Skip to content

Instantly share code, notes, and snippets.

@robert-claypool
Last active July 13, 2018 02:31
Show Gist options
  • Save robert-claypool/3297f56409c0b0cfba6a5712fa853eef to your computer and use it in GitHub Desktop.
Save robert-claypool/3297f56409c0b0cfba6a5712fa853eef to your computer and use it in GitHub Desktop.
HMAC Signed Timestamps For PostgreSQL
-- This requires https://www.postgresql.org/docs/8.3/static/pgcrypto.html
-- A `sync_stamp` is our current database time with HMAC sig.
-- The dot "." separates data and sig as with https://jwt.io/
-- Unlike JWT, the sig is not base64 encoded.
SELECT to_char(CURRENT_TIMESTAMP, 'YYYYMMDDHH24MISSUS')
    || '.'
    || hmac(to_char(CURRENT_TIMESTAMP, 'YYYYMMDDHH24MISSUS'), 'SUPER-DUPER-SECRET', 'md5')
    as sync_stamp;
-- 20180712215107309054.\xaf330cffa927bd496c153e09b559c71d
-- Verify this data against its signature...
select '\xaf330cffa927bd496c153e09b559c71d' = hmac('20180712215107309054', 'SUPER-DUPER-SECRET', 'md5')
    as is_valid_sync_stamp;
-- Should return `t`
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment