http-signatures-ruby
http-signatures-ruby copied to clipboard
99designs
Sign and verify HTTP messages in Ruby.
I am noticing there are a few important PRs that have been open for a long time on this gem (#12 and #16 specifically). What is the status of this...
I can't seem to use Rack requests (e.g. from Rails) directly in the Verification as they expose headers on a `headers` accessor rather than on the base object itself. I...
For example, something like ``` openssl genrsa -out private.pem 2048 openssl rsa -in private.pem -pubout -out public.pem ```
Hi, thank you for making useful gem :) I've made a tiny update for README.md. `Time#rfc822` (alias of `Time#rfc2822`) represents time zone as `[+-]hhmm` format. While `Time#httpdate` represents time zone...
Hi, I'm @msporny, primary author of the HTTP Signatures specification at IETF for many years now. You've implemented some variation of that specification. I need your help to move that...
Prompted by https://github.com/99designs/http-signatures-php/pull/28 In unit tests I was unable to reliably demonstrate that `a == b` was vulnerable to timing attacks due to non-deterministic timing noise, even for contrived scenarios...
Currently key rotation is difficult; the verifier needs to start verifying with the new key at the same moment the new key is used by the signer. In a high-traffic...
The `keys` option in `Context` may may be an instance of `HttpSignature::KeyStore` or other object that conforms to its API.