Incoviba/oficial
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

HMAC implementation for signature validation

Browse Source
This commit is contained in:
Juan Pablo Vial
2025-06-03 21:53:49 -04:00
parent 8c0bd450ef
commit 981858f251
3 changed files with 39 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
app/src/Service/HMAC.php Normal file
View File

@ -0,0 +1,17 @@
<?php
namespace Incoviba\Service;
use Incoviba\Common\Ideal;
class HMAC extends Ideal\Service
{
public static function validate(string $timestamp, string $requestSignature, string $requestId, string $secret): bool
{
$message = "{$timestamp}.{$requestId}";
$encodedSecret = mb_convert_encoding($secret, 'UTF-8');
$encodedMessage = mb_convert_encoding($message, 'UTF-8');
$hmacObject = hash_hmac('sha256', $encodedMessage, $encodedSecret);
$computedSignature = base64_encode($hmacObject);
return hash_equals($computedSignature, $requestSignature);
}
}