|
|
|
|
|
|
by Muromec
80 days ago
|
|
|
OIDs have to be unique just enough to not fall into the wrong parsing/validating path in the same system, which isn't that hard. >Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code is lenient in checking the digest algorithm structure That's on brand for the javascript world, yes. With asn1 being a can of worms, at least it's a can of worms with a reputation, unlike this nice magic trick. Disclaimer: there exists a PR filled under my name into an asn.1 parser that fixes a bug, which is not merged since October 2022. |
|
|