Module esp32c3_hal::hmac

source ·
Expand description

HMAC Accelerator

Overview

The Hash-based Message Authentication Code (HMAC) module computes Message Authentication Codes (MACs) using Hash algorithm and keys as described in RFC 2104. The hash algorithm is SHA-256, the 256-bit HMAC key is stored in an eFuse key block and can be set as read-protected, i. e., the key is not accessible from outside the HMAC accelerator itself.

The HMAC module can be used in two modes - in ”upstream” mode the HMAC message is supplied by the user and the calculation result is read back by the user. In ”downstream” mode the HMAC module is used as a Key Derivation Function (KDF) for other internal hardwares.

Main features

  • Standard HMAC-SHA-256 algorithm.
  • Hash result only accessible by configurable hardware peripheral (in downstream mode).
  • Compatible to challenge-response authentication algorithm.
  • Generates required keys for the Digital Signature (DS) peripheral (in downstream mode).
  • Re-enables soft-disabled JTAG (in downstream mode).

Availability on ESP32 family

The accelerator is available on ESP32-S2, ESP32-S3, ESP32-C3 and ESP32-C6.

HMAC padding

The HMAC padding is handled by the driver. In downstream mode, users do not need to input any message or apply padding. The HMAC module uses a default 32-byte pattern of 0x00 for re-enabling JTAG and a 32-byte pattern of 0xff for deriving the AES key for the DS module.

Structs

Enums

  • Error
    HMAC interface error
  • HmacPurpose
    The peripheral can be configured to deliver its output directly to the user. It can also deliver to other peripherals.
  • KeyId