Module dev_codec_httpsig.erl¶
This module implements HTTP Message Signatures as described in RFC-9421 (https://datatracker.ietf.org/doc/html/rfc9421), as an AO-Core device.
Description¶
It implements the codec standard (from/1, to/1), as well as the optional
commitment functions (id/3, sign/3, verify/3). The commitment functions
are found in this module, while the codec functions are relayed to the
dev_codec_httpsig_conv module.
Function Index¶
| add_content_digest/2 | If the body key is present and a binary, replace it with a
content-digest. |
| commit/3 | Commit to a message using the HTTP-Signature format. |
| committed_id_test/0* | |
| from/3 | |
| key_present/2* | Calculate if a key or its +link TABM variant is present in a message. |
| keys_to_commit/3* | Derive the set of keys to commit to from a commit request and a
base message. |
| maybe_bundle_tag_commitment/3* | Annotate the commitment with the bundle key if the request contains
it. |
| multicommitted_id_test/0* | |
| normalize_for_encoding/3 | Given a base message and a commitment, derive the message and commitment normalized for encoding. |
| opts/1* | Generate the Opts to use during AO-Core operations in the codec. |
| serialize/2 | A helper utility for creating a direct encoding of a HTTPSig message. |
| serialize/3 | |
| sign_and_verify_link_test/0* | Test that we can sign and verify a message with a link. |
| signature_base/3* | create the signature base that will be signed in order to create the Signature and SignatureInput. |
| signature_components_line/3* | Given a list of Component Identifiers and a Request/Response Message context, create the "signature-base-line" portion of the signature base. |
| signature_params_line/2* | construct the "signature-params-line" part of the signature base. |
| to/3 | |
| validate_large_message_from_http_test/0* | Ensure that we can validate a signature on an extremely large and complex message that is sent over HTTP, signed with the codec. |
| verify/3 |
Function Details¶
add_content_digest/2¶
add_content_digest(Msg, Opts) -> any()
If the body key is present and a binary, replace it with a
content-digest.
commit/3¶
commit(Msg, Req, Opts) -> any()
Commit to a message using the HTTP-Signature format. We use the type
parameter to determine the type of commitment to use. If the type parameter
is signed, we default to the rsa-pss-sha512 algorithm. If the type
parameter is unsigned, we default to the hmac-sha256 algorithm.
committed_id_test/0 *¶
committed_id_test() -> any()
from/3¶
from(Msg, Req, Opts) -> any()
key_present/2 *¶
key_present(Key, Msg) -> any()
Calculate if a key or its +link TABM variant is present in a message.
keys_to_commit/3 *¶
keys_to_commit(Base, Req, Opts) -> any()
Derive the set of keys to commit to from a commit request and a
base message.
maybe_bundle_tag_commitment/3 *¶
maybe_bundle_tag_commitment(Commitment, Req, Opts) -> any()
Annotate the commitment with the bundle key if the request contains
it.
multicommitted_id_test/0 *¶
multicommitted_id_test() -> any()
normalize_for_encoding/3¶
normalize_for_encoding(Msg, Commitment, Opts) -> any()
Given a base message and a commitment, derive the message and commitment normalized for encoding.
opts/1 *¶
opts(RawOpts) -> any()
Generate the Opts to use during AO-Core operations in the codec.
serialize/2¶
serialize(Msg, Opts) -> any()
A helper utility for creating a direct encoding of a HTTPSig message.
This function supports two modes of operation:
1. format: binary, yielding a raw binary HTTP/1.1-style response that can
either be stored or emitted raw accross a transport medium.
2. format: components, yielding a message containing headers and body
keys, suitable for use in connecting to HTTP-response flows implemented
by other servers.
Optionally, the index key can be set to override resolution of the default
index page into HTTP responses that do not contain their own body field.
serialize/3¶
serialize(Msg, Req, Opts) -> any()
sign_and_verify_link_test/0 *¶
sign_and_verify_link_test() -> any()
Test that we can sign and verify a message with a link. We use
signature_base/3 *¶
signature_base(EncodedMsg, Commitment, Opts) -> any()
create the signature base that will be signed in order to create the Signature and SignatureInput.
This implements a portion of RFC-9421 see: https://datatracker.ietf.org/doc/html/rfc9421#name-creating-the-signature-base
signature_components_line/3 *¶
signature_components_line(Req, Commitment, Opts) -> any()
Given a list of Component Identifiers and a Request/Response Message context, create the "signature-base-line" portion of the signature base
signature_params_line/2 *¶
signature_params_line(RawCommitment, Opts) -> any()
construct the "signature-params-line" part of the signature base.
See https://datatracker.ietf.org/doc/html/rfc9421#section-2.5-7.3.2.4
to/3¶
to(Msg, Req, Opts) -> any()
validate_large_message_from_http_test/0 *¶
validate_large_message_from_http_test() -> any()
Ensure that we can validate a signature on an extremely large and complex message that is sent over HTTP, signed with the codec.
verify/3¶
verify(Base, Req, RawOpts) -> any()