The keylen was being set to apr_base64_decode_len, which is only an
upper bound on the decoded length, not the exact value. This in turn led
to random extra bytes being appended to the key, which in some cases
lead to signature verification failures.
The keylen was being set to apr_base64_decode_len, which is only an upper bound on the decoded length, not the exact value. This in turn led to random extra bytes being appended to the key, which in some cases lead to signature verification failures.
Closes #23.