OpenBSD manual page server

Manual Page Search Parameters

HMAC(3) Library Functions Manual HMAC(3)

HMAC, HMAC_CTX_init, HMAC_Init, HMAC_Init_ex, HMAC_Update, HMAC_Final, HMAC_CTX_cleanup, HMAC_cleanupHMAC message authentication code

#include <openssl/hmac.h>

unsigned char *
HMAC(const EVP_MD *evp_md, const void *key, int key_len, const unsigned char *d, int n, unsigned char *md, unsigned int *md_len);

void
HMAC_CTX_init(HMAC_CTX *ctx);

int
HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len, const EVP_MD *md);

int
HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len, const EVP_MD *md, ENGINE *impl);

int
HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);

int
HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);

void
HMAC_CTX_cleanup(HMAC_CTX *ctx);

void
HMAC_cleanup(HMAC_CTX *ctx);

int
HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);

void
HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);

size_t
HMAC_size(const HMAC_CTX *e);

HMAC is a MAC (message authentication code), i.e. a keyed hash function used for message authentication, which is based on a hash function.

() computes the message authentication code of the n bytes at d using the hash function evp_md and the key key which is key_len bytes long.

It places the result in md, which must have space for the output of the hash function, which is no more than EVP_MAX_MD_SIZE bytes. If md is NULL, the digest is placed in a static array. The size of the output is placed in md_len, unless it is NULL.

evp_md can be EVP_sha1(3), EVP_ripemd160(3), etc.

() initialises a HMAC_CTX before first use. It must be called.

() erases the key and other data from the HMAC_CTX and releases any associated resources. It must be called when an HMAC_CTX is no longer required.

() is an alias for HMAC_CTX_cleanup() included for backward compatibility with 0.9.6b. It is deprecated and implemented as a macro.

The following functions may be used if the message is not completely stored in memory:

() initializes a HMAC_CTX structure to use the hash function evp_md and the key key which is key_len bytes long. It is deprecated and only included for backward compatibility with OpenSSL 0.9.6b.

() initializes or reuses a HMAC_CTX structure to use the function evp_md and key key. Either can be NULL, in which case the existing one will be reused. HMAC_CTX_init() must have been called before the first use of an HMAC_CTX in this function. HMAC_Init() had this undocumented behaviour in previous versions of OpenSSL - failure to switch to HMAC_Init_ex() in programs that expect it will cause them to stop working.

() can be called repeatedly with chunks of the message to be authenticated (len bytes at data).

() places the message authentication code in md, which must have space for the hash function output.

() copies all of the internal state from sctx into dctx.

() applies the specified flags to the internal EVP_MD_CTX objects. Possible flag values EVP_MD_CTX_FLAG_* are defined in <openssl/evp.h>.

() returns the length in bytes of the underlying hash function output. It is implemented as a macro.

HMAC() returns a pointer to the message authentication code or NULL if an error occurred.

HMAC_Init_ex(), HMAC_Update(), HMAC_Final(), and HMAC_CTX_copy() return 1 for success or 0 if an error occurred.

HMAC_size() returns the length in bytes of the underlying hash function output or 0 on error.

evp(3)

RFC 2104

HMAC(), HMAC_Init(), HMAC_Update(), HMAC_Final(), and HMAC_cleanup() are available since SSLeay 0.9.0.

HMAC_CTX_init(), HMAC_Init_ex(), and HMAC_CTX_cleanup() are available since OpenSSL 0.9.7.

HMAC_Init_ex(), HMAC_Update(), and HMAC_Final() did not return values in versions of OpenSSL before 1.0.0.

January 6, 2017 OpenBSD-6.1