Hashlet version 1.1.0 is now released. This release adds software features and is compatible with existing configurations. Two main features were added:

The first was suggested by Dave Taht, which adds a flag to retrieve a variable amount of random bytes. Without the flag, it returns 32 bytes. This feature makes some scripting easier. For example:

[code lang=bash]
hashlet random -B 202
014E50C1134C6E86E231EA93467121AB8AED01A0C8A73CD701247A94535A3E7D795B676B4523366489E9160EF1AC518498E3D612F41F8A05066853F73B79520AFBA05F7B2A6CA6963EC318D751CFC265843BEB2452DA70768F077BD3D67184569DA5A54A9B9F6307F9F58CF4B417DDB2B1BB1F238EE317E5E455C9FB960E7F31EDCE73315F8735F25818DEAC759D2200250B4E1CCFF5A7E0B1EF0256B45B605E341EEF3757760F41293D8D98E11DC34D11A49F7807D226BAB19906B73FC355A480F96843F34E9B9D984F
[/code]

The second feature is the addition of adding HMAC-256. The HMAC value will be generated using a secret key on the Hashlet and can be verified offline, without the device as follows:

hmac

[code lang=bash]
hashlet hmac -f ChangeLog
CD0765AB1F94698E0EACDE22C10F362E925F4F4017B75FDE5AB3124FCEBE9754
[/code]

[code lang=bash]
echo test | ./hashlet hmac
9CAF53A19F4A8D751F9D03ED3991EF648DC9246D2B329D9A650307212D994326
[/code]

Your input data is combined with data on the device, so this isn’t a pure HMAC-256. Your data will be applied to SHA-256 and then combined, per the datasheet, with some device data. That result is fed into HMAC-256.

offline-hmac

[code lang=bash]
hashlet offline-hmac -r CD0765AB1F94698E0EACDE22C10F362E925F4F4017B75FDE5AB3124FCEBE9754 -f ChangeLog
echo $?
0
[/code]

[code lang=bash]
echo test | ./hashlet offline-hmac -r 9CAF53A19F4A8D751F9D03ED3991EF648DC9246D2B329D9A650307212D994326
echo $?
0
[/code]

Similar to offline-verify, this verifies the HMAC operation using the key file from ~/.hashlet.

Happy Hacking!