Open kloepper opened 6 years ago
I have been following the examples here:
https://github.com/diafygi/webcrypto-examples#rsassa-pkcs1-v1_5---sign
After inspecting the code, I found a work around by calling sign()
with the first argument of { name: "RSASSA-PKCS1-v1_5", hash: { name: "SHA-256" } }
instead of simply "RSASSA-PKCS1-v1_5"
.
Is it possible that the change of behavior was introduced by this commit? https://github.com/anvilresearch/webcrypto/commit/ca5763352e2b73b8a14681f1637698cdeaafe6cc#diff-e6a8c985dc7a75d1c38ce1c93a2ffddc
The #67 commit was a fix to an improper access of parameter from the initiated RSASSA_PKCS1_v1_5
class object, so this fix is working as intended. In terms of api call, both webcrypto and crypto requires the algorithm name be encapsulated as an object attribute, so {name: "RSASSA-PKCS1-v1_5"}
should be the bare minimum required to instantiate a RSASSA_PKCS1_v1_5
object for signing purposes. Ideally this should have a hash
attribute as well, but that is an acceptable omit.
@kloepper Thanks a lot. I lost a lot of hours with this error.
Please, correct the example.
I am not able to use
RSASSA-PKCS1-v1_5
keys to sign data. I wrote up a simple test to demonstrate the issue:https://github.com/kloepper/sign_test/blob/master/sign_test.js
The
signTest()
function works correctly in a browser.The output from running
./sign_test.js
: