HMAC

Bindings for HMAC.

Danger

When comparing the signature to an externally supplied digest during a verification routine, it is mandatory to use a constant-time comparison function such as secrets.compare_digest() from python’s standard library. Not doing so makes it vulnerable to timing attacks.

pyhacl.hmac.hmac_sha256(key: bytes, message: bytes) bytes

Return the HMAC-SHA-2-256 MAC of message using key.

The key can be any length and will be hashed if it is longer and padded if it is shorter than 64 bytes.

Returns:

A 32 bytes signature.

Binding for Hacl_HMAC_compute_sha2_256.

pyhacl.hmac.hmac_sha384(key: bytes, message: bytes) bytes

Return the HMAC-SHA-2-384 MAC of message using key.

The key can be any length and will be hashed if it is longer and padded if it is shorter than 128 bytes.

Returns:

A 48 bytes signature.

Binding for Hacl_HMAC_compute_sha2_384.

pyhacl.hmac.hmac_sha512(key: bytes, message: bytes) bytes

Return the HMAC-SHA-2-256 MAC of message using key.

The key can be any length and will be hashed if it is longer and padded if it is shorter than 128 bytes.

Returns:

A 64 bytes signature.

Binding for Hacl_HMAC_compute_sha2_512.