hmac

package module
v1.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 24, 2021 License: MIT Imports: 4 Imported by: 116

README

hmac

Validate HMAC in Golang.

Who uses it?

GitHub, Patreon and some other parties will use HMAC signing with their outgoing webhooks so that you can verify the webhook is from the expected sender.

How it works:

HMAC uses a symmetric key that both sender/receiver share ahead of time. The sender will generate a hash when wanting to transmit a message - this data is sent along with the payload. The recipient will then sign payload with the shared key and if the hash matches then the payload is assumed to be from the sender.

Read more on Wikipedia

Documentation

Example:

import "github.com/alexellis/hmac"

...
var input []byte
var signature string
var secret string

valid := hmac.Validate(input, signature, secret)

fmt.Printf("Valid HMAC? %t\n")

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CheckMAC

func CheckMAC(message, messageMAC, key []byte) bool

CheckMAC verifies hash checksum

func Sign

func Sign(message, key []byte) []byte

Sign a message with the key and return bytes. Note: for human readable output see encoding/hex and encode string functions.

func Validate

func Validate(bytesIn []byte, encodedHash string, secretKey string) error

Validate validate an encodedHash taken from GitHub via X-Hub-Signature HTTP Header. Note: if using another source, just add a 5 letter prefix such as "sha1="

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL