Improper Digest Verification in httpsig-hyper May Allow Message Integrity Bypass
An issue was discovered in httpsig-hyper where Digest header verification could incorrectly succeed due to misuse of Rust's matches! macro. Specifically, the comparison: if matches!(digest, _expected_digest) treated _expected_digest as a pattern binding rather than a value comparison, resulting in unconditional success of the match expression. As a consequence, digest verification could incorrectly return success even when the computed digest did not match the expected value. Applications relying on Digest verification …