pgmoon.crypto x509 digest to fallback to available lib

Author: bungle

pgmoon/crypto.lua

@@ -78,10 +78,31 @@ else
     return error("Either luaossl or resty.openssl is required to generate random bytes")
   end
 end
+local x509_digest
+if pcall(function()
+  return require("openssl.x509")
+end) then
+  local x509 = require("openssl.x509")
+  x509_digest = function(pem, hash_type)
+    return x509.new(pem, "PEM"):digest(hash_type, "s")
+  end
+elseif pcall(function()
+  return require("resty.openssl.x509")
+end) then
+  local x509 = require("resty.openssl.x509")
+  x509_digest = function(pem, hash_type)
+    return x509.new(pem, "PEM"):digest(hash_type)
+  end
+else
+  x509_digest = function()
+    return error("Either luaossl or resty.openssl is required to calculate x509 digest")
+  end
+end
 return {
   md5 = md5,
   hmac_sha256 = hmac_sha256,
   digest_sha256 = digest_sha256,
   kdf_derive_sha256 = kdf_derive_sha256,
-  random_bytes = random_bytes
+  random_bytes = random_bytes,
+  x509_digest = x509_digest
 }

pgmoon/crypto.moon

@@ -57,4 +57,14 @@ else
   -> error "Either luaossl or resty.openssl is required to generate random bytes"
 
 
-{ :md5, :hmac_sha256, :digest_sha256, :kdf_derive_sha256, :random_bytes }
+x509_digest = if pcall -> require "openssl.x509"
+  x509 = require "openssl.x509"
+  (pem, hash_type) -> x509.new(pem, "PEM")\digest(hash_type, "s")
+elseif pcall -> require "resty.openssl.x509"
+  x509 = require "resty.openssl.x509"
+  (pem, hash_type) -> x509.new(pem, "PEM")\digest(hash_type)
+else
+  -> error "Either luaossl or resty.openssl is required to calculate x509 digest"
+
+
+{ :md5, :hmac_sha256, :digest_sha256, :kdf_derive_sha256, :random_bytes, :x509_digest }

pgmoon/init.lua

@@ -306,8 +306,11 @@ do
     end,
     scram_sha_256_auth = function(self, msg)
       assert(self.config.password, "missing password, required for connect")
-      local random_bytes
-      random_bytes = require("pgmoon.crypto").random_bytes
+      local random_bytes, x509_digest
+      do
+        local _obj_0 = require("pgmoon.crypto")
+        random_bytes, x509_digest = _obj_0.random_bytes, _obj_0.x509_digest
+      end
       local rand_bytes = assert(random_bytes(18))
       local encode_base64
       encode_base64 = require("pgmoon.util").encode_base64
@@ -358,8 +361,7 @@ do
             if signature:match("^md5") or signature:match("^sha1") then
               signature = "sha256"
             end
-            local openssl_x509 = require("openssl.x509").new(pem, "PEM")
-            cbind_data = assert(openssl_x509:digest(signature, "s"))
+            cbind_data = assert(x509_digest(pem, signature))
           end
         end
         cbind_input = gs2_header .. cbind_data

pgmoon/init.moon

@@ -298,7 +298,7 @@ class Postgres
   scram_sha_256_auth: (msg) =>
     assert @config.password, "missing password, required for connect"
 
-    import random_bytes from require "pgmoon.crypto"
+    import random_bytes, x509_digest from require "pgmoon.crypto"
 
     -- '18' is the number set by postgres on the server side
     rand_bytes  = assert random_bytes 18
@@ -356,8 +356,7 @@ class Postgres
           if signature\match("^md5") or signature\match("^sha1")
             signature = "sha256"
 
-          openssl_x509 = require("openssl.x509").new(pem, "PEM")
-          assert openssl_x509\digest(signature, "s")
+          assert x509_digest(pem, signature)
 
       cbind_input = gs2_header .. cbind_data