RSASSA-PKCS1-v1_5 sign error

[kloepper]

I am not able to use RSASSA-PKCS1-v1_5 keys to sign data. I wrote up a simple test to demonstrate the issue:

https://github.com/kloepper/sign_test/blob/master/sign_test.js

The signTest() function works correctly in a browser.

The output from running ./sign_test.js:

    at RSASSA_PKCS1_v1_5.sign (/sign_test/node_modules/@trust/webcrypto/src/algorithms/RSASSA-PKCS1-v1_5.js:81:19)
    at Promise (/sign_test/node_modules/@trust/webcrypto/src/SubtleCrypto.js:115:40)
    at new Promise (<anonymous>)
    at SubtleCrypto.sign (/sign_test/node_modules/@trust/webcrypto/src/SubtleCrypto.js:106:12)
    at signTest (/sign_test/sign_test.js:12:41)
    at process._tickCallback (internal/process/next_tick.js:68:7)
    at Function.Module.runMain (internal/modules/cjs/loader.js:745:11)
    at startup (internal/bootstrap/node.js:236:19)
    at bootstrapNodeJSCore (internal/bootstrap/node.js:560:3)```

[kloepper]

I have been following the examples here:

https://github.com/diafygi/webcrypto-examples#rsassa-pkcs1-v1_5---sign

After inspecting the code, I found a work around by calling sign() with the first argument of { name: "RSASSA-PKCS1-v1_5", hash: { name: "SHA-256" } } instead of simply "RSASSA-PKCS1-v1_5".

Is it possible that the change of behavior was introduced by this commit?
ca57633#diff-e6a8c985dc7a75d1c38ce1c93a2ffddc

[thelunararmy]

The #67 commit was a fix to an improper access of parameter from the initiated RSASSA_PKCS1_v1_5 class object, so this fix is working as intended. In terms of api call, both webcrypto and crypto requires the algorithm name be encapsulated as an object attribute, so {name: "RSASSA-PKCS1-v1_5"} should be the bare minimum required to instantiate a RSASSA_PKCS1_v1_5 object for signing purposes. Ideally this should have a hash attribute as well, but that is an acceptable omit.

[certifirm]

@kloepper Thanks a lot. I lost a lot of hours with this error.

Please, correct the example.