Overview
| Comment: | Added random bytes command to generate random bytes using a cryptographically secure pseudo random generator (CSPRNG). |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | crypto |
| Files: | files | file ages | folders |
| SHA3-256: |
baa34f4208c3088af57eca6352b0c1cd |
| User & Date: | bohagan on 2023-12-28 03:00:56 |
| Other Links: | branch diff | manifest | tags |
Context
|
2023-12-28
| ||
| 03:02 | Added random bytes command documentation check-in: 2eb1cc571b user: bohagan tags: crypto | |
| 03:00 | Added random bytes command to generate random bytes using a cryptographically secure pseudo random generator (CSPRNG). check-in: baa34f4208 user: bohagan tags: crypto | |
|
2023-12-25
| ||
| 03:58 | Updated documentation to add KDF commands, list KDFs command, and list cipher/digest info attributes. check-in: 17448b5ea7 user: bohagan tags: crypto | |
Changes
Modified configure from [5d330fed91] to [8236a3ee1d].
| ︙ | ︙ | |||
5392 5393 5394 5395 5396 5397 5398 | # stub library C source files to compile in TEA_ADD_STUB_SOURCES, # and runtime Tcl library files in TEA_ADD_TCL_SOURCES. # This defines PKG(_STUB)_SOURCES, PKG(_STUB)_OBJECTS, PKG_HEADERS # and PKG_TCL_SOURCES. #----------------------------------------------------------------------- | | | 5392 5393 5394 5395 5396 5397 5398 5399 5400 5401 5402 5403 5404 5405 5406 |
# stub library C source files to compile in TEA_ADD_STUB_SOURCES,
# and runtime Tcl library files in TEA_ADD_TCL_SOURCES.
# This defines PKG(_STUB)_SOURCES, PKG(_STUB)_OBJECTS, PKG_HEADERS
# and PKG_TCL_SOURCES.
#-----------------------------------------------------------------------
vars="tls.c tlsBIO.c tlsDigest.c tlsEncrypt.c tlsInfo.c tlsIO.c tlsKDF.c tlsRand.c tlsUtil.c tlsX509.c"
for i in $vars; do
case $i in
\$*)
# allow $-var names
PKG_SOURCES="$PKG_SOURCES $i"
PKG_OBJECTS="$PKG_OBJECTS $i"
;;
|
| ︙ | ︙ |
Modified configure.ac from [f02a7eeac0] to [19dfb8e8aa].
| ︙ | ︙ | |||
67 68 69 70 71 72 73 | # public headers that need to be installed in TEA_ADD_HEADERS, # stub library C source files to compile in TEA_ADD_STUB_SOURCES, # and runtime Tcl library files in TEA_ADD_TCL_SOURCES. # This defines PKG(_STUB)_SOURCES, PKG(_STUB)_OBJECTS, PKG_HEADERS # and PKG_TCL_SOURCES. #----------------------------------------------------------------------- | | | 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 | # public headers that need to be installed in TEA_ADD_HEADERS, # stub library C source files to compile in TEA_ADD_STUB_SOURCES, # and runtime Tcl library files in TEA_ADD_TCL_SOURCES. # This defines PKG(_STUB)_SOURCES, PKG(_STUB)_OBJECTS, PKG_HEADERS # and PKG_TCL_SOURCES. #----------------------------------------------------------------------- TEA_ADD_SOURCES([tls.c tlsBIO.c tlsDigest.c tlsEncrypt.c tlsInfo.c tlsIO.c tlsKDF.c tlsRand.c tlsUtil.c tlsX509.c]) TEA_ADD_HEADERS([generic/tls.h]) TEA_ADD_INCLUDES([]) TEA_ADD_LIBS([]) TEA_ADD_CFLAGS([]) TEA_ADD_STUB_SOURCES([]) TEA_ADD_TCL_SOURCES([library/tls.tcl]) |
| ︙ | ︙ |
Modified generic/tls.c from [578f1e1218] to [c0cfa2b008].
| ︙ | ︙ | |||
2616 2617 2618 2619 2620 2621 2622 |
Tcl_CreateObjCommand(interp, "tls::misc", MiscObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::unimport", UnimportObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::status", StatusObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tls_DigestCommands(interp);
Tls_EncryptCommands(interp);
Tls_InfoCommands(interp);
| | > | 2616 2617 2618 2619 2620 2621 2622 2623 2624 2625 2626 2627 2628 2629 2630 2631 |
Tcl_CreateObjCommand(interp, "tls::misc", MiscObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::unimport", UnimportObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::status", StatusObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tls_DigestCommands(interp);
Tls_EncryptCommands(interp);
Tls_InfoCommands(interp);
Tls_KDFCommands(interp);
Tls_RandCommands(interp);
if (interp) {
Tcl_Eval(interp, tlsTclInitScript);
}
return Tcl_PkgProvide(interp, PACKAGE_NAME, PACKAGE_VERSION);
}
|
| ︙ | ︙ |
Modified generic/tlsInt.h from [8236808b5c] to [44437ee129].
| ︙ | ︙ | |||
193 194 195 196 197 198 199 | void Tls_Error(State *statePtr, char *msg); void Tls_Free(char *blockPtr); void Tls_Clean(State *statePtr); int Tls_WaitForConnect(State *statePtr, int *errorCodePtr, int handshakeFailureIsPermanent); int Tls_DigestCommands(Tcl_Interp *interp); int Tls_EncryptCommands(Tcl_Interp *interp); int Tls_InfoCommands(Tcl_Interp *interp); | | > | 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 | void Tls_Error(State *statePtr, char *msg); void Tls_Free(char *blockPtr); void Tls_Clean(State *statePtr); int Tls_WaitForConnect(State *statePtr, int *errorCodePtr, int handshakeFailureIsPermanent); int Tls_DigestCommands(Tcl_Interp *interp); int Tls_EncryptCommands(Tcl_Interp *interp); int Tls_InfoCommands(Tcl_Interp *interp); int Tls_KDFCommands(Tcl_Interp *interp); int Tls_RandCommands(Tcl_Interp *interp); BIO *BIO_new_tcl(State* statePtr, int flags); EVP_CIPHER *Util_GetCipher(Tcl_Interp *interp, Tcl_Obj *cipherObj, int no_null); EVP_MD *Util_GetDigest(Tcl_Interp *interp, Tcl_Obj *digestObj, int no_null); unsigned char *Util_GetIV(Tcl_Interp *interp, Tcl_Obj *ivObj, int *len, int max, int no_null); unsigned char *Util_GetKey(Tcl_Interp *interp, Tcl_Obj *keyObj, int *len, char *name, int max, int no_null); |
| ︙ | ︙ |
Modified generic/tlsKDF.c from [2e942636f4] to [218b680c5b].
| ︙ | ︙ | |||
463 464 465 466 467 468 469 | * TCL_OK or TCL_ERROR * * Side effects: * Creates commands * *------------------------------------------------------------------- */ | | | 463 464 465 466 467 468 469 470 471 472 473 474 475 476 |
* TCL_OK or TCL_ERROR
*
* Side effects:
* Creates commands
*
*-------------------------------------------------------------------
*/
int Tls_KDFCommands(Tcl_Interp *interp) {
Tcl_CreateObjCommand(interp, "tls::hkdf", KDF_HKDF, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::pbkdf2", KDF_PBKDF2, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::scrypt", KDF_Scrypt, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
return TCL_OK;
}
|
Added generic/tlsRand.c version [f9e71c157f].
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 |
/*
* Key Derivation Function (KDF) Module
*
* Provides commands to derive keys.
*
* Copyright (C) 2023 Brian O'Hagan
*
*/
#include "tlsInt.h"
#include "tclOpts.h"
#include <openssl/rand.h>
/*******************************************************************/
/* Options for Random commands */
static const char *command_opts [] = {
"-private", NULL};
enum _command_opts {
_opt_private
};
/*
*-------------------------------------------------------------------
*
* RAND_Random --
*
* Generate random byes using a random bytes using a cryptographically
* secure pseudo random generator (CSPRNG).
*
* Returns:
* TCL_OK or TCL_ERROR
*
* Side effects:
* Sets result to the random bytes, or an error message
*
*-------------------------------------------------------------------
*/
static int RAND_Random(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) {
int out_len = 0, res;
unsigned char *out_buf;
Tcl_Obj *resultObj;
dprintf("Called");
/* Clear errors */
Tcl_ResetResult(interp);
ERR_clear_error();
/* Validate arg count */
if (objc < 2 || objc > 3) {
Tcl_WrongNumArgs(interp, 1, objv, "?-private? length");
return TCL_ERROR;
} else if (objc == 3) {
int fn;
if (Tcl_GetIndexFromObj(interp, objv[1], command_opts, "option", 0, &fn) != TCL_OK) {
return TCL_ERROR;
}
}
/* Get length */
if (Tcl_GetIntFromObj(interp, objv[objc - 1], &out_len) != TCL_OK) {
return TCL_ERROR;
}
if (out_len < 0) {
Tcl_SetObjResult(interp, Tcl_ObjPrintf("bad count \"%d\": must be integer >= 0", out_len));
return TCL_ERROR;
}
/* Allocate storage for result */
resultObj = Tcl_NewObj();
out_buf = Tcl_SetByteArrayLength(resultObj, out_len);
if (resultObj == NULL || out_buf == NULL) {
Tcl_AppendResult(interp, "Memory allocation error", (char *) NULL);
Tcl_DecrRefCount(resultObj);
return TCL_ERROR;
}
/* Get random bytes */
if (objc == 2) {
res = RAND_bytes(out_buf, out_len);
} else {
res = RAND_priv_bytes(out_buf, out_len);
}
if (!res) {
Tcl_AppendResult(interp, "Generate failed: ", REASON(), (char *) NULL);
Tcl_DecrRefCount(resultObj);
return TCL_ERROR;
}
Tcl_SetObjResult(interp, resultObj);
return TCL_OK;
clientData = clientData;
}
/*
*-------------------------------------------------------------------
*
* Tls_RandCommands --
*
* Create key commands
*
* Returns:
* TCL_OK or TCL_ERROR
*
* Side effects:
* Creates commands
*
*-------------------------------------------------------------------
*/
int Tls_RandCommands(Tcl_Interp *interp) {
Tcl_CreateObjCommand(interp, "tls::random", RAND_Random, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
return TCL_OK;
}
|
Modified win/makefile.vc from [40a127f356] to [75e334f091].
| ︙ | ︙ | |||
28 29 30 31 32 33 34 35 36 37 38 39 40 41 | PRJ_OBJS = $(TMP_DIR)\tls.obj \ $(TMP_DIR)\tlsBIO.obj \ $(TMP_DIR)\tlsDigest.obj \ $(TMP_DIR)\tlsEncrypt.obj \ $(TMP_DIR)\tlsInfo.obj \ $(TMP_DIR)\tlsIO.obj \ $(TMP_DIR)\tlsKDF.obj \ $(TMP_DIR)\tlsUtil.obj \ $(TMP_DIR)\tlsX509.obj # Define any additional project include flags # SSL_INSTALL_FOLDER = with the OpenSSL installation folder following. PRJ_INCLUDES = -I"$(SSL_INSTALL_FOLDER)\include" -I"$(OPENSSL_INSTALL_DIR)\include" | > | 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 | PRJ_OBJS = $(TMP_DIR)\tls.obj \ $(TMP_DIR)\tlsBIO.obj \ $(TMP_DIR)\tlsDigest.obj \ $(TMP_DIR)\tlsEncrypt.obj \ $(TMP_DIR)\tlsInfo.obj \ $(TMP_DIR)\tlsIO.obj \ $(TMP_DIR)\tlsKDF.obj \ $(TMP_DIR)\tlsRand.obj \ $(TMP_DIR)\tlsUtil.obj \ $(TMP_DIR)\tlsX509.obj # Define any additional project include flags # SSL_INSTALL_FOLDER = with the OpenSSL installation folder following. PRJ_INCLUDES = -I"$(SSL_INSTALL_FOLDER)\include" -I"$(OPENSSL_INSTALL_DIR)\include" |
| ︙ | ︙ |