MeshCentral/MeshAgent
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshAgent synced 2025-12-21 02:33:24 +00:00
Code Issues Releases Wiki Activity

1. Fixed return value of util_from_cer to be consistent with other util methods

Browse Source 
2. Added DER support to tls.loadCertificate
3. Updated sign/verify methods
This commit is contained in:
Bryan Roe
2019-04-03 17:39:22 -07:00
parent 69f76902cd
commit f6ccbce1fb
4 changed files with 186 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
microscript/ILibDuktape_net.c
View File

@@ -82,7 +82,6 @@ int ILibDuktape_TLS_ctx2server = -1;
#define ILibDuktape_SERVER2OPTIONS "\xFF_ServerToOptions"
#define ILibDuktape_SERVER2LISTENOPTIONS "\xFF_ServerToListenOptions"
#define ILibDuktape_TLSSocket2SecureContext "\xFF_TLSSocket2SecureContext"
#define ILibDuktape_TLS_util_cert "\xFF_TLS_util_cert"
extern void ILibAsyncServerSocket_RemoveFromChain(ILibAsyncServerSocket_ServerModule serverModule);
@@ -1611,29 +1610,58 @@ duk_ret_t ILibDuktape_TLS_loadCertificate_getKeyHash(duk_context *ctx)
util_keyhash(cert[0], hash);
return(1);
}
duk_ret_t ILibDuktape_TLS_toDER(duk_context *ctx)
{
duk_push_this(ctx);
struct util_cert *cert = (struct util_cert*)Duktape_GetBufferProperty(ctx, -1, ILibDuktape_TLS_util_cert);
int outLen = i2d_X509(cert->x509, NULL);
if (outLen <= 0)
{
return(ILibDuktape_Error(ctx, "Certificate Error"));
}
char *out = duk_push_fixed_buffer(ctx, outLen);
duk_push_buffer_object(ctx, -1, 0, outLen, DUK_BUFOBJ_NODEJS_BUFFER);
i2d_X509(cert->x509, (unsigned char**)&out);
return(1);
}
duk_ret_t ILibDuktape_TLS_loadCertificate(duk_context *ctx)
{
duk_size_t pfxLen;
duk_size_t pfxLen, derLen;
char *pfx = Duktape_GetBufferPropertyEx(ctx, 0, "pfx", &pfxLen);
char *der = Duktape_GetBufferPropertyEx(ctx, 0, "der", &derLen);
if (der == NULL) { der = Duktape_GetBufferPropertyEx(ctx, 0, "cer", &derLen); }
if (pfx != NULL)
if (pfx != NULL || der != NULL)
{
duk_push_object(ctx);
ILibDuktape_WriteID(ctx, "tls.certificate");
struct util_cert *cert = (struct util_cert*)Duktape_PushBuffer(ctx, sizeof(struct util_cert));
duk_put_prop_string(ctx, -2, ILibDuktape_TLS_util_cert);
if (util_from_p12(pfx, (int)pfxLen, Duktape_GetStringPropertyValue(ctx, 0, "passphrase", NULL), cert) == 0)
if (pfx != NULL)
{
// Failed to load certificate
return(ILibDuktape_Error(ctx, "tls.loadCertificate(): Invalid passphrase"));
if (util_from_p12(pfx, (int)pfxLen, Duktape_GetStringPropertyValue(ctx, 0, "passphrase", NULL), cert) == 0)
{
// Failed to load certificate
return(ILibDuktape_Error(ctx, "tls.loadCertificate(): Invalid passphrase"));
}
}
else if (der != NULL)
{
if (util_from_cer(der, (int)derLen, cert) == 0)
{
// Failed to load certificate
return(ILibDuktape_Error(ctx, "tls.loadCertificate(): Failed to parse Certificate (%s)", ERR_reason_error_string(ERR_get_error())));
}
}
ILibDuktape_CreateFinalizer(ctx, ILibDuktape_TLS_loadCertificate_finalizer);
ILibDuktape_CreateInstanceMethod(ctx, "getKeyHash", ILibDuktape_TLS_loadCertificate_getKeyHash, 0);
ILibDuktape_CreateInstanceMethod(ctx, "toDER", ILibDuktape_TLS_toDER, 0);
return(1);
}
else
{
return(ILibDuktape_Error(ctx, "tls.loadCertificate(): pfx not specified"));
return(ILibDuktape_Error(ctx, "tls.loadCertificate(): No certificate format specified"));
}
}
void ILibDuktape_tls_PUSH(duk_context *ctx, void *chain)