Documentation
¶
Overview ¶
Package hmac implements HMAC-SHA256 sign/verify over the wire canonical envelope form (see internal/wire.Canonical). Integrity is end-to-end: a recipient reconstructs the canonical bytes from the received wire envelope and verifies them, so a compromised broker cannot forge a peer.
Index ¶
Constants ¶
const MinSecretLen = 32
MinSecretLen is the minimum accepted shared-secret length in bytes.
Rationale: HMAC-SHA256's security is bounded by the entropy of the key. A key shorter than the 32-byte SHA-256 block-output size offers materially less than the construction's full strength and invites trivially brute-forceable secrets (typos, placeholders, "changeme"). 32 bytes (256 bits) matches the HMAC-SHA256 output size and is the standard floor for a secret distributed out-of-band; we reject anything shorter rather than silently signing with a weak key.
Variables ¶
var ( // ErrShortSecret is returned when the shared secret is missing or shorter // than MinSecretLen. ErrShortSecret = fmt.Errorf("hmac: secret must be at least %d bytes", MinSecretLen) // ErrMissingHMAC is returned when an envelope carries no hmac field. ErrMissingHMAC = errors.New("hmac: envelope has no hmac") // ErrBadHMACHex is returned when the envelope hmac is not valid hex. ErrBadHMACHex = errors.New("hmac: envelope hmac is not valid hex") // ErrVerify is returned when the recomputed MAC does not match the one // carried in the envelope. ErrVerify = errors.New("hmac: signature mismatch") )
Functions ¶
func Sign ¶
Sign computes the hex-encoded HMAC-SHA256 over wire.Canonical(env) using secret. The env.HMAC field is ignored (Canonical omits it) and not mutated; use SignEnvelope to also set it.
func SignEnvelope ¶
SignEnvelope signs env and writes the hex MAC into env.HMAC, returning the updated envelope. The input is taken by value so the caller's copy is untouched until it assigns the result.
Types ¶
This section is empty.
Source Files