Somewhat insecure API signature scheme
cespare opened this issue · comments
I see two issues that both expose you to some kind of length extension attacks. @mdietz can tell you more :)
- No delimiter between the components that comprise the canonical string
- SHA256 instead of HMAC-SHA256
Lots of people get this wrong, but we should fix at some point.
I think a good example is AWS signature generation: