browserify-sign - npm Package Compare versions

Comparing version 2.8.0 to 3.0.0

algos.js

@@ -0,1 +1,2 @@
+'use strict'
 exports['RSA-SHA224'] = exports.sha224WithRSAEncryption = {
@@ -5,3 +6,3 @@ sign: 'rsa',
   id: new Buffer('302d300d06096086480165030402040500041c', 'hex')
-};
+}
 exports['RSA-SHA256'] = exports.sha256WithRSAEncryption = {
@@ -11,3 +12,3 @@ sign: 'rsa',
   id: new Buffer('3031300d060960864801650304020105000420', 'hex')
-};
+}
 exports['RSA-SHA384'] = exports.sha384WithRSAEncryption = {
@@ -17,3 +18,3 @@ sign: 'rsa',
   id: new Buffer('3041300d060960864801650304020205000430', 'hex')
-};
+}
 exports['RSA-SHA512'] = exports.sha512WithRSAEncryption = {
@@ -23,3 +24,3 @@ sign: 'rsa',
   id: new Buffer('3051300d060960864801650304020305000440', 'hex')
-};
+}
 exports['RSA-SHA1'] = {
@@ -29,3 +30,3 @@ sign: 'rsa',
 	id: new Buffer('3021300906052b0e03021a05000414', 'hex')
-};
+}
 exports['ecdsa-with-SHA1'] = {
@@ -35,3 +36,3 @@ sign: 'ecdsa',
 	id: new Buffer('', 'hex')
-};
+}
 exports.DSA = exports['DSA-SHA1'] = exports['DSA-SHA'] = {
@@ -41,3 +42,3 @@ sign: 'dsa',
   id: new Buffer('', 'hex')
-};
+}
 exports['DSA-SHA224'] = exports['DSA-WITH-SHA224'] = {
@@ -47,3 +48,3 @@ sign: 'dsa',
   id: new Buffer('', 'hex')
-};
+}
 exports['DSA-SHA256'] = exports['DSA-WITH-SHA256'] = {
@@ -53,3 +54,3 @@ sign: 'dsa',
   id: new Buffer('', 'hex')
-};
+}
 exports['DSA-SHA384'] = exports['DSA-WITH-SHA384'] = {
@@ -59,3 +60,3 @@ sign: 'dsa',
   id: new Buffer('', 'hex')
-};
+}
 exports['DSA-SHA512'] = exports['DSA-WITH-SHA512'] = {
@@ -65,3 +66,3 @@ sign: 'dsa',
   id: new Buffer('', 'hex')
-};
+}
 exports['DSA-RIPEMD160'] = {
@@ -71,3 +72,3 @@ sign: 'dsa',
   id: new Buffer('', 'hex')
-};
+}
 exports['RSA-RIPEMD160'] = exports.ripemd160WithRSA = {
@@ -77,3 +78,3 @@ sign: 'rsa',
   id: new Buffer('3021300906052b2403020105000414', 'hex')
-};
+}
 exports['RSA-MD5'] = exports.md5WithRSAEncryption = {
@@ -83,2 +84,2 @@ sign: 'rsa',
   id: new Buffer('3020300c06082a864886f70d020505000410', 'hex')
-};
+}

index.js

@@ -1,1 +0,7 @@
-require('./inject')(module.exports, require('crypto'));
+var crypto = require('crypto')
+
+exports.createSign = crypto.createSign
+exports.Sign = crypto.Sign
+
+exports.createVerify = crypto.createVerify
+exports.Verify = crypto.Verify

package.json

 {
   "name": "browserify-sign",
-  "version": "2.8.0",
+  "version": "3.0.0",
   "description": "",
   "main": "index.js",
+  "browser": "browser.js",
   "scripts": {
@@ -11,3 +12,3 @@ "test": "node test/index.js | tspec"
     "type": "git",
-    "url": "git://github.com/calvinmetcalf/browserify-sign.git"
+    "url": "git://github.com/crypto-browserify/browserify-sign.git"
   },
@@ -18,6 +19,8 @@ "author": "",
     "bn.js": "^1.0.0",
-    "browserify-rsa": "^1.1.0",
+    "browserify-rsa": "^2.0.0",
+    "create-hash": "^1.1.0",
+    "create-hmac": "^1.1.2",
     "elliptic": "^1.0.0",
     "inherits": "^2.0.1",
-    "parse-asn1": "^2.0.0"
+    "parse-asn1": "^3.0.0"
   },
@@ -24,0 +27,0 @@ "devDependencies": {

readme.md

@@ -1,2 +0,2 @@
-browserify-sign [![Build Status](https://travis-ci.org/calvinmetcalf/browserify-sign.svg)](https://travis-ci.org/calvinmetcalf/browserify-sign)
+browserify-sign [![Build Status](https://travis-ci.org/crypto-browserify/browserify-sign.svg)](https://travis-ci.org/crypto-browserify/browserify-sign)
 ===
@@ -3,0 +3,0 @@

sign.js

 // much of this based on https://github.com/indutny/self-signed/blob/gh-pages/lib/rsa.js
-var parseKeys = require('parse-asn1');
-var bn = require('bn.js');
-var elliptic = require('elliptic');
-var crt = require("browserify-rsa");
-module.exports = sign;
-function sign(hash, key, hashType, crypto) {
-  var priv = parseKeys(key, crypto);
+var parseKeys = require('parse-asn1')
+var BN = require('bn.js')
+var elliptic = require('elliptic')
+var crt = require('browserify-rsa')
+var createHmac = require('create-hmac')
+var curves = require('./curves')
+
+module.exports = sign
+function sign (hash, key, hashType) {
+  var priv = parseKeys(key)
   if (priv.curve) {
-    return ecSign(hash, priv, crypto);
+    return ecSign(hash, priv)
   } else if (priv.type === 'dsa') {
-    return dsaSign(hash, priv, hashType, crypto);
+    return dsaSign(hash, priv, hashType)
   }
-  var len = priv.modulus.byteLength();
-  var pad = [ 0, 1 ];
+  var len = priv.modulus.byteLength()
+  var pad = [ 0, 1 ]
   while (hash.length + pad.length + 1 < len) {
-    pad.push(0xff);
+    pad.push(0xff)
   }
-  pad.push(0x00);
-  var i = -1;
+  pad.push(0x00)
+  var i = -1
   while (++i < hash.length) {
-    pad.push(hash[i]);
+    pad.push(hash[i])
   }
-  
-  var out = crt(pad, priv, crypto);
-  return out;
+
+  var out = crt(pad, priv)
+  return out
 }
-function ecSign(hash, priv, crypto) {
-  elliptic.rand = crypto.randomBytes;
-  var curve;
-  if (priv.curve.join('.')  === '1.3.132.0.10') {
-    curve = new elliptic.ec('secp256k1');
-  }
-  var key = curve.genKeyPair();
-  key._importPrivate(priv.privateKey);
-  var out = key.sign(hash);
-  return new Buffer(out.toDER());
+function ecSign (hash, priv) {
+  var curveId = curves[priv.curve.join('.')]
+  if (!curveId)
+    throw new Error('unknown curve ' + priv.curve.join('.'))
+
+  var curve = new elliptic.ec(curveId)
+
+  var key = curve.genKeyPair()
+  key._importPrivate(priv.privateKey)
+  var out = key.sign(hash)
+  return new Buffer(out.toDER())
 }
-function dsaSign(hash, priv, algo, crypto) {
-  var x = priv.params.priv_key;
-  var p = priv.params.p;
-  var q = priv.params.q;
-  var montq = bn.mont(q);
-  var g = priv.params.g;
-  var r = new bn(0);
-  var k;
-  var H = bits2int(hash, q).mod(q);
-  var s = false;
-  var kv = getKay(x, q, hash, algo, crypto);
+function dsaSign (hash, priv, algo) {
+  var x = priv.params.priv_key
+  var p = priv.params.p
+  var q = priv.params.q
+  var montq = BN.mont(q)
+  var g = priv.params.g
+  var r = new BN(0)
+  var k
+  var H = bits2int(hash, q).mod(q)
+  var s = false
+  var kv = getKey(x, q, hash, algo)
   while (s === false) {
-    k = makeKey(q, kv, algo, crypto);
-    r = makeR(g, k, p, q);
-    s = k.invm(q).imul(H.add(x.mul(r))).mod(q);
+    k = makeKey(q, kv, algo)
+    r = makeR(g, k, p, q)
+    s = k.invm(q).imul(H.add(x.mul(r))).mod(q)
     if (!s.cmpn(0)) {
-      s = false;
-      r = new bn(0);
+      s = false
+      r = new BN(0)
     }
   }
-  return toDER(r,s);
+  return toDER(r, s)
 }
-function toDER(r, s) {
-  r = r.toArray();
-  s = s.toArray();
+function toDER (r, s) {
+  r = r.toArray()
+  s = s.toArray()
 
   // Pad values
   if (r[0] & 0x80)
-    r = [ 0 ].concat(r);
+    r = [ 0 ].concat(r)
   // Pad values
   if (s[0] & 0x80)
-    s = [0].concat(s);
+    s = [0].concat(s)
 
-  var total = r.length + s.length + 4;
-  var res = [ 0x30, total, 0x02, r.length ];
-  res = res.concat(r, [ 0x02, s.length ], s);
-  return new Buffer(res);
+  var total = r.length + s.length + 4
+  var res = [ 0x30, total, 0x02, r.length ]
+  res = res.concat(r, [ 0x02, s.length ], s)
+  return new Buffer(res)
 }
-module.exports.getKay = getKay;
-function getKay(x, q, hash, algo, crypto) {
-  x = new Buffer(x.toArray());
+module.exports.getKey = getKey
+function getKey (x, q, hash, algo) {
+  x = new Buffer(x.toArray())
   if (x.length < q.byteLength()) {
-    var zeros = new Buffer(q.byteLength() - x.length);
-    zeros.fill(0);
-    x = Buffer.concat([zeros, x]);
+    var zeros = new Buffer(q.byteLength() - x.length)
+    zeros.fill(0)
+    x = Buffer.concat([zeros, x])
   }
-  var hlen = hash.length;
-  var hbits = bits2octets(hash, q);
-  var v = new Buffer(hlen);
-  v.fill(1);
-  var k = new Buffer(hlen);
-  k.fill(0);
-  k = crypto.createHmac(algo, k)
+  var hlen = hash.length
+  var hbits = bits2octets(hash, q)
+  var v = new Buffer(hlen)
+  v.fill(1)
+  var k = new Buffer(hlen)
+  k.fill(0)
+  k = createHmac(algo, k)
     .update(v)
@@ -96,7 +100,7 @@ .update(new Buffer([0]))
     .update(hbits)
-    .digest();
-  v = crypto.createHmac(algo, k)
+    .digest()
+  v = createHmac(algo, k)
     .update(v)
-    .digest();
-  k = crypto.createHmac(algo, k)
+    .digest()
+  k = createHmac(algo, k)
     .update(v)
@@ -106,57 +110,57 @@ .update(new Buffer([1]))
     .update(hbits)
-    .digest();
-  v = crypto.createHmac(algo, k)
+    .digest()
+  v = createHmac(algo, k)
     .update(v)
-    .digest();
+    .digest()
   return {
-    k:k,
-    v:v
-  };
+    k: k,
+    v: v
+  }
 }
-function bits2int(obits, q) {
-  bits = new bn(obits);
-  var shift = obits.length * 8 - q.bitLength();
+function bits2int (obits, q) {
+  var bits = new BN(obits)
+  var shift = (obits.length << 3) - q.bitLength()
   if (shift > 0) {
-    bits.ishrn(shift);
+    bits.ishrn(shift)
   }
-  return bits;
+  return bits
 }
 function bits2octets (bits, q) {
-  bits = bits2int(bits, q);
-  bits = bits.mod(q);
-  var out = new Buffer(bits.toArray());
+  bits = bits2int(bits, q)
+  bits = bits.mod(q)
+  var out = new Buffer(bits.toArray())
   if (out.length < q.byteLength()) {
-    var zeros = new Buffer(q.byteLength() - out.length);
-    zeros.fill(0);
-    out = Buffer.concat([zeros, out]);
+    var zeros = new Buffer(q.byteLength() - out.length)
+    zeros.fill(0)
+    out = Buffer.concat([zeros, out])
   }
-  return out;
+  return out
 }
-module.exports.makeKey = makeKey;
-function makeKey(q, kv, algo, crypto) {
-  var t;
-  var k;
+module.exports.makeKey = makeKey
+function makeKey (q, kv, algo) {
+  var t
+  var k
   while (true) {
-    t = new Buffer('');
+    t = new Buffer('')
     while (t.length * 8 < q.bitLength()) {
-      kv.v = crypto.createHmac(algo, kv.k)
+      kv.v = createHmac(algo, kv.k)
         .update(kv.v)
-        .digest();
-      t = Buffer.concat([t, kv.v]);
+        .digest()
+      t = Buffer.concat([t, kv.v])
     }
-    k = bits2int(t, q);
-    kv.k =  crypto.createHmac(algo, kv.k)
+    k = bits2int(t, q)
+    kv.k =  createHmac(algo, kv.k)
         .update(kv.v)
         .update(new Buffer([0]))
-        .digest();
-    kv.v = crypto.createHmac(algo, kv.k)
+        .digest()
+    kv.v = createHmac(algo, kv.k)
         .update(kv.v)
-        .digest();
+        .digest()
     if (k.cmp(q) === -1) {
-      return k;
+      return k
     }
   }
 }
-function makeR(g, k, p, q) {
-  return g.toRed(bn.mont(p)).redPow(k).fromRed().mod(q);
-}
+function makeR (g, k, p, q) {
+  return g.toRed(BN.mont(p)).redPow(k).fromRed().mod(q)
+}

test/index.js

@@ -1,216 +0,236 @@
-var test = require('tape');
-var fs = require('fs');
-var priv1024 = fs.readFileSync(__dirname + '/rsa.1024.priv');
-var asn1 = require('parse-asn1/asn1');
+var test = require('tape')
+var fs = require('fs')
+var priv1024 = fs.readFileSync(__dirname + '/rsa.1024.priv')
+var asn1 = require('parse-asn1/asn1')
+var parseKeys = require('parse-asn1')
+var crt = require('browserify-rsa')
+var crypto = require('crypto')
 var rsa1024 = {
-	private: fs.readFileSync(__dirname + '/rsa.1024.priv'),
-	public: fs.readFileSync(__dirname + '/rsa.1024.pub')
-};
+  private: fs.readFileSync(__dirname + '/rsa.1024.priv'),
+  public: fs.readFileSync(__dirname + '/rsa.1024.pub')
+}
 var rsa2028 = {
-	private: fs.readFileSync(__dirname + '/rsa.2028.priv'),
-	public: fs.readFileSync(__dirname + '/rsa.2028.pub')
-};
+  private: fs.readFileSync(__dirname + '/rsa.2028.priv'),
+  public: fs.readFileSync(__dirname + '/rsa.2028.pub')
+}
 var nonrsa1024 = {
-	private: fs.readFileSync(__dirname + '/1024.priv'),
-	public: fs.readFileSync(__dirname + '/1024.pub')
-};
+  private: fs.readFileSync(__dirname + '/1024.priv'),
+  public: fs.readFileSync(__dirname + '/1024.pub')
+}
 var pass1024 = {
-	private: {
-		passphrase: 'fooo',
-		key:fs.readFileSync(__dirname + '/pass.1024.priv')
-	},
-	public: fs.readFileSync(__dirname + '/pass.1024.pub')
-};
+  private: {
+    passphrase: 'fooo',
+    key: fs.readFileSync(__dirname + '/pass.1024.priv')
+  },
+  public: fs.readFileSync(__dirname + '/pass.1024.pub')
+}
 var ec = {
-	private: fs.readFileSync(__dirname + '/ec.priv'),
-	public: fs.readFileSync(__dirname + '/ec.pub')
-};
+  private: fs.readFileSync(__dirname + '/ec.priv'),
+  public: fs.readFileSync(__dirname + '/ec.pub')
+}
+var ec224 = {
+  private: fs.readFileSync(__dirname + '/ec.p224.priv'),
+  public: fs.readFileSync(__dirname + '/ec.p224.pub')
+}
+var ec192 = {
+  private: fs.readFileSync(__dirname + '/ec.p192.priv'),
+  public: fs.readFileSync(__dirname + '/ec.p192.pub')
+}
+
+var ec256 = {
+  private: fs.readFileSync(__dirname + '/ec.p256.priv'),
+  public: fs.readFileSync(__dirname + '/ec.p256.pub')
+}
 var ecpass = {
-	private: {
-		key: fs.readFileSync(__dirname + '/ec.pass.priv'),
-		passphrase: 'bard'
-	},
-	public: fs.readFileSync(__dirname + '/ec.pub')
-};
+  private: {
+    key: fs.readFileSync(__dirname + '/ec.pass.priv'),
+    passphrase: 'bard'
+  },
+  public: fs.readFileSync(__dirname + '/ec.pub')
+}
 var dsa = {
-	private: fs.readFileSync(__dirname + '/dsa.1024.priv'),
-	public: fs.readFileSync(__dirname + '/dsa.1024.pub')
-};
+  private: fs.readFileSync(__dirname + '/dsa.1024.priv'),
+  public: fs.readFileSync(__dirname + '/dsa.1024.pub')
+}
 var dsa2 = {
-	private: fs.readFileSync(__dirname + '/dsa.2048.priv'),
-	public: fs.readFileSync(__dirname + '/dsa.2048.pub')
-};
+  private: fs.readFileSync(__dirname + '/dsa.2048.priv'),
+  public: fs.readFileSync(__dirname + '/dsa.2048.pub')
+}
 var dsapass = {
-	private: {
-		key:fs.readFileSync(__dirname + '/pass.dsa.1024.priv'),
-		passphrase:'password'
-	},
-	public: fs.readFileSync(__dirname + '/pass.dsa.1024.pub')
-};
+  private: {
+    key: fs.readFileSync(__dirname + '/pass.dsa.1024.priv'),
+    passphrase: 'password'
+  },
+  public: fs.readFileSync(__dirname + '/pass.dsa.1024.pub')
+}
 var dsapass2 = {
-	private: {
-		key:fs.readFileSync(__dirname + '/pass2.dsa.1024.priv'),
-		passphrase:'password'
-	},
-	public: fs.readFileSync(__dirname + '/pass2.dsa.1024.pub')
-};
+  private: {
+    key: fs.readFileSync(__dirname + '/pass2.dsa.1024.priv'),
+    passphrase: 'password'
+  },
+  public: fs.readFileSync(__dirname + '/pass2.dsa.1024.pub')
+}
 var rsapass = {
-	private: {
-		key:fs.readFileSync(__dirname + '/pass.rsa.1024.priv'),
-		passphrase:'password'
-	},
-	public: fs.readFileSync(__dirname + '/pass.rsa.1024.pub')
-};
+  private: {
+    key: fs.readFileSync(__dirname + '/pass.rsa.1024.priv'),
+    passphrase: 'password'
+  },
+  public: fs.readFileSync(__dirname + '/pass.rsa.1024.pub')
+}
 var rsapass2 = {
-	private: {
-		key:fs.readFileSync(__dirname + '/pass.rsa.2028.priv'),
-		passphrase:'password'
-	},
-	public: fs.readFileSync(__dirname + '/pass.rsa.2028.pub')
-};
-var vector = fs.readFileSync(__dirname + '/vector.priv');
-var vector2 = fs.readFileSync(__dirname + '/vector2.priv');
-function isNode10() {
-  return process.version && process.version.split('.').length === 3 && parseInt(process.version.split('.')[1], 10) <= 10;
+  private: {
+    key: fs.readFileSync(__dirname + '/pass.rsa.2028.priv'),
+    passphrase: 'password'
+  },
+  public: fs.readFileSync(__dirname + '/pass.rsa.2028.pub')
 }
-var nodeCrypto = require('crypto');
-var myCrypto = require('../');
-function testIt(keys, message, scheme) {
-	var pub = keys.public;
-	var priv = keys.private;
-	test(message.toString(), function (t) {
-		t.plan(4);
-		var mySign = myCrypto.createSign(scheme);
-		var nodeSign = nodeCrypto.createSign(scheme);
-		var mySig = mySign.update(message).sign(priv);
-		var nodeSig = nodeSign.update(message).sign(priv);
-		t.equals(mySig.length, nodeSig.length, 'correct length');
-		t.equals(mySig.toString('hex'), nodeSig.toString('hex'), 'equal sigs');
-		var myVer = myCrypto.createVerify(scheme);
-		var nodeVer = nodeCrypto.createVerify(scheme);
-		t.ok(nodeVer.update(message).verify(pub, mySig), 'node validate my sig');
-		t.ok(myVer.update(message).verify(pub, nodeSig), 'me validate node sig');
-	});
+var vector = fs.readFileSync(__dirname + '/vector.priv')
+var vector2 = fs.readFileSync(__dirname + '/vector2.priv')
+function isNode10 () {
+  return process.version && process.version.split('.').length === 3 && parseInt(process.version.split('.')[1], 10) <= 10
 }
-function ectestIt(keys, message, scheme) {
-	var pub = keys.public;
-	var priv = keys.private;
-	test(message.toString(), function (t) {
-		t.plan(3);
-		
-		var nodeSign = nodeCrypto.createSign(scheme);
-		var mySign = myCrypto.createSign(scheme);
-		var mySig = mySign.update(message).sign(priv);
-		var nodeSig = nodeSign.update(message).sign(priv);
-		t.notEqual(mySig.toString('hex'), nodeSig.toString('hex'), 'not equal sigs');
-		var myVer = myCrypto.createVerify(scheme);
-		var nodeVer = nodeCrypto.createVerify(scheme);
-		t.ok(nodeVer.update(message).verify(pub, mySig), 'node validate my sig');
-		t.ok(myVer.update(message).verify(pub, nodeSig), 'me validate node sig');
-	});
+var nodeCrypto = require('crypto')
+var myCrypto = require('../browser')
+function testIt (keys, message, scheme) {
+  var pub = keys.public
+  var priv = keys.private
+  test(message.toString(), function (t) {
+    t.plan(4)
+    var mySign = myCrypto.createSign(scheme)
+    var nodeSign = nodeCrypto.createSign(scheme)
+    var mySig = mySign.update(message).sign(priv)
+    var nodeSig = nodeSign.update(message).sign(priv)
+    t.equals(mySig.length, nodeSig.length, 'correct length')
+    t.equals(mySig.toString('hex'), nodeSig.toString('hex'), 'equal sigs')
+    var myVer = myCrypto.createVerify(scheme)
+    var nodeVer = nodeCrypto.createVerify(scheme)
+    t.ok(nodeVer.update(message).verify(pub, mySig), 'node validate my sig')
+    t.ok(myVer.update(message).verify(pub, nodeSig), 'me validate node sig')
+  })
 }
+function ectestIt (keys, message, scheme) {
+  var pub = keys.public
+  var priv = keys.private
+  test(message.toString(), function (t) {
+    t.plan(3)
 
-ectestIt(dsa, new Buffer('dsa with 1024 keys'), 'DSA');
-ectestIt(dsa2, new Buffer('dsa with 2048 keys'), 'DSA-SHA1');
-testIt(rsa1024, new Buffer('md5 with 1024 keys'), 'RSA-MD5');
-ectestIt(ec, new Buffer('ecdsa with sha1'), 'ecdsa-with-SHA1');
-testIt(rsa1024, new Buffer('md5 with 1024 keys'), 'RSA-MD5');
-testIt(rsa2028, new Buffer('md5 with 2028 keys'), 'RSA-MD5');
-testIt(nonrsa1024, new Buffer('md5 with 1024 keys non-rsa key'), 'RSA-MD5');
-testIt(rsa1024, new Buffer('rmd160 with 2028 keys'), 'RSA-RIPEMD160');
-testIt(rsa2028, new Buffer('rmd160 with 1024 keys'), 'RSA-RIPEMD160');
-testIt(nonrsa1024, new Buffer('rmd160 with 1024 keys non-rsa key'), 'RSA-RIPEMD160');
-testIt(rsa1024, new Buffer('sha1 with 1024 keys'), 'RSA-SHA1');
-testIt(rsa2028, new Buffer('sha1 with 2028 keys'), 'RSA-SHA1');
-testIt(nonrsa1024, new Buffer('sha1 with 1024 keys non-rsa key'), 'RSA-SHA1');
-testIt(rsa1024, new Buffer('sha224 with 1024 keys'), 'RSA-SHA224');
-testIt(nonrsa1024, new Buffer('sha224 with 1024 keys non-rsa key'), 'RSA-SHA224');
-testIt(rsa2028, new Buffer('sha224 with 2028 keys'), 'RSA-SHA224');
-testIt(rsa1024, new Buffer('SHA256 with 1024 keys'), 'RSA-SHA256');
-testIt(nonrsa1024, new Buffer('sha256 with 1024 keys non-rsa key'), 'RSA-SHA256');
-testIt(rsa2028, new Buffer('SHA256 with 2028 keys'), 'RSA-SHA256');
-testIt(rsa1024, new Buffer('SHA384 with 1024 keys'), 'RSA-SHA384');
-testIt(nonrsa1024, new Buffer('sha384 with 1024 keys non-rsa key'), 'RSA-SHA384');
-testIt(rsa2028, new Buffer('SHA384 with 2028 keys'), 'RSA-SHA384');
-testIt(rsa1024, new Buffer('SHA512 with 1024 keys'), 'RSA-SHA512');
-testIt(nonrsa1024, new Buffer('sha512 with 1024 keys non-rsa key'), 'RSA-SHA512');
-testIt(rsa2028, new Buffer('SHA512 with 2028 keys'), 'RSA-SHA512');
+    var nodeSign = nodeCrypto.createSign(scheme)
+    var mySign = myCrypto.createSign(scheme)
+
+    var mySig = mySign.update(message).sign(priv)
+    var nodeSig = nodeSign.update(message).sign(priv)
+    t.notEqual(mySig.toString('hex'), nodeSig.toString('hex'), 'not equal sigs')
+    var myVer = myCrypto.createVerify(scheme)
+    var nodeVer = nodeCrypto.createVerify(scheme)
+    t.ok(nodeVer.update(message).verify(pub, mySig), 'node validate my sig')
+    t.ok(myVer.update(message).verify(pub, nodeSig), 'me validate node sig')
+  })
+}
+
+ectestIt(dsa, new Buffer('dsa with 1024 keys'), 'DSA')
+ectestIt(dsa2, new Buffer('dsa with 2048 keys'), 'DSA-SHA1')
+testIt(rsa1024, new Buffer('md5 with 1024 keys'), 'RSA-MD5')
+ectestIt(ec, new Buffer('ecdsa with sha1'), 'ecdsa-with-SHA1')
+ectestIt(ec192, new Buffer('ecdsa with p192 key with sha1'), 'ecdsa-with-SHA1')
+ectestIt(ec224, new Buffer('ecdsa with p224 key with sha1'), 'ecdsa-with-SHA1')
+ectestIt(ec256, new Buffer('ecdsa with p256 key with sha1'), 'ecdsa-with-SHA1')
+testIt(rsa1024, new Buffer('md5 with 1024 keys'), 'RSA-MD5')
+testIt(rsa2028, new Buffer('md5 with 2028 keys'), 'RSA-MD5')
+testIt(nonrsa1024, new Buffer('md5 with 1024 keys non-rsa key'), 'RSA-MD5')
+testIt(rsa1024, new Buffer('rmd160 with 2028 keys'), 'RSA-RIPEMD160')
+testIt(rsa2028, new Buffer('rmd160 with 1024 keys'), 'RSA-RIPEMD160')
+testIt(nonrsa1024, new Buffer('rmd160 with 1024 keys non-rsa key'), 'RSA-RIPEMD160')
+testIt(rsa1024, new Buffer('sha1 with 1024 keys'), 'RSA-SHA1')
+testIt(rsa2028, new Buffer('sha1 with 2028 keys'), 'RSA-SHA1')
+testIt(nonrsa1024, new Buffer('sha1 with 1024 keys non-rsa key'), 'RSA-SHA1')
+testIt(rsa1024, new Buffer('sha224 with 1024 keys'), 'RSA-SHA224')
+testIt(nonrsa1024, new Buffer('sha224 with 1024 keys non-rsa key'), 'RSA-SHA224')
+testIt(rsa2028, new Buffer('sha224 with 2028 keys'), 'RSA-SHA224')
+testIt(rsa1024, new Buffer('SHA256 with 1024 keys'), 'RSA-SHA256')
+testIt(nonrsa1024, new Buffer('sha256 with 1024 keys non-rsa key'), 'RSA-SHA256')
+testIt(rsa2028, new Buffer('SHA256 with 2028 keys'), 'RSA-SHA256')
+testIt(rsa1024, new Buffer('SHA384 with 1024 keys'), 'RSA-SHA384')
+testIt(nonrsa1024, new Buffer('sha384 with 1024 keys non-rsa key'), 'RSA-SHA384')
+testIt(rsa2028, new Buffer('SHA384 with 2028 keys'), 'RSA-SHA384')
+testIt(rsa1024, new Buffer('SHA512 with 1024 keys'), 'RSA-SHA512')
+testIt(nonrsa1024, new Buffer('sha512 with 1024 keys non-rsa key'), 'RSA-SHA512')
+testIt(rsa2028, new Buffer('SHA512 with 2028 keys'), 'RSA-SHA512')
 if (!isNode10()) {
-	ectestIt(ecpass, new Buffer('ecdsa with password'), 'ecdsa-with-SHA1');
-	ectestIt(dsapass, new Buffer('dsa with 1024 keys and a password'), 'DSA-SHA');
-	ectestIt(dsapass2, new Buffer('dsa with 1024 keys and a password varient'), 'DSA-SHA');
-	testIt(rsapass, new Buffer('sha1 with 1024 keys and password, varient'), 'RSA-SHA1');
-	testIt(rsapass2, new Buffer('sha1 with 2024 keys and password, varient'), 'RSA-SHA1');
-	testIt(rsapass, new Buffer('sha224 with 1024 keys and password, varient'), 'RSA-SHA224');
-	testIt(rsapass2, new Buffer('sha224 with 2024 keys and password, varient'), 'RSA-SHA224');
-	testIt(rsapass, new Buffer('sha256 with 1024 keys and password, varient'), 'RSA-SHA256');
-	testIt(rsapass2, new Buffer('sha256 with 2024 keys and password, varient'), 'RSA-SHA256');
-	testIt(rsapass, new Buffer('sha384 with 1024 keys and password, varient'), 'RSA-SHA384');
-	testIt(rsapass2, new Buffer('sha384 with 2024 keys and password, varient'), 'RSA-SHA384');
-	testIt(rsapass, new Buffer('sha512 with 1024 keys and password, varient'), 'RSA-SHA512');
-	testIt(rsapass2, new Buffer('sha512 with 2024 keys and password, varient'), 'RSA-SHA512');
-	testIt(rsapass, new Buffer('rmd160 with 1024 keys and password, varient'), 'RSA-RIPEMD160');
-	testIt(rsapass2, new Buffer('rmd160 with 2024 keys and password, varient'), 'RSA-RIPEMD160');
-	testIt(rsapass, new Buffer('md5 with 1024 keys and password, varient'), 'RSA-MD5');
-	testIt(rsapass2, new Buffer('md5 with 2024 keys and password, varient'), 'RSA-MD5');
-	testIt(pass1024, new Buffer('sha1 with 1024 keys and password'), 'RSA-SHA1');
-	testIt(pass1024, new Buffer('sha224 with 1024 keys and password'), 'RSA-SHA224');
-	testIt(pass1024, new Buffer('sha256 with 1024 keys and password'), 'RSA-SHA256');
-	testIt(pass1024, new Buffer('sha384 with 1024 keys and password'), 'RSA-SHA384');
-	testIt(pass1024, new Buffer('sha512 with 1024 keys and password'), 'RSA-SHA512');
-	testIt(pass1024, new Buffer('rmd160 with 1024 keys and password'), 'RSA-RIPEMD160');
-	testIt(pass1024, new Buffer('md5 with 1024 keys and password'), 'RSA-MD5');
+  ectestIt(ecpass, new Buffer('ecdsa with password'), 'ecdsa-with-SHA1')
+  ectestIt(dsapass, new Buffer('dsa with 1024 keys and a password'), 'DSA-SHA')
+  ectestIt(dsapass2, new Buffer('dsa with 1024 keys and a password varient'), 'DSA-SHA')
+  testIt(rsapass, new Buffer('sha1 with 1024 keys and password, varient'), 'RSA-SHA1')
+  testIt(rsapass2, new Buffer('sha1 with 2024 keys and password, varient'), 'RSA-SHA1')
+  testIt(rsapass, new Buffer('sha224 with 1024 keys and password, varient'), 'RSA-SHA224')
+  testIt(rsapass2, new Buffer('sha224 with 2024 keys and password, varient'), 'RSA-SHA224')
+  testIt(rsapass, new Buffer('sha256 with 1024 keys and password, varient'), 'RSA-SHA256')
+  testIt(rsapass2, new Buffer('sha256 with 2024 keys and password, varient'), 'RSA-SHA256')
+  testIt(rsapass, new Buffer('sha384 with 1024 keys and password, varient'), 'RSA-SHA384')
+  testIt(rsapass2, new Buffer('sha384 with 2024 keys and password, varient'), 'RSA-SHA384')
+  testIt(rsapass, new Buffer('sha512 with 1024 keys and password, varient'), 'RSA-SHA512')
+  testIt(rsapass2, new Buffer('sha512 with 2024 keys and password, varient'), 'RSA-SHA512')
+  testIt(rsapass, new Buffer('rmd160 with 1024 keys and password, varient'), 'RSA-RIPEMD160')
+  testIt(rsapass2, new Buffer('rmd160 with 2024 keys and password, varient'), 'RSA-RIPEMD160')
+  testIt(rsapass, new Buffer('md5 with 1024 keys and password, varient'), 'RSA-MD5')
+  testIt(rsapass2, new Buffer('md5 with 2024 keys and password, varient'), 'RSA-MD5')
+  testIt(pass1024, new Buffer('sha1 with 1024 keys and password'), 'RSA-SHA1')
+  testIt(pass1024, new Buffer('sha224 with 1024 keys and password'), 'RSA-SHA224')
+  testIt(pass1024, new Buffer('sha256 with 1024 keys and password'), 'RSA-SHA256')
+  testIt(pass1024, new Buffer('sha384 with 1024 keys and password'), 'RSA-SHA384')
+  testIt(pass1024, new Buffer('sha512 with 1024 keys and password'), 'RSA-SHA512')
+  testIt(pass1024, new Buffer('rmd160 with 1024 keys and password'), 'RSA-RIPEMD160')
+  testIt(pass1024, new Buffer('md5 with 1024 keys and password'), 'RSA-MD5')
 }
-function kvector(algo, r, s, t, key, msg) {
-	t.plan(2);
-		var sig = myCrypto.createSign(algo).update(msg).sign(key);
-		var rs = asn1.signature.decode(sig, 'der');
-		t.equals(rs.r.toString(16), r.toLowerCase(),'r');
-		t.equals(rs.s.toString(16), s.toLowerCase(),'s');
+function kvector (algo, r, s, t, key, msg) {
+  t.plan(2)
+  var sig = myCrypto.createSign(algo).update(msg).sign(key)
+  var rs = asn1.signature.decode(sig, 'der')
+  t.equals(rs.r.toString(16), r.toLowerCase(), 'r')
+  t.equals(rs.s.toString(16), s.toLowerCase(), 's')
 }
 var vectors = [
   {
-  	algo:'dsa-sha1',
-  	r: '2E1A0C2562B2912CAAF89186FB0F42001585DA55',
-  	s: '29EFB6B0AFF2D7A68EB70CA313022253B9A88DF5',
-  	key: vector,
-  	msg: 'sample'
+    algo: 'dsa-sha1',
+    r: '2E1A0C2562B2912CAAF89186FB0F42001585DA55',
+    s: '29EFB6B0AFF2D7A68EB70CA313022253B9A88DF5',
+    key: vector,
+    msg: 'sample'
   },
   {
-  	algo:'dsa-sha1',
-  	r: '42AB2052FD43E123F0607F115052A67DCD9C5C77',
-  	s: '183916B0230D45B9931491D4C6B0BD2FB4AAF088',
-  	key: vector,
-  	msg: 'test'
+    algo: 'dsa-sha1',
+    r: '42AB2052FD43E123F0607F115052A67DCD9C5C77',
+    s: '183916B0230D45B9931491D4C6B0BD2FB4AAF088',
+    key: vector,
+    msg: 'test'
   },
   {
-  	algo:'dsa-sha224',
-  	r: '4BC3B686AEA70145856814A6F1BB53346F02101E',
-  	s: '410697B92295D994D21EDD2F4ADA85566F6F94C1',
-  	key: vector,
-  	msg: 'sample'
+    algo: 'dsa-sha224',
+    r: '4BC3B686AEA70145856814A6F1BB53346F02101E',
+    s: '410697B92295D994D21EDD2F4ADA85566F6F94C1',
+    key: vector,
+    msg: 'sample'
   },
   {
-  	algo:'dsa-sha224',
-  	r: '6868E9964E36C1689F6037F91F28D5F2C30610F2',
-  	s: '49CEC3ACDC83018C5BD2674ECAAD35B8CD22940F',
-  	key: vector,
-  	msg: 'test'
+    algo: 'dsa-sha224',
+    r: '6868E9964E36C1689F6037F91F28D5F2C30610F2',
+    s: '49CEC3ACDC83018C5BD2674ECAAD35B8CD22940F',
+    key: vector,
+    msg: 'test'
   },
   {
-  	algo:'dsa-sha256',
-  	r: '81F2F5850BE5BC123C43F71A3033E9384611C545',
-  	s: '4CDD914B65EB6C66A8AAAD27299BEE6B035F5E89',
-  	key: vector,
-  	msg: 'sample'
+    algo: 'dsa-sha256',
+    r: '81F2F5850BE5BC123C43F71A3033E9384611C545',
+    s: '4CDD914B65EB6C66A8AAAD27299BEE6B035F5E89',
+    key: vector,
+    msg: 'sample'
   },
   {
-  	algo:'dsa-sha256',
-  	r: '22518C127299B0F6FDC9872B282B9E70D0790812',
-  	s: '6837EC18F150D55DE95B5E29BE7AF5D01E4FE160',
-  	key: vector,
-  	msg: 'test'
+    algo: 'dsa-sha256',
+    r: '22518C127299B0F6FDC9872B282B9E70D0790812',
+    s: '6837EC18F150D55DE95B5E29BE7AF5D01E4FE160',
+    key: vector,
+    msg: 'test'
   },
    {
-    algo:'dsa-sha384',
+    algo: 'dsa-sha384',
     r: '7F2108557EE0E3921BC1774F1CA9B410B4CE65A',
@@ -222,3 +242,3 @@ s: '54DF70456C86FAC10FAB47C1949AB83F2C6F7595',
   {
-    algo:'dsa-sha384',
+    algo: 'dsa-sha384',
     r: '854CF929B58D73C3CBFDC421E8D5430CD6DB5E66',
@@ -230,3 +250,3 @@ s: '91D0E0F53E22F898D158380676A871A157CDA622',
    {
-    algo:'dsa-sha512',
+    algo: 'dsa-sha512',
     r: '16C3491F9B8C3FBBDD5E7A7B667057F0D8EE8E1B',
@@ -238,3 +258,3 @@ s: '2C36A127A7B89EDBB72E4FFBC71DABC7D4FC69C',
   {
-    algo:'dsa-sha512',
+    algo: 'dsa-sha512',
     r: '8EA47E475BA8AC6F2D821DA3BD212D11A3DEB9A0',
@@ -246,44 +266,45 @@ s: '7C670C7AD72B6C050C109E1790008097125433E8',
   {
-  	algo:'dsa-sha1',
-  	r: '3A1B2DBD7489D6ED7E608FD036C83AF396E290DBD602408E8677DAABD6E7445A',
-  	s: 'D26FCBA19FA3E3058FFC02CA1596CDBB6E0D20CB37B06054F7E36DED0CDBBCCF',
-  	key: vector2,
-  	msg: 'sample'
+    algo: 'dsa-sha1',
+    r: '3A1B2DBD7489D6ED7E608FD036C83AF396E290DBD602408E8677DAABD6E7445A',
+    s: 'D26FCBA19FA3E3058FFC02CA1596CDBB6E0D20CB37B06054F7E36DED0CDBBCCF',
+    key: vector2,
+    msg: 'sample'
   },
   {
-  	algo:'dsa-sha1',
-  	r: 'C18270A93CFC6063F57A4DFA86024F700D980E4CF4E2CB65A504397273D98EA0',
-  	s: '414F22E5F31A8B6D33295C7539C1C1BA3A6160D7D68D50AC0D3A5BEAC2884FAA',
-  	key: vector2,
-  	msg: 'test'
+    algo: 'dsa-sha1',
+    r: 'C18270A93CFC6063F57A4DFA86024F700D980E4CF4E2CB65A504397273D98EA0',
+    s: '414F22E5F31A8B6D33295C7539C1C1BA3A6160D7D68D50AC0D3A5BEAC2884FAA',
+    key: vector2,
+    msg: 'test'
   },
   {
-  	algo:'dsa-sha224',
-  	r: 'DC9F4DEADA8D8FF588E98FED0AB690FFCE858DC8C79376450EB6B76C24537E2C',
-  	s: 'A65A9C3BC7BABE286B195D5DA68616DA8D47FA0097F36DD19F517327DC848CEC',
-  	key: vector2,
-  	msg: 'sample'
+    algo: 'dsa-sha224',
+    r: 'DC9F4DEADA8D8FF588E98FED0AB690FFCE858DC8C79376450EB6B76C24537E2C',
+    s: 'A65A9C3BC7BABE286B195D5DA68616DA8D47FA0097F36DD19F517327DC848CEC',
+    key: vector2,
+    msg: 'sample'
   },
   {
-  	algo:'dsa-sha224',
-  	r: '272ABA31572F6CC55E30BF616B7A265312018DD325BE031BE0CC82AA17870EA3',
-  	s: 'E9CC286A52CCE201586722D36D1E917EB96A4EBDB47932F9576AC645B3A60806',
-  	key: vector2,
-  	msg: 'test'
+    algo: 'dsa-sha224',
+    r: '272ABA31572F6CC55E30BF616B7A265312018DD325BE031BE0CC82AA17870EA3',
+    s: 'E9CC286A52CCE201586722D36D1E917EB96A4EBDB47932F9576AC645B3A60806',
+    key: vector2,
+    msg: 'test'
   },
   {
-  	algo:'dsa-sha256',
-  	r: 'EACE8BDBBE353C432A795D9EC556C6D021F7A03F42C36E9BC87E4AC7932CC809',
-  	s: '7081E175455F9247B812B74583E9E94F9EA79BD640DC962533B0680793A38D53',
-  	key: vector2,
-  	msg: 'sample'
+    algo: 'dsa-sha256',
+    r: 'EACE8BDBBE353C432A795D9EC556C6D021F7A03F42C36E9BC87E4AC7932CC809',
+    s: '7081E175455F9247B812B74583E9E94F9EA79BD640DC962533B0680793A38D53',
+    key: vector2,
+    msg: 'sample'
   },
   {
-  	algo:'dsa-sha256',
-  	r: '8190012A1969F9957D56FCCAAD223186F423398D58EF5B3CEFD5A4146A4476F0',
-  	s: '7452A53F7075D417B4B013B278D1BB8BBD21863F5E7B1CEE679CF2188E1AB19E',
-  	key: vector2,
-  	msg: 'test'
-  },{
-    algo:'dsa-sha384',
+    algo: 'dsa-sha256',
+    r: '8190012A1969F9957D56FCCAAD223186F423398D58EF5B3CEFD5A4146A4476F0',
+    s: '7452A53F7075D417B4B013B278D1BB8BBD21863F5E7B1CEE679CF2188E1AB19E',
+    key: vector2,
+    msg: 'test'
+  },
+  {
+    algo: 'dsa-sha384',
     r: 'B2DA945E91858834FD9BF616EBAC151EDBC4B45D27D0DD4A7F6A22739F45C00B',
@@ -295,3 +316,3 @@ s: '19048B63D9FD6BCA1D9BAE3664E1BCB97F7276C306130969F63F38FA8319021B',
   {
-    algo:'dsa-sha384',
+    algo: 'dsa-sha384',
     r: '239E66DDBE8F8C230A3D071D601B6FFBDFB5901F94D444C6AF56F732BEB954BE',
@@ -301,4 +322,5 @@ s: '6BD737513D5E72FE85D1C750E0F73921FE299B945AAD1C802F15C26A43D34961',
     msg: 'test'
-  },{
-    algo:'dsa-sha512',
+  },
+  {
+    algo: 'dsa-sha512',
     r: '2016ED092DC5FB669B8EFB3D1F31A91EECB199879BE0CF78F02BA062CB4C942E',
@@ -308,4 +330,5 @@ s: 'D0C76F84B5F091E141572A639A4FB8C230807EEA7D55C8A154A224400AFF2351',
     msg: 'sample'
-  },{
-    algo:'dsa-sha512',
+  },
+  {
+    algo: 'dsa-sha512',
     r: '89EC4BB1400ECCFF8E7D9AA515CD1DE7803F2DAFF09693EE7FD1353E90A68307',
@@ -316,9 +339,142 @@ s: 'C9F0BDABCC0D880BB137A994CC7F3980CE91CC10FAF529FC46565B15CEA854E1',
   }
-];
+]
 test('kvector works', function (t) {
-	vectors.forEach(function (vec) {
-		t.test('algo: ' + vec.algo + ' key len:' + vec.key.length + ' msg:' + vec.msg, function (t) {
-			kvector(vec.algo, vec.r, vec.s, t, vec.key, vec.msg);
-		});
-	});
-});
+  vectors.forEach(function (vec) {
+    t.test('algo: ' + vec.algo + ' key len: ' + vec.key.length + ' msg: ' + vec.msg, function (t) {
+      kvector(vec.algo, vec.r, vec.s, t, vec.key, vec.msg)
+    })
+  })
+})
+
+test('reject invalid sigs', function (t) {
+  var message = 'a valid message!'
+  var hash = Buffer.concat([
+    new Buffer('302d300d06096086480165030402040500041c', 'hex'),
+    crypto.createHash('sha224').update(message).digest()
+  ])
+  t.test('I create a valid sig', function (t) {
+    t.plan(2)
+    var priv = parseKeys(rsa1024.private)
+    var len = priv.modulus.byteLength()
+    var pad = [ 0, 1 ]
+    while (hash.length + pad.length + 1 < len) {
+      pad.push(0xff)
+    }
+    pad.push(0x00)
+    var i = -1
+    while (++i < hash.length) {
+      pad.push(hash[i])
+    }
+
+    var sign = crt(pad, priv)
+    t.ok(nodeCrypto.createVerify('RSA-SHA224')
+      .update(message)
+      .verify(rsa1024.public, sign), 'node accepts it')
+    t.ok(myCrypto.createVerify('RSA-SHA224').update(message).verify(rsa1024.public, sign), 'I accept it')
+  })
+  t.test('invalid leading byte', function (t) {
+    t.plan(2)
+    var priv = parseKeys(rsa1024.private)
+    var len = priv.modulus.byteLength()
+    var pad = [ 0, 2 ]
+    while (hash.length + pad.length + 1 < len) {
+      pad.push(0xff)
+    }
+    pad.push(0x00)
+    var i = -1
+    while (++i < hash.length) {
+      pad.push(hash[i])
+    }
+
+    var sign = crt(pad, priv)
+    t.notOk(nodeCrypto.createVerify('RSA-SHA224')
+      .update(message)
+      .verify(rsa1024.public, sign), 'node rejects it')
+    t.notOk(myCrypto.createVerify('RSA-SHA224').update(message).verify(rsa1024.public, sign), 'I reject it')
+  })
+
+  t.test('invalid ending bytes', function (t) {
+    t.plan(2)
+    var priv = parseKeys(rsa1024.private)
+    var len = priv.modulus.byteLength()
+    var pad = [ 0, 1 ]
+    while (hash.length + pad.length + 1 < len) {
+      pad.push(0xff)
+    }
+    pad.push(0x02)
+    var i = -1
+    while (++i < hash.length) {
+      pad.push(hash[i])
+    }
+
+    var sign = crt(pad, priv)
+    t.notOk(nodeCrypto.createVerify('RSA-SHA224')
+      .update(message)
+      .verify(rsa1024.public, sign), 'node rejects it')
+    t.notOk(myCrypto.createVerify('RSA-SHA224').update(message).verify(rsa1024.public, sign), 'I reject it')
+  })
+
+  t.test('missing f', function (t) {
+    t.plan(2)
+    var priv = parseKeys(rsa1024.private)
+    var len = priv.modulus.byteLength()
+    var pad = [ 0, 1 ]
+    while (hash.length + pad.length + 2 < len) {
+      pad.push(0xff)
+    }
+    pad.push(0x00)
+    var i = -1
+    while (++i < hash.length) {
+      pad.push(hash[i])
+    }
+
+    var sign = crt(pad, priv)
+    t.notOk(nodeCrypto.createVerify('RSA-SHA224')
+      .update(message)
+      .verify(rsa1024.public, sign), 'node rejects it')
+    t.notOk(myCrypto.createVerify('RSA-SHA224').update(message).verify(rsa1024.public, sign), 'I reject it')
+  })
+
+  t.test('missing f, extra data', function (t) {
+    t.plan(2)
+    var priv = parseKeys(rsa1024.private)
+    var len = priv.modulus.byteLength()
+    var pad = [ 0, 1 ]
+    while (hash.length + pad.length + 2 < len) {
+      pad.push(0xff)
+    }
+    pad.push(0x00)
+    var i = -1
+    while (++i < hash.length) {
+      pad.push(hash[i])
+    }
+    pad.push(0)
+    var sign = crt(pad, priv)
+    t.notOk(nodeCrypto.createVerify('RSA-SHA224')
+      .update(message)
+      .verify(rsa1024.public, sign), 'node rejects it')
+    t.notOk(myCrypto.createVerify('RSA-SHA224').update(message).verify(rsa1024.public, sign), 'I reject it')
+  })
+
+  t.test('in suficent fs', function (t) {
+    t.plan(2)
+    var priv = parseKeys(rsa1024.private)
+    var len = priv.modulus.byteLength()
+    var pad = [ 0, 1 ]
+    var i = 7
+    while (i--) {
+      pad.push(0xff)
+    }
+    pad.push(0x00)
+    i = -1
+    while (++i < hash.length) {
+      pad.push(hash[i])
+    }
+    pad.push(0)
+    var sign = crt(pad, priv)
+    t.notOk(nodeCrypto.createVerify('RSA-SHA224')
+      .update(message)
+      .verify(rsa1024.public, sign), 'node rejects it')
+    t.notOk(myCrypto.createVerify('RSA-SHA224').update(message).verify(rsa1024.public, sign), 'I reject it')
+  })
+})

verify.js

@@ -0,62 +1,74 @@
+'use strict'
 // much of this based on https://github.com/indutny/self-signed/blob/gh-pages/lib/rsa.js
-var parseKeys = require('parse-asn1');
-var elliptic = require('elliptic');
-var bn = require('bn.js');
-module.exports = verify;
-function verify(sig, hash, key) {
-  var pub = parseKeys(key);
+var parseKeys = require('parse-asn1')
+var elliptic = require('elliptic')
+var curves = require('./curves')
+var BN = require('bn.js')
+module.exports = verify
+function verify (sig, hash, key) {
+  var pub = parseKeys(key)
   if (pub.type === 'ec') {
-    return ecVerify(sig, hash, pub);
+    return ecVerify(sig, hash, pub)
   } else if (pub.type === 'dsa') {
-    return dsaVerify(sig, hash, pub);
+    return dsaVerify(sig, hash, pub)
   }
-  var len = pub.modulus.byteLength();
-  var pad = [ 0, 1 ];
-  while (hash.length + pad.length + 1 < len) {
-    pad.push(0xff);
+  var len = pub.modulus.byteLength()
+  var pad = [ 1 ]
+  var padNum = 0
+  while (hash.length + pad.length + 2 < len) {
+    pad.push(0xff)
+    padNum++
   }
-  pad.push(0x00);
-  var i = -1;
+  pad.push(0x00)
+  var i = -1
   while (++i < hash.length) {
-    pad.push(hash[i]);
+    pad.push(hash[i])
   }
-  pad = hash;
-  var red = bn.mont(pub.modulus);
-  sig = new bn(sig).toRed(red);
+  pad = new Buffer(pad)
+  var red = BN.mont(pub.modulus)
+  sig = new BN(sig).toRed(red)
 
-  sig = sig.redPow(new bn(pub.publicExponent));
+  sig = sig.redPow(new BN(pub.publicExponent))
 
-  sig = new Buffer(sig.fromRed().toArray());
-  sig = sig.slice(sig.length - hash.length);
-  var out = 0;
-  len = sig.length;
-  i = -1;
+  sig = new Buffer(sig.fromRed().toArray())
+  var out = 0
+  if (padNum < 8) {
+    out = 1
+  }
+  len = Math.min(sig.length, pad.length)
+  if (sig.length !== pad.length) {
+    out = 1
+  }
+
+  i = -1
   while (++i < len) {
-    out += (sig[i] ^ hash[i]);
+    out |= (sig[i] ^ pad[i])
   }
-  return !out;
+  return out === 0
 }
-function ecVerify(sig, hash, pub) {
-  var curve;
-  if (pub.data.algorithm.curve.join('.')  === '1.3.132.0.10') {
-    curve = new elliptic.ec('secp256k1');
-  }
-  var pubkey = pub.data.subjectPrivateKey.data;
-  return curve.verify(hash.toString('hex'), sig.toString('hex'), pubkey.toString('hex'));
+function ecVerify (sig, hash, pub) {
+  var curveId = curves[pub.data.algorithm.curve.join('.')]
+  if (!curveId)
+    throw new Error('unknown curve ' + pub.data.algorithm.curve.join('.'))
+
+  var curve = new elliptic.ec(curveId)
+
+  var pubkey = pub.data.subjectPrivateKey.data
+  return curve.verify(hash.toString('hex'), sig.toString('hex'), pubkey.toString('hex'))
 }
-function dsaVerify(sig, hash, pub) {
-  var p = pub.data.p;
-  var q = pub.data.q;
-  var g = pub.data.g;
-  var y = pub.data.pub_key;
-  var unpacked = parseKeys.signature.decode(sig, 'der');
-  var s = unpacked.s;
-  var r = unpacked.r;
-  checkValue(s, q);
-  checkValue(r, q);
-  var montq = bn.mont(q);
-  var montp = bn.mont(p);
-  var w =  s.invm(q);
+function dsaVerify (sig, hash, pub) {
+  var p = pub.data.p
+  var q = pub.data.q
+  var g = pub.data.g
+  var y = pub.data.pub_key
+  var unpacked = parseKeys.signature.decode(sig, 'der')
+  var s = unpacked.s
+  var r = unpacked.r
+  checkValue(s, q)
+  checkValue(r, q)
+  var montq = BN.mont(q)
+  var montp = BN.mont(p)
+  var w =  s.invm(q)
   var v = g.toRed(montp)
-  .redPow(new bn(hash).mul(w).mod(q))
+  .redPow(new BN(hash).mul(w).mod(q))
   .fromRed()
@@ -67,12 +79,12 @@ .mul(
     .fromRed()
-  ).mod(p).mod(q);
-  return !v.cmp(r);
+  ).mod(p).mod(q)
+  return !v.cmp(r)
 }
-function checkValue(b, q) {
+function checkValue (b, q) {
   if (b.cmpn(0) <= 0) {
-    throw new Error('invalid sig');
+    throw new Error('invalid sig')
   }
   if (b.cmp(q) >= q) {
-    throw new Error('invalid sig');
+    throw new Error('invalid sig')
   }
-}
+}

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

48794

increased by3.09%

Lines of code

864

increased by15.51%

Worsened metrics

Dependency count

7

increased by40%

Number of medium supply chain risk alerts

1

increased byInfinity%

Dependency changes

• + Addedcreate-hash@^1.1.0

• + Addedcreate-hmac@^1.1.2

• + Addedasn1.js@2.2.1(transitive)

• + Addedbrowserify-aes@1.2.0(transitive)

• + Addedbrowserify-rsa@2.0.1(transitive)

• + Addedbuffer-xor@1.0.3(transitive)

• + Addedcipher-base@1.0.4(transitive)

• + Addedcreate-hash@1.2.0(transitive)

• + Addedcreate-hmac@1.1.7(transitive)

• + Addedevp_bytestokey@1.0.3(transitive)

• + Addedhash-base@3.1.0(transitive)

• + Addedmd5.js@1.3.5(transitive)

• + Addedparse-asn1@3.0.2(transitive)

• + Addedpbkdf2@3.1.2(transitive)

• + Addedrandombytes@2.1.0(transitive)

• + Addedreadable-stream@3.6.2(transitive)

• + Addedripemd160@2.0.2(transitive)

• + Addedsafe-buffer@5.2.1(transitive)

• + Addedsha.js@2.4.11(transitive)

• + Addedstring_decoder@1.3.0(transitive)

• + Addedutil-deprecate@1.0.2(transitive)

• - Removedasn1.js@1.0.6(transitive)

• - Removedasn1.js-rfc3280@1.0.0(transitive)

• - Removedbrowserify-rsa@1.1.1(transitive)

• - Removedparse-asn1@2.0.0(transitive)

• - Removedpemstrip@0.0.1(transitive)

• Updatedbrowserify-rsa@^2.0.0

• Updatedparse-asn1@^3.0.0