From 920118b13d4ec90c5b36a682bc002868b8fff877 Mon Sep 17 00:00:00 2001
From: william <william@25tandclement.com>
Date: Mon, 22 Sep 2014 15:37:29 -0700
Subject: make default key algorithm in self.x509 and vrfy.sig examples depend
 on whether EC is supported locally

---
 examples/self.x509 | 19 ++++++++++++++++---
 examples/vrfy.sig  | 19 +++++++++++++++++--
 2 files changed, 33 insertions(+), 5 deletions(-)

diff --git a/examples/self.x509 b/examples/self.x509
index b2d14f9..37b12c7 100755
--- a/examples/self.x509
+++ b/examples/self.x509
@@ -7,15 +7,28 @@
 -- CSR generation.
 --
 
+local keytype = ...
+
+local openssl = require"openssl"
 local pkey = require"openssl.pkey"
 local x509 = require"openssl.x509"
 local name = require"openssl.x509.name"
 local altname = require"openssl.x509.altname"
 
 -- generate our public/private key pair
---local key = pkey.new{ type = "RSA", bits = 1024 }
---local key = pkey.new{ type = "DSA", bits = 1024 }
-local key = pkey.new{ type = "EC", curve = "prime192v1" }
+local function genkey(type)
+	type = string.upper(type or (not openssl.NO_EC and "EC") or "RSA")
+
+	if type == "RSA" then
+		return pkey.new{ type = "RSA", bits = 1024 }
+	elseif type == "DSA" then
+		return pkey.new{ type = "DSA", bits = 1024 }
+	else
+		return pkey.new{ type = "EC", curve = "prime192v1" }
+	end
+end
+
+local key = genkey(keytype)
 
 -- our Subject and Issuer DN (self-signed, so same)
 local dn = name.new()
diff --git a/examples/vrfy.sig b/examples/vrfy.sig
index cf60995..258490a 100755
--- a/examples/vrfy.sig
+++ b/examples/vrfy.sig
@@ -3,15 +3,30 @@
 -- Example public-key signature verification.
 --
 
+local keytype = ...
+
+local openssl = require"openssl"
 local pkey = require"openssl.pkey"
 local digest = require"openssl.digest"
 
 -- generate a public/private key pair
-local key = pkey.new{ type = "EC", curve = "prime192v1" }
+local function genkey(type)
+	type = string.upper(type or (not openssl.NO_EC and "EC") or "RSA")
+
+	if type == "RSA" then
+		return pkey.new{ type = "RSA", bits = 1024 }, "sha256"
+	elseif type == "DSA" then
+		return pkey.new{ type = "DSA", bits = 1024 }, "dss1"
+	else
+		return pkey.new{ type = "EC", curve = "prime192v1" }, "ecdsa-with-SHA1"
+	end
+end
+
+local key, hash = genkey(keytype)
 
 -- digest our message using an appropriate digest ("ecdsa-with-SHA1" for EC;
 -- "dss1" for DSA; and "sha1", "sha256", etc for RSA).
-local data = digest.new"ecdsa-with-SHA1"
+local data = digest.new(hash)
 data:update(... or "hello world")
 
 -- generate a signature for our data
-- 
cgit v1.2.3-59-g8ed1b