import hmac
import hashlib
from app.config import settings

SECRET_KEY = settings.SECRET_KEY

def sign_payload(payload: str) -> str:
    """Signs a string payload using HMAC-SHA256."""
    return hmac.new(SECRET_KEY.encode(), payload.encode(), hashlib.sha256).hexdigest()

def sign_bytes(data: bytes) -> str:
    """Signs bytes using HMAC-SHA256."""
    return hmac.new(SECRET_KEY.encode(), data, hashlib.sha256).hexdigest()

def verify_signature(payload: str, signature: str) -> bool:
    """Verifies a signature against a payload using HMAC-SHA256."""
    expected = sign_payload(payload)
    return hmac.compare_digest(signature, expected)

def verify_bytes_signature(data: bytes, signature: str) -> bool:
    """Verifies a signature against bytes using HMAC-SHA256."""
    expected = sign_bytes(data)
    return hmac.compare_digest(signature, expected)