diff options
| author |   Fiete Ostkamp <Fiete.Ostkamp@telekom.de> | 2024-03-01 13:03:12 +0100 |
|---|---|---|
| committer | Fiete Ostkamp <Fiete.Ostkamp@telekom.de> | 2024-03-01 13:03:12 +0100 |
| commit | 97d7de9af2cb6cc3bbbcae18ada738ace7771903 (patch) | |
| tree | a7c6221348272e82406bba446b6b00b1d1b8e608 /server/resty/openssl/hmac.lua | |
| parent | bf25efd6d3ed28266ed916c0ebe9dd3a45a4affb (diff) | |
portal-ng pods run under root user
- switch base image from openresty to nginx-unprivileged
- remove custom lua plugin code
- dynamically determine dns resolver ip during container startup
Issue-ID: PORTALNG-67
Change-Id: I23fb5e684dbb98a326afb00911a1f5ae78e2536d
Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
Diffstat (limited to 'server/resty/openssl/hmac.lua')
| -rw-r--r-- | server/resty/openssl/hmac.lua | 90 |
1 files changed, 0 insertions, 90 deletions
diff --git a/server/resty/openssl/hmac.lua b/server/resty/openssl/hmac.lua deleted file mode 100644 index fe18d2f..0000000 --- a/server/resty/openssl/hmac.lua +++ /dev/null @@ -1,90 +0,0 @@ -local ffi = require "ffi" -local C = ffi.C -local ffi_gc = ffi.gc -local ffi_str = ffi.string - -require "resty.openssl.include.hmac" -require "resty.openssl.include.evp.md" -local ctypes = require "resty.openssl.auxiliary.ctypes" -local format_error = require("resty.openssl.err").format_error -local OPENSSL_10 = require("resty.openssl.version").OPENSSL_10 -local OPENSSL_11_OR_LATER = require("resty.openssl.version").OPENSSL_11_OR_LATER -local OPENSSL_3X = require("resty.openssl.version").OPENSSL_3X - -local _M = {} -local mt = {__index = _M} - -local hmac_ctx_ptr_ct = ffi.typeof('HMAC_CTX*') - --- Note: https://www.openssl.org/docs/manmaster/man3/HMAC_Init.html --- Replace with EVP_MAC_* functions for OpenSSL 3.0 - -function _M.new(key, typ) - local ctx - if OPENSSL_11_OR_LATER then - ctx = C.HMAC_CTX_new() - ffi_gc(ctx, C.HMAC_CTX_free) - elseif OPENSSL_10 then - ctx = ffi.new('HMAC_CTX') - C.HMAC_CTX_init(ctx) - ffi_gc(ctx, C.HMAC_CTX_cleanup) - end - if ctx == nil then - return nil, "hmac.new: failed to create HMAC_CTX" - end - - local algo = C.EVP_get_digestbyname(typ or 'sha1') - if algo == nil then - return nil, string.format("hmac.new: invalid digest type \"%s\"", typ) - end - - local code = C.HMAC_Init_ex(ctx, key, #key, algo, nil) - if code ~= 1 then - return nil, format_error("hmac.new") - end - - return setmetatable({ - ctx = ctx, - algo = algo, - buf = ctypes.uchar_array(OPENSSL_3X and C.EVP_MD_get_size(algo) or C.EVP_MD_size(algo)), - }, mt), nil -end - -function _M.istype(l) - return l and l.ctx and ffi.istype(hmac_ctx_ptr_ct, l.ctx) -end - -function _M:update(...) - for _, s in ipairs({...}) do - if C.HMAC_Update(self.ctx, s, #s) ~= 1 then - return false, format_error("hmac:update") - end - end - return true, nil -end - -local result_length = ctypes.ptr_of_uint() - -function _M:final(s) - if s then - if C.HMAC_Update(self.ctx, s, #s) ~= 1 then - return false, format_error("hmac:final") - end - end - - if C.HMAC_Final(self.ctx, self.buf, result_length) ~= 1 then - return nil, format_error("hmac:final: HMAC_Final") - end - return ffi_str(self.buf, result_length[0]) -end - -function _M:reset() - local code = C.HMAC_Init_ex(self.ctx, nil, 0, nil, nil) - if code ~= 1 then - return false, format_error("hmac:reset") - end - - return true -end - -return _M |