Skip to content

Make BoringSSL available to Lua FFI #7009

New issue
New issue
Closed
Closed
Make BoringSSL available to Lua FFI#7009
Labels
enhancementFeature requests. Not bugs or questions.help wantedNeeds help!
@yxue

Description

@yxue
yxue
opened on May 20, 2019

Expose BoringSSL symbols to Lua FFI

Description:

The customer is validating cryptographic signatures within Lua scripts. Unfortunately they are not able to call the respective functions because the symbols are not exported or stripped from the binary so that Lua is not able to call them.

To get their functionality working they would need the following symbols:

     void CBS_init(CBS *cbs, const uint8_t *data, size_t len);
     EVP_PKEY *EVP_parse_public_key(CBS *cbs);

     int SHA256_Init(SHA256_CTX *sha);
     int SHA256_Update(SHA256_CTX *sha, const void *data, size_t len);
     int SHA256_Final(uint8_t *md, SHA256_CTX *sha);

     void OPENSSL_cleanse(void *ptr, size_t len);

     int RSA_verify(int hash_nid, const uint8_t *msg, size_t msg_len,
                    const uint8_t *sig, size_t sig_len, void *rsa);

     int EVP_DecodeBase64(uint8_t *out, size_t *out_len,
                          size_t max_out, const uint8_t *in, size_t in_len);

[Relevant Links:]

istio/istio#13818

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementFeature requests. Not bugs or questions.help wantedNeeds help!

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions