The OpenNET Project / Index page

[ новости/++ | форум | wiki | теги | ]

Интерактивная система просмотра системных руководств (man-ов)

 ТемаНаборКатегория 
 
 [Cписок руководств | Печать]

mac (1)
  • >> mac (1) ( Solaris man: Команды и прикладные программы пользовательского уровня )
  • mac (3) ( FreeBSD man: Библиотечные вызовы )
  • mac (4) ( FreeBSD man: Специальные файлы /dev/* )
  • mac (9) ( FreeBSD man: Ядро )
  • Ключ mac обнаружен в базе ключевых слов.
  •  

    NAME

    mac - calculate message authentication codes of the input
     
    

    SYNOPSIS

    /usr/bin/mac -l
    

    /usr/bin/mac [-v] -a algorithm
      [-k keyfile | -K key_label [-T token_spec]] [file]...
    

     

    DESCRIPTION

    The mac utility calculates the message authentication code (MAC) of the given file or files or stdin using the algorithm specified.

    If more than one file is given, each line of output is the MAC of a single file.  

    OPTIONS

    The following options are supported:

    -a algorithm

    Specifies the name of the algorithm to use during the encryption or decryption process. See USAGE, Algorithms for details. Note: Algorithms for producing general length MACs are not supported.

    -k keyfile

    Specifies the file containing the key value for the encryption algorithm. Each algorithm has specific key material requirements, as stated in the PKCS#11 specification. If -k is not specified, mac prompts for key material using getpassphrase(3C).

    For information on generating a key file, see pktool(1), dd(1M) or the System Administration Guide: Security Services.

    -K key_label

    Specify the label of a symmetric token key in a PKCS#11 token.

    -l

    Displays the list of algorithms available on the system. This list can change depending on the configuration of the cryptographic framework. The keysizes are displayed in bits.

    -T token_spec

    Specify a PKCS#11 token other than the default soft token object store when the -K is specified.

    token_spec has the format of:

    token_name [:manuf_id [:serial_no]]
    

    When a token label contains trailing spaces, this option does not require them to be typed as a convenience to the user.

    Colon separates token identification string. If any of the parts have a literal colon (:) character, it must be escaped by a backslash (\). If a colon (:) is not found, the entire string (up to 32 characters) is taken as the token label. If only one colon (:) is found, the string is the token label and the manufacturer.

    -v

    Provides verbose information.

     

    USAGE

     

    Algorithms

    The supported algorithms are displayed with the -l option. These algorithms are provided by the cryptographic framework. Each supported algorithm is an alias to the most commonly used and least restricted version of a particular algorithm type. For example, md5_hmac is an alias to CKM_MD5_HMAC.

    These aliases are used with the -a option and are case-sensitive.  

    Passphrase

    When the -k option is not used during encryption and decryption tasks, the user is prompted for a passphrase. The passphrase is manipulated into a more secure key using the PBKDF2 algorithm specified in PKCS #5.  

    EXAMPLES

    Example 1 Listing Available Algorithms

    The following example lists available algorithms:

    example$ mac -l
    Algorithm       Keysize:  Min   Max
    -----------------------------------
    des_mac                    64    64
    sha1_hmac                   8   512
    md5_hmac                    8   512
    sha256_hmac                 8   512
    sha384_hmac                 8  1024
    sha512_hmac                 8  1024
    

    Example 2 Getting the Message Authentication Code

    The following example gets the message authentication code for a file:

    example$ mac -v -k mykey -a sha1_hmac /export/foo
    sha1_hmac (/export/foo) = 913ced311df10f1708d9848641ca8992f4718057
    

    Example 3 Getting the Message Authentication Code with a Token Key

    The following example gets the message authentication code with a generic token key in the soft token keystore. The generic token key can be generated with pktool(1):

    encrypt -v -a sha1_hmac -K my_generic_key \
        -T "Sun Software PKCS#11 softtoken" /export/foo
    Enter pin for Sun Software PKCS#11 softtoken:
        sha1_hmac (/etc/foo) = c2ba5c38458c092a68940081240d22b670182968
    

     

    EXIT STATUS

    The following exit values are returned:

    0

    Successful completion.

    >0

    An error occurred.

     

    ATTRIBUTES

    See attributes(5) for descriptions of the following attributes:

    ATTRIBUTE TYPEATTRIBUTE VALUE

    AvailabilitySUNWcsu

    Interface Stability

     

    SEE ALSO

    digest(1), pktool(1), dd(1M), getpassphrase(3C), libpkcs11(3LIB), attributes(5), pkcs11_softtoken(5)

    System Administration Guide: Security Services

    RSA PKCS#11 v2.20 and RSA PKCS#5 v2.0, http://www.rsasecurity.com


     

    Index

    NAME
    SYNOPSIS
    DESCRIPTION
    OPTIONS
    USAGE
    Algorithms
    Passphrase
    EXAMPLES
    EXIT STATUS
    ATTRIBUTES
    SEE ALSO


    Поиск по тексту MAN-ов: 




      Закладки на сайте
      Проследить за страницей
    Created 1996-2017 by Maxim Chirkov  
    ДобавитьРекламаВебмастеруГИД  
    Hosting by Ihor