From c0b546db85ca16a667852bd1ae74aa600628c9d5 Mon Sep 17 00:00:00 2001
From: Zachary Hu <zachary.hu@konghq.com>
Date: Tue, 28 Jun 2022 12:25:57 +0800
Subject: [PATCH] set correct signarue digest name when using ECDSA cert. Make
 sure `lua-resty-openssl` is bumped to 0.8.10.

---
 pgmoon/init.lua | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/pgmoon/init.lua b/pgmoon/init.lua
index 9b902c8..560d66b 100644
--- a/pgmoon/init.lua
+++ b/pgmoon/init.lua
@@ -401,9 +401,13 @@ do
               local server_cert = self.sock:getpeercertificate()
               pem, signature = server_cert:pem(), server_cert:getsignaturename()
             end
-            signature = signature:lower()
             if signature:match("^md5") or signature:match("^sha1") then
               signature = "sha256"
+            else
+              local objects = require("resty.openssl.objects")
+              local sigid = assert(objects.txt2nid(signature))
+              local digest_nid = assert(objects.find_sigid_algs(sigid))
+              signature = assert(objects.nid2table(digest_nid).sn)
             end
             cbind_data = assert(x509_digest(pem, signature))
           end