SHA - HMAC Digest

The SHA command may be used to calculate an HMAC Digest instead of an SHA256 Digest. The procedure is essentially the same but requires the use of an internal key and the use of HMAC_START instead of START.

The following procedure is used when no context switching is required:
  1. 1.Issue the SHA command in HMAC_Start mode with key location indicated. No message is included.
  2. 2.Issue the SHA command in Update mode with 1 to 64 bytes of the message.
  3. 3.Repeat step 2 until the total number of bytes of the message has been submitted.
  4. 4.Issue the SHA command in End mode to complete the HMAC Digest calculation.
Table 1. Input Parameters SHA HMAC Mode

Opcode
(1 Byte)

Mode
(1 Byte)

Param2
(2 Bytes)

Data
(Varies by Mode)

Description
0x47 0x04 0x00 0[slot] 0 bytes HMAC Start mode and include a key from a data slot
0x04 0xFF FF 0 bytes HMAC Start mode and include a key from TempKey
0x01 0x00 [ByteCount] 1 to 64 bytes Update mode
0x02 0x00 [ByteCount] 0 to 64 bytes

Finalize mode:  Digest placed in Output Buffer and TempKey

0x42 0x00 [ByteCount] Finalize mode: Digest placed in Output Buffer and Message Digest Buffer
0xC2 0x00 [ByteCount] Finalize mode: Digest placed in Output Buffer only
Table 2. Output Response SHA256 Standard
Name Mode Size Description
Response 0x04, 0x01 1 byte 0x00 if successful, otherwise an error code is received
0x02, 0x42, 0xC2

1 byte
32 bytes

If Error Code
HMAC Digest upon success