search

wahern / luaossl

Most comprehensive OpenSSL module in the Lua universe.
http://25thandclement.com/~william/projects/luaossl.html
Other
140 stars 49 forks source link

x509 random setSerial with BN_rand #212

Open dcrawford1 opened 1 year ago

dcrawford1 commented 1 year ago

Is there any way to set a random x509 serial number when creating a x509 self signed certificate? The openssl command line tool calls BN_rand(btmp, SERIAL_RAND_BITS, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY)). Is there any way to do the equivalent with luaossl?

daurnimator commented 1 year ago

Just generate a random number and call :setSerial()?

dcrawford1 commented 1 year ago

I think I figured it out:

local bytes = openssl_rand.bytes(20)
crt:setSerial(openssl_bignum.fromBinary(bytes))
daurnimator commented 1 year ago

Sure that works if you want a byte-sized max for your range.

We should probably add bindings for e.g. openssl_rand.uniform where if you pass a bignum we use BN_rand or similar to generate a random number in the whole range?