2 + 1);	1✔
69	l = hex2bin(s, (unsigned char *)h, l);	1✔
70	};
71	lua_pushlstring(L, (const char *)h, l);	38✔
72	OPENSSL_free(h);	38✔
73
74	return 1;	38✔
75	}
76
77	/***
78	base64 encode or decode
79	@function base64
80	@tparam string\|bio input
81	@tparam[opt=true] boolean encode true to encoed, false to decode
82	@tparam[opt=true] boolean NO_NL default true without newline, false with newline
83	@treturn string
84	*/
85	static int openssl_base64(lua_State *L)	44✔
86	{
87	BIO *inp = load_bio_object(L, 1);	44✔
88	int encode = lua_isnone(L, 2) ? 1 : lua_toboolean(L, 2);	44✔
89	int nonl = lua_isnone(L, 3) ? BIO_FLAGS_BASE64_NO_NL	44✔
90	: (lua_toboolean(L, 3) ? BIO_FLAGS_BASE64_NO_NL : 0);	44✔
91	BIO *b64 = BIO_new(BIO_f_base64());	44✔
92	BIO *out = BIO_new(BIO_s_mem());	44✔
93	BUF_MEM *mem = { 0 };	44✔
94	int ret = 0;	44✔
95
96	BIO_set_flags(b64, nonl);	44✔
97	if (encode) {	44✔
98	BIO_push(b64, out);	14✔
99	BIO_get_mem_ptr(inp, &mem);	14✔
100	BIO_write(b64, mem->data, mem->length);	14✔
101	(void)BIO_flush(b64);	14✔
102	} else {
103	char inbuf[512];
104	int inlen;
105	BIO_push(b64, inp);	30✔
106	while ((inlen = BIO_read(b64, inbuf, 512)) > 0) BIO_write(out, inbuf, inlen);	60✔
107	(void)BIO_flush(out);	30✔
108	}
109
110	BIO_get_mem_ptr(out, &mem);	44✔
111	if (mem->length > 0) {	44✔
112	lua_pushlstring(L, mem->data, mem->length);	44✔
113	ret = 1;	44✔
114	}
115	BIO_free_all(b64);	44✔
116	if (encode)	44✔
117	BIO_free(inp);	14✔
118	else
119	BIO_free(out);	30✔
120	return ret;	44✔
121	}
122
123	static void
124	list_callback(const OBJ_NAME obj, void arg)	57✔
125	{
126	lua_State L = (lua_State )arg;	57✔
127	int idx = (int)lua_rawlen(L, -1);	57✔
128	lua_pushstring(L, obj->name);	57✔
129	lua_rawseti(L, -2, idx + 1);	57✔
130	}	57✔
131
132	/***
133	get method names
134	@function list
135	@tparam string type support 'cipher','digests','pkeys','comps'
136	@treturn table as array
137	*/
138	static int openssl_list(lua_State *L)	1✔
139	{
140	static int options[] = { OBJ_NAME_TYPE_MD_METH,
141	OBJ_NAME_TYPE_CIPHER_METH,
142	#if !defined(LIBRESSL_VERSION_NUMBER) \|\| LIBRESSL_VERSION_NUMBER < 0x30900000L
143	/* NOTE: libressl 4.0.0 */
144	OBJ_NAME_TYPE_PKEY_METH,
145	OBJ_NAME_TYPE_COMP_METH
146	#endif
147	};
148	static const char *names[] = { "digests",
149	"ciphers",
150	#if !defined(LIBRESSL_VERSION_NUMBER) \|\| LIBRESSL_VERSION_NUMBER < 0x30900000L
151	"pkeys",
152	"comps",
153	#endif
154	NULL };
155	int type = auxiliar_checkoption(L, 1, NULL, names, options);	1✔
156	lua_createtable(L, 0, 0);	1✔
157	OBJ_NAME_do_all_sorted(type, list_callback, L);	1✔
158	return 1;	1✔
159	}
160
161	/***
162	get last or given error infomation
163
164	Most lua-openssl function or methods return nil or false when error or
165	failed, followed by string type error _reason_ and number type error _code_,
166	_code_ can pass to openssl.error() to get more error information.
167
168	@function error
169	@tparam[opt] number error, default use ERR_get_error() return value
170	@treturn string reason
171	@treturn string library name
172	@treturn number errcode
173	@treturn string function name if available
174	@treturn boolean indicates whether a given error code is a fatal error
175	*/
176	static int openssl_error_string(lua_State *L)	16✔
177	{
178	unsigned long val = ERR_get_error();	16✔
179	if (val == 0) return 0;	16✔
180
181	val = (unsigned long)luaL_optinteger(L, 1, val);	8✔
182
183	lua_pushstring(L, ERR_reason_error_string(val));	8✔
184	lua_pushstring(L, ERR_lib_error_string(val));	8✔
185	lua_pushinteger(L, val);	8✔
186
187	#if (OPENSSL_VERSION_NUMBER < 0x30000000L)
188	lua_pushstring(L, ERR_func_error_string(val));	8✔
189	#else
190	lua_pushnil(L);
191	#endif
192
193	#ifdef ERR_FATAL_ERROR
194	lua_pushboolean(L, ERR_FATAL_ERROR(val));	8✔
195	#else
196	lua_pushnil(L);
197	#endif
198
199	return 5;	8✔
200	}
201
202	/***
203	Empties the current thread's error queue, helps reduce memory usage.
204	@function clear_error
205	*/
206	static int openssl_clear_error(lua_State *L)	2✔
207	{
208	ERR_clear_error();	2✔
209	return 0;	2✔
210	}
211
212	/***
213	Fetch all error strings from current thread's error queue, and empty the error queue.
214	@function errors
215	@treturn string
216	*/
217	static int openssl_errors(lua_State *L)	5✔
218	{
219	int ret = 0;	5✔
220	BIO *out = BIO_new(BIO_s_mem());	5✔
221	if (out) {	5✔
222	BUF_MEM *mem;
223
224	ERR_print_errors(out);	5✔
225	BIO_get_mem_ptr(out, &mem);	5✔
226	lua_pushlstring(L, mem->data, mem->length);	5✔
227	BIO_free(out);	5✔
228
229	ERR_clear_error();	5✔
230	ret = 1;	5✔
231	}
232	return ret;	5✔
233	}
234
235	/***
236	mixes the num bytes at buf into the PRNG state.
237	@function rand_add
238	@tparam string seed data to seed random generator
239	@tparam number entropy the lower bound of an estimate of how much randomness is contained in buf,
240	measured in bytes.
241	*/
242	static int
243	openssl_random_add(lua_State *L)	1✔
244	{
245	size_t num = 0;	1✔
246	const void *buf = luaL_checklstring(L, 1, &num);	1✔
247	double entropy = luaL_optinteger(L, 2, num);	1✔
248
249	RAND_add(buf, num, entropy);	1✔
250	return 0;	1✔
251	}
252
253	/***
254	load rand seed from file
255	@function rand_load
256	@tparam[opt=nil] string file path to laod seed, default openssl management
257	@treturn boolean result
258	*/
259	static int
260	openssl_random_load(lua_State *L)	1✔
261	{
262	const char *file = luaL_optstring(L, 1, NULL);	1✔
263	char buffer[MAX_PATH];
264	int ret = 0, len = luaL_optinteger(L, 2, 2048);	1✔
265
266	if (file == NULL) file = RAND_file_name(buffer, sizeof buffer);	1✔
267	ret = RAND_load_file(file, len);	1✔
268
269	lua_pushboolean(L, ret);	1✔
270	return 1;	1✔
271	}
272
273	/***
274	save rand seed to file
275	@function rand_write
276	@tparam[opt=nil] string file path to save seed, default openssl management
277	@treturn bool result
278	*/
279	static int
280	openssl_random_write(lua_State *L)	1✔
281	{
282	const char *file = luaL_optstring(L, 1, NULL);	1✔
283	char buffer[MAX_PATH];
284	int ret = 0;	1✔
285
286	if (file == NULL) file = RAND_file_name(buffer, sizeof buffer);	1✔
287	#ifndef OPENSSL_NO_EGD
288	ret = RAND_egd(file);	1✔
289	/* we try if the given filename is an EGD socket.
290	if it is, we don't write anything back to the file.
291	*/
292	#endif
293	if (ret != 1) ret = RAND_write_file(file);	1✔
294
295	return openssl_pushresult(L, ret);	1✔
296	}
297
298	/***
299	get random generator state
300	@function rand_status
301	@tparam boolean result true for sucess
302	*/
303	static int
304	openssl_random_status(lua_State *L)	1✔
305	{
306	lua_pushboolean(L, RAND_status());	1✔
307	return 1;	1✔
308	}
309
310	/***
311	get random bytes
312	@function random
313	@tparam number length
314	@treturn string
315	*/
316	static int openssl_random_bytes(lua_State *L)	173✔
317	{
318	long length = luaL_checkint(L, 1);	173✔
319
320	char *buffer = NULL;	173✔
321	int ret = 0;	173✔
322
323	luaL_argcheck(L, length > 0, 1, "must greater than 0");	173✔
324
325	buffer = malloc(length + 1);	173✔
326	ret = RAND_bytes((byte *)buffer, length);	173✔
327	if (ret == 1) {	173✔
328	lua_pushlstring(L, buffer, length);	173✔
329	}
330	free(buffer);	173✔
331	return ret == 1 ? 1 : openssl_pushresult(L, ret);	173✔
332	}
333
334	/***
335	set FIPS mode
336	@function FIPS_mode
337	@tparam boolean fips true enable FIPS mode, false disable it.
338	@treturn boolean success
339	*/
340
341	/***
342	get FIPS mode
343	@function FIPS_mode
344	@treturn boolean return true when FIPS mode enabled, false when FIPS mode disabled.
345	*/
346	static int
347	openssl_fips_mode(lua_State *L)	4✔
348	{
349	int ret = 0;	4✔
350	#if !defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER < 0x30000000L)
351	int on = 0;	4✔
352	if (lua_isnone(L, 1)) {	4✔
353	lua_pushboolean(L, FIPS_mode());	3✔
354	ret = 1;	3✔
355	} else {
356	on = auxiliar_checkboolean(L, 1);	1✔
357	ret = FIPS_mode_set(on);	1✔
358	ret = openssl_pushresult(L, ret);	1✔
359	}
360	#endif
361
362	return ret;	4✔
363	}
364
365	#ifndef OPENSSL_NO_CRYPTO_MDEBUG
366	/***
367	get memory leak report
368	@function mem_leaks
369	@treturn string memory leak report from OpenSSL
370	*/
371	static int
UNCOV 372	openssl_mem_leaks(lua_State *L)	×
373	{
UNCOV 374	BIO *bio = BIO_new(BIO_s_mem());	×
375	BUF_MEM *mem;
376
UNCOV 377	CRYPTO_mem_leaks(bio);	×
UNCOV 378	BIO_get_mem_ptr(bio, &mem);	×
UNCOV 379	lua_pushlstring(L, mem->data, mem->length);	×
UNCOV 380	BIO_free(bio);	×
UNCOV 381	return 1;	×
382	}
383	#endif
384
385	/***
386	get openssl engine object
387	@function engine
388	@tparam string engine_id
389	@treturn engine
390	*/
391	static const luaL_Reg eay_functions[] = {
392	{ "version", openssl_version },
393	{ "list", openssl_list },
394	{ "hex", openssl_hex },
395	{ "base64", openssl_base64 },
396	#ifndef OPENSSL_NO_CRYPTO_MDEBUG
397	{ "mem_leaks", openssl_mem_leaks },
398	#endif
399	{ "rand_status", openssl_random_status },
400	{ "rand_add", openssl_random_add },
401	{ "rand_load", openssl_random_load },
402	{ "rand_write", openssl_random_write },
403	{ "random", openssl_random_bytes },
404
405	{ "clear_error", openssl_clear_error },
406	{ "error", openssl_error_string },
407	{ "errors", openssl_errors },
408	#ifndef OPENSSL_NO_ENGINE
409	{ "engine", openssl_engine },
410	#endif
411	{ "FIPS_mode", openssl_fips_mode },
412
413	{ NULL, NULL }
414	};
415
416	#if defined(OPENSSL_THREADS) && \
417	(OPENSSL_VERSION_NUMBER < 0x30000000L \|\| defined(LIBRESSL_VERSION_NUMBER))
418	void CRYPTO_thread_setup(void);
419	void CRYPTO_thread_cleanup(void);
420	#endif
421
422	#if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L
423	#include <stdatomic.h>
424	static atomic_int _guard = 0;
425	#else
426	static volatile int _guard = 0;
427	#endif
428
429	static void
430	openssl_finalize(void)	1✔
431	{
432	#if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L
433	if (atomic_fetch_add_explicit(&_guard, -1, memory_order_relaxed) != 1) return;	1✔
434	#else
435	if (--_guard == 1) return;
436	#endif
437
438	#if (OPENSSL_VERSION_NUMBER < 0x30000000L \|\| defined(LIBRESSL_VERSION_NUMBER))
439	#if !defined(LIBRESSL_VERSION_NUMBER)
440	FIPS_mode_set(0);	1✔
441	#endif
442
443	CONF_modules_unload(1);	1✔
444
445	#if (OPENSSL_VERSION_NUMBER < 0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER))
446	OBJ_cleanup();	1✔
447	EVP_cleanup();	1✔
448	#ifndef OPENSSL_NO_ENGINE
449	ENGINE_cleanup();	1✔
450	#endif
451
452	CRYPTO_cleanup_all_ex_data();	1✔
453	ERR_remove_thread_state(NULL);	1✔
454	RAND_cleanup();	1✔
455	ERR_free_strings();	1✔
456	#if !defined(OPENSSL_NO_COMP) && !defined(LIBRESSL_VERSION_NUMBER)
457	COMP_zlib_cleanup();	1✔
458	#endif
459
460	CRYPTO_THREADID_set_callback(NULL);	1✔
461	CRYPTO_set_locking_callback(NULL);	1✔
462
463	#if defined(OPENSSL_THREADS)
464	CRYPTO_thread_cleanup();	1✔
465	#endif
466
467	CONF_modules_free();	1✔
468
469	#endif /* (OPENSSL_VERSION_NUMBER < 0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER) */
470
471	#ifndef OPENSSL_NO_CRYPTO_MDEBUG
472	#if !(defined(OPENSSL_NO_STDIO) \|\| defined(OPENSSL_NO_FP_API))
473	#if defined(LIBRESSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10101000L
474	CRYPTO_mem_leaks_fp(stderr);	1✔
475	#else
476	if (CRYPTO_mem_leaks_fp(stderr) != 1) {
477	fprintf(stderr,
478	"Please report a bug on https://github.com/zhaozg/lua-openssl."
479	"And if can, please provide a reproduce method and minimal code.\n"
480	"\n\tThank You.");
481	}
482	#endif
483	#endif /* OPENSSL_NO_STDIO or OPENSSL_NO_FP_API */
484	#endif /* OPENSSL_NO_CRYPTO_MDEBUG */
485	#else
486
487
488	#endif
489	}
490
491	static void
492	openssl_initialize()	1✔
493	{
494	#if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L
495	if (atomic_fetch_add_explicit(&_guard, 1, memory_order_relaxed) > 0) return;	1✔
496	#else
497	if (++_guard > 0) return;
498	#endif
499
500
501	#if (OPENSSL_VERSION_NUMBER < 0x30000000L \|\| defined(LIBRESSL_VERSION_NUMBER))
502	atexit(openssl_finalize);	1✔
503
504	CRYPTO_thread_setup();	1✔
505
506	#if (OPENSSL_VERSION_NUMBER < 0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER))
507	OpenSSL_add_all_ciphers();	1✔
508	OpenSSL_add_all_digests();	1✔
509	SSL_library_init();	1✔
510
511	ERR_load_crypto_strings();	1✔
512	#endif
513
514	ERR_load_ERR_strings();	1✔
515	ERR_load_EVP_strings();	1✔
516
517	ERR_load_SSL_strings();	1✔
518	ERR_load_BN_strings();	1✔
519	#ifndef OPENSSL_NO_CMS
520	ERR_load_CMS_strings();	1✔
521	#endif
522
523	#if (OPENSSL_VERSION_NUMBER < 0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER))
524	#ifndef OPENSSL_NO_ENGINE
525	ENGINE_load_openssl();	1✔
526	#endif
527	#endif
528
529	ENGINE_load_builtin_engines();	1✔
530
531	RAND_seed(LOPENSSL_VERSION LUA_VERSION OPENSSL_VERSION_TEXT,	1✔
532	sizeof(LOPENSSL_VERSION LUA_VERSION OPENSSL_VERSION_TEXT));
533	#else
534	OPENSSL_init_ssl(OPENSSL_INIT_ENGINE_ALL_BUILTIN \|
535	OPENSSL_INIT_ENGINE_OPENSSL \|
536	OPENSSL_INIT_LOAD_CRYPTO_STRINGS \|
537	OPENSSL_INIT_LOAD_SSL_STRINGS \|
538	OPENSSL_INIT_ADD_ALL_CIPHERS \|
539	OPENSSL_INIT_ADD_ALL_DIGESTS,
540	NULL);
541	#endif
542
543	#ifdef LOAD_ENGINE_CUSTOM
544	LOAD_ENGINE_CUSTOM
545	#endif
546	}
547
548	#ifndef LUA_RIDX_MAINTHREAD
549	#define LUA_RIDX_MAINTHREAD 1
550	#endif
551	lua_State openssl_mainthread(lua_State L)	22✔
552	{
553	lua_rawgeti(L, LUA_REGISTRYINDEX, LUA_RIDX_MAINTHREAD);	22✔
554	lua_State *mainL = lua_tothread(L, -1);	22✔
555	lua_pop(L, 1);	22✔
556	return mainL ? mainL : L;	22✔
557	}
558
559	LUALIB_API int
560	luaopen_openssl(lua_State *L)	1✔
561	{
562	openssl_initialize();	1✔
563
564	lua_newtable(L);	1✔
565
566	luaL_setfuncs(L, eay_functions, 0);	1✔
567
568	#if !defined(LIBRESSL_VERSION_NUMBER) \|\| LIBRESSL_VERSION_NUMBER < 0x30900000L
569	/* NOTE: refact lhash/conf module */
570	openssl_register_lhash(L);	1✔
571	#endif
572
573	#ifndef OPENSSL_NO_ENGINE
574	openssl_register_engine(L);	1✔
575	#endif
576
577	luaopen_bio(L);	1✔
578	lua_setfield(L, -2, "bio");	1✔
579
580	luaopen_asn1(L);	1✔
581	lua_setfield(L, -2, "asn1");	1✔
582
583	luaopen_digest(L);	1✔
584	lua_setfield(L, -2, "digest");	1✔
585
586	luaopen_cipher(L);	1✔
587	lua_setfield(L, -2, "cipher");	1✔
588
589	luaopen_hmac(L);	1✔
590	lua_setfield(L, -2, "hmac");	1✔
591
592	#if (OPENSSL_VERSION_NUMBER >= 0x30000000L) && !defined(LIBRESSL_VERSION_NUMBER)
593	luaopen_mac(L);
594	lua_setfield(L, -2, "mac");
595	luaopen_param(L);
596	lua_setfield(L, -2, "param");
597	luaopen_provider(L);
598	lua_setfield(L, -2, "provider");
599	#endif
600	luaopen_kdf(L);	1✔
601	lua_setfield(L, -2, "kdf");	1✔
602
603	luaopen_pkey(L);	1✔
604	lua_setfield(L, -2, "pkey");	1✔
605
606	#ifdef EVP_PKEY_EC
607	luaopen_ec(L);	1✔
608	lua_setfield(L, -2, "ec");	1✔
609	#endif
610
611	luaopen_x509(L);	1✔
612	lua_setfield(L, -2, "x509");	1✔
613
614	luaopen_pkcs7(L);	1✔
615	lua_setfield(L, -2, "pkcs7");	1✔
616
617	luaopen_pkcs12(L);	1✔
618	lua_setfield(L, -2, "pkcs12");	1✔
619
620	luaopen_ocsp(L);	1✔
621	lua_setfield(L, -2, "ocsp");	1✔
622
623	#ifdef OPENSSL_HAVE_TS
624	/* timestamp handling */
625	luaopen_ts(L);	1✔
626	lua_setfield(L, -2, "ts");	1✔
627	#endif
628
629	luaopen_cms(L);	1✔
630	lua_setfield(L, -2, "cms");	1✔
631
632	luaopen_ssl(L);	1✔
633	lua_setfield(L, -2, "ssl");	1✔
634
635	/* third part */
636	luaopen_bn(L);	1✔
637	lua_setfield(L, -2, "bn");	1✔
638
639	luaopen_rsa(L);	1✔
640	lua_setfield(L, -2, "rsa");	1✔
641	luaopen_dsa(L);	1✔
642	lua_setfield(L, -2, "dsa");	1✔
643	luaopen_dh(L);	1✔
644	lua_setfield(L, -2, "dh");	1✔
645
646	#ifndef OPENSSL_NO_SRP
647	luaopen_srp(L);	1✔
648	lua_setfield(L, -2, "srp");	1✔
649	#endif
650
651	#ifdef ENABLE_OPENSSL_GLOBAL
652	lua_pushvalue(L, -1);
653	lua_setglobal(L, "openssl");
654	#endif
655
656	return 1;	1✔
657	}

zhaozg / lua-openssl / 21310072613

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous