👤
Home Man
Search
Today's Posts
Register

Linux & Unix Commands - Search Man Pages
Man Page or Keyword Search:
Select Section of Man Page:
Select Man Page Repository:

OpenSolaris 2009.06 - man page for mac (opensolaris section 1)

mac(1)					  User Commands 				   mac(1)

NAME
       mac - calculate message authentication codes of the input

SYNOPSIS
       /usr/bin/mac -l

       /usr/bin/mac [-v] -a algorithm
	  [-k keyfile | -K key_label [-T token_spec]] [file]...

DESCRIPTION
       The  mac  utility  calculates  the  message authentication code (MAC) of the given file or
       files or stdin using the algorithm specified.

       If more than one file is given, each line of output is the MAC of a single file.

OPTIONS
       The following options are supported:

       -a algorithm	Specifies the name of the algorithm  to  use  during  the  encryption  or
			decryption  process.  See USAGE, Algorithms for details. Note: Algorithms
			for producing general length MACs are not supported.

       -k keyfile	Specifies the file containing the key value for the encryption algorithm.
			Each  algorithm  has specific key material requirements, as stated in the
			PKCS#11 specification. If -k is not specified, mac prompts for	key mate-
			rial using getpassphrase(3C).

			For  information  on  generating a key file, see pktool(1), dd(1M) or the
			System Administration Guide: Security Services.

       -K key_label	Specify the label of a symmetric token key in a PKCS#11 token.

       -l		Displays the list of algorithms available on the system.  This	list  can
			change depending on the configuration of the cryptographic framework. The
			keysizes are displayed in bits.

       -T token_spec	Specify a PKCS#11 token other than the default soft  token  object  store
			when the -K is specified.

			token_spec has the format of:

			  token_name [:manuf_id [:serial_no]]

			When a token label contains trailing spaces, this option does not require
			them to be typed as a convenience to the user.

			Colon separates token identification string. If any of the parts  have	a
			literal  colon (:) character, it must be escaped by a backslash (\). If a
			colon (:) is not found, the entire string (up to 32 characters) is  taken
			as  the  token	label.	If only one colon (:) is found, the string is the
			token label and the manufacturer.

       -v		Provides verbose information.

USAGE
   Algorithms
       The supported algorithms are displayed with the -l option. These algorithms  are  provided
       by  the cryptographic framework. Each supported algorithm is an alias to the most commonly
       used and least restricted version of a particular algorithm type. For example, md5_hmac is
       an alias to CKM_MD5_HMAC.

       These aliases are used with the -a option and are case-sensitive.

   Passphrase
       When  the  -k  option  is  not  used  during  encryption and decryption tasks, the user is
       prompted for a passphrase. The passphrase is manipulated into a more secure key using  the
       PBKDF2 algorithm specified in PKCS #5.

EXAMPLES
       Example 1 Listing Available Algorithms

       The following example lists available algorithms:

	 example$ mac -l
	 Algorithm	 Keysize:  Min	 Max
	 -----------------------------------
	 des_mac		    64	  64
	 sha1_hmac		     8	 512
	 md5_hmac		     8	 512
	 sha256_hmac		     8	 512
	 sha384_hmac		     8	1024
	 sha512_hmac		     8	1024

       Example 2 Getting the Message Authentication Code

       The following example gets the message authentication code for a file:

	 example$ mac -v -k mykey -a sha1_hmac /export/foo
	 sha1_hmac (/export/foo) = 913ced311df10f1708d9848641ca8992f4718057

       Example 3 Getting the Message Authentication Code with a Token Key

       The following example gets the message authentication code with a generic token key in the
       soft token keystore.  The generic token	key can be generated with pktool(1):

	 encrypt -v -a sha1_hmac -K my_generic_key \
	      -T "Sun Software PKCS#11 softtoken" /export/foo
	 Enter pin for Sun Software PKCS#11 softtoken:
	      sha1_hmac (/etc/foo) = c2ba5c38458c092a68940081240d22b670182968

EXIT STATUS
       The following exit values are returned:

       0     Successful completion.

       >0    An error occurred.

ATTRIBUTES
       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcsu			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

SEE ALSO
       digest(1),   pktool(1),	 dd(1M),   getpassphrase(3C),	libpkcs11(3LIB),   attributes(5),
       pkcs11_softtoken(5)

       System Administration Guide: Security Services

       RSA PKCS#11 v2.20 and RSA PKCS#5 v2.0, http://www.rsasecurity.com

SunOS 5.11				   21 Mar 2007					   mac(1)


All times are GMT -4. The time now is 01:34 AM.

Unix & Linux Forums Content Copyrightę1993-2018. All Rights Reserved.
×
UNIX.COM Login
Username:
Password:  
Show Password