diff options
author | william <william@25tandclement.com> | 2014-09-22 15:37:29 -0700 |
---|---|---|
committer | william <william@25tandclement.com> | 2014-09-22 15:37:29 -0700 |
commit | 920118b13d4ec90c5b36a682bc002868b8fff877 (patch) | |
tree | c7e5e6691cd3d87353d6334082c849bc1c4a903d | |
parent | d4914b31664e771ae93b88f6f83fb24c616b20fd (diff) | |
download | luaossl-920118b13d4ec90c5b36a682bc002868b8fff877.tar.gz luaossl-920118b13d4ec90c5b36a682bc002868b8fff877.tar.bz2 luaossl-920118b13d4ec90c5b36a682bc002868b8fff877.zip |
make default key algorithm in self.x509 and vrfy.sig examples depend on whether EC is supported locally
-rwxr-xr-x | examples/self.x509 | 19 | ||||
-rwxr-xr-x | examples/vrfy.sig | 19 |
2 files changed, 33 insertions, 5 deletions
diff --git a/examples/self.x509 b/examples/self.x509 index b2d14f9..37b12c7 100755 --- a/examples/self.x509 +++ b/examples/self.x509 @@ -7,15 +7,28 @@ -- CSR generation. -- +local keytype = ... + +local openssl = require"openssl" local pkey = require"openssl.pkey" local x509 = require"openssl.x509" local name = require"openssl.x509.name" local altname = require"openssl.x509.altname" -- generate our public/private key pair ---local key = pkey.new{ type = "RSA", bits = 1024 } ---local key = pkey.new{ type = "DSA", bits = 1024 } -local key = pkey.new{ type = "EC", curve = "prime192v1" } +local function genkey(type) + type = string.upper(type or (not openssl.NO_EC and "EC") or "RSA") + + if type == "RSA" then + return pkey.new{ type = "RSA", bits = 1024 } + elseif type == "DSA" then + return pkey.new{ type = "DSA", bits = 1024 } + else + return pkey.new{ type = "EC", curve = "prime192v1" } + end +end + +local key = genkey(keytype) -- our Subject and Issuer DN (self-signed, so same) local dn = name.new() diff --git a/examples/vrfy.sig b/examples/vrfy.sig index cf60995..258490a 100755 --- a/examples/vrfy.sig +++ b/examples/vrfy.sig @@ -3,15 +3,30 @@ -- Example public-key signature verification. -- +local keytype = ... + +local openssl = require"openssl" local pkey = require"openssl.pkey" local digest = require"openssl.digest" -- generate a public/private key pair -local key = pkey.new{ type = "EC", curve = "prime192v1" } +local function genkey(type) + type = string.upper(type or (not openssl.NO_EC and "EC") or "RSA") + + if type == "RSA" then + return pkey.new{ type = "RSA", bits = 1024 }, "sha256" + elseif type == "DSA" then + return pkey.new{ type = "DSA", bits = 1024 }, "dss1" + else + return pkey.new{ type = "EC", curve = "prime192v1" }, "ecdsa-with-SHA1" + end +end + +local key, hash = genkey(keytype) -- digest our message using an appropriate digest ("ecdsa-with-SHA1" for EC; -- "dss1" for DSA; and "sha1", "sha256", etc for RSA). -local data = digest.new"ecdsa-with-SHA1" +local data = digest.new(hash) data:update(... or "hello world") -- generate a signature for our data |