2 files changed, 38 insertions, 16 deletions
diff --git a/examples/vrfy.sig b/examples/vrfy.sig
index 258490a..f6cc927 100755
--- a/examples/vrfy.sig
+++ b/examples/vrfy.sig
@@ -13,16 +13,18 @@ local digest = require"openssl.digest"
 local function genkey(type)
        type = string.upper(type or (not openssl.NO_EC and "EC") or "RSA")
+        local key
        if type == "RSA" then
-                return pkey.new{ type = "RSA", bits = 1024 }, "sha256"
+                return pkey.new{ type = "RSA", bits = 1024 }
        elseif type == "DSA" then
-                return pkey.new{ type = "DSA", bits = 1024 }, "dss1"
+                return pkey.new{ type = "DSA", bits = 1024 }
        else
-                return pkey.new{ type = "EC", curve = "prime192v1" }, "ecdsa-with-SHA1"
+                return pkey.new{ type = "EC", curve = "prime192v1" }
        end
 end
-local key, hash = genkey(keytype)
+local key = genkey(keytype)
+local hash = key:getDefaultDigestName()
 -- digest our message using an appropriate digest ("ecdsa-with-SHA1" for EC;
 -- "dss1" for DSA; and "sha1", "sha256", etc for RSA).
@@ -45,6 +47,7 @@ local function tohex(b)
        return x
 end
-print("okay", pub:verify(sig, data))
+print("verified", pub:verify(sig, data))
-print("type", pub:type())
+print("key-type", pub:type())
-print("sig", tohex(sig))
+print("hash-type", hash)
+print("signature", tohex(sig))
diff --git a/src/openssl.c b/src/openssl.c
index 2fb7367..88c34d8 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -1336,7 +1336,7 @@ static int compat_EVP_PKEY_get_default_digest_nid(EVP_PKEY *key, int *nid) {
                *nid = EVP_MD_nid(EVP_ecdsa());
                break;
        default:
-                *nid = EVP_MD_nid(EVP_md_null());
+                *nid = EVP_MD_nid(EVP_sha1());
                break;
        }
@@ -3391,6 +3391,26 @@ static int pk_toPEM(lua_State *L) {
 } /* pk_toPEM() */
+static int pk_getDefaultDigestName(lua_State *L) {
+        EVP_PKEY *key = checksimple(L, 1, PKEY_CLASS);
+        int nid;
+        char txt[256];
+        size_t len;
+        if (!(EVP_PKEY_get_default_digest_nid(key, &nid) > 0))
+                return auxL_error(L, auxL_EOPENSSL, "pkey:getDefaultDigestName");
+        if (!(len = auxS_nid2txt(txt, sizeof txt, nid)))
+                return auxL_error(L, auxL_EOPENSSL, "pkey:getDefaultDigestName");
+        if (len > sizeof txt)
+                return auxL_error(L, EOVERFLOW, "pkey:getDefaultDigestName");
+        lua_pushlstring(L, txt, len);
+        return 1;
+} /* pk_getDefaultDigestName() */
 enum pk_param  {
 #define PK_RSA_OPTLIST { "n", "e", "d", "p", "q", "dmp1", "dmq1", "iqmp", NULL }
 #define PK_RSA_OPTOFFSET PK_RSA_N
@@ -3944,6 +3964,7 @@ static const auxL_Reg pk_methods[] = {
        { "setPrivateKey", &pk_setPrivateKey },
        { "sign",          &pk_sign },
        { "verify",        &pk_verify },
+        { "getDefaultDigestName", &pk_getDefaultDigestName },
        { "toPEM",         &pk_toPEM },
        { "getParameters", &pk_getParameters },
        { "setParameters", &pk_setParameters },
@@ -5730,18 +5751,16 @@ static const EVP_MD *xc_signature(lua_State *L, int index, EVP_PKEY *key) {
        if ((id = luaL_optstring(L, index, NULL))) {
                if (!(md = EVP_get_digestbyname(id)))
                        goto unknown;
+        } else {
-                return md;
+                if (!(EVP_PKEY_get_default_digest_nid(key, &nid) > 0))
+                        goto unknown;
+                if (!(md = EVP_get_digestbynid(nid)))
+                        goto unknown;
        }
-        if (!(EVP_PKEY_get_default_digest_nid(key, &nid) > 0))
-                goto unknown;
-        if (!(md = EVP_get_digestbynid(nid)))
-                goto unknown;
        return md;
 unknown:
-        return EVP_md_null();
+        return EVP_sha1();
 } /* xc_signature() */
 static int xc_sign(lua_State *L) {

diff --git a/examples/vrfy.sig b/examples/vrfy.sig index 258490a..f6cc927 100755 --- a/examples/vrfy.sig +++ b/examples/vrfy.sig
@@ -13,16 +13,18 @@ local digest = require"openssl.digest"
13	local function genkey(type)	13	local function genkey(type)
14	type = string.upper(type or (not openssl.NO_EC and "EC") or "RSA")	14	type = string.upper(type or (not openssl.NO_EC and "EC") or "RSA")
15		15
		16	local key
16	if type == "RSA" then	17	if type == "RSA" then
17	return pkey.new{ type = "RSA", bits = 1024 }, "sha256"	18	return pkey.new{ type = "RSA", bits = 1024 }
18	elseif type == "DSA" then	19	elseif type == "DSA" then
19	return pkey.new{ type = "DSA", bits = 1024 }, "dss1"	20	return pkey.new{ type = "DSA", bits = 1024 }
20	else	21	else
21	return pkey.new{ type = "EC", curve = "prime192v1" }, "ecdsa-with-SHA1"	22	return pkey.new{ type = "EC", curve = "prime192v1" }
22	end	23	end
23	end	24	end
24		25
25	local key, hash = genkey(keytype)	26	local key = genkey(keytype)
		27	local hash = key:getDefaultDigestName()
26		28
27	-- digest our message using an appropriate digest ("ecdsa-with-SHA1" for EC;	29	-- digest our message using an appropriate digest ("ecdsa-with-SHA1" for EC;
28	-- "dss1" for DSA; and "sha1", "sha256", etc for RSA).	30	-- "dss1" for DSA; and "sha1", "sha256", etc for RSA).
@@ -45,6 +47,7 @@ local function tohex(b)
45	return x	47	return x
46	end	48	end
47		49
48	print("okay", pub:verify(sig, data))	50	print("verified", pub:verify(sig, data))
49	print("type", pub:type())	51	print("key-type", pub:type())
50	print("sig", tohex(sig))	52	print("hash-type", hash)
		53	print("signature", tohex(sig))


diff --git a/src/openssl.c b/src/openssl.c index 2fb7367..88c34d8 100644 --- a/src/openssl.c +++ b/src/openssl.c
@@ -1336,7 +1336,7 @@ static int compat_EVP_PKEY_get_default_digest_nid(EVP_PKEY key, int nid) {
1336	*nid = EVP_MD_nid(EVP_ecdsa());	1336	*nid = EVP_MD_nid(EVP_ecdsa());
1337	break;	1337	break;
1338	default:	1338	default:
1339	*nid = EVP_MD_nid(EVP_md_null());	1339	*nid = EVP_MD_nid(EVP_sha1());
1340	break;	1340	break;
1341	}	1341	}
1342		1342
@@ -3391,6 +3391,26 @@ static int pk_toPEM(lua_State *L) {
3391	} /* pk_toPEM() */	3391	} /* pk_toPEM() */
3392		3392
3393		3393
		3394	static int pk_getDefaultDigestName(lua_State *L) {
		3395	EVP_PKEY *key = checksimple(L, 1, PKEY_CLASS);
		3396	int nid;
		3397	char txt[256];
		3398	size_t len;
		3399
		3400	if (!(EVP_PKEY_get_default_digest_nid(key, &nid) > 0))
		3401	return auxL_error(L, auxL_EOPENSSL, "pkey:getDefaultDigestName");
		3402
		3403	if (!(len = auxS_nid2txt(txt, sizeof txt, nid)))
		3404	return auxL_error(L, auxL_EOPENSSL, "pkey:getDefaultDigestName");
		3405	if (len > sizeof txt)
		3406	return auxL_error(L, EOVERFLOW, "pkey:getDefaultDigestName");
		3407
		3408	lua_pushlstring(L, txt, len);
		3409
		3410	return 1;
		3411	} /* pk_getDefaultDigestName() */
		3412
		3413
3394	enum pk_param {	3414	enum pk_param {
3395	#define PK_RSA_OPTLIST { "n", "e", "d", "p", "q", "dmp1", "dmq1", "iqmp", NULL }	3415	#define PK_RSA_OPTLIST { "n", "e", "d", "p", "q", "dmp1", "dmq1", "iqmp", NULL }
3396	#define PK_RSA_OPTOFFSET PK_RSA_N	3416	#define PK_RSA_OPTOFFSET PK_RSA_N
@@ -3944,6 +3964,7 @@ static const auxL_Reg pk_methods[] = {
3944	{ "setPrivateKey", &pk_setPrivateKey },	3964	{ "setPrivateKey", &pk_setPrivateKey },
3945	{ "sign", &pk_sign },	3965	{ "sign", &pk_sign },
3946	{ "verify", &pk_verify },	3966	{ "verify", &pk_verify },
		3967	{ "getDefaultDigestName", &pk_getDefaultDigestName },
3947	{ "toPEM", &pk_toPEM },	3968	{ "toPEM", &pk_toPEM },
3948	{ "getParameters", &pk_getParameters },	3969	{ "getParameters", &pk_getParameters },
3949	{ "setParameters", &pk_setParameters },	3970	{ "setParameters", &pk_setParameters },
@@ -5730,18 +5751,16 @@ static const EVP_MD xc_signature(lua_State L, int index, EVP_PKEY *key) {
5730	if ((id = luaL_optstring(L, index, NULL))) {	5751	if ((id = luaL_optstring(L, index, NULL))) {
5731	if (!(md = EVP_get_digestbyname(id)))	5752	if (!(md = EVP_get_digestbyname(id)))
5732	goto unknown;	5753	goto unknown;
5733		5754	} else {
5734	return md;	5755	if (!(EVP_PKEY_get_default_digest_nid(key, &nid) > 0))
		5756	goto unknown;
		5757	if (!(md = EVP_get_digestbynid(nid)))
		5758	goto unknown;
5735	}	5759	}
5736		5760
5737	if (!(EVP_PKEY_get_default_digest_nid(key, &nid) > 0))
5738	goto unknown;
5739	if (!(md = EVP_get_digestbynid(nid)))
5740	goto unknown;
5741
5742	return md;	5761	return md;
5743	unknown:	5762	unknown:
5744	return EVP_md_null();	5763	return EVP_sha1();
5745	} /* xc_signature() */	5764	} /* xc_signature() */
5746		5765
5747	static int xc_sign(lua_State *L) {	5766	static int xc_sign(lua_State *L) {