httpsig

package module
v0.0.0-...-ab87613 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 1, 2024 License: MIT Imports: 11 Imported by: 0

README

httpsig

Implementation of RFC9421 HTTP Message Signatures

Documentation

Index

Constants

View Source 
const (
	DerivedComponentMethod        = "@method"
	DerivedComponentTargetUri     = "@target-uri"
	DerivedComponentAuthority     = "@authority"
	DerivedComponentScheme        = "@scheme"
	DerivedComponentRequestTarget = "@request-target"
	DerivedComponentPath          = "@path"
	DerivedComponentQuery         = "@query"
	DerivedComponentQueryParam    = "@query-param"
	DerivedComponentStatus        = "@status"

	ComponentSignatureParams = "@signature-params"
)
View Source 
const (
	HeaderContentDigest = "Content-Digest"

	HeaderSignature      = "Signature"
	HeaderSignatureInput = "Signature-Input"
)
View Source 
const (
	SignatureParameterCreated = "created"
	SignatureParameterExpires = "expired"
	SignatureParameterNonce   = "nonce"
	SignatureParameterAlg     = "alg"
	SignatureParameterKeyId   = "keyid"
	SignatureParameterTag     = "tag"
)

Variables

View Source 
var (
	ErrMultipleQueryParamValues = errors.New("multiple query param values")
)

Functions

func GetComponentValue 

func GetComponentValue(name string, msg HttpMessage) (string, error)

GetComponentValue returns a component's value. If the name starts with "@" then it is retrieved as a derived component otherwise it is retrieved from the headers.

func GetQueryParamComponentValue 

func GetQueryParamComponentValue(name string, msg HttpMessage) (string, error)

GetQueryParamComponentValue returns the value of a "@query-param" derived component. name is expected to have the name of the query parameter, e.g. "@query-param";name="var". TODO: handle url encoded @query-param name

Types

type Alg 

type Alg string

func (Alg) Name 

func (k Alg) Name() string

func (Alg) String 

func (c Alg) String() string

func (Alg) Validate 

func (k Alg) Validate() error

func (Alg) Value 

func (k Alg) Value() any

type Algorithm 

type Algorithm interface {
	// The algorithm name which is also the value used
	// for the alg signature parameter
	//
	// https://datatracker.ietf.org/doc/html/rfc9421#name-initial-contents
	Name() string
}

type Component 

type Component struct {
	Name  string
	Value string
}

type Created 

type Created struct {
	Time      time.Time
	Tolerance time.Duration
}

Created is the created signature parameter which is the unix timestamp in seconds in which the signature was generated. If the value is 0, then the current system time is used as the value.

func CreatedFromString 

func CreatedFromString(s string) (Created, error)

func (Created) Name 

func (c Created) Name() string

func (Created) String 

func (c Created) String() string

func (Created) Validate 

func (c Created) Validate() error

func (Created) Value 

func (c Created) Value() any

type Expires 

type Expires struct {
	Time      time.Time
	Tolerance time.Duration
}

Expires is the expired signature parameter which is the unix timestamp in seconds in which the signature will be expired.

func ExpiredFromString 

func ExpiredFromString(s string) (Expires, error)

func (Expires) Name 

func (c Expires) Name() string

func (Expires) String 

func (c Expires) String() string

func (Expires) Validate 

func (c Expires) Validate() error

func (Expires) Value 

func (c Expires) Value() any

type HttpMessage 

type HttpMessage interface {
	Url() *url.URL
	Method() string
	Header() http.Header
	Status() int
}

HttpMessage is a wrapper for http.Request or http.Response so we can access common struct fields

type HttpRequest 

type HttpRequest struct {
	Request *http.Request
}

func (HttpRequest) GetSignature 

func (hr HttpRequest) GetSignature(sigLabel string) (sig SignatureHeaderValue, err error)

func (HttpRequest) GetSignatureInput 

func (hr HttpRequest) GetSignatureInput(sigLabel string) (sigInput SignatureInput, err error)

func (HttpRequest) Header 

func (hr HttpRequest) Header() http.Header

func (HttpRequest) Method 

func (hr HttpRequest) Method() string

func (HttpRequest) SigLabels 

func (hr HttpRequest) SigLabels() []string

func (HttpRequest) Status 

func (hr HttpRequest) Status() int

func (HttpRequest) Url 

func (hr HttpRequest) Url() *url.URL

type HttpResponse 

type HttpResponse struct {
	*http.Response
}

func (*HttpResponse) Header 

func (hr *HttpResponse) Header() http.Header

func (*HttpResponse) Method 

func (hr *HttpResponse) Method() string

func (*HttpResponse) Status 

func (hr *HttpResponse) Status() int

func (*HttpResponse) Url 

func (hr *HttpResponse) Url() *url.URL

type KeyId 

type KeyId string

func (KeyId) Name 

func (k KeyId) Name() string

func (KeyId) String 

func (c KeyId) String() string

func (KeyId) Validate 

func (k KeyId) Validate() error

func (KeyId) Value 

func (k KeyId) Value() any

type Nonce 

type Nonce string

func (Nonce) Name 

func (k Nonce) Name() string

func (Nonce) String 

func (c Nonce) String() string

func (Nonce) Validate 

func (k Nonce) Validate() error

func (Nonce) Value 

func (k Nonce) Value() any

type SignatureBase 

type SignatureBase struct {
	// Keys is a slice of component names
	// excluding @signature-params. For @query-param,
	// there can be multiple so the key will have the
	// query param name
	//   "@query-param";name="var"
	//   "@query-param";name="bar"
	Keys []string

	// Lines is a map of component names to
	// its string value excluding @signature-params
	Lines map[string]string

	// SignatureParams is the @signature-params which is always
	// at the end of the signature base
	SignatureParams SignatureParams
}

func NewSignatureBaseFromRequest 

func NewSignatureBaseFromRequest(msg HttpMessage, components []string, sigParams []SignatureParameter) (*SignatureBase, error)

func (*SignatureBase) Marshal 

func (sb *SignatureBase) Marshal() (string, error)

type SignatureHeaderValue 

type SignatureHeaderValue httpsfv.Dictionary

func NewSignatureHeaderValue 

func NewSignatureHeaderValue(sigLabel string, signature []byte) SignatureHeaderValue

func ParseSignatureHeaderValue 

func ParseSignatureHeaderValue(s string) (sig SignatureHeaderValue, err error)

func (SignatureHeaderValue) Bytes 

func (sig SignatureHeaderValue) Bytes() ([]byte, error)

func (SignatureHeaderValue) Marshal 

func (sig SignatureHeaderValue) Marshal() (s string, err error)

type SignatureInput 

type SignatureInput httpsfv.Dictionary

signatureInput is a Dictionary Structured Field containing the metadata for one or more message signatures generated from components within the HTTP message.

It is a HTTP header with the key "Signature-Input".

The value is very similar to the value of @signature-params but the component list has a key which is the label for the signature.

Example: 

Signature-Input: sig1=("@method" "@target-uri" "@authority" \
  "content-digest" "cache-control");\
  created=1618884475;keyid="test-key-rsa-pss"

https://datatracker.ietf.org/doc/html/rfc9421#name-the-signature-input-http-fi

func ParseSignatureInput 

func ParseSignatureInput(s string) (sigInput SignatureInput, err error)

func SignatureInputFromSignatureParams 

func SignatureInputFromSignatureParams(sigLabel string, sp *SignatureParams) *SignatureInput

func (SignatureInput) Components 

func (si SignatureInput) Components() []string

func (SignatureInput) Marshal 

func (si SignatureInput) Marshal() (string, error)

func (SignatureInput) SigLabel 

func (si SignatureInput) SigLabel() string

func (SignatureInput) SignatureParameters 

func (si SignatureInput) SignatureParameters() []SignatureParameter

type SignatureParameter 

type SignatureParameter interface {
	fmt.Stringer
	Name() string
	Value() any
	Validate() error
}

type SignatureParams 

type SignatureParams struct {
	Components httpsfv.InnerList
}

@signature-params derived component

https://datatracker.ietf.org/doc/html/rfc9421#name-signature-parameters

func (*SignatureParams) Marshal 

func (sp *SignatureParams) Marshal() (string, error)

Marshal serialises the signature params. The result does not include "@signature-params: ".

type SignedHttpMessage 

type SignedHttpMessage interface {
	SigLabels() []string
	GetSignature(sigLabel string) (SignatureHeaderValue, error)
	GetSignatureInput(sigLabel string) (SignatureInput, error)
}

type Tag 

type Tag string

func (Tag) Name 

func (k Tag) Name() string

func (Tag) String 

func (c Tag) String() string

func (Tag) Validate 

func (k Tag) Validate() error

func (Tag) Value 

func (k Tag) Value() any

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.