forge icon indicating copy to clipboard operation
forge copied to clipboard

Published 20 hours ago verified publisher icon digitalbazaar

How to check whether the subject of a signed cert has been modified?

Open changqing-cpf opened this issue 3 years ago • 0 comments

I understand that to verify if a cert has been signed by a caCert, you can do:

console.log(caCert.verify(cert));

However, this does not ensure that the subject of the cert has not been modified. What is the best way to ensure this? The only way I can think of is to re-sign the cert and check if the original signature matches the new signature, like so:

const signature = cert.signature;
cert.sign(caPrivateKey);
console.log(signature == cert.signature);

Is there a better way?

changqing-cpf avatar Sep 06 '22 08:09 changqing-cpf