Skip to content

Commit 0544dda

Browse files
daurnimatordaurnimator
committed
src/openssl.c: Add support for generating other key types via EVP_PKEY_keygen
1 parent c5bf3d5 commit 0544dda

File tree

1 file changed

+33
-3
lines changed

1 file changed

+33
-3
lines changed

src/openssl.c

Lines changed: 33 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -235,6 +235,10 @@
235235
#define HAVE_EVP_PKEY_ID (OPENSSL_PREREQ(1,0,0) || LIBRESSL_PREREQ(2,0,0))
236236
#endif
237237

238+
#ifndef HAVE_EVP_PKEY_KEYGEN
239+
#define HAVE_EVP_PKEY_KEYGEN (OPENSSL_PREREQ(1,0,0) || LIBRESSL_PREREQ(2,0,0))
240+
#endif
241+
238242
#ifndef HAVE_HMAC_CTX_FREE
239243
#define HAVE_HMAC_CTX_FREE (OPENSSL_PREREQ(1,1,0) || LIBRESSL_PREREQ(2,7,0))
240244
#endif
@@ -3586,13 +3590,13 @@ static int pk_new(lua_State *L) {
35863590

35873591
ud = prepsimple(L, PKEY_CLASS);
35883592

3589-
if (!(*ud = EVP_PKEY_new()))
3590-
return auxL_error(L, auxL_EOPENSSL, "pkey.new");
3591-
35923593
switch (type) {
35933594
case EVP_PKEY_RSA: {
35943595
RSA *rsa;
35953596

3597+
if (!(*ud = EVP_PKEY_new()))
3598+
return auxL_error(L, auxL_EOPENSSL, "pkey.new");
3599+
35963600
if (!(rsa = RSA_new()))
35973601
return auxL_error(L, auxL_EOPENSSL, "pkey.new");
35983602

@@ -3610,6 +3614,9 @@ static int pk_new(lua_State *L) {
36103614
case EVP_PKEY_DSA: {
36113615
DSA *dsa;
36123616

3617+
if (!(*ud = EVP_PKEY_new()))
3618+
return auxL_error(L, auxL_EOPENSSL, "pkey.new");
3619+
36133620
if (!(dsa = DSA_new()))
36143621
return auxL_error(L, auxL_EOPENSSL, "pkey.new");
36153622

@@ -3632,6 +3639,9 @@ static int pk_new(lua_State *L) {
36323639
case EVP_PKEY_DH: {
36333640
DH *dh;
36343641

3642+
if (!(*ud = EVP_PKEY_new()))
3643+
return auxL_error(L, auxL_EOPENSSL, "pkey.new");
3644+
36353645
/* DH Parameter Generation can take a long time, therefore we look
36363646
* at the "dhparam" field, provided by the user.
36373647
* The "dhparam" field takes precedence over "bits"
@@ -3702,7 +3712,27 @@ static int pk_new(lua_State *L) {
37023712
}
37033713
#endif
37043714
default:
3715+
#if HAVE_EVP_PKEY_KEYGEN
3716+
{
3717+
EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_id(type, NULL);
3718+
if (!ctx)
3719+
return auxL_error(L, auxL_EOPENSSL, "pkey.new");
3720+
3721+
if (EVP_PKEY_keygen_init(ctx) <= 0) {
3722+
EVP_PKEY_CTX_free(ctx);
3723+
return auxL_error(L, auxL_EOPENSSL, "pkey.new");
3724+
}
3725+
3726+
if (EVP_PKEY_keygen(ctx, ud) != 1) {
3727+
EVP_PKEY_CTX_free(ctx);
3728+
return auxL_error(L, auxL_EOPENSSL, "pkey.new");
3729+
}
3730+
3731+
break;
3732+
}
3733+
#else
37053734
return luaL_error(L, "%d: unsupported EVP_PKEY base type", EVP_PKEY_type(type));
3735+
#endif
37063736
} /* switch() */
37073737
} else if (lua_isstring(L, 1)) {
37083738
int type = optencoding(L, 2, "*", X509_ANY|X509_PEM|X509_DER);

0 commit comments

Comments
 (0)