Skip to content
Permalink
Browse files

fix(*) normalize error handling

  • Loading branch information...
fffonion committed Oct 24, 2019
1 parent b6ea5b9 commit ff18d54d2b4402de3bc02731f99c32a9953f8784
Showing with 22 additions and 11 deletions.
  1. +11 −2 lib/resty/openssl/digest.lua
  2. +4 −2 lib/resty/openssl/pkey.lua
  3. +6 −6 lib/resty/openssl/x509/init.lua
  4. +1 −1 lib/resty/openssl/x509/name.lua
@@ -48,20 +48,29 @@ end

function _M:update(...)
for _, s in ipairs({...}) do
C.EVP_DigestUpdate(self.ctx, s, #s)
if C.EVP_DigestUpdate(self.ctx, s, #s) ~= 1 then
return format_error("digest:update")
end
end
return nil
end

local uint_ptr = ffi.typeof("unsigned int[1]")

function _M:final(s)
if s then
C.EVP_DigestUpdate(self.ctx, s, #s)
if C.EVP_DigestUpdate(self.ctx, s, #s) ~= 1 then
return nil, format_error("digest:final")
end
end
-- # define EVP_MAX_MD_SIZE 64/* longest known is SHA512 */
local buf = ffi_new('unsigned char[?]', 64)
local length = uint_ptr()
-- no return value of EVP_DigestFinal_ex
C.EVP_DigestFinal_ex(self.ctx, buf, length)
if length[0] == nil or length[0] <= 0 then
return nil, format_error("digest:final: EVP_DigestFinal_ex")
end
return ffi_str(buf, length[0])
end

@@ -316,7 +316,9 @@ function _M:sign(digest)
end
local buf = ffi_new('unsigned char[?]', self.key_size)
local length = uint_ptr()
local code = C.EVP_SignFinal(digest.ctx, buf, length, self.ctx)
if C.EVP_SignFinal(digest.ctx, buf, length, self.ctx) ~= 1 then
return nil, format_error("pkey:sign")
end
return ffi_str(buf, length[0]), nil
end

@@ -330,7 +332,7 @@ function _M:verify(signature, digest)
elseif code == 1 then
return true, nil
end
return false, "EVP_VerifyFinal() failed"
return false, format_error("pkey:verify")
end

function _M:to_PEM(pub_or_priv)
@@ -165,7 +165,7 @@ function _M.new(cert)
-- routine for load an existing cert
local bio = C.BIO_new_mem_buf(cert, #cert)
if bio == nil then
return nil, format_error("x509.new:BIO_new_mem_buf")
return nil, format_error("x509.new: BIO_new_mem_buf")
end

ctx = C.PEM_read_bio_X509(bio, nil, nil, nil)
@@ -235,7 +235,7 @@ local attributes = {
from = function(bn_ctx)
local ctx = C.BN_to_ASN1_INTEGER(bn_ctx, nil)
if ctx == nil then
return nil, format_error("x509:set:BN_to_ASN1_INTEGER")
return nil, format_error("x509:set: BN_to_ASN1_INTEGER")
end
-- "A copy of the serial number is used internally
-- so serial should be freed up after use.""
@@ -375,7 +375,7 @@ function _M:set_basic_constraints(cfg)
local code = C.X509_add1_ext_i2d(self.ctx, 87, bc, 0, 0x2)
C.BASIC_CONSTRAINTS_free(bc)
if code ~= 1 then
return false, format_error("x509:set_basic_constraints:X509_add1_ext_i2d", code)
return false, format_error("x509:set_basic_constraints: X509_add1_ext_i2d", code)
end

return true
@@ -387,16 +387,16 @@ function _M:set_basic_constraints_critical(crit)
-- obj_mac.h: #define NID_basic_constraints 87
local loc = C.X509_get_ext_by_NID(self.ctx, 87, -1)
if loc == -1 then
return false, format_error("x509:set_basic_constraints_critical:X509_get_ext_by_NID")
return false, format_error("x509:set_basic_constraints_critical: X509_get_ext_by_NID")
end

local ext = C.X509_get_ext(self.ctx, loc)
if ext == nil then
return false, format_error("x509:set_basic_constraints_critical:X509_get_ext")
return false, format_error("x509:set_basic_constraints_critical: X509_get_ext")
end

if C.X509_EXTENSION_set_critical(ext, crit and 1 or 0) ~= 1 then
return false, format_error("x509:set_basic_constraints_critical:X509_EXTENSION_set_critical")
return false, format_error("x509:set_basic_constraints_critical: X509_EXTENSION_set_critical")
end

return true
@@ -28,7 +28,7 @@ local mt = { __index = _M, __tostring = tostring }

local x509_name_ptr_ct = ffi.typeof("X509_NAME*")

function _M.new(name)
function _M.new()
local ctx = C.X509_NAME_new()
if ctx == nil then
return nil, "X509_NAME_new() failed"

0 comments on commit ff18d54

Please sign in to comment.
You can’t perform that action at this time.