1 files changed, 46 insertions, 3 deletions

diff --git a/lib/crypto.js b/lib/crypto.js
index 662ddef60e..3e7ed5e9c8 100644
--- a/lib/crypto.js
+++ b/lib/crypto.js
@@ -304,7 +304,28 @@ Sign.prototype.sign = function sign(options, encoding) {
 
   var key = options.key || options;
   var passphrase = options.passphrase || null;
-  var ret = this._handle.sign(toBuf(key), null, passphrase);
+
+  // Options specific to RSA
+  var rsaPadding = constants.RSA_PKCS1_PADDING;
+  if (options.hasOwnProperty('padding')) {
+    if (options.padding === options.padding >> 0) {
+      rsaPadding = options.padding;
+    } else {
+      throw new TypeError('padding must be an integer');
+    }
+  }
+
+  var pssSaltLength = constants.RSA_PSS_SALTLEN_AUTO;
+  if (options.hasOwnProperty('saltLength')) {
+    if (options.saltLength === options.saltLength >> 0) {
+      pssSaltLength = options.saltLength;
+    } else {
+      throw new TypeError('saltLength must be an integer');
+    }
+  }
+
+  var ret = this._handle.sign(toBuf(key), null, passphrase, rsaPadding,
+                              pssSaltLength);
 
   encoding = encoding || exports.DEFAULT_ENCODING;
   if (encoding && encoding !== 'buffer')
@@ -330,9 +351,31 @@ util.inherits(Verify, stream.Writable);
 Verify.prototype._write = Sign.prototype._write;
 Verify.prototype.update = Sign.prototype.update;
 
-Verify.prototype.verify = function verify(object, signature, sigEncoding) {
+Verify.prototype.verify = function verify(options, signature, sigEncoding) {
+  var key = options.key || options;
   sigEncoding = sigEncoding || exports.DEFAULT_ENCODING;
-  return this._handle.verify(toBuf(object), toBuf(signature, sigEncoding));
+
+  // Options specific to RSA
+  var rsaPadding = constants.RSA_PKCS1_PADDING;
+  if (options.hasOwnProperty('padding')) {
+    if (options.padding === options.padding >> 0) {
+      rsaPadding = options.padding;
+    } else {
+      throw new TypeError('padding must be an integer');
+    }
+  }
+
+  var pssSaltLength = constants.RSA_PSS_SALTLEN_AUTO;
+  if (options.hasOwnProperty('saltLength')) {
+    if (options.saltLength === options.saltLength >> 0) {
+      pssSaltLength = options.saltLength;
+    } else {
+      throw new TypeError('saltLength must be an integer');
+    }
+  }
+
+  return this._handle.verify(toBuf(key), toBuf(signature, sigEncoding), null,
+                             rsaPadding, pssSaltLength);
 };
 
 function rsaPublic(method, defaultPadding) {