Check-in [0a899f2c18]
EuroTcl/OpenACS 11 - 12 JULY 2024, VIENNA
Overview
Comment:Updated digests command to filter out RSA digests since only used for signature algorithms.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | crypto
Files: files | file ages | folders
SHA3-256: 0a899f2c187f23478c5d9aa93578dba09433d76a3d717b4ff0f5b4da13be6820
User & Date: bohagan on 2023-10-14 23:16:25
Other Links: branch diff | manifest | tags
Context
2023-10-15
21:31
Added parse flag option macro check-in: d986eba4cc user: bohagan tags: crypto
2023-10-14
23:16
Updated digests command to filter out RSA digests since only used for signature algorithms. check-in: 0a899f2c18 user: bohagan tags: crypto
23:02
Updated test suite to add digest command check-in: 5f6b36170e user: bohagan tags: crypto
Changes

Modified generic/tls.c from [e558c674d7] to [5aecfbd855].

1064
1065
1066
1067
1068
1069
1070


1071

1072
1073
1074
1075
1076
1077
1078
 *	None.
 *
 *-------------------------------------------------------------------
 */
void ListCallback(const OBJ_NAME *obj, void *arg) {
    Tcl_Obj *objPtr = (Tcl_Obj *) arg;
    if (1 || !obj->alias) {


	Tcl_ListObjAppendElement(NULL, objPtr, Tcl_NewStringObj(obj->name,-1));

    }
}

int
DigestListCmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) {
    Tcl_Obj *objPtr = Tcl_NewListObj(0, NULL);








>
>
|
>







1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
 *	None.
 *
 *-------------------------------------------------------------------
 */
void ListCallback(const OBJ_NAME *obj, void *arg) {
    Tcl_Obj *objPtr = (Tcl_Obj *) arg;
    if (1 || !obj->alias) {
	/* Filter out signed digests (a.k.a signature algorithms) */
	if (strstr(obj->name, "rsa") == NULL && strstr(obj->name, "RSA") == NULL) {
	    Tcl_ListObjAppendElement(NULL, objPtr, Tcl_NewStringObj(obj->name,-1));
	}
    }
}

int
DigestListCmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) {
    Tcl_Obj *objPtr = Tcl_NewListObj(0, NULL);

Modified tests/ciphers.csv from [8c0c3374a7] to [ed55bdfb63].

11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
command,"::tcltest::testConstraint OpenSSL [string match ""OpenSSL*"" [::tls::version]]",,,,,,,,,
,,,,,,,,,,
command,# Helper functions,,,,,,,,,
command,"proc lcompare {list1 list2} {set m """";set u """";foreach i $list1 {if {$i ni $list2} {lappend m $i}};foreach i $list2 {if {$i ni $list1} {lappend u $i}};return [list ""missing"" $m ""unexpected"" $u]}",,,,,,,,,
command,proc exec_get {delim args} {return [split [exec openssl {*}$args] $delim]},,,,,,,,,
command,"proc exec_get_ciphers {} {set list [list];set data [exec openssl ciphers ALL];foreach cipher [split $data "":""] {lappend list [string tolower $cipher]};return [lsort $list]}",,,,,,,,,
command,"proc exec_get_digests {} {set list [list];set data [exec openssl dgst -list];foreach line [split $data ""\n""] {foreach digest $line {if {[string match ""-*"" $digest]} {lappend list [string trimleft $digest ""-""]}}};return [lsort $list]}",,,,,,,,,
command,"proc no_rsa {digests} {set list [list];foreach digest $digests {if {![string match -nocase ""*RSA*"" $digest]} {lappend list $digest}};return [lsort $list]}",,,,,,,,,
,,,,,,,,,,
command,# Test list ciphers,,,,,,,,,
CiphersAll,,,,lcompare [lsort [exec_get_ciphers]] [lsort [::tls::ciphers]],,,missing {} unexpected {},,,
,,,,,,,,,,
command,# Test list ciphers for protocols,,,,,,,,,
CiphersProtocols,SSL2,ssl2,,"lcompare [exec_get "":"" ciphers -ssl2] [::tls::ciphers ssl2]",,,missing {} unexpected {},,,
CiphersProtocols,SSL3,ssl3,,"lcompare [exec_get "":"" ciphers -ssl3] [::tls::ciphers ssl3]",,,missing {} unexpected {},,,







<







11
12
13
14
15
16
17

18
19
20
21
22
23
24
command,"::tcltest::testConstraint OpenSSL [string match ""OpenSSL*"" [::tls::version]]",,,,,,,,,
,,,,,,,,,,
command,# Helper functions,,,,,,,,,
command,"proc lcompare {list1 list2} {set m """";set u """";foreach i $list1 {if {$i ni $list2} {lappend m $i}};foreach i $list2 {if {$i ni $list1} {lappend u $i}};return [list ""missing"" $m ""unexpected"" $u]}",,,,,,,,,
command,proc exec_get {delim args} {return [split [exec openssl {*}$args] $delim]},,,,,,,,,
command,"proc exec_get_ciphers {} {set list [list];set data [exec openssl ciphers ALL];foreach cipher [split $data "":""] {lappend list [string tolower $cipher]};return [lsort $list]}",,,,,,,,,
command,"proc exec_get_digests {} {set list [list];set data [exec openssl dgst -list];foreach line [split $data ""\n""] {foreach digest $line {if {[string match ""-*"" $digest]} {lappend list [string trimleft $digest ""-""]}}};return [lsort $list]}",,,,,,,,,

,,,,,,,,,,
command,# Test list ciphers,,,,,,,,,
CiphersAll,,,,lcompare [lsort [exec_get_ciphers]] [lsort [::tls::ciphers]],,,missing {} unexpected {},,,
,,,,,,,,,,
command,# Test list ciphers for protocols,,,,,,,,,
CiphersProtocols,SSL2,ssl2,,"lcompare [exec_get "":"" ciphers -ssl2] [::tls::ciphers ssl2]",,,missing {} unexpected {},,,
CiphersProtocols,SSL3,ssl3,,"lcompare [exec_get "":"" ciphers -ssl3] [::tls::ciphers ssl3]",,,missing {} unexpected {},,,
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
CiphersSpecific,TLS1.3,tls1.3,,"lcompare [exec_get "":"" ciphers -tls1_3 -s] [::tls::ciphers tls1.3 0 1]",,,missing {} unexpected {},,,
,,,,,,,,,,
command,# Test version,,,,,,,,,
Version,All,,,::tls::version,,glob,*,,,
Version,OpenSSL,OpenSSL,,::tls::version,,glob,OpenSSL*,,,
,,,,,,,,,,
command,# Test list digests,,,,,,,,,
Digest List,Digest List,,,lcompare [exec_get_digests] [no-rsa [tls::digests]],,,missing {} unexpected {},,,
,,,,,,,,,,
command,# Test Digests,,,,,,,,,
Digest,md4 opt,,,"tls::md4 ""Example string for message digest tests.""",,,181CDCF9DB9B6FA8FC0A3BF9C34E29D9,,,
Digest,md5 opt,,,"tls::md5 ""Example string for message digest tests.""",,,CCB1BE2E11D8183E843FF73DA8C6D206,,,
Digest,sha1 opt,,,"tls::sha1 ""Example string for message digest tests.""",,,3AEFE840CA492C387E903F15ED6019E7AD833B47,,,
Digest,sha256 opt,,,"tls::sha256 ""Example string for message digest tests.""",,,B7DFDDEB0314A74FF56A8AC1E3DC57DF09BB52A96DA50F6549EB62CA61A0A491,,,
Digest,md4,,,"tls::digest md4 ""Example string for message digest tests.""",,,181CDCF9DB9B6FA8FC0A3BF9C34E29D9,,,
Digest,md5,,,"tls::digest md5 ""Example string for message digest tests.""",,,CCB1BE2E11D8183E843FF73DA8C6D206,,,
Digest,sha1,,,"tls::digest sha1 ""Example string for message digest tests.""",,,3AEFE840CA492C387E903F15ED6019E7AD833B47,,,
Digest,sha256,,,"tls::digest sha256 ""Example string for message digest tests.""",,,B7DFDDEB0314A74FF56A8AC1E3DC57DF09BB52A96DA50F6549EB62CA61A0A491,,,
,,,,,,,,,,
command,# Test protocols,,,,,,,,,
Protocols,All,,,lcompare $protocols [::tls::protocols],,,missing {ssl2 ssl3} unexpected {},,,







|













44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
CiphersSpecific,TLS1.3,tls1.3,,"lcompare [exec_get "":"" ciphers -tls1_3 -s] [::tls::ciphers tls1.3 0 1]",,,missing {} unexpected {},,,
,,,,,,,,,,
command,# Test version,,,,,,,,,
Version,All,,,::tls::version,,glob,*,,,
Version,OpenSSL,OpenSSL,,::tls::version,,glob,OpenSSL*,,,
,,,,,,,,,,
command,# Test list digests,,,,,,,,,
Digest List,Digest List,,,lcompare [lsort [exec_get_digests]] [lsort [tls::digests]],,,missing {} unexpected {},,,
,,,,,,,,,,
command,# Test Digests,,,,,,,,,
Digest,md4 opt,,,"tls::md4 ""Example string for message digest tests.""",,,181CDCF9DB9B6FA8FC0A3BF9C34E29D9,,,
Digest,md5 opt,,,"tls::md5 ""Example string for message digest tests.""",,,CCB1BE2E11D8183E843FF73DA8C6D206,,,
Digest,sha1 opt,,,"tls::sha1 ""Example string for message digest tests.""",,,3AEFE840CA492C387E903F15ED6019E7AD833B47,,,
Digest,sha256 opt,,,"tls::sha256 ""Example string for message digest tests.""",,,B7DFDDEB0314A74FF56A8AC1E3DC57DF09BB52A96DA50F6549EB62CA61A0A491,,,
Digest,md4,,,"tls::digest md4 ""Example string for message digest tests.""",,,181CDCF9DB9B6FA8FC0A3BF9C34E29D9,,,
Digest,md5,,,"tls::digest md5 ""Example string for message digest tests.""",,,CCB1BE2E11D8183E843FF73DA8C6D206,,,
Digest,sha1,,,"tls::digest sha1 ""Example string for message digest tests.""",,,3AEFE840CA492C387E903F15ED6019E7AD833B47,,,
Digest,sha256,,,"tls::digest sha256 ""Example string for message digest tests.""",,,B7DFDDEB0314A74FF56A8AC1E3DC57DF09BB52A96DA50F6549EB62CA61A0A491,,,
,,,,,,,,,,
command,# Test protocols,,,,,,,,,
Protocols,All,,,lcompare $protocols [::tls::protocols],,,missing {ssl2 ssl3} unexpected {},,,

Modified tests/ciphers.test from [c92518c18a] to [1825bf394f].

19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
foreach protocol [::tls::protocols] {::tcltest::testConstraint $protocol 1}
::tcltest::testConstraint OpenSSL [string match "OpenSSL*" [::tls::version]]
# Helper functions
proc lcompare {list1 list2} {set m "";set u "";foreach i $list1 {if {$i ni $list2} {lappend m $i}};foreach i $list2 {if {$i ni $list1} {lappend u $i}};return [list "missing" $m "unexpected" $u]}
proc exec_get {delim args} {return [split [exec openssl {*}$args] $delim]}
proc exec_get_ciphers {} {set list [list];set data [exec openssl ciphers ALL];foreach cipher [split $data ":"] {lappend list [string tolower $cipher]};return [lsort $list]}
proc exec_get_digests {} {set list [list];set data [exec openssl dgst -list];foreach line [split $data "\n"] {foreach digest $line {if {[string match "-*" $digest]} {lappend list [string trimleft $digest "-"]}}};return [lsort $list]}
proc no_rsa {digests} {set list [list];foreach digest $digests {if {![string match -nocase "*RSA*" $digest]} {lappend list $digest}};return [lsort $list]}
# Test list ciphers


test CiphersAll-1.1 {} -body {
	lcompare [lsort [exec_get_ciphers]] [lsort [::tls::ciphers]]
    } -result {missing {} unexpected {}}
# Test list ciphers for protocols







<







19
20
21
22
23
24
25

26
27
28
29
30
31
32
foreach protocol [::tls::protocols] {::tcltest::testConstraint $protocol 1}
::tcltest::testConstraint OpenSSL [string match "OpenSSL*" [::tls::version]]
# Helper functions
proc lcompare {list1 list2} {set m "";set u "";foreach i $list1 {if {$i ni $list2} {lappend m $i}};foreach i $list2 {if {$i ni $list1} {lappend u $i}};return [list "missing" $m "unexpected" $u]}
proc exec_get {delim args} {return [split [exec openssl {*}$args] $delim]}
proc exec_get_ciphers {} {set list [list];set data [exec openssl ciphers ALL];foreach cipher [split $data ":"] {lappend list [string tolower $cipher]};return [lsort $list]}
proc exec_get_digests {} {set list [list];set data [exec openssl dgst -list];foreach line [split $data "\n"] {foreach digest $line {if {[string match "-*" $digest]} {lappend list [string trimleft $digest "-"]}}};return [lsort $list]}

# Test list ciphers


test CiphersAll-1.1 {} -body {
	lcompare [lsort [exec_get_ciphers]] [lsort [::tls::ciphers]]
    } -result {missing {} unexpected {}}
# Test list ciphers for protocols
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
test Version-5.2 {OpenSSL} -constraints {OpenSSL} -body {
	::tls::version
    } -match {glob} -result {OpenSSL*}
# Test list digests


test Digest_List-6.1 {Digest List} -body {
	lcompare [exec_get_digests] [no-rsa [tls::digests]]
    } -result {missing {} unexpected {}}
# Test Digests


test Digest-7.1 {md4 opt} -body {
	tls::md4 "Example string for message digest tests."
    } -result {181CDCF9DB9B6FA8FC0A3BF9C34E29D9}







|







117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
test Version-5.2 {OpenSSL} -constraints {OpenSSL} -body {
	::tls::version
    } -match {glob} -result {OpenSSL*}
# Test list digests


test Digest_List-6.1 {Digest List} -body {
	lcompare [lsort [exec_get_digests]] [lsort [tls::digests]]
    } -result {missing {} unexpected {}}
# Test Digests


test Digest-7.1 {md4 opt} -body {
	tls::md4 "Example string for message digest tests."
    } -result {181CDCF9DB9B6FA8FC0A3BF9C34E29D9}