> From: owner-openssl-us...@openssl.org On Behalf Of Young, Alistair
> Sent: Wednesday, 04 February, 2009 09:52
> I seem to have some success if I place quotes around the [Linux] command
line:
> $ cat message.bin | openssl dgst -sha256 -hmac "`cat key.bin`" -binary >
mac.bin
(Don't need cat here, just < on the openssl. But that's not your question.)
> But, to complicate things further, I'm trying to invoke this from Java.
> So I have something like:
> byte[] key = ....;
> Runtime.getRuntime().exec("openssl", "dgst", "-sha256", "-hmac",
> "\"" + new String(key) + "\"", "-binary");
> I then pipe my message in, and collect the output from the output stream.
In the Java I have (SDK5=jre1.6.0_02) I can't Runtime.exec multiple strings
like that, I have to put them in an array with {}. (Or a single String, but
then I'm not sure whose parsing rules are used and when.) With a String [],
don't add quotes around the key value. In a shell command, " ' \ are
processed
by the shell before being passed to the program. As are the ` above.
Then it works for me.
> But no joy. I believe this may be because Java does not run the command
within a shell.
> I can try to force the use of the shell:
> Runtime.getRuntime().exec("/bin/bash", "-c", "openssl", "dgst",
"-sha256",
> "-hmac", "\"" + new String(key) + "\"", "-binary");
> But now my piped message either seems to get interpreted as an openssl
command
> (so I just get something like "&%$£&$ is an invalid command" followed by a
list
> of the standard openssl commands) or I get an "unexpected EOF while
looking
> for matching `"'" error.
You don't need a shell, but if you want one, -c takes the entire command
(line)
as the single next argument. Your call is telling bash to do just "openssl",
so it runs openssl with no arguments, and openssl tries to interpret stdin.
Here you WOULD need " around non-text key so shell parses it correctly,
and I think actually ' if it contains $ or ` which shell does interpret
inside ", and I think you need to \ any quote or \ in it. I would avoid
that.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
