File: //usr/local/openssl/man/man3/HMAC_Update.3
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.01 (Pod::Simple 3.43)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\" ========================================================================
.\"
.IX Title "hmac 3"
.TH hmac 3 2019-12-20 1.0.2u OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH NAME
HMAC, HMAC_CTX_init, HMAC_Init, HMAC_Init_ex, HMAC_Update, HMAC_Final, HMAC_CTX_cleanup,
HMAC_cleanup \- HMAC message authentication code
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/hmac.h>
\&
\& unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
\& int key_len, const unsigned char *d, int n,
\& unsigned char *md, unsigned int *md_len);
\&
\& void HMAC_CTX_init(HMAC_CTX *ctx);
\&
\& int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
\& const EVP_MD *md);
\& int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
\& const EVP_MD *md, ENGINE *impl);
\& int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
\& int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
\&
\& void HMAC_CTX_cleanup(HMAC_CTX *ctx);
\& void HMAC_cleanup(HMAC_CTX *ctx);
.Ve
.SH DESCRIPTION
.IX Header "DESCRIPTION"
HMAC is a MAC (message authentication code), i.e. a keyed hash
function used for message authentication, which is based on a hash
function.
.PP
\&\fBHMAC()\fR computes the message authentication code of the \fBn\fR bytes at
\&\fBd\fR using the hash function \fBevp_md\fR and the key \fBkey\fR which is
\&\fBkey_len\fR bytes long.
.PP
It places the result in \fBmd\fR (which must have space for the output of
the hash function, which is no more than \fBEVP_MAX_MD_SIZE\fR bytes).
If \fBmd\fR is NULL, the digest is placed in a static array. The size of
the output is placed in \fBmd_len\fR, unless it is \fBNULL\fR. Note: passing a NULL
value for \fBmd\fR to use the static array is not thread safe.
.PP
\&\fBevp_md\fR can be \fBEVP_sha1()\fR, \fBEVP_ripemd160()\fR etc.
.PP
\&\fBHMAC_CTX_init()\fR initialises a \fBHMAC_CTX\fR before first use. It must be
called.
.PP
\&\fBHMAC_CTX_cleanup()\fR erases the key and other data from the \fBHMAC_CTX\fR
and releases any associated resources. It must be called when an
\&\fBHMAC_CTX\fR is no longer required.
.PP
\&\fBHMAC_cleanup()\fR is an alias for \fBHMAC_CTX_cleanup()\fR included for back
compatibility with 0.9.6b, it is deprecated.
.PP
The following functions may be used if the message is not completely
stored in memory:
.PP
\&\fBHMAC_Init()\fR initializes a \fBHMAC_CTX\fR structure to use the hash
function \fBevp_md\fR and the key \fBkey\fR which is \fBkey_len\fR bytes
long. It is deprecated and only included for backward compatibility
with OpenSSL 0.9.6b.
.PP
\&\fBHMAC_Init_ex()\fR initializes or reuses a \fBHMAC_CTX\fR structure to use the hash
function \fBevp_md\fR and key \fBkey\fR. If both are NULL (or \fBevp_md\fR is the same
as the previous digest used by \fBctx\fR and \fBkey\fR is NULL) the existing key is
reused. \fBctx\fR must have been created with \fBHMAC_CTX_new()\fR before the first use
of an \fBHMAC_CTX\fR in this function. \fBN.B. HMAC_Init() had this undocumented
behaviour in previous versions of OpenSSL \- failure to switch to HMAC_Init_ex()
in programs that expect it will cause them to stop working\fR.
.PP
\&\fBNB: if HMAC_Init_ex() is called with key NULL and evp_md is not the
same as the previous digest used by ctx then an error is returned
because reuse of an existing key with a different digest is not supported.\fR
.PP
\&\fBHMAC_Update()\fR can be called repeatedly with chunks of the message to
be authenticated (\fBlen\fR bytes at \fBdata\fR).
.PP
\&\fBHMAC_Final()\fR places the message authentication code in \fBmd\fR, which
must have space for the hash function output.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fBHMAC()\fR returns a pointer to the message authentication code or NULL if
an error occurred.
.PP
\&\fBHMAC_Init_ex()\fR, \fBHMAC_Update()\fR and \fBHMAC_Final()\fR return 1 for success or 0 if
an error occurred.
.PP
\&\fBHMAC_CTX_init()\fR and \fBHMAC_CTX_cleanup()\fR do not return values.
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
RFC 2104
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBsha\fR\|(3), \fBevp\fR\|(3)
.SH HISTORY
.IX Header "HISTORY"
\&\fBHMAC()\fR, \fBHMAC_Init()\fR, \fBHMAC_Update()\fR, \fBHMAC_Final()\fR and \fBHMAC_cleanup()\fR
are available since SSLeay 0.9.0.
.PP
\&\fBHMAC_CTX_init()\fR, \fBHMAC_Init_ex()\fR and \fBHMAC_CTX_cleanup()\fR are available
since OpenSSL 0.9.7.
.PP
\&\fBHMAC_Init_ex()\fR, \fBHMAC_Update()\fR and \fBHMAC_Final()\fR did not return values in
versions of OpenSSL before 1.0.0.