sign() return value is always "false"

[pwFoo]

Hi, encrypt / decrypt works fine and now I try to sign and verify (encrypted) messages with jsencrypt, but sign() returns false each time.

    var sign = new JSEncrypt();
    sign.setPrivateKey(keypair.getPrivateKey);
    var signature = sign.sign(EncryptionResult);
//    var signature = sign.sign(EncryptionResult, "sha256");
//    var signature = sign.sign(EncryptionResult, CryptoJS.SHA256, "sha256"); // I have no CryptoJS
//    var signature = sign.sign(EncryptionResult, sha256, "sha256"); // tried https://www.movable-type.co.uk/scripts/sha256.html

Because it seems not supported in 2.3.1 release I updated to latest master with the "false" return value instead of a signature. How to get it running or need to move to another crypto solution like https://github.com/intelliBrain/cryptico-js? I like jsencrypt, but would need the sign / verify feature.

[pwFoo]

cryptico add signature during encryption and verify during decryption, but no feature to sign (unencrypted) messages and some security concerns because of identical public keys found...

So cryptico signs and verify, but could be insecure. So JSEncrypt maybe with a sign / verify workaround would be better.

anyone know how to add working sign / verify to JSEncrypt?

@travist Is 3.0 still developed?

[akanad]

As you can see on the jsencrypt.js, sign() function gets 3 parameters, plaintext, digest function, digest name. verify() function gets also 3 params, platext, signature, digest function.

I was not sure there is a digest function that I can refer to in the library or javascript builtin something (It seems not though) so that I just imported sha256 implementation that I found at github (https://geraintluff.github.io/sha256/)

Actually I did 'c&p' the implementation to my project as sha256_digest() then wrote a kind of auth code like below.

          var encrypt = new JSEncrypt();
          encrypt.setPrivateKey($('#privkey').val());
          var encrypted = encrypt.sign($('#input').val(), sha256_digest, "sha256");
          $('#output').text(encrypted);

          // Decrypt with the private key...
          var decrypt = new JSEncrypt();
          decrypt.setPublicKey($('#pubkey').val());
          var uncrypted = decrypt.verify($('#input').val(), encrypted,sha256_digest);
          $('#output2').text(uncrypted); 

it seems working. I can see cipher at output and true at output2.

I don't verify yet though, go try this : )