Version of dependency assert-plus updated: old version was missing
some license information
Corrected examples in http_signing.md, added auto-tests to
automatically validate these examples
1.1.0
Bump version of sshpk dependency, remove peerDependency on it since
it now supports exchanging objects between multiple versions of itself
where possible
1.0.2
Bump min version of jsprim dependency, to include fixes for using
http-signature with browserify
1.0.1
Bump minimum version of sshpk dependency, to include fixes for
whitespace tolerance in key parsing.
1.0.0
First semver release.
#36: Ensure verifySignature does not leak useful timing information
#42: Bring the library up to the latest version of the spec (including the
request-target changes)
Support for ECDSA keys and signatures.
Now uses sshpk for key parsing, validation and conversion.
Fixes for #21, #47, #39 and compatibility with node 0.8
0.11.0
Split up HMAC and Signature verification to avoid vulnerabilities where a
key intended for use with one can be validated against the other method
instead.
0.10.2
Updated versions of most dependencies.
Utility functions exported for PEM => SSH-RSA conversion.
