Name: autograph
Owner: Mozilla Services
Description: Digital signature micro-services
Created: 2016-01-05 17:55:26.0
Updated: 2018-05-21 12:28:48.0
Pushed: 2018-05-23 19:14:40.0
Size: 71038
Language: Go
GitHub Committers
User | Most Recent Commit | # Commits |
---|
Other Committers
User | Most Recent Commit | # Commits |
---|
Autograph is a cryptographic signature service that implements Content-Signature and other signing methods.
Why is it called “autograph”? Because it's a service to sign stuff.
docker pull mozilla/autograph && docker run mozilla/autograph
This will download the latest build of autograph from DockerHub and run it with its dev configuration.
If you don't yet have a GOPATH, export one:
port GOPATH=$HOME/go
dir $GOPATH
Then download and build autograph:
get go.mozilla.org/autograph
The resulting binary will be placed in $GOPATH/bin/autograph
. To run autograph with the example conf, do:
$GOPATH/src/go.mozilla.org/autograph
OPATH/bin/autograph -c autograph.yaml
Example clients are in the tools
directory. You can install the Go one like this:
get go.mozilla.org/autograph/tools/autograph-client
OPATH/bin/autograph-client -u alice -p fs5wgcer9qj819kfptdlp8gm227ewxnzvsuj9ztycsx08hfhzu -t http://localhost:8000/sign/data -r '[{"input": "Y2FyaWJvdW1hdXJpY2UK"}]'
/08/23 17:25:55 signature 0 pass
Autograph exposes a REST API that services can query to request signature of their data. Autograph knows which key should be used to sign the data of a service based on the service's authentication token. Access control and rate limiting are performed at that layer as well.