8498ecf890
ChaCha20-Poly1305, AES-256-GCM, Argon2 key derivation, OpenPGP challenge-response auth, and trust tier policy engine. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
30 lines
775 B
Go
30 lines
775 B
Go
package crypt
|
|
|
|
import (
|
|
"crypto/hmac"
|
|
"crypto/sha256"
|
|
"crypto/sha512"
|
|
"hash"
|
|
)
|
|
|
|
// HMACSHA256 computes the HMAC-SHA256 of a message using the given key.
|
|
func HMACSHA256(message, key []byte) []byte {
|
|
mac := hmac.New(sha256.New, key)
|
|
mac.Write(message)
|
|
return mac.Sum(nil)
|
|
}
|
|
|
|
// HMACSHA512 computes the HMAC-SHA512 of a message using the given key.
|
|
func HMACSHA512(message, key []byte) []byte {
|
|
mac := hmac.New(sha512.New, key)
|
|
mac.Write(message)
|
|
return mac.Sum(nil)
|
|
}
|
|
|
|
// VerifyHMAC verifies an HMAC using constant-time comparison.
|
|
// hashFunc should be sha256.New, sha512.New, etc.
|
|
func VerifyHMAC(message, key, mac []byte, hashFunc func() hash.Hash) bool {
|
|
expected := hmac.New(hashFunc, key)
|
|
expected.Write(message)
|
|
return hmac.Equal(mac, expected.Sum(nil))
|
|
}
|