const TagSize … // Sum generates an authenticator for msg using a one-time key and puts the // 16-byte result into out. Authenticating two different messages with the same // key allows an attacker to forge messages at will. func Sum(out *[16]byte, m []byte, key *[32]byte) { … } // Verify returns true if mac is a valid authenticator for m with the given key. func Verify(mac *[16]byte, m []byte, key *[32]byte) bool { … } // New returns a new MAC computing an authentication // tag of all data written to it with the given key. // This allows writing the message progressively instead // of passing it as a single slice. Common users should use // the Sum function instead. // // The key must be unique for each message, as authenticating // two different messages with the same key allows an attacker // to forge messages at will. func New(key *[32]byte) *MAC { … } type MAC … // Size returns the number of bytes Sum will return. func (h *MAC) Size() int { … } // Write adds more data to the running message authentication code. // It never returns an error. // // It must not be called after the first call of Sum or Verify. func (h *MAC) Write(p []byte) (n int, err error) { … } // Sum computes the authenticator of all data written to the // message authentication code. func (h *MAC) Sum(b []byte) []byte { … } // Verify returns whether the authenticator of all data written to // the message authentication code matches the expected value. func (h *MAC) Verify(expected []byte) bool { … }