Merge 0.10->trunk

[prosody.git] / util / x509.lua

diff --git a/util/x509.lua b/util/x509.lua
index 857f02a409087e3dc8716ca2e4c8ba6f91ae9d82..f228b20130316e21e76f96b4e44d62dc9d2c0ebc 100644 (file)
--- a/util/x509.lua
+++ b/util/x509.lua
@@ -20,13 +20,11 @@
 
 local nameprep = require "util.encodings".stringprep.nameprep;
 local idna_to_ascii = require "util.encodings".idna.to_ascii;
+local base64 = require "util.encodings".base64;
 local log = require "util.logger".init("x509");
-local pairs, ipairs = pairs, ipairs;
 local s_format = string.format;
-local t_insert = table.insert;
-local t_concat = table.concat;
 
-module "x509"
+local _ENV = nil;
 
 local oid_commonname = "2.5.4.3"; -- [LDAP] 2.3
 local oid_subjectaltname = "2.5.29.17"; -- [PKIX] 4.2.1.6
@@ -149,7 +147,10 @@ local function compare_srvname(host, service, asserted_names)
        return false
 end
 
-function verify_identity(host, service, cert)
+local function verify_identity(host, service, cert)
+       if cert.setencode then
+               cert:setencode("utf8");
+       end
        local ext = cert:extensions()
        if ext[oid_subjectaltname] then
                local sans = ext[oid_subjectaltname];
@@ -214,4 +215,27 @@ function verify_identity(host, service, cert)
        return false
 end
 
-return _M;
+local pat = "%-%-%-%-%-BEGIN ([A-Z ]+)%-%-%-%-%-\r?\n"..
+"([0-9A-Za-z+/=\r\n]*)\r?\n%-%-%-%-%-END %1%-%-%-%-%-";
+
+local function pem2der(pem)
+       local typ, data = pem:match(pat);
+       if typ and data then
+               return base64.decode(data), typ;
+       end
+end
+
+local wrap = ('.'):rep(64);
+local envelope = "-----BEGIN %s-----\n%s\n-----END %s-----\n"
+
+local function der2pem(data, typ)
+       typ = typ and typ:upper() or "CERTIFICATE";
+       data = base64.encode(data);
+       return s_format(envelope, typ, data:gsub(wrap, '%0\n', (#data-1)/64), typ);
+end
+
+return {
+       verify_identity = verify_identity;
+       pem2der = pem2der;
+       der2pem = der2pem;
+};