Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: check for RSA header before decoding public key #415

Merged
merged 1 commit into from
Dec 5, 2023
Merged

fix: check for RSA header before decoding public key #415

merged 1 commit into from
Dec 5, 2023

Conversation

karl-power
Copy link
Contributor

@karl-power karl-power commented Dec 4, 2023
edited
Loading

Fixes #414

The performDetectPublicKeyAlgorithms function was attempting to decode pkcs1 keys with the pkcs8 decoder. This caused errors when creating the verifier or signer, as the the base64 data structure of each format is different.

This PR updates the publicKeyPemMatcher pattern and checks for the presence of "RSA" in the .pem header, returning the RSA algorithms if found.

@karl-power karl-power force-pushed the fix/detect-pkcs1-public-key branch from bd08d7c to 41ee28e Compare December 4, 2023 16:29
@karl-power karl-power marked this pull request as ready for review December 4, 2023 16:30
@karl-power karl-power added the bug Something isn't working label Dec 4, 2023
@karl-power karl-power self-assigned this Dec 4, 2023
karl-power
karl-power commented Dec 5, 2023
View reviewed changes
test/crypto.spec.js
@@ -241,7 +241,7 @@ test('detectPublicKeyAlgorithms - malformed PEM files should be rejected', t =>
t.end()
})

test('detectPublicKeyAlgorithms - public keys should be rejected', t => {
test('detectPublicKeyAlgorithms - private keys should be rejected', t => {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a typo I noticed. The detectPublicKeyAlgorithms function should reject private keys, not public ones.

@simoneb simoneb mentioned this pull request Dec 5, 2023
Closed
@simoneb simoneb merged commit 89efaab into master Dec 5, 2023
7 checks passed
@simoneb simoneb deleted the fix/detect-pkcs1-public-key branch December 5, 2023 16:29
@github-actions github-actions bot mentioned this pull request Dec 13, 2023
Closed
@github-actions github-actions bot mentioned this pull request Dec 28, 2023
Closed
@optic-release-automation optic-release-automation bot mentioned this pull request Jan 29, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@simoneb simoneb simoneb approved these changes

Assignees

@karl-power karl-power

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

createVerifier won't verify properly with RS256
2 participants
@karl-power @simoneb