-
Notifications
You must be signed in to change notification settings - Fork 174
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add privateKeyPassword option for private key decryption #465
base: master
Are you sure you want to change the base?
Conversation
closes #45 |
@@ -339,13 +340,14 @@ export class SignedXml { | |||
private calculateSignatureValue(doc: Document, callback?: ErrorFirstCallback<string>) { | |||
const signedInfoCanon = this.getCanonSignedInfoXml(doc); | |||
const signer = this.findSignatureAlgorithm(this.signatureAlgorithm); | |||
if (this.privateKey == null) { | |||
const privateKey = this.getPrivateKey(); | |||
if (privateKey === undefined) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why is null
now permissible?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
getPrivateKey()
will never return null.
It could never have been null to begin with. It could only be undefined.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That doesn't appear to be true. While the typing system would prevent anything other than those values, not everyone uses Typescript. I see no code that would prevent any value from being used for privateKey
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I dont think thats a rabbit hole worth going down.
By that logic this.privateKey == null
also does nothing, because i could set privateKey=1, privateKey='' etc.., and that check would not catch it.
You cant reasonably expect the library to work if you set privateKey to null.
In any case an error will be thrown by the crypto library.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There are several little things that would up the quality of this PR in measurable ways. Please see the comments.
One more thought for you: do you think it would make sense to allow a Thank you for the more complete tests. |
@shunkica , I was just looking back at some PRs to see if we could get them landed. Let me know what you think about my last comment. |
Sorry this is not something I have bandwidth for right now. If you have time to implement it go ahead. |
Introduces the
privateKeyPassword
option, enabling users to define the password for decrypting encrypted private keys.The option is ignored if
privateKey
is not set, or if it is an instance ofcrypto.KeyObject