hash_hmac

(PHP 5 >= 5.1.2, PHP 7, PHP 8, PECL hash >= 1.1)

hash_hmacGenerate a keyed hash value using the HMAC method

Description

hash_hmac(
    string $algo,
    string $data,
    #[\SensitiveParameter] string $key,
    bool $binary = false
): string

Parameters

algo

Name of selected hashing algorithm (i.e. "md5", "sha256", "haval160,4", etc..) See hash_hmac_algos() for a list of supported algorithms.

data

Message to be hashed.

key

Shared secret key used for generating the HMAC variant of the message digest.

binary

When set to true, outputs raw binary data. false outputs lowercase hexits.

Return Values

Returns a string containing the calculated message digest as lowercase hexits unless binary is set to true in which case the raw binary representation of the message digest is returned.

Errors/Exceptions

Throws a ValueError exception if algo is unknown or is a non-cryptographic hash function.

Changelog

Version Description
8.0.0 Now throws a ValueError exception if algo is unknown or is a non-cryptographic hash function; previously, false was returned instead.
7.2.0 Usage of non-cryptographic hash functions (adler32, crc32, crc32b, fnv132, fnv1a32, fnv164, fnv1a64, joaat) was disabled.

Examples

Example #1 hash_hmac() example

<?php
echo hash_hmac('sha256', 'The quick brown fox jumped over the lazy dog.', 'secret');
?>

The above example will output:

9c5c42422b03f0ee32949920649445e417b2c634050833c5165704b825c2a53b

See Also

  • hash() - Generate a hash value (message digest)
  • hash_hmac_algos() - Return a list of registered hashing algorithms suitable for hash_hmac
  • hash_init() - Initialize an incremental hashing context
  • hash_hmac_file() - Generate a keyed hash value using the HMAC method and the contents of a given file
  • hash_equals() - Timing attack safe string comparison