SHA-256 issue
Guillaume Bilic
guillaume at labsfr.fr
Thu Mar 6 01:57:53 PST 2008
Hi all,
I've managed to set up a php OP using the 2.0.1 library.
Everything works ok except when a consumer push a HMAC-SHA256 via the associate mode.
The server stores the HMAC, but further authentications end with a signature mismatch.
Thomas Harning reported the same issue, but according to the changelog, it should have been solved in the 2.0.1 library.
Disabling the SHA256 support fixes the issue with these consumers.
Btw I noticed this problem with Plaxo website which uses libopkele/0.4:-dirty.
Is there something I could do wrong in the server implementation ?
Thanx for your help,
Guillaume
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openidenabled.com/pipermail/dev/attachments/20080306/d1e80467/attachment.html
More information about the Dev
mailing list