mirror of
https://github.com/moparisthebest/curl
synced 2024-11-11 12:05:06 -05:00
08e8455ddd
It is a security process for HTTP. It doesn't seems to be standard, but it is used by some cloud providers. Aws: https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html Outscale: https://wiki.outscale.net/display/EN/Creating+a+Canonical+Request GCP (I didn't test that this code work with GCP though): https://cloud.google.com/storage/docs/access-control/signing-urls-manually most of the code is in lib/http_v4_signature.c Information require by the algorithm: - The URL - Current time - some prefix that are append to some of the signature parameters. The data extracted from the URL are: the URI, the region, the host and the API type example: https://api.eu-west-2.outscale.com/api/latest/ReadNets ~~~ ~~~~~~~~ ~~~~~~~~~~~~~~~~~~~ ^ ^ ^ / \ URI API type region Small description of the algorithm: - make canonical header using content type, the host, and the date - hash the post data - make canonical_request using custom request, the URI, the get data, the canonical header, the signed header and post data hash - hash canonical_request - make str_to_sign using one of the prefix pass in parameter, the date, the credential scope and the canonical_request hash - compute hmac from date, using secret key as key. - compute hmac from region, using above hmac as key - compute hmac from api_type, using above hmac as key - compute hmac from request_type, using above hmac as key - compute hmac from str_to_sign using above hmac as key - create Authorization header using above hmac, prefix pass in parameter, the date, and above hash Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com> Closes #5703 |
||
|---|---|---|
| .. | ||
| opts | ||
| .gitignore | ||
| ABI.md | ||
| CMakeLists.txt | ||
| curl_easy_cleanup.3 | ||
| curl_easy_duphandle.3 | ||
| curl_easy_escape.3 | ||
| curl_easy_getinfo.3 | ||
| curl_easy_init.3 | ||
| curl_easy_option_by_id.3 | ||
| curl_easy_option_by_name.3 | ||
| curl_easy_option_next.3 | ||
| curl_easy_pause.3 | ||
| curl_easy_perform.3 | ||
| curl_easy_recv.3 | ||
| curl_easy_reset.3 | ||
| curl_easy_send.3 | ||
| curl_easy_setopt.3 | ||
| curl_easy_strerror.3 | ||
| curl_easy_unescape.3 | ||
| curl_easy_upkeep.3 | ||
| curl_escape.3 | ||
| curl_formadd.3 | ||
| curl_formfree.3 | ||
| curl_formget.3 | ||
| curl_free.3 | ||
| curl_getdate.3 | ||
| curl_getenv.3 | ||
| curl_global_cleanup.3 | ||
| curl_global_init_mem.3 | ||
| curl_global_init.3 | ||
| curl_global_sslset.3 | ||
| curl_mime_addpart.3 | ||
| curl_mime_data_cb.3 | ||
| curl_mime_data.3 | ||
| curl_mime_encoder.3 | ||
| curl_mime_filedata.3 | ||
| curl_mime_filename.3 | ||
| curl_mime_free.3 | ||
| curl_mime_headers.3 | ||
| curl_mime_init.3 | ||
| curl_mime_name.3 | ||
| curl_mime_subparts.3 | ||
| curl_mime_type.3 | ||
| curl_mprintf.3 | ||
| curl_multi_add_handle.3 | ||
| curl_multi_assign.3 | ||
| curl_multi_cleanup.3 | ||
| curl_multi_fdset.3 | ||
| curl_multi_info_read.3 | ||
| curl_multi_init.3 | ||
| curl_multi_perform.3 | ||
| curl_multi_poll.3 | ||
| curl_multi_remove_handle.3 | ||
| curl_multi_setopt.3 | ||
| curl_multi_socket_action.3 | ||
| curl_multi_socket_all.3 | ||
| curl_multi_socket.3 | ||
| curl_multi_strerror.3 | ||
| curl_multi_timeout.3 | ||
| curl_multi_wait.3 | ||
| curl_multi_wakeup.3 | ||
| curl_share_cleanup.3 | ||
| curl_share_init.3 | ||
| curl_share_setopt.3 | ||
| curl_share_strerror.3 | ||
| curl_slist_append.3 | ||
| curl_slist_free_all.3 | ||
| curl_strequal.3 | ||
| curl_strnequal.3 | ||
| curl_unescape.3 | ||
| curl_url_cleanup.3 | ||
| curl_url_dup.3 | ||
| curl_url_get.3 | ||
| curl_url_set.3 | ||
| curl_url.3 | ||
| curl_version_info.3 | ||
| curl_version.3 | ||
| libcurl-easy.3 | ||
| libcurl-env.3 | ||
| libcurl-errors.3 | ||
| libcurl-multi.3 | ||
| libcurl-security.3 | ||
| libcurl-share.3 | ||
| libcurl-thread.3 | ||
| libcurl-tutorial.3 | ||
| libcurl-url.3 | ||
| libcurl.3 | ||
| libcurl.m4 | ||
| Makefile.am | ||
| Makefile.inc | ||
| mksymbolsmanpage.pl | ||
| symbols-in-versions | ||
| symbols.pl | ||