3.3. Signature Algorithms

3.3. Signature Algorithms

An HTTP message signature MUST use a cryptographic digital signature or MAC method that is appropriate for the key material, environment, and needs of the signer and verifier. This specification does not strictly limit the available signature algorithms, and any signature algorithm that meets these basic requirements MAY be used by an application of HTTP message signatures.

For each signing method, HTTP_SIGN takes as its input the signature base defined in Section 2.5 as a byte array (M) and the signing key material (Ks), and outputs the resultant signature as a byte array (S):

HTTP_SIGN (M, Ks) -> S

For each verification method, HTTP_VERIFY takes as its input the regenerated signature base defined in Section 2.5 as a byte array (M), the verification key material (Kv), and the presented signature to be verified as a byte array (S), and outputs the verification result (V) as a Boolean:

HTTP_VERIFY (M, Kv, S) -> V

The following sections contain several common signature algorithms and demonstrate how these cryptographic primitives map to the HTTP_SIGN and HTTP_VERIFY definitions above. Which method to use can be communicated through the explicit algorithm (alg) signature parameter (Section 2.3), by reference to the key material, or through mutual agreement between the signer and verifier. Signature algorithms selected using the alg parameter MUST use values from the "HTTP Signature Algorithms" registry (Section 6.2).