mirror of
https://github.com/kopia/kopia.git
synced 2026-01-26 15:28:06 -05:00
34 lines
756 B
Go
34 lines
756 B
Go
package block
|
|
|
|
import "crypto/hmac"
|
|
import "crypto/sha256"
|
|
import "errors"
|
|
|
|
func appendHMAC(data []byte, secret []byte) []byte {
|
|
h := hmac.New(sha256.New, secret)
|
|
h.Write(data) // nolint:errcheck
|
|
return h.Sum(data)
|
|
}
|
|
|
|
func verifyAndStripHMAC(b []byte, secret []byte) ([]byte, error) {
|
|
if len(b) < sha256.Size {
|
|
return nil, errors.New("invalid data - too short")
|
|
}
|
|
|
|
p := len(b) - sha256.Size
|
|
data := b[0:p]
|
|
signature := b[p:]
|
|
|
|
h := hmac.New(sha256.New, secret)
|
|
h.Write(data) // nolint:errcheck
|
|
validSignature := h.Sum(nil)
|
|
if len(signature) != len(validSignature) {
|
|
return nil, errors.New("invalid signature length")
|
|
}
|
|
if hmac.Equal(validSignature, signature) {
|
|
return data, nil
|
|
}
|
|
|
|
return nil, errors.New("invalid data - corrupted")
|
|
}
|