Generic Structure

HMAC

A hash-based message authentication algorithm.

Declaration

struct HMAC<H> where H : HashFunction

Overview

Use hash-based message authentication to create a code with a value that’s dependent on both a block of data and a symmetric cryptographic key. Another party with access to the data and the same secret key can compute the code again and compare it to the original to detect whether the data changed. This serves a purpose similar to digital signing and verification, but depends on a shared symmetric key instead of public-key cryptography.

As with digital signing, the data isn’t hidden by this process. When you need to encrypt the data as well as authenticate it, use a cipher like AES or ChaChaPoly to put the data into a sealed box (an instance of AES.GCM.SealedBox or ChaChaPoly.SealedBox).

Topics

Getting a Key

typealias HMAC.Key

An alias for the symmetric key type used to compute or verify a message authentication code.

struct SymmetricKey

A symmetric cryptographic key.

Working with Codes

typealias HMAC.MAC

An alias for a hash-based message authentication code.

struct HashedAuthenticationCode

A hash-based message authentication code.

protocol MessageAuthenticationCode

A type that represents a message authentication code.

Creating an Authentication Code with One Call

static func authenticationCode<D>(for: D, using: SymmetricKey) -> HMAC<H>.MAC

Computes a message authentication code for the given data.

Creating an Authentication Code Iteratively

init(key: SymmetricKey)

Creates a message authentication code generator.

func update<D>(data: D)

Updates the message authentication code computation with a block of data.

func finalize() -> HMAC<H>.MAC

Finalizes the message authentication computation and returns the computed code.

Checking an Authentication Code

static func isValidAuthenticationCode<D>(HMAC<H>.MAC, authenticating: D, using: SymmetricKey) -> Bool

Returns a Boolean indicating whether the given code is valid for a block of data.

static func isValidAuthenticationCode(HMAC<H>.MAC, authenticating: UnsafeRawBufferPointer, using: SymmetricKey) -> Bool

Returns a Boolean indicating whether the given code is valid for a block of data stored in a buffer.

static func isValidAuthenticationCode<D>(ContiguousBytes, authenticating: D, using: SymmetricKey) -> Bool

Returns a Boolean indicating whether the given code represented as a contiguous bytes is valid for a block of data.

See Also

Message Authentication Codes

struct SymmetricKey

A symmetric cryptographic key.

Beta

Beta Software

This documentation contains preliminary information about an API or technology in development. This information is subject to change, and software implemented according to this documentation should be tested with final operating system software.

Learn more about using Apple's beta software