Overview
| Comment: | Added function to encrypt and decrypt data |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | crypto |
| Files: | files | file ages | folders |
| SHA3-256: |
b395f93924933f9b60909b6698119fb0 |
| User & Date: | bohagan on 2023-12-02 04:25:43 |
| Other Links: | branch diff | manifest | tags |
Context
|
2023-12-02
| ||
| 17:58 | Modularized encrypt and decrypt functions check-in: 85d30feee0 user: bohagan tags: crypto | |
| 04:25 | Added function to encrypt and decrypt data check-in: b395f93924 user: bohagan tags: crypto | |
|
2023-11-27
| ||
| 02:39 | Code Cleanup to use switch statements check-in: 24e26c8844 user: bohagan tags: crypto | |
Changes
Modified configure from [285f813da9] to [2fc15c8cab].
| ︙ | ︙ | |||
5392 5393 5394 5395 5396 5397 5398 | # stub library C source files to compile in TEA_ADD_STUB_SOURCES, # and runtime Tcl library files in TEA_ADD_TCL_SOURCES. # This defines PKG(_STUB)_SOURCES, PKG(_STUB)_OBJECTS, PKG_HEADERS # and PKG_TCL_SOURCES. #----------------------------------------------------------------------- | | | 5392 5393 5394 5395 5396 5397 5398 5399 5400 5401 5402 5403 5404 5405 5406 |
# stub library C source files to compile in TEA_ADD_STUB_SOURCES,
# and runtime Tcl library files in TEA_ADD_TCL_SOURCES.
# This defines PKG(_STUB)_SOURCES, PKG(_STUB)_OBJECTS, PKG_HEADERS
# and PKG_TCL_SOURCES.
#-----------------------------------------------------------------------
vars="tls.c tlsBIO.c tlsDigest.c tlsEncrypt.c tlsInfo.c tlsIO.c tlsX509.c"
for i in $vars; do
case $i in
\$*)
# allow $-var names
PKG_SOURCES="$PKG_SOURCES $i"
PKG_OBJECTS="$PKG_OBJECTS $i"
;;
|
| ︙ | ︙ |
Modified configure.ac from [48f68fd73a] to [d2a1dc5bcd].
| ︙ | ︙ | |||
67 68 69 70 71 72 73 | # public headers that need to be installed in TEA_ADD_HEADERS, # stub library C source files to compile in TEA_ADD_STUB_SOURCES, # and runtime Tcl library files in TEA_ADD_TCL_SOURCES. # This defines PKG(_STUB)_SOURCES, PKG(_STUB)_OBJECTS, PKG_HEADERS # and PKG_TCL_SOURCES. #----------------------------------------------------------------------- | | | 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 | # public headers that need to be installed in TEA_ADD_HEADERS, # stub library C source files to compile in TEA_ADD_STUB_SOURCES, # and runtime Tcl library files in TEA_ADD_TCL_SOURCES. # This defines PKG(_STUB)_SOURCES, PKG(_STUB)_OBJECTS, PKG_HEADERS # and PKG_TCL_SOURCES. #----------------------------------------------------------------------- TEA_ADD_SOURCES([tls.c tlsBIO.c tlsDigest.c tlsEncrypt.c tlsInfo.c tlsIO.c tlsX509.c]) TEA_ADD_HEADERS([generic/tls.h]) TEA_ADD_INCLUDES([]) TEA_ADD_LIBS([]) TEA_ADD_CFLAGS([]) TEA_ADD_STUB_SOURCES([]) TEA_ADD_TCL_SOURCES([library/tls.tcl]) |
| ︙ | ︙ |
Modified generic/tls.c from [66b088c361] to [3ece83c57b].
| ︙ | ︙ | |||
2545 2546 2547 2548 2549 2550 2551 2552 2553 2554 2555 2556 2557 2558 |
Tcl_CreateObjCommand(interp, "tls::handshake", HandshakeObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::import", ImportObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::misc", MiscObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::unimport", UnimportObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::status", StatusObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tls_DigestCommands(interp);
Tls_InfoCommands(interp);
if (interp) {
Tcl_Eval(interp, tlsTclInitScript);
}
return Tcl_PkgProvide(interp, PACKAGE_NAME, PACKAGE_VERSION);
| > | 2545 2546 2547 2548 2549 2550 2551 2552 2553 2554 2555 2556 2557 2558 2559 |
Tcl_CreateObjCommand(interp, "tls::handshake", HandshakeObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::import", ImportObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::misc", MiscObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::unimport", UnimportObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::status", StatusObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tls_DigestCommands(interp);
Tls_EncryptCommands(interp);
Tls_InfoCommands(interp);
if (interp) {
Tcl_Eval(interp, tlsTclInitScript);
}
return Tcl_PkgProvide(interp, PACKAGE_NAME, PACKAGE_VERSION);
|
| ︙ | ︙ |
Added generic/tlsEncrypt.c version [6e83e19975].
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 |
/*
* Encryption Functions Module
*
* This module provides commands that can be used to encrypt or decrypt data.
*
* Copyright (C) 2023 Brian O'Hagan
*
*/
#include "tlsInt.h"
#include "tclOpts.h"
#include <tcl.h>
#include <stdio.h>
#include <string.h>
#include <openssl/evp.h>
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
#include <openssl/params.h>
#endif
/* Encryption functions */
#define TYPE_MD 0x010
#define TYPE_HMAC 0x020
#define TYPE_CMAC 0x040
#define TYPE_MAC 0x080
#define TYPE_ENCRYPT 0x100
#define TYPE_DECRYPT 0x200
#define TYPE_SIGN 0x400
#define TYPE_VERIFY 0x800
/*******************************************************************/
/*
*-------------------------------------------------------------------
*
* CryptoDataHandler --
*
* Perform encryption function on a block of data and return result.
*
* Returns:
* TCL_OK or TCL_ERROR
*
* Side effects:
* Sets result or error message
*
*-------------------------------------------------------------------
*/
int
Encrypt_DataHandler(Tcl_Interp *interp, int type, Tcl_Obj *dataObj, Tcl_Obj *cipherObj,
Tcl_Obj *digestObj, Tcl_Obj *keyObj, Tcl_Obj *ivObj) {
EVP_CIPHER_CTX *ctx;
const EVP_CIPHER *cipher;
char *cipherName = NULL, *data = NULL, *key = NULL, *iv = NULL;
int cipher_len = 0, data_len = 0, key_len = 0, iv_len = 0, out_len = 0, tmplen, res;
unsigned char *outbuf;
Tcl_Obj *resultObj;
dprintf("Called");
if (cipherObj != NULL) {
cipherName = Tcl_GetStringFromObj(cipherObj, &cipher_len);
}
if (keyObj != NULL) {
key = Tcl_GetStringFromObj(keyObj, &key_len);
}
if (ivObj != NULL) {
iv = Tcl_GetStringFromObj(ivObj, &iv_len);
}
if (dataObj != NULL) {
data = Tcl_GetByteArrayFromObj(dataObj, &data_len);
} else {
Tcl_AppendResult(interp, "No data", NULL);
}
/* Get cipher name */
#if OPENSSL_VERSION_NUMBER < 0x30000000L
cipher = EVP_get_cipherbyname(cipherName);
#else
cipher = EVP_CIPHER_fetch(NULL, cipherName, NULL);
#endif
if (cipher == NULL) {
Tcl_AppendResult(interp, "Invalid cipher: ", cipherName, NULL);
return TCL_ERROR;
}
/* Allocate storage for encrypted data. Size should be data size + block size. */
resultObj = Tcl_NewObj();
outbuf = Tcl_SetByteArrayLength(resultObj, data_len+1024);
if (resultObj == NULL || outbuf == NULL) {
Tcl_AppendResult(interp, "Memory allocation error", (char *) NULL);
return TCL_ERROR;
}
/* Create and initialize the context */
if((ctx = EVP_CIPHER_CTX_new()) == NULL) {
Tcl_AppendResult(interp, "Memory allocation error", (char *) NULL);
Tcl_DecrRefCount(resultObj);
return TCL_ERROR;
}
/* Initialize the operation. Need appropriate key and iv size. */
#if OPENSSL_VERSION_NUMBER < 0x30000000L
if (type == TYPE_ENCRYPT) {
res = EVP_EncryptInit_ex(ctx, cipher, NULL, key, iv);
} else {
res = EVP_DecryptInit_ex(ctx, cipher, NULL, key, iv);
}
#else
OSSL_PARAM params[2];
int index = 0;
if (iv != NULL) {
params[index++] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_IV, (void *) iv, (size_t) iv_len);
}
params[index] = OSSL_PARAM_construct_end();
if (type == TYPE_ENCRYPT) {
res = EVP_EncryptInit_ex2(ctx, cipher, key, iv, params);
} else {
res = EVP_DecryptInit_ex2(ctx, cipher, key, iv, params);
}
#endif
if(!res) {
Tcl_AppendResult(interp, "Initialize failed: ", REASON(), NULL);
Tcl_DecrRefCount(resultObj);
EVP_CIPHER_CTX_free(ctx);
return TCL_ERROR;
}
/* Encrypt/decrypt data */
if (type == TYPE_ENCRYPT) {
res = EVP_EncryptUpdate(ctx, outbuf, &out_len, data, data_len);
} else {
res = EVP_DecryptUpdate(ctx, outbuf, &out_len, data, data_len);
}
if (!res) {
Tcl_AppendResult(interp, "Update failed: ", REASON(), NULL);
Tcl_DecrRefCount(resultObj);
EVP_CIPHER_CTX_free(ctx);
return TCL_ERROR;
}
/* Finalize data */
if (type == TYPE_ENCRYPT) {
res = EVP_EncryptFinal_ex(ctx, outbuf+out_len, &tmplen);
} else {
res = EVP_DecryptFinal_ex(ctx, outbuf+out_len, &tmplen);
}
if (!res) {
Tcl_AppendResult(interp, "Finalize failed: ", REASON(), NULL);
Tcl_DecrRefCount(resultObj);
EVP_CIPHER_CTX_free(ctx);
return TCL_ERROR;
}
out_len += tmplen;
outbuf = Tcl_SetByteArrayLength(resultObj, out_len);
/* Set return result */
Tcl_SetObjResult(interp, resultObj);
/* Clean up */
EVP_CIPHER_CTX_free(ctx);
return TCL_OK;
}
/*******************************************************************/
/*
*-------------------------------------------------------------------
*
* EncryptionMain --
*
* Perform encryption function and return result.
*
* Returns:
* TCL_OK or TCL_ERROR
*
* Side effects:
* Sets result or error message
*
*-------------------------------------------------------------------
*/
static int EncryptionMain(int type, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) {
int res = TCL_OK;
Tcl_Obj *cipherObj = NULL, *cmdObj = NULL, *dataObj = NULL, *digestObj = NULL;
Tcl_Obj *inFileObj = NULL, *outFileObj = NULL, *keyObj = NULL, *ivObj = NULL;
const char *channel = NULL, *opt;
const EVP_MD *md = NULL;
const EVP_CIPHER *cipher = NULL;
dprintf("Called");
/* Clear interp result */
Tcl_ResetResult(interp);
/* Validate arg count */
if (objc < 3 || objc > 12) {
Tcl_WrongNumArgs(interp, 1, objv, "?-cipher name? ?-digest name? ?-key key? ?-iv string? [-data data]");
return TCL_ERROR;
}
/* Get options */
for (int idx = 1; idx < objc; idx++) {
opt = Tcl_GetStringFromObj(objv[idx], NULL);
if (opt[0] != '-') {
break;
}
OPTOBJ("-cipher", cipherObj);
OPTOBJ("-data", dataObj);
OPTOBJ("-digest", digestObj);
OPTOBJ("-key", keyObj);
OPTOBJ("-iv", ivObj);
OPTBAD("option", "-cipher, -data, -digest, -key, or -iv");
return TCL_ERROR;
}
/* Check for required options */
if (cipherObj == NULL) {
Tcl_AppendResult(interp, "No cipher", NULL);
} else if (keyObj == NULL) {
Tcl_AppendResult(interp, "No key", NULL);
return TCL_ERROR;
}
/* Perform encryption function on file, stacked channel, using instance command, or data blob */
if (dataObj != NULL) {
res = Encrypt_DataHandler(interp, type, dataObj, cipherObj, digestObj, keyObj, ivObj);
} else {
Tcl_AppendResult(interp, "No operation specified: Use -data option", NULL);
res = TCL_ERROR;
}
return res;
}
/*
*-------------------------------------------------------------------
*
* Encryption Commands --
*
* Perform encryption function and return results
*
* Returns:
* TCL_OK or TCL_ERROR
*
* Side effects:
* Command dependent
*
*-------------------------------------------------------------------
*/
static int EncryptObjCmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) {
return EncryptionMain(TYPE_ENCRYPT, interp, objc, objv);
}
static int DecryptObjCmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) {
return EncryptionMain(TYPE_DECRYPT, interp, objc, objv);
}
/*
*-------------------------------------------------------------------
*
* Encrypt_Initialize --
*
* Create namespace, commands, and register package version
*
* Returns:
* TCL_OK or TCL_ERROR
*
* Side effects:
* Creates commands
*
*-------------------------------------------------------------------
*/
int Tls_EncryptCommands(Tcl_Interp *interp) {
Tcl_CreateObjCommand(interp, "tls::encrypt", EncryptObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::decrypt", DecryptObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
}
|
Modified generic/tlsInt.h from [f793362aa1] to [5abc533285].
| ︙ | ︙ | |||
192 193 194 195 196 197 198 199 200 201 202 203 204 205 | Tcl_Obj *Tls_NewX509Obj(Tcl_Interp *interp, X509 *cert); Tcl_Obj *Tls_NewCAObj(Tcl_Interp *interp, const SSL *ssl, int peer); void Tls_Error(State *statePtr, char *msg); void Tls_Free(char *blockPtr); void Tls_Clean(State *statePtr); int Tls_WaitForConnect(State *statePtr, int *errorCodePtr, int handshakeFailureIsPermanent); int Tls_DigestCommands(Tcl_Interp *interp); int Tls_InfoCommands(Tcl_Interp *interp); BIO *BIO_new_tcl(State* statePtr, int flags); #define PTR2INT(x) ((int) ((intptr_t) (x))) #endif /* _TLSINT_H */ | > | 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 | Tcl_Obj *Tls_NewX509Obj(Tcl_Interp *interp, X509 *cert); Tcl_Obj *Tls_NewCAObj(Tcl_Interp *interp, const SSL *ssl, int peer); void Tls_Error(State *statePtr, char *msg); void Tls_Free(char *blockPtr); void Tls_Clean(State *statePtr); int Tls_WaitForConnect(State *statePtr, int *errorCodePtr, int handshakeFailureIsPermanent); int Tls_DigestCommands(Tcl_Interp *interp); int Tls_EncryptCommands(Tcl_Interp *interp); int Tls_InfoCommands(Tcl_Interp *interp); BIO *BIO_new_tcl(State* statePtr, int flags); #define PTR2INT(x) ((int) ((intptr_t) (x))) #endif /* _TLSINT_H */ |
Modified win/makefile.vc from [f23472ab04] to [c94d145e50].
| ︙ | ︙ | |||
24 25 26 27 28 29 30 31 32 33 34 35 36 37 | # Define the object files and resource file that make up the extension. # Note the resource file does not makes sense if doing a static library build # hence it is under that condition. TMP_DIR is the output directory # defined by rules for object files. PRJ_OBJS = $(TMP_DIR)\tls.obj \ $(TMP_DIR)\tlsBIO.obj \ $(TMP_DIR)\tlsDigest.obj \ $(TMP_DIR)\tlsInfo.obj \ $(TMP_DIR)\tlsIO.obj \ $(TMP_DIR)\tlsX509.obj # Define any additional project include flags # SSL_INSTALL_FOLDER = with the OpenSSL installation folder following. PRJ_INCLUDES = -I"$(SSL_INSTALL_FOLDER)\include" -I"$(OPENSSL_INSTALL_DIR)\include" | > | 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 | # Define the object files and resource file that make up the extension. # Note the resource file does not makes sense if doing a static library build # hence it is under that condition. TMP_DIR is the output directory # defined by rules for object files. PRJ_OBJS = $(TMP_DIR)\tls.obj \ $(TMP_DIR)\tlsBIO.obj \ $(TMP_DIR)\tlsDigest.obj \ $(TMP_DIR)\tlsEncrypt.obj \ $(TMP_DIR)\tlsInfo.obj \ $(TMP_DIR)\tlsIO.obj \ $(TMP_DIR)\tlsX509.obj # Define any additional project include flags # SSL_INSTALL_FOLDER = with the OpenSSL installation folder following. PRJ_INCLUDES = -I"$(SSL_INSTALL_FOLDER)\include" -I"$(OPENSSL_INSTALL_DIR)\include" |
| ︙ | ︙ |