Module esp32c3_hal::hmac

Expand description

HMAC Accelerator

Overview

The Hash-based Message Authentication Code (HMAC) module computes Message Authentication Codes (MACs) using Hash algorithm and keys as described in RFC 2104. The hash algorithm is SHA-256, the 256-bit HMAC key is stored in an eFuse key block and can be set as read-protected, i. e., the key is not accessible from outside the HMAC accelerator itself.

The HMAC module can be used in two modes - in ”upstream” mode the HMAC message is supplied by the user and the calculation result is read back by the user. In ”downstream” mode the HMAC module is used as a Key Derivation Function (KDF) for other internal hardwares.

Main features

Standard HMAC-SHA-256 algorithm.
Hash result only accessible by configurable hardware peripheral (in downstream mode).
Compatible to challenge-response authentication algorithm.
Generates required keys for the Digital Signature (DS) peripheral (in downstream mode).
Re-enables soft-disabled JTAG (in downstream mode).

Availability on ESP32 family

The accelerator is available on ESP32-S2, ESP32-S3, ESP32-C3 and ESP32-C6.

HMAC padding

The HMAC padding is handled by the driver. In downstream mode, users do not need to input any message or apply padding. The HMAC module uses a default 32-byte pattern of 0x00 for re-enabling JTAG and a 32-byte pattern of 0xff for deriving the AES key for the DS module.

Structs

Hmac

Enums

Error
HMAC interface error
HmacPurpose
The peripheral can be configured to deliver its output directrly to the user. It can also deliver to other periperals.
KeyId