aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xexamples/self.x50919
-rwxr-xr-xexamples/vrfy.sig19
2 files changed, 33 insertions, 5 deletions
diff --git a/examples/self.x509 b/examples/self.x509
index b2d14f9..37b12c7 100755
--- a/examples/self.x509
+++ b/examples/self.x509
@@ -7,15 +7,28 @@
-- CSR generation.
--
+local keytype = ...
+
+local openssl = require"openssl"
local pkey = require"openssl.pkey"
local x509 = require"openssl.x509"
local name = require"openssl.x509.name"
local altname = require"openssl.x509.altname"
-- generate our public/private key pair
---local key = pkey.new{ type = "RSA", bits = 1024 }
---local key = pkey.new{ type = "DSA", bits = 1024 }
-local key = pkey.new{ type = "EC", curve = "prime192v1" }
+local function genkey(type)
+ type = string.upper(type or (not openssl.NO_EC and "EC") or "RSA")
+
+ if type == "RSA" then
+ return pkey.new{ type = "RSA", bits = 1024 }
+ elseif type == "DSA" then
+ return pkey.new{ type = "DSA", bits = 1024 }
+ else
+ return pkey.new{ type = "EC", curve = "prime192v1" }
+ end
+end
+
+local key = genkey(keytype)
-- our Subject and Issuer DN (self-signed, so same)
local dn = name.new()
diff --git a/examples/vrfy.sig b/examples/vrfy.sig
index cf60995..258490a 100755
--- a/examples/vrfy.sig
+++ b/examples/vrfy.sig
@@ -3,15 +3,30 @@
-- Example public-key signature verification.
--
+local keytype = ...
+
+local openssl = require"openssl"
local pkey = require"openssl.pkey"
local digest = require"openssl.digest"
-- generate a public/private key pair
-local key = pkey.new{ type = "EC", curve = "prime192v1" }
+local function genkey(type)
+ type = string.upper(type or (not openssl.NO_EC and "EC") or "RSA")
+
+ if type == "RSA" then
+ return pkey.new{ type = "RSA", bits = 1024 }, "sha256"
+ elseif type == "DSA" then
+ return pkey.new{ type = "DSA", bits = 1024 }, "dss1"
+ else
+ return pkey.new{ type = "EC", curve = "prime192v1" }, "ecdsa-with-SHA1"
+ end
+end
+
+local key, hash = genkey(keytype)
-- digest our message using an appropriate digest ("ecdsa-with-SHA1" for EC;
-- "dss1" for DSA; and "sha1", "sha256", etc for RSA).
-local data = digest.new"ecdsa-with-SHA1"
+local data = digest.new(hash)
data:update(... or "hello world")
-- generate a signature for our data