diff options
| author | Francois Kritzinger <francois@codesynthesis.com> | 2025-01-10 10:50:17 +0200 |
|---|---|---|
| committer | Francois Kritzinger <francois@codesynthesis.com> | 2025-01-10 11:08:26 +0200 |
| commit | a526c1bc524d2cdf4e44d18f25047280688a6fae (patch) | |
| tree | 592e67b3972113af8a14a13fa7821245be98565a | |
| parent | 4a89e9aaa64d7ceaf00856c623fd1f5dcc2139e0 (diff) | |
In order to support openssl versions older than 3.0.
| -rw-r--r-- | mod/hmac.cxx | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/mod/hmac.cxx b/mod/hmac.cxx index 1a78b4c..cfb0e23 100644 --- a/mod/hmac.cxx +++ b/mod/hmac.cxx @@ -16,6 +16,12 @@ compute_hmac (const options::openssl_options& o, // To compute an HMAC over stdin with the key <secret>: // + // openssl dgst -sha256 -hmac <secret> + // + // Note that since openssl 3.0 the `mac` command is the preferred method + // for generating HMACs. For future reference, the equivalent command + // would be: + // // openssl mac -digest SHA256 -macopt "key:<secret>" HMAC // // Note that here we assume both output and diagnostics will fit into pipe @@ -25,10 +31,9 @@ compute_hmac (const options::openssl_options& o, path ("-"), // Write output to openssl::in. process::pipe (errp.in.get (), move (errp.out)), process_env (o.openssl (), o.openssl_envvar ()), - "mac", o.openssl_option (), - "-digest", "SHA256", - "-macopt", string ("key:") + k, - "HMAC"); + "dgst", o.openssl_option (), + "-sha256", + "-hmac", k); ifdstream err (move (errp.in)); |