|
|
|
|
@ -36,8 +36,12 @@ library RSA { |
|
|
|
|
* 2048 bits. If you use a smaller key, consider replacing it with a larger, more secure, one. |
|
|
|
|
* |
|
|
|
|
* WARNING: This verification algorithm doesn't prevent replayability. If called multiple times with the same |
|
|
|
|
* digest, public key and (valid signature), it will return true every time. Consider including an onchain nonce or |
|
|
|
|
* unique identifier in the message to prevent replay attacks. |
|
|
|
|
* digest, public key and (valid signature), it will return true every time. Consider including an onchain nonce |
|
|
|
|
* or unique identifier in the message to prevent replay attacks. |
|
|
|
|
* |
|
|
|
|
* WARNING: This verification algorithm supports any exponent. NIST recommends using `65537` (or higher). |
|
|
|
|
* That is the default value many libraries use, such as OpenSSL. Developers may choose to reject public keys |
|
|
|
|
* using a low exponent out of security concerns. |
|
|
|
|
* |
|
|
|
|
* @param digest the digest to verify |
|
|
|
|
* @param s is a buffer containing the signature |
|
|
|
|
|
Hadrien Croubois
4 months ago