mirror of
https://github.com/oauth2-proxy/oauth2-proxy.git
synced 2025-05-19 22:23:30 +02:00
37 lines
710 B
Go
37 lines
710 B
Go
package encryption
|
|
|
|
import (
|
|
"crypto/hmac"
|
|
"crypto/rand"
|
|
"crypto/sha256"
|
|
"encoding/base64"
|
|
)
|
|
|
|
// Nonce generates a random n-byte slice
|
|
func Nonce(length int) ([]byte, error) {
|
|
b := make([]byte, length)
|
|
_, err := rand.Read(b)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return b, nil
|
|
}
|
|
|
|
// HashNonce returns the SHA256 hash of a nonce
|
|
func HashNonce(nonce []byte) string {
|
|
if nonce == nil {
|
|
return ""
|
|
}
|
|
|
|
hasher := sha256.New()
|
|
hasher.Write(nonce)
|
|
sum := hasher.Sum(nil)
|
|
|
|
return base64.RawURLEncoding.EncodeToString(sum)
|
|
}
|
|
|
|
// CheckNonce tests if a nonce matches the hashed version of it
|
|
func CheckNonce(nonce []byte, hashed string) bool {
|
|
return hmac.Equal([]byte(HashNonce(nonce)), []byte(hashed))
|
|
}
|