Re: A new openssl binding for Lua.

[Gaspard Bucher <gaspard@...>]

2011/7/13 Ignacio Burgueño <ignaciob@inconcertcc.com>

On Wed, Jul 13, 2011 at 9:52 AM, Gaspard Bucher <gaspard@teti.ch> wrote:

Openssl for Lua would be great, even if not complete...

At the top of my wish list for early features are the tools required for string signing:

1. Create pub/priv RSA keys

2. SHA1 digest

3. sign, verify

I think that Michal Kottman's fork of LuaCrypto handles most (all?) of that.

https://github.com/mkottman/luacrypto

 

Thanks a lot for the pointer ! The pkeytest.lua does just this:

require 'crypto'


assert(crypto.pkey, "crypto.pkey is unavaliable")


k = crypto.pkey.generate('rsa', 1024)
assert(k, "no key generated")


k:write('pub.pem', 'priv.pem')


kpub = assert(crypto.pkey.read('pub.pem'))
kpriv = assert(crypto.pkey.read('priv.pem', true))


assert(crypto.sign, "crypto.sign is unavaliable")
assert(crypto.verify, "crypto.verify is unavaliable")


message = 'This message will be signed'


sig = assert(crypto.sign('md5', message, kpriv))
verified = crypto.verify('md5', message, sig, kpub)
assert(verified, "message not verified")


nverified = crypto.verify('md5', message..'x', sig, kpub)
assert(not nverified, "message verified, when it shouldn't be")


print("OK")

--

                                                               Gaspard