Open simonmunro opened 1 day ago
Hi @simonmunro,
when creating the signature, the joseHeader will not contain the private key. On serialization of the JWS only the public key is being exported. So there should be no difference in what you pass to into the VerifySignature.
Okay, thanks. I'll get it working with SigningInput public and see how I get on.
I am trying to get VerifySignature working, but cannot work out what to pass in the payload when I have a public key. In the tests a call is made to an internal method SigningInput, but if it is made public, it still uses joseHeader, which contains the full key, not the public key. I am trying to verify the signature given:
Thanks for working on this an making it open source