I have a child certificate that is signed by an issuing certificate using an RSA key. When I run:
issuingCert.checkSignature(childCert);
I get the following error:
wrong public key type
I noticed that the error occurs here: https://github.com/fidm/x509/blob/master/src/pki.ts#L267 and that only the hashAlgorithm is passed (which is SHA-256). When running createVerify("SHA-256") an ECDSA verifier is created. When I replaced hashAlgorithm with RSA-SHA256, verification worked.
So I think the fix is to check for the public key type before accepting hashAlgorithm.
I have a child certificate that is signed by an issuing certificate using an RSA key. When I run:
I get the following error:
I noticed that the error occurs here: https://github.com/fidm/x509/blob/master/src/pki.ts#L267 and that only the
hashAlgorithm
is passed (which isSHA-256
). When runningcreateVerify("SHA-256")
an ECDSA verifier is created. When I replacedhashAlgorithm
withRSA-SHA256
, verification worked.So I think the fix is to check for the public key type before accepting
hashAlgorithm
.