Kyle Hamilton wrote:
What is it that you're trying to do with the CLI? We might be able to
assist with that.
Thanks Kyle. I'm actually doing 2 separate things. I'll list the 2nd
one in a separate thread.
I'm using openssl version 0.9.8e
This task is simply to generate a sha1 HMAC across some binary data. I
could not figure out the command line syntax to invoke that function and
also how to pass it the parameters. After a couple of hours of reading
source code and experimenting, I found the following syntax:
to generate an HMAC across the binary file myfile.bin, using the key
MYKEY (ASCII), the syntax is:
openssl sha1 -hmac MYKEY myfile.bin
This is OK if your key happens to be text, but I'm stuck on how to pass
a binary key. After figuring out the basic syntax, my new problem is
that the real key is random binary stuff, and I don't know if there is a
way to pass it on the command line. I have scrutinized the source code
and as far as I can tell there's just no way to pass an argument to tell
it to read the key from a file. Nor is there a way to tell it to
interpret the key as ASCII hex, e.g.:
openssl sha1 -hmac 0102030405060708090a0b0c0d0e0f myfile.bin
or:
openssl sha1 -hmac 0x0102030405060708090a0b0c0d0e0f myfile.bin
The code to parse that does not seem to exist in openssl, at least where
it is parsing the HMAC key command line argument (dgst.c line 197).
So I'm wondering if I can work around this by invoking some shell
functionality to parse the ASCII hex. Does Linux or Windows have some
shell functionality that has the shell parse the ASCII hex parameter and
feed it in as binary? Or maybe there is some other way?
As for documentation, write it up and email it as an attachment to
[EMAIL PROTECTED] rt is the request tracker, and it'll make it possible
to keep track of its status.
Great, thanks! I could not find even any mention of the existence of
hmac functionality in any of the man pages or command line help. I'm
more than happy to write up whatever I can find and figure out on this.
-Kyle H
On 5/24/07, Peter Kuykendall [EMAIL PROTECTED] wrote:
I'm trying to use a couple of simple functions of the openssl CLI and
can't figure it out from the docs nor the mailing list archives. Since
it seems that I'm going to have to review the source code to understand
the proper syntax, I'd like to expand the documentation to share this
knowledge after I discover it.
How can I make this contribution?
Thanks - Pete
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
