-
Notifications
You must be signed in to change notification settings - Fork 20
/
Copy pathauth.go
65 lines (53 loc) · 1.22 KB
/
auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
package sodium
// #cgo pkg-config: libsodium
// #include <stdlib.h>
// #include <sodium.h>
import "C"
var (
cryptoAuthBytes = int(C.crypto_auth_bytes())
cryptoAuthKeyBytes = int(C.crypto_auth_keybytes())
)
type MACKey struct {
Bytes
}
func (b MACKey) Size() int {
return cryptoAuthKeyBytes
}
//MAC stores Message Authentication Code produced by HMAC-SHA512256.
type MAC struct {
Bytes
}
func (b MAC) Size() int {
return cryptoAuthBytes
}
//Auth generates a MAC for the message with the secret 'key'.
func (b Bytes) Auth(key MACKey) (mac MAC) {
checkTypedSize(&key, "Secret Key")
o := make([]byte, cryptoAuthBytes)
bp, bl := plen(b)
if int(C.crypto_auth(
(*C.uchar)(&o[0]),
(*C.uchar)(bp),
(C.ulonglong)(bl),
(*C.uchar)(&key.Bytes[0]))) != 0 {
panic("see libsodium")
}
mac = MAC{o}
return
}
//AuthVerify verifies a messagee with MAC and the secret 'key'.
//
//It returns an error if verification failed.
func (b Bytes) AuthVerify(mac MAC, key MACKey) (err error) {
checkTypedSize(&key, "Secret Key")
checkTypedSize(&mac, "MAC")
bp, bl := plen(b)
if int(C.crypto_auth_verify(
(*C.uchar)(&mac.Bytes[0]),
(*C.uchar)(bp),
(C.ulonglong)(bl),
(*C.uchar)(&key.Bytes[0]))) != 0 {
err = ErrAuth
}
return
}