README
¶
httpsig
Standards-based HTTP request signing and verification for Go
Introduction
httpsig provides support for signing and verifying HTTP requests according
to the Signing HTTP Messages draft standard. This standard focuses
on signing headers and request paths, and you probably want to sign the
request body too, so body digest calculation according to
Digest Headers is included.
The Big Feature Matrix
This implementation is based on version 05 of Signing HTTP Messages
(draft-ietf-htttpbis-message-signatures-05). Digest computation is based on
version 05 of Digest Headers (draft-ietf-httpbis-digest-headers-05).
Contributing
I would love your help!
httpsig is still a work in progress. You can help by:
- Opening a pull request to resolve an open issue.
- Adding a feature or enhancement of your own! If it might be big, please open an issue first so we can discuss it.
- Improving this
READMEor adding other documentation tohttpsig. - Letting me know if you're using
httpsig.
Documentation
¶
Index ¶
- func IsAlgMismatchError(err error) bool
- func IsInvalidSignatureError(err error) bool
- func IsMalformedSignatureError(err error) bool
- func IsNotSignedError(err error) bool
- func IsSignatureExpiredError(err error) bool
- func IsUnknownKeyError(err error) bool
- func NewSignTransport(transport http.RoundTripper, opts ...signOption) http.RoundTripper
- func NewVerifyMiddleware(opts ...verifyOption) func(http.Handler) http.Handler
- func WithHeaders(hdr ...string) signOption
- func WithHmacSha256(keyID string, secret []byte) signOrVerifyOption
- func WithSignEcdsaP256Sha256(keyID string, pk *ecdsa.PrivateKey) signOption
- func WithSignRsaPssSha512(keyID string, pk *rsa.PrivateKey) signOption
- func WithVerifyEcdsaP256Sha256(keyID string, pk *ecdsa.PublicKey) verifyOption
- func WithVerifyRsaPssSha512(keyID string, pk *rsa.PublicKey) verifyOption
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func IsAlgMismatchError ¶
func IsInvalidSignatureError ¶
func IsNotSignedError ¶
func IsSignatureExpiredError ¶
func IsUnknownKeyError ¶
func NewSignTransport ¶
func NewSignTransport(transport http.RoundTripper, opts ...signOption) http.RoundTripper
NewSignTransport returns a new client transport that wraps the provided transport with http message signing and body digest creation
func NewVerifyMiddleware ¶
NewVerifyMiddleware returns a configured http server middleware that can be used to wrap multiple handlers for http message signature and digest verification.
TODO: form and multipart support
func WithHeaders ¶
func WithHeaders(hdr ...string) signOption
TODO: use this to implement required headers in verify?
func WithHmacSha256 ¶
func WithSignEcdsaP256Sha256 ¶
func WithSignEcdsaP256Sha256(keyID string, pk *ecdsa.PrivateKey) signOption
func WithSignRsaPssSha512 ¶
func WithSignRsaPssSha512(keyID string, pk *rsa.PrivateKey) signOption
func WithVerifyRsaPssSha512 ¶
Types ¶
This section is empty.
Source Files