PKI.js is a pure JavaScript library implementing the formats that are used in PKI applications (signing, encryption, certificate requests, OCSP and TSP requests/responses). It is built on WebCrypto (Web Cryptography API) and requires no plug-ins.
Hypothesis: when searching through SignedData.certificates, any IssuerAndSerialNumber.serialNumber from the same Buffer matches, since the Integer.isEqual check compares the whole buffer content instead of just the slices. I faced similar issues in: https://github.com/PeculiarVentures/pvtsutils/pull/13.
Example: https://github.com/sander/pkijs-buffer-bug
Hypothesis: when searching through
SignedData.certificates
, anyIssuerAndSerialNumber.serialNumber
from the same Buffer matches, since theInteger.isEqual
check compares the whole buffer content instead of just the slices. I faced similar issues in: https://github.com/PeculiarVentures/pvtsutils/pull/13.I could not reproduce this from within the PKI.js repository or with a local
npm build
artifact from https://github.com/PeculiarVentures/PKI.js/commit/80afe52d56a08fa0294a7ee5b1a7466e6b8cc6f3. So possibly the bug is caused by the particular build process that was used to release 3.0.15.