MD5 is not a message authentication function

[jcoglan]

In this line, you use MD5 to 'sign' some user data:

signature = Digest::MD5.hexdigest(sig_str + secret);

MD5 should not be used to cryptographically sign data. You should be using a message authentication function like HMAC for this purpose.

[linc]

2b219b2

[jcoglan]

Allowing SHA-1 instead of MD5 does not solve the problem I was reporting; neither MD5 nor SHA-1 is designed for authentication, and both are constructed in such a way that they're vulnerable to length extension attacks.

The problem is not MD5 per se, but the fact that you're using a construction like hash(message + secret). You need to use a message authentication code like HMAC to implement this functionality.