Overview
| Comment: | Added kdfs command to list supported KDFs |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | crypto |
| Files: | files | file ages | folders |
| SHA3-256: |
baa6119ddf0ebcbcc8736770ffe97a2b |
| User & Date: | bohagan on 2023-12-23 21:23:51 |
| Other Links: | branch diff | manifest | tags |
Context
|
2023-12-24
| ||
| 00:00 | Added HKDF KDF check-in: 89db32e691 user: bohagan tags: crypto | |
|
2023-12-23
| ||
| 21:23 | Added kdfs command to list supported KDFs check-in: baa6119ddf user: bohagan tags: crypto | |
|
2023-12-21
| ||
| 20:15 | Merged in master changes check-in: 265ace08fe user: bohagan tags: crypto | |
Changes
Modified generic/tlsDigest.c from [188fdc0d84] to [10998241d5].
| ︙ | ︙ | |||
1245 1246 1247 1248 1249 1250 1251 |
}
/* Get option */
if (Tcl_GetIndexFromObj(interp, objv[idx], command_opts, "option", 0, &fn) != TCL_OK) {
return TCL_ERROR;
}
| | | 1245 1246 1247 1248 1249 1250 1251 1252 1253 1254 1255 1256 1257 1258 1259 |
}
/* Get option */
if (Tcl_GetIndexFromObj(interp, objv[idx], command_opts, "option", 0, &fn) != TCL_OK) {
return TCL_ERROR;
}
/* Validate arg has a value */
if (fn > _opt_hexadecimal) {
if (++idx >= objc) {
Tcl_AppendResult(interp, "No value for option \"", command_opts[fn], "\"", (char *) NULL);
return TCL_ERROR;
}
}
|
| ︙ | ︙ |
Modified generic/tlsEncrypt.c from [c0069dd5ac] to [5bdc760fa1].
| ︙ | ︙ | |||
1260 1261 1262 1263 1264 1265 1266 |
}
/* Get option */
if (Tcl_GetIndexFromObj(interp, objv[idx], command_opts, "option", 0, &fn) != TCL_OK) {
return TCL_ERROR;
}
| | | 1260 1261 1262 1263 1264 1265 1266 1267 1268 1269 1270 1271 1272 1273 1274 |
}
/* Get option */
if (Tcl_GetIndexFromObj(interp, objv[idx], command_opts, "option", 0, &fn) != TCL_OK) {
return TCL_ERROR;
}
/* Validate arg has a value */
if (++idx >= objc) {
Tcl_AppendResult(interp, "No value for option \"", command_opts[fn], "\"", (char *) NULL);
return TCL_ERROR;
}
switch(fn) {
case _opt_chan:
|
| ︙ | ︙ |
Modified generic/tlsInfo.c from [13359ae431] to [b61000448f].
1 2 3 4 5 6 7 8 9 10 | /* * Information Commands Module * * Provides commands that return info related to the OpenSSL config and data. * * Copyright (C) 2023 Brian O'Hagan * */ #include "tlsInt.h" | < | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | /* * Information Commands Module * * Provides commands that return info related to the OpenSSL config and data. * * Copyright (C) 2023 Brian O'Hagan * */ #include "tlsInt.h" #include <openssl/crypto.h> #include <openssl/ssl.h> #include <openssl/safestack.h> /* * Valid SSL and TLS Protocol Versions */ |
| ︙ | ︙ | |||
145 146 147 148 149 150 151 152 153 154 155 156 157 158 |
LAPPEND_BOOL(interp, listObj, "Custom IV", flags & EVP_CIPH_CUSTOM_IV);
LAPPEND_BOOL(interp, listObj, "Control Init", flags & EVP_CIPH_CTRL_INIT);
LAPPEND_BOOL(interp, listObj, "Custom Cipher", flags & EVP_CIPH_FLAG_CUSTOM_CIPHER);
LAPPEND_BOOL(interp, listObj, "AEAD Cipher", flags & EVP_CIPH_FLAG_AEAD_CIPHER);
LAPPEND_BOOL(interp, listObj, "Custom Copy", flags & EVP_CIPH_CUSTOM_COPY);
LAPPEND_BOOL(interp, listObj, "Non FIPS Allow", flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW);
LAPPEND_OBJ(interp, resultObj, "flags", listObj);
Tcl_SetObjResult(interp, resultObj);
return TCL_OK;
}
/*
*-------------------------------------------------------------------
| > > > > > > > > > > > > > > > > > > > > > > > > > > | 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 |
LAPPEND_BOOL(interp, listObj, "Custom IV", flags & EVP_CIPH_CUSTOM_IV);
LAPPEND_BOOL(interp, listObj, "Control Init", flags & EVP_CIPH_CTRL_INIT);
LAPPEND_BOOL(interp, listObj, "Custom Cipher", flags & EVP_CIPH_FLAG_CUSTOM_CIPHER);
LAPPEND_BOOL(interp, listObj, "AEAD Cipher", flags & EVP_CIPH_FLAG_AEAD_CIPHER);
LAPPEND_BOOL(interp, listObj, "Custom Copy", flags & EVP_CIPH_CUSTOM_COPY);
LAPPEND_BOOL(interp, listObj, "Non FIPS Allow", flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW);
LAPPEND_OBJ(interp, resultObj, "flags", listObj);
/* CTX only properties */
{
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
int tag_len = 0;
EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL);
if (mode == EVP_CIPH_GCM_MODE || mode == EVP_CIPH_OCB_MODE) {
tag_len = EVP_GCM_TLS_TAG_LEN; /* EVP_MAX_AEAD_TAG_LENGTH */
} else if (mode == EVP_CIPH_CCM_MODE) {
tag_len = EVP_CCM_TLS_TAG_LEN;
} else if (cipher == EVP_get_cipherbyname("chacha20-poly1305")) {
tag_len = EVP_CHACHAPOLY_TLS_TAG_LEN; /* POLY1305_BLOCK_SIZE */
}
EVP_CIPHER_CTX_free(ctx);
LAPPEND_INT(interp, resultObj, "tag_length", tag_len);
}
/* AEAD properties */
{
int aad_len = 0;
if (flags & EVP_CIPH_FLAG_AEAD_CIPHER) {
aad_len = EVP_AEAD_TLS1_AAD_LEN;
}
LAPPEND_INT(interp, resultObj, "aad_length", aad_len);
}
Tcl_SetObjResult(interp, resultObj);
return TCL_OK;
}
/*
*-------------------------------------------------------------------
|
| ︙ | ︙ | |||
530 531 532 533 534 535 536 537 538 539 540 541 542 543 | } /*******************************************************************/ /* *------------------------------------------------------------------- * * MacInfo -- * * Return a list of properties and values for macName. * * Results: * A standard Tcl list. * | > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 |
}
/*******************************************************************/
/*
*-------------------------------------------------------------------
*
* KdfList --
*
* Return a list of all KDF algorithms
*
* Results:
* A standard Tcl list.
*
* Side effects:
* None.
*
*-------------------------------------------------------------------
*/
int KdfList(Tcl_Interp *interp, char *select_name) {
Tcl_Obj *resultObj = Tcl_NewListObj(0, NULL);
if (resultObj == NULL) {
return TCL_ERROR;
}
Tcl_ListObjAppendElement(interp, resultObj, Tcl_NewStringObj("hkdf", -1));
Tcl_ListObjAppendElement(interp, resultObj, Tcl_NewStringObj("pbkdf2", -1));
Tcl_ListObjAppendElement(interp, resultObj, Tcl_NewStringObj("scrypt", -1));
Tcl_SetObjResult(interp, resultObj);
return TCL_OK;
}
/*
*-------------------------------------------------------------------
*
* KdfsObjCmd --
*
* Return a list of all valid Key Derivation Function (KDF).
*
* Results:
* A standard Tcl list.
*
* Side effects:
* None.
*
*-------------------------------------------------------------------
*/
int KdfsObjCmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) {
dprintf("Called");
/* Clear errors */
Tcl_ResetResult(interp);
ERR_clear_error();
/* Validate arg count */
if (objc == 1) {
return KdfList(interp, NULL);
} else if (objc == 2) {
} else {
Tcl_WrongNumArgs(interp, 1, objv, "?name?");
return TCL_ERROR;
}
return TCL_OK;
clientData = clientData;
}
/*******************************************************************/
/*
*-------------------------------------------------------------------
*
* MacInfo --
*
* Return a list of properties and values for macName.
*
* Results:
* A standard Tcl list.
*
|
| ︙ | ︙ | |||
878 879 880 881 882 883 884 885 886 887 888 889 890 891 |
OpenSSL_add_all_digests();
OpenSSL_add_all_algorithms();
#endif
Tcl_CreateObjCommand(interp, "tls::cipher", CipherObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::ciphers", CiphersObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::digests", DigestsObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::macs", MacsObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::pkeys", PkeysObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::protocols", ProtocolsObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::version", VersionObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
return TCL_OK;
}
| > | 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 |
OpenSSL_add_all_digests();
OpenSSL_add_all_algorithms();
#endif
Tcl_CreateObjCommand(interp, "tls::cipher", CipherObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::ciphers", CiphersObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::digests", DigestsObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::kdfs", KdfsObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::macs", MacsObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::pkeys", PkeysObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::protocols", ProtocolsObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "tls::version", VersionObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL);
return TCL_OK;
}
|