feat(param) add new function to use OSSL_PARAM

Author: fffonion

lib/resty/openssl/include/param.lua

@@ -0,0 +1,93 @@
+local ffi = require "ffi"
+local C = ffi.C
+local ffi_new = ffi.new
+local ffi_str = ffi.string
+
+require "resty.openssl.include.ossl_typ"
+
+ffi.cdef [[
+  typedef struct ossl_param_st {
+    const char *key;             /* the name of the parameter */
+    unsigned int data_type;      /* declare what kind of content is in buffer */
+    void *data;                  /* value being passed in or out */
+    size_t data_size;            /* data size */
+    size_t return_size;          /* returned content size */
+  } OSSL_PARAM;
+
+  OSSL_PARAM OSSL_PARAM_construct_int(const char *key, int *buf);
+  OSSL_PARAM OSSL_PARAM_construct_BN(const char *key, unsigned char *buf,
+                                    size_t bsize);
+  OSSL_PARAM OSSL_PARAM_construct_utf8_string(const char *key, char *buf,
+                                              size_t bsize);
+  OSSL_PARAM OSSL_PARAM_construct_octet_string(const char *key, void *buf,
+                                                size_t bsize);
+  OSSL_PARAM OSSL_PARAM_construct_utf8_ptr(const char *key, char **buf,
+                                            size_t bsize);
+  OSSL_PARAM OSSL_PARAM_construct_octet_ptr(const char *key, void **buf,
+                                            size_t bsize);
+  OSSL_PARAM OSSL_PARAM_construct_end(void);
+]]
+
+local _M = {
+  OSSL_PARAM_INTEGER = 1,
+  OSSL_PARAM_UNSIGNED_INTEGER = 2,
+  OSSL_PARAM_REAL = 3,
+  OSSL_PARAM_UTF8_STRING = 4,
+  OSSL_PARAM_OCTET_STRING = 5,
+  OSSL_PARAM_UTF8_PTR = 6,
+  OSSL_PARAM_OCTET_PTR = 7,
+}
+
+function _M.construct(buf_t, length, types_map)
+  local params = ffi_new("OSSL_PARAM[?]", length + 1)
+
+  local i = 0
+  for key, value in pairs(buf_t) do
+    local typ = types_map[key]
+    if not typ then
+      return nil, "param:construct: unknown key type \"" .. key .. "\""
+    end
+    local param
+    if typ == _M.OSSL_PARAM_UTF8_PTR then -- out
+      local buf = ffi_new("char*[1]")
+      buf_t[key] = buf
+      param = C.OSSL_PARAM_construct_utf8_ptr(key, buf, 0)
+    elseif typ == _M.OSSL_PARAM_INTEGER then -- out (and in?)
+      local buf = ffi_new("int[1]")
+      buf_t[key] = buf
+      param = C.OSSL_PARAM_construct_int(key, buf)
+    elseif typ == _M.OSSL_PARAM_UTF8_STRING then -- in
+      local buf = ffi.cast("char *", buf_t[key])
+      param = C.OSSL_PARAM_construct_utf8_string(key, buf, #buf_t[key])
+    else
+      error("type " .. typ .. " is not yet implemented")
+    end
+    params[i] = param
+    i = i + 1
+  end
+
+  params[length] = C.OSSL_PARAM_construct_end()
+
+  return params
+end
+
+function _M.parse(buf_t, length, types_map)
+  for key, buf in pairs(buf_t) do
+    local typ = types_map[key]
+    if not typ then
+      return nil, "param:parse: unknown key type \"" .. key .. "\""
+    end
+    if typ == _M.OSSL_PARAM_UTF8_PTR then
+      buf_t[key] = ffi_str(buf[0])
+    elseif typ == _M.OSSL_PARAM_INTEGER then
+      buf_t[key] = tonumber(buf[0])
+    else
+      error("type " .. typ .. " is not yet implemented")
+    end
+    -- crypto_macro.OPENSSL_free(req[i-1].data)
+  end
+
+  return buf_t
+end
+
+return _M

lib/resty/openssl/include/provider.lua

@@ -1,19 +1,12 @@
 local ffi = require "ffi"
 
 require "resty.openssl.include.ossl_typ"
+require "resty.openssl.include.param"
 
 ffi.cdef [[
   typedef struct ossl_provider_st OSSL_PROVIDER;
   typedef struct ossl_lib_ctx_st OSSL_LIB_CTX;
 
-  typedef struct ossl_param_st {
-    const char *key;             /* the name of the parameter */
-    unsigned int data_type;      /* declare what kind of content is in buffer */
-    void *data;                  /* value being passed in or out */
-    size_t data_size;            /* data size */
-    size_t return_size;          /* returned content size */
-  } OSSL_PARAM;
-
   void OSSL_PROVIDER_set_default_search_path(OSSL_LIB_CTX *libctx,
                                              const char *path);
 
@@ -29,29 +22,6 @@ ffi.cdef [[
   // int OSSL_PROVIDER_add_builtin(OSSL_LIB_CTX *libctx, const char *name,
   //                              ossl_provider_init_fn *init_fn);
 
-  const char *OSSL_PROVIDER_name(const OSSL_PROVIDER *prov);
+  const char *OSSL_PROVIDER_get0_name(const OSSL_PROVIDER *prov);
   int OSSL_PROVIDER_self_test(const OSSL_PROVIDER *prov);
-
-  OSSL_PARAM OSSL_PARAM_construct_int(const char *key, int *buf);
-  OSSL_PARAM OSSL_PARAM_construct_BN(const char *key, unsigned char *buf,
-                                    size_t bsize);
-  OSSL_PARAM OSSL_PARAM_construct_utf8_string(const char *key, char *buf,
-                                              size_t bsize);
-  OSSL_PARAM OSSL_PARAM_construct_octet_string(const char *key, void *buf,
-                                                size_t bsize);
-  OSSL_PARAM OSSL_PARAM_construct_utf8_ptr(const char *key, char **buf,
-                                            size_t bsize);
-  OSSL_PARAM OSSL_PARAM_construct_octet_ptr(const char *key, void **buf,
-                                            size_t bsize);
-  OSSL_PARAM OSSL_PARAM_construct_end(void);
 ]]
-
-return {
-  OSSL_PARAM_INTEGER = 1,
-  OSSL_PARAM_UNSIGNED_INTEGER = 2,
-  OSSL_PARAM_REAL = 3,
-  OSSL_PARAM_UTF8_STRING = 4,
-  OSSL_PARAM_OCTET_STRING = 5,
-  OSSL_PARAM_UTF8_PTR = 6,
-  OSSL_PARAM_OCTET_PTR = 7,
-}

lib/resty/openssl/provider.lua

@@ -1,9 +1,9 @@
 local ffi = require "ffi"
 local C = ffi.C
-local ffi_new = ffi.new
 local ffi_str = ffi.string
 
-local provider_macro = require "resty.openssl.include.provider"
+require "resty.openssl.include.provider"
+local param_macro = require "resty.openssl.include.param"
 local OPENSSL_30 = require("resty.openssl.version").OPENSSL_30
 local format_error = require("resty.openssl.err").format_error
 
@@ -14,7 +14,7 @@ end
 local _M = {}
 local mt = {__index = _M}
 
-local ossl_lib_ctx_st = ffi.typeof('OSSL_LIB_CTX*')
+local ossl_provider_ctx_ct = ffi.typeof('OSSL_PROVIDER*')
 
 function _M.load(name, try)
   local ctx
@@ -37,18 +37,15 @@ function _M.load(name, try)
 end
 
 function _M.set_default_search_path(path)
-  if C.OSSL_PROVIDER_set_default_search_path(nil, path) ~= 1 then
-    return false, format_error("provider.set_default_search_path")
-  end
-  return true
+  C.OSSL_PROVIDER_set_default_search_path(nil, path)
 end
 
 function _M.is_available(name)
   return C.OSSL_PROVIDER_available(nil, name) == 1
 end
 
 function _M.istype(l)
-  return l and l.ctx and ffi.istype(ossl_lib_ctx_st, l.ctx)
+  return l and l.ctx and ffi.istype(ossl_provider_ctx_ct, l.ctx)
 end
 
 function _M:unload()
@@ -67,16 +64,16 @@ end
 
 local params_well_known = {
   -- Well known parameter names that core passes to providers
-  ["openssl-version"] = provider_macro.OSSL_PARAM_UTF8_PTR,
-  ["provider-name"]   = provider_macro.OSSL_PARAM_UTF8_PTR,
-  ["module-filename"] = provider_macro.OSSL_PARAM_UTF8_PTR,
+  ["openssl-version"] = param_macro.OSSL_PARAM_UTF8_PTR,
+  ["provider-name"]   = param_macro.OSSL_PARAM_UTF8_PTR,
+  ["module-filename"] = param_macro.OSSL_PARAM_UTF8_PTR,
 
   -- Well known parameter names that Providers can define
-  ["name"]                = provider_macro.OSSL_PARAM_UTF8_PTR,
-  ["version"]             = provider_macro.OSSL_PARAM_UTF8_PTR,
-  ["buildinfo"]           = provider_macro.OSSL_PARAM_UTF8_PTR,
-  ["status"]              = provider_macro.OSSL_PARAM_INTEGER,
-  ["security-checks"]     = provider_macro.OSSL_PARAM_INTEGER,
+  ["name"]                = param_macro.OSSL_PARAM_UTF8_PTR,
+  ["version"]             = param_macro.OSSL_PARAM_UTF8_PTR,
+  ["buildinfo"]           = param_macro.OSSL_PARAM_UTF8_PTR,
+  ["status"]              = param_macro.OSSL_PARAM_INTEGER,
+  ["security-checks"]     = param_macro.OSSL_PARAM_INTEGER,
 }
 
 local function load_gettable_names(ctx)
@@ -116,46 +113,22 @@ function _M:get_params(...)
     self.param_types = param_types
   end
 
-  local req = ffi_new("OSSL_PARAM[?]", key_length + 1)
-
   local buffers = {}
-  for i, key in ipairs(keys) do
-    local typ = self.param_types[key]
-    if not typ then
-      return nil, "provider:get_params: unknown key \"" .. key .. "\""
-    end
-    local param
-    if typ == provider_macro.OSSL_PARAM_UTF8_PTR then
-      local buf = ffi_new("char*[1]")
-      buffers[i] = buf
-      param = C.OSSL_PARAM_construct_utf8_ptr(key, buf, 0)
-    elseif typ == provider_macro.OSSL_PARAM_INTEGER then
-      local buf = ffi_new("int[1]")
-      buffers[i] = buf
-      param = C.OSSL_PARAM_construct_int(key, buf)
-    else
-      return nil, "provider:get_params: not yet supported type \"" .. typ .. "\" for \"" .. key .. "\""
-    end
-    req[i-1] = param
+  for _, key in ipairs(keys) do
+    buffers[key] = ngx.null
+  end
+  local req, err = param_macro.construct(buffers, key_length, self.param_types)
+  if not req then
+    return nil, "provider:get_params: failed to construct params: " .. err
   end
-
-  req[key_length] = C.OSSL_PARAM_construct_end()
 
   if C.OSSL_PROVIDER_get_params(self.ctx, req) ~= 1 then
     return nil, format_error("provider:get_params")
   end
 
-  for i=0, key_length do
-    local buf = buffers[i]
-    local key = keys[i]
-    local typ = self.param_types[key]
-    if typ == provider_macro.OSSL_PARAM_UTF8_PTR then
-      buffers[key] = ffi_str(buf[0])
-    elseif typ == provider_macro.OSSL_PARAM_INTEGER then
-      buffers[key] = tonumber(buf[0])
-    end
-    buffers[i] = nil
-    -- crypto_macro.OPENSSL_free(req[i-1].data)
+  buffers, err = param_macro.parse(buffers, key_length, self.param_types)
+  if err then
+    return nil, "provider:get_params: failed to parse params: " .. err
   end
 
   if key_length == 1 then