generic-library/poco
1
0
Fork 0
mirror of https://github.com/pocoproject/poco.git synced 2024-12-12 10:13:51 +01:00
Code Issues Projects Releases Wiki Activity

don't allow empty HMAC key for verification

Browse Source
This commit is contained in:
Günter Obiltschnig 2019-07-31 08:09:57 +02:00
parent 6c828018df
commit 651ab74390
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
JWT/src/Signer.cpp
View File

@ -132,6 +132,8 @@ class HMACAlgorithm: public Algorithm
public:
Poco::DigestEngine::Digest sign(const Signer& signer, const std::string& header, const std::string& payload)
{
if (signer.getHMACKey().empty()) throw SignatureGenerationException("No HMAC key available");
Poco::HMACEngine<Engine> hmac(signer.getHMACKey());
hmac.update(header);
hmac.update('.');