mac man page on OpenIndiana

Man page or keyword search:  
man Server   20441 pages
apropos Keyword Search (all sections)
Output format
OpenIndiana logo
[printable version]

mac(1)				 User Commands				mac(1)

NAME
       mac - calculate message authentication codes of the input

SYNOPSIS
       /usr/bin/mac -l

       /usr/bin/mac [-v] -a algorithm
	  [-k keyfile | -K key_label [-T token_spec]] [file]...

DESCRIPTION
       The mac utility calculates the message authentication code (MAC) of the
       given file or files or stdin using the algorithm specified.

       If more than one file is given, each line of output is  the  MAC	 of  a
       single file.

OPTIONS
       The following options are supported:

       -a algorithm	Specifies  the name of the algorithm to use during the
			encryption or decryption  process.  See	 USAGE,	 Algo‐
			rithms	for  details.  Note:  Algorithms for producing
			general length MACs are not supported.

       -k keyfile	Specifies the file containing the key  value  for  the
			encryption  algorithm. Each algorithm has specific key
			material requirements, as stated in the PKCS#11 speci‐
			fication. If -k is not specified, mac prompts for  key
			material using getpassphrase(3C).

			For  information  on  generating  a  key   file,   see
			pktool(1),  dd(1M) or the System Administration Guide:
			Security Services.

       -K key_label	Specify the label  of  a  symmetric  token  key	 in  a
			PKCS#11 token.

       -l		Displays  the list of algorithms available on the sys‐
			tem. This list can change depending on the  configura‐
			tion  of the cryptographic framework. The keysizes are
			displayed in bits.

       -T token_spec	Specify a PKCS#11 token other than  the	 default  soft
			token object store when the -K is specified.

			token_spec has the format of:

			  token_name [:manuf_id [:serial_no]]

			When  a	 token	label  contains	 trailing spaces, this
			option does not require them to be typed as  a	conve‐
			nience to the user.

			Colon separates token identification string. If any of
			the parts have a literal colon (:) character, it  must
			be  escaped  by a backslash (\). If a colon (:) is not
			found, the entire string  (up  to  32  characters)  is
			taken  as  the	token  label. If only one colon (:) is
			found, the string is the token label and the  manufac‐
			turer.

       -v		Provides verbose information.

USAGE
   Algorithms
       The  supported algorithms are displayed with the -l option. These algo‐
       rithms are provided by  the  cryptographic  framework.  Each  supported
       algorithm  is  an  alias to the most commonly used and least restricted
       version of a particular algorithm type. For  example,  md5_hmac	is  an
       alias to CKM_MD5_HMAC.

       These aliases are used with the -a option and are case-sensitive.

   Passphrase
       When  the -k option is not used during encryption and decryption tasks,
       the user is prompted for a passphrase. The  passphrase  is  manipulated
       into a more secure key using the PBKDF2 algorithm specified in PKCS #5.

EXAMPLES
       Example 1 Listing Available Algorithms

       The following example lists available algorithms:

	 example$ mac -l
	 Algorithm	 Keysize:  Min	 Max
	 -----------------------------------
	 des_mac		    64	  64
	 sha1_hmac		     8	 512
	 md5_hmac		     8	 512
	 sha256_hmac		     8	 512
	 sha384_hmac		     8	1024
	 sha512_hmac		     8	1024

       Example 2 Getting the Message Authentication Code

       The following example gets the message authentication code for a file:

	 example$ mac -v -k mykey -a sha1_hmac /export/foo
	 sha1_hmac (/export/foo) = 913ced311df10f1708d9848641ca8992f4718057

       Example 3 Getting the Message Authentication Code with a Token Key

       The  following  example	gets  the  message  authentication code with a
       generic token key in the soft token keystore.  The generic  token   key
       can be generated with pktool(1):

	 encrypt -v -a sha1_hmac -K my_generic_key \
	      -T "Sun Software PKCS#11 softtoken" /export/foo
	 Enter pin for Sun Software PKCS#11 softtoken:
	      sha1_hmac (/etc/foo) = c2ba5c38458c092a68940081240d22b670182968

EXIT STATUS
       The following exit values are returned:

       0     Successful completion.

       >0    An error occurred.

ATTRIBUTES
       See attributes(5) for descriptions of the following attributes:

       ┌─────────────────────────────┬─────────────────────────────┐
       │      ATTRIBUTE TYPE	     │	    ATTRIBUTE VALUE	   │
       ├─────────────────────────────┼─────────────────────────────┤
       │Availability		     │SUNWcs			   │
       ├─────────────────────────────┼─────────────────────────────┤
       │Interface Stability	     │Committed			   │
       └─────────────────────────────┴─────────────────────────────┘

SEE ALSO
       digest(1),   pktool(1),	 dd(1M),  getpassphrase(3C),  libpkcs11(3LIB),
       attributes(5), pkcs11_softtoken(5)

       System Administration Guide: Security Services

       RSA PKCS#11 v2.20 and RSA PKCS#5 v2.0, http://www.rsasecurity.com

SunOS 5.11			  21 Mar 2007				mac(1)
[top]

List of man pages available for OpenIndiana

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net