diff options
Diffstat (limited to 'examples/vrfy.sig')
-rwxr-xr-x | examples/vrfy.sig | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/examples/vrfy.sig b/examples/vrfy.sig new file mode 100755 index 0000000..84bcfcc --- /dev/null +++ b/examples/vrfy.sig @@ -0,0 +1,52 @@ +#!/usr/local/lua52/bin/lua +-- +-- Example public-key signature verification. +-- + +local keytype = ... + +local openssl = require"openssl" +local pkey = require"openssl.pkey" +local digest = require"openssl.digest" + +-- generate a public/private key pair +local function genkey(type) + type = string.upper(type or (not openssl.NO_EC and "EC") or "RSA") + + if type == "RSA" then + return pkey.new{ type = "RSA", bits = 1024 } + elseif type == "DSA" then + return pkey.new{ type = "DSA", bits = 1024 } + else + return pkey.new{ type = "EC", curve = "prime192v1" } + end +end + +local key = genkey(keytype) +local hash = key:getDefaultDigestName() + +-- digest our message using an appropriate digest ("ecdsa-with-SHA1" for EC; +-- "dss1" for DSA; and "sha1", "sha256", etc for RSA). +local data = digest.new(hash) +data:update(... or "hello world") + +-- generate a signature for our data +local sig = key:sign(data) + +-- to prove verification works, instantiate a new object holding just +-- the public key +local pub = pkey.new(key:toPEM"public") + +-- a utility routine to output our signature +local function tohex(b) + local x = "" + for i = 1, #b do + x = x .. string.format("%.2x", string.byte(b, i)) + end + return x +end + +print("verified", pub:verify(sig, data)) +print("key-type", pub:type()) +print("hash-type", hash) +print("signature", tohex(sig)) |