mac - calculate message authentication codes of the input
/usr/bin/mac -l
/usr/bin/mac [-v] -a algorithm [-k keyfile | -K key_label [-T token_spec]] [file]...
The mac utility calculates the message authentication code (MAC) of the given file or files or stdin using the algorithm specified.
If more than one file is given, each line of output is the MAC of a single file.
The following options are supported:
-a algorithm
-k keyfile
For information on generating a key file, see pktool(1), dd(1M) or the System Administration Guide: Security Services.
-K key_label
-l
-T token_spec
token_spec has the format of:
token_name [:manuf_id [:serial_no]]
When a token label contains trailing spaces, this option does not require them to be typed as a convenience to the user.
Colon separates token identification string. If any of the parts have a literal colon (:) character, it must be escaped by a backslash (\). If a colon (:) is not found, the entire string (up to 32 characters) is taken as the token label. If only one colon (:) is found, the string is the token label and the manufacturer.
-v
The supported algorithms are displayed with the -l option. These algorithms are provided by the cryptographic framework. Each supported algorithm is an alias to the most commonly used and least restricted version of a particular algorithm type. For example, md5_hmac is an alias to CKM_MD5_HMAC.
These aliases are used with the -a option and are case-sensitive.
When the -k option is not used during encryption and decryption tasks, the user is prompted for a passphrase. The passphrase is manipulated into a more secure key using the PBKDF2 algorithm specified in PKCS #5.
Example 1 Listing Available Algorithms
The following example lists available algorithms:
example$ mac -l Algorithm Keysize: Min Max ----------------------------------- des_mac 64 64 sha1_hmac 8 512 md5_hmac 8 512 sha256_hmac 8 512 sha384_hmac 8 1024 sha512_hmac 8 1024
Example 2 Getting the Message Authentication Code
The following example gets the message authentication code for a file:
example$ mac -v -k mykey -a sha1_hmac /export/foo sha1_hmac (/export/foo) = 913ced311df10f1708d9848641ca8992f4718057
Example 3 Getting the Message Authentication Code with a Token Key
The following example gets the message authentication code with a generic token key in the soft token keystore. The generic token key can be generated with pktool(1):
encrypt -v -a sha1_hmac -K my_generic_key \ -T "Sun Software PKCS#11 softtoken" /export/foo Enter pin for Sun Software PKCS#11 softtoken: sha1_hmac (/etc/foo) = c2ba5c38458c092a68940081240d22b670182968
The following exit values are returned:
0
>0
See attributes(5) for descriptions of the following attributes:
|
digest(1), pktool(1), dd(1M), getpassphrase(3C), libpkcs11(3LIB), attributes(5), pkcs11_softtoken(5)
System Administration Guide: Security Services
RSA PKCS#11 v2.20 and RSA PKCS#5 v2.0, http://www.rsasecurity.com
Закладки на сайте Проследить за страницей |
Created 1996-2024 by Maxim Chirkov Добавить, Поддержать, Вебмастеру |