Wolfram Research

Function Repository Resource:

HMAC

Source Notebook

Cryptographic hash-based message authentication code used to verify data integrity and authenticity

Contributed by: Dariia Porechna, Wolfram Research

ResourceFunction["HMAC"][expr, key]

calculates message authentication code for expr using secret key key and the SHA256 hash function.

ResourceFunction["HMAC"][expr, key, hash]

calculates message authentication code for expr using secret key key and hash function hash.

Details

For any input expr, ResourceFunction["HMAC"][expr,] first converts expr to bytes according to:
expr byte representation obtained by BinarySerialize
"string" bytes in the UTF-8 representation of string
ByteArray [ ] literal bytes in the byte array
The key can be a SymmetricKey object, a ByteArray, a list of byte values or a string.
ResourceFunction["HMAC"] supports the following hash functions:
"MD2" 128-bit MD2 code
"MD4" 128-bit MD4 code
"MD5" 128-bit MD5 code
"SHA" 160-bit SHA-1 code
"SHA224" 224-bit SHA code
"SHA256" 256-bit SHA code (default)
"SHA384" 384-bit SHA code
"SHA512" 512-bit SHA code
"RIPEMD160" 160-bit RIPEMD code
"RIPEMD160SHA256" RIPEMD-160 following SHA-256 (as used in Bitcoin)
"SHA256SHA256" double SHA-256 code (as used in Bitcoin)
"SHA3-224" 224-bit SHA3 code
"SHA3-256" 256-bit SHA3 code
"SHA3-384" 384-bit SHA3 code
"SHA3-512" 512-bit SHA3 code
"Keccak224" 224-bit Keccak code
"Keccak256" 256-bit Keccak code
"Keccak384" 384-bit Keccak code
"Keccak512" 512-bit Keccak code
The size of the output of ResourceFunction["HMAC"] is equal to the size of the output of the hash function.
The implementation complies with the RFC2104 specification for HMAC.

Examples

Basic Examples (4) 

Compute message authentication code using the default SHA256 hash and a secret key:

In[1]:=
key = GenerateSymmetricKey[]
Out[1]=
In[2]:=
ResourceFunction["HMAC"][Graphics[Disk[]], key]
Out[2]=

Compute a SHA3-based message authentication code:

In[3]:=
key = GenerateSymmetricKey[];
In[4]:=
ResourceFunction[
 "HMAC"]["The quick brown fox jumps over the lazy dog", key, "SHA3-256"]
Out[4]=

Compute HMAC using a password as a key:

In[5]:=
ResourceFunction[
 "HMAC"]["The quick brown fox jumps over the lazy dog", "password"]
Out[5]=

Use a ByteArray key directly:

In[6]:=
key = ByteArray[{11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11}];
In[7]:=
ResourceFunction[
 "HMAC"]["The quick brown fox jumps over the lazy dog", key]
Out[7]=

Scope (1) 

For ByteArray or string message, literal bytes are used in HMAC computation:

In[8]:=
key = ByteArray[{11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11}];
In[9]:=
 ResourceFunction["HMAC"]["abc", key] == ResourceFunction["HMAC"][StringToByteArray["abc"], key]
Out[9]=

Properties and Relations (1) 

Use BaseEncode to convert byte array output to string encodings:

In[10]:=
hmac = ResourceFunction["HMAC"]["message", ByteArray[{11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11}]];
In[11]:=
BaseEncode[hmac]
Out[11]=
In[12]:=
BaseEncode[hmac, "Base16"]
Out[12]=

Resource History

Source Metadata

Author Notes

SHA224 works in 12.2, others should work in prior versions as well.

License Information