httpsig

package
v0.19.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 12, 2025 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Overview

Package httpsig implements HTTP signatures.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func RFC9421DigestSHA256 added in v0.19.0 

func RFC9421DigestSHA256(r *http.Request, body []byte)

RFC9421DigestSHA256 adds the Content-Digest header using SHA-256.

func RFC9421DigestSHA512 added in v0.19.0 

func RFC9421DigestSHA512(r *http.Request, body []byte)

RFC9421DigestSHA256 adds the Content-Digest header using SHA-512.

func Sign 

func Sign(r *http.Request, key Key, now time.Time) error

Sign adds a signature to an outgoing HTTP request.

func SignRFC9421 added in v0.19.0 

func SignRFC9421(
	r *http.Request,
	key Key,
	now, expires time.Time,
	digest func(*http.Request, []byte),
	sigAlg string,
	components []string,
) error

SignRFC9421 adds a RFC9421 signature to an outgoing HTTP request.

Types

type Key 

type Key struct {
	ID         string
	PrivateKey any
}

Key is used to sign outgoing HTTP requests or verify incoming HTTP requests.

type Signature 

type Signature struct {
	KeyID string
	Alg   string
	// contains filtered or unexported fields
}

func Extract 

func Extract(r *http.Request, body []byte, domain string, now time.Time, maxAge time.Duration) (*Signature, error)

Extract extracts signature attributes, validates them and returns a Signature. Caller should obtain the key and pass it to Signature.Verify. It supports RFC9421 and falls back to draft-cavage-http-signatures.

func (*Signature) Verify 

func (s *Signature) Verify(key any) error

Verify verifies a signature.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.