HMAC.pod 4.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157
  1. =pod
  2. =head1 NAME
  3. HMAC,
  4. HMAC_CTX_new,
  5. HMAC_CTX_reset,
  6. HMAC_CTX_free,
  7. HMAC_Init,
  8. HMAC_Init_ex,
  9. HMAC_Update,
  10. HMAC_Final,
  11. HMAC_CTX_copy,
  12. HMAC_CTX_set_flags,
  13. HMAC_CTX_get_md,
  14. HMAC_size
  15. - HMAC message authentication code
  16. =head1 SYNOPSIS
  17. #include <openssl/hmac.h>
  18. unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
  19. int key_len, const unsigned char *d, int n,
  20. unsigned char *md, unsigned int *md_len);
  21. HMAC_CTX *HMAC_CTX_new(void);
  22. int HMAC_CTX_reset(HMAC_CTX *ctx);
  23. int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
  24. const EVP_MD *md, ENGINE *impl);
  25. int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
  26. int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
  27. void HMAC_CTX_free(HMAC_CTX *ctx);
  28. int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
  29. void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
  30. const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
  31. size_t HMAC_size(const HMAC_CTX *e);
  32. Deprecated:
  33. #if OPENSSL_API_COMPAT < 0x10100000L
  34. int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
  35. const EVP_MD *md);
  36. #endif
  37. =head1 DESCRIPTION
  38. HMAC is a MAC (message authentication code), i.e. a keyed hash
  39. function used for message authentication, which is based on a hash
  40. function.
  41. HMAC() computes the message authentication code of the B<n> bytes at
  42. B<d> using the hash function B<evp_md> and the key B<key> which is
  43. B<key_len> bytes long.
  44. It places the result in B<md> (which must have space for the output of
  45. the hash function, which is no more than B<EVP_MAX_MD_SIZE> bytes).
  46. If B<md> is NULL, the digest is placed in a static array. The size of
  47. the output is placed in B<md_len>, unless it is B<NULL>. Note: passing a NULL
  48. value for B<md> to use the static array is not thread safe.
  49. B<evp_md> can be EVP_sha1(), EVP_ripemd160() etc.
  50. HMAC_CTX_new() creates a new HMAC_CTX in heap memory.
  51. HMAC_CTX_reset() zeroes an existing B<HMAC_CTX> and associated
  52. resources, making it suitable for new computations as if it was newly
  53. created with HMAC_CTX_new().
  54. HMAC_CTX_free() erases the key and other data from the B<HMAC_CTX>,
  55. releases any associated resources and finally frees the B<HMAC_CTX>
  56. itself.
  57. The following functions may be used if the message is not completely
  58. stored in memory:
  59. HMAC_Init_ex() initializes or reuses a B<HMAC_CTX> structure to use the hash
  60. function B<evp_md> and key B<key>. If both are NULL, or if B<key> is NULL
  61. and B<evp_md> is the same as the previous call, then the
  62. existing key is
  63. reused. B<ctx> must have been created with HMAC_CTX_new() before the first use
  64. of an B<HMAC_CTX> in this function.
  65. If HMAC_Init_ex() is called with B<key> NULL and B<evp_md> is not the
  66. same as the previous digest used by B<ctx> then an error is returned
  67. because reuse of an existing key with a different digest is not supported.
  68. HMAC_Init() initializes a B<HMAC_CTX> structure to use the hash
  69. function B<evp_md> and the key B<key> which is B<key_len> bytes
  70. long.
  71. HMAC_Update() can be called repeatedly with chunks of the message to
  72. be authenticated (B<len> bytes at B<data>).
  73. HMAC_Final() places the message authentication code in B<md>, which
  74. must have space for the hash function output.
  75. HMAC_CTX_copy() copies all of the internal state from B<sctx> into B<dctx>.
  76. HMAC_CTX_set_flags() applies the specified flags to the internal EVP_MD_CTXs.
  77. These flags have the same meaning as for L<EVP_MD_CTX_set_flags(3)>.
  78. HMAC_CTX_get_md() returns the EVP_MD that has previously been set for the
  79. supplied HMAC_CTX.
  80. HMAC_size() returns the length in bytes of the underlying hash function output.
  81. =head1 RETURN VALUES
  82. HMAC() returns a pointer to the message authentication code or NULL if
  83. an error occurred.
  84. HMAC_CTX_new() returns a pointer to a new B<HMAC_CTX> on success or
  85. B<NULL> if an error occurred.
  86. HMAC_CTX_reset(), HMAC_Init_ex(), HMAC_Update(), HMAC_Final() and
  87. HMAC_CTX_copy() return 1 for success or 0 if an error occurred.
  88. HMAC_CTX_get_md() return the EVP_MD previously set for the supplied HMAC_CTX or
  89. NULL if no EVP_MD has been set.
  90. HMAC_size() returns the length in bytes of the underlying hash function output
  91. or zero on error.
  92. =head1 CONFORMING TO
  93. RFC 2104
  94. =head1 SEE ALSO
  95. L<SHA1(3)>, L<evp(7)>
  96. =head1 HISTORY
  97. HMAC_CTX_init() was replaced with HMAC_CTX_reset() in OpenSSL 1.1.0.
  98. HMAC_CTX_cleanup() existed in OpenSSL before version 1.1.0.
  99. HMAC_CTX_new(), HMAC_CTX_free() and HMAC_CTX_get_md() are new in OpenSSL 1.1.0.
  100. HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in
  101. OpenSSL before version 1.0.0.
  102. =head1 COPYRIGHT
  103. Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
  104. Licensed under the OpenSSL license (the "License"). You may not use
  105. this file except in compliance with the License. You can obtain a copy
  106. in the file LICENSE in the source distribution or at
  107. L<https://www.openssl.org/source/license.html>.
  108. =cut