This repository was archived by the owner on Apr 22, 2023. It is now read-only.
Support for signature verification with RSA/DSA public keys #1166
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Author
|
Oh, and we probably want this in both v0.4 and master. Thoughts? |
Author
|
Lastly, I left this code as-is from crypto: if (r != 1) It would probably make sense to kill that off, since it's not really an error if the signature doesn't match. I can either reprepare a pull request, or if you want to just change it as part of the merge. Let me know. |
|
thanks mark - landed in v0.4 please do a new pull for removing error printing. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hey Ryan,
Turns out node didn't support signature verification with anything except for X.509 certificates. This patch takes a guess at inferring whether or not the PEM file passed into crypto.verify() is a public key or certificate, and does the right switch based on that. Minor point I realized after I committed is that sometimes RSA public key headers are just -----BEGIN PUBLIC KEY-----, like DSA, so it's not technically accurate to have the #define C string DSA_KEY_PFX, but, meh.
Thanks,
m