GitHub - pierDipi/httpsign: HTTP Signatures draft in Go

This is a nearly feature-complete implementation of draft -08, including all test vectors.

The code follows the latest version of the draft, which may be the Editor's Copy rather than the published draft.

The Accept-Signature header is unimplemented.
Inclusion of Signature and Signature-Input as trailers is optional and is not yet implemented.
Extracting derived components from the "related request". See related issue.
In responses, when using the "wrapped handler" feature, the Content-Type header is only signed if set explicitly by the server. This is different, but arguably more secure, than the normal net.http behavior.

Name		Name	Last commit message	Last commit date
Latest commit History 100 Commits
.github/workflows		.github/workflows
.idea		.idea
fuzz		fuzz
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
client.go		client.go
client_test.go		client_test.go
clientex_test.go		clientex_test.go
config.go		config.go
config_test.go		config_test.go
crypto.go		crypto.go
crypto_test.go		crypto_test.go
ecdsa.go		ecdsa.go
ecdsa_test.go		ecdsa_test.go
fields.go		fields.go
fields_test.go		fields_test.go
gendoc.sh		gendoc.sh
go.mod		go.mod
go.sum		go.sum
handler.go		handler.go
handler_test.go		handler_test.go
handlerex_test.go		handlerex_test.go
http2_test.go		http2_test.go
httpparse.go		httpparse.go
httpsign.iml		httpsign.iml
signatures.go		signatures.go
signatures_test.go		signatures_test.go
signaturesex_test.go		signaturesex_test.go

Provide feedback