Check-in [4cc32676a2]
Overview
Comment:Added KDF test cases
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | crypto
Files: files | file ages | folders
SHA3-256: 4cc32676a2e4ec247859257dda142c82ab89a76f9c571649716e64725811ab0e
User & Date: bohagan on 2023-12-25 02:04:23
Other Links: branch diff | manifest | tags
Context
2023-12-25
03:58
Updated documentation to add KDF commands, list KDFs command, and list cipher/digest info attributes. check-in: 17448b5ea7 user: bohagan tags: crypto
02:04
Added KDF test cases check-in: 4cc32676a2 user: bohagan tags: crypto
2023-12-24
22:57
Moved common get cipher, digest, etc. functions to tlsUtil.c file. Renamed tlsKey.c to tlsKDF.c to better reflect contents. Standardized error messages. check-in: 94f8408d0d user: bohagan tags: crypto
Changes
212
213
214
215
216
217
218




































219
220
221
222
223
224
225
	Tcl_SetObjResult(interp, Tcl_ObjPrintf("Salt too long. Must be <= %d bytes", max));
	return NULL;
    }
    return salt;
}

/*******************************************************************/





































/*
 *-------------------------------------------------------------------
 *
 * Util_GetInt --
 *
 *	Get integer value from TclObj







>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>







212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
	Tcl_SetObjResult(interp, Tcl_ObjPrintf("Salt too long. Must be <= %d bytes", max));
	return NULL;
    }
    return salt;
}

/*******************************************************************/

/*
 *-------------------------------------------------------------------
 *
 * Util_GetBinaryArray --
 *
 *	Get binary array from TclObj
 *
 * Returns:
 *	Pointer to type or NULL, and size
 *
 * Side effects:
 *	None
 *
 *-------------------------------------------------------------------
 */
unsigned char *Util_GetBinaryArray(Tcl_Interp *interp, Tcl_Obj *dataObj, int *len, char *name, int min, int max, int no_null) {
    unsigned char *data = NULL;
    *len = 0;

    if (dataObj != NULL) {
	data = Tcl_GetByteArrayFromObj(dataObj, len);
    } else if (no_null) {
	Tcl_AppendResult(interp, "no ", name, (char *) NULL);
	return NULL;
    }

    if (*len < min) {
	Tcl_SetObjResult(interp, Tcl_ObjPrintf("Invalid length for \"%s\": must be >= %d", name, min));
	return NULL;
    } else if (max > 0 && *len > max) {
	Tcl_SetObjResult(interp, Tcl_ObjPrintf("Invalid length for \"%s\": must be <= %d", name, max));
	return NULL;
    }
    return data;
}

/*
 *-------------------------------------------------------------------
 *
 * Util_GetInt --
 *
 *	Get integer value from TclObj
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
MD File,sha512,,,::tls::md -digest sha512 -file $test_file,,,d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1,,,
MD File,md5 bin,,,binary encode hex [::tls::md -digest md5 -file $test_file -bin],,,962bf0803b4232ec23bd8427bb94ea09,,,
MD File,md5 hex,,,::tls::md -digest md5 -file $test_file -hex,,,962bf0803b4232ec23bd8427bb94ea09,,,
,,,,,,,,,,
command,# MD Error Cases,,,,,,,,,
MD Errors,Too few args,,,::tls::md,,,"wrong # args: should be ""::tls::md ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]""",,,1
MD Errors,Too many args,,,::tls::md too many command line args to pass the test without an error or failing,,,"wrong # args: should be ""::tls::md ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]""",,,1
MD Errors,Invalid digest,,,::tls::md bogus data,,,"Invalid digest ""bogus""",,,1
MD Errors,Invalid digest Arg,,,::tls::md -digest bogus -data data,,,"Invalid digest ""bogus""",,,1
MD Errors,No digest,,,::tls::md -hex -data value,,,No digest specified,,,1
MD Errors,Invalid option,,,::tls::md -digest sha256 -bogus value,,,"bad option ""-bogus"": must be -bin, -binary, -hex, -hexadecimal, -chan, -channel, -cipher, -command, -data, -digest, -file, -filename, -hash, -key, or -mac",,,1
MD Errors,Invalid file,,,::tls::md -digest sha256 -file bogus,,,"couldn't open ""bogus"": no such file or directory",,,1
MD Errors,Invalid channel,,,::tls::md -digest sha256 -channel bogus,,,"can not find channel named ""bogus""",,,1
MD Errors,No operation,,,::tls::md -digest sha256 -bin,,,"No operation specified: Use -channel, -command, -data, or -file option",,,1
,,,,,,,,,,
,,,,,,,,,,
command,# Test CMAC command,,,,,,,,,
command,"set test_cipher ""aes-128-cbc""",,,,,,,,,
command,"set test_key ""Example key 1234""",,,,,,,,,
CMAC,data,,,::tls::cmac -cipher $test_cipher -key $test_key -data $test_data,,,baf5c20f9973e2d606b14c7efdfe52fa,,,
CMAC,file,,,::tls::cmac -cipher $test_cipher -key $test_key -file $test_file,,,baf5c20f9973e2d606b14c7efdfe52fa,,,







|
|
|



|







74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
MD File,sha512,,,::tls::md -digest sha512 -file $test_file,,,d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1,,,
MD File,md5 bin,,,binary encode hex [::tls::md -digest md5 -file $test_file -bin],,,962bf0803b4232ec23bd8427bb94ea09,,,
MD File,md5 hex,,,::tls::md -digest md5 -file $test_file -hex,,,962bf0803b4232ec23bd8427bb94ea09,,,
,,,,,,,,,,
command,# MD Error Cases,,,,,,,,,
MD Errors,Too few args,,,::tls::md,,,"wrong # args: should be ""::tls::md ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]""",,,1
MD Errors,Too many args,,,::tls::md too many command line args to pass the test without an error or failing,,,"wrong # args: should be ""::tls::md ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]""",,,1
MD Errors,Invalid digest,,,::tls::md bogus data,,,"invalid digest ""bogus""",,,1
MD Errors,Invalid digest Arg,,,::tls::md -digest bogus -data data,,,"invalid digest ""bogus""",,,1
MD Errors,No digest,,,::tls::md -hex -data value,,,no digest,,,1
MD Errors,Invalid option,,,::tls::md -digest sha256 -bogus value,,,"bad option ""-bogus"": must be -bin, -binary, -hex, -hexadecimal, -chan, -channel, -cipher, -command, -data, -digest, -file, -filename, -hash, -key, or -mac",,,1
MD Errors,Invalid file,,,::tls::md -digest sha256 -file bogus,,,"couldn't open ""bogus"": no such file or directory",,,1
MD Errors,Invalid channel,,,::tls::md -digest sha256 -channel bogus,,,"can not find channel named ""bogus""",,,1
MD Errors,No operation,,,::tls::md -digest sha256 -bin,,,"No operation: Use -channel, -command, -data, or -file option",,,1
,,,,,,,,,,
,,,,,,,,,,
command,# Test CMAC command,,,,,,,,,
command,"set test_cipher ""aes-128-cbc""",,,,,,,,,
command,"set test_key ""Example key 1234""",,,,,,,,,
CMAC,data,,,::tls::cmac -cipher $test_cipher -key $test_key -data $test_data,,,baf5c20f9973e2d606b14c7efdfe52fa,,,
CMAC,file,,,::tls::cmac -cipher $test_cipher -key $test_key -file $test_file,,,baf5c20f9973e2d606b14c7efdfe52fa,,,
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
,,,,,,,,,,
command,# Test CMAC Shortcut,,,,,,,,,
CMAC Shortcut,data,,,::tls::cmac $test_cipher -key $test_key $test_data,,,baf5c20f9973e2d606b14c7efdfe52fa,,,
,,,,,,,,,,
command,# CMAC Error Cases,,,,,,,,,
CMAC Errors,Too few args,,,::tls::cmac,,,"wrong # args: should be ""::tls::cmac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]""",,,1
CMAC Errors,Too many args,,,::tls::cmac too many command line args to pass the test without an error or failing,,,"wrong # args: should be ""::tls::cmac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]""",,,1
CMAC Errors,No cipher,,,::tls::cmac -hex -data $test_data,,,No cipher specified,,,1
CMAC Errors,No key,,,::tls::cmac -cipher $test_cipher -data $test_data,,,No key specified,,,1
CMAC Errors,Invalid cipher,,,::tls::cmac -cipher bogus -data $test_data,,,"Invalid cipher ""bogus""",,,1
,,,,,,,,,,
,,,,,,,,,,
command,# Test HMAC command,,,,,,,,,
command,set test_digest md5,,,,,,,,,
command,"set test_key ""Example key""",,,,,,,,,
HMAC,data,,,::tls::hmac -digest $test_digest -key $test_key -data $test_data,,,f98327ef3e20ab6d388f676c6a79d93d,,,
HMAC,file,,,::tls::hmac -digest $test_digest -key $test_key -file $test_file,,,f98327ef3e20ab6d388f676c6a79d93d,,,







|
|
|







105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
,,,,,,,,,,
command,# Test CMAC Shortcut,,,,,,,,,
CMAC Shortcut,data,,,::tls::cmac $test_cipher -key $test_key $test_data,,,baf5c20f9973e2d606b14c7efdfe52fa,,,
,,,,,,,,,,
command,# CMAC Error Cases,,,,,,,,,
CMAC Errors,Too few args,,,::tls::cmac,,,"wrong # args: should be ""::tls::cmac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]""",,,1
CMAC Errors,Too many args,,,::tls::cmac too many command line args to pass the test without an error or failing,,,"wrong # args: should be ""::tls::cmac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]""",,,1
CMAC Errors,No cipher,,,::tls::cmac -hex -data $test_data,,,no cipher,,,1
CMAC Errors,No key,,,::tls::cmac -cipher $test_cipher -data $test_data,,,no key,,,1
CMAC Errors,Invalid cipher,,,::tls::cmac -cipher bogus -data $test_data,,,"invalid cipher ""bogus""",,,1
,,,,,,,,,,
,,,,,,,,,,
command,# Test HMAC command,,,,,,,,,
command,set test_digest md5,,,,,,,,,
command,"set test_key ""Example key""",,,,,,,,,
HMAC,data,,,::tls::hmac -digest $test_digest -key $test_key -data $test_data,,,f98327ef3e20ab6d388f676c6a79d93d,,,
HMAC,file,,,::tls::hmac -digest $test_digest -key $test_key -file $test_file,,,f98327ef3e20ab6d388f676c6a79d93d,,,
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
,,,,,,,,,,
command,# Test HMAC Shortcut,,,,,,,,,
HMAC Shortcut,data,,,::tls::hmac $test_digest -key $test_key $test_data,,,f98327ef3e20ab6d388f676c6a79d93d,,,
,,,,,,,,,,
command,# HMAC Error Cases,,,,,,,,,
HMAC Errors,Too few args,,,::tls::hmac,,,"wrong # args: should be ""::tls::hmac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]""",,,1
HMAC Errors,Too many args,,,::tls::hmac too many command line args to pass the test without an error or failing,,,"wrong # args: should be ""::tls::hmac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]""",,,1
HMAC Errors,No digest,,,::tls::hmac -hex -data $test_data,,,No digest specified,,,1
HMAC Errors,No key,,,::tls::hmac -digest sha256 -data $test_data,,,No key specified,,,1
HMAC Errors,Invalid digest,,,::tls::md -digest bogus -key $test_key -data $test_data,,,"Invalid digest ""bogus""",,,1
,,,,,,,,,,
,,,,,,,,,,
command,# Test MAC command,,,,,,,,,
command,"set test_cipher ""aes-128-cbc""",,,,,,,,,
command,set test_digest sha256,,,,,,,,,
command,"set test_key ""Example key 1234""",,,,,,,,,
MAC,CMAC,,,::tls::mac -cipher $test_cipher -key $test_key -mac cmac -data $test_data,,,baf5c20f9973e2d606b14c7efdfe52fa,,,
MAC,HMAC,,,::tls::mac -digest $test_digest -key $test_key -mac hmac -data $test_data,,,676daf96370d0e3c5598557da38a9a810a4fbacbb2d10c67f6dfa83f10f48e96,,,
MAC,MD-CMAC,,,::tls::md -cipher $test_cipher -key $test_key -mac cmac -data $test_data,,,baf5c20f9973e2d606b14c7efdfe52fa,,,
MAC,MD-HMAC,,,::tls::md -digest $test_digest -key $test_key -mac hmac -data $test_data,,,676daf96370d0e3c5598557da38a9a810a4fbacbb2d10c67f6dfa83f10f48e96,,,
,,,,,,,,,,
command,# MAC Error Cases,,,,,,,,,
MAC Errors,Too few args,,,::tls::mac,,,"wrong # args: should be ""::tls::mac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]""",,,1
MAC Errors,No mac,,,::tls::mac -key $test_key -data $test_data,,,No MAC specified,,,1
MAC Errors,No key,,,::tls::mac -mac hmac -data $test_data,,,No key specified,,,1
MAC Errors,Invalid MAC,,,::tls::mac -mac scrypt -key $test_key -data $test_data,,,"Invalid MAC ""scrypt""",,,1
MAC Errors,Too many args,,,::tls::mac too many command line args to pass the test without an error or failing,,,"wrong # args: should be ""::tls::mac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]""",,,1
,,,,,,,,,,
,,,,,,,,,,
command,# RFC 1321 Message Digest 5,,,,,,,,,
RFC1321-MD5,TC1,,,"::tls::md -digest md5 -data """"",,,d41d8cd98f00b204e9800998ecf8427e,,,
RFC1321-MD5,TC2,,,"::tls::md -digest md5 -data ""a""",,,0cc175b9c0f1b6a831c399e269772661,,,
RFC1321-MD5,TC3,,,"::tls::md -digest md5 -data ""abc""",,,900150983cd24fb0d6963f7d28e17f72,,,







|
|
|













|
|
|







132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
,,,,,,,,,,
command,# Test HMAC Shortcut,,,,,,,,,
HMAC Shortcut,data,,,::tls::hmac $test_digest -key $test_key $test_data,,,f98327ef3e20ab6d388f676c6a79d93d,,,
,,,,,,,,,,
command,# HMAC Error Cases,,,,,,,,,
HMAC Errors,Too few args,,,::tls::hmac,,,"wrong # args: should be ""::tls::hmac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]""",,,1
HMAC Errors,Too many args,,,::tls::hmac too many command line args to pass the test without an error or failing,,,"wrong # args: should be ""::tls::hmac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]""",,,1
HMAC Errors,No digest,,,::tls::hmac -hex -data $test_data,,,no digest,,,1
HMAC Errors,No key,,,::tls::hmac -digest sha256 -data $test_data,,,no key,,,1
HMAC Errors,Invalid digest,,,::tls::md -digest bogus -key $test_key -data $test_data,,,"invalid digest ""bogus""",,,1
,,,,,,,,,,
,,,,,,,,,,
command,# Test MAC command,,,,,,,,,
command,"set test_cipher ""aes-128-cbc""",,,,,,,,,
command,set test_digest sha256,,,,,,,,,
command,"set test_key ""Example key 1234""",,,,,,,,,
MAC,CMAC,,,::tls::mac -cipher $test_cipher -key $test_key -mac cmac -data $test_data,,,baf5c20f9973e2d606b14c7efdfe52fa,,,
MAC,HMAC,,,::tls::mac -digest $test_digest -key $test_key -mac hmac -data $test_data,,,676daf96370d0e3c5598557da38a9a810a4fbacbb2d10c67f6dfa83f10f48e96,,,
MAC,MD-CMAC,,,::tls::md -cipher $test_cipher -key $test_key -mac cmac -data $test_data,,,baf5c20f9973e2d606b14c7efdfe52fa,,,
MAC,MD-HMAC,,,::tls::md -digest $test_digest -key $test_key -mac hmac -data $test_data,,,676daf96370d0e3c5598557da38a9a810a4fbacbb2d10c67f6dfa83f10f48e96,,,
,,,,,,,,,,
command,# MAC Error Cases,,,,,,,,,
MAC Errors,Too few args,,,::tls::mac,,,"wrong # args: should be ""::tls::mac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]""",,,1
MAC Errors,No mac,,,::tls::mac -key $test_key -data $test_data,,,no MAC,,,1
MAC Errors,No key,,,::tls::mac -mac hmac -digest $test_digest -data $test_data,,,no key,,,1
MAC Errors,Invalid MAC,,,::tls::mac -mac bogus -key $test_key -data $test_data,,,"invalid MAC ""bogus""",,,1
MAC Errors,Too many args,,,::tls::mac too many command line args to pass the test without an error or failing,,,"wrong # args: should be ""::tls::mac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]""",,,1
,,,,,,,,,,
,,,,,,,,,,
command,# RFC 1321 Message Digest 5,,,,,,,,,
RFC1321-MD5,TC1,,,"::tls::md -digest md5 -data """"",,,d41d8cd98f00b204e9800998ecf8427e,,,
RFC1321-MD5,TC2,,,"::tls::md -digest md5 -data ""a""",,,0cc175b9c0f1b6a831c399e269772661,,,
RFC1321-MD5,TC3,,,"::tls::md -digest md5 -data ""abc""",,,900150983cd24fb0d6963f7d28e17f72,,,
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273

test MD_Errors-8.2 {Too many args} -body {
	::tls::md too many command line args to pass the test without an error or failing
    } -result {wrong # args: should be "::tls::md ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1}

test MD_Errors-8.3 {Invalid digest} -body {
	::tls::md bogus data
    } -result {Invalid digest "bogus"} -returnCodes {1}

test MD_Errors-8.4 {Invalid digest Arg} -body {
	::tls::md -digest bogus -data data
    } -result {Invalid digest "bogus"} -returnCodes {1}

test MD_Errors-8.5 {No digest} -body {
	::tls::md -hex -data value
    } -result {No digest specified} -returnCodes {1}

test MD_Errors-8.6 {Invalid option} -body {
	::tls::md -digest sha256 -bogus value
    } -result {bad option "-bogus": must be -bin, -binary, -hex, -hexadecimal, -chan, -channel, -cipher, -command, -data, -digest, -file, -filename, -hash, -key, or -mac} -returnCodes {1}

test MD_Errors-8.7 {Invalid file} -body {
	::tls::md -digest sha256 -file bogus
    } -result {couldn't open "bogus": no such file or directory} -returnCodes {1}

test MD_Errors-8.8 {Invalid channel} -body {
	::tls::md -digest sha256 -channel bogus
    } -result {can not find channel named "bogus"} -returnCodes {1}

test MD_Errors-8.9 {No operation} -body {
	::tls::md -digest sha256 -bin
    } -result {No operation specified: Use -channel, -command, -data, or -file option} -returnCodes {1}


# Test CMAC command
set test_cipher "aes-128-cbc"
set test_key "Example key 1234"









|



|



|















|







235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273

test MD_Errors-8.2 {Too many args} -body {
	::tls::md too many command line args to pass the test without an error or failing
    } -result {wrong # args: should be "::tls::md ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1}

test MD_Errors-8.3 {Invalid digest} -body {
	::tls::md bogus data
    } -result {invalid digest "bogus"} -returnCodes {1}

test MD_Errors-8.4 {Invalid digest Arg} -body {
	::tls::md -digest bogus -data data
    } -result {invalid digest "bogus"} -returnCodes {1}

test MD_Errors-8.5 {No digest} -body {
	::tls::md -hex -data value
    } -result {no digest} -returnCodes {1}

test MD_Errors-8.6 {Invalid option} -body {
	::tls::md -digest sha256 -bogus value
    } -result {bad option "-bogus": must be -bin, -binary, -hex, -hexadecimal, -chan, -channel, -cipher, -command, -data, -digest, -file, -filename, -hash, -key, or -mac} -returnCodes {1}

test MD_Errors-8.7 {Invalid file} -body {
	::tls::md -digest sha256 -file bogus
    } -result {couldn't open "bogus": no such file or directory} -returnCodes {1}

test MD_Errors-8.8 {Invalid channel} -body {
	::tls::md -digest sha256 -channel bogus
    } -result {can not find channel named "bogus"} -returnCodes {1}

test MD_Errors-8.9 {No operation} -body {
	::tls::md -digest sha256 -bin
    } -result {No operation: Use -channel, -command, -data, or -file option} -returnCodes {1}


# Test CMAC command
set test_cipher "aes-128-cbc"
set test_key "Example key 1234"


330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352

test CMAC_Errors-12.2 {Too many args} -body {
	::tls::cmac too many command line args to pass the test without an error or failing
    } -result {wrong # args: should be "::tls::cmac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1}

test CMAC_Errors-12.3 {No cipher} -body {
	::tls::cmac -hex -data $test_data
    } -result {No cipher specified} -returnCodes {1}

test CMAC_Errors-12.4 {No key} -body {
	::tls::cmac -cipher $test_cipher -data $test_data
    } -result {No key specified} -returnCodes {1}

test CMAC_Errors-12.5 {Invalid cipher} -body {
	::tls::cmac -cipher bogus -data $test_data
    } -result {Invalid cipher "bogus"} -returnCodes {1}


# Test HMAC command
set test_digest md5
set test_key "Example key"









|



|



|







330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352

test CMAC_Errors-12.2 {Too many args} -body {
	::tls::cmac too many command line args to pass the test without an error or failing
    } -result {wrong # args: should be "::tls::cmac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1}

test CMAC_Errors-12.3 {No cipher} -body {
	::tls::cmac -hex -data $test_data
    } -result {no cipher} -returnCodes {1}

test CMAC_Errors-12.4 {No key} -body {
	::tls::cmac -cipher $test_cipher -data $test_data
    } -result {no key} -returnCodes {1}

test CMAC_Errors-12.5 {Invalid cipher} -body {
	::tls::cmac -cipher bogus -data $test_data
    } -result {invalid cipher "bogus"} -returnCodes {1}


# Test HMAC command
set test_digest md5
set test_key "Example key"


409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431

test HMAC_Errors-16.2 {Too many args} -body {
	::tls::hmac too many command line args to pass the test without an error or failing
    } -result {wrong # args: should be "::tls::hmac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1}

test HMAC_Errors-16.3 {No digest} -body {
	::tls::hmac -hex -data $test_data
    } -result {No digest specified} -returnCodes {1}

test HMAC_Errors-16.4 {No key} -body {
	::tls::hmac -digest sha256 -data $test_data
    } -result {No key specified} -returnCodes {1}

test HMAC_Errors-16.5 {Invalid digest} -body {
	::tls::md -digest bogus -key $test_key -data $test_data
    } -result {Invalid digest "bogus"} -returnCodes {1}


# Test MAC command
set test_cipher "aes-128-cbc"
set test_digest sha256
set test_key "Example key 1234"








|



|



|







409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431

test HMAC_Errors-16.2 {Too many args} -body {
	::tls::hmac too many command line args to pass the test without an error or failing
    } -result {wrong # args: should be "::tls::hmac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1}

test HMAC_Errors-16.3 {No digest} -body {
	::tls::hmac -hex -data $test_data
    } -result {no digest} -returnCodes {1}

test HMAC_Errors-16.4 {No key} -body {
	::tls::hmac -digest sha256 -data $test_data
    } -result {no key} -returnCodes {1}

test HMAC_Errors-16.5 {Invalid digest} -body {
	::tls::md -digest bogus -key $test_key -data $test_data
    } -result {invalid digest "bogus"} -returnCodes {1}


# Test MAC command
set test_cipher "aes-128-cbc"
set test_digest sha256
set test_key "Example key 1234"

451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473

test MAC_Errors-18.1 {Too few args} -body {
	::tls::mac
    } -result {wrong # args: should be "::tls::mac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1}

test MAC_Errors-18.2 {No mac} -body {
	::tls::mac -key $test_key -data $test_data
    } -result {No MAC specified} -returnCodes {1}

test MAC_Errors-18.3 {No key} -body {
	::tls::mac -mac hmac -data $test_data
    } -result {No key specified} -returnCodes {1}

test MAC_Errors-18.4 {Invalid MAC} -body {
	::tls::mac -mac scrypt -key $test_key -data $test_data
    } -result {Invalid MAC "scrypt"} -returnCodes {1}

test MAC_Errors-18.5 {Too many args} -body {
	::tls::mac too many command line args to pass the test without an error or failing
    } -result {wrong # args: should be "::tls::mac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1}


# RFC 1321 Message Digest 5







|


|
|


|
|







451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473

test MAC_Errors-18.1 {Too few args} -body {
	::tls::mac
    } -result {wrong # args: should be "::tls::mac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1}

test MAC_Errors-18.2 {No mac} -body {
	::tls::mac -key $test_key -data $test_data
    } -result {no MAC} -returnCodes {1}

test MAC_Errors-18.3 {No key} -body {
	::tls::mac -mac hmac -digest $test_digest -data $test_data
    } -result {no key} -returnCodes {1}

test MAC_Errors-18.4 {Invalid MAC} -body {
	::tls::mac -mac bogus -key $test_key -data $test_data
    } -result {invalid MAC "bogus"} -returnCodes {1}

test MAC_Errors-18.5 {Too many args} -body {
	::tls::mac too many command line args to pass the test without an error or failing
    } -result {wrong # args: should be "::tls::mac ?-bin|-hex? ?-cipher name? ?-digest name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1}


# RFC 1321 Message Digest 5
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
Ciphers Errors,SSL3,!ssl3,,::tls::ciphers ssl3,,,ssl3: protocol not supported,,,1
Ciphers Errors,TLS1.0,!tls1,,::tls::ciphers tls1,,,tls1: protocol not supported,,,1
Ciphers Errors,TLS1.1,!tls1.1,,::tls::ciphers tls1.1,,,tls1.0: protocol not supported,,,1
Ciphers Errors,TLS1.2,!tls1.2,,::tls::ciphers tls1.2,,,tls1.1: protocol not supported,,,1
Ciphers Errors,TLS1.3,!tls1.3,,::tls::ciphers tls1.3,,,tls1.3: protocol not supported,,,1
,,,,,,,,,,
command,# Test Cipher Info,,,,,,,,,
Cipher Info,AES-256-CCM,,,tls::cipher aes-256-ccm,,,nid aes-256-ccm name id-aes256-CCM description {} block_size 1 key_length 32 iv_length 12 type aes-256-ccm provider {} mode CCM flags {{Variable Length} 0 {Always Call Init} 1 {Custom IV} 1 {Control Init} 1 {Custom Cipher} 1 {AEAD Cipher} 1 {Custom Copy} 1 {Non FIPS Allow} 0},,,
,,,,,,,,,,
command,# Test list digests,,,,,,,,,
Digests List,All,,,lcompare [lsort [exec_get_digests]] [lsort [tls::digests]],,,missing {} unexpected {},,,
,,,,,,,,,,
command,# Test Digest Info,,,,,,,,,
Digest Info,md5,,,tls::digests md5,,,name MD5 description {} size 16 block_size 64 provider {} type md5 pkey_type md5WithRSAEncryption flags {One-shot 0 XOF 0 DigestAlgorithmId_NULL 0 DigestAlgorithmId_Abscent 0 DigestAlgorithmId_Custom 0 FIPS 0},,,
,,,,,,,,,,







|







52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
Ciphers Errors,SSL3,!ssl3,,::tls::ciphers ssl3,,,ssl3: protocol not supported,,,1
Ciphers Errors,TLS1.0,!tls1,,::tls::ciphers tls1,,,tls1: protocol not supported,,,1
Ciphers Errors,TLS1.1,!tls1.1,,::tls::ciphers tls1.1,,,tls1.0: protocol not supported,,,1
Ciphers Errors,TLS1.2,!tls1.2,,::tls::ciphers tls1.2,,,tls1.1: protocol not supported,,,1
Ciphers Errors,TLS1.3,!tls1.3,,::tls::ciphers tls1.3,,,tls1.3: protocol not supported,,,1
,,,,,,,,,,
command,# Test Cipher Info,,,,,,,,,
Cipher Info,AES-256-CCM,,,tls::cipher aes-256-ccm,,,nid aes-256-ccm name id-aes256-CCM description {} block_size 1 key_length 32 iv_length 12 type aes-256-ccm provider {} mode CCM flags {{Variable Length} 0 {Always Call Init} 1 {Custom IV} 1 {Control Init} 1 {Custom Cipher} 1 {AEAD Cipher} 1 {Custom Copy} 1 {Non FIPS Allow} 0} tag_length 16 aad_length 13,,,
,,,,,,,,,,
command,# Test list digests,,,,,,,,,
Digests List,All,,,lcompare [lsort [exec_get_digests]] [lsort [tls::digests]],,,missing {} unexpected {},,,
,,,,,,,,,,
command,# Test Digest Info,,,,,,,,,
Digest Info,md5,,,tls::digests md5,,,name MD5 description {} size 16 block_size 64 provider {} type md5 pkey_type md5WithRSAEncryption flags {One-shot 0 XOF 0 DigestAlgorithmId_NULL 0 DigestAlgorithmId_Abscent 0 DigestAlgorithmId_Custom 0 FIPS 0},,,
,,,,,,,,,,
74
75
76
77
78
79
80
81
82
83
84
85
86
87
Protocols,All,,,lcompare $::protocols [::tls::protocols],,,missing {ssl2 ssl3} unexpected {},,,
,,,,,,,,,,
command,# Test show version,,,,,,,,,
Version,All,,,::tls::version,,glob,*,,,
Version,OpenSSL,OpenSSL,,::tls::version,,glob,OpenSSL*,,,
,,,,,,,,,,
command,# Error Cases,,,,,,,,,
Error Cases,Cipher Too few args,,,::tls::cipher,,,"wrong # args: should be ""::tls::cipher ?name?""",,,1
Error Cases,Cipher Too many args,,,::tls::cipher too many args,,,"wrong # args: should be ""::tls::cipher ?name?""",,,1
Error Cases,Digests Too many args,,,::tls::digests too many args,,,"wrong # args: should be ""::tls::digests ?name?""",,,1
Error Cases,MACs Too many args,,,::tls::macs too many args,,,"wrong # args: should be ""::tls::macs ?name?""",,,1
Error Cases,Pkeys Too many args,,,::tls::pkeys too many args,,,"wrong # args: should be ""::tls::pkeys ?name?""",,,1
Error Cases,Protocols Too many args,,,::tls::protocols too many args,,,"wrong # args: should be ""::tls::protocols""",,,1
Error Cases,Version Too many args,,,::tls::version too many args,,,"wrong # args: should be ""::tls::version""",,,1







<






74
75
76
77
78
79
80

81
82
83
84
85
86
Protocols,All,,,lcompare $::protocols [::tls::protocols],,,missing {ssl2 ssl3} unexpected {},,,
,,,,,,,,,,
command,# Test show version,,,,,,,,,
Version,All,,,::tls::version,,glob,*,,,
Version,OpenSSL,OpenSSL,,::tls::version,,glob,OpenSSL*,,,
,,,,,,,,,,
command,# Error Cases,,,,,,,,,

Error Cases,Cipher Too many args,,,::tls::cipher too many args,,,"wrong # args: should be ""::tls::cipher ?name?""",,,1
Error Cases,Digests Too many args,,,::tls::digests too many args,,,"wrong # args: should be ""::tls::digests ?name?""",,,1
Error Cases,MACs Too many args,,,::tls::macs too many args,,,"wrong # args: should be ""::tls::macs ?name?""",,,1
Error Cases,Pkeys Too many args,,,::tls::pkeys too many args,,,"wrong # args: should be ""::tls::pkeys ?name?""",,,1
Error Cases,Protocols Too many args,,,::tls::protocols too many args,,,"wrong # args: should be ""::tls::protocols""",,,1
Error Cases,Version Too many args,,,::tls::version too many args,,,"wrong # args: should be ""::tls::version""",,,1
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
    } -result {tls1.3: protocol not supported} -returnCodes {1}

# Test Cipher Info


test Cipher_Info-6.1 {AES-256-CCM} -body {
	tls::cipher aes-256-ccm
    } -result {nid aes-256-ccm name id-aes256-CCM description {} block_size 1 key_length 32 iv_length 12 type aes-256-ccm provider {} mode CCM flags {{Variable Length} 0 {Always Call Init} 1 {Custom IV} 1 {Control Init} 1 {Custom Cipher} 1 {AEAD Cipher} 1 {Custom Copy} 1 {Non FIPS Allow} 0}}

# Test list digests


test Digests_List-7.1 {All} -body {
	lcompare [lsort [exec_get_digests]] [lsort [tls::digests]]
    } -result {missing {} unexpected {}}







|







157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
    } -result {tls1.3: protocol not supported} -returnCodes {1}

# Test Cipher Info


test Cipher_Info-6.1 {AES-256-CCM} -body {
	tls::cipher aes-256-ccm
    } -result {nid aes-256-ccm name id-aes256-CCM description {} block_size 1 key_length 32 iv_length 12 type aes-256-ccm provider {} mode CCM flags {{Variable Length} 0 {Always Call Init} 1 {Custom IV} 1 {Control Init} 1 {Custom Cipher} 1 {AEAD Cipher} 1 {Custom Copy} 1 {Non FIPS Allow} 0} tag_length 16 aad_length 13}

# Test list digests


test Digests_List-7.1 {All} -body {
	lcompare [lsort [exec_get_digests]] [lsort [tls::digests]]
    } -result {missing {} unexpected {}}
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
test Version-12.2 {OpenSSL} -constraints {OpenSSL} -body {
	::tls::version
    } -match {glob} -result {OpenSSL*}

# Error Cases


test Error_Cases-13.1 {Cipher Too few args} -body {
	::tls::cipher
    } -result {wrong # args: should be "::tls::cipher ?name?"} -returnCodes {1}

test Error_Cases-13.2 {Cipher Too many args} -body {
	::tls::cipher too many args
    } -result {wrong # args: should be "::tls::cipher ?name?"} -returnCodes {1}

test Error_Cases-13.3 {Digests Too many args} -body {
	::tls::digests too many args
    } -result {wrong # args: should be "::tls::digests ?name?"} -returnCodes {1}

test Error_Cases-13.4 {MACs Too many args} -body {
	::tls::macs too many args
    } -result {wrong # args: should be "::tls::macs ?name?"} -returnCodes {1}

test Error_Cases-13.5 {Pkeys Too many args} -body {
	::tls::pkeys too many args
    } -result {wrong # args: should be "::tls::pkeys ?name?"} -returnCodes {1}

test Error_Cases-13.6 {Protocols Too many args} -body {
	::tls::protocols too many args
    } -result {wrong # args: should be "::tls::protocols"} -returnCodes {1}

test Error_Cases-13.7 {Version Too many args} -body {
	::tls::version too many args
    } -result {wrong # args: should be "::tls::version"} -returnCodes {1}

# Cleanup
::tcltest::cleanupTests
return







|
<
<
<
<



|



|



|



|



|






208
209
210
211
212
213
214
215




216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
test Version-12.2 {OpenSSL} -constraints {OpenSSL} -body {
	::tls::version
    } -match {glob} -result {OpenSSL*}

# Error Cases


test Error_Cases-13.1 {Cipher Too many args} -body {




	::tls::cipher too many args
    } -result {wrong # args: should be "::tls::cipher ?name?"} -returnCodes {1}

test Error_Cases-13.2 {Digests Too many args} -body {
	::tls::digests too many args
    } -result {wrong # args: should be "::tls::digests ?name?"} -returnCodes {1}

test Error_Cases-13.3 {MACs Too many args} -body {
	::tls::macs too many args
    } -result {wrong # args: should be "::tls::macs ?name?"} -returnCodes {1}

test Error_Cases-13.4 {Pkeys Too many args} -body {
	::tls::pkeys too many args
    } -result {wrong # args: should be "::tls::pkeys ?name?"} -returnCodes {1}

test Error_Cases-13.5 {Protocols Too many args} -body {
	::tls::protocols too many args
    } -result {wrong # args: should be "::tls::protocols"} -returnCodes {1}

test Error_Cases-13.6 {Version Too many args} -body {
	::tls::version too many args
    } -result {wrong # args: should be "::tls::version"} -returnCodes {1}

# Cleanup
::tcltest::cleanupTests
return
Added tests/kdf.csv version [ecd5209032].
Added tests/kdf.test version [e9cb54f939].