Ensure encryption is over the signed fields, not the raw fields (#53)

tozny · Feb 6, 2021 · 04131e8 · 04131e8
1 parent 0eb86c8
commit 04131e8
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/client.go b/client.go
@@ -1134,7 +1134,7 @@ func (c *ToznySDKV3) GenerateRealmBrokerNoteToken(ctx context.Context, broker id
 	}
 	// Encrypt the signed note and add the encrypted version of the access
 	// key to the note for the reader to be able to decrypt the note
-	encryptedNoteBody := e3dbClients.EncryptData(rawNoteBody, accessKey)
+	encryptedNoteBody := e3dbClients.EncryptData(signedNote.Data, accessKey)
 	signedNote.Data = *encryptedNoteBody
 	signedNote.EncryptedAccessKey = encryptedAccessKey
 	// Write the broker note