Use RFC 8941 (a.k.a. Structured Field Values) to implements the draft specification draft-ietf-httpbis-message-signatures(version 5).
Message integrity and authenticity are important security properties that are critical to the secure operation of many HTTP applications. Application developers typically rely on the transport layer to provide these properties, by operating their application over [TLS]. However, TLS only guarantees these properties over a single TLS connection, and the path between client and application may be composed of multiple independent TLS connections (for example, if the application is hosted behind a TLS-terminating gateway or if the client is behind a TLS Inspection appliance). In such cases, TLS cannot guarantee end-to-end message integrity or authenticity between the client and application. Additionally, some operating environments present obstacles that make it impractical to use TLS, or to use features necessary to provide message authenticity. Furthermore, some applications require the binding of an application-level key to the HTTP message, separate from any TLS certificates in use. Consequently, while TLS can meet message integrity and authenticity needs for many HTTP-based applications, it is not a universal solution.
- can't reproduce
RSASSA-PSS
signatures from standard because Go can't load these kind of private keys. - Algorithms supported
rsa-pss-sha512
(equiv. JWA PS512)rsa-v1_5-sha256
(equiv. JWA RS256)hmac-sha256
(equiv. JWA HS256)ecdsa-p256-sha256
'(equiv. JWA ES256)eddsa-ed25519-sha512
(not in the standard) (equiv JWA EdDSA)
Signature-Input
- HTTP Header
Contains a Dictionary typed Structured Field Value (RFC8941)
key
is the definition identifiervalue
is aList with Params
Signature-Input: sig1=(@request-target, @created, host, date,
cache-control, x-empty-header, x-example); keyid="test-key-a";
alg="rsa-pss-sha512"; created=1402170695; expires=1402170995
Signature
- HTTP Header
Contains a Dictionary typed Structured Field Value (RFC8941)
key
is the definition identifiervalue
is anItem
containingBinary
base64 encoded byte array
Signature: sig1=:K2qGT5srn2OGbOIDzQ6kYT+ruaycnDAAUpKv+ePFfD0RAxn/1BUe
Zx/Kdrq32DrfakQ6bPsvB9aqZqognNT6be4olHROIkeV879RrsrObury8L9SCEibe
oHyqU/yCjphSmEdd7WD+zrchK57quskKwRefy2iEC5S2uAH0EPyOZKWlvbKmKu5q4
CaB8X/I5/+HLZLGvDiezqi6/7p2Gngf5hwZ0lSdy39vyNMaaAT0tKo6nuVw0S1MVg
1Q7MpWYZs0soHjttq0uLIA3DIbQfLiIvK6/l0BdWTU7+2uQj7lBkQAsFZHoA96ZZg
FquQrXRlmYOh+Hx5D9fJkXcXe5tmAg==:
Sign a request
// Generate a key
priv, pub := rsa.GenerateKey(rand.Reader, 2048)
// Prepare a signature-input
si := httpsig.SignatureInput{
ID: "sig1",
KeyID: "my-wonderful-key-identifier",
Headers: []string{"@created","@request-target","Authorization"},
Created: uint64(time.Now().Unix()),
Nonce: uniuri.NewLen(32),
}
// Key resolver function
privateKeyResolver := func(ctx context.Context, kid string){
return priv, nil
}
// Prepare a signer
signer := httpsig.NewSigner(httpsig.AlgorithmRSAPSSSHA512, privateKeyResolver)
// Create your request
req := http.NewRequest(...)
// Generate the signature
sig, err := signer.Sign(context.Background(), si, r)
if err != nil {
...
}
// Prepare signature set
signSet := &httpsig.SignatureSet{}
signSet.Add(si.ID(), sig)
// Assign to request headers.
req.Header.Set("Signature-Input", si.String())
req.Header.Set("Signature", signSet.String())
Verify a request
// Key resolver function (database / cache / file)
publicKeyResolver := func(ctx context.Context, kid string){
return pub, nil
}
// Prepare a verifier
verifier := httpsig.NewVerifier(publicKeyResolver)
// Extract information from request
inputs, _ := httpsig.ParseSignatureInput(req.Header.Get("Signature-Input"))
signatures, _ := httpsig.ParseSignatureSet(req.Header.Get("Signature"))
// Check all signatures
for _, si := range inputs {
sig, ok := signatures.Get(si.ID)
if !ok {
... Signature not found
}
// Crypto verification
sig, err := verifier.Verify(context.Background(), si, sig, r)
if err != nil {
... Error during verification
}
}
Using a custom RoundTripper
type SignerTransport struct {
http.RoundTripper
Signer httpsig.Signer
KeyID string
}
func (ct *SignerTransport) RoundTrip(req *http.Request) (*http.Response, error) {
// Prepare a signature-input
si := httpsig.SignatureInput{
ID: "sig1",
KeyID: ct.KeyID,
Headers: []string{"@request-target", "host", "Authorization", "Digest"},
Created: uint64(time.Now().Unix()),
Nonce: uniuri.NewLen(32),
}
// Generate the signature
sig, err := ct.Signer.Sign(req.Context(), si, r)
if err != nil {
return nil, fmt.Errorf("unable to sign the request: %w", err)
}
// Prepare signature set
signSet := &httpsig.SignatureSet{}
signSet.Add(si.ID(), sig)
// Assign to request headers.
req.Header.Set("Signature-Input", si.String())
req.Header.Set("Signature", signSet.String())
// Delegate to parent RoundTripper
return ct.RoundTripper.RoundTrip(req)
}
// Create a HTTP client with custom transport.
url := "http://localhost:8200/api/v1/resource"
tr := &SignerTransport{
Signer: signer,
KeyID: "client-public-keyid",
}
client := &http.Client{Transport: tr}
resp, err := client.Get(url)