yacloud/acme.sh
1
0
Fork 0
mirror of https://github.com/acmesh-official/acme.sh.git synced 2025-05-05 23:17:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fall back to python if OpenSSL does not support '-macopt'

Browse Source 
This allows the script to work with the tools shipped with OS X.
This commit is contained in:
Karsten Sperling 2017-01-06 15:30:06 +13:00
parent 058e5d5f4b
commit 82c4060d62
1 changed files with 12 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
acme.sh
View File

@ -461,10 +461,19 @@ _hmac() {
fi fi
if [ "$alg" = "sha256" ] || [ "$alg" = "sha1" ]; then if [ "$alg" = "sha256" ] || [ "$alg" = "sha1" ]; then
if [ "$outputhex" ]; then # OpenSSL only support -macopt from version 1.0. OS X ships version 0.9
$OPENSSL_BIN dgst -"$alg" -mac HMAC -macopt "hexkey:$secret_hex" | cut -d = -f 2 | tr -d ' ' if echo -n "" | $OPENSSL_BIN dgst -sha1 -mac HMAC -macopt hexkey:00 >/dev/null 2>&1; then
if [ "$outputhex" ]; then
$OPENSSL_BIN dgst -"$alg" -mac HMAC -macopt "hexkey:$secret_hex" | cut -d = -f 2 | tr -d ' '
else
$OPENSSL_BIN dgst -"$alg" -mac HMAC -macopt "hexkey:$secret_hex" -binary
fi
else else
$OPENSSL_BIN dgst -"$alg" -mac HMAC -macopt "hexkey:$secret_hex" -binary # Try to fall back to python's built-in hmac/hashlib modules
[ -n "$outputhex" ] && outputhex=hex
python -u -c \
'import sys,binascii,hmac,hashlib;sys.stdout.write(getattr(hmac.new(binascii.unhexlify(sys.argv[3]),sys.stdin.read(),getattr(hashlib,sys.argv[1])),sys.argv[2])())' \
"$alg" "${outputhex}digest" "$secret_hex"
fi fi
else else
_err "$alg is not supported yet" _err "$alg is not supported yet"