EVP_PKEY-HMAC(7SSL) | OpenSSL | EVP_PKEY-HMAC(7SSL) |
EVP_PKEY-HMAC, EVP_KEYMGMT-HMAC, EVP_PKEY-Siphash, EVP_KEYMGMT-Siphash, EVP_PKEY-Poly1305, EVP_KEYMGMT-Poly1305, EVP_PKEY-CMAC, EVP_KEYMGMT-CMAC - EVP_PKEY legacy MAC keytypes and algorithm support
The HMAC and CMAC key types are implemented in OpenSSL's default and FIPS providers. Additionally the Siphash and Poly1305 key types are implemented in the default provider. Performing MAC operations via an EVP_PKEY is considered legacy and are only available for backwards compatibility purposes and for a restricted set of algorithms. The preferred way of performing MAC operations is via the EVP_MAC APIs. See EVP_MAC_init(3).
For further details on using EVP_PKEY based MAC keys see EVP_SIGNATURE-HMAC(7), EVP_SIGNATURE-Siphash(7), EVP_SIGNATURE-Poly1305(7) or EVP_SIGNATURE-CMAC(7).
All the MAC keytypes support the following parameters.
As well as the parameters described above, the CMAC keytype additionally supports the following parameters.
MAC key generation is unusual in that no new key is actually generated. Instead a new provider side key object is created with the supplied raw key value. This is done for backwards compatibility with previous versions of OpenSSL.
In addition to the common MAC key generation parameters, the CMAC key generation additionally recognises the following.
Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>.
2023-10-23 | 3.0.11 |