github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

bas64 decoded signature prior to verifying, modified unit rsa unit test, and fixed ecdsa signer verify

pull/59/head
nemonik 2012-04-02 21:32:42 -04:00
parent 985a4619fa
commit 267f1b2de3
3 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
openid-connect-server/src/main/java/org/mitre/jwt/signer/impl/EcdsaSigner.java
View File

@ -217,6 +217,8 @@ public class EcdsaSigner extends AbstractJwtSigner implements InitializingBean {
@Override @Override
public boolean verify(String jwtString) { public boolean verify(String jwtString) {
boolean value = false;
// split on the dots // split on the dots
List<String> parts = Lists.newArrayList(Splitter.on(".").split( List<String> parts = Lists.newArrayList(Splitter.on(".").split(
jwtString)); jwtString));
@ -234,13 +236,13 @@ public class EcdsaSigner extends AbstractJwtSigner implements InitializingBean {
try { try {
signer.initVerify(publicKey); signer.initVerify(publicKey);
signer.update(signingInput.getBytes("UTF-8")); signer.update(signingInput.getBytes("UTF-8"));
signer.verify(s64.getBytes("UTF-8")); value = signer.verify(Base64.decodeBase64(s64));
} catch (GeneralSecurityException e) { } catch (GeneralSecurityException e) {
logger.error(e); logger.error(e);
} catch (UnsupportedEncodingException e) { } catch (UnsupportedEncodingException e) {
logger.error(e); logger.error(e);
} }
return true; return value;
} }
} }

4
openid-connect-server/src/main/java/org/mitre/jwt/signer/impl/RsaSigner.java
View File

@ -253,13 +253,11 @@ public class RsaSigner extends AbstractJwtSigner implements InitializingBean {
try { try {
signer.initVerify(publicKey); signer.initVerify(publicKey);
signer.update(signingInput.getBytes("UTF-8")); signer.update(signingInput.getBytes("UTF-8"));
value = signer.verify(s64.getBytes("UTF-8")); value = signer.verify(Base64.decodeBase64(s64));
} catch (GeneralSecurityException e) { } catch (GeneralSecurityException e) {
logger.error(e); logger.error(e);
return false;
} catch (UnsupportedEncodingException e) { } catch (UnsupportedEncodingException e) {
logger.error(e); logger.error(e);
return false;
} }
return value; return value;

3
openid-connect-server/src/test/java/org/mitre/jwt/JwtTest.java
View File

@ -162,7 +162,8 @@ public class JwtTest {
signer.sign(jwt); signer.sign(jwt);
String actual = jwt.toString(); String actual = jwt.toString();
assertThat(signer.verify(actual), equalTo(true));
assertThat(actual, equalTo(expected)); assertThat(actual, equalTo(expected));
assertThat(jwt.getSignature(), equalTo(signature)); assertThat(jwt.getSignature(), equalTo(signature));
} }