New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use luaossl instead of luacrypto. #5
Conversation
We need to catch the errors at least on decode and return them as nil, message to match the rest of the behavior(to avoid users from having to add pcalls everywhere). More tests on this behavior would be ideal. |
…ed keys. Note that jwt will still throw an error as it cannot generate the signature.
From |
Awesome, I'm going to test this with a few of my projects to make sure it doesn't fail in weird ways and then merge. This looks great, thanks! |
It can cause problems to you and other people using |
Hmm, if we're going to break compatibility anyways, we should make the interface accept string keys instead of pkey objects. Hide the implementation details from the user. I'll do that unless you get there first. |
I have updated the code and tests to only accept strings for keys. An assertion throws an error in case a pkey (from |
Use luaossl instead of luacrypto.
Thanks! That looks really good. |
The
luacrypto
module does not seem to be maintained anymore (mkottman/luacrypto#39). Its current version on luarocks does not accept Lua 5.3, which is annoying.This pull request is a proposal to use
luaossl
instead, as it is compatible with newer version of Lua.Warning: i am a totally newbie in openssl, so the proposed fixes might be totally wrong. I just checked that all tests still pass. Moreover, the
luaossl
module can throw errors. I did not add code to catch them.