Skip to content
A generic HMAC signature validator for Go
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

Go HMAC Validator

Go Report Card GoDoc

A generic tiny Golang package to check HMAC signatures generated by Internet Services to guarantee the HTTP request origin.



Package is documented following Golang conventions so you can generate them with godoc command or read them online on

The package is served under a custom domain and a canonical import path is set in order to restrict to import this package through the domain, hence for getting it you have to

go get

Golang Version & dependencies

The library may work with a few previous Golang releases, however I haven't tested in any than 1.6.

The current dependencies are only used in the tests, which are testify assert and require


Write some benchmarks and do an implementation of using key/value byte slice as payload than a map to compare how map type probably penalize and it may be avoided.


After I implemented this concept in a node module, I thought that would be great to have this generic HMAC validation functionality for Golang, so I took the concept and I developed it in the Go way (this is not a the NodeJS implementation translated to Go).

Related works

The same concept and similar functionality for NodeJS


MIT, read LICENSE file for more information.

You can’t perform that action at this time.