--- title: digest.hmac_md5_base64 summary: null url: >- https://www.fastly.com/documentation/reference/vcl/functions/cryptographic/digest-hmac-md5-base64 --- ``` STRING digest.hmac_md5_base64(STRING key, STRING s) ``` **Available in:** all subroutines Returns the HMAC-MD5 of `message` using `key`, encoded as a Base64 string. ## Parameters | Parameter | Type | Description | | --------- | ------ | ----------------------------------- | | `key` | STRING | The secret key for HMAC computation | | `message` | STRING | The message to authenticate | The `key` is used directly as the HMAC key. For keys longer than 64 bytes (the MD5 block size), the key is first hashed with MD5 before use, as specified in RFC 2104. ## Return value Returns a 24-character Base64-encoded string representing the 128-bit (16-byte) HMAC, using standard Base64 encoding (RFC 4648 Section 4) with padding. Example output: `NriaqnJWBjiFJwOsukhLKw==` If `key` is empty or not set, the function returns an empty string (not set). ## Security Unlike plain MD5, no practical attack breaks HMAC-MD5 as an authenticator. However, it is no longer recommended and should only be used when required for compatibility with legacy systems that cannot be upgraded. ## Base64 encoding This function uses standard Base64 encoding as defined in RFC 4648 Section 4: | Property | Value | | -------- | ----------------- | | Alphabet | `A-Za-z0-9+/` | | Padding | `=` (always used) | ## Example ```vcl declare local var.hmac STRING; set var.hmac = digest.hmac_md5_base64("secret-key", "hello world"); # Result: NriaqnJWBjiFJwOsukhLKw== ``` To verify this output using OpenSSL: ```term $ echo -n "hello world" | openssl dgst -md5 -hmac "secret-key" -binary | openssl base64 NriaqnJWBjiFJwOsukhLKw== ``` ## Security considerations ### Prefer SHA-256 for new applications ```vcl # Recommended for new code set var.signature = digest.hmac_sha256_base64(var.key, var.message); # NOT recommended - only for legacy compatibility set var.legacy_signature = digest.hmac_md5_base64(var.key, var.message); ``` ### Constant-time comparison When comparing HMAC values for authentication, always use `digest.secure_is_equal()` to prevent timing attacks. String comparison with `==` leaks information about which bytes matched, potentially allowing an attacker to forge valid authentication tags: ```vcl if (!digest.secure_is_equal(var.expected, var.actual)) { error 401 "Invalid signature"; } ``` ## Related content - `digest.hmac_md5()` - Returns hex-encoded output with `0x` prefix. - `digest.hmac_sha256_base64()` - HMAC-SHA256 with Base64 output (recommended). - `digest.secure_is_equal()` - Constant-time string comparison.