diff options
| -rw-r--r-- | doc/luaossl.pdf | bin | 300085 -> 299869 bytes | |||
| -rw-r--r-- | doc/luaossl.tex | 7 | ||||
| -rwxr-xr-x | examples/vrfy.sig | 9 |
3 files changed, 8 insertions, 8 deletions
diff --git a/doc/luaossl.pdf b/doc/luaossl.pdf Binary files differindex 81112d9..c799a93 100644 --- a/doc/luaossl.pdf +++ b/doc/luaossl.pdf diff --git a/doc/luaossl.tex b/doc/luaossl.tex index 5ac7761..9e4fd8e 100644 --- a/doc/luaossl.tex +++ b/doc/luaossl.tex @@ -313,7 +313,7 @@ Set the private key component to that described by the PEM encoded private key i \subsubsection[\fn{pkey:sign}]{\fn{pkey:sign($digest$)}} -Sign data which has been consumed by the specified \module{openssl.digest} $digest$. Digests and keys are not all interchangeable. For example, an elliptic curve key requires a digest of type ``ecdsa-with-SHA1'', while DSA requires ``dss1''. OpenSSL supports more varied digests for RSA. +Sign data which has been consumed by the specified \module{openssl.digest} $digest$. Digests and keys are not all interchangeable. Returns the signature as an opaque binary string\footnote{Elliptic curve signatures are two X.509 DER-encoded numbers, for example, while RSA signatures are encrypted DER structures.} on success, and throws an error otherwise. @@ -1349,9 +1349,8 @@ local digest = require"openssl.digest" -- generate a public/private key pair local key = pkey.new{ type = "EC", curve = "prime192v1" } --- digest our message using an appropriate digest ("ecdsa-with-SHA1" for EC; --- "dss1" for DSA; and "sha1", "sha256", etc for RSA). -local data = digest.new"ecdsa-with-SHA1" +-- digest our message using an appropriate digest +local data = digest.new "sha1" data:update(... or "hello world") -- generate a signature for our data diff --git a/examples/vrfy.sig b/examples/vrfy.sig index 84bcfcc..123611e 100755 --- a/examples/vrfy.sig +++ b/examples/vrfy.sig @@ -3,7 +3,7 @@ -- Example public-key signature verification. -- -local keytype = ... +local keytype, hash = ... local openssl = require"openssl" local pkey = require"openssl.pkey" @@ -23,10 +23,11 @@ local function genkey(type) end local key = genkey(keytype) -local hash = key:getDefaultDigestName() +if hash == nil then + hash = key:getDefaultDigestName() +end --- digest our message using an appropriate digest ("ecdsa-with-SHA1" for EC; --- "dss1" for DSA; and "sha1", "sha256", etc for RSA). +-- digest our message using an appropriate digest local data = digest.new(hash) data:update(... or "hello world") |