[jira] [Commented] (OLTU-132) SignatureMethod should take in consideration also the header

Antonio Sanso (JIRA) Fri, 20 Dec 2013 07:03:14 -0800

    [ 
https://issues.apache.org/jira/browse/OLTU-132?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13854029#comment-13854029
 ]


Antonio Sanso commented on OLTU-132:
------------------------------------

revised method signatures  to

{code}
    String calculate(String header, String payload, S signingKey);

    boolean verify(String signature, String header, String payload, V 
verifyingKey);
{code}

> SignatureMethod should take in consideration also the header
> ------------------------------------------------------------
>
>                 Key: OLTU-132
>                 URL: https://issues.apache.org/jira/browse/OLTU-132
>             Project: Apache Oltu
>          Issue Type: Bug
>          Components: jose
>            Reporter: Antonio Sanso
>            Assignee: Antonio Sanso
>
> Currently SignatureMethod doesn't take in consideration the header for 
> calculate verifying the signature.
> As per spec the input for the signature is:
>  WS Signing Input
>        ASCII(BASE64URL(UTF8(JWS Protected Header)) || '.' ||
>        BASE64URL(JWS Payload))



--
This message was sent by Atlassian JIRA
(v6.1.4#6159)

[jira] [Commented] (OLTU-132) SignatureMethod should take in consideration also the header

Reply via email to