Re: openssl hmac and key on the command line

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: openssl-users@xxxxxxxxxxx
Subject: Re: openssl hmac and key on the command line
From: Carson Gaspar <carson@xxxxxxxxxx>
Date: Sat, 8 Jun 2024 09:15:25 -0700
Feedback-id: i75e441e0:Fastmail
In-reply-to: <CAJbOq16VJZk9=ZXnuyoFMOqpFKSiyiVyUEnR1SFykiRbvHLUdQ@mail.gmail.com>
References: <CAMc2VtRx+a+2EYdR34iG-FyJbXPzFCeOoqOx6v+hOmRAmLqP4w@mail.gmail.com> <20240608074325.bkl2yxyh5ijtqsjt@chazelas.org> <20240608075203.skl247fnhc22z6de@chazelas.org> <CAJbOq16VJZk9=ZXnuyoFMOqpFKSiyiVyUEnR1SFykiRbvHLUdQ@mail.gmail.com>
User-agent: Mozilla Thunderbird

On 6/8/2024 5:12 AM, Neil Horman wrote:

printf '%s' "hello" | LD_LIBRARY_PATH=$PWD ./apps/openssl dgst -sha1-hmac $(cat key.txt)
SHA1(stdin)= c3b424548c3dbd02161a9541d89287e689f076d7


That will expose the key in the process args, so is NOT secure.

--

Carson

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

References:
- openssl hmac and key on the command line
  - From: Francois
- Re: openssl hmac and key on the command line
  - From: Stephane Chazelas
- Re: openssl hmac and key on the command line
  - From: Stephane Chazelas
- Re: openssl hmac and key on the command line
  - From: Neil Horman

Prev by Date: Re: openssl hmac and key on the command line
Next by Date: Fwd: [.] ssl update needs rebuilds
Previous by thread: Re: openssl hmac and key on the command line
Next by thread: Re: openssl hmac and key on the command line
Index(es):
- Date
- Thread

[Index of Archives] [Linux ARM Kernel] [Linux ARM] [Linux Omap] [Fedora ARM] [IETF Annouce] [Security] [Bugtraq] [Linux] [Linux OMAP] [Linux MIPS] [ECOS] [Asterisk Internet PBX] [Linux API]

Powered by Linux