Hash-based Authentication Message Code or HMAC is used to authenticate message with hash functions. Message authentication is important mechanism in cyber security and used to check message authenticity. There are different ways and mechanisms for Message Authentication.

Message

Message is the data, text, image or whatever else we want to authenticate. Message is checked against it authenticity with given key by hashing them.

Key

Key is used to known by two sides to check authenticity of the message. As stated previously Message and key added together and hash value is calculated.

Hash Function

Hash function is used to calculate hash value which is unique for give KEY+MESSAGE. Hash function can be sha1 , sha256 or another one.

Create HMAC with OpenSSL

We can use OpenSSL tool inorder to create some HMAC value or hash. We will use echo and openssl commands. We will use sha256 as hash function. We will provide data or message we want to HMAC and then hash it with -hmac and key mysecretkey like below.

$ echo -n "secretmessage.txt" | openssl dgst -sha256 -hmac "mysecretkey"