Reputation: 512
Compute AES128 CMAC with openssl as command line
I'am looking for a tool that can compute a AES128 CMAC as a command line. Openssl does not seem to offer this feature with the command line. Did I miss something, or do you know a command line tool that can perform this computation?
Upvotes: 5
Views: 8778
Answers (3)
Reputation: 1
OpenSSL version 3.0 added a new openssl mac command that replaces openssl dgst -mac
https://www.openssl.org/docs/man3.0/man1/openssl-mac.html
For example:
$ echo "6bc1bee22e409f96e93d7e117393172a" > message.txt
$ xxd -plain -revert message.txt message.bin
$ openssl mac -cipher AES-128-CBC -macopt hexkey:2b7e151628aed2a6abf7158809cf4f3c -in message.bin CMAC
070A16B46B4D4144F79BDD9DD04A287C
(using Example #2 from https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/AES_CMAC.pdf)
Upvotes: 0
Reputation: 5493
Using newer OpenSSL (1.0.1 I think), you could do:
openssl dgst -mac cmac -macopt cipher:aes-128-cbc -macopt hexkey:11223344556677889900112233445566 -sha1 <file>
Choose the cipher with -macopt cipher:<cipher> option and the hash with -<hash>.
Upvotes: 5
Reputation: 94078
[sweep over old questions]
Looked in source of openssl, but could not find it either. There is a patch available for openssl (search for peter, ibm and openssl) but you will have to test it against the latest and rebuild. OpenSSL is a very useful but horribly maintained library/tool.
If there is another tool that does AES/CMAC, it's very good at hiding as well.
Upvotes: 1
Related Questions
- AEAD Decryption with OpenSSL in C
- How to calculate AES CMAC using OpenSSL's CMAC_xxx functions?
- Compute the CBC-MAC with AES-256 and openssl in C
- AES_cfb128_encrypt and decrypt using openssl command
- openssl hmac using aes-256-cbc
- AES encryption using openssl
- Using AES CBC from OpenSSL
- OpenSSL and AES
- openssl command line to decrypt aes ctr 128
- Using OpenSSL's CMS implementation in C++