Upgrading the ASK SDK Java Servlets skill request signature verification handler to use the SHA256withRSA signature algorithm using the Signature-256 request header in order to validate the request is a valid Alexa HTTP requests.
Motivation and Context
This change is part of a multi-phase effort to move off of SHA-1 algorithm for all tls usage.
Testing
Screenshots (if appropriate)
Types of changes
[X] Bug fix (non-breaking change which fixes an issue)
[ ] New feature (non-breaking change which adds functionality)
[ ] Breaking change (fix or feature that would cause existing functionality to change)
Checklist
[X] My code follows the code style of this project
[X] My change requires a change to the documentation
[X] I have updated the documentation accordingly
[X] I have read the README document
[ ] I have added tests to cover my changes
Current tests are leveraging the constants that have been updated in this PR so no changes made
[X] All new and existing tests passed
License
[X] By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
Description
Upgrading the ASK SDK Java Servlets skill request signature verification handler to use the SHA256withRSA signature algorithm using the Signature-256 request header in order to validate the request is a valid Alexa HTTP requests.
Motivation and Context
This change is part of a multi-phase effort to move off of SHA-1 algorithm for all tls usage.
Testing
Screenshots (if appropriate)
Types of changes
Checklist
License