mirror of https://github.com/perkeep/perkeep.git
43 lines
1.3 KiB
Markdown
43 lines
1.3 KiB
Markdown
|
# JSON signing & verification
|
||
|
|
|
||
|
|
A Perkeep server will typically expose a JSON signing handler. The operations for the signing handler are available at URL paths that are under the [Discovery protocol](discovery) response's **jsonSignRoot** value.
|
||
|
|
|
||
|
|
The three handlers paths are:
|
||
|
|
|
||
|
|
* **[jsonSignRoot]**/camli/sig/discovery
|
||
|
|
* **[jsonSignRoot]**/camli/sig/sign
|
||
|
|
* **[jsonSignRoot]**/camli/sig/verify
|
||
|
|
|
||
|
|
## Discovery
|
||
|
|
|
||
|
|
The discovery handler, in response to a GET request with no options,
|
||
|
|
returns a
|
||
|
|
[SignDiscovery](https://perkeep.org/pkg/types/camtypes/#SignDiscovery)
|
||
|
|
value, such as:
|
||
|
|
|
||
|
|
```
|
||
|
|
{
|
||
|
|
"publicKey": "/sighelper/camli/sha1-f72d9090b61b70ee6501cceacc9d81a0801d32f6",
|
||
|
|
"publicKeyBlobRef": "sha1-f72d9090b61b70ee6501cceacc9d81a0801d32f6",
|
||
|
|
"publicKeyId": "94DE83C46401800C",
|
||
|
|
"signHandler": "/sighelper/camli/sig/sign",
|
||
|
|
"verifyHandler": "/sighelper/camli/sig/verify"
|
||
|
|
}
|
||
|
|
```
|
||
|
|
|
||
|
|
## Signing
|
||
|
|
|
||
|
|
The signing handler requires a POST request (of either
|
||
|
|
type `application/x-www-form-urlencoded` or `multipart/form-data`) and accepts
|
||
|
|
parameters:
|
||
|
|
|
||
|
|
* **json**: the unsigned JSON to sign
|
||
|
|
|
||
|
|
## Verification
|
||
|
|
|
||
|
|
The verification handler requires a POST request (of either
|
||
|
|
type `application/x-www-form-urlencoded` or `multipart/form-data`) and accepts
|
||
|
|
parameters:
|
||
|
|
|
||
|
|
* **sjson**: the signed JSON to verify
|