xref: /freebsd/crypto/openssl/doc/man7/EVP_MAC-HMAC.pod (revision f81cdf24ba5436367377f7c8e8f51f6df2a75ca7)
1=pod
2
3=head1 NAME
4
5EVP_MAC-HMAC - The HMAC EVP_MAC implementation
6
7=head1 DESCRIPTION
8
9Support for computing HMAC MACs through the B<EVP_MAC> API.
10
11This implementation uses EVP_MD functions to get access to the underlying
12digest.
13
14=head2 Identity
15
16This implementation is identified with this name and properties, to be
17used with EVP_MAC_fetch():
18
19=over 4
20
21=item "HMAC", "provider=default" or "provider=fips"
22
23=back
24
25=head2 Supported parameters
26
27The general description of these parameters can be found in
28L<EVP_MAC(3)/PARAMETERS>.
29
30The following parameter can be set with EVP_MAC_CTX_set_params():
31
32=over 4
33
34=item "key" (B<OSSL_MAC_PARAM_KEY>) <octet string>
35
36Sets the MAC key.
37Setting this parameter is identical to passing a I<key> to L<EVP_MAC_init(3)>.
38
39=item "digest" (B<OSSL_MAC_PARAM_DIGEST>) <UTF8 string>
40
41Sets the name of the underlying digest to be used.
42
43=item "properties" (B<OSSL_MAC_PARAM_PROPERTIES>) <UTF8 string>
44
45Sets the properties to be queried when trying to fetch the underlying digest.
46This must be given together with the digest naming parameter ("digest", or
47B<OSSL_MAC_PARAM_DIGEST>) to be considered valid.
48
49=item "digest-noinit" (B<OSSL_MAC_PARAM_DIGEST_NOINIT>) <integer>
50
51A flag to set the MAC digest to not initialise the implementation
52specific data.
53The value 0 or 1 is expected.
54
55=item "digest-oneshot" (B<OSSL_MAC_PARAM_DIGEST_ONESHOT>) <integer>
56
57A flag to set the MAC digest to be a one-shot operation.
58The value 0 or 1 is expected.
59
60=item "tls-data-size" (B<OSSL_MAC_PARAM_TLS_DATA_SIZE>) <unsigned integer>
61
62=back
63
64=for comment The "flags" parameter is passed directly to HMAC_CTX_set_flags().
65
66The following parameter can be retrieved with EVP_MAC_CTX_get_params():
67
68=over 4
69
70=item "size" (B<OSSL_MAC_PARAM_SIZE>) <unsigned integer>
71
72The "size" parameter can also be retrieved with EVP_MAC_CTX_get_mac_size().
73The length of the "size" parameter is equal to that of an B<unsigned int>.
74
75=back
76
77=over 4
78
79=item "block-size" (B<OSSL_MAC_PARAM_BLOCK_SIZE>) <unsigned integer>
80
81Gets the MAC block size.  The "block-size" parameter can also be retrieved with
82EVP_MAC_CTX_get_block_size().
83
84=back
85
86=head1 SEE ALSO
87
88L<EVP_MAC_CTX_get_params(3)>, L<EVP_MAC_CTX_set_params(3)>,
89L<EVP_MAC(3)/PARAMETERS>, L<OSSL_PARAM(3)>, L<HMAC(3)>
90
91=head1 COPYRIGHT
92
93Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved.
94
95Licensed under the Apache License 2.0 (the "License").  You may not use
96this file except in compliance with the License.  You can obtain a copy
97in the file LICENSE in the source distribution or at
98L<https://www.openssl.org/source/license.html>.
99
100=cut
101