Documentation

A cached, precomputed hmac key. It comes in two flavors, one that remembers the plaintext key, and one that doesn't, remembering only the precomputed hmac key.

Computing an hmac key typically requires two SHA256 blocks, unless the key itself is more than 64 bytes, in which case precomputing the key will require at least four SHA256 blocks.

An HmacKeyLike context can either be an HmacKey, or a HmacKeyPrefixed.

A precomputed HMAC key. This structure is 64 bytes long, and consists of two SHA256 hashes.

Computing an HMAC key typically costs two SHA256 blocks. No additional blocks are incurred for keys that are 64 bytes or less in length. Keys that are longer than 64 bytes long must be first hashed with SHA256 before the key can be derived, incurring extra block comptuations.

It is not uncommon that implementations of PBKDF2, HKDF, etc unnecessarily redo this computation even though a single HMAC key is used repeatedly.

Technically these "hashes" are unfinished SHA-256 states, as the standard end-of-message padding has yet to be applied. Thus you can't compute these hashes using the most common command-line tools like sha256sum.

The lack of end-of-message padding is also why precomputing HMAC keys on keys up to 64 bytes only requires one SHA-256 block computation for each of the two pads, whereas more typically the boundary for extra block computations happens between the 55th and 56th byte due to end-of-message padding.

Halfway between an HmacKeyHashed and an HmacCtx. It's both an HmacKeyHashed that's gained a counter, and a HmacCtx that's guaranteed to contain no unprocessed input data.

Fixed-size context representing the state of a partial HMAC computation with a complete HMAC key and a partial message parameter. This maintains a buffer of up to 63 unprocessed bytes, so that you may feed it arbitrary bytestring without dealing with buffer boundaries.