http_signatures 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: d470a2f4d0e20f91439770b757fec53dfe6e0cf7
+  data.tar.gz: 44e3fc97e52f403f4a71c7c0d9aead5440128409
+SHA512:
+  metadata.gz: 6ae9785147e0d0d07deec0af632caafdc67ea901eea51ead27c990ef0bc98e9c39b0b465e7961898271f231aa035fd823ff2a9b026f0ed6c6a3a2344d5142fec
+  data.tar.gz: 69334e7da16049f64d3ccba567a4737c75071290c698699111bfae112449d20bdd570295f9a8053948b6dca023502d395df37f435475f682f407907b21b600f3

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/.rspec

@@ -0,0 +1 @@
+--require spec_helper

data/Gemfile

@@ -0,0 +1,2 @@
+source "https://rubygems.org"
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2014 99designs
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,72 @@
+# HTTP Signatures
+
+Ruby implementation of [HTTP Signatures][draft03] draft specification;
+cryptographically sign and verify HTTP requests and responses.
+
+
+## Usage
+
+Configure a context with your algorithm, keys, headers to sign. In Rails,
+this is best placed in an initializer.
+
+```rb
+require "http_signatures"
+
+$context = HttpSignatures::Context.new(
+  keys: {"examplekey" => "secret-key-here"},
+  algorithm: "hmac-sha256",
+  headers: %w{(request-target) Date Content-Length},
+)
+```
+
+### Messages
+
+A message is an HTTP request or response. A subset of the interface of
+Ruby's Net::HTTPRequest and Net::HTTPResponse is expected; the ability to
+set/read headers via `message["name"]`, and for requests, the presence
+of `message#method` and `message#path` for `(request-target)` support.
+
+```rb
+require "net/http"
+require "time"
+message = Net::HTTP::Get.new(
+  "/path?query=123",
+  "Date" => Time.now.rfc822,
+  "Content-Length" => "0",
+)
+```
+
+### Signing a message
+
+```rb
+$context.signer("examplekey").sign(message)
+```
+
+Now `message` contains the signature headers:
+
+```rb
+message["Signature"]
+# keyId="examplekey",algorithm="hmac-sha256",headers="...",signature="..."
+
+message["Authorization"]
+# Signature keyId="examplekey",algorithm="hmac-sha256",headers="...",signature="..."
+```
+
+### Verifying a signed message
+
+Message verification is not implemented, but will look like this:
+
+* The key ID, algorithm name, header list and provided signature will be parsed
+  from the `Signature` and/or `Authorization` header.
+* The signing string will be derived by selecting the listed headers from the
+  message.
+* The valid signature will be derived by applying the algorithm and secret key.
+* The message is valid if the provided signature matches the valid signature.
+
+
+## Contributing
+
+Pull Requests are welcome.
+
+
+[draft03]: http://tools.ietf.org/html/draft-cavage-http-signatures-03

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/http_signatures.gemspec

@@ -0,0 +1,23 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'http_signatures/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "http_signatures"
+  spec.version       = HttpSignatures::VERSION
+  spec.authors       = ["Paul Annesley"]
+  spec.email         = ["paul@annesley.cc"]
+  spec.summary       = "Sign and verify HTTP messages"
+  spec.homepage      = "https://github.com/99designs/http-signatures-ruby"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.5"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency "rspec", "~> 3.0"
+end

data/lib/http_signatures/algorithm/hmac.rb

@@ -0,0 +1,22 @@
+require "openssl"
+
+module HttpSignatures
+  module Algorithm
+    class Hmac
+
+      def initialize(digest_name)
+        @digest_name = digest_name
+        @digest = OpenSSL::Digest.new(digest_name)
+      end
+
+      def name
+        "hmac-#{@digest_name}"
+      end
+
+      def sign(key, data)
+        OpenSSL::HMAC.digest(@digest, key, data)
+      end
+
+    end
+  end
+end

data/lib/http_signatures/algorithm/null.rb

@@ -0,0 +1,15 @@
+module HttpSignatures
+  module Algorithm
+    class Null
+
+      def name
+        "null"
+      end
+
+      def sign(key, data)
+        "null"
+      end
+
+    end
+  end
+end

data/lib/http_signatures/algorithm.rb

@@ -0,0 +1,20 @@
+module HttpSignatures
+  module Algorithm
+
+    def self.create(name)
+      case name
+      when "null" then Null.new
+      when "hmac-sha1" then Hmac.new("sha1")
+      when "hmac-sha256" then Hmac.new("sha256")
+      else raise UnknownAlgorithm.new(name)
+      end
+    end
+
+    class UnknownAlgorithm < StandardError
+      def initialize(name)
+        super("Unknown algorithm name '#{name}'")
+      end
+    end
+
+  end
+end

data/lib/http_signatures/context.rb

@@ -0,0 +1,19 @@
+module HttpSignatures
+  class Context
+
+    def initialize(keys: {}, algorithm: nil, headers: nil)
+      @key_store = KeyStore.new(keys)
+      @algorithm_name = algorithm
+      @headers = headers
+    end
+
+    def signer(key_id)
+      Signer.new(
+        key: @key_store.fetch(key_id),
+        algorithm: Algorithm.create(@algorithm_name),
+        header_list: HeaderList.new(@headers),
+      )
+    end
+
+  end
+end

data/lib/http_signatures/header_list.rb

@@ -0,0 +1,49 @@
+module HttpSignatures
+  class HeaderList
+
+    # cannot sign the signature headers
+    ILLEGAL = ["authorization", "signature"]
+
+    def self.from_string(string)
+      new(string.split(" "))
+    end
+
+    def initialize(names)
+      @names = names.map(&:downcase)
+      validate_names!
+    end
+
+    def to_a
+      @names.dup
+    end
+
+    def to_s
+      @names.join(" ")
+    end
+
+    private
+
+    def validate_names!
+      if @names.empty?
+        raise EmptyHeaderList
+      end
+      if illegal_headers_present.any?
+        raise IllegalHeader, illegal_headers_present
+      end
+    end
+
+    def illegal_headers_present
+      ILLEGAL & @names
+    end
+
+    class IllegalHeader < StandardError
+      def initialize(names)
+        names_string = names.map { |n| "'#{n}'" }.join(", ")
+        super("Header #{names_string} not permitted")
+      end
+    end
+
+    class EmptyHeaderList < StandardError; end
+
+  end
+end

data/lib/http_signatures/key.rb

@@ -0,0 +1,19 @@
+module HttpSignatures
+  class Key
+
+    def initialize(id:, secret:)
+      @id = id
+      @secret = secret
+    end
+
+    attr_reader :id
+    attr_reader :secret
+
+    def ==(other)
+      self.class == other.class &&
+        self.id == other.id &&
+        self.secret == other.secret
+    end
+
+  end
+end

data/lib/http_signatures/key_store.rb

@@ -0,0 +1,20 @@
+module HttpSignatures
+  class KeyStore
+
+    def initialize(key_hash)
+      @keys = {}
+      key_hash.each { |id, secret| self[id] = secret }
+    end
+
+    def fetch(id)
+      @keys.fetch(id)
+    end
+
+    private
+
+    def []=(id, secret)
+      @keys[id] = Key.new(id: id, secret: secret)
+    end
+
+  end
+end

data/lib/http_signatures/signature_parameters.rb

@@ -0,0 +1,33 @@
+require "base64"
+
+module HttpSignatures
+  class SignatureParameters
+
+    def initialize(key:, algorithm:, header_list:, signature:)
+      @key = key
+      @algorithm = algorithm
+      @header_list = header_list
+      @signature = signature
+    end
+
+    def to_str
+      parameter_components.join(",")
+    end
+
+    private
+
+    def parameter_components
+      pc = []
+      pc << 'keyId="%s"' % @key.id
+      pc << 'algorithm="%s"' % @algorithm.name
+      pc << 'headers="%s"' % @header_list.to_s
+      pc << 'signature="%s"' % signature_base64
+      pc
+    end
+
+    def signature_base64
+      Base64.strict_encode64(@signature)
+    end
+
+  end
+end

data/lib/http_signatures/signer.rb

@@ -0,0 +1,51 @@
+module HttpSignatures
+  class Signer
+
+    AUTHORIZATION_SCHEME = "Signature"
+
+    def initialize(key:, algorithm:, header_list:)
+      @key = key
+      @algorithm = algorithm
+      @header_list = header_list
+    end
+
+    def sign(message)
+      message.tap do |m|
+        signature = signature_parameters_for_message(message).to_str
+        m["Signature"] = [signature]
+        m["Authorization"] = [AUTHORIZATION_SCHEME + " " + signature]
+      end
+    end
+
+    private
+
+    def signature_parameters_for_message(message)
+      SignatureParameters.new(
+        key: @key,
+        algorithm: @algorithm,
+        header_list: @header_list,
+        signature: signature_for_message(message),
+      )
+    end
+
+    def signature_for_message(message)
+      @algorithm.sign(@key.secret, signing_string_for_message(message))
+    end
+
+    def signing_string_for_message(message)
+      SigningString.new(
+        header_list: @header_list,
+        message: message,
+      ).to_s
+    end
+
+    class EmptyHeaderNames < StandardError; end
+
+    class MessageMissingHeader < StandardError
+      def initialize(name)
+        super("Message missing header '#{name}'")
+      end
+    end
+
+  end
+end

data/lib/http_signatures/signing_string.rb

@@ -0,0 +1,37 @@
+module HttpSignatures
+  class SigningString
+
+    REQUEST_TARGET = "(request-target)"
+
+    def initialize(header_list:, message:)
+      @header_list = header_list
+      @message = message
+    end
+
+    def to_s
+      @header_list.to_a.map do |header|
+        "%s: %s" % [header, header_value(header)]
+      end.join("\n")
+    end
+
+    def header_value(header)
+      if header == REQUEST_TARGET
+        request_target
+      else
+        @message.fetch(header) { raise HeaderNotInMessage, header }
+      end
+    end
+
+    def request_target
+      "%s %s" % [@message.method.downcase, @message.path]
+    end
+
+  end
+
+  class HeaderNotInMessage < StandardError
+    def initialize(name)
+      super("Header '#{name}' not in message")
+    end
+  end
+
+end

data/lib/http_signatures/version.rb

@@ -0,0 +1,3 @@
+module HttpSignatures
+  VERSION = "0.0.1"
+end

data/lib/http_signatures.rb

@@ -0,0 +1,14 @@
+require "http_signatures/algorithm"
+require "http_signatures/algorithm/hmac"
+require "http_signatures/algorithm/null"
+require "http_signatures/context"
+require "http_signatures/header_list"
+require "http_signatures/key"
+require "http_signatures/key_store"
+require "http_signatures/signature_parameters"
+require "http_signatures/signer"
+require "http_signatures/signing_string"
+require "http_signatures/version"
+
+module HttpSignatures
+end

data/spec/algorithm_spec.rb

@@ -0,0 +1,33 @@
+require "base64"
+
+RSpec.describe HttpSignatures::Algorithm do
+
+  let(:key) { "the-key" }
+  let(:input) { "the string\nto sign" }
+
+  {
+    "null" => "bnVsbA==", # "null"
+    "hmac-sha1" => "bXPeVc5ySIyeUapN7mpMsJRnxVg=",
+    "hmac-sha256" => "hRQ5zpbGudR1hokS4PqeAkveKmz2dd8SCgV8OHcramI=",
+  }.each do |name, base64_signature|
+
+    describe ".create('#{name}')" do
+      let(:algorithm) { HttpSignatures::Algorithm.create(name) }
+      it "has #name == '#{name}'" do
+        expect(algorithm.name).to eq(name)
+      end
+      it "produces known-good signature" do
+        signature = algorithm.sign(key, input)
+        expect(signature).to eq(Base64.strict_decode64(base64_signature))
+      end
+    end
+
+  end
+
+  it "raises error for unknown algorithm" do
+    expect {
+      HttpSignatures::Algorithm.create(name: "nope", key: nil)
+    }.to raise_error(HttpSignatures::Algorithm::UnknownAlgorithm)
+  end
+
+end

data/spec/context_spec.rb

@@ -0,0 +1,30 @@
+require "net/http"
+
+RSpec.describe HttpSignatures::Context do
+
+  subject(:context) do
+    HttpSignatures::Context.new(
+      keys: {"hello" => "world"},
+      algorithm: "null",
+      headers: %w{(request-target) date content-length},
+    )
+  end
+
+  let(:message) { Net::HTTP::Get.new("/", "date" => "x", "content-length" => "0") }
+
+  describe "#signer" do
+    it "instantiates Signer with key, algorithm, headers" do
+      expect(HttpSignatures::Signer).to receive(:new) do |args|
+        expect(args[:key]).to eq(HttpSignatures::Key.new(id: "hello", secret: "world"))
+        expect(args[:algorithm].name).to eq("null")
+        expect(args[:header_list].to_a).to eq(%w{(request-target) date content-length})
+      end
+      context.signer("hello")
+    end
+
+    it "signs without errors" do
+      context.signer("hello").sign(message)
+    end
+  end
+
+end

data/spec/header_list_spec.rb

@@ -0,0 +1,36 @@
+RSpec.describe HttpSignatures::HeaderList do
+
+  describe ".from_string" do
+    it "loads and normalizes header names" do
+      expect(HttpSignatures::HeaderList).to receive(:new).with(
+        ["(request-target)", "Date", "Content-Type"]
+      )
+      HttpSignatures::HeaderList.from_string(
+        "(request-target) Date Content-Type"
+      )
+    end
+  end
+
+  describe ".new" do
+    it "normalizes header names (downcase)" do
+      list = HttpSignatures::HeaderList.new(["(request-target)", "Date", "Content-Type"])
+      expect(list.to_a).to eq(["(request-target)", "date", "content-type"])
+    end
+
+    ["Authorization", "Signature"].each do |header|
+      it "raises IllegalHeader for #{header} header" do
+        expect {
+          HttpSignatures::HeaderList.new([header])
+        }.to raise_error(HttpSignatures::HeaderList::IllegalHeader)
+      end
+    end
+  end
+
+  describe "#to_s" do
+    it "joins normalized header names with spaces" do
+      list = HttpSignatures::HeaderList.new(["(request-target)", "Date", "Content-Type"])
+      expect(list.to_s).to eq("(request-target) date content-type")
+    end
+  end
+
+end

data/spec/key_store_spec.rb

@@ -0,0 +1,23 @@
+RSpec.describe HttpSignatures::KeyStore do
+
+  subject(:store) do
+    HttpSignatures::KeyStore.new(
+      "hello" => "world",
+      "another" => "key",
+    )
+  end
+
+  describe "#fetch" do
+    it "retrieves keys" do
+      expect(store.fetch("hello")).to eq(
+        HttpSignatures::Key.new(id: "hello", secret: "world")
+      )
+    end
+    it "raises KeyError" do
+      expect {
+        store.fetch("nope")
+      }.to raise_error(KeyError)
+    end
+  end
+
+end

data/spec/signer_spec.rb

@@ -0,0 +1,85 @@
+require "net/http"
+
+RSpec.describe HttpSignatures::Signer do
+
+  EXAMPLE_DATE = "Mon, 28 Jul 2014 15:39:13 -0700"
+
+  subject(:signer) do
+    HttpSignatures::Signer.new(key: key, algorithm: algorithm, header_list: header_list)
+  end
+  let(:key) { HttpSignatures::Key.new(id: "pda", secret: "sh") }
+  let(:algorithm) { HttpSignatures::Algorithm::Null.new }
+  let(:header_list) { HttpSignatures::HeaderList.new(["date", "content-type"]) }
+
+  let(:message) do
+    Net::HTTP::Get.new(
+      "/path?query=123",
+      "Date" => EXAMPLE_DATE,
+      "Content-Type" => "text/plain",
+      "Content-Length" => "123",
+    )
+  end
+
+  let(:authorization_structure_pattern) do
+    %r{
+      \A
+      Signature
+      \s
+      keyId="[\w-]+",
+      algorithm="[\w-]+",
+      (?:headers=".*",)?
+      signature="[a-zA-Z0-9/+=]+"
+      \z
+    }x
+  end
+
+  let(:signature_structure_pattern) do
+    %r{
+      \A
+      keyId="[\w-]+",
+      algorithm="[\w-]+",
+      (?:headers=".*",)?
+      signature="[a-zA-Z0-9/+=]+"
+      \z
+    }x
+  end
+
+  describe "#sign" do
+    it "passes correct signing string to algorithm" do
+      expect(algorithm).to receive(:sign).with(
+        "sh",
+        [
+          "date: #{EXAMPLE_DATE}",
+          "content-type: text/plain",
+        ].join("\n")
+      ).and_return("null")
+      signer.sign(message)
+    end
+    it "returns reference to the mutated input" do
+      expect(signer.sign(message)).to eq(message)
+    end
+  end
+
+  context "after signing" do
+    before { signer.sign(message) }
+    it "has valid Authorization header structure" do
+      expect(message["Authorization"]).to match(authorization_structure_pattern)
+    end
+    it "has valid Signature header structure" do
+      expect(message["Signature"]).to match(signature_structure_pattern)
+    end
+    it "matches expected Authorization header" do
+      expect(message["Authorization"]).to eq(
+        'Signature keyId="pda",algorithm="null",' +
+          'headers="date content-type",signature="bnVsbA=="'
+      )
+    end
+    it "matches expected Signature header" do
+      expect(message["Signature"]).to eq(
+        'keyId="pda",algorithm="null",' +
+          'headers="date content-type",signature="bnVsbA=="'
+      )
+    end
+  end
+
+end

data/spec/signing_string_spec.rb

@@ -0,0 +1,42 @@
+require "net/http"
+
+RSpec.describe HttpSignatures::SigningString do
+
+  DATE = "Tue, 29 Jul 2014 14:17:02 -0700"
+
+  subject(:signing_string) do
+    HttpSignatures::SigningString.new(
+      header_list: header_list,
+      message: message,
+    )
+  end
+
+  let(:header_list) do
+    HttpSignatures::HeaderList.from_string("(request-target) date")
+  end
+
+  let(:message) do
+    Net::HTTP::Get.new("/path?query=123", "date" => DATE, "x-herring" => "red")
+  end
+
+  describe "#to_s" do
+
+    it "returns correct signing string" do
+      expect(signing_string.to_s).to eq(
+        "(request-target): get /path?query=123\n" +
+        "date: #{DATE}"
+      )
+    end
+
+    context "for header not in message" do
+      let(:header_list) { HttpSignatures::HeaderList.from_string("nope") }
+      it "raises HeaderNotInMessage" do
+        expect {
+          signing_string.to_s
+        }.to raise_error(HttpSignatures::HeaderNotInMessage)
+      end
+    end
+
+  end
+
+end

data/spec/spec_helper.rb

@@ -0,0 +1,12 @@
+require "http_signatures"
+
+# http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
+RSpec.configure do |c|
+
+  c.color = true
+
+  c.default_formatter = "documentation"
+
+  c.disable_monkey_patching!
+
+end

metadata

@@ -0,0 +1,119 @@
+--- !ruby/object:Gem::Specification
+name: http_signatures
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Paul Annesley
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-07-29 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+description: 
+email:
+- paul@annesley.cc
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- http_signatures.gemspec
+- lib/http_signatures.rb
+- lib/http_signatures/algorithm.rb
+- lib/http_signatures/algorithm/hmac.rb
+- lib/http_signatures/algorithm/null.rb
+- lib/http_signatures/context.rb
+- lib/http_signatures/header_list.rb
+- lib/http_signatures/key.rb
+- lib/http_signatures/key_store.rb
+- lib/http_signatures/signature_parameters.rb
+- lib/http_signatures/signer.rb
+- lib/http_signatures/signing_string.rb
+- lib/http_signatures/version.rb
+- spec/algorithm_spec.rb
+- spec/context_spec.rb
+- spec/header_list_spec.rb
+- spec/key_store_spec.rb
+- spec/signer_spec.rb
+- spec/signing_string_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/99designs/http-signatures-ruby
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: Sign and verify HTTP messages
+test_files:
+- spec/algorithm_spec.rb
+- spec/context_spec.rb
+- spec/header_list_spec.rb
+- spec/key_store_spec.rb
+- spec/signer_spec.rb
+- spec/signing_string_spec.rb
+- spec/spec_helper.rb