actpub-httpsig 0.2.0

Dual-stack HTTP Message Signatures (Cavage draft-12 + RFC 9421) with RSA & Ed25519 via aws-lc-rs.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40

//! [RFC 9421][rfc9421] HTTP Message Signatures — the finalised IETF
//! standard that supersedes the Cavage draft.
//!
//! RFC 9421 differs from Cavage in several visible ways:
//!
//! - Header names are **quoted** in the signature base (`"host": example.com`).
//! - Derived components are spelled `"@method"`, `"@target-uri"`,
//!   `"@authority"`, `"@path"`, `"@query"`, `"@scheme"`, `"@status"` —
//!   distinct from Cavage's `(request-target)` pseudo-header.
//! - Parameters live in the `Signature-Input:` header (a Structured Field
//!   dictionary of inner lists), and the signature itself goes into a
//!   separate `Signature:` dictionary keyed by a caller-chosen label.
//! - A trailing `"@signature-params"` line appears in the signature base
//!   and binds the chosen parameter set to the signature.
//!
//! Mastodon 4.5+ accepts both Cavage and RFC 9421 on the receiving side.
//! This crate emits either flavour at the caller's request and verifies
//! both transparently (see [`crate::cavage::cavage_verify`] and
//! [`rfc9421_verify`]).
//!
//! [rfc9421]: https://www.rfc-editor.org/rfc/rfc9421.html
#![allow(
    unreachable_pub,
    reason = "submodule items are re-exported by this module's `pub use` declarations, but rustc's reachability analysis doesn't follow re-exports across private module boundaries"
)]

mod components;
mod sign;
mod signature;
mod signature_input;
mod verify;

pub use self::components::Component;
pub use self::sign::{DEFAULT_COMPONENTS, Rfc9421Signer};
pub use self::signature::{parse_signature_dict, serialise_signature_dict};
pub use self::signature_input::{
    SIGNATURE_INPUT_HEADER, SignatureInput, parse_signature_input_dict,
    serialise_signature_input_dict,
};
pub use self::verify::{Rfc9421Verified, rfc9421_verify, rfc9421_verify_with_policy};