3.5.1 What is HMAC?
The Message Authentication Code (MAC) function is essentially a hash function with two
arguments instead of one: a secret key and an arbitrarylength message. The MAC protects
both the message's data integrity and authenticity. For the MAC to work, all parties
involved in the secure exchange of messages must share a secret key.
Conceptually, the MAC is simply a hash function applied to the secret key
and message concatenated together, as follows (the "+" sign denotes concatenation):
MAC(Secret, Message) = Hash(Secret + Message)
The MAC is then sent alongside the message. The whole "envelope" is often encrypted.
The recipient of the MACequipped message concatenates his own copy of the secret key with the message and
computes his own MAC. If the MAC values match, the message is authenticated and its data integrity is verified.
A MAC is therefore similar to a digital signature but is based on the shared knowledge of a secret key instead of
publickey cryptography.
In a real world, the simple formula shown above is not used as it is vulnerable to various
cryptographic attacks. A more complicated formula, referred to as HMAC, is used instead.
HMAC uses two nested invocations of the hash functions as well as two concatenations and two XOR operations,
as follows:
HMAC(Secret, Message) = Hash((Secret ^ opad) + Hash((Secret ^ ipad) + Message))
The "^" symbol denotes a bitwise XOR operation, and
opad and ipad are byte sequences 0x5c5c5c... and 0x363636... respectively.
The HMAC function is considered secure and resistant to most cryptographic attacks.
It is heavily used in the Secure Socket Layer (SSL) and Transport Layer Security (TLS) protocols,
among other areas.
HMAC can be based on any hash algorithm such as MD5, SHA or SHA256. The HMAC functions based on MD5, SHA, etc.
are often denoted as HMAC_MD5, HMAC_SHA, etc.
The length of the HMAC output
equals that of the underlying hash function (16 bytes for HMAC_MD5, 20 bytes for HMAC_SHA, etc.)
3.5.2 AspEncrypt's HMAC Support
Starting with Version 2.6, AspEncrypt is capable of computing the HMAC function
via the CryptoContext method ComputeHmac. This method expects a hash algorithm
such as calgMD5 or calgSHA as the first argument, and CryptoBlob
objects containing the secret key and message as the 2nd and 3rd arguments, respectively.
The method returns an instance of the CryptoBlob object populated with the HMAC value.
The following code snippet computes the HMAC_MD5 and HMAC_SHA functions of the secret "my secret key" and
message "Hello World!!!". Note that HMAC_SHA256, HMAC_SHA384 and HMAC_SHA512 require
the Microsoft Enhanced RSA and AES Cryptographic Provider.
VBScript 
Set CM = Server.CreateObject("Persits.CryptoManager")
Set Context = CM.OpenContext( "", True )
Set KeyBlob = CM.CreateBlob
KeyBlob.Ansi = "my secret key"
Set MessageBlob = CM.CreateBlob
MessageBlob.Ansi = "Hello World!!!"
Set Hmac_MD5 = Context.ComputeHmac( calgMD5, KeyBlob, MessageBlob )
Set Hmac_SHA = Context.ComputeHmac( calgSHA, KeyBlob, MessageBlob )
Response.Write Hmac_MD5.Hex & "<BR>" & Hmac_SHA.Hex

C# 
ICryptoManager objCM = new CryptoManager();
ICryptoContext objContext = objCM.OpenContext( "", true, Missing.Value );
ICryptoBlob objKeyBlob = objCM.CreateBlob();
objKeyBlob.Ansi = "my secret key";
ICryptoBlob objMessageBlob = objCM.CreateBlob();
objMessageBlob.Ansi = "Hello World!!!";
ICryptoBlob objHmac_MD5 = objContext.ComputeHmac(
CryptoAlgorithms.calgMD5, objKeyBlob, objMessageBlob );
ICryptoBlob objHmac_SHA = objContext.ComputeHmac(
CryptoAlgorithms.calgSHA, objKeyBlob, objMessageBlob );
txtResult.Text = objHmac_MD5.Hex + "<BR>" + objHmac_SHA.Hex; 
The expected result is:
1256FE2C118C633AC4B0E65C9A11C3C6
E0C1A89DB5CCB48A07FA728554E200F95C647D9B