Keyed-hashing for message authentication
# Functional style use Digest::HMAC qw(hmac hmac_hex); $digest = hmac($data, $key, \&myhash); print hmac_hex($data, $key, \&myhash); # OO style use Digest::HMAC; $hmac = Digest::HMAC->new($key, "Digest::MyHash"); $hmac->add($data); $hmac->addfile(*FILE); $digest = $hmac->digest; $digest = $hmac->hexdigest; $digest = $hmac->b64digest;
\s-1HMAC\s0 is used for message integrity checks between two parties that share a secret key, and works in combination with some other Digest algorithm, usually \s-1MD5\s0 or \s-1SHA-1\s0. The \s-1HMAC\s0 mechanism is described in \s-1RFC\s0 2104.
\s-1HMAC\s0 follow the common \*(C`Digest::\*(C' interface, but the constructor takes the secret key and the name of some other simple \*(C`Digest::\*(C' as argument.
The hmac() and hmac_hex() functions and the Digest::HMAC->new() constructor takes an optional $blocksize argument as well. The \s-1HMAC\s0 algorithm assumes the digester to hash by iterating a basic compression function on blocks of data and the $blocksize should match the byte-length of such blocks.
The default $blocksize is 64 which is suitable for the \s-1MD5\s0 and \s-1SHA-1\s0 digest functions. For stronger algorithms the blocksize probably needs to be increased.
Digest::HMAC_MD5, Digest::HMAC_SHA1
\s-1RFC\s0 2104
Graham Barr <[email protected]>, Gisle Aas <[email protected]>