7407b89b8d
Remove banned imports (fmt, strings, os, errors, path/filepath) across all production and test files, replace with core.* primitives, coreio.ReadStream, and coreerr.E. Upgrade dappco.re/go/core v0.5.0 → v0.7.0 for core.PathBase and core.Is. Fix isRepoScoped to exclude pr.* capabilities (enforcement is at the forge layer, not the policy engine). Add Good/Bad/Ugly test coverage to all packages missing the mandatory three-category naming convention. Co-Authored-By: Virgil <virgil@lethean.io>
35 lines
926 B
Go
35 lines
926 B
Go
package crypt
|
|
|
|
import (
|
|
"crypto/hmac"
|
|
"crypto/sha256"
|
|
"crypto/sha512"
|
|
"hash"
|
|
)
|
|
|
|
// HMACSHA256 computes the HMAC-SHA256 of a message using the given key.
|
|
//
|
|
// mac := crypt.HMACSHA256([]byte("message"), []byte("secret"))
|
|
func HMACSHA256(message, key []byte) []byte {
|
|
mac := hmac.New(sha256.New, key)
|
|
mac.Write(message)
|
|
return mac.Sum(nil)
|
|
}
|
|
|
|
// HMACSHA512 computes the HMAC-SHA512 of a message using the given key.
|
|
//
|
|
// mac := crypt.HMACSHA512([]byte("message"), []byte("secret"))
|
|
func HMACSHA512(message, key []byte) []byte {
|
|
mac := hmac.New(sha512.New, key)
|
|
mac.Write(message)
|
|
return mac.Sum(nil)
|
|
}
|
|
|
|
// VerifyHMAC verifies an HMAC using constant-time comparison.
|
|
//
|
|
// ok := crypt.VerifyHMAC(message, key, receivedMAC, sha256.New)
|
|
func VerifyHMAC(message, key, mac []byte, hashFunc func() hash.Hash) bool {
|
|
expected := hmac.New(hashFunc, key)
|
|
expected.Write(message)
|
|
return hmac.Equal(mac, expected.Sum(nil))
|
|
}
|