3 files changed, 13 insertions, 5 deletions
diff --git a/doc/luaossl.pdf b/doc/luaossl.pdf
index e310cbe..c2b2418 100644
--- a/doc/luaossl.pdf
+++ b/doc/luaossl.pdf
Binary files differ
diff --git a/doc/luaossl.tex b/doc/luaossl.tex
index c8917d7..b7b8c15 100644
--- a/doc/luaossl.tex
+++ b/doc/luaossl.tex
@@ -487,6 +487,10 @@ Returns the public key component as an \module{openssl.pkey} object.
 Sets the public key component referenced by the \module{openssl.pkey} object $key$.
+\subsubsection[\fn{x509:getPublicKeyDigest}]{\fn{x509:getPublicKeyDigest([$type$])}}
+Returns the digest of the public key as a binary string. $type$ is an optional string describing the digest type, and defaults to ``sha1''.
 \subsubsection[\fn{x509:sign}]{\fn{x509:sign($key$ [, $type$])}}
 Signs and updates the instance certificate using the \module{openssl.pkey} $key$. $type$ is an optional string describing the digest type. See \module{pkey:sign}, regarding which types of digests are valid. If $type$ is omitted than a default type is used---``sha1'' for RSA keys, ``dss1'' for DSA keys, and ``ecdsa-with-SHA1'' for EC keys.
diff --git a/src/openssl.c b/src/openssl.c
index 8e95622..646e2ae 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -3722,18 +3722,22 @@ static int xc_setPublicKey(lua_State *L) {
 static int xc_getPublicKeyDigest(lua_State *L) {
-        ASN1_BIT_STRING *pk = ((X509 *) checksimple(L, 1, X509_CERT_CLASS))->cert_info->key->public_key;
+        ASN1_BIT_STRING *pk = ((X509 *)checksimple(L, 1, X509_CERT_CLASS))->cert_info->key->public_key;
+        const char *id = luaL_optstring(L, 2, "sha1");
+        const EVP_MD *md;
        unsigned char digest[EVP_MAX_MD_SIZE];
        unsigned int len;
-        if (!EVP_Digest(pk->data, pk->length, digest, &len, EVP_sha1(), NULL))
+        if (!(md = EVP_get_digestbyname(id)))
+                return luaL_error(L, "x509.cert:getPublicKeyDigest: %s: invalid digest type", id);
+        if (!EVP_Digest(pk->data, pk->length, digest, &len, md, NULL))
                return auxL_error(L, auxL_EOPENSSL, "x509.cert:getPublicKeyDigest");
-        lua_pushlstring(L, (char *) digest, len);
+        lua_pushlstring(L, (char *)digest, len);
        return 1;
-} /* xc_setPublicKeyDigest() */
+} /* xc_getPublicKeyDigest() */
 static const EVP_MD *xc_signature(lua_State *L, int index, EVP_PKEY *key) {

diff --git a/doc/luaossl.pdf b/doc/luaossl.pdf index e310cbe..c2b2418 100644 --- a/doc/luaossl.pdf +++ b/doc/luaossl.pdf
Binary files differ


diff --git a/doc/luaossl.tex b/doc/luaossl.tex index c8917d7..b7b8c15 100644 --- a/doc/luaossl.tex +++ b/doc/luaossl.tex
@@ -487,6 +487,10 @@ Returns the public key component as an \module{openssl.pkey} object.
487		487
488	Sets the public key component referenced by the \module{openssl.pkey} object $key$.	488	Sets the public key component referenced by the \module{openssl.pkey} object $key$.
489		489
		490	\subsubsection[\fn{x509:getPublicKeyDigest}]{\fn{x509:getPublicKeyDigest([$type$])}}
		491
		492	Returns the digest of the public key as a binary string. $type$ is an optional string describing the digest type, and defaults to ``sha1''.
		493
490	\subsubsection[\fn{x509:sign}]{\fn{x509:sign($key$ [, $type$])}}	494	\subsubsection[\fn{x509:sign}]{\fn{x509:sign($key$ [, $type$])}}
491		495
492	Signs and updates the instance certificate using the \module{openssl.pkey} $key$. $type$ is an optional string describing the digest type. See \module{pkey:sign}, regarding which types of digests are valid. If $type$ is omitted than a default type is used---``sha1'' for RSA keys, ``dss1'' for DSA keys, and ``ecdsa-with-SHA1'' for EC keys.	496	Signs and updates the instance certificate using the \module{openssl.pkey} $key$. $type$ is an optional string describing the digest type. See \module{pkey:sign}, regarding which types of digests are valid. If $type$ is omitted than a default type is used---``sha1'' for RSA keys, ``dss1'' for DSA keys, and ``ecdsa-with-SHA1'' for EC keys.


diff --git a/src/openssl.c b/src/openssl.c index 8e95622..646e2ae 100644 --- a/src/openssl.c +++ b/src/openssl.c
@@ -3722,18 +3722,22 @@ static int xc_setPublicKey(lua_State *L) {
3722		3722
3723		3723
3724	static int xc_getPublicKeyDigest(lua_State *L) {	3724	static int xc_getPublicKeyDigest(lua_State *L) {
3725	ASN1_BIT_STRING pk = ((X509 ) checksimple(L, 1, X509_CERT_CLASS))->cert_info->key->public_key;	3725	ASN1_BIT_STRING pk = ((X509 )checksimple(L, 1, X509_CERT_CLASS))->cert_info->key->public_key;
3726		3726	const char *id = luaL_optstring(L, 2, "sha1");
		3727	const EVP_MD *md;
3727	unsigned char digest[EVP_MAX_MD_SIZE];	3728	unsigned char digest[EVP_MAX_MD_SIZE];
3728	unsigned int len;	3729	unsigned int len;
3729		3730
3730	if (!EVP_Digest(pk->data, pk->length, digest, &len, EVP_sha1(), NULL))	3731	if (!(md = EVP_get_digestbyname(id)))
		3732	return luaL_error(L, "x509.cert:getPublicKeyDigest: %s: invalid digest type", id);
		3733
		3734	if (!EVP_Digest(pk->data, pk->length, digest, &len, md, NULL))
3731	return auxL_error(L, auxL_EOPENSSL, "x509.cert:getPublicKeyDigest");	3735	return auxL_error(L, auxL_EOPENSSL, "x509.cert:getPublicKeyDigest");
3732		3736
3733	lua_pushlstring(L, (char *) digest, len);	3737	lua_pushlstring(L, (char *)digest, len);
3734		3738
3735	return 1;	3739	return 1;
3736	} /* xc_setPublicKeyDigest() */	3740	} /* xc_getPublicKeyDigest() */
3737		3741
3738		3742
3739	static const EVP_MD xc_signature(lua_State L, int index, EVP_PKEY *key) {	3743	static const EVP_MD xc_signature(lua_State L, int index, EVP_PKEY *key) {