Chapter 5 Non-Cryptographic Operations 161
Hash-Based Message Authentication Code
Hash-Based Message Authentication
Code (HMAC)
A hash-based message authentication code (HMAC) combines a secret key with a
message digest to create a message authentication code. See “Hash-Based Message
Authentication Codes (HMAC)” on page 49 for a description of the algorithm.
Crypto-C provides an HMAC implementation based on SHA1. Recall that SHA1
produces a 20-byte digest and takes input in 64-byte blocks.
The example in this section corresponds to the file
Step 1: Creating an Algorithm Object
Declare a variable of type B_ALGORITHM_OBJ. As defined in the function prototype in
Chapter 4 of the Reference Manual, its address is the argument for
Step 2: Setting the Algorithm Object
There is only one AI for hash-based message authentication codes, AI_HMAC. The
Reference Manual Chapter 2 entry for
AI_HMAC states that the format of
supplied to
B_SetAlgorithmInfo is a pointer to a B_DIGEST_SPECIFIER structure:
The only choice for
in Crypto-C is AI_SHA1. In the case of AI_SHA1,
should be set to NULL_PTR:
if ((status = B_CreateAlgorithmObject (&HMACDigester)) != 0)
typedef struct {
B_INFO_TYPE digestInfoType;
POINTER digestInfoParams;