Verification bugfixes

[edgarsj]

• OCSP issuerKeyHash calculation - Fixed critical bug where OCSP requests used wrong hash (full SPKI instead of public key BIT STRING), causing incorrect revocation status responses
• Timestamp signature coverage verification - Now correctly verifies that timestamps cover the canonicalized ds:SignatureValue XML element per XAdES (ETSI EN 319 132-1) specification, fixing coversSignature: false issue
• TSA name formatting - Fixed timestamp TSA name showing as [object Object] instead of readable DN string like CN=..., O=..., C=...
• Base64 whitespace handling - Fixed browser atob errors when decoding base64 strings containing whitespace from XML
• ECDSA signature format normalization - Fixed signature verification failures for ECDSA signatures with leading zero padding by normalizing to IEEE P1363 format expected by Web Crypto API

[greptile-apps]

Greptile Summary

• Fixes critical cryptographic verification bugs in the edockit electronic document signature library, addressing OCSP revocation checking, timestamp verification, ECDSA signature format compatibility, and base64 decoding issues
• Updates timestamp verification to use canonicalized XML signature values per XAdES (ETSI EN 319 132-1) specification rather than raw signature bytes, fixing coversSignature: false errors
• Implements proper ECDSA signature format normalization from DER to IEEE P1363 format for Web Crypto API compatibility and improves TSA name formatting for better user experience

Important Files Changed

Filename	Overview
src/core/revocation/ocsp.ts	Fixed critical OCSP issuerKeyHash calculation to use public key BIT STRING instead of full SPKI structure
src/core/verification.ts	Added ECDSA signature normalization functions and updated timestamp verification to use canonical signature values
src/core/timestamp/verify.ts	Fixed TSA name formatting and updated timestamp coverage verification for XAdES compliance
src/core/parser/signatureParser.ts	Added XML canonicalization of SignatureValue elements to support proper timestamp verification

Confidence score: 4/5

• This PR addresses critical cryptographic verification bugs that could cause legitimate signatures to fail validation in production environments
• Score reflects the high complexity of cryptographic changes across multiple core verification components, particularly ECDSA signature normalization and XML canonicalization logic
• Pay close attention to src/core/verification.ts and src/core/revocation/ocsp.ts for the complex cryptographic normalization and ASN.1 parsing changes

Sequence Diagram

sequenceDiagram
    participant User
    participant verifySignature
    participant verifyTimestamp
    participant parseTimestamp
    participant checkCertificateRevocation
    participant verifySignedInfo
    participant verifyChecksums

    User->>verifySignature: "Verify signature with options"
    
    alt has signatureTimestamp and verifyTimestamps !== false
        verifySignature->>verifyTimestamp: "Verify timestamp"
        verifyTimestamp->>parseTimestamp: "Parse timestamp token"
        parseTimestamp-->>verifyTimestamp: "Return timestamp info"
        verifyTimestamp-->>verifySignature: "Return verification result"
        verifySignature->>verifySignature: "Update trustedSigningTime if valid"
    end
    
    verifySignature->>verifyCertificate: "Verify certificate with trusted time"
    verifyCertificate-->>verifySignature: "Return certificate result"
    
    alt checkRevocation !== false and certificate valid
        verifySignature->>checkCertificateRevocation: "Check revocation status"
        checkCertificateRevocation-->>verifySignature: "Return revocation result"
    end
    
    alt verifyChecksums !== false
        verifySignature->>verifyChecksums: "Verify file checksums"
        verifyChecksums-->>verifySignature: "Return checksum results"
    end
    
    alt verifySignatures !== false and has required components
        verifySignature->>verifySignedInfo: "Verify XML signature"
        verifySignedInfo-->>verifySignature: "Return signature verification"
    end
    
    verifySignature->>verifySignature: "Determine overall validity"
    verifySignature-->>User: "Return complete verification result"

Loading

[greptile-apps]

_{11 files reviewed, 2 comments}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

logic: DER length parsing may fail for long form lengths > 127 bytes. Should this handle multi-byte length encoding properly for large signatures?

Prompt To Fix With AI

This is a comment left during a code review.
Path: src/core/verification.ts
Line: 432:436

Comment:
**logic:** DER length parsing may fail for long form lengths > 127 bytes. Should this handle multi-byte length encoding properly for large signatures?

How can I resolve this? If you propose a fix, please make it concise.

[greptile-apps]

logic: Truncating oversized components could create invalid signatures - consider throwing error instead

Suggested change

	// Component too large - take the last 'size' bytes
	return stripped.slice(stripped.length - size);
	}
	} else {
	// Component too large - this indicates corrupted or invalid data
	throw new Error(`ECDSA component too large: expected ${size} bytes, got ${stripped.length} bytes`);
	}

Is silently truncating the component the intended behavior for oversized R/S values?

Prompt To Fix With AI

This is a comment left during a code review.
Path: src/core/verification.ts
Line: 413:415

Comment:
**logic:** Truncating oversized components could create invalid signatures - consider throwing error instead

```suggestion
    } else {
    // Component too large - this indicates corrupted or invalid data
    throw new Error(`ECDSA component too large: expected ${size} bytes, got ${stripped.length} bytes`);
  }
```

 Is silently truncating the component the intended behavior for oversized R/S values?

How can I resolve this? If you propose a fix, please make it concise.