Comments (5)
calvinmetcalf
commented on June 12, 2024
1
ah that's the issue, browserify/parse-asn1#6 is the pull that fixes cert parsing which I need to rebase and merge
from browserify-sign.
calvinmetcalf
commented on June 12, 2024
sorry for taking so long to get back to you
-
what format is the awsPublicCertificateRSA in? is the first line start with BEGIN and the last line with END ?
-
what happends when you change your code to be
const verifier = crypto.createVerify('RSA-SHA256');
verifier.update(oraclize_doc, 'base64');
awsSignatureValid = verifier.verify(awsPublicCertificateRSA, awsSignature, 'base64');- Can you provide the stack trace for the error?
from browserify-sign.
D-Nice
commented on June 12, 2024
The certificate is valid, correctly formatted with '-----BEGIN' and 'END'. (Working with crypto in node, and jsrsasign on browser).
Using the code you provided, I got:
TypeError: Cannot read property '2' of null
at 98.module.exports (<anonymous>:16808:34)
at parseKeys (<anonymous>:16847:18)
at verify (<anonymous>:6970:13)
at Verify.verifyMethod [as verify] (<anonymous>:6737:10)
at Object.135.module.exports.verifyComputation (<anonymous>:21091:33)
at verifyProof (<anonymous>:21850:10)
at Object.<anonymous> (<anonymous>:21821:24)
at Object.138../lib/computationVerify.js (<anonymous>:21908:4)
at s (<anonymous>:2:254)
at e (<anonymous>:2:425)
Note, this issue can be closed, as my workaround has been to just use the jsrsasign library on the browser-side.
from browserify-sign.
calvinmetcalf
commented on June 12, 2024
The certificate is valid, correctly formatted with '-----BEGIN' and 'END'. (Working with crypto in node, and jsrsasign on browser).
not debating that it is correctly formatted, just wondering if the format is one we don't support, what is the full top line ?
from browserify-sign.
D-Nice
commented on June 12, 2024
No problem, here is exactly how it is formatted.
const awsPublicCertificateRSA = `-----BEGIN CERTIFICATE-----\n\
MIIDIjCCAougAwIBAgIJAKnL4UEDMN/FMA0GCSqGSIb3DQEBBQUAMGoxCzAJBgNV\n\
BAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdTZWF0dGxlMRgw\n\
FgYDVQQKEw9BbWF6b24uY29tIEluYy4xGjAYBgNVBAMTEWVjMi5hbWF6b25hd3Mu\n\
Y29tMB4XDTE0MDYwNTE0MjgwMloXDTI0MDYwNTE0MjgwMlowajELMAkGA1UEBhMC\n\
VVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1NlYXR0bGUxGDAWBgNV\n\
BAoTD0FtYXpvbi5jb20gSW5jLjEaMBgGA1UEAxMRZWMyLmFtYXpvbmF3cy5jb20w\n\
gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAIe9GN//SRK2knbjySG0ho3yqQM3\n\
e2TDhWO8D2e8+XZqck754gFSo99AbT2RmXClambI7xsYHZFapbELC4H91ycihvrD\n\
jbST1ZjkLQgga0NE1q43eS68ZeTDccScXQSNivSlzJZS8HJZjgqzBlXjZftjtdJL\n\
XeE4hwvo0sD4f3j9AgMBAAGjgc8wgcwwHQYDVR0OBBYEFCXWzAgVyrbwnFncFFIs\n\
77VBdlE4MIGcBgNVHSMEgZQwgZGAFCXWzAgVyrbwnFncFFIs77VBdlE4oW6kbDBq\n\
MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHU2Vh\n\
dHRsZTEYMBYGA1UEChMPQW1hem9uLmNvbSBJbmMuMRowGAYDVQQDExFlYzIuYW1h\n\
em9uYXdzLmNvbYIJAKnL4UEDMN/FMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF\n\
BQADgYEAFYcz1OgEhQBXIwIdsgCOS8vEtiJYF+j9uO6jz7VOmJqO+pRlAbRlvY8T\n\
C1haGgSI/A1uZUKs/Zfnph0oEI0/hu1IIJ/SKBDtN5lvmZ/IzbOPIJWirlsllQIQ\n\
7zvWbGd9c9+Rm3p04oTvhup99la7kZqevJK0QRdD/6NpCKsqP/0=\n\
-----END CERTIFICATE-----`;
from browserify-sign.
Related Issues (20)
- test failures depending on openssl version/flags HOT 6
- Verify is broken when input is an ECDSA certificate
- Replace Buffer constructor with Buffer.new() HOT 2
- Verify is broken when input is a certificate
- Fails to compile if used with css-loader 3.0.0
- signing data with private key generated by new openssh 8.0 not working. HOT 3
- explicit import 'buffer'
- TypeError: hex is not a function HOT 1
- Expose algorithms HOT 1
- CVE-2020-13822 HOT 2
- The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' bytes, or integer overflows. HOT 2
- No wiki page, no Readme file content, no explain...
- Incorrect dependency version. Please update HOT 1
- elliptic version 6.5.3 has a vulnerability HOT 1
- Ignore case in algorithm name HOT 2
- Signature Forgery Attack In Browserify-Sign HOT 1
- Fix for dsaVerify Security issue? HOT 1
- Node incompatibility for "sha256" algorithm HOT 5
- process is not defind HOT 1
- process undefined in react native environment HOT 15
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from browserify-sign.