SHA-1 and HMAC-SHA1 Routines in Pure Lua
More Lua code

I've coded up SHA-1 Secure Hash computation and HMAC-SHA1 secure signature computation in pure Lua and thought I'd share them in case anyone else would find them useful.

Download sha1.lua
Version 1: May 28, 2009

Lua is a pathetic, horrid, turd of a language, and I associate with it only because it's the language that plugins for Adobe Lightroom must be written in (and I've written quite a few plugins for Adobe Lightroom).

As you might imagine, the SHA-1 algorithm and the HMAC-SHA1 algorithm each involve a lot of integer bit fiddling.... shifts, xor, and and or galore – features not supported by Lua. Heck, Lua doesn't even have integers! So while coding this up, I felt as if I were chiseling NAND gates out of rough blocks of silicon.

The result is not super fast – the SHA-1 computation on a 10k-byte message takes about 2 seconds on a circa-2008 mid-level server – but it should be plenty adequate for short messages, such as is often needed during authentication handshaking. I use these routines to good effect, for example, in providing Twitter support for some of my plugins.

(Update: see this comment below for a different routine that trades a bit of up-front cache-building to allow for a claimed 10x speed improvement. If your SHA-1 needs are more demanding than mine, that library might be much preferable to my library.)


Comments so far....

May be you can express this as a complain to Adobe? Lua has a few implementations for bitwise operators but all of them are as add-in (modules) – like bitlib or BitOp. It would be nice if Adobe will give either the possibility to load modules in LR Lua or at least bundle it with one of those bit packages since I think encryption/signing when uploading to the sites during export really needs it.

I do applaude you for your Herculean effort doing this – I would never had breavery to implement something like that from scratch and in a pure Lua

— comment by Alex on June 2nd, 2009 at 6:52pm JST (4 years, 10 months ago) comment permalink

My hat goes off to you Jeffrey! You are prolific and it’s all quality stuff. Thanks for sharing your efforts with us!

— comment by Matt Dawson on June 2nd, 2009 at 8:34pm JST (4 years, 10 months ago) comment permalink

Thanks a bunch you have really saved me some handwringing

— comment by Sam on June 2nd, 2009 at 10:57pm JST (4 years, 10 months ago) comment permalink

“Lua is a pathetic, horrid, turd of a language” – you have absolutely no clue… (I develop professionally in Lua and C for a living).

it´s the fastest scripting language in existance, very clean syntax, very portable, very good basic concepts. People who have no feeling for programming language elegance should stay away from the field. Next version will have the bitops builtin (currently already available as libraries – if Adobe doesn’t ship them, it’s not Lua’s fault), and Lua can be compiled with fundamental data type ‘integer’ (if Adobe didn’t do it, they will have their reasons, again has nothing to do with Lua). Plus you seem to have no clue about today’s CPUs floating-point performance…

And of course over 40% of Lightroom are written in Lua, google for what lead developer Mark Hamburg has to say about it. Why would the professionals at Adobe select a “pathetic, horrid, turd” as part of their implementation environment, hmmm , Mr. Hotshot? That´s right, because they do understand what Lua is good for: as the best embeddable extension language for large application out there.

Get a clue, man, and learn to use Google and read a few papers!

Having been a professional programmer for more than 25 years, developing real stuff in dozens of languages, alone and in large groups, I stand by my assertion that Lua is a pathetic, turd of a language. Pathetic! It’s seems to be designed from the ground up to foster unmanageable, buggy code that’s difficult to track down. Clearly, I’ve found a way to deal with it in my own development (I wrote my own Lua compiler that includes a lot of error checking and reporting), but it seems the original language designers (if you can call it “designed”) never even considered the concept of typos and debugging. Come back and leave a comment after you get some years of experience under your belt, and I suspect the tone will be quite different. (And BTW, FWIW, Mark left Adobe a long time ago. Oh, and another thing: performance is not the only reason one might choose between integer/floating point… some people actually do it for the different mathematical semantics.) —Jeffrey

— comment by LuaUser on June 24th, 2009 at 7:28am JST (4 years, 10 months ago) comment permalink

I always find it amusing that someone feels strongly enough to comment about an issue, but will only do so anonymously with no way to identify them or have a meaningful debate. Makes it a little difficult to take LuUser seriously. If you won’t put your name to a comment, then don’t make the comment.

There is only one point in the previous comment I’d take seriously. That is “if Adobe doesn’t ship them, it’s not Lua’s fault”. Some of the difficulty we face is because LUA’s capabilities are fully accessible via the Lr SDK. But I’ll refrain from commenting about how that impacts Jeffrey’s original assertion. I don’t have enough experience with the language to feel qualified to comment on that yet, but I feel that Jeffrey has earned that right.

— comment by Matt Dawson on June 24th, 2009 at 8:12pm JST (4 years, 10 months ago) comment permalink

Honestly? Jeffrey, you may want to consider Lua’s background for just a moment before you go off on your malevolent tangent about Lua’s poor preformance. Consider that it is a fairly _new_ open source project that has great potential and is currently one of the fastest and most flexible scripting languages available. If you’re so confident Lua is poorly built (what with all your overly harsh, fustration spawned words) then please recommend a better scripting language, and don’t say python. Many companies have used Lua and many people who actually adapt to the changing world would disagree with you strongly. Bitwise operators and alot of other features are intergrated into the next version, but who cares? You can compile your own version of Lua, to do what you want, as you know, with a very simple API as well, it should be any developer’s number one choice for an intergrated scripting language. You really should keep up with modern technology.

Lua is a pathetic language, and being fast doesn’t change that. Lua’s design puts up roadblocks to good software development at every turn, causing the programmer to have to perform gymnastics just to do what should be simple. Want to abort the current iteration of a loop and start the next? Can’t do it. It’s like having an if but no else…. having an else doesn’t allow you to do anything that you couldn’t do without it, but it makes writing programs much easier, and more importantly, makes reading programs much easier.

It’s funny that those who defend Lua fall back to the vague insult of “you aren’t up with the times”. I thought modern technology was supposed to be an improvement over what came before, but Lua, apparently designed by someone with good intentions but a clear lack of real programming experience, falls short. —Jeffrey

— comment by Mark Overmars on July 14th, 2009 at 1:52am JST (4 years, 9 months ago) comment permalink

Lua is a pathetic, horrid, turd of a language ????

It’s the best script language…. Programmer use it for game programming (it’s very fast) and it’s the best script for use with C language…

— comment by Ornix Dev on August 8th, 2009 at 7:46pm JST (4 years, 8 months ago) comment permalink

Regarding Lua. I just started using it (I have experience, not much, with c, c++ and python) and I like it very much.

The lack of continue statement, arrays starting at 1, only one number type support, all have their (IMO good) reasons as you can read on the mail list / website. Also, the next version will feature bitops support, as others have already said.

What bothers me the most is the fact that all variables default to global, and the lack of builtin utf8 support coupled with the willful insistence that it is not a real problem.


— comment by dave berk on October 28th, 2009 at 6:30am JST (4 years, 6 months ago) comment permalink

“Want to abort the current iteration of a loop and start the next? Can’t do it. It’s like having an if but no else…. having an else doesn’t allow you to do anything that you couldn’t do without it, but it makes writing programs much easier, and more importantly, makes reading programs much easier.”

It’s absolutely wrong: you can break the current iteration of a Lua loop.

Really? And start the next iteration of the loop? Really? Oh, do let us in on the secret!

It just shows you didn’t read a single line of the Lua virtual machine source code.
In the end this sentence definitely demonstrates you didn’t get a single concept of the Lua language foundations which are (from my point of view) amazingly stronger & more reliable than ECMAscript and Python ones but they remains useful languages. Whatever it’s not amazing for an Adobe plugin programmer.

The day you’ll write your own script interpreter and your script language grammar, you may say you’ve done something better than Lua authors. But if that day comes (and I don’t think so) then I guess you’ll find tones of pissed off programmers to say you wrote a pathetic useless thing …

To make you think further about that you can just ask yourself why so much AAA games are using Lua when their programmers don’t have the time and/or the knowledge to write their own script language and its interpreter ?

So you don’t like Lua ? Just by reading your article I can say I would probably don’t like you if I meet you.

Just a bit touchy today, aren’t we? —Jeffrey

— comment by I_Dont_Like_Adobe_Plugin_Programmer on January 13th, 2010 at 2:23am JST (4 years, 3 months ago) comment permalink

“Want to abort the current iteration of a loop and start the next”

Actually what you suggest here is just silly : if you can break the current iteration of a Lua loop then you can start the next iteration of this loop. There should be about 3 ways to do that with pure Lua script code and probably more through the Lua C API.

A Lua programmer has no access to the C API, and even if they did, though I’ve never looked at the details, I strongly doubt that they can modify basic core language constructs like a continue statement. But not that it matters… the Lua programmer is limited to what the application provides. But you say that there are “about 3″ ways to do it… I’d like to see one… but it doesn’t exist.

Languages that allows what you talk about here just include some additional syntactic sugar which I consider unnecessary as a Lua programmer. But if some day I want to touch myself with a new syntactic sugar tip of this kind then I would probably write it by myself.

By the way, further anonymous acerbic comments that are as pathetic as Lua is a language will just be deleted, so if you want to start a real conversation, please do, but if you just want to continue to be a jerk, you’ll have to find some other place to do it. Try myspace. —Jeffrey

— comment by I_Dont_Like_Adobe_Plugin_Programmer on January 13th, 2010 at 2:33am JST (4 years, 3 months ago) comment permalink

I don’t want to start a discussion. I just want to point out your ignorance

i_am_a_noob = true, true

while i_am_a_noob do 
   while i_am_a_noob do -- or [for i=1,10 do] if you need to ask 
                                            -- yourself 10 times if you are a noob to know you are
         local i_am_a_noob = am_i_a_noob()
         if my_stupid_break_condition_coming_from_where_you_want then
            i_am_a_noob = true

Ignoring your crass manners for the moment, are you actually suggesting that this is good code? This is the best that best can be? My goodness, it’s no wonder that Lua is the pathetic language it is. But thank you for the chuckle. Please come back after you get some real-world programming experience under your belt (and maybe a touch of civility, too). Until then, you’ll have to find a different sandbox to play in. Have fun. —Jeffrey

— comment by I_Dont_Like_Adobe_Plugin_Programmer on January 13th, 2010 at 6:33pm JST (4 years, 3 months ago) comment permalink


Sorry to hear your troubles with Lua, I think a lot of the troubles you are having with Lua are because the language wasn’t intended to write low-level algorithms like SHA-1. I think that if you had learned the language from a different context (like using it as a language embedded in your program) you would have had a better experience.

Some things that I personally like about Lua are:

* coroutines – Enables my event loop programs to appear linear (similar to lisp’s call/cc).
* Small/Simple – This is important when embedding.
* Garbage Collection – Not reference counting like Perl!
* Well Documented C API – Can’t say that about Perl (`man perlguts`).

I loved your book on regular expressions, perhaps the next edition could even talk a little about lua’s patterns?

BTW, break is mentioned in the manual here:


Issaquah, WA

First of all, let me thank you for not calling me nasty names. :-)

I know about break, thank you…. it’s continue or next whose absence I find inexcusable in a non-toy language. Its omission can severely reduce the readability of code.

And I *am* using Lua embedded in a program…. in Adobe Lightroom… I have more than a dozen plugins, most with 100k lines of Lua.

Lua has built-in arc-cosine, but no bitwise AND? In an embedded language? Where’s the sense in that? Had the Lua designers spent the extra 10 minutes to add Math.xor() and friends, and a half an hour to add and document some kind of “continue”, that would have gone a long way toward avoiding people thinking that they are pretty clueless about real-world programming.

All in all it strikes me as if they wanted to play around with some interesting core ideas, and left the rest of the language at whatever minimal state their disinterest left it in. While engaged in this endeavor they just happened to want to do something that involved a lot of geometry, so they added a bunch of Math stuff. Had they been sick that day, the Math library would be much smaller. That’s how it all strikes me…. monumentally haphazard. —Jeffrey

— comment by Brian Maher on January 13th, 2010 at 11:29pm JST (4 years, 3 months ago) comment permalink

Lua was designed as a small language for embedding in applications, not for standalone use. So it does not scratch every itch a programmer may have, you add your own functionality when you need it (which includes an object system). I’ve added SHA-256, date arithmetic and other stuff without trouble, and it’s definitely easier than adding extensions to Python, which I have done too, I’ve written large apps in a combination of Python and C, and I would do the same with Lua.

I seriously doubt that Adobe wrote their image manipulation routines in Lua. If their implementation in LR does not allow 3rd parties to add their own C extension libraries you need to take that up with them. Writing SHA1 or any crypto code in Lua is an inappropriate use of the language.

The ‘continue’ issue is a matter of taste, a correct implementation of tail recursion is more important to me, as is a decent garbage collector and a lack of bloat. I suggest writing some programs in a pure functional language just to get a new perspective, you don’t even get ‘while’ :-)

Writing SHA-1 is an inappropriate use of the language? Miss Manners is now reading tech blogs? :-) Indentation is a matter of taste. How one capitalizes identifiers is a matter of taste, but basic language constructs are just that, basic language constructs, and if you don’t have them, you have to go through verbose and awkward hoops whose complexity can increase dramatically in very short order. It’s just another example of how Lua is not designed for creating readable code. (A lot of popular languages have designs that do not encourage or facilitate readable code, but that doesn’t mean it’s not a problem.) What might be a simple, clear, 10-line loop in most any other language can become a deep, cumbersome rats’ nest of conditionals in Lua. There’s a reason we don’t program with nand gates. —Jeffrey

— comment by on January 16th, 2010 at 12:14am JST (4 years, 3 months ago) comment permalink

Great, thank for you effort, i test it and ill include into a own librarie for freeswitch.


Regards from Mexico

— comment by Arturo Monroy on February 24th, 2010 at 2:34am JST (4 years, 2 months ago) comment permalink

You should just try embedding Lua in a c/c++ program and see what you think. Just try it. Seriously.

Once you’ve done this, and looked through the code, and added your next and continue statements if you wish, you might have a different take on it. You might realize that when the Adobe programmers embedded the scripting language they might not have done things as nicely as is possible, or that they didn’t envision someone trying to code an SHA-1 hash on the wrong side of a script engine. Lua has the capability to load external libraries, just code one up using the examples provided in the free docs, load your library and away you go.

I’ve spent 29 years programming in assembly for the 6502 and 80×86 processors, various flavors of BASIC, COBOL, PASCAL, C/C++, Java, Lua, various shell script systems and I’m telling you that Lua is most assuredly not the worst scripting language you could use. A significant number of game projects use it – and everyone who’s ever worked on one knows that performance is something of an issue there. I hardly consider any amount of experience with Lua as an extension to a single application as definitive; there are just too many different ways to handle the embedding and too many ways to hamstring your own performance.

Just work with it outside of your one-application frame of reference and you might actually like it, that’s all I’m trying to say. Your original post is reminiscent of saying that you hate Chinese food because the only restaurant you ever tried it at stank. I’m sure that if I really tried I could do an even worse embedding job than Lightroom’s (theirs is probably pretty good, just not intended for what you did with it). Adobe Lightroom isn’t what I would call “framerate intensive” so I’m sure they weren’t too worried about blazingly fast implementations.

I appreciate your take on things (I have similar experience as you, though no COBOL in my playbook), and I agree that Lua is not the worst scripting language, in absolute terms nor for this specific situation. But that doesn’t mean it’s good in either context, either. Lua was apparently designed by someone without the kind of experience we have… I just can’t imagine a competent engineer designing this language. It has some wonderful attributes and areas of beauty, but it’s not at all designed to be used in the real world. (It *is* used in the real world, and hence my complaints.) —Jeffrey

— comment by Richard Ranft on April 11th, 2010 at 11:37am JST (4 years ago) comment permalink

Hi! Thanks for sharing your code, regardless of whether you love Lua or not.

A simple question: what’s the software license with this? Are there any constraints on re-use, redistribution that you’d like respected?

Feel free to use it as you like. —Jeffrey

— comment by Dan Brickley on May 3rd, 2010 at 3:01am JST (3 years, 11 months ago) comment permalink

Amen, brother!

I’ve been working on our first commercial Lua plugin (for iPadLightroom synchronization), and after ~15k lines of lua code and far too many hours banging my head against the wall, I can’t agree with you more here. Perl’s tagline is sometimes “Making the easy things easy and hard things possible”; lua’s tagline has to be something along the lines of “Making the easy things hard and the hard things impossible”. It’s atrocious. And using it within the confines of Lightroom is even more so.

I’ve been programming professionally for 18 years- everything from esoteric and academic languages such as ML and Prolog to modern OO languages. Never have I experienced as bad as lua. To say it’s poorly designed is an understatement; you’ve put it in better words than I’ve been able to muster.

What’s more frustrating is Adobe’s incomplete Lightroom exposure of basic lua functions. Want to check an environment variable? Good luck. Want to track background threads? Have fun with that. And on and on. To the person that commented that “it’s not lua’s fault” … that may be, but lua is the language you’re forced to work in if you’re going to integrate with Lightroom.

As an aside, I did perl work for a few years, and your Regex book was my bible – even more than the perl “camel book”. Glad to see you still producing good, quality stuff for the community, even if it’s in lua…

— comment by Chris Horne on December 14th, 2010 at 4:29am JST (3 years, 4 months ago) comment permalink

Hi Jeffrey,

If you need a bit more speed on handling sha, you might want to look at the implementation I did based on yours (well, the tests are from your code, the rest is mostly rewritten). It’s roughly about 10 times faster, so it might be of interests for other users as well.


Greetings from Germany,

Look very cool… I don’t need the speed for my uses so don’t need to trade off for the upfront work and for the space your approach uses, but most people will probably find yours to be much preferred. Thanks for sharing! —Jeffrey

— comment by Zet on January 5th, 2011 at 3:52am JST (3 years, 3 months ago) comment permalink

Lua definitely has its blemishes and it’s far from perfect. And, I think on some fronts like the continue keyword they would likely have included it in earlier version if it weren’t for some problems it would introduce like breaking the semantics of repeat..until. It lacks some features and patterns and leaves them to the end developer or whoever is embedding Lua in another application to provide. Some of these are irritating because it leads to a lack of consistency in how people implement things like object orientation, etc…

All that said, the designers of the Language have very clearly stated on many occasions that they’re _not_ trying to please everybody. The goal of the language is not for it to work everywhere in every context. For example, it probably wouldn’t make a great language for numerical simulations, though you could probably use it for that.

If you’re interested in listening to Roberto talk about some of the tradeoffs, he gave a talk at Stanford last year:
video (windows media streaming) and slides.

I really don’t think you can accuse the current version of being thrown together haphazardly, especially given some of it’s technical feats and some of the rather nice and beautiful features it has. Lua 5.x is the first register-based VM to get widely used, and the 5.x design has been a major influence in the last few years’ rounds of JavaScript engine optimizations we’ve seen. That said, I’m damned sure Roberto and others who work on Lua regret some of the early language decisions that they now can’t take back. These, are, I think the sources of some of some of the more minor irritations you’ve expressed in some of the comments above.

I think Adobe also shares some significant blame in how easy it is to work with the Lua that they’ve embedded. I’ve personally have not worked with pure Lua codebases of the Length it sounds like your plugins approach (100kloc+), but having worked with Lua in separate contexts where _I_ was doing the embedding or working with it standalone, I can definitely say I was not hugely impressed with what I saw when I grabbed the “SDK” for Lightroom (after noticing it was extensible through Lua), and I don’t envy having to try and debug code within what looked to be that rather limited and sandboxed environment. One of the things that’s really nice about it is the C API and how easy it is to extend (certainly there are those who complain about the C API being stack based, but whatever, I disagree with this). It’s really dead simple to add functionality to Lua with C code.

Also, here’s SHA224/SHA256 with the availability of the bit functions in Lua 5.2. It looks a fair bit less painful.

— comment by James Snyder on May 4th, 2011 at 8:56am JST (2 years, 11 months ago) comment permalink

As a side note, related to an earlier comment, as far as I can tell, Mark Hamburg has returned to Adobe as of about a month after the comment referring to him having left Adobe “a long time ago.” Here’s a current link to his LinkedIn. This needn’t be a separate comment, but whatever. Here’s John Nack’s post on it.

— comment by James Snyder on May 5th, 2011 at 6:24pm JST (2 years, 11 months ago) comment permalink

Hi Jeffrey,

Thank you for the code. Yamaha sells many routers in Japan and has top share for smaller business. The Yamaha routers has Lua scripting feature to control the configurations such as routing. Your script was quite useful when I implemented a script that hits AWS (Amazon Web Services) APIs on Yamaha routers.

Doi, Koichiro

— comment by kdoi on August 27th, 2011 at 3:58am JST (2 years, 8 months ago) comment permalink

“…but basic language constructs are just that, basic language constructs, and if you don’t have them, you have to go through verbose and awkward hoops whose complexity can increase dramatically in very short order. It’s just another example of how Lua is not designed for creating readable code…”

Lua now has bitwise operations and goto statements, with which you can implement continue and various other useful control structures.

Some friendly advice: ranting and hurling abuse like this doesn’t make you look like you think it does. You see wise, experienced veteran who suffers no fool. Your readers actually see a cranky charlatan with poor social skills and too little self-control.

— comment by Ryan on October 13th, 2012 at 3:06pm JST (1 year, 6 months ago) comment permalink

Intresting thoughts

Firstly I want to say that I didn’t recognize your name first. (not until i read all comments and relized I have used you as a source multiple times)

When I first read your post I just thought that you where one who had not understood the construct of Lua. I have created a few plugins to other applications of 25k+ rows of code so I have a few hours of experience as well (But I have not written much lua for the last 8 years so latest version i really used was 4.1. I still think some of the constructs of the language is beautifull, tables for example).

But after a fast short studdy of your code I understood that you still got the essense of Lua but still loathed it. So I started to think of how many hours and how much effort I have put in because of the missing features of continue/next statment and got to the conclusion that you are right about this. I also read that in 5.2 there is a goto statment that will help this a bit but it will still not be as clean as I would like to.

When it gets to bitwise operation I honestly think it is a shortcomming of the Lightroom implementation not to allow for loading modules, because it would have solved your problem. (you could have written the full SHA1 check in C++)

And all in all I think that lua is really a great tool when used for the right tasks. Calling it “Lua is a pathetic, horrid, turd of a language” is a bit harsh IMHO.

//bengt from Sweden

— comment by Bengt Ellison on December 14th, 2012 at 6:06am JST (1 year, 4 months ago) comment permalink

Speaking as a novice/hobby coder, I read through this thread, finding myself needing to bite my tongue at the impulse to defend Lua, something that it doesn’t need and I am poorly equipped to do, but as I continued to read this, it struck me. I know that choice of language is deeply subjective, you pick the tools that suit your needs and that fit you. With that thought in mind, I found myself surprised at what I found myself learning.

For me, Lua has been a wonderful set of training wheels, and gateway for helping me to understand different aspects of programming. On the one hand, working with it has encouraged me to take up an interest in C programming, while at the same time, lisp inspired abstractions such as first class functions and lexical scoping have opened the doorway to begin understanding the functional paradigm.

I asked myself, “Why would the absence of a ‘next’ statement be such a deal breaker, when I have not only ‘break’ but perfectly adequate loop implementations that involve tail recursion or co-routines?”.

The answer that came to me is that, if you want to produce solid, stable code using well established imperative coding style, such as is necessary when coding in C, higher level abstractions like functional produce really bad code smell. (Yes lisp or haskell can be fast, but can you reliably ensure optimized code with them without a LOT of blind trust in your compiler?).

Lua is very much a language that is a jack of all trades and master of none (configuration and embedded glue-code notwithstanding). Few other languages allow you to blend so many paradigms together (OOP, functional, imperative) with such a simple syntax. Yet with that said, I can very much respect that this flexibility is what makes Lua an inappropriate tool for someone’s needs, or at least incomparable with their coding style. Furthermore, I can also respect that they’re willing to share what Lua source they have made, regardless of a low opinion of the language.

I know this is off-topic, but I’m grateful for the opportunity to glimpse one of my own favorite languages through the eyes of someone I realize is a hell of a lot more experienced than I am at actually producing code.

— comment by C4Cypher on December 22nd, 2012 at 1:14pm JST (1 year, 4 months ago) comment permalink

One tip for people who which to use SHA1 in LUA scripting.

If your back-end is MySQL (or probably any SQL) then you can use the SQL SHA1() function.

SELECT SHA1( ’1234′ ) AS `encrypted`;

Personally I use LUA for ultra-fast PBX scripting. One server should be able to handle about 1200 calls per minute and LUA is offering the performance that we need. I like the language because it’s light, clean and simple, but still powerful enough to get the job well done.

Happy coding!

— comment by Thomas Lobker on January 13th, 2013 at 10:08pm JST (1 year, 3 months ago) comment permalink

I’d agree with Ryan above…you’ve done yourself no favours with this obscene rant. You may know your coding, but you’ve sill got a lot to learn about civility and good manners.

— comment by BJG on January 20th, 2013 at 6:25pm JST (1 year, 3 months ago) comment permalink

I’ve looked far and wide for a better high level language that doesn’t rely on .net or the java runtime, and I have yet to find one. If I accepted one of those run-times, I would probably find a better language than lua somewhere in there…but barring that, lua is the fastest, cleanest high level language I’ve seen.

— comment by LuaUser2 on February 24th, 2013 at 6:37am JST (1 year, 2 months ago) comment permalink

Wow, I have seen some assholes in my day but you sir take the cake. It is a shame your intelligence is inter-twined with such a self delusional of absolute greatness and programming divinity.

You must lead a charmed life if a different opinion about language design is the biggest distress you run in to. You have my admiration. —Jeffrey

— comment by SamOrlando on March 2nd, 2013 at 10:17am JST (1 year, 1 month ago) comment permalink

Hey. Thought to post here too. Lua is indeed pretty horrible language, regardless of what the protectionists tell… But either way. I would like to thank you for this great library. I really needed it and it was like a gift from heavens. :D

Thanks again!

— comment by Suva on May 9th, 2013 at 5:05pm JST (11 months, 7 days ago) comment permalink

Lua is like a box of chocolates, you never know what you are really going to get with each implementation of it.

I’ve just started down the Lua rabbit hole, and I can tell you I do miss the things that were mentioned above, things that you see if other languages.

The implementation I’m using is on the Vera 3 Z-Wave home automation controller, with a UPnP framework cobbled onto it, so it is called LUUP (Lua UPnP). It works, but there are some basic implementation errors that make things buggy (just look at the form for the vendor and you will see what people are talking about). Since it is an implementation on an embedded system, I suppose it could be worse, since it does work and let you do some interesting things.

Anyways, thanks Jeffrey for spending the time to put together this code, I may find it useful sometime in the future (or even the “optimized” version that was listed in the comments).

— comment by James Brown Is Dead on August 13th, 2013 at 12:42am JST (8 months, 4 days ago) comment permalink

Hi there,

I did a bit of code cleanup over the optimized version by Zet. It can be found here:


Notes about the cleanup:

* I made the lib compact; it doesn’t write any values on the global scope
* Removing the print statements from the tests increased the speed from 8 seconds to less than 2.
* Speaking of which, I’m using busted to execute the tests. They are on a separate file now
* I also removed unused debug functions and changed spacing a little bit.

Thanks for starting this up, and best regards!

Enrique, from Spain

— comment by kikito on August 30th, 2013 at 8:59pm JST (7 months, 17 days ago) comment permalink

Could you please tell me more on why you think that Lua is a “pathetic, horrid, turd of a language” ?

And please don’t reply telling me that you are a pro and have 100 year on programming and that I should understand more about programming languages, we both know that that is, in some way, not an answer.

Tell me way you think that about Lua.

Besides what I’ve mentioned above (which is more than enough to illustrate that Lua shouldn’t be used for serious work… the lack of a “continue” is inexcusable, and the lack of bitwise operators is facepalm-worthy), the lack of increment/decrement operators is another code-readability fail. It’s just poorly designed. Its closures and metatables are cool, though. —Jeffrey

— comment by Anugar on September 12th, 2013 at 5:31am JST (7 months, 5 days ago) comment permalink

(I don’t know how to reply to your comment so I’ll post another one)

Indeed continue is missing in Lua but the creators said why (uFAQ: http://www.luafaq.org/#T1.26) but there are always some workarounds for that, such as using goto or an if statement inside a loop:

for i=1,10 do

for i,v in ipairs(a) do if i~=5 then --server as continue print('a['..i..']='..v) end end
for i,v in ipairs(a) do if i==5 then goto continue end --server as continue print('a['..i..']='..v) ::continue:: end

(goto is available since 5.2.0-beta-rc1)

Both for loops above show examples of how you could simulate a “continue” in Lua.

The missing increment/decrement operators aren’t included in Lua because they are “++” and “–” and as you might know “–” is used for commenting in Lua and as always there are workarounds, you could do a “while” loop for “++” and “–”:

while i < 11 do
   --Code here


while i < 11 do
   --Code here

As you can see there ARE a lot of functions that are missing but the thing about Lua is that you can make them yourself, you can write any kind of code syntax in Lua and that, in my opinion, is where the magic is.

Dispite all those the only code that really isn't there with no way of recreation are the operators "+=","-=" and others, thing is those aren't really programming languages functions, they serve to "write less", for "fast typing" you could say. Even thought that they could be helpful that's all, helpful (There is a Costume Lua build that has them, but it's not official and it requires recompiling)

There's always something unique for every programming language out there and, I gotta agree, the unique part on Lua is the meta stuff.

I know you can do workarounds… the problem is that you have to.

Given a particular machine, the only reason to use high-level languages instead of raw assembler is to ease development and clarity. If you require, for example, all numeric values to be expressed in binary, you can still do everything you can do were you to have base-10 notation available, but it’s not as easy to write nor clear to read. That’s why programming languages let you express numbers in base 10. The same can be said for looping constructs like “while” and “for” and “until”…. all you need is “goto”, but looping constructs make development easier and code more clear.

There’s no clear line between “really essential language component” and “nice to have”, or between those and “language bloat”, but I think most programmers would consider a “continue” to be “essential”. (That “goto” was not added until the language had been around for 20 years illustrates my complaint about the mindset of how it was designed. The same can be said for the choice of “–” as the comment indicator at a time when the usefulness of a decrement operator was well apparent.)

Clearly it’s a religious thing for some people, but it’s just a language; I’m not suggesting that the folks who designed Lua are bad people, just bad language designers.

— comment by Anugar on September 12th, 2013 at 8:52am JST (7 months, 5 days ago) comment permalink

From what I read you called Lua pathetic just for the lack of design, nerds are usually ugly but they are smarter than all of us* (take it as a metaphor not as a fact)

Lua is a great language because it let’s you do everything other languages do, and most of the time, faster.
I’d say that your choice of word was not the best to describe Lua but in the end I’m guessing it all comes down to opinion.

So if you ask me which one I’d prefer, a good looking or an ugly nerd I’d choose the one that’d fit my needs the most, which is (programming language specs:) unlimited number of syntaxes creations and coding freedom, lightning fast building, ease of use and small it terms of size (Lua’s size is relatively small compared to other mainstream languages out there), you might have other preferences.

That said what you said was more of fanboyis* of other languages design you’ve used, you ignored some of the good aspect of Lua and and in the end you just criticised the design and not the language as a whole. I don’t criticise other languages because they are all good but they [currently] are just not for me.

I don’t understand what you’re trying to say. A cup that leaks when you try to use it is a poorly-designed cup, regardless of how many other nice features it has. Lua’s design makes easy things gratuitously difficult, creating needlessly-complex code that’s harder to read than a reasonable language should encourage. Of course the language has nice aspects to it, but they do not lessen the facepalm nor impact of its poor design. —Jeffrey

— comment by Anugar on September 12th, 2013 at 10:47am JST (7 months, 4 days ago) comment permalink

Lua isn’t a leaking cup, and you might call it complex but for me it’s easier than other languages I’ve tried, there’s always a need to do int or void main() and add some “int argc, char* argv[]” junk to the main function of you C++ code and you even need to include the libraries you want, can’t print out messesges without the apropriated “include”, that is what I call needless and utterly useless for my coding needs.

In Lua you don’t need any any of those to write anything, there are “requires” but those are additions to the language, everything you need to start coding is already in you project right from the start, all you need to do is to type away, theres no need for useless “using namespace std;” or “#include” just to print out a messege.

— comment by Anugar on September 12th, 2013 at 8:33pm JST (7 months, 4 days ago) comment permalink

Having been a professional programmer for more than 25 years…

Oh, and another thing: performance is not the only reason one might choose between integer/floating point… some people actually do it for the different mathematical semantics.

You obviously haven’t learned much in those 25 years. A double precision floating-point value (which is what Lua uses by default) can represent any integer up to 52 bits *exactly* and if it holds an integer, it has the *exact* same semantics as a native integer *by design*.

You’re confusing my use of “semantics” for “precision”. They are not at all the same. —Jeffrey

— comment by Ryan on December 22nd, 2013 at 8:32am JST (3 months, 26 days ago) comment permalink

Fabulous nerdy, geeky thread.

Thanks for the code, Jeffrey. It’s not so easy to find good Lightroom SDK examples, yours have been proving very useful.

And for the plugins, of course.


— comment by Kim on December 25th, 2013 at 9:04pm JST (3 months, 22 days ago) comment permalink
Leave a comment...

All comments are invisible to others until Jeffrey approves them.

Please mention what part of the world you're writing from, if you don't mind. It's always interesting to see where people are visiting from.

More or less plain text — see below for allowed markup

You can use the following tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Subscribe without commenting