Document the HMAC options in manual page.

babeld.man

@@ -312,6 +312,22 @@ This specifies the name of the file to which
 .B babeld
 writes out its process id, and is equivalent to the command-line option
 .BR \-I .
+.TP
+.BI "key id" " id" " type" " type" " value" " value"
+Configure a key for use with the
+.B hmac
+interface option.  The
+.B type
+is one of
+.B hmac-sha256
+or
+.BR blake2s .
+The
+.B value
+is a hexadecimal string (up to 64 bytes for
+.BR hmac-sha256 ,
+exactly 16 bytes for
+.BR blake2s ).
 .SS Interface configuration
 An interface is configured by a line with the following format:
 .IP
@@ -404,11 +420,6 @@ otherwise.
 Send multiple copies of TLVs other than Hellos to all neighbours rather
 than sending a single multicast packet.  The default is false.
 .TP
-.BR no_hmac_verify " {" true | false }
-Do not check packet signatures, accept unsigned or incorrectly signed packets
-even if one or more keys are configured on the interface.  The default is
-.BR false .
-.TP
 .BR rfc6126\-compatible " {" true | false }
 Disable some features that are incompatible with RFC 6126 (the older
 version of the Babel protocol), such as source-specific routing and RTT
@@ -447,6 +458,16 @@ if the interface is of type
 and
 .BR 0
 otherwise.
+.TP
+.BI hmac " id"
+Enable HMAC security on this interface, and use the key
+.IR id .
+.TP
+.BR no_hmac_verify " {" true | false }
+Do not check packet signatures, accept unsigned or incorrectly signed packets
+even if one or more keys are configured on the interface.  The default is
+.BR false .
+.TP
 .SS Filtering rules
 A filtering rule is defined by a single line with the following format:
 .IP