Hello, I'm trying to verify aws sns messages in deno given a signing cert (in pem format, RSA sha1) and signature. However, when I do crypto.subtle.importKey, I keep getting this error:
DOMException: ASN.1 error: unexpected ASN.1 DER tag: expected OBJECT IDENTIFIER, got CONTEXT-SPECIFIC [0] (constructed) at DER byte 8
at new DOMException (ext:deno_web/01_dom_exception.js:115:20)
at new <anonymous> (ext:sb_core_main_js/js/errors.js:23:9)
at Object.DOMExceptionDataError (ext:core/01_core.js:232:46)
at buildCustomError (ext:core/01_core.js:245:36)
at importKeyRSA (ext:deno_crypto/00_crypto.js:3425:10)
at SubtleCrypto.importKey (ext:deno_crypto/00_crypto.js:985:16)
DOMException: ASN.1 error: unexpected ASN.1 DER tag: expected OBJECT IDENTIFIER, got CONTEXT-SPECIFIC [0] (constructed) at DER byte 8
at new DOMException (ext:deno_web/01_dom_exception.js:115:20)
at new <anonymous> (ext:sb_core_main_js/js/errors.js:23:9)
at Object.DOMExceptionDataError (ext:core/01_core.js:232:46)
at buildCustomError (ext:core/01_core.js:245:36)
at importKeyRSA (ext:deno_crypto/00_crypto.js:3425:10)
at SubtleCrypto.importKey (ext:deno_crypto/00_crypto.js:985:16)
My attempt:
await crypto.subtle.importKey(
"spki",
binaryDer, // where binaryDer is as derived here: https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/importKey#subjectpublickeyinfo_import (but with BEGIN CERTIFICATE and END CERTIFICATE)
{
name: "RSASSA-PKCS1-v1_5",
hash: "SHA-1",
},
true,
["verify"],
);
await crypto.subtle.importKey(
"spki",
binaryDer, // where binaryDer is as derived here: https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/importKey#subjectpublickeyinfo_import (but with BEGIN CERTIFICATE and END CERTIFICATE)