Support My IBM Log in

IBM Support

Signature Header

Product Documentation


Abstract

The following code sample constructs an HTTP Signature Header value. The code implements the IETF draft-cavage-http-signatures-09 specification, which is used to validate the code.

Content

const crypto = require('crypto');

///// constants taken from IETF draft-cavage-http-signatures-09 /////

const PUBLIC_KEY = `-----BEGIN PUBLIC KEY-----
<public key value>
-----END PUBLIC KEY-----`;

const PRIVATE_KEY = `-----BEGIN RSA PRIVATE KEY-----
<private key value>
-----END RSA PRIVATE KEY-----`;

const ALGORITHM = 'rsa-sha256';

const METHOD = 'POST';
const PATH = '/foo?param=value&pet=dog';
const HEADERS = {
  Host: 'example.com',
  Date: 'Sun, 05 Jan 2014 21:31:40 GMT',
  'Content-Type': 'application/json',
  Digest: 'SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=',
  'Content-Length': 18,
};
const PAYLOAD = '{"hello": "world"}';

const KEY_ID = 'Test';

const EXPECTED_BASIC_TEST_SIGNATURE       = 'qdx+H7PHHDZgy4y/Ahn9Tny9V3GP6YgBPyUXMmoxWtLbHpUnXS2mg2+SbrQDMCJypxBLSPQR2aAjn7ndmw2iicw3HMbe8VfEdKFYRqzic+efkb3nndiv/x1xSHDJWeSWkx3ButlYSuBskLu6kd9Fswtemr3lgdDEmn04swr2Os0='
const EXPECTED_ALL_HEADERS_TEST_SIGNATURE = 'vSdrb+dS3EceC9bcwHSo4MlyKS59iFIrhgYkz8+oVLEEzmYZZvRs8rgOp+63LEM3v+MFHB32NfpB2bEKBIvB1q52LaEUHFv120V01IL+TAD48XaERZFukWgHoBTLMhYS2Gb51gWxpeIq8knRmPnYePbF5MOkR0Zkly4zKH7s1dE='

///// signature methods /////

function get_signing_string(method: string, path: string, headers: string[]) {
  let signing_string = '(request-target): ' + method.toLowerCase() + ' ' + path;
  for (const key in headers) {
    const value = headers[key];
    signing_string += '\n' + key.toLowerCase() + ': ' + String(value);
  }
  return signing_string;
}

function get_signature(signing_string: string, private_key: string) {
  const signer = crypto.createSign('RSA-SHA256');
  signer.update(signing_string);
  return signer.sign(private_key, 'base64');
}

function get_signature_header_value(key_id: string, algorithm: string, headers: string[], signature: string) {
  let header_names = '(request-target)';
  for (const name in headers) {
    header_names += ' ' + name.toLowerCase();
  }
  let header_value = '';
  header_value += 'keyId="' + key_id + '",';
  header_value += 'algorithm="' + algorithm + '",';
  header_value += 'headers="' + header_names + '",';
  header_value += 'signature="' + signature + '"';
  return header_value;
}

///// test methods /////

// uses the (request-target), host, and date headers
function basic_test() {
  const headers = {};
  headers['Host'] = HEADERS['Host'];
  headers['Date'] = HEADERS['Date'];
  run_test('BASIC TEST', headers, EXPECTED_BASIC_TEST_SIGNATURE);
}

// uses all headers
function all_headers_test() {
  const headers = HEADERS;
  run_test('ALL HEADERS TEST', headers, EXPECTED_ALL_HEADERS_TEST_SIGNATURE);
}

function run_test(name, headers, expected_signature) {
  const signing_string = get_signing_string(METHOD, PATH, headers);
  const signature_base64 = get_signature(signing_string, PRIVATE_KEY);
  const signature_header_value = get_signature_header_value(KEY_ID, ALGORITHM, headers, signature_base64);
  console.log();
  console.log('===================================================');
  console.log(name);
  console.log();
  console.log('signing string:\n' + signing_string);
  console.log();
  console.log('signature_base64:\n' + signature_base64);
  console.log();
  console.log('signature_header_value:\n' + signature_header_value);
  console.log();
  if (signature_base64 === expected_signature) {
    console.log('SUCESS: signature is the same as expected');
  } else {
    console.log('ERROR: signature is different than expected');
  }
}

///// run tests /////

basic_test();
all_headers_test();

Related Information

Signature Header

Document Location

Worldwide


[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNTIG3","label":"IBM Blockchain Transparent Supply"},"Component":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}}]

Document Information

More support for:
IBM Blockchain Transparent Supply

Software version:
All Versions

Document number:
1087203

Modified date:
19 October 2021

UID

ibm11087203

Manage My Notification Subscriptions

Page Feedback

Overview Annual report Corporate social responsibility Financing Investor Newsroom Security, privacy & trust Senior leadership Careers with IBM Website Blog Publications Automotive Banking Consumer Goods Energy Government Healthcare Insurance Life Sciences Manufacturing Retail Telecommunications Travel Our strategic partners Find a partner Become a partner - Partner Plus Partner Plus log in IBM TechXChange Community LinkedIn X Instagram YouTube Subscription Center Participate in user experience research Podcasts Contact IBM Privacy Terms of use Accessibility United States — English