Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
L
libvmod-crypto
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
uplex-varnish
libvmod-crypto
Commits
517be163
Unverified
Commit
517be163
authored
Jun 13, 2023
by
Nils Goroll
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Use $Restrict
parent
fc9291af
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
29 additions
and
13 deletions
+29
-13
vmod_crypto.c
src/vmod_crypto.c
+5
-13
vmod_crypto.rst
src/vmod_crypto.rst
+16
-0
vmod_crypto.vcc
src/vmod_crypto.vcc
+8
-0
No files found.
src/vmod_crypto.c
View file @
517be163
...
...
@@ -227,23 +227,17 @@ vmod_key__fini(struct VPFX(crypto_key) **kp)
*
kp
=
NULL
;
}
static
int
static
void
key_ctx_ok
(
VRT_CTX
)
{
CHECK_OBJ_NOTNULL
(
ctx
,
VRT_CTX_MAGIC
);
if
(
ctx
->
method
==
VCL_MET_INIT
)
return
(
1
);
VRT_fail
(
ctx
,
"key methods can only be used in vcl_init {}"
);
return
(
0
);
assert
(
ctx
->
method
==
VCL_MET_INIT
);
}
VCL_BLOB
vmod_key_use
(
VRT_CTX
,
struct
VPFX
(
crypto_key
)
*
k
)
{
if
(
!
key_ctx_ok
(
ctx
))
return
(
NULL
);
key_ctx_ok
(
ctx
);
CHECK_OBJ_NOTNULL
(
k
,
VMOD_CRYPTO_KEY_MAGIC
);
return
(
VRT_blob
(
ctx
,
"xkey.use()"
,
k
,
sizeof
*
k
,
CRYPTO_KEY_BLOB
));
...
...
@@ -339,8 +333,7 @@ privkey_pem(VRT_CTX, VCL_STRING pem, VCL_STRING password)
static
struct
VPFX
(
crypto_key
)
*
crypto_key_ok
(
VRT_CTX
,
VCL_STRING
name
,
struct
VPFX
(
crypto_key
)
*
k
)
{
if
(
!
key_ctx_ok
(
ctx
))
return
(
NULL
);
key_ctx_ok
(
ctx
);
CHECK_OBJ_NOTNULL
(
k
,
VMOD_CRYPTO_KEY_MAGIC
);
...
...
@@ -381,8 +374,7 @@ vmod_key_rsa(VRT_CTX, struct VPFX(crypto_key) *k, struct VARGS(key_rsa) *args) {
EVP_PKEY
*
pkey
;
RSA
*
rsa
;
if
(
!
key_ctx_ok
(
ctx
))
return
;
key_ctx_ok
(
ctx
);
CHECK_OBJ_NOTNULL
(
k
,
VMOD_CRYPTO_KEY_MAGIC
);
...
...
src/vmod_crypto.rst
View file @
517be163
...
...
@@ -95,6 +95,10 @@ BLOB xkey.use()
Wrap the key in a blob to be passed to `crypto.verifier()`_
Restricted to: ``vcl_init``.
.. _xkey.pem_pubkey():
VOID xkey.pem_pubkey(STRING)
...
...
@@ -108,6 +112,10 @@ comprise RSA and DSA.
Any error is fatal to vcl initialization.
Restricted to: ``vcl_init``.
.. _xkey.pem_privkey():
VOID xkey.pem_privkey(STRING, STRING password=0)
...
...
@@ -122,6 +130,10 @@ comprise RSA and DSA.
Any error is fatal to vcl initialization.
Restricted to: ``vcl_init``.
.. _xkey.rsa():
VOID xkey.rsa(BLOB n, BLOB e, [BLOB d])
...
...
@@ -131,6 +143,10 @@ Create an RSA key from the parameters n, e, and optionally d.
Any error is fatal to vcl initialization.
Restricted to: ``vcl_init``.
.. _crypto.verifier():
new xverifier = crypto.verifier(ENUM digest, [STRING pem], [BLOB key])
...
...
src/vmod_crypto.vcc
View file @
517be163
...
...
@@ -48,6 +48,8 @@ $Method BLOB .use()
Wrap the key in a blob to be passed to `crypto.verifier()`_
$Restrict vcl_init
$Method VOID .pem_pubkey(STRING)
Create a key from the PEM-encoded public key.
...
...
@@ -58,6 +60,8 @@ comprise RSA and DSA.
Any error is fatal to vcl initialization.
$Restrict vcl_init
$Method VOID .pem_privkey(STRING, STRING password=0)
Create a key from the PEM-encoded private key, optionally decrypting
...
...
@@ -69,12 +73,16 @@ comprise RSA and DSA.
Any error is fatal to vcl initialization.
$Restrict vcl_init
$Method VOID .rsa(BLOB n, BLOB e, [BLOB d])
Create an RSA key from the parameters n, e, and optionally d.
Any error is fatal to vcl initialization.
$Restrict vcl_init
$Object verifier(ENUM {md_null, md4, md5, sha1, sha224,
sha256, sha384, sha512, ripemd160, rmd160, whirlpool} digest,
[STRING pem], [BLOB key])
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment