The findResponder() routing in verify.js will throw an exception in case it is unable to verify the signature. This exception is not caught in verify() and thus will lead to crashing of the application.
project/node_modules/ocsp/lib/ocsp/verify.js:25
throw new Error('Invalid signature');
^
Error: Invalid signature
at findResponder (project/node_modules/ocsp/lib/ocsp/verify.js:25:13)
at Object.verify (project/eidas-cert-check/node_modules/ocsp/lib/ocsp/verify.js:72:22)
at project/node_modules/ocsp/lib/ocsp/check.js:38:12
at done (project/node_modules/ocsp/lib/ocsp/utils.js:26:7)
at IncomingMessage.<anonymous> (project/node_modules/ocsp/lib/ocsp/utils.js:46:7)
at IncomingMessage.emit (events.js:327:22)
at endReadableNT (_stream_readable.js:1224:12)
at processTicksAndRejections (internal/process/task_queues.js:84:21)
The
findResponder()routing inverify.jswill throw an exception in case it is unable to verify the signature. This exception is not caught inverify()and thus will lead to crashing of the application.