honeymoose
/
jjwt
mirror of https://github.com/jwtk/jjwt.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

TYPO (#706) 

the resulting
string **NOT is** safe to expose publicly => the resulting
string **is NOT** safe to expose publicly
This commit is contained in:
Jacob Lin 2022-04-27 02:42:40 +08:00 committed by GitHub
parent 39c4301ef0
commit b35be95bf3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -1522,7 +1522,7 @@ anyone in the world can take Base64-encoded text, decode it with any standard Ba
underlying raw byte array data. No key or secret is required to decode Base64 text - anyone can do it. underlying raw byte array data. No key or secret is required to decode Base64 text - anyone can do it.
Based on this, when encoding sensitive byte data with Base64 - like a shared or private key - **the resulting Based on this, when encoding sensitive byte data with Base64 - like a shared or private key - **the resulting
string NOT is safe to expose publicly**. string is NOT safe to expose publicly**.
A base64-encoded key is still sensitive information and must A base64-encoded key is still sensitive information and must
be kept as secret and as safe as the original thing you got the bytes from (e.g. a Java `PrivateKey` or `SecretKey` be kept as secret and as safe as the original thing you got the bytes from (e.g. a Java `PrivateKey` or `SecretKey`