hmacprovider

package

v0.7.0 Latest Latest Go to latest Published: Sep 11, 2025 License: Apache-2.0 Imports: 12 Imported by: 2

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/oddbit-project/blueprint

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
type HMACKeyProvider
type HMACProvider
- func NewHmacProvider(secretProvider HMACKeyProvider, opts ...HMACProviderOption) *HMACProvider
type HMACProviderOption
type SingleKeyProvider
- func NewSingleKeyProvider(keyId string, secret *secure.Credential) *SingleKeyProvider
- func (p *SingleKeyProvider) FetchSecret(keyId string) (*secure.Credential, error)

Constants ¶

View Source

const (
	ErrInvalidKeyId      = utils.Error("invalid key id")
	ErrInvalidHashFormat = utils.Error("invalid hash format")
	ErrInvalidRequest    = utils.Error("invalid request")

	DefaultKeyInterval = 5 * time.Minute
	MaxInputSize       = 32 * 1024 * 1024 // 32MB
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type HMACKeyProvider ¶ added in v0.6.0

type HMACKeyProvider interface {
	FetchSecret(keyId string) (*secure.Credential, error)
}

HMACKeyProvider interface Note: userIds cannot contain dots!!! (".")

type HMACProvider ¶

type HMACProvider struct {
	// contains filtered or unexported fields
}

func NewHmacProvider ¶

func NewHmacProvider(secretProvider HMACKeyProvider, opts ...HMACProviderOption) *HMACProvider

func (*HMACProvider) SHA256Sign ¶

func (h *HMACProvider) SHA256Sign(keyId string, data io.Reader) (string, error)

SHA256Sign generate a simple SHA256 HMAC, no nounce, no timestamp

func (*HMACProvider) SHA256Verify ¶

func (h *HMACProvider) SHA256Verify(data io.Reader, hash string) (string, bool, error)

SHA256Verify verify a simple SHA256 HMAC, no nounce, no timestamp the hash must be a hex-encoded sha256 hash returns the keyId (if any), true if is valid, and an optional error status

func (*HMACProvider) Sign256 ¶

func (h *HMACProvider) Sign256(keyId string, data io.Reader) (hash string, timestamp string, nonce string, err error)

Sign256 generates a HMAC256 signature using timestamp and nonce

func (*HMACProvider) Verify256 ¶

func (h *HMACProvider) Verify256(data io.Reader, hash string, timestamp string, nonce string) (string, bool, error)

Verify256 verifies a HMAC256 signature using timestamp and nonce Returns keyId(if any), true if success, and an optional error code

type HMACProviderOption ¶

type HMACProviderOption func(*HMACProvider)

func WithKeyInterval ¶

func WithKeyInterval(interval time.Duration) HMACProviderOption

func WithMaxInputSize ¶

func WithMaxInputSize(maxInputSize int) HMACProviderOption

func WithNonceStore ¶

func WithNonceStore(nonceStore store.NonceStore) HMACProviderOption

type SingleKeyProvider ¶ added in v0.6.0

type SingleKeyProvider struct {
	// contains filtered or unexported fields
}

func NewSingleKeyProvider ¶ added in v0.6.0

func NewSingleKeyProvider(keyId string, secret *secure.Credential) *SingleKeyProvider

NewSingleKeyProvider creates a simple HMACKeyProvider that provides a single key

func (*SingleKeyProvider) FetchSecret ¶ added in v0.6.0

func (p *SingleKeyProvider) FetchSecret(keyId string) (*secure.Credential, error)

FetchSecret returns the secret if the keyId is valid

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
store

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL