Support for signature verification with RSA/DSA public keys #1166

wants to merge 1 commit into


None yet

2 participants


Hey Ryan,

Turns out node didn't support signature verification with anything except for X.509 certificates. This patch takes a guess at inferring whether or not the PEM file passed into crypto.verify() is a public key or certificate, and does the right switch based on that. Minor point I realized after I committed is that sometimes RSA public key headers are just -----BEGIN PUBLIC KEY-----, like DSA, so it's not technically accurate to have the #define C string DSA_KEY_PFX, but, meh.



Oh, and we probably want this in both v0.4 and master. Thoughts?


Lastly, I left this code as-is from crypto:

if (r != 1)
ERR_print_errors_fp (stderr);

It would probably make sense to kill that off, since it's not really an error if the signature doesn't match. I can either reprepare a pull request, or if you want to just change it as part of the merge. Let me know.

ry commented Jun 14, 2011

thanks mark - landed in v0.4

please do a new pull for removing error printing.

@ry ry added a commit that closed this pull request Jun 14, 2011
Mark Cavage Support for signature verification with RSA/DSA public keys
Fixes #1166.
@ry ry closed this in 88552c5 Jun 14, 2011
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment