support for encrypted PEM keys

[kunkku]

No description provided.

[kunkku]

Please let me know if further changes are required to this patch set.

[daurnimator]

A couple of technical issues spotted; I still need to do a more thorough review.

[daurnimator]

This can throw and leak bio (which is why it was previously done before allocating bio)

[ncopa]

I guess there is a typo in the comment. Should be /* pem_pw_cb() */

[daurnimator]

This still needs fixing

[daurnimator]

This gives a warning:

src/openssl.c: In function ‘pk_getPrivateKey’:
src/openssl.c:4132:10: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
   cipher = EVP_get_cipherbyname(cname);
          ^

[daurnimator]

So this PR works, but I've found it very odd to use.

e.g. here is a valid invocation:

pk=require "openssl.pkey"
a=pk.new()
k=a:getPrivateKey("aes-256-cbc", "bar")
b = pk.new(k, "PEM", "private", "bar")

But the following invocations fail (with mostly hard to understand/debug error messages)

Passing "public" rather than "private":

$ lua -e 'pk=require "openssl.pkey";  a=pk.new(); k=a:getPrivateKey("aes-256-cbc", "bar") pk.new(k, "PEM", "public", "bar")'
lua: pkey.new: pem_lib.c:691:error:0906D06C:PEM routines:PEM_read_bio:no start line
stack traceback:
	[C]: in function 'openssl.pkey.new'
	(command line):1: in main chunk
	[C]: in ?

Passing wrong password (this is probably fine):

$ lua -e 'pk=require "openssl.pkey";  a=pk.new(); k=a:getPrivateKey("aes-256-cbc", "bar") pk.new(k, "PEM", "private", "foo")'
lua: pkey.new: evp_enc.c:536:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt
stack traceback:
	[C]: in function 'openssl.pkey.new'
	(command line):1: in main chunk
	[C]: in ?

Passing wrong password and also no public vs private:

$ lua -e 'pk=require "openssl.pkey";  a=pk.new(); k=a:getPrivateKey("aes-256-cbc", "bar") pk.new(k, "PEM", nil, "foo")'
lua: pkey.new: pem_lib.c:691:error:0906D06C:PEM routines:PEM_read_bio:no start line
stack traceback:
	[C]: in function 'openssl.pkey.new'
	(command line):1: in main chunk
	[C]: in ?

Passing wrong password and no "PEM" choice:

$ lua -e 'pk=require "openssl.pkey";  a=pk.new(); k=a:getPrivateKey("aes-256-cbc", "bar") pk.new(k, nil, "private", "foo")'
lua: pkey.new: tasn_dec.c:1129:error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
stack traceback:
	[C]: in function 'openssl.pkey.new'
	(command line):1: in main chunk
	[C]: in ?

Otherwise, I found it troublesome that not passing a cipher would result in no password being used.
Perhaps throw an error if a password is specified and a cipher isn't?

[kunkku]

I was thinking if the API could be something like this:

pk = require "openssl.pkey"
a = pk.new()
k = a:toPEM{type="private", cipher="aes-256-cbc", password="bar"}
b = pk.new(k, {format="PEM", type="private", password="bar"})

This would make the code more readable and there would be no need for a separate getPrivateKey method.

[kunkku]

The new patch set implements passing options via a table as suggested above, avoiding the need for a new getPrivateKey method.

[vinayakhulawale]

@kunkku - Is this patch safe to use ? are there any further changes expected ?

[kunkku]

Honestly, I do not know. I would like to get feedback from the maintainers.

[daurnimator]

This still needs fixing

[daurnimator]

This doesn't keep the stack balanced: if the field is nil then nothing is pushed. If the pcall results in an error then the error will be left on the stack.

[ncopa]

I suppose this should work?

diff --git a/src/openssl.c b/src/openssl.c
index 35183ab..868a6d3 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -4073,9 +4073,14 @@ static BIO *getbio(lua_State *L) {
 static int pem_pw_cb(char *buf, int size, int rwflag, void *u) {
        lua_State *L = (lua_State *) u;
 
-       if (lua_isnil(L, -1) || (lua_isfunction(L, -1) && lua_pcall(L, 0, 1, 0)))
+       if (lua_isnil(L, -1))
                return 0;
 
+       if (lua_isfunction(L, -1) && lua_pcall(L, 0, 1, 0)) {
+               lua_pop(L, 1);
+               return 0;
+       }
+
        const char *pass = lua_tostring(L, -1);
        if (!pass)
                return 0;

[kunkku]

Please check the current implementation. In case of error, the error is replaced by nil to make the callback return directly if called again. The callback does not change the size of the stack on any execution path.

[daurnimator]

This branch only pushes one item vs the other branch's 3

[kunkku]

Now the net amount of pushed items is 1 in both branches.

[daurnimator]

Maybe worth adding a comment of "expects nil/function/string on top of the stack" and "leaves one item on the top of the stack".

"errors from the function are not reported"

[daurnimator]

perhaps it should leave nothing on the stack?

[kunkku]

Requested comments added.

[daurnimator]

if there is no cname on the stack then what will be at top of stack?

[kunkku]

Added an else branch which pushes a nil value. The value will not be used because openssl will not invoke the callback when cipher equals NULL.

[daurnimator]

this could be popping the table itself; or the 3rd argument.

[kunkku]

It is always the 3rd argument because stack size is set to 3 on line 4101. Of course, this can be changed to lua_remove if you prefer it that way.

[daurnimator]

the error message for this will have the wrong index

[kunkku]

What should it be then? This was just moved from line 4321 to process the arguments in ascending order. The purpose was to improve readability.