Key for HMAC Algorithm [closed]

As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance. Closed 11 years ago.

How to generate the secret key for the HMAC algorithm as I have to use it for data verification at the other cl开发者_如何学Goients end?

Thanks in advance.

---

The HMAC key must be pre-shared between the server and the client (both must known the key before you exchange messages).

You can generate the key in any way you want, for example by reading some bytes from /dev/random:

$fd = fopen('/dev/random', 'r');
$bytes = fread($fd, '64);

Then you can calculate the HMAC using hash_hmac:

$hash = hash_hmac('sha1', $data, $key);