[−][src]Crate http_sig
Implementation of the IETF draft 'Signing HTTP Messages' https://tools.ietf.org/id/draft-cavage-http-signatures-12.html
Features
This crate is intended to be used with multiple different HTTP clients and/or servers. As such, client/server-specific implementations are gated by correspondingly named features.
Supported crates:
Crate / Feature name | Client/Server | Notes |
---|---|---|
reqwest | Client | Supports blocking and non-blocking requests.1 |
rouille | Server |
- Due to limitations of the reqwest API, digests can only be calculated automatically for non-blocking non-streaming requests. For
blocking or streaming requests, the user must add the digest manually before signing the request, or else the
Digest
header will not be included in the signature.
Supported signature algorithms:
Algorithm registry: https://tools.ietf.org/id/draft-cavage-http-signatures-12.html#hsa-registry
hmac-sha256
Supported digest algorithms:
Digest registry: https://www.iana.org/assignments/http-dig-alg/http-dig-alg.xhtml
SHA-256
SHA-512
Example usage (reqwest)
use http_sig::*; const SECRET_KEY: &[u8] = b"secret"; let config = SigningConfig::new_default("My Key", SECRET_KEY); let client = reqwest::blocking::Client::new(); let req = client .get("http://localhost:8080/") .build() .unwrap() .signed(&config) .unwrap(); let result = client.execute(req).unwrap();
Modules
mock_request | Module containg a mock request type which implements both
|
Structs
CanonicalizeConfig | Configuration for computing the canonical "signature string" of a request. |
DefaultDigestProvider | Supports the |
HmacSha256 | Implementation of the ' hmac-sha256 ' HTTP signature scheme. |
HmacSha512 | Implementation of the ' hmac-sha512 ' HTTP signature scheme. |
RouilleBody | In order to verify the signature on a rouille request, the request body must be consumed by the verification process. This type is used to return the request body contents on completion of a successful signature verification. |
RsaSha256Sign | Implementation of the signing half of the ' rsa-sha256 ' HTTP signature scheme. |
RsaSha256Verify | Implementation of the verification half of the ' rsa-sha256 ' HTTP signature scheme. |
RsaSha512Sign | Implementation of the signing half of the ' rsa-sha512 ' HTTP signature scheme. |
RsaSha512Verify | Implementation of the verification half of the ' rsa-sha512 ' HTTP signature scheme. |
SignatureString | Opaque struct storing a computed signature string. |
SigningConfig | The configuration used for signing HTTP requests. |
SimpleKeyProvider | Implementation of a simple key store. |
VerificationDetails | Contains information about a successfully validated request. |
VerifyingConfig | The configuration used for verifying HTTP requests. |
VerifyingError | This error indicates that we failed to verify the request. As a result the request should be ignored. |
Enums
CanonicalizeError | The types of error which may occur whilst computing the canonical "signature string" for a request. |
Header | A header which can be incorporated into a HTTP signature. |
PseudoHeader | Pseudo-headers are used to incorporate additional information into a HTTP signature for which there is no corresponding HTTP header. |
SigningError | The types of error which may occur whilst signing. |
Traits
CanonicalizeExt | Extension method for computing the canonical "signature string" of a request. |
ClientRequestLike | This trait is to be implemented for types representing an outgoing HTTP request. The HTTP signing extension methods are available on any type implementing this trait. |
DigestProvider | The verification process will use this trait to find the appropriate digest algorithm to use when verifying the body of a request. |
HttpDigest | Implementations of this trait correspond to digest algorithms listed here: https://www.iana.org/assignments/http-dig-alg/http-dig-alg.xhtml |
HttpSignatureSign | Implements the signing half of an HTTP signature algorithm. For symmetric algorithms the same type implements both signing and verification. |
HttpSignatureVerify | Implements the verification half of an HTTP signature algorithm. For symmetric algorithms the same type implements both signing and verification. |
KeyProvider | The verification process will use this trait to find the appropriate key and algorithm to use for verifying a request. |
RequestLike | Base trait for all request types |
ServerRequestLike | This trait is to be implemented for types representing an incoming HTTP request. The HTTP verification extension methods are available on any type implementing this trait. |
SigningExt | Import this trait to get access to access the |
VerifyingExt | Import this trait to get access to access the |