summaryrefslogtreecommitdiffhomepage
path: root/packages/server/src/helpers/iso/isoCrypto/verifyRSA.ts
diff options
context:
space:
mode:
Diffstat (limited to 'packages/server/src/helpers/iso/isoCrypto/verifyRSA.ts')
-rw-r--r--packages/server/src/helpers/iso/isoCrypto/verifyRSA.ts23
1 files changed, 19 insertions, 4 deletions
diff --git a/packages/server/src/helpers/iso/isoCrypto/verifyRSA.ts b/packages/server/src/helpers/iso/isoCrypto/verifyRSA.ts
index e22bbce..c7dc4b6 100644
--- a/packages/server/src/helpers/iso/isoCrypto/verifyRSA.ts
+++ b/packages/server/src/helpers/iso/isoCrypto/verifyRSA.ts
@@ -50,6 +50,10 @@ export async function verifyRSA(opts: {
hash: { name: mapCoseAlgToWebCryptoAlg(alg) },
};
+ const verifyAlgorithm: AlgorithmIdentifier | RsaPssParams = {
+ name: mapCoseAlgToWebCryptoKeyAlgName(alg),
+ };
+
if (shaHashOverride) {
keyAlgorithm.hash.name = mapCoseAlgToWebCryptoAlg(shaHashOverride);
}
@@ -65,13 +69,28 @@ export async function verifyRSA(opts: {
keyData.alg = 'RS1';
}
} else if (keyAlgorithm.name === 'RSA-PSS') {
+ /**
+ * salt length. The default value is 20 but the convention is to use hLen, the length of the
+ * output of the hash function in bytes. A salt length of zero is permitted and will result in
+ * a deterministic signature value. The actual salt length used can be determined from the
+ * signature value.
+ *
+ * From https://www.cryptosys.net/pki/manpki/pki_rsaschemes.html
+ */
+ let saltLength = 0;
+
if (keyAlgorithm.hash.name === 'SHA-256') {
keyData.alg = 'PS256';
+ saltLength = 32; // 256 bits => 32 bytes
} else if (keyAlgorithm.hash.name === 'SHA-384') {
keyData.alg = 'PS384';
+ saltLength = 48; // 384 bits => 48 bytes
} else if (keyAlgorithm.hash.name === 'SHA-512') {
keyData.alg = 'PS512';
+ saltLength = 64; // 512 bits => 64 bytes
}
+
+ (verifyAlgorithm as RsaPssParams).saltLength = saltLength;
} else {
throw new Error(`Unexpected RSA key algorithm ${alg} (${keyAlgorithm.name})`);
}
@@ -81,10 +100,6 @@ export async function verifyRSA(opts: {
algorithm: keyAlgorithm,
});
- const verifyAlgorithm = {
- // TODO: Determine this from `alg` so we might support the rarer RSA-PSS
- name: 'RSASSA-PKCS1-v1_5',
- };
if (globalThis.crypto) {
return globalThis.crypto.subtle.verify(verifyAlgorithm, key, signature, data);
} else {
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-02 08:59:19 +0000