VOOZH about

URL: https://www.nuget.org/packages/NSign.AspNetCore/

⇱ NuGet Gallery | NSign.AspNetCore 1.2.4



👁 Image
 NSign.AspNetCore 1.2.4 

dotnet add package NSign.AspNetCore --version 1.2.4
 
 
NuGet\Install-Package NSign.AspNetCore -Version 1.2.4
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="NSign.AspNetCore" Version="1.2.4" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="NSign.AspNetCore" Version="1.2.4" />
 


 Directory.Packages.props
 

 

 
<PackageReference Include="NSign.AspNetCore" />
 


 Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add NSign.AspNetCore --version 1.2.4
The NuGet Team does not provide support for this client. Please contact its maintainers for support. 
#r "nuget: NSign.AspNetCore, 1.2.4"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package NSign.AspNetCore@1.2.4
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=NSign.AspNetCore&version=1.2.4
 


 Install as a Cake Addin
 

 

 
#tool nuget:?package=NSign.AspNetCore&version=1.2.4
 


 Install as a Cake Tool
The NuGet Team does not provide support for this client. Please contact its maintainers for support.

NSign.AspNetCore

Middleware for ASP.NET Core services to verify signatures on incoming HTTP requests and sign outgoing HTTP responses.

Usage

Verifying signatures on incoming request messages

To have incoming request messages' signatures verified, configure the middleware for the corresponding endpoints as in the following example. Please don't forget to adapt endpoint filtering, required signature components as well as signature parameters to your use case. Also make sure that the TagsToVerify is updated to include the tags used by the callers to identify their signatures.

# Service configuration
services
 .Configure<RequestSignatureVerificationOptions>((options) =>
 {
 options.TagsToVerify.Add("caller-id");
 options.RequiredSignatureComponents.Add(SignatureComponent.RequestTargetUri));
 options.RequiredSignatureComponents.Add(SignatureComponent.ContentType));
 options.CreatedRequired =
 options.ExpiresRequired =
 options.KeyIdRequired =
 options.AlgorithmRequired =
 options.TagRequired = true;
 options.MaxSignatureAge = TimeSpan.FromMinutes(5);

 options.VerifyNonce = (SignatureParamsComponent signatureParams) =>
 {
 Console.WriteLine($"Got signature with tag={signatureParams.Tag} and nonce={signatureParams.Nonce}.");
 // TODO: Actually verify that the nonce was never used before and return false if it was.
 return true;
 };
 })
 ;

# Middleware configuration - register signature verification before the actual middleware/controller handling the request:
app.UseWhen(ctx => ctx.Request.Path.StartsWithSegments("/webhooks"), builder => builder.UseSignatureVerification()); 
app.MapControllers();

You will also need to configure a signature provider that actually verifies the signatures on the requests. See NSign.SignatureProviders for currently available standard implemenations. You can do so for instance as follows:

services
 .AddSignatureVerification(new RsaPssSha512SignatureProvider(
 new X509Certificate2(@"path\to\certificate.cer"), "the-key-id"))
 ;

NOTE: The signature provider only requires access to the public key when asymmetric signatures are used. It must have access to the shared key when symmetric signatures are used.

Signing outgoing response messages

To have outgoing response messages signed, configure the middleware for the corresponding endpoints as in the following example. Please don't forget to adapt endpoint filtering, required signature components as well as signature parameters to your use case.

# Service configuration
services
 .ConfigureMessageSigningOptions((options) =>
 {
 options
 .WithMandatoryComponent(SignatureComponent.Status)
 .WithMandatoryComponent(SignatureComponent.Path)
 .WithMandatoryComponent(SignatureComponent.ContentType)
 // Include the 'x-my-header' signature from the response in the signature too, if present.
 .WithOptionalComponent(new HttpHeaderComponent("x-my-header"))
 ;
 options.SignatureName = "resp";
 options.SetParameters = (sigParams) =>
 {
 sigParams
 .WithCreatedNow()
 .WithExpires(TimeSpan.FromMinutes(5))
 .WithTag("server-signed")
 ;
 };
 })
 .ValidateOnStart()
 ;

# Middleware configuration - register response signing before the actual middleware/controller handling the request:
app.UseWhen(ctx => ctx.Request.Path.StartsWithSegments("/signed-responses"), builder => builder.UseResponseSigning()); 
app.MapControllers();

You will also need to configure a signature provider that actually signs response messages. See NSign.SignatureProviders for currently available standard implemenations. Register a signature provider for instance as follows:

services
 .AddResponseSigning(new RsaPssSha512SignatureProvider(
 new X509Certificate2(@"path\to\certificate.pfx", "PasswordForPfx"),
 "my-cert"))
 ;

NOTE: The signature provider must have access to the private key when asymmetric signatures are used. It must have access to the shared key when symmetric signatures are used.

Further Information

See also:

Product Versions Compatible and additional computed target framework versions.
.NET net8.0 net8.0 is compatible.  net8.0-android net8.0-android was computed.  net8.0-browser net8.0-browser was computed.  net8.0-ios net8.0-ios was computed.  net8.0-maccatalyst net8.0-maccatalyst was computed.  net8.0-macos net8.0-macos was computed.  net8.0-tvos net8.0-tvos was computed.  net8.0-windows net8.0-windows was computed.  net9.0 net9.0 is compatible.  net9.0-android net9.0-android was computed.  net9.0-browser net9.0-browser was computed.  net9.0-ios net9.0-ios was computed.  net9.0-maccatalyst net9.0-maccatalyst was computed.  net9.0-macos net9.0-macos was computed.  net9.0-tvos net9.0-tvos was computed.  net9.0-windows net9.0-windows was computed.  net10.0 net10.0 is compatible.  net10.0-android net10.0-android was computed.  net10.0-browser net10.0-browser was computed.  net10.0-ios net10.0-ios was computed.  net10.0-maccatalyst net10.0-maccatalyst was computed.  net10.0-macos net10.0-macos was computed.  net10.0-tvos net10.0-tvos was computed.  net10.0-windows net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories (1)

Showing the top 1 popular GitHub repositories that depend on NSign.AspNetCore:

Repository Stars
Letterbook/Letterbook
Sustainable federated social media built for open correspondence
Version Downloads Last Updated
1.2.4 1,364 6/3/2026
1.2.3 8,557 2/25/2026
1.2.2 5,737 11/24/2025
1.2.1 6,852 9/17/2025
1.2.0 5,632 7/14/2025
1.1.5 491 7/4/2025
1.1.4 2,920 6/2/2025
1.1.3 940 3/18/2025
1.1.2 694 2/11/2025
1.1.1 1,172 11/21/2024
1.1.0 18,270 11/12/2024
1.0.4 723 8/26/2024
1.0.3 6,060 6/17/2024
1.0.2 739 5/15/2024
1.0.1 2,412 3/20/2024
1.0.0 498 2/20/2024
0.19.3 526 2/13/2024
0.19.2 580 11/27/2023
0.19.1 485 10/9/2023
0.19.0 522 8/21/2023
Loading failed