Module digest

digest module perform digest operations base on OpenSSL EVP API.

Usage:

    digest = require('openssl').digest

Class openssl.evp_digest_ctx

openssl.evp_digest_ctx:list ([alias=true]) list all supported digest algorithms
openssl.evp_digest_ctx:get (alg) get EVP_MD digest algorithm object

This function retrieves a digest algorithm object by name, NID, or ASN1 object.
openssl.evp_digest_ctx:fetch (alg[, options]) fetch evp_digest object with provider support (OpenSSL 3.0+)
openssl.evp_digest_ctx:get_provider_name () get provider name for a digest (OpenSSL 3.0+)
openssl.evp_digest_ctx:__gc () free a fetched evp_digest object (OpenSSL 3.0+)
openssl.evp_digest_ctx:new (alg) get evp_digest_ctx object
openssl.evp_digest_ctx:digest (alg, msg[, raw]) quick method to generate digest result
openssl.evp_digest_ctx:signInit (alg[, object=nil]) create digest object for sign
openssl.evp_digest_ctx:verifyInit (alg[, object=nil]) create digest object for verify

Class evp_digest

evp_digest:digest (msg[, eng]) compute msg digest result
evp_digest:info () get infomation of evp_digest object
evp_digest:init (md[, eng]) initialize digest context with message digest
evp_digest:signInit ([object=nil]) create digest object for sign
evp_digest:verifyInit ([object=nil]) create digest object for verify

Class evp_digest_ctx

evp_digest_ctx:info () get infomation of evp_digest_ctx object
evp_digest_ctx:update (msg) feed data to do digest
evp_digest_ctx:final ([last[, raw]]) get result of digest
evp_digest_ctx:reset () reset evp_diget_ctx to reuse
evp_digest_ctx:data ([md_data]) retrieve md data
evp_digest_ctx:signUpdate (ctx, data) update digest context for signing operation
evp_digest_ctx:verifyUpdate (data) feed data for verify with signature
evp_digest_ctx:signFinal (private) get result of sign
evp_digest_ctx:verifyFinal (signature) get verify result
evp_digest_ctx:sign (ctx, data) get result of oneshot sign
evp_digest_ctx:verify (ctx, signature, to, signature) get result of oneshot verify


Class openssl.evp_digest_ctx

EVP_MD_CTX digest context object

This object represents an OpenSSL EVP_MD_CTX digest context. It is created using digest.new() and used for hash operations.

openssl.evp_digest_ctx:list ([alias=true])
list all supported digest algorithms

Parameters:

  • alias boolean include alias names for digest algorithms (default true)

Returns:

    table table of digest algorithm names — @see OpenSSL function: EVP_MD_do_all_sorted

Usage:

    -- Get all digest algorithms with aliases
local digests = digest.list()
for name, _ in pairs(digests) do
  print(name)
end

-- Get only primary names (no aliases)
local primary_digests = digest.list(false)
openssl.evp_digest_ctx:get (alg)
get EVP_MD digest algorithm object

This function retrieves a digest algorithm object by name, NID, or ASN1 object. The returned object can be used with digest.new() to create a digest context.

Parameters:

  • alg string, integer or openssl.asn1_object algorithm name, NID, or ASN1 object

Returns:

    openssl.evp_digest digest algorithm object

Or

  1. nil if algorithm not found
  2. string error message

See also:

Usage:

    local digest = require('openssl').digest

-- Get digest by name
local sha256 = digest.get('SHA256')

-- Get digest by NID
local sha256_nid = digest.get(672)  -- NID for SHA256

-- Use with digest.new()
local ctx = digest.new(sha256)
ctx:update('data')
local result = ctx:final()
openssl.evp_digest_ctx:fetch (alg[, options])
fetch evp_digest object with provider support (OpenSSL 3.0+)

Parameters:

  • alg string algorithm name (e.g., ‘SHA256’, ‘SHA512’)
  • options table optional table with ‘provider’ and ‘properties’ fields (optional)

Returns:

  1. openssl.evp_digest digest object mapping EVP_MD in openssl or nil on failure
  2. string error message if failed

See also:

Usage:

    -- Fetch with default provider
local sha256 = digest.fetch('SHA256')

-- Fetch from specific provider
local fips_sha256 = digest.fetch('SHA256', {provider = 'fips', properties = 'fips=yes'})
openssl.evp_digest_ctx:get_provider_name ()
get provider name for a digest (OpenSSL 3.0+)

Returns:

    string provider name

Or

    nil if digest has no provider or provider has no name
openssl.evp_digest_ctx:__gc ()
free a fetched evp_digest object (OpenSSL 3.0+)

Returns:

    nil always returns nil
openssl.evp_digest_ctx:new (alg)
get evp_digest_ctx object

Parameters:

  • alg string, integer or asn1_object name, nid or object identity

Returns:

    evp_digest_ctx digest object mapping EVP_MD_CTX in openssl

See also:

openssl.evp_digest_ctx:digest (alg, msg[, raw])
quick method to generate digest result

Parameters:

  • alg string, integer or asn1_object name, nid or object identity
  • msg string to compute digest
  • raw boolean binary result return if set true, or hex encoded string default (optional)

Returns:

    string digest result value
openssl.evp_digest_ctx:signInit (alg[, object=nil])
create digest object for sign

Parameters:

  • alg string, integer or asn1_object name, nid or object identity
  • object openssl.engine (default nil)

Returns:

    evp_digest_ctx
openssl.evp_digest_ctx:verifyInit (alg[, object=nil])
create digest object for verify

Parameters:

  • alg string, integer or asn1_object name, nid or object identity
  • object openssl.engine (default nil)

Returns:

    evp_digest_ctx

Class evp_digest

openssl.evp_digest object
evp_digest:digest (msg[, eng])
compute msg digest result

Parameters:

Returns:

    string result a binary hash value for msg
evp_digest:info ()
get infomation of evp_digest object

Returns:

    table info keys include nid,name size,block_size,pkey_type,flags
evp_digest:init (md[, eng])
initialize digest context with message digest

Parameters:

  • md openssl.evp_digest message digest algorithm
  • eng openssl.engine (optional)

Returns:

    evp_digest_ctx ctx

See also:

evp_digest:signInit ([object=nil])
create digest object for sign

Parameters:

Returns:

    evp_digest_ctx
evp_digest:verifyInit ([object=nil])
create digest object for verify

Parameters:

Returns:

    evp_digest_ctx

Class evp_digest_ctx

openssl.evp_digest_ctx object
evp_digest_ctx:info ()
get infomation of evp_digest_ctx object

Returns:

    table info keys include size,block_size,digest
evp_digest_ctx:update (msg)
feed data to do digest

Parameters:

Returns:

    boolean result true for success
evp_digest_ctx:final ([last[, raw]])
get result of digest

Parameters:

  • last string last part of data (optional)
  • raw boolean binary or hexadecimal result, default false for hexadecimal result (optional)

Returns:

    string val hash result
evp_digest_ctx:reset ()
reset evp_diget_ctx to reuse

Returns:

    boolean true on success, false on failure
evp_digest_ctx:data ([md_data])
retrieve md data

Parameters:

  • md_data string data to set (optional) (optional)

Returns:

    string or boolean if no parameter given, returns current md_data; if parameter given, returns boolean success status
evp_digest_ctx:signUpdate (ctx, data)
update digest context for signing operation

Parameters:

  • ctx evp_digest_ctx digest context
  • data string data to sign

Returns:

    boolean result
evp_digest_ctx:verifyUpdate (data)
feed data for verify with signature

Parameters:

Returns:

    boolean result
evp_digest_ctx:signFinal (private)
get result of sign

Parameters:

  • private openssl.evp_pkey key to do sign

Returns:

    string singed result
evp_digest_ctx:verifyFinal (signature)
get verify result

Parameters:

Returns:

    boolean result, true for verify pass
evp_digest_ctx:sign (ctx, data)
get result of oneshot sign

Parameters:

  • ctx evp_digest_ctx
  • data string to sign

Returns:

    string singed result

Or

    nil followd by error message
evp_digest_ctx:verify (ctx, signature, to, signature)
get result of oneshot verify

Parameters:

Returns:

    boolean result, true for verify pass

Or

    string singed result

Or

    nil followd by error message
generated by LDoc 1.5.0 Last updated 2026-02-12 13:58:19