sigparams

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 4, 2024 License: MIT Imports: 4 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Params

type Params struct {
	// KeyID is the identifier for the key to use for signing requests.
	KeyID string

	// Tag is an application-specific tag for the signature as a String value.
	// This value is used by applications to help identify signatures relevant for specific applications or protocols.
	// See: https://www.rfc-editor.org/rfc/rfc9421.html#section-2.3-4.12
	Tag string

	Alg string

	// CoveredComponents specify the components of the request
	// to be covered with the signature.
	//
	// An ordered set of HTTP message component identifiers for fields (Section 2.1)
	// and derived components (Section 2.2) that indicates the set of message components
	// covered by the signature, never including the @signature-params identifier itself.
	// The order of this set is preserved and communicated between the signer and verifier
	// to facilitate reconstruction of the signature base.
	//
	// See: https://www.rfc-editor.org/rfc/rfc9421.html#section-1.1-7.18.1
	CoveredComponents []string

	Nonce string

	Created time.Time

	Expires time.Time
}

Params are the HTTP message signing parameters.

They are included in a canonical base request under the '@signature-params' field.

See: https://www.rfc-editor.org/rfc/rfc9421.html#name-signature-parameters

func UnmarshalInnerList

func UnmarshalInnerList(input httpsfv.InnerList) (*Params, error)

func (Params) MarshalText

func (p Params) MarshalText() (text []byte, err error)

func (Params) SFV

func (p Params) SFV() *httpsfv.InnerList

SFV converts the params to a HTTP structured field value.

func (Params) Validate

func (p Params) Validate(opts ValidateOpts, now time.Time) error

type ValidateOpts

type ValidateOpts struct {
	// ForbidClientSideAlg requires that the client-side alg specifier
	// is empty.
	ForbidClientSideAlg bool

	// BeforeDuration is the duration before now which a signature is invalid.
	// This should be set to a small value in production, such as time.Minute.
	BeforeDuration time.Duration

	// AfterDuration is the duration after now which a signature is invalid.
	// This should be set to zero in production to prevent
	// signatures being validated with a timestamp that is in the future.
	AfterDuration time.Duration

	// RequiredCoveredComponents, if specified, requires a set of mandatory
	// covered components which must be included in the params.
	RequiredCoveredComponents map[string]bool

	// RequireNonce, if true, requires the 'nonce' field to be set.
	RequireNonce bool
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL