Overview
Comment: | Added random bytes command to generate random bytes using a cryptographically secure pseudo random generator (CSPRNG). |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | crypto |
Files: | files | file ages | folders |
SHA3-256: |
baa34f4208c3088af57eca6352b0c1cd |
User & Date: | bohagan on 2023-12-28 03:00:56 |
Other Links: | branch diff | manifest | tags |
Context
2023-12-28
| ||
03:02 | Added random bytes command documentation check-in: 2eb1cc571b user: bohagan tags: crypto | |
03:00 | Added random bytes command to generate random bytes using a cryptographically secure pseudo random generator (CSPRNG). check-in: baa34f4208 user: bohagan tags: crypto | |
2023-12-25
| ||
03:58 | Updated documentation to add KDF commands, list KDFs command, and list cipher/digest info attributes. check-in: 17448b5ea7 user: bohagan tags: crypto | |
Changes
Modified configure from [5d330fed91] to [8236a3ee1d].
︙ | ︙ | |||
5392 5393 5394 5395 5396 5397 5398 | # stub library C source files to compile in TEA_ADD_STUB_SOURCES, # and runtime Tcl library files in TEA_ADD_TCL_SOURCES. # This defines PKG(_STUB)_SOURCES, PKG(_STUB)_OBJECTS, PKG_HEADERS # and PKG_TCL_SOURCES. #----------------------------------------------------------------------- | | | 5392 5393 5394 5395 5396 5397 5398 5399 5400 5401 5402 5403 5404 5405 5406 | # stub library C source files to compile in TEA_ADD_STUB_SOURCES, # and runtime Tcl library files in TEA_ADD_TCL_SOURCES. # This defines PKG(_STUB)_SOURCES, PKG(_STUB)_OBJECTS, PKG_HEADERS # and PKG_TCL_SOURCES. #----------------------------------------------------------------------- vars="tls.c tlsBIO.c tlsDigest.c tlsEncrypt.c tlsInfo.c tlsIO.c tlsKDF.c tlsRand.c tlsUtil.c tlsX509.c" for i in $vars; do case $i in \$*) # allow $-var names PKG_SOURCES="$PKG_SOURCES $i" PKG_OBJECTS="$PKG_OBJECTS $i" ;; |
︙ | ︙ |
Modified configure.ac from [f02a7eeac0] to [19dfb8e8aa].
︙ | ︙ | |||
67 68 69 70 71 72 73 | # public headers that need to be installed in TEA_ADD_HEADERS, # stub library C source files to compile in TEA_ADD_STUB_SOURCES, # and runtime Tcl library files in TEA_ADD_TCL_SOURCES. # This defines PKG(_STUB)_SOURCES, PKG(_STUB)_OBJECTS, PKG_HEADERS # and PKG_TCL_SOURCES. #----------------------------------------------------------------------- | | | 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 | # public headers that need to be installed in TEA_ADD_HEADERS, # stub library C source files to compile in TEA_ADD_STUB_SOURCES, # and runtime Tcl library files in TEA_ADD_TCL_SOURCES. # This defines PKG(_STUB)_SOURCES, PKG(_STUB)_OBJECTS, PKG_HEADERS # and PKG_TCL_SOURCES. #----------------------------------------------------------------------- TEA_ADD_SOURCES([tls.c tlsBIO.c tlsDigest.c tlsEncrypt.c tlsInfo.c tlsIO.c tlsKDF.c tlsRand.c tlsUtil.c tlsX509.c]) TEA_ADD_HEADERS([generic/tls.h]) TEA_ADD_INCLUDES([]) TEA_ADD_LIBS([]) TEA_ADD_CFLAGS([]) TEA_ADD_STUB_SOURCES([]) TEA_ADD_TCL_SOURCES([library/tls.tcl]) |
︙ | ︙ |
Modified generic/tls.c from [578f1e1218] to [c0cfa2b008].
︙ | ︙ | |||
2616 2617 2618 2619 2620 2621 2622 | Tcl_CreateObjCommand(interp, "tls::misc", MiscObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::unimport", UnimportObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::status", StatusObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tls_DigestCommands(interp); Tls_EncryptCommands(interp); Tls_InfoCommands(interp); | | > | 2616 2617 2618 2619 2620 2621 2622 2623 2624 2625 2626 2627 2628 2629 2630 2631 | Tcl_CreateObjCommand(interp, "tls::misc", MiscObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::unimport", UnimportObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::status", StatusObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tls_DigestCommands(interp); Tls_EncryptCommands(interp); Tls_InfoCommands(interp); Tls_KDFCommands(interp); Tls_RandCommands(interp); if (interp) { Tcl_Eval(interp, tlsTclInitScript); } return Tcl_PkgProvide(interp, PACKAGE_NAME, PACKAGE_VERSION); } |
︙ | ︙ |
Modified generic/tlsInt.h from [8236808b5c] to [44437ee129].
︙ | ︙ | |||
193 194 195 196 197 198 199 | void Tls_Error(State *statePtr, char *msg); void Tls_Free(char *blockPtr); void Tls_Clean(State *statePtr); int Tls_WaitForConnect(State *statePtr, int *errorCodePtr, int handshakeFailureIsPermanent); int Tls_DigestCommands(Tcl_Interp *interp); int Tls_EncryptCommands(Tcl_Interp *interp); int Tls_InfoCommands(Tcl_Interp *interp); | | > | 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 | void Tls_Error(State *statePtr, char *msg); void Tls_Free(char *blockPtr); void Tls_Clean(State *statePtr); int Tls_WaitForConnect(State *statePtr, int *errorCodePtr, int handshakeFailureIsPermanent); int Tls_DigestCommands(Tcl_Interp *interp); int Tls_EncryptCommands(Tcl_Interp *interp); int Tls_InfoCommands(Tcl_Interp *interp); int Tls_KDFCommands(Tcl_Interp *interp); int Tls_RandCommands(Tcl_Interp *interp); BIO *BIO_new_tcl(State* statePtr, int flags); EVP_CIPHER *Util_GetCipher(Tcl_Interp *interp, Tcl_Obj *cipherObj, int no_null); EVP_MD *Util_GetDigest(Tcl_Interp *interp, Tcl_Obj *digestObj, int no_null); unsigned char *Util_GetIV(Tcl_Interp *interp, Tcl_Obj *ivObj, int *len, int max, int no_null); unsigned char *Util_GetKey(Tcl_Interp *interp, Tcl_Obj *keyObj, int *len, char *name, int max, int no_null); |
︙ | ︙ |
Modified generic/tlsKDF.c from [2e942636f4] to [218b680c5b].
︙ | ︙ | |||
463 464 465 466 467 468 469 | * TCL_OK or TCL_ERROR * * Side effects: * Creates commands * *------------------------------------------------------------------- */ | | | 463 464 465 466 467 468 469 470 471 472 473 474 475 476 | * TCL_OK or TCL_ERROR * * Side effects: * Creates commands * *------------------------------------------------------------------- */ int Tls_KDFCommands(Tcl_Interp *interp) { Tcl_CreateObjCommand(interp, "tls::hkdf", KDF_HKDF, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::pbkdf2", KDF_PBKDF2, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::scrypt", KDF_Scrypt, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); return TCL_OK; } |
Added generic/tlsRand.c version [f9e71c157f].
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 | /* * Key Derivation Function (KDF) Module * * Provides commands to derive keys. * * Copyright (C) 2023 Brian O'Hagan * */ #include "tlsInt.h" #include "tclOpts.h" #include <openssl/rand.h> /*******************************************************************/ /* Options for Random commands */ static const char *command_opts [] = { "-private", NULL}; enum _command_opts { _opt_private }; /* *------------------------------------------------------------------- * * RAND_Random -- * * Generate random byes using a random bytes using a cryptographically * secure pseudo random generator (CSPRNG). * * Returns: * TCL_OK or TCL_ERROR * * Side effects: * Sets result to the random bytes, or an error message * *------------------------------------------------------------------- */ static int RAND_Random(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) { int out_len = 0, res; unsigned char *out_buf; Tcl_Obj *resultObj; dprintf("Called"); /* Clear errors */ Tcl_ResetResult(interp); ERR_clear_error(); /* Validate arg count */ if (objc < 2 || objc > 3) { Tcl_WrongNumArgs(interp, 1, objv, "?-private? length"); return TCL_ERROR; } else if (objc == 3) { int fn; if (Tcl_GetIndexFromObj(interp, objv[1], command_opts, "option", 0, &fn) != TCL_OK) { return TCL_ERROR; } } /* Get length */ if (Tcl_GetIntFromObj(interp, objv[objc - 1], &out_len) != TCL_OK) { return TCL_ERROR; } if (out_len < 0) { Tcl_SetObjResult(interp, Tcl_ObjPrintf("bad count \"%d\": must be integer >= 0", out_len)); return TCL_ERROR; } /* Allocate storage for result */ resultObj = Tcl_NewObj(); out_buf = Tcl_SetByteArrayLength(resultObj, out_len); if (resultObj == NULL || out_buf == NULL) { Tcl_AppendResult(interp, "Memory allocation error", (char *) NULL); Tcl_DecrRefCount(resultObj); return TCL_ERROR; } /* Get random bytes */ if (objc == 2) { res = RAND_bytes(out_buf, out_len); } else { res = RAND_priv_bytes(out_buf, out_len); } if (!res) { Tcl_AppendResult(interp, "Generate failed: ", REASON(), (char *) NULL); Tcl_DecrRefCount(resultObj); return TCL_ERROR; } Tcl_SetObjResult(interp, resultObj); return TCL_OK; clientData = clientData; } /* *------------------------------------------------------------------- * * Tls_RandCommands -- * * Create key commands * * Returns: * TCL_OK or TCL_ERROR * * Side effects: * Creates commands * *------------------------------------------------------------------- */ int Tls_RandCommands(Tcl_Interp *interp) { Tcl_CreateObjCommand(interp, "tls::random", RAND_Random, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); return TCL_OK; } |
Modified win/makefile.vc from [40a127f356] to [75e334f091].
︙ | ︙ | |||
28 29 30 31 32 33 34 35 36 37 38 39 40 41 | PRJ_OBJS = $(TMP_DIR)\tls.obj \ $(TMP_DIR)\tlsBIO.obj \ $(TMP_DIR)\tlsDigest.obj \ $(TMP_DIR)\tlsEncrypt.obj \ $(TMP_DIR)\tlsInfo.obj \ $(TMP_DIR)\tlsIO.obj \ $(TMP_DIR)\tlsKDF.obj \ $(TMP_DIR)\tlsUtil.obj \ $(TMP_DIR)\tlsX509.obj # Define any additional project include flags # SSL_INSTALL_FOLDER = with the OpenSSL installation folder following. PRJ_INCLUDES = -I"$(SSL_INSTALL_FOLDER)\include" -I"$(OPENSSL_INSTALL_DIR)\include" | > | 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 | PRJ_OBJS = $(TMP_DIR)\tls.obj \ $(TMP_DIR)\tlsBIO.obj \ $(TMP_DIR)\tlsDigest.obj \ $(TMP_DIR)\tlsEncrypt.obj \ $(TMP_DIR)\tlsInfo.obj \ $(TMP_DIR)\tlsIO.obj \ $(TMP_DIR)\tlsKDF.obj \ $(TMP_DIR)\tlsRand.obj \ $(TMP_DIR)\tlsUtil.obj \ $(TMP_DIR)\tlsX509.obj # Define any additional project include flags # SSL_INSTALL_FOLDER = with the OpenSSL installation folder following. PRJ_INCLUDES = -I"$(SSL_INSTALL_FOLDER)\include" -I"$(OPENSSL_INSTALL_DIR)\include" |
︙ | ︙ |