http-signatures-php
http-signatures-php copied to clipboard
99designs
Sign and verify PSR-7 HTTP messages in PHP.
The latest version of the spec is quite a bit different: - https://www.ietf.org/archive/id/draft-ietf-httpbis-message-signatures-08.html - https://httpsig.org/ I'm trying to use this with a js library (https://github.com/dhensby/node-http-message-signatures/), but can't since the specs...
* Upgraded libraries to latest for php 8.1 * Changed php unit to 9.5 * Changed symfony libs to latest version * switching to laminas-diactoros from zendframework/zend-diactoros which was obsolete...
Hi, I'm @msporny, primary author of the HTTP Signatures specification at IETF for many years now. You've implemented some variation of that specification. I need your help to move that...
It looks like this library currently only supports HMAC signing. It would be great if it also supported RSA signing with a private key!
# Changed log - According to the [official PHP doc](https://www.php.net/manual/en/function.random-bytes.php), the `random_*` functions are available in `php-7.x` versions. Remove this random compatibility dependency because native functions are available in `php-7.x`.
_Copied from https://github.com/99designs/http-signatures-ruby/issues/10_ --- Currently key rotation is difficult; the verifier needs to start verifying with the new key at the same moment the new key is used by the...
See https://github.com/99designs/http-signatures-php/pull/28 for what prompted this. We're currently using a double HMAC approach for signature comparison, as that was the only way for us to securely compare HMAC signatures without...
Currently, many error conditions are thrown as `Exception`. Instead they should be made more specific, all inheriting from a central library-specific base exception. See https://github.com/99designs/http-signatures-ruby for reference.