HTTP & LD Signature
This service implements the HTTP Signature and Linked Data Signature protocols, which allow to send messages in a secure way between servers. It is used in particular with the ActivityPub federation mechanism.
#
Features- Generate actors key pair
- Sign and verify HTTP signature
- Build and verify HTTP digest
- Sign and verify LD signature (not implemented yet)
#
Dependencies- None
#
Install#
Usage#
SettingsProperty | Type | Default | Description |
---|---|---|---|
actorsKeyPairsDir | String | required | Path to where the actor's key pair will be stored. |
generateActorKeyPair
#
#
ParametersProperty | Type | Default | Description |
---|---|---|---|
actorUri | String | required | URI of the actor for which will generate the key pairs |
#
ReturnString
- The generated public key.
generateSignatureHeaders
#
#
ParametersProperty | Type | Default | Description |
---|---|---|---|
url | String | required | URL where the data will be sent |
body | String | required | Data to be sent. This is used to build the Digest string. If it is JSON, it must be stringified |
actorUri | String | required | URI of the actor for which will generate the signature |
#
ReturnObject
- HTTP headers with Date
, Digest
and Signature
properties.
verifyDigest
#
#
ParametersProperty | Type | Default | Description |
---|---|---|---|
headers | Object | required | Headers of the message (with or without a Digest property) |
body | String | required | Data to the message. If it is JSON, it must be stringified |
#
ReturnString
- The generated public key.
verifyHttpSignature
#
Fetch remote actor's public key and verify that the signature in the headers has been generated by this actor.
#
ParametersProperty | Type | Default | Description |
---|---|---|---|
url | String | required | URL where the message has been received |
headers | Object | required | Headers of the message received |
#
ReturnBoolean
- True if HTTP signature is verified.