1=pod 2 3=head1 NAME 4 5HMAC, 6HMAC_CTX_new, 7HMAC_CTX_reset, 8HMAC_CTX_free, 9HMAC_Init, 10HMAC_Init_ex, 11HMAC_Update, 12HMAC_Final, 13HMAC_CTX_copy, 14HMAC_CTX_set_flags, 15HMAC_CTX_get_md, 16HMAC_size 17- HMAC message authentication code 18 19=head1 SYNOPSIS 20 21 #include <openssl/hmac.h> 22 23 unsigned char *HMAC(const EVP_MD *evp_md, const void *key, 24 int key_len, const unsigned char *d, int n, 25 unsigned char *md, unsigned int *md_len); 26 27 HMAC_CTX *HMAC_CTX_new(void); 28 int HMAC_CTX_reset(HMAC_CTX *ctx); 29 30 int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len, 31 const EVP_MD *md, ENGINE *impl); 32 int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len); 33 int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len); 34 35 void HMAC_CTX_free(HMAC_CTX *ctx); 36 37 int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx); 38 void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags); 39 const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx); 40 41 size_t HMAC_size(const HMAC_CTX *e); 42 43Deprecated: 44 45 #if OPENSSL_API_COMPAT < 0x10100000L 46 int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len, 47 const EVP_MD *md); 48 #endif 49 50=head1 DESCRIPTION 51 52HMAC is a MAC (message authentication code), i.e. a keyed hash 53function used for message authentication, which is based on a hash 54function. 55 56HMAC() computes the message authentication code of the B<n> bytes at 57B<d> using the hash function B<evp_md> and the key B<key> which is 58B<key_len> bytes long. 59 60It places the result in B<md> (which must have space for the output of 61the hash function, which is no more than B<EVP_MAX_MD_SIZE> bytes). 62If B<md> is NULL, the digest is placed in a static array. The size of 63the output is placed in B<md_len>, unless it is B<NULL>. Note: passing a NULL 64value for B<md> to use the static array is not thread safe. 65 66B<evp_md> is a message digest such as EVP_sha1(), EVP_ripemd160() etc. HMAC does 67not support variable output length digests such as EVP_shake128() and 68EVP_shake256(). 69 70HMAC_CTX_new() creates a new HMAC_CTX in heap memory. 71 72HMAC_CTX_reset() zeroes an existing B<HMAC_CTX> and associated 73resources, making it suitable for new computations as if it was newly 74created with HMAC_CTX_new(). 75 76HMAC_CTX_free() erases the key and other data from the B<HMAC_CTX>, 77releases any associated resources and finally frees the B<HMAC_CTX> 78itself. 79 80The following functions may be used if the message is not completely 81stored in memory: 82 83HMAC_Init_ex() initializes or reuses a B<HMAC_CTX> structure to use the hash 84function B<evp_md> and key B<key>. If both are NULL, or if B<key> is NULL 85and B<evp_md> is the same as the previous call, then the 86existing key is 87reused. B<ctx> must have been created with HMAC_CTX_new() before the first use 88of an B<HMAC_CTX> in this function. 89 90If HMAC_Init_ex() is called with B<key> NULL and B<evp_md> is not the 91same as the previous digest used by B<ctx> then an error is returned 92because reuse of an existing key with a different digest is not supported. 93 94HMAC_Init() initializes a B<HMAC_CTX> structure to use the hash 95function B<evp_md> and the key B<key> which is B<key_len> bytes 96long. 97 98HMAC_Update() can be called repeatedly with chunks of the message to 99be authenticated (B<len> bytes at B<data>). 100 101HMAC_Final() places the message authentication code in B<md>, which 102must have space for the hash function output. 103 104HMAC_CTX_copy() copies all of the internal state from B<sctx> into B<dctx>. 105 106HMAC_CTX_set_flags() applies the specified flags to the internal EVP_MD_CTXs. 107These flags have the same meaning as for L<EVP_MD_CTX_set_flags(3)>. 108 109HMAC_CTX_get_md() returns the EVP_MD that has previously been set for the 110supplied HMAC_CTX. 111 112HMAC_size() returns the length in bytes of the underlying hash function output. 113 114=head1 RETURN VALUES 115 116HMAC() returns a pointer to the message authentication code or NULL if 117an error occurred. 118 119HMAC_CTX_new() returns a pointer to a new B<HMAC_CTX> on success or 120B<NULL> if an error occurred. 121 122HMAC_CTX_reset(), HMAC_Init_ex(), HMAC_Update(), HMAC_Final() and 123HMAC_CTX_copy() return 1 for success or 0 if an error occurred. 124 125HMAC_CTX_get_md() return the EVP_MD previously set for the supplied HMAC_CTX or 126NULL if no EVP_MD has been set. 127 128HMAC_size() returns the length in bytes of the underlying hash function output 129or zero on error. 130 131=head1 CONFORMING TO 132 133RFC 2104 134 135=head1 SEE ALSO 136 137L<SHA1(3)>, L<evp(7)> 138 139=head1 HISTORY 140 141HMAC_CTX_init() was replaced with HMAC_CTX_reset() in OpenSSL 1.1.0. 142 143HMAC_CTX_cleanup() existed in OpenSSL before version 1.1.0. 144 145HMAC_CTX_new(), HMAC_CTX_free() and HMAC_CTX_get_md() are new in OpenSSL 1.1.0. 146 147HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in 148OpenSSL before version 1.0.0. 149 150=head1 COPYRIGHT 151 152Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved. 153 154Licensed under the OpenSSL license (the "License"). You may not use 155this file except in compliance with the License. You can obtain a copy 156in the file LICENSE in the source distribution or at 157L<https://www.openssl.org/source/license.html>. 158 159=cut 160