hmac

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 2, 2026 License: GPL-3.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func BuildPayload 

func BuildPayload(req any) ([]byte, error)

BuildPayload produces a canonical JSON representation of the struct fields, excluding any field tagged with `hmac:"-"`.

The canonical form is a JSON object with keys sorted alphabetically, produced by json.Marshal over a map[string]any. This guarantees:

  • Deterministic key ordering (Go sorts map keys in json.Marshal)
  • Proper escaping of special characters in values
  • Empty fields are always included (no omitempty)
  • No ambiguity from custom serialization formats

func Sign 

func Sign[T Signable](signingKey []byte, req T) (string, error)

Sign computes the HMAC-SHA256 signature for req using the given signing key and returns the raw signature bytes.

func Verify 

func Verify[T Signable](signingKey []byte, req T) (bool, error)

Verify checks whether the HMAC-SHA256 signature of req is valid for the given signing key. Fields tagged with `hmac:"-"` are excluded from the payload computation.

Types

type Signable 

type Signable interface {
	SignatureString() string
	SignatureBytes() []byte
	GetTimestamp() int64
}

Signable is the minimal interface for HMAC-verifiable structs. Any struct embedding Signature satisfies this automatically.

type Signature 

type Signature struct {
	Timestamp int64  `json:"timestamp"`
	Signature string `json:"signature" hmac:"-"`
}

Signature is an embeddable struct that provides HMAC signature support with mandatory timestamp for anti-replay protection. Embed it in any request struct to make it verifiable via Verify. 

type RegisterPlanRequest struct {
    hmac.Signature
    Persistence       string `json:"repo"`
    PlanOutput string `json:"plan_output"`
}

func (Signature) GetTimestamp 

func (s Signature) GetTimestamp() int64

GetTimestamp returns the request timestamp for anti-replay validation.

func (Signature) SignatureBytes 

func (s Signature) SignatureBytes() []byte

SignatureBytes returns the signature as a byte slice.

func (Signature) SignatureString 

func (s Signature) SignatureString() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.