Skip to content

Feature Notes

Jump to bottom
WebbinRoot edited this page Mar 9, 2026 · 1 revision

Feature Notes

Table of Contents

Signature Calculator

The Signature Calculator is useful when you want to preview how OCISigner signs a request before replaying traffic.

  • Open it from the Static Credentials Configuration area.
  • Paste a raw HTTP request and compute a signature preview.
  • Use the output to compare expected vs actual signed headers during troubleshooting.

Signature Calculator launch point

Figure 1. Signature Calculator launch point in the profile panel.

Signature Calculator request/signature preview

Figure 2. Signature Calculator preview for a pasted HTTP request.

Profile Configuration Options

These options control how and when requests are signed.

These toggles apply immediately; they are not gated by Save.

Global Behavior

Global profile behavior options

Figure 3. Global signing controls and active profile selection.

  • Signing Enabled: toggles all request signing on/off.
  • Always Sign With: selects the active profile used for request processing.

Per-Profile Behavior

Per-profile behavior options

Figure 4. Per-profile signing behavior options.

  • [Default: Off] Only sign in-scope requests: limits signing to Burp Target scope. If nothing is in scope, requests are not signed.
  • [Default: On] Only sign if Authorization exists: signs only requests that already contain an Authorization header.
  • [Default: On] Update timestamp: refreshes date / x-date before signing.

Import and Auto Profiles

OCISigner supports importing OCI profiles into profile management when you do not want to configure every field manually.

Open import workflow

Figure 5. Import action from profile management.

Auto and File import options

Figure 6. Import source options: Auto or File.

Select profiles to import

Figure 7. Import dialog with selectable OCI profiles.

Imported profiles in list

Figure 8. Imported profiles available in profile management.

  • Import -> Auto checks only ~/.oci/config.
  • Import -> File loads a config file from another location.
  • Imported profiles can be edited and saved like any other profile.

Debug and Error Options

Log level control

Figure 9. Log-level setting in global controls.

Extension output view

Figure 10. Extension output/log view for troubleshooting.

  • OCISigner exposes multiple logging verbosity levels.
  • Debug output is written to the extension Output/Error panels in Burp.
  • If signing fails, OCISigner forwards the original request unchanged.

Manual Mode

By default, OCISigner uses OCI Java SDK/provider signing behavior for outgoing requests.

Use Manual (custom) when you want to explicitly control signing details, such as:

  • signing algorithm selection,
  • which headers are included in the signature, or
  • other non-default behavior for advanced testing.

Manual mode selection in profile settings

Figure 11. Manual (custom) option selected for profile signing behavior.

Manual mode signing configuration fields

Figure 12. Manual mode fields for custom signature configuration.

Related

OCISigner Wiki

Clone this wiki locally