Is there a way to securely pass an exact key to "openssl enc"? The "-pass" option is looking for a password that it will pass though a key derivation function (IIUC), but I want to specify the exact binary key to use without it being passed though a key derivation function. The "-K" option would fit my needs, except that since it requires the key to be put on the literal command line, it exposes the key to other users on the same system (they can run "ps -f").
I'm looking for something like "-pass file:<keyfile>" (to keep the key off the command line) except I want to bypass the key derivation function. (If I were hashing instead of encoding I would just use "openssl sha1 -sign hmac.pem".) Michael D. Adams ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
