fsevents 1.0.5 → 1.0.6

package/node_modules/hawk/test/uri.js

@@ -28,7 +28,7 @@ describe('Uri', function () {
         var credentials = {
             id: id,
             key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
-            algorithm: 'sha256',
+            algorithm: (id === '1' ? 'sha1' : 'sha256'),
             user: 'steve'
         };
 
@@ -44,15 +44,15 @@ describe('Uri', function () {
             port: 80
         };
 
-        credentialsFunc('123456', function (err, credentials) {
+        credentialsFunc('123456', function (err, credentials1) {
 
-            var bewit = Hawk.uri.getBewit('http://example.com/resource/4?a=1&b=2', { credentials: credentials, ttlSec: 60 * 60 * 24 * 365 * 100, ext: 'some-app-data' });
+            var bewit = Hawk.uri.getBewit('http://example.com/resource/4?a=1&b=2', { credentials: credentials1, ttlSec: 60 * 60 * 24 * 365 * 100, ext: 'some-app-data' });
             req.url += '&bewit=' + bewit;
 
-            Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
+            Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials2, attributes) {
 
                 expect(err).to.not.exist();
-                expect(credentials.user).to.equal('steve');
+                expect(credentials2.user).to.equal('steve');
                 expect(attributes.ext).to.equal('some-app-data');
                 done();
             });
@@ -68,15 +68,15 @@ describe('Uri', function () {
             port: 80
         };
 
-        credentialsFunc('123456', function (err, credentials) {
+        credentialsFunc('123456', function (err, credentials1) {
 
-            var bewit = Hawk.uri.getBewit('http://example.com/resource/4?a=1&b=2', { credentials: credentials, ttlSec: 60 * 60 * 24 * 365 * 100 });
+            var bewit = Hawk.uri.getBewit('http://example.com/resource/4?a=1&b=2', { credentials: credentials1, ttlSec: 60 * 60 * 24 * 365 * 100 });
             req.url += '&bewit=' + bewit;
 
-            Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
+            Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials2, attributes) {
 
                 expect(err).to.not.exist();
-                expect(credentials.user).to.equal('steve');
+                expect(credentials2.user).to.equal('steve');
                 done();
             });
         });
@@ -156,7 +156,7 @@ describe('Uri', function () {
 
     it('should fail on method other than GET', function (done) {
 
-        credentialsFunc('123456', function (err, credentials) {
+        credentialsFunc('123456', function (err, credentials1) {
 
             var req = {
                 method: 'POST',
@@ -167,7 +167,7 @@ describe('Uri', function () {
 
             var exp = Math.floor(Hawk.utils.now() / 1000) + 60;
             var ext = 'some-app-data';
-            var mac = Hawk.crypto.calculateMac('bewit', credentials, {
+            var mac = Hawk.crypto.calculateMac('bewit', credentials1, {
                 timestamp: exp,
                 nonce: '',
                 method: req.method,
@@ -177,11 +177,11 @@ describe('Uri', function () {
                 ext: ext
             });
 
-            var bewit = credentials.id + '\\' + exp + '\\' + mac + '\\' + ext;
+            var bewit = credentials1.id + '\\' + exp + '\\' + mac + '\\' + ext;
 
             req.url += '&bewit=' + Hoek.base64urlEncode(bewit);
 
-            Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
+            Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials2, attributes) {
 
                 expect(err).to.exist();
                 expect(err.output.payload.message).to.equal('Invalid method');
@@ -601,31 +601,20 @@ describe('Uri', function () {
             done();
         });
     });
-    describe('authenticateMessage()', function () {
-
-        var credentialsFunc = function (id, callback) {
 
-            var credentials = {
-                id: id,
-                key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
-                algorithm: (id === '1' ? 'sha1' : 'sha256'),
-                user: 'steve'
-            };
-
-            return callback(null, credentials);
-        };
+    describe('authenticateMessage()', function () {
 
         it('should generate an authorization then successfully parse it', function (done) {
 
-            credentialsFunc('123456', function (err, credentials) {
+            credentialsFunc('123456', function (err, credentials1) {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials });
+                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, function (err, credentials) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, function (err, credentials2) {
 
                     expect(err).to.not.exist();
-                    expect(credentials.user).to.equal('steve');
+                    expect(credentials2.user).to.equal('steve');
                     done();
                 });
             });
@@ -633,12 +622,12 @@ describe('Uri', function () {
 
         it('should fail authorization on mismatching host', function (done) {
 
-            credentialsFunc('123456', function (err, credentials) {
+            credentialsFunc('123456', function (err, credentials1) {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials });
+                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
-                Hawk.server.authenticateMessage('example1.com', 8080, 'some message', auth, credentialsFunc, {}, function (err, credentials) {
+                Hawk.server.authenticateMessage('example1.com', 8080, 'some message', auth, credentialsFunc, {}, function (err, credentials2) {
 
                     expect(err).to.exist();
                     expect(err.message).to.equal('Bad mac');
@@ -649,12 +638,12 @@ describe('Uri', function () {
 
         it('should fail authorization on stale timestamp', function (done) {
 
-            credentialsFunc('123456', function (err, credentials) {
+            credentialsFunc('123456', function (err, credentials1) {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials });
+                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, { localtimeOffsetMsec: 100000 }, function (err, credentials) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, { localtimeOffsetMsec: 100000 }, function (err, credentials2) {
 
                     expect(err).to.exist();
                     expect(err.message).to.equal('Stale timestamp');
@@ -665,12 +654,12 @@ describe('Uri', function () {
 
         it('overrides timestampSkewSec', function (done) {
 
-            credentialsFunc('123456', function (err, credentials) {
+            credentialsFunc('123456', function (err, credentials1) {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials, localtimeOffsetMsec: 100000 });
+                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1, localtimeOffsetMsec: 100000 });
                 expect(auth).to.exist();
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, { timestampSkewSec: 500 }, function (err, credentials) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, { timestampSkewSec: 500 }, function (err, credentials2) {
 
                     expect(err).to.not.exist();
                     done();
@@ -680,13 +669,13 @@ describe('Uri', function () {
 
         it('should fail authorization on invalid authorization', function (done) {
 
-            credentialsFunc('123456', function (err, credentials) {
+            credentialsFunc('123456', function (err, credentials1) {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials });
+                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
                 delete auth.id;
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, function (err, credentials) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, function (err, credentials2) {
 
                     expect(err).to.exist();
                     expect(err.message).to.equal('Invalid authorization');
@@ -697,12 +686,12 @@ describe('Uri', function () {
 
         it('should fail authorization on bad hash', function (done) {
 
-            credentialsFunc('123456', function (err, credentials) {
+            credentialsFunc('123456', function (err, credentials1) {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials });
+                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message1', auth, credentialsFunc, {}, function (err, credentials) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message1', auth, credentialsFunc, {}, function (err, credentials2) {
 
                     expect(err).to.exist();
                     expect(err.message).to.equal('Bad message hash');
@@ -713,9 +702,9 @@ describe('Uri', function () {
 
         it('should fail authorization on nonce error', function (done) {
 
-            credentialsFunc('123456', function (err, credentials) {
+            credentialsFunc('123456', function (err, credentials1) {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials });
+                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
                 Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {
@@ -723,7 +712,7 @@ describe('Uri', function () {
 
                         callback(new Error('kaboom'));
                     }
-                }, function (err, credentials) {
+                }, function (err, credentials2) {
 
                     expect(err).to.exist();
                     expect(err.message).to.equal('Invalid nonce');
@@ -734,9 +723,9 @@ describe('Uri', function () {
 
         it('should fail authorization on credentials error', function (done) {
 
-            credentialsFunc('123456', function (err, credentials) {
+            credentialsFunc('123456', function (err, credentials1) {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials });
+                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
                 var errFunc = function (id, callback) {
@@ -744,7 +733,7 @@ describe('Uri', function () {
                     callback(new Error('kablooey'));
                 };
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials2) {
 
                     expect(err).to.exist();
                     expect(err.message).to.equal('kablooey');
@@ -755,9 +744,9 @@ describe('Uri', function () {
 
         it('should fail authorization on missing credentials', function (done) {
 
-            credentialsFunc('123456', function (err, credentials) {
+            credentialsFunc('123456', function (err, credentials1) {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials });
+                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
                 var errFunc = function (id, callback) {
@@ -765,7 +754,7 @@ describe('Uri', function () {
                     callback();
                 };
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials2) {
 
                     expect(err).to.exist();
                     expect(err.message).to.equal('Unknown credentials');
@@ -776,9 +765,9 @@ describe('Uri', function () {
 
         it('should fail authorization on invalid credentials', function (done) {
 
-            credentialsFunc('123456', function (err, credentials) {
+            credentialsFunc('123456', function (err, credentials1) {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials });
+                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
                 var errFunc = function (id, callback) {
@@ -786,7 +775,7 @@ describe('Uri', function () {
                     callback(null, {});
                 };
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials2) {
 
                     expect(err).to.exist();
                     expect(err.message).to.equal('Invalid credentials');
@@ -797,9 +786,9 @@ describe('Uri', function () {
 
         it('should fail authorization on invalid credentials algorithm', function (done) {
 
-            credentialsFunc('123456', function (err, credentials) {
+            credentialsFunc('123456', function (err, credentials1) {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials });
+                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
                 var errFunc = function (id, callback) {
@@ -807,7 +796,7 @@ describe('Uri', function () {
                     callback(null, { key: '123', algorithm: '456' });
                 };
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials2) {
 
                     expect(err).to.exist();
                     expect(err.message).to.equal('Unknown algorithm');
@@ -818,9 +807,9 @@ describe('Uri', function () {
 
         it('should fail on missing host', function (done) {
 
-            credentialsFunc('123456', function (err, credentials) {
+            credentialsFunc('123456', function (err, credentials1) {
 
-                var auth = Hawk.client.message(null, 8080, 'some message', { credentials: credentials });
+                var auth = Hawk.client.message(null, 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.not.exist();
                 done();
             });
@@ -835,9 +824,9 @@ describe('Uri', function () {
 
         it('should fail on invalid algorithm', function (done) {
 
-            credentialsFunc('123456', function (err, credentials) {
+            credentialsFunc('123456', function (err, credentials1) {
 
-                var creds = Hoek.clone(credentials);
+                var creds = Hoek.clone(credentials1);
                 creds.algorithm = 'blah';
                 var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: creds });
                 expect(auth).to.not.exist();

package/node_modules/http-signature/CHANGES.md

@@ -0,0 +1,39 @@
+# node-http-signature changelog
+
+## 1.1.0
+
+- Bump version of `sshpk` dependency, remove peerDependency on it since
+  it now supports exchanging objects between multiple versions of itself
+  where possible
+
+## 1.0.2
+
+- Bump min version of `jsprim` dependency, to include fixes for using
+  http-signature with `browserify`
+
+## 1.0.1
+
+- Bump minimum version of `sshpk` dependency, to include fixes for
+  whitespace tolerance in key parsing.
+
+## 1.0.0
+
+- First semver release.
+- #36: Ensure verifySignature does not leak useful timing information
+- #42: Bring the library up to the latest version of the spec (including the 
+       request-target changes)
+- Support for ECDSA keys and signatures.
+- Now uses `sshpk` for key parsing, validation and conversion.
+- Fixes for #21, #47, #39 and compatibility with node 0.8
+
+## 0.11.0
+
+- Split up HMAC and Signature verification to avoid vulnerabilities where a
+  key intended for use with one can be validated against the other method
+  instead.
+
+## 0.10.2
+
+- Updated versions of most dependencies.
+- Utility functions exported for PEM => SSH-RSA conversion.
+- Improvements to tests and examples.

package/node_modules/http-signature/http_signing.md

@@ -120,10 +120,10 @@ All requests refer to the following request (body omitted):
 
     POST /foo HTTP/1.1
     Host: example.org
-    Date: Tue, 07 Jun 2011 20:51:35 GMT
+    Date: Tue, 07 Jun 2014 20:51:35 GMT
     Content-Type: application/json
-    Content-MD5: h0auK8hnYJKmHTLhKtMTkQ==
-    Content-Length: 123
+    Digest: SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=
+    Content-Length: 18
 
 The "rsa-key-1" keyId refers to a private key known to the client and a public
 key known to the server. The "hmac-key-1" keyId refers to key known to the
@@ -137,21 +137,21 @@ The authorization header and signature would be generated as:
 
 The client would compose the signing string as:
 
-    date: Tue, 07 Jun 2011 20:51:35 GMT
+    date: Tue, 07 Jun 2014 20:51:35 GMT
 
 ## Header List
 
 The authorization header and signature would be generated as:
 
-    Authorization: Signature keyId="rsa-key-1",algorithm="rsa-sha256",headers="request-line date content-type content-md5",signature="Base64(RSA-SHA256(signing string))"
+    Authorization: Signature keyId="rsa-key-1",algorithm="rsa-sha256",headers="(request-target) date content-type digest",signature="Base64(RSA-SHA256(signing string))"
 
 The client would compose the signing string as (`+ "\n"` inserted for
 readability):
 
-    POST /foo HTTP/1.1 + "\n"
+    (request-target) post /foo + "\n"
     date: Tue, 07 Jun 2011 20:51:35 GMT + "\n"
     content-type: application/json + "\n"
-    content-md5: h0auK8hnYJKmHTLhKtMTkQ==
+    digest: SHA-256=Base64(SHA256(Body))
 
 ## Algorithm
 
@@ -261,9 +261,9 @@ And all examples use this request:
 
     POST /foo?param=value&pet=dog HTTP/1.1
     Host: example.com
-    Date: Thu, 05 Jan 2012 21:31:40 GMT
+    Date: Thu, 05 Jan 2014 21:31:40 GMT
     Content-Type: application/json
-    Content-MD5: Sd/dVLAcvNLSq16eXua5uQ==
+    Digest: SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=
     Content-Length: 18
 
     {"hello": "world"}
@@ -272,7 +272,7 @@ And all examples use this request:
 
 The string to sign would be:
 
-    date: Thu, 05 Jan 2012 21:31:40 GMT
+    date: Thu, 05 Jan 2014 21:31:40 GMT
 
 The Authorization header would be:
 
@@ -283,14 +283,13 @@ The Authorization header would be:
 Parameterized to include all headers, the string to sign would be (`+ "\n"`
 inserted for readability):
 
-    POST /foo?param=value&pet=dog HTTP/1.1 + "\n"
-    host: example.com + "\n"
-    date: Thu, 05 Jan 2012 21:31:40 GMT + "\n"
-    content-type: application/json + "\n"
-    content-md5: Sd/dVLAcvNLSq16eXua5uQ== + "\n"
+    (request-target): post /foo?param=value&pet=dog
+    host: example.com
+    date: Thu, 05 Jan 2014 21:31:40 GMT
+    content-type: application/json
+    digest: SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=
     content-length: 18
 
 The Authorization header would be:
 
-    Authorization: Signature keyId="Test",algorithm="rsa-sha256",headers="request-line host date content-type content-md5 content-length",signature="H/AaTDkJvLELy4i1RujnKlS6dm8QWiJvEpn9cKRMi49kKF+mohZ15z1r+mF+XiKS5kOOscyS83olfBtsVhYjPg2Ei3/D9D4Mvb7bFm9IaLJgYTFFuQCghrKQQFPiqJN320emjHxFowpIm1BkstnEU7lktH/XdXVBo8a6Uteiztw="
-
+    Authorization: Signature keyId="Test",algorithm="rsa-sha256",headers="(request-target) host date content-type digest content-length",signature="jgSqYK0yKclIHfF9zdApVEbDp5eqj8C4i4X76pE+XHoxugXv7qnVrGR+30bmBgtpR39I4utq17s9ghz/2QFVxlnToYAvbSVZJ9ulLd1HQBugO0jOyn9sXOtcN7uNHBjqNCqUsnt0sw/cJA6B6nJZpyNqNyAXKdxZZItOuhIs78w="

package/node_modules/http-signature/lib/index.js

@@ -3,7 +3,7 @@
 var parser = require('./parser');
 var signer = require('./signer');
 var verify = require('./verify');
-var util = require('./util');
+var utils = require('./utils');
 
 
 
@@ -16,10 +16,12 @@ module.exports = {
 
   sign: signer.signRequest,
   signRequest: signer.signRequest,
+  createSigner: signer.createSigner,
+  isSigner: signer.isSigner,
 
-  sshKeyToPEM: util.sshKeyToPEM,
-  sshKeyFingerprint: util.fingerprint,
-  pemToRsaSSHKey: util.pemToRsaSSHKey,
+  sshKeyToPEM: utils.sshKeyToPEM,
+  sshKeyFingerprint: utils.fingerprint,
+  pemToRsaSSHKey: utils.pemToRsaSSHKey,
 
   verify: verify.verifySignature,
   verifySignature: verify.verifySignature,

package/node_modules/http-signature/lib/parser.js

@@ -2,20 +2,17 @@
 
 var assert = require('assert-plus');
 var util = require('util');
+var utils = require('./utils');
 
 
 
 ///--- Globals
 
-var Algorithms = {
-  'rsa-sha1': true,
-  'rsa-sha256': true,
-  'rsa-sha512': true,
-  'dsa-sha1': true,
-  'hmac-sha1': true,
-  'hmac-sha256': true,
-  'hmac-sha512': true
-};
+var HASH_ALGOS = utils.HASH_ALGOS;
+var PK_ALGOS = utils.PK_ALGOS;
+var HttpSignatureError = utils.HttpSignatureError;
+var InvalidAlgorithmError = utils.InvalidAlgorithmError;
+var validateAlgorithm = utils.validateAlgorithm;
 
 var State = {
   New: 0,
@@ -30,17 +27,8 @@ var ParamsState = {
 };
 
 
-
 ///--- Specific Errors
 
-function HttpSignatureError(message, caller) {
-  if (Error.captureStackTrace)
-    Error.captureStackTrace(this, caller || HttpSignatureError);
-
-  this.message = message;
-  this.name = caller.name;
-}
-util.inherits(HttpSignatureError, Error);
 
 function ExpiredRequestError(message) {
   HttpSignatureError.call(this, message, ExpiredRequestError);
@@ -65,7 +53,10 @@ function MissingHeaderError(message) {
 }
 util.inherits(MissingHeaderError, HttpSignatureError);
 
-
+function StrictParsingError(message) {
+  HttpSignatureError.call(this, message, StrictParsingError);
+}
+util.inherits(StrictParsingError, HttpSignatureError);
 
 ///--- Exported API
 
@@ -88,7 +79,7 @@ module.exports = {
    *         "algorithm": "rsa-sha256",
    *         "headers": [
    *           "date" or "x-date",
-   *           "content-md5"
+   *           "digest"
    *         ],
    *         "signature": "base64"
    *       },
@@ -100,6 +91,8 @@ module.exports = {
    *                   - clockSkew: allowed clock skew in seconds (default 300).
    *                   - headers: required header names (def: date or x-date)
    *                   - algorithms: algorithms to support (default: all).
+   *                   - strict: should enforce latest spec parsing
+   *                             (default: false).
    * @return {Object} parsed out object (see above).
    * @throws {TypeError} on invalid input.
    * @throws {InvalidHeaderError} on an invalid Authorization header error.
@@ -108,6 +101,8 @@ module.exports = {
    *                              either in the request headers from the params,
    *                              or not in the params from a required header
    *                              in options.
+   * @throws {StrictParsingError} if old attributes are used in strict parsing
+   *                              mode.
    * @throws {ExpiredRequestError} if the value of date or x-date exceeds skew.
    */
   parseRequest: function parseRequest(request, options) {
@@ -148,7 +143,6 @@ module.exports = {
       get keyId() {
         return this.params.keyId;
       }
-
     };
 
     var authz = request.headers.authorization;
@@ -243,23 +237,43 @@ module.exports = {
 
     // Check the algorithm against the official list
     parsed.params.algorithm = parsed.params.algorithm.toLowerCase();
-    if (!Algorithms[parsed.params.algorithm])
-      throw new InvalidParamsError(parsed.params.algorithm +
-                                   ' is not supported');
+    try {
+      validateAlgorithm(parsed.params.algorithm);
+    } catch (e) {
+      if (e instanceof InvalidAlgorithmError)
+        throw (new InvalidParamsError(parsed.params.algorithm + ' is not ' +
+          'supported'));
+      else
+        throw (e);
+    }
 
     // Build the signingString
     for (i = 0; i < parsed.params.headers.length; i++) {
       var h = parsed.params.headers[i].toLowerCase();
       parsed.params.headers[i] = h;
 
-      if (h !== 'request-line') {
+      if (h === 'request-line') {
+        if (!options.strict) {
+          /*
+           * We allow headers from the older spec drafts if strict parsing isn't
+           * specified in options.
+           */
+          parsed.signingString +=
+            request.method + ' ' + request.url + ' HTTP/' + request.httpVersion;
+        } else {
+          /* Strict parsing doesn't allow older draft headers. */
+          throw (new StrictParsingError('request-line is not a valid header ' +
+            'with strict parsing enabled.'));
+        }
+      } else if (h === '(request-target)') {
+        parsed.signingString +=
+          '(request-target): ' + request.method.toLowerCase() + ' ' +
+          request.url;
+      } else {
         var value = request.headers[h];
-        if (!value)
+        if (value === undefined)
           throw new MissingHeaderError(h + ' was not in the request');
         parsed.signingString += h + ': ' + value;
-      } else {
-        parsed.signingString +=
-          request.method + ' ' + request.url + ' HTTP/' + request.httpVersion;
       }
 
       if ((i + 1) < parsed.params.headers.length)