>From: [email protected] On Behalf Of Ed Gonzales >Sent: Tuesday, 28 May, 2013 17:35
>So how would i compare modulus in OpenSSL windows and use the >pipe option? Run OpenSSL in non interactive mode? I just tried >to use the "-batch" option and it don't recognize that either.. >is there a file to edit? There is no general -batch option (only one I recall is 'ca'). There is a config file used by some utilities but not the ones you want here. First, note you can compare the actual modulus (moduli) without going through hashing: x> openssl x509 -in certfile -noout -modulus x> openssl rsa -in pkeyfile -noout -modulus (You can also use redirection <file instead of -in file here.) Decently-chosen RSA moduli (not manipulated by an attacker) have plenty of entropy in the first ~10 octets (~20 hexits). But if you prefer a hash here -- or for other things like a cert-fingerprint or data from a pkcs7/etc -- the usual pipe syntax should work in the standard CMD.EXE (assuming openssl is available in your PATH, using PATHEXT): C:\somewhere> openssl x509 -in certfile -noout -modulus | openssl sha1 Make sure you don't have the | in "quotes" or preceded by ^uparrow. If you use a non-US keyboard, make sure it's codepoint U+005C not some other character that looks the same (such as U+2502, although I don't think that can be entered into a console window). If that doesn't work identify your version(s?) of Windows, and try a simpler case like echo quack | findstr q If you aren't using CMD.EXE (which Microsoft usually calls Command Prompt) answers may be different. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [email protected]
