RSASSA-PKCS1-v1_5 sign error
kloepper opened this issue · 3 comments
I am not able to use RSASSA-PKCS1-v1_5 keys to sign data. I wrote up a simple test to demonstrate the issue:
https://github.com/kloepper/sign_test/blob/master/sign_test.js
The signTest() function works correctly in a browser.
The output from running ./sign_test.js:
at RSASSA_PKCS1_v1_5.sign (/sign_test/node_modules/@trust/webcrypto/src/algorithms/RSASSA-PKCS1-v1_5.js:81:19)
at Promise (/sign_test/node_modules/@trust/webcrypto/src/SubtleCrypto.js:115:40)
at new Promise (<anonymous>)
at SubtleCrypto.sign (/sign_test/node_modules/@trust/webcrypto/src/SubtleCrypto.js:106:12)
at signTest (/sign_test/sign_test.js:12:41)
at process._tickCallback (internal/process/next_tick.js:68:7)
at Function.Module.runMain (internal/modules/cjs/loader.js:745:11)
at startup (internal/bootstrap/node.js:236:19)
at bootstrapNodeJSCore (internal/bootstrap/node.js:560:3)```
I have been following the examples here:
https://github.com/diafygi/webcrypto-examples#rsassa-pkcs1-v1_5---sign
After inspecting the code, I found a work around by calling sign() with the first argument of { name: "RSASSA-PKCS1-v1_5", hash: { name: "SHA-256" } } instead of simply "RSASSA-PKCS1-v1_5".
Is it possible that the change of behavior was introduced by this commit?
ca57633#diff-e6a8c985dc7a75d1c38ce1c93a2ffddc
The #67 commit was a fix to an improper access of parameter from the initiated RSASSA_PKCS1_v1_5 class object, so this fix is working as intended. In terms of api call, both webcrypto and crypto requires the algorithm name be encapsulated as an object attribute, so {name: "RSASSA-PKCS1-v1_5"} should be the bare minimum required to instantiate a RSASSA_PKCS1_v1_5 object for signing purposes. Ideally this should have a hash attribute as well, but that is an acceptable omit.