MAC#
A Message Authentication Code (MAC) provides data integrity and authenticity of a message.
HMAC#
An HMAC is a specific construction of a MAC that involves a cryptographic hash function (see RFC 2104). Thus, an HMAC comes in multiple instantiations. HACL Packages supports the following ones:
HMAC-BLAKE2b,
HMAC-BLAKE2s,
HMAC-SHA-2-256,
HMAC-SHA-2-384,
HMAC-SHA-2-512, and
HMAC-SHA-1.
Keys must be chosen using a cryptographically strong pseudo-random generator and periodically refreshed. Note that the key can be of any length up to the specific block length of the used hash algorithm. This is also mentioned in the API reference below.
Implementations#
This implementation works on any CPU.
Support for VEC128 is needed. Please see the HACL Packages book.
Support for VEC256 is needed. Please see the HACL Packages book.
API Reference#
BLAKE2b#
-
void Hacl_HMAC_compute_blake2b_32(uint8_t *dst, uint8_t *key, uint32_t key_len, uint8_t *data, uint32_t data_len)#
Write the HMAC-BLAKE2b MAC of a message (
data
) by using a key (key
) intodst
.The key can be any length and will be hashed if it is longer and padded if it is shorter than 128 bytes.
dst
must point to 64 bytes of memory.
-
void Hacl_HMAC_Blake2b_256_compute_blake2b_256(uint8_t *dst, uint8_t *key, uint32_t key_len, uint8_t *data, uint32_t data_len)#
Write the HMAC-BLAKE2b MAC of a message (
data
) by using a key (key
) intodst
.The key can be any length and will be hashed if it is longer and padded if it is shorter than 128 bytes.
dst
must point to 64 bytes of memory.
BLAKE2s#
-
void Hacl_HMAC_compute_blake2s_32(uint8_t *dst, uint8_t *key, uint32_t key_len, uint8_t *data, uint32_t data_len)#
Write the HMAC-BLAKE2s MAC of a message (
data
) by using a key (key
) intodst
.The key can be any length and will be hashed if it is longer and padded if it is shorter than 64 bytes.
dst
must point to 32 bytes of memory.
-
void Hacl_HMAC_Blake2s_128_compute_blake2s_128(uint8_t *dst, uint8_t *key, uint32_t key_len, uint8_t *data, uint32_t data_len)#
Write the HMAC-BLAKE2s MAC of a message (
data
) by using a key (key
) intodst
.The key can be any length and will be hashed if it is longer and padded if it is shorter than 64 bytes.
dst
must point to 32 bytes of memory.
SHA-2#
-
void Hacl_HMAC_compute_sha2_256(uint8_t *dst, uint8_t *key, uint32_t key_len, uint8_t *data, uint32_t data_len)#
Write the HMAC-SHA-2-256 MAC of a message (
data
) by using a key (key
) intodst
.The key can be any length and will be hashed if it is longer and padded if it is shorter than 64 bytes.
dst
must point to 32 bytes of memory.
-
void Hacl_HMAC_compute_sha2_384(uint8_t *dst, uint8_t *key, uint32_t key_len, uint8_t *data, uint32_t data_len)#
Write the HMAC-SHA-2-384 MAC of a message (
data
) by using a key (key
) intodst
.The key can be any length and will be hashed if it is longer and padded if it is shorter than 128 bytes.
dst
must point to 48 bytes of memory.
-
void Hacl_HMAC_compute_sha2_512(uint8_t *dst, uint8_t *key, uint32_t key_len, uint8_t *data, uint32_t data_len)#
Write the HMAC-SHA-2-512 MAC of a message (
data
) by using a key (key
) intodst
.The key can be any length and will be hashed if it is longer and padded if it is shorter than 128 bytes.
dst
must point to 64 bytes of memory.
SHA-1#
Warning
doxygenfunction: Cannot find function “Hacl_HMAC_legacy_compute_sha1” in doxygen xml output for project “HACL Packages” from directory: ../../build/doxygen/xml/