var connect = require('connect');
var pgpsign = require('connect-pgp');

// This is your super signing own function!
function doSign(msg, callback) {
  // Do signing stuff...
  callback(err, pgpSignedMessage);
}

// New connect app
var app = connect();

// Now signing HTTP requests!
app.use(pgpsign(doSign));

Triggering

Middleware triggers on HTTP header:

"Accept: multipart/signed"

then answers:

  HTTP/1.1 200 OK
  Content-Type: multipart/signed; boundary=bar; micalg=pgp-sha1; protocol="application/pgp-signature"

  --bar
  Content-Type: text/plain; charset=iso-8859-1
  Content-Transfer-Encoding: quoted-printable
  
& This is the body content.
& 
& Every word and every space in the body content body will be
& signed, even the two fields "Content-Type" and "Content-Transfer-Encoding"
& above, with the new line before this body content.

  --bar
  Content-Type: application/pgp-signature
  
  -----BEGIN PGP MESSAGE-----
  Version: 2.6.2

  iQCVAwUBMJrRF2N9oWBghPDJAQE9UQQAtl7LuRVndBjrk4EqYBIb3h5QXIX/LC//
  jJV5bNvkZIGPIcEmI5iFd9boEgvpirHtIREEqLQRkYNoBActFBZmh9GC3C041WGq
  uMbrbxc+nIs1TIKlA08rVi9ig/2Yh7LFrK5Ein57U/W72vgSxLhe/zhdfolT9Brn
  HOxEa44b+EI=
  =ndaj
  -----END PGP MESSAGE-----
  
  --bar--

N.B.: the part of the response with '&' is what is signed.

License

This software is provided under MIT license.

Keywords

FAQs

What is connect-pgp?

Is connect-pgp popular?

Is connect-pgp well maintained?

Package last updated on 09 May 2014

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install