Constructing Messages Using HTTP Signature Security

HTTP signatures use a digital signature to enable the receiver to validate the sender's authenticity and ensure that the message was not tampered with during transit. For more information on HTTP signatures, see the IETF Draft that is maintained by the IETF HTTP Working Group (
Follow these steps to implement HTTP signatures:
  1. Create the shared secret key pair. See Creating a Shared Secret Key Pair.
  2. Generate a hash of the message body. See Generating a Hash of the Message Body.
  3. Generate a signature hash. See Generating the Signature Hash.
  4. Populate the
    header field. See Updating Header Fields.