Cory J Slep
221cfc461e
Merge pull request #15 from Absolut-Ticket/hs2019
...
hide real algorithm
2020-05-26 08:15:25 +02:00
blacktemplar
338f1ed928
hide real algorithm
2020-04-07 12:17:26 +02:00
Cory Slep
0ef28562fa
Verify signatures with Host header
...
Golang promotes the "Host" header in a server-side request by removing
it from the Header map and putting it into the Host field, which had the
effect of removing the "Host" header and failing validation.
Now, we successfully validate HTTP Signatures that contain a "Host"
header.
2020-02-04 22:35:31 +01:00
Cory Slep
f4c3604119
Fix hashing sum bug for digests
2019-09-24 19:10:22 +02:00
Cory Slep
c2de3672e5
Add IsSupportedDigestAlgorithm
2019-09-14 13:39:40 +02:00
Cory Slep
8d61ea6a9a
Support signing and verifying the Digest header
2019-09-06 21:16:36 +02:00
Cory Slep
90d9db90fb
Fix Appendix C test; add Appendix C verifying tests
2019-09-05 00:01:59 +02:00
Cory Slep
d685ff0472
improve digest test and run go fmt
2019-09-05 00:01:36 +02:00
Cory Slep
1307faeb98
Add functions for handling Digest headers.
...
These are not yet integrated into the rest of the library.
2019-09-04 23:35:07 +02:00
Cory Slep
50b0c670ec
Add IsSupportedHttpSigAlgorithm
2019-09-03 19:40:51 +02:00
Cory J Slep
34143e88f2
Merge pull request #5 from ewilde/ewilde-appendix-c
...
Add appendix C tests
2019-03-11 22:00:19 +01:00
Edward Wilde
dc3a2641b9
Add appendix C tests
...
Signed-off-by: Edward Wilde <ewilde@gmail.com>
2019-03-10 08:56:13 +00:00
Cory Slep
2555707168
Add test condition for auth-scheme, fix bug in HMAC
2019-03-09 23:56:49 +01:00
Cory Slep
3b55e318d3
Use URL.Path for (request-target)
2019-03-09 23:55:15 +01:00
Cory Slep
5460b04991
Merge remote-tracking branch 'origin/master'
2019-02-28 22:40:11 +01:00
Cory Slep
c86d639563
Add "Signature" for "auth-scheme"
2019-02-28 22:38:53 +01:00
Cory J Slep
dd4e9c8d71
Merge pull request #2 from yukimochi/fix_addRequestTarget
...
Fix addRequestTarget not affect anything.
2018-11-01 18:12:02 +01:00
Naoki Kosaka
2a591b5b3b
Fix addRequestTarget not effect anything.
2018-11-01 02:36:05 +09:00
Cory Slep
873e213d28
Fix vet lint
2018-05-30 21:11:34 +02:00
Cory Slep
513184c0c5
Add go.modverify for vgo
2018-05-30 21:03:05 +02:00
Cory Slep
37fb70b8da
Add go.mod file for vgo
2018-05-30 19:51:16 +02:00
Cory Slep
22b5f0dd8b
Finish core tests.
...
Includes bugfixes for things exposed in the testing process. With this
commit, the library should be good for first use.
2018-05-18 00:04:09 +02:00
Cory Slep
489109fd72
Add tests for core algorithms.
...
Tests cover:
- Obtaining all golang supported RSA / HMAC / MAC + hash combinations
- Signing with such algorithms
- Verifying with such algorithms
2018-05-17 22:24:53 +02:00
Cory Slep
961eebd53d
Fix wording in comment
2018-05-16 23:22:30 +02:00
Cory Slep
1cd441abe3
Update README and comments.
2018-05-16 23:20:53 +02:00
Cory Slep
0ec6ffdc22
Support HTTP Signature verification.
...
Note that the library includes the deprecated 'algorithm' HTTP Signature
parameter for backwards compatibility when creating a signature. However, upon
verification it ignores the 'algorithm' deprecated parameter and instead
relies on the new behavior of the application knowing which algorithm to
use.
2018-05-16 22:38:11 +02:00
Cory Slep
1ba820e45c
HTTP Signature signing in golang.
...
Next steps are:
- Signature verification
- Lots of tests
2018-05-15 23:03:43 +02:00