[−][src]Crate http_sig
Implementation of the IETF draft 'Signing HTTP Messages' https://tools.ietf.org/id/draft-cavage-http-signatures-12.html
Features
This crate is intended to be used with multiple different HTTP clients and/or servers. As such, client/server-specific implementations are gated by correspondingly named features.
Supported crates:
Crate / Feature name | Client/Server | Notes |
---|---|---|
reqwest | Client | Supports blocking and non-blocking requests.1 |
rouille | Server |
- Due to limitations of the reqwest API, digests can only be calculated automatically for non-blocking non-streaming requests. For
blocking or streaming requests, the user must add the digest manually before signing the request, or else the
Digest
header will not be included in the signature.
Supported signature algorithms:
Algorithm registry: https://tools.ietf.org/id/draft-cavage-http-signatures-12.html#hsa-registry
hmac-sha256
Supported digest algorithms:
Digest registry: https://www.iana.org/assignments/http-dig-alg/http-dig-alg.xhtml
SHA-256
SHA-512
Example usage (reqwest)
use http_sig::*; const SECRET_KEY: &[u8] = b"secret"; let config = SigningConfig::new_default("My Key", SECRET_KEY); let client = reqwest::blocking::Client::new(); let req = client .get("http://localhost:8080/") .build() .unwrap() .signed(&config) .unwrap(); let result = client.execute(req).unwrap();
Structs
DefaultDigestProvider | Supports the |
RouilleBody | In order to verify the signature on a rouille request, the request body must be consumed by the verification process. This type is used to return the request body contents on completion of a successful signature verification. |
SigningConfig | The configuration used for signing HTTP requests. |
SimpleKeyProvider | Implementation of a simple key store. |
VerifyingConfig | The configuration used for verifying HTTP requests. |
VerifyingError | This error indicates that we failed to verify the request. As a result the request should be ignored. |
Enums
Header | A header which can be incorporated into a HTTP signature. |
PseudoHeader | Pseudo-headers are used to incorporate additional information into a HTTP signature for which there is no corresponding HTTP header. |
SigningError | The types of error which may occur whilst signing. |
Traits
ClientRequestLike | This trait is to be implemented for types representing an outgoing HTTP request. The HTTP signing extension methods are available on any type implementing this trait. |
DigestProvider | The verification process will use this trait to find the appropriate digest algorithm to use when verifying the body of a request. |
HttpDigest | Implementations of this trait correspond to digest algorithms listed here: https://www.iana.org/assignments/http-dig-alg/http-dig-alg.xhtml |
HttpSignature | Implementations of this trait correspond to signature algorithms listed here: https://tools.ietf.org/id/draft-cavage-http-signatures-12.html#hsa-registry |
KeyProvider | The verification process will use this trait to find the appropriate key and algorithm to use for verifying a request. |
ServerRequestLike | This trait is to be implemented for types representing an incoming HTTP request. The HTTP verification extension methods are available on any type implementing this trait. |
SigningExt | Import this trait to get access to access the |
VerifyingExt | Import this trait to get access to access the |