}
/***
- * @function rspamd_cryptobox_signature.load(file)
+ * @function rspamd_cryptobox_signature.load(file, [alg = 'curve25519'])
* Loads signature from raw file
* @param {string} file filename to load
* @return {cryptobox_signature} new signature
gpointer data;
int fd;
struct stat st;
+ enum rspamd_cryptobox_mode alg = RSPAMD_CRYPTOBOX_MODE_25519;
filename = luaL_checkstring (L, 1);
if (filename != NULL) {
lua_pushnil (L);
}
else {
- sig = g_malloc (sizeof (rspamd_fstring_t));
if (fstat (fd, &st) == -1 ||
(data =
mmap (NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0))
lua_pushnil (L);
}
else {
- if (st.st_size == rspamd_cryptobox_signature_bytes (
- RSPAMD_CRYPTOBOX_MODE_25519)) {
+ if (lua_isstring (L, 2)) {
+ const gchar *str = lua_tostring (L, 2);
+
+ if (strcmp (str, "nist") == 0 || strcmp (str, "openssl") == 0) {
+ alg = RSPAMD_CRYPTOBOX_MODE_NIST;
+ }
+ else if (strcmp (str, "curve25519") == 0 || strcmp (str, "default") == 0) {
+ alg = RSPAMD_CRYPTOBOX_MODE_25519;
+ }
+ else {
+ return luaL_error (L, "invalid keypair algorithm: %s", str);
+ }
+ }
+ if (st.st_size > 0) {
sig = rspamd_fstring_new_init (data, st.st_size);
psig = lua_newuserdata (L, sizeof (rspamd_fstring_t *));
rspamd_lua_setclass (L, "rspamd{cryptobox_signature}", -1);
else {
msg_err ("size of %s mismatches: %d while %d is expected",
filename, (int)st.st_size,
- rspamd_cryptobox_signature_bytes (RSPAMD_CRYPTOBOX_MODE_25519));
+ rspamd_cryptobox_signature_bytes (alg));
lua_pushnil (L);
}
}
/***
- * @function rspamd_cryptobox.verify_memory(pk, sig, data)
+ * @function rspamd_cryptobox.verify_memory(pk, sig, data, [alg = 'curve25519'])
* Check memory using specified cryptobox key and signature
* @param {pubkey} pk public key to verify
* @param {sig} signature to check
rspamd_fstring_t *signature;
struct rspamd_lua_text *t;
const gchar *data;
+ enum rspamd_cryptobox_mode alg = RSPAMD_CRYPTOBOX_MODE_25519;
gsize len;
gint ret;
data = luaL_checklstring (L, 3, &len);
}
+ if (lua_isstring (L, 4)) {
+ const gchar *str = lua_tostring (L, 4);
+
+ if (strcmp (str, "nist") == 0 || strcmp (str, "openssl") == 0) {
+ alg = RSPAMD_CRYPTOBOX_MODE_NIST;
+ }
+ else if (strcmp (str, "curve25519") == 0 || strcmp (str, "default") == 0) {
+ alg = RSPAMD_CRYPTOBOX_MODE_25519;
+ }
+ else {
+ return luaL_error (L, "invalid algorithm: %s", str);
+ }
+ }
+
if (pk != NULL && signature != NULL && data != NULL) {
- ret = rspamd_cryptobox_verify (signature->str, data, len,
- rspamd_pubkey_get_pk (pk, NULL), RSPAMD_CRYPTOBOX_MODE_25519);
+ ret = rspamd_cryptobox_verify (signature->str, signature->len, data, len,
+ rspamd_pubkey_get_pk (pk, NULL), alg);
if (ret) {
lua_pushboolean (L, 1);
}
/***
- * @function rspamd_cryptobox.verify_file(pk, sig, file)
+ * @function rspamd_cryptobox.verify_file(pk, sig, file, [alg = 'curve25519'])
* Check file using specified cryptobox key and signature
* @param {pubkey} pk public key to verify
* @param {sig} signature to check
struct rspamd_cryptobox_pubkey *pk;
rspamd_fstring_t *signature;
guchar *map = NULL;
+ enum rspamd_cryptobox_mode alg = RSPAMD_CRYPTOBOX_MODE_25519;
gsize len;
gint ret;
signature = lua_check_cryptobox_sign (L, 2);
fname = luaL_checkstring (L, 3);
+ if (lua_isstring (L, 4)) {
+ const gchar *str = lua_tostring (L, 4);
+
+ if (strcmp (str, "nist") == 0 || strcmp (str, "openssl") == 0) {
+ alg = RSPAMD_CRYPTOBOX_MODE_NIST;
+ }
+ else if (strcmp (str, "curve25519") == 0 || strcmp (str, "default") == 0) {
+ alg = RSPAMD_CRYPTOBOX_MODE_25519;
+ }
+ else {
+ return luaL_error (L, "invalid algorithm: %s", str);
+ }
+ }
+
map = rspamd_file_xmap (fname, PROT_READ, &len, TRUE);
if (map != NULL && pk != NULL && signature != NULL) {
- ret = rspamd_cryptobox_verify (signature->str, map, len,
- rspamd_pubkey_get_pk (pk, NULL), RSPAMD_CRYPTOBOX_MODE_25519);
+ ret = rspamd_cryptobox_verify (signature->str, signature->len,
+ map, len,
+ rspamd_pubkey_get_pk (pk, NULL), alg);
if (ret) {
lua_pushboolean (L, 1);
projects / rspamd.git / commitdiff