Skip to content

Commit d9dd29c

Browse files
tamainatamaina
committed
README.md
1 parent 5820e00 commit d9dd29c

File tree

1 file changed

+30
-2
lines changed

1 file changed

+30
-2
lines changed

README.md

Lines changed: 30 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,32 @@
11
@misskey-dev/node-http-message-signatures
22
----
33

4-
(WIP) Implementation of RFC 9421 for Node.js, for Misskey.
4+
(WIP) Implementation of [HTTP Signatures "Draft", RFC 9421](https://datatracker.ietf.org/doc/rfc9421/), [RFC 3230](https://datatracker.ietf.org/doc/rfc3230/) and [RFC 9530](https://datatracker.ietf.org/doc/rfc9530/) for Node.js.
5+
6+
It is created for Misskey's ActivityPub implementation.
7+
8+
## Context
9+
### HTTP Signatures "Draft" and RFC 9421
10+
[RFC 9421](https://datatracker.ietf.org/doc/rfc9421/) is the standard used for signing HTTP communications, but has been used since draft in the world of ActivityPub server-to-server communications with Misskey, Mastodon, and others.
11+
The title "HTTP Signatures" in the draft was changed to "HTTP Message Signatures" in the RFC.
12+
13+
This library allows both the draft and RFC to be used.
14+
15+
### RFC 3230 and RFC 9530
16+
[RFC 3230](https://datatracker.ietf.org/doc/rfc3230/) and [RFC 9530](https://datatracker.ietf.org/doc/rfc9530/) are standards used for expressing the digest of the body of an HTTP communication. RFC 9530 was released at the same time as RFC 9421 and obsoletes RFC 3230.
17+
18+
Since ActivityPub also needs digest validation, this library also implements functions to create and validate digests.
19+
20+
## Compatibility
21+
### HTTP Message Signatures Implementation Level
22+
As a way of expressing the HTTP Message Signatures support status of software, I propose to express it as an implementation level (a string of two-digit numbers).
23+
24+
~~Newer versions of Misskey have this string in `metadata.httpMessageSignaturesImplementationLevel` of nodeinfo.~~
25+
26+
|Level|Definition|
27+
|`00`|"Draft", RFC 3230, RSA-SHA256 Only|
28+
|`01`|"Draft", RFC 3230, Supports EdDSA|
29+
|`11`|RFC 9421, RFC 9530, Supports EdDSA|
530

631
## Usage
732

@@ -21,7 +46,10 @@ import { parseRequest, verifyDraftSignature, verifyDigestHeader } from '@misskey
2146
/**
2247
* Prepare keyId-publicKeyPem Map
2348
*/
24-
const publicKeyMap = new Map([[ 'test', '-----BEGIN PUBLIC KEY...' ], ... ]);
49+
const publicKeyMap = new Map([
50+
[ 'test', '-----BEGIN PUBLIC KEY...' ],
51+
...
52+
]);
2553

2654
const fastify = Fastify({
2755
logger: true,

0 commit comments

Comments
 (0)