-- This requires https://www.postgresql.org/docs/8.3/static/pgcrypto.html
-- A `sync_stamp` is our current database time with HMAC sig.
-- The dot "." separates data and sig as with https://jwt.io/
-- Unlike JWT, the sig is not base64 encoded.
SELECT to_char(CURRENT_TIMESTAMP, 'YYYYMMDDHH24MISSUS')
|| '.'
|| hmac(to_char(CURRENT_TIMESTAMP, 'YYYYMMDDHH24MISSUS'), 'SUPER-DUPER-SECRET', 'md5')
as sync_stamp;
-- 20180712215107309054.\xaf330cffa927bd496c153e09b559c71d
-- Verify this data against its signature...
select '\xaf330cffa927bd496c153e09b559c71d' = hmac('20180712215107309054', 'SUPER-DUPER-SECRET', 'md5')
as is_valid_sync_stamp;
-- Should return `t`
Last active
July 13, 2018 02:31
-
-
Save robert-claypool/3297f56409c0b0cfba6a5712fa853eef to your computer and use it in GitHub Desktop.
HMAC Signed Timestamps For PostgreSQL
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment