search

PeculiarVentures / x509

@peculiar/x509 is an easy to use TypeScript/Javascript library based on @peculiar/asn1-schema that makes generating X.509 Certificates and Certificate Requests as well as validating certificate chains easy
https://peculiarventures.github.io/x509/
MIT License
78 stars 10 forks source link

Parsing an x509 returns 'Cannot convert ASN.1 algorithm to WebCrypto algorithm' #6

Closed pizzasaurusrex closed 3 years ago

pizzasaurusrex commented 3 years ago

I'm hoping to get some info on an error I'm running into when parsing a certificate using new x509.X509Certificate(). When I try to parse the below cert it throws an error Cannot convert ASN.1 algorithm to WebCrypto algorithm' - per the code this looks expected. but I was able to parse this with pkijs and `asn1js' I'm just wondering if this is intended or if there's a workaround.

cert: 

-----BEGIN CERTIFICATE-----
MIICpzCCAhACAg4AMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYDVQQGEwJKUDEOMAwG
A1UECBMFVG9reW8xEDAOBgNVBAcTB0NodW8ta3UxETAPBgNVBAoTCEZyYW5rNERE
MRgwFgYDVQQLEw9XZWJDZXJ0IFN1cHBvcnQxGDAWBgNVBAMTD0ZyYW5rNEREIFdl
YiBDQTEjMCEGCSqGSIb3DQEJARYUc3VwcG9ydEBmcmFuazRkZC5jb20wHhcNMTIw
ODIyMDcyNjQzWhcNMTcwODIxMDcyNjQzWjBKMQswCQYDVQQGEwJKUDEOMAwGA1UE
CAwFVG9reW8xETAPBgNVBAoMCEZyYW5rNEREMRgwFgYDVQQDDA93d3cuZXhhbXBs
ZS5jb20wgfAwgagGByqGSM44BAEwgZwCQQDKVt7ZYtFRCzrm2/NTjl45YtMgVctQ
pLadAowFRydY13uhGw+JXyM+qmngfQkXImQpoYdIe+A8DWG2vaO3wKQ3AhUAxx6d
eaDs+XNHcbsiVQ1osvxrG8sCQHQYZDlSy/A5AFXrWXUNlTJbNhWDnitiG/95qYCe
FGnwYPp/WyhX+/lbDmQujkrbd4wYStudZM0cc4iDAWeOHQ0DQwACQDtK/S6POMQE
8aI+skBdNQn+Ch76kNDhztC/suOr9FbCSxnZ/CfhSgE1phOJyEkdR2jgErl3uh51
lo+7to76LLUwDQYJKoZIhvcNAQEFBQADgYEAnrmxZ3HB0LmVoFYdBJWxNBkRaFyn
jBmRsSJp2xvFg2nyAF77AOqBuFOFqOxg04eDxH8TGLQOWjqdyCFCY79AQlmkdB+8
Z5SWqPEwLJHVLd91O9avQwwRQT5TAxGXFkHTlQxOoaGfTsVQFqSDnlYC4mFjspA7
W+K8+llxOFmtVzU=
-----END CERTIFICATE-----
microshine commented 3 years ago

It occurs cause @peculiar/x509 doesn't support DSA algorithm and your certificate's public key is DSA. It's possible to extend the module in runtime by adding DSAAlgorithm provider (see ED algorithm)

But maybe it would be better don't throw an exception on parsing and return UnknownAlgorithm for such cases

interface UnknownAlgorithm {
  name: string; // 1.2.840.10040.4.1
  params?: ArrayBuffer | null;
}
microshine commented 3 years ago

I'll update the module today

microshine commented 3 years ago

@pizzasaurusrex Please try @peculiar/x509@1.3.0

pizzasaurusrex commented 3 years ago

@microshine that fixed it, thank you !