On Thu, 13 Apr 2017 05:34:26 GMT, flamencofantasy wrote:

hello,
I'm trying to use the joyent manta storage service via their rest api. For that i need to implement http signature over TLS.
Here is a shell function that does that;
function manta {

local alg=rsa-sha256
local keyId=/$MANTA_USER/keys/$MANTA_KEY_ID
local now=$(date -u "+%a, %d %h %Y %H:%M:%S GMT")
local sig=$(echo "date:" $now | \
            tr -d '\n' | \
            openssl dgst -sha256 -sign $HOME/.ssh/id_rsa | \
            openssl enc -e -a | tr -d '\n')

curl -sS $MANTA_URL"$@" -H "date: $now"  \
    -H "Authorization: Signature keyId=\"$keyId\",algorithm=\"$alg\",signature=\"$sig\""

}

How can I implement it in D using vibe.d?

Thanks.

The vibe.d part of this would be pretty straight forward, but I'd have to look for examples of employing the OpenSSL library to sign the "date: ..." string. This may require defining custom BIO structs. Apart from that, the general outline is:

string signWithOpenSSL(string to_sign, string key_file)
{
    // ...
}

void manta(string url, string manta_user, string manta_key_id)
{
    auto now = Clock.currTime(UTC()).toRFC822DateTimeString();
    auto key_id = format("/%s/keys/%s", manta_user, manta_key_id);
    auto alg = "rsa-sha256";
    auto sig = signWithOpenSSL("Date: "~now, env["HOME"] ~ "/.ssh/id_rsa");
    auto authstr = format("Signature keyId=\"%s\",algorithm=\"%s\",signature=\"%s\"", key_id, alg, sig);

    requestHTTP(url,
        (req) {
            req.headers["Date"] = now;
            req.headers["Authorization"] = authstr;
        },
        (res) {
            // handle response...
        }
    )
}

Instead of using the OpenSSL API, you could also use std.process.pipeShell to execute the openssl command line binary like in the original example, at the cost of some process creation overhead.