Overview
Comment: | Added hash command to calculate hash using any OpenSSL digest. Added convenience commands for md4, md5, sha1, and sha-256 digests. |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | crypto |
Files: | files | file ages | folders |
SHA3-256: |
cafd2dc6baa937b2ce1e4470a217cbf8 |
User & Date: | bohagan on 2023-10-10 02:43:26 |
Other Links: | branch diff | manifest | tags |
Context
2023-10-10
| ||
04:10 | Added hashes command to list OpenSSL supported hash digests. check-in: 78cf378796 user: bohagan tags: crypto | |
02:43 | Added hash command to calculate hash using any OpenSSL digest. Added convenience commands for md4, md5, sha1, and sha-256 digests. check-in: cafd2dc6ba user: bohagan tags: crypto | |
00:06 | Created cryptography branch check-in: 0cd384c2ff user: bohagan tags: crypto | |
Changes
Modified doc/tls.html
from [9494c1c42e]
to [82151ac090].
︙ | ︙ | |||
27 28 29 30 31 32 33 | <dd><b>tls::socket</b> <em> ?-server command? ?options? port</em></dd> <dd><b>tls::handshake</b> <em> channel</em></dd> <dd><b>tls::status </b> <em>?-local? channel</em></dd> <dd><b>tls::connection </b> <em>channel</em></dd> <dd><b>tls::import</b> <em>channel ?options?</em></dd> <dd><b>tls::unimport</b> <em>channel</em></dd> <dt> </dt> | | > > > > > > | | | > > > > > > | 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 | <dd><b>tls::socket</b> <em> ?-server command? ?options? port</em></dd> <dd><b>tls::handshake</b> <em> channel</em></dd> <dd><b>tls::status </b> <em>?-local? channel</em></dd> <dd><b>tls::connection </b> <em>channel</em></dd> <dd><b>tls::import</b> <em>channel ?options?</em></dd> <dd><b>tls::unimport</b> <em>channel</em></dd> <dt> </dt> <dd><b>tls::ciphers</b> <em>protocol ?verbose? ?supported?</em></dd> <dd><b>tls::protocols</b></dd> <dd><b>tls::version</b></dd> <dt> </dt> <dd><b>tls::hash</b> <em>type data</em></dd> <dd><b>tls::md4</b> <em>data</em></dd> <dd><b>tls::md5</b> <em>data</em></dd> <dd><b>tls::sha1</b> <em>data</em></dd> <dd><b>tls::sha256</b> <em>data</em></dd> </dl> </dd> <dd><a href="#COMMANDS">COMMANDS</a></dd> <dd><a href="#CALLBACK OPTIONS">CALLBACK OPTIONS</a></dd> <dd><a href="#HTTPS EXAMPLE">HTTPS EXAMPLE</a></dd> <dd><a href="#SEE ALSO">SPECIAL CONSIDERATIONS</a></dd> <dd><a href="#SEE ALSO">SEE ALSO</a></dd> </dl> <hr> <h3><a name="NAME">NAME</a></h3> <p><strong>tls</strong> - binding to <strong>OpenSSL</strong> toolkit.</p> <h3><a name="SYNOPSIS">SYNOPSIS</a></h3> <p><b>package require Tcl 8.5</b><br> <b>package require tls</b><br> <br> <a href="#tls::init"><b>tls::init</b> <i>?options?</i></a><br> <a href="#tls::socket"><b>tls::socket</b> <i>?options? host port</i><br> <a href="#tls::socket"><b>tls::socket</b> <i>?-server command? ?options? port</i></a><br> <a href="#tls::status"><b>tls::status</b> <i>?-local? channel</i></a><br> <a href="#tls::connection"><b>tls::connection</b> <i>channel</i></a><br> <a href="#tls::handshake"><b>tls::handshake</b> <i>channel</i></a><br> <a href="#tls::import"><b>tls::import</b> <i>channel ?options?</i></a><br> <a href="#tls::unimport"><b>tls::unimport</b> <i>channel</i></a><br> <br> <a href="#tls::ciphers"><b>tls::ciphers</b> <i>protocol ?verbose? ?supported?</i></a><br> <a href="#tls::protocols"><b>tls::protocols</b></a><br> <a href="#tls::version"><b>tls::version</b></a><br> <br> <a href="#tls::hash"><b>tls::hash</b> <i>type data</i></a><br> <a href="#tls::md4"><b>tls::md4</b> <i>data</i></a><br> <a href="#tls::md5"><b>tls::md5</b> <i>data</i></a><br> <a href="#tls::sha1"><b>tls::sha1</b> <i>data</i></a><br> <a href="#tls::sha256"><b>tls::sha256</b> <i>data</i></a><br> </p> <h3><a name="DESCRIPTION">DESCRIPTION</a></h3> <p>This extension provides a generic binding to <a href="http://www.openssl.org/">OpenSSL</a>, utilizing the <strong>Tcl_StackChannel</strong> |
︙ | ︙ | |||
428 429 430 431 432 433 434 435 436 437 438 439 440 441 | <dd>Returns a list of supported protocols. Valid values are: <b>ssl2</b>, <b>ssl3</b>, <b>tls1</b>, <b>tls1.1</b>, <b>tls1.2</b>, and <b>tls1.3</b>. Exact list depends on OpenSSL version and compile time flags.</dd> <dt><a name="tls::version"><strong>tls::version</strong></a></dt> <dd>Returns the OpenSSL version string.</dd> </dl> <h3><a name="CALLBACK OPTIONS">CALLBACK OPTIONS</a></h3> <p> As indicated above, individual channels can be given their own callbacks to handle intermediate processing by the OpenSSL library, using the | > > > > > > > > > > > > > > > > > > > > > | 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 | <dd>Returns a list of supported protocols. Valid values are: <b>ssl2</b>, <b>ssl3</b>, <b>tls1</b>, <b>tls1.1</b>, <b>tls1.2</b>, and <b>tls1.3</b>. Exact list depends on OpenSSL version and compile time flags.</dd> <dt><a name="tls::version"><strong>tls::version</strong></a></dt> <dd>Returns the OpenSSL version string.</dd> <br> <dt><a name="tls::hash"><strong>tls::hash</strong> <em>type data</em></a></dt> <dd>Calculate the hash for <em>data</em> using <em>type</em> digest. Returns value as a hex string. Type cam be any OpenSSL supported hash digest including: <b>md4</b>, <b>md5</b>, <b>sha1</b>, sha2 (<b>sha224</b>, <b>sha256</b>, <b>sha384</b>, <b>sha512</b>, <b>sha512-224</b>, and <b>sha512-256</b>), sha3 (<b>sha3-224</b>, <b>sha3-256</b>, <b>sha3-384</b>, and <b>sha3-512</b>), etc.</dd> <dt><a name="tls::md4"><strong>tls::md4</strong> <em>data</em></a></dt> <dd>Calculate the hash for <em>data</em> using the MD4 message-digest algorithm.</dd> <dt><a name="tls::md5"><strong>tls::md5</strong> <em>data</em></a></dt> <dd>Calculate the hash for <em>data</em> using the MD5 message-digest algorithm.</dd> <dt><a name="tls::sha1"><strong>tls::sha1</strong> <em>data</em></a></dt> <dd>Calculate the hash for <em>data</em> using the SHA-1 secure hash algorithm.</dd> <dt><a name="tls::sha256"><strong>tls::sha256</strong> <em>data</em></a></dt> <dd>Calculate the hash for <em>data</em> using the SHA-2 SHA-256 secure hash algorithm.</dd> </dl> <h3><a name="CALLBACK OPTIONS">CALLBACK OPTIONS</a></h3> <p> As indicated above, individual channels can be given their own callbacks to handle intermediate processing by the OpenSSL library, using the |
︙ | ︙ |
Modified generic/tls.c
from [a4b3c334bf]
to [30dc12770e].
︙ | ︙ | |||
924 925 926 927 928 929 930 931 932 933 934 935 936 937 | /********************/ /* Commands */ /********************/ /* *------------------------------------------------------------------- * * CiphersObjCmd -- list available ciphers * * This procedure is invoked to process the "tls::ciphers" command * to list available ciphers, based upon protocol selected. * * Results: * A standard Tcl result list. | > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 | /********************/ /* Commands */ /********************/ /* *------------------------------------------------------------------- * * Hash Calc -- return hash hex string for message digest * * Results: * A standard Tcl result. * * Side effects: * None. * *------------------------------------------------------------------- */ int HashCalc(Tcl_Interp *interp, int objc, Tcl_Obj *const objv[], const EVP_MD *type) { char *data; int len; unsigned int mdlen; unsigned char mdbuf[EVP_MAX_MD_SIZE]; unsigned char hashbuf[EVP_MAX_MD_SIZE*2+1]; const char *hex = "0123456789ABCDEF"; if (objc != 2) { Tcl_WrongNumArgs(interp, 1, objv, "data"); return TCL_ERROR; } data = Tcl_GetByteArrayFromObj(objv[1], &len); if (data == NULL) { return TCL_ERROR; } /* Calc hash, convert to hex string, and write to result */ if (EVP_Digest(data, (size_t) len, mdbuf, &mdlen, type, NULL)) { unsigned char *mptr = mdbuf; unsigned char *hptr = &hashbuf[0]; for (unsigned int i = 0; i < mdlen; i++) { *hptr++ = hex[(*mptr>>4)&0xF]; *hptr++ = hex[(*mptr++)&0xF]; } *hptr = 0; Tcl_SetObjResult(interp, Tcl_NewStringObj(hashbuf, mdlen*2)); } else { Tcl_SetResult(interp, "Hash calculation error", NULL); return TCL_ERROR; } return TCL_OK; } /* *------------------------------------------------------------------- * * Hash Commands -- Return hash hex string for message digest * * Results: * A standard Tcl result. * * Side effects: * None. * *------------------------------------------------------------------- */ HashCmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) { int len; const char *name; const EVP_MD *type; if (objc != 3) { Tcl_WrongNumArgs(interp, 1, objv, "type data"); return TCL_ERROR; } name = Tcl_GetStringFromObj(objv[1],&len); if (name == NULL || (type = EVP_get_digestbyname(name)) == NULL) { Tcl_AppendResult(interp, "Invalid digest type \"", name, "\"", NULL); return TCL_ERROR; } objc--; objv++; return HashCalc(interp, objc, objv, type); } /* * Command to Calculate MD4 Hash */ int HashMD4Cmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) { return HashCalc(interp, objc, objv, EVP_md4()); } /* * Command to Calculate MD5 Hash */ int HashMD5Cmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) { return HashCalc(interp, objc, objv, EVP_md5()); } /* * Command to Calculate SHA-1 Hash */ int HashSHA1Cmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) { return HashCalc(interp, objc, objv, EVP_sha1()); } /* * Command to Calculate SHA-256 Hash */ int HashSHA256Cmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) { return HashCalc(interp, objc, objv, EVP_sha256()); } /* *------------------------------------------------------------------- * * CiphersObjCmd -- list available ciphers * * This procedure is invoked to process the "tls::ciphers" command * to list available ciphers, based upon protocol selected. * * Results: * A standard Tcl result list. |
︙ | ︙ | |||
2780 2781 2782 2783 2784 2785 2786 2787 2788 2789 2790 2791 2792 2793 | Tcl_CreateObjCommand(interp, "tls::import", ImportObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::unimport", UnimportObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::status", StatusObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::version", VersionObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::misc", MiscObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::protocols", ProtocolsObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); if (interp) { Tcl_Eval(interp, tlsTclInitScript); } return Tcl_PkgProvide(interp, PACKAGE_NAME, PACKAGE_VERSION); } | > > > > > > | 2895 2896 2897 2898 2899 2900 2901 2902 2903 2904 2905 2906 2907 2908 2909 2910 2911 2912 2913 2914 | Tcl_CreateObjCommand(interp, "tls::import", ImportObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::unimport", UnimportObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::status", StatusObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::version", VersionObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::misc", MiscObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::protocols", ProtocolsObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::hash", HashCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::md4", HashMD4Cmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::md5", HashMD5Cmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::sha1", HashSHA1Cmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::sha256", HashSHA256Cmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); if (interp) { Tcl_Eval(interp, tlsTclInitScript); } return Tcl_PkgProvide(interp, PACKAGE_NAME, PACKAGE_VERSION); } |
︙ | ︙ |