1 .\" $NetBSD: openssl_hmac.3,v 1.14 2015/06/12 17:01:15 christos Exp $
3 .\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
6 .\" ========================================================================
7 .de Sp \" Vertical space (when we can't use .PP)
11 .de Vb \" Begin verbatim text
16 .de Ve \" End verbatim text
20 .\" Set up some character translations and predefined strings. \*(-- will
21 .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
22 .\" double quote, and \*(R" will give a right double quote. \*(C+ will
23 .\" give a nicer C++. Capital omega is used to do unbreakable dashes and
24 .\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
25 .\" nothing in troff, for use with C<>.
27 .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
31 . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
32 . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
47 .\" Escape single quotes in literal strings from groff's Unicode transform.
51 .\" If the F register is turned on, we'll generate index entries on stderr for
52 .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
53 .\" entries marked with X<> in POD. Of course, you'll have to process the
54 .\" output yourself in some meaningful fashion.
56 .\" Avoid warning from groff about undefined register 'F'.
60 .if \n(.g .if rF .nr rF 1
61 .if (\n(rF:(\n(.g==0)) \{
64 . tm Index:\\$1\t\\n%\t"\\$2"
74 .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
75 .\" Fear. Run. Save yourself. No user-serviceable parts.
76 . \" fudge factors for nroff and troff
85 . ds #H ((1u-(\\\\n(.fu%2u))*.13m)
91 . \" simple accents for nroff and troff
101 . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
102 . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
103 . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
104 . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
105 . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
106 . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
108 . \" troff and (daisy-wheel) nroff accents
109 .ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
110 .ds 8 \h'\*(#H'\(*b\h'-\*(#H'
111 .ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
112 .ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
113 .ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
114 .ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
115 .ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
116 .ds ae a\h'-(\w'a'u*4/10)'e
117 .ds Ae A\h'-(\w'A'u*4/10)'E
118 . \" corrections for vroff
119 .if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
120 .if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
121 . \" for low resolution devices (crt and lpr)
122 .if \n(.H>23 .if \n(.V>19 \
135 .\" ========================================================================
138 .TH hmac 3 "2009-12-26" "1.0.1n" "OpenSSL"
139 .\" For nroff, turn off justification. Always turn off hyphenation; it makes
140 .\" way too many mistakes in technical documents.
144 HMAC, HMAC_Init, HMAC_Update, HMAC_Final, HMAC_cleanup \- HMAC message
149 .IX Header "SYNOPSIS"
151 \& #include <openssl/hmac.h>
153 \& unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
154 \& int key_len, const unsigned char *d, int n,
155 \& unsigned char *md, unsigned int *md_len);
157 \& void HMAC_CTX_init(HMAC_CTX *ctx);
159 \& int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
160 \& const EVP_MD *md);
161 \& int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
162 \& const EVP_MD *md, ENGINE *impl);
163 \& int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
164 \& int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
166 \& void HMAC_CTX_cleanup(HMAC_CTX *ctx);
167 \& void HMAC_cleanup(HMAC_CTX *ctx);
170 .IX Header "DESCRIPTION"
171 \&\s-1HMAC\s0 is a \s-1MAC \s0(message authentication code), i.e. a keyed hash
172 function used for message authentication, which is based on a hash
175 \&\s-1\fIHMAC\s0()\fR computes the message authentication code of the \fBn\fR bytes at
176 \&\fBd\fR using the hash function \fBevp_md\fR and the key \fBkey\fR which is
177 \&\fBkey_len\fR bytes long.
179 It places the result in \fBmd\fR (which must have space for the output of
180 the hash function, which is no more than \fB\s-1EVP_MAX_MD_SIZE\s0\fR bytes).
181 If \fBmd\fR is \s-1NULL,\s0 the digest is placed in a static array. The size of
182 the output is placed in \fBmd_len\fR, unless it is \fB\s-1NULL\s0\fR.
184 \&\fBevp_md\fR can be \fIEVP_sha1()\fR, \fIEVP_ripemd160()\fR etc.
186 \&\fIHMAC_CTX_init()\fR initialises a \fB\s-1HMAC_CTX\s0\fR before first use. It must be
189 \&\fIHMAC_CTX_cleanup()\fR erases the key and other data from the \fB\s-1HMAC_CTX\s0\fR
190 and releases any associated resources. It must be called when an
191 \&\fB\s-1HMAC_CTX\s0\fR is no longer required.
193 \&\fIHMAC_cleanup()\fR is an alias for \fIHMAC_CTX_cleanup()\fR included for back
194 compatibility with 0.9.6b, it is deprecated.
196 The following functions may be used if the message is not completely
199 \&\fIHMAC_Init()\fR initializes a \fB\s-1HMAC_CTX\s0\fR structure to use the hash
200 function \fBevp_md\fR and the key \fBkey\fR which is \fBkey_len\fR bytes
201 long. It is deprecated and only included for backward compatibility
204 \&\fIHMAC_Init_ex()\fR initializes or reuses a \fB\s-1HMAC_CTX\s0\fR structure to use
205 the function \fBevp_md\fR and key \fBkey\fR. Either can be \s-1NULL,\s0 in which
206 case the existing one will be reused. \fIHMAC_CTX_init()\fR must have been
207 called before the first use of an \fB\s-1HMAC_CTX\s0\fR in this
208 function. \fBN.B. \f(BIHMAC_Init()\fB had this undocumented behaviour in
209 previous versions of OpenSSL \- failure to switch to \f(BIHMAC_Init_ex()\fB in
210 programs that expect it will cause them to stop working\fR.
212 \&\fIHMAC_Update()\fR can be called repeatedly with chunks of the message to
213 be authenticated (\fBlen\fR bytes at \fBdata\fR).
215 \&\fIHMAC_Final()\fR places the message authentication code in \fBmd\fR, which
216 must have space for the hash function output.
218 .IX Header "RETURN VALUES"
219 \&\s-1\fIHMAC\s0()\fR returns a pointer to the message authentication code or \s-1NULL\s0 if
222 \&\fIHMAC_Init_ex()\fR, \fIHMAC_Update()\fR and \fIHMAC_Final()\fR return 1 for success or 0 if
225 \&\fIHMAC_CTX_init()\fR and \fIHMAC_CTX_cleanup()\fR do not return values.
227 .IX Header "CONFORMING TO"
230 .IX Header "SEE ALSO"
231 \&\fIopenssl_sha\fR\|(3), \fIopenssl_evp\fR\|(3)
234 \&\s-1\fIHMAC\s0()\fR, \fIHMAC_Init()\fR, \fIHMAC_Update()\fR, \fIHMAC_Final()\fR and \fIHMAC_cleanup()\fR
235 are available since SSLeay 0.9.0.
237 \&\fIHMAC_CTX_init()\fR, \fIHMAC_Init_ex()\fR and \fIHMAC_CTX_cleanup()\fR are available
240 \&\fIHMAC_Init_ex()\fR, \fIHMAC_Update()\fR and \fIHMAC_Final()\fR did not return values in
241 versions of OpenSSL before 1.0.0.