Skip to content
This repository has been archived by the owner on Feb 28, 2024. It is now read-only.

[BUG-233009] Add RSA Signature Methods #10173

Open
sl-service-account opened this issue Dec 2, 2022 · 1 comment
Open

[BUG-233009] Add RSA Signature Methods #10173

sl-service-account opened this issue Dec 2, 2022 · 1 comment

Comments

@sl-service-account
Copy link

How would you like the feature to work?

Add functions to produce and verify RSA signatures so that messages can be verified as coming from a trusted source. Two new methods:

string llSignRSA(string privateKey, string msg, string digest);
string llVerifyRSA(string publicKey, string msg, string digest);

Definitions

  • privateKey PEM formatted private RSA key

  • publicKey PEM formatted public RSA key

  • digest digest algorithm, sha1, sha256, etc.

    Why is this feature important to you? How would it benefit the community?

    RSA signatures can be used to verify that information comes from a trusted source and has been unchanged. This can be used in SL for third parties to verify information sources without sharing private data. It can also be used with various web technologies, such as JWTs.

Original Jira Fields
Field Value
Issue BUG-233009
Summary Add RSA Signature Methods
Type New Feature Request
Priority Unset
Status Accepted
Resolution Accepted
Reporter Signal Linden (signal.linden)
Created at 2022-12-02T19:18:59Z
Updated at 2022-12-02T20:54:14Z
{
  'Build Id': 'unset',
  'Business Unit': ['Platform'],
  'Date of First Response': '2022-12-02T14:54:14.282-0600',
  'How would you like the feature to work?': 'Add functions to produce and verify RSA signatures so that messages can be verified as coming from a trusted source. Two new methods:\r\n\r\n{code}\r\nstring llSignRSA(string privateKey, string msg, string digest);\r\nstring llVerifyRSA(string publicKey, string msg, string digest);\r\n{code}\r\n\r\nh4. Definitions\r\n\r\n* {{privateKey}} PEM formatted private RSA key\r\n* {{publicKey} PEM formatted public RSA key\r\n* {{digest}} digest algorithm, sha1, sha256, etc.',
  'ReOpened Count': 0.0,
  'Severity': 'Unset',
  'Target Viewer Version': 'viewer-development',
  'Why is this feature important to you? How would it benefit the community?': 'RSA signatures can be used to verify that information comes from a trusted source and has been unchanged. This can be used in SL for third parties to verify information sources without sharing private data. It can also be used with various web technologies, such as JWTs.',
}
@sl-service-account
Copy link
Author

Kadah Coba commented at 2022-12-02T20:54:14Z

There has been countless requests for methods to encrypt inter-script communication over the years. While this wouldn't give that explicitly, it essentially would sidestep the need to do so on many applications where the actually contents of the message does not necessarily need to be a secret and more so sent by only authorized peers.

 

Would be very handy for doing auth and verification of/with external web services.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

No branches or pull requests

1 participant