Signing data with the crypto API

Introduction

The crypto API provides a simple interface for working with public/private key encryption.

The methods provided expose the functionality from the industry standard openssl library.

Note: This API is very helpful when implementing things like OAuth 1 and 2.

Using the crypto API [top]

  1. First we need to identify the supported algorithms:
    • crypto.algorithms: returns a Lua array table containing the list of supported algorithms.
  2. Then the other routines then take the name of the algorithm being used as one of the parameters:
    1. crypto.digest: Computes the binary checksum of the input data using the specified hashing algorithm.
    2. crypto.hmac: Generates a Keyed-Hash Message Authentication code (HMAC) based on input data and a shared secret key.
    3. crypto.sign: Used to sign documents with either RSA or DSA private keys.
    4. crypto.verify: Used to verify the validity of an RSA or DSA signature.

How crypto works [top]

The methods provided simply expose the functionality from the industry standard openssl library.

More Information [top]

Leave a Reply