diff options
| -rw-r--r-- | doc/luaossl.pdf | bin | 284248 -> 284785 bytes | |||
| -rw-r--r-- | doc/luaossl.tex | 4 | ||||
| -rw-r--r-- | src/openssl.c | 14 |
3 files changed, 13 insertions, 5 deletions
diff --git a/doc/luaossl.pdf b/doc/luaossl.pdf Binary files differindex e310cbe..c2b2418 100644 --- a/doc/luaossl.pdf +++ b/doc/luaossl.pdf diff --git a/doc/luaossl.tex b/doc/luaossl.tex index c8917d7..b7b8c15 100644 --- a/doc/luaossl.tex +++ b/doc/luaossl.tex @@ -487,6 +487,10 @@ Returns the public key component as an \module{openssl.pkey} object. Sets the public key component referenced by the \module{openssl.pkey} object $key$. +\subsubsection[\fn{x509:getPublicKeyDigest}]{\fn{x509:getPublicKeyDigest([$type$])}} + +Returns the digest of the public key as a binary string. $type$ is an optional string describing the digest type, and defaults to ``sha1''. + \subsubsection[\fn{x509:sign}]{\fn{x509:sign($key$ [, $type$])}} Signs and updates the instance certificate using the \module{openssl.pkey} $key$. $type$ is an optional string describing the digest type. See \module{pkey:sign}, regarding which types of digests are valid. If $type$ is omitted than a default type is used---``sha1'' for RSA keys, ``dss1'' for DSA keys, and ``ecdsa-with-SHA1'' for EC keys. diff --git a/src/openssl.c b/src/openssl.c index 8e95622..646e2ae 100644 --- a/src/openssl.c +++ b/src/openssl.c @@ -3722,18 +3722,22 @@ static int xc_setPublicKey(lua_State *L) { static int xc_getPublicKeyDigest(lua_State *L) { - ASN1_BIT_STRING *pk = ((X509 *) checksimple(L, 1, X509_CERT_CLASS))->cert_info->key->public_key; - + ASN1_BIT_STRING *pk = ((X509 *)checksimple(L, 1, X509_CERT_CLASS))->cert_info->key->public_key; + const char *id = luaL_optstring(L, 2, "sha1"); + const EVP_MD *md; unsigned char digest[EVP_MAX_MD_SIZE]; unsigned int len; - if (!EVP_Digest(pk->data, pk->length, digest, &len, EVP_sha1(), NULL)) + if (!(md = EVP_get_digestbyname(id))) + return luaL_error(L, "x509.cert:getPublicKeyDigest: %s: invalid digest type", id); + + if (!EVP_Digest(pk->data, pk->length, digest, &len, md, NULL)) return auxL_error(L, auxL_EOPENSSL, "x509.cert:getPublicKeyDigest"); - lua_pushlstring(L, (char *) digest, len); + lua_pushlstring(L, (char *)digest, len); return 1; -} /* xc_setPublicKeyDigest() */ +} /* xc_getPublicKeyDigest() */ static const EVP_MD *xc_signature(lua_State *L, int index, EVP_PKEY *key) { |