httpsig

package

v1.0.2 Latest Latest Go to latest Published: Nov 7, 2022 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/peopledata/oak

Documentation ¶

Index ¶

type KeyResolver
- func NewKeyResolver(actorRetriever actorRetriever) *KeyResolver
- func (r *KeyResolver) Resolve(keyID string) (*ariesverifier.PublicKey, error)
type SecretRetriever
- func (r *SecretRetriever) Get(keyID string) (httpsig.Secret, error)
type SignatureHashAlgorithm
- func NewSignerAlgorithm(c crypto, km keyManager, keyID string) *SignatureHashAlgorithm
- func NewVerifierAlgorithm(c crypto, km keyManager, keyResolver keyResolver) *SignatureHashAlgorithm
type Signer
- func NewSigner(cfg SignerConfig, cr crypto, km keyManager, keyID string) *Signer
- func (s *Signer) SignRequest(pubKeyID string, req *http.Request) error
type SignerConfig
- func DefaultGetSignerConfig() SignerConfig
- func DefaultPostSignerConfig() SignerConfig
type Verifier
- func NewVerifier(actorRetriever actorRetriever, cr crypto, km keyManager) *Verifier
- func (v *Verifier) VerifyRequest(req *http.Request) (bool, *url.URL, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type KeyResolver ¶

type KeyResolver struct {
	// contains filtered or unexported fields
}

KeyResolver resolves the public key for an ActivityPub actor.

func NewKeyResolver ¶

func NewKeyResolver(actorRetriever actorRetriever) *KeyResolver

NewKeyResolver returns a new KeyResolver.

func (*KeyResolver) Resolve ¶

func (r *KeyResolver) Resolve(keyID string) (*ariesverifier.PublicKey, error)

Resolve returns the public key for the given key ID.

type SecretRetriever ¶

type SecretRetriever struct{}

SecretRetriever implements a custom key retriever to be used with the HTTP signature library.

func (*SecretRetriever) Get ¶

func (r *SecretRetriever) Get(keyID string) (httpsig.Secret, error)

Get returns a 'secret' that directs the HTTP signature library to use the custom SignatureHashAlgorithm above.

type SignatureHashAlgorithm ¶

type SignatureHashAlgorithm struct {
	Crypto crypto
	KMS    keyManager
	// contains filtered or unexported fields
}

SignatureHashAlgorithm is a custom httpsignatures.SignatureHashAlgorithm that uses KMS to sign HTTP requests.

func NewSignerAlgorithm ¶

func NewSignerAlgorithm(c crypto, km keyManager, keyID string) *SignatureHashAlgorithm

NewSignerAlgorithm returns a new SignatureHashAlgorithm which uses KMS to sign HTTP requests.

func NewVerifierAlgorithm ¶

func NewVerifierAlgorithm(c crypto, km keyManager, keyResolver keyResolver) *SignatureHashAlgorithm

NewVerifierAlgorithm returns a new SignatureHashAlgorithm which is used to verify the signature in the HTTP request header.

func (*SignatureHashAlgorithm) Algorithm ¶

func (a *SignatureHashAlgorithm) Algorithm() string

Algorithm returns this algorithm's name.

func (*SignatureHashAlgorithm) Create ¶

func (a *SignatureHashAlgorithm) Create(secret httpsig.Secret, data []byte) ([]byte, error)

Create signs data with the secret.

func (*SignatureHashAlgorithm) Verify ¶

func (a *SignatureHashAlgorithm) Verify(secret httpsig.Secret, data, signature []byte) error

Verify verifies the signature over data with the secret.

func (*Signer) SignRequest ¶

func (s *Signer) SignRequest(pubKeyID string, req *http.Request) error

SignRequest signs an HTTP request.

type SignerConfig ¶

type SignerConfig struct {
	Headers []string
}

SignerConfig contains the configuration for signing HTTP requests.

func DefaultGetSignerConfig ¶

func DefaultGetSignerConfig() SignerConfig

DefaultGetSignerConfig returns the default configuration for signing HTTP GET requests.

func DefaultPostSignerConfig ¶

func DefaultPostSignerConfig() SignerConfig

DefaultPostSignerConfig returns the default configuration for signing HTTP POST requests.

type Verifier ¶

type Verifier struct {
	// contains filtered or unexported fields
}

Verifier verifies signatures of HTTP requests.

func NewVerifier ¶

func NewVerifier(actorRetriever actorRetriever, cr crypto, km keyManager) *Verifier

NewVerifier returns a new HTTP signature verifier.

func (*Verifier) VerifyRequest ¶

func (v *Verifier) VerifyRequest(req *http.Request) (bool, *url.URL, error)

VerifyRequest verifies the following: - HTTP signature on the request. - Ensures that the key ID in the request header is owned by the actor.

Returns: - true if the signature was successfully verified, otherwise false. - Actor IRI if the signature was successfully verified. - An error if the signature could not be verified due to server error.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

httpsig

Documentation ¶

Index ¶

Constants ¶

Variables ¶

Functions ¶

Types ¶

type KeyResolver ¶

func NewKeyResolver ¶

func (*KeyResolver) Resolve ¶

type SecretRetriever ¶

func (*SecretRetriever) Get ¶

type SignatureHashAlgorithm ¶

func NewSignerAlgorithm ¶

func NewVerifierAlgorithm ¶

func (*SignatureHashAlgorithm) Algorithm ¶

func (*SignatureHashAlgorithm) Create ¶

func (*SignatureHashAlgorithm) Verify ¶

type Signer ¶

func NewSigner ¶

func (*Signer) SignRequest ¶

type SignerConfig ¶

func DefaultGetSignerConfig ¶

func DefaultPostSignerConfig ¶

type Verifier ¶

func NewVerifier ¶

func (*Verifier) VerifyRequest ¶

Source Files ¶