Google Git
Sign in
edge/third_party/SermoDigital/jose/ad656f1ad1ae2750ef68b3d2b3219ac962bf364c^!/.
commit
ad656f1ad1ae2750ef68b3d2b3219ac962bf364c
[log] [tgz]
author
Ivan Fraixedes <ivan@fraixed.es>
Wed May 25 12:47:27 2016 +0000
committer
Ivan Fraixedes <ivan@fraixed.es>
Wed May 25 12:47:27 2016 +0000
tree
59b9057861dde33c4a0497f58ea6553c8d184956
parent
2a2a7005e242469734d8d0d110f4bb657bb67759 [diff]
Fix method equality to be able to validate a JWT

Fix method equality for being abile to validate a JWT parsed from JWS
token.
Comparing the two SigningMethod interfaces produce false negative for
the most of the cases where a token is received over th wire and it has
to be parsed to JWT from a JWS as so far there isn't any other way; the
equality fails because the types which implements the interface are
defined on pointers, hence they cannot be assigned to type values and do
a comparison over the values, and the addresses never will be the same
because the one assigned to the internal field of the JWS values is one
that it's not exposed, so a new one SigningMethod (pointer) must be
provided to the `Validate`, provoking that the condition always fails

diff --git a/jws/jws_validate.go b/jws/jws_validate.go
index d064113..e5e3abd 100644
--- a/jws/jws_validate.go
+++ b/jws/jws_validate.go

@@ -196,7 +196,7 @@
 }
 
 func (s *sigHead) verify(pl []byte, key interface{}, method crypto.SigningMethod) error {
-	if s.method != method {
+	if s.method.Alg() != method.Alg() || s.method.Hasher() != method.Hasher() {
 		return ErrMismatchedAlgorithms
 	}
 	return method.Verify(format(s.Protected, pl), s.Signature, key)