Timeline
EuroTcl/OpenACS 11 - 12 JULY 2024, VIENNA

146 check-ins using file tests/tlsIO.test version 9780f0c9a5

2023-12-19
05:53
Added test vectors files for hash functions. Added test files and make script to generate TCL test cases from test vector files. These files come from NIST, IETC, etc. documents, examples, etc. check-in: 25db067636 user: bohagan tags: crypto
2023-12-16
04:56
Changed options processing from using string compares in macros to using Tcl_GetIndexFromObj and switch. check-in: c7540ccbf1 user: bohagan tags: crypto
2023-12-11
05:24
Added KDF module to derive keys and ivs from passwords and salts. Added -hash option as alias for -digest. check-in: d4c2159faf user: bohagan tags: crypto
2023-12-10
05:55
Refactored tlsInfo.c file to clear errors, use Obj in var names, and pass name as object instead of string. Split cipher command from its info function. check-in: d7ab5a4ae1 user: bohagan tags: crypto
2023-12-08
03:03
Digest optimizations to delay conversion to OpenSSL types to initialization procedure. Add MAC info and incomplete Pkey info functions. check-in: d93493f320 user: bohagan tags: crypto
2023-12-04
03:56
Split list operations into separate functions to make it easier for OpenSSL 3.0 changes. Added pkey list function. Added mac info and pkey info placeholder functions. More checks for NULL pointers. Moved legacy load ciphers and digest to init routine. check-in: 9e6e94200c user: bohagan tags: crypto
00:30
Improved key and iv storage to use zero padded buffer to ensure no buffer overrun in OpenSSL API if string pointer is used. Added cipher default option for encrypt and decrypt. Pass data as last arg without -data option. check-in: 191f8b29bc user: bohagan tags: crypto
2023-12-03
05:44
Updated documentation for encrypt and decrypt commands check-in: 193afd38ea user: bohagan tags: crypto
04:52
Added test suite for encrypt and decrypt commands check-in: 2922a56dc5 user: bohagan tags: crypto
02:24
Added function to encrypt and decrypt using I/O channel check-in: c3fb3a49db user: bohagan tags: crypto
2023-12-02
21:51
Added function to encrypt and decrypt using object command check-in: ae795d4c23 user: bohagan tags: crypto
20:24
Added function to encrypt and decrypt a file check-in: db4e2fff2d user: bohagan tags: crypto
17:58
Modularized encrypt and decrypt functions check-in: 85d30feee0 user: bohagan tags: crypto
04:25
Added function to encrypt and decrypt data check-in: b395f93924 user: bohagan tags: crypto
2023-11-27
02:39
Code Cleanup to use switch statements check-in: 24e26c8844 user: bohagan tags: crypto
2023-11-26
02:15
Split doc file into TLS and cryptography files. Moved digest functions to cryptography.html doc file. Added schema file from TCL man pages. Updated TLS doc file. check-in: b5b7a4964e user: bohagan tags: crypto
2023-11-25
05:23
Split get digest, cipher, key, and mac ids into separate functions. Simplified DigestMain to pass Tcl objects to get functions. Pass mac id to functions. check-in: 0aae4d5b6f user: bohagan tags: crypto
2023-11-23
04:17
Added more test cases to check for errors, test mac command, etc. check-in: 4ba41f1db2 user: bohagan tags: crypto
03:26
Added early version of mac command. Added back ability to provide data as last arg without -data option. check-in: 917a43a776 user: bohagan tags: crypto
02:52
Added more message digest test cases from RFC 6234 and info command error test cases check-in: c6b0a3cd11 user: bohagan tags: crypto
2023-11-21
23:23
Set default option name for first argument to md and mac commands if not specified by user. Return error message when no channel, command, data, or file arg is specified. check-in: c7a5a6f8fa user: bohagan tags: crypto
23:00
Added write to channel for digest transform test cases check-in: 3a6a1f7d03 user: bohagan tags: crypto
22:03
Renamed digest command to md. Updated function names to use Digest prefix. check-in: 4134be17b3 user: bohagan tags: crypto
03:44
Add digest and MAC use of EVP_DigestFinalXOF for XOF hash functions. Renamed security level option from -securitylevel to -security_level. Added more description info to digest and hash documentation. Added examples for tls::digest command to documentation. check-in: c5c9b26ac8 user: bohagan tags: crypto
2023-11-20
19:07
Added CMAC test cases check-in: adfb4a0349 user: bohagan tags: crypto
2023-11-19
23:20
Added test cases for get cipher and digest info commands check-in: 5a64d9be3f user: bohagan tags: crypto
02:55
Added get cipher info command to return properties of a cipher check-in: 35832d0765 user: bohagan tags: crypto
2023-11-18
18:55
Added get digest info command to return properties of a digest check-in: e47bd35656 user: bohagan tags: crypto
06:58
Updated documentation for digest, cmac, and hmac command changes. check-in: 220a9947b7 user: bohagan tags: crypto
06:26
Updated test cases for new command syntax and added more tests cases check-in: eb618c73d8 user: bohagan tags: crypto
05:59
Optimized DigestInputProc to use common digest functions. Fixed write to channel digest transform. Updated comments check-in: 3120c0a647 user: bohagan tags: crypto
2023-11-17
21:46
Optimized calc digest for data blob to use same functions as other cases. check-in: d5db8e7da5 user: bohagan tags: crypto
18:31
Changed digest command to make digest into a variable argument check-in: 6f3bac05a8 user: bohagan tags: crypto
2023-11-14
03:53
Split ciphers test file into digest and info test files. Added common.tcl file for common test constraints. Updated HMAC and CMAC test cases Added RFC 4231 HMAC example test cases. check-in: b186ba1b7d user: bohagan tags: crypto
00:53
Updated error messages and optimized when to add error message to result. check-in: 2b4e85a3eb user: bohagan tags: crypto
2023-11-13
03:14
Changed hex output to use lowercase letters check-in: aef7825f91 user: bohagan tags: crypto
02:26
Corrected test cases check-in: 1d173cfaca user: bohagan tags: crypto
2023-11-12
05:23
Added cmac and hmac commands to documentation check-in: fc183cdaa1 user: bohagan tags: crypto
2023-11-10
22:23
Added cmac and hmac convenience commands check-in: 992cc75b71 user: bohagan tags: crypto
20:09
Added Cipher MAC (CMAC) support check-in: 49f76ba54c user: bohagan tags: crypto
2023-11-08
03:09
Updated test cases check-in: 9b69dccaca user: bohagan tags: crypto
2023-11-07
23:40
Optimized info commands and added more error checking. Use modern set protocol versions API for ciphers list. check-in: e88816cf57 user: bohagan tags: crypto
2023-11-06
23:46
Added more comments and removed obsolete code check-in: 5a0296430f user: bohagan tags: crypto
04:52
Added an option to the digest command to allow the user to create a new command, use it to add data to a hash, and to get the final message digest. Refactored code to move common digest init, update, and finalize operations into common functions. check-in: 0c59081d81 user: bohagan tags: crypto
2023-11-05
21:46
Track EOF for channels so get message digest is only performed once. Added more info to function documentation and comments check-in: 019f6eb9aa user: bohagan tags: crypto
2023-11-04
03:14
Added sha512 convenience command check-in: 72569af7c5 user: bohagan tags: crypto
02:08
Added key support to digest channel check-in: b536b956a8 user: bohagan tags: crypto
2023-11-03
22:25
Added command to list available Message Authentication Codes (MAC) check-in: 4bc6ba68a7 user: bohagan tags: crypto
22:03
Moved info commands to tlsInfo.c file. Moved REASON macro definition to tlsInt.h file so all files can use. check-in: 61a7c2c15a user: bohagan tags: crypto
2023-10-30
19:18
Added info to documentation on how to salt a password for a digest check-in: 04c90026c3 user: bohagan tags: crypto
01:37
Added digest HMAC key test cases check-in: 862db54236 user: bohagan tags: crypto
01:19
Added digest unstack channel command check-in: 25849c5ac1 user: bohagan tags: crypto
2023-10-29
22:50
Updated documentation for HMAC key option check-in: 92ad9d0c97 user: bohagan tags: crypto
21:06
Added Hashed MAC (HMAC) support. Added -key option to specify key to create Hashed Message Authentication Code (HMAC). Implemented data and file support, but not channel yet. check-in: 41ad133172 user: bohagan tags: crypto
01:39
Added digest channel test cases check-in: 5a5c14c5db user: bohagan tags: crypto
00:58
Updated documentation to add digest channel option check-in: a080689ac6 user: bohagan tags: crypto
00:33
Added option to create a stacked channel to use as source for message digest data. Returns calculated digest after last read prior to EOF. check-in: 750f0c1ad5 user: bohagan tags: crypto
2023-10-28
17:30
Merged in changes from master check-in: 1de7e0ec74 user: bohagan tags: crypto
17:20
Optimized TLS channel type definition check-in: 914ac6b2a4 user: bohagan tags: trunk
16:50
Updated test suite to add digest file, hex, and binary functionality check-in: f9cf6ac5f1 user: bohagan tags: crypto
03:34
Updated documentation to add digest file, hex, and binary options check-in: c8671aa698 user: bohagan tags: crypto
03:10
Added digest file, hex, and binary options. Added option to calculate message digest for a file. Added options to set output format to bin or hex. check-in: fa2710a06c user: bohagan tags: crypto
2023-10-27
23:01
Moved digest command to new tlsDigest.c file check-in: b120c6d336 user: bohagan tags: crypto
2023-10-20
22:59
Updated test suite to use OpenSSL list for ciphers list check-in: 40a8eb4d6f user: bohagan tags: crypto
2023-10-15
21:31
Added parse flag option macro check-in: d986eba4cc user: bohagan tags: crypto
2023-10-14
23:16
Updated digests command to filter out RSA digests since only used for signature algorithms. check-in: 0a899f2c18 user: bohagan tags: crypto
23:02
Updated test suite to add digest command check-in: 5f6b36170e user: bohagan tags: crypto
21:35
Optimized byte array to hex conversions check-in: 049f9cb970 user: bohagan tags: crypto
2023-10-11
23:13
Renamed hash command to digest and hashes command to digests. check-in: 38f5e78596 user: bohagan tags: crypto
22:34
Modified ciphers command to make protocol arg optional to list all supported ciphers. check-in: a44d361c13 user: bohagan tags: crypto
2023-10-10
04:10
Added hashes command to list OpenSSL supported hash digests. check-in: 78cf378796 user: bohagan tags: crypto
02:43
Added hash command to calculate hash using any OpenSSL digest. Added convenience commands for md4, md5, sha1, and sha-256 digests. check-in: cafd2dc6ba user: bohagan tags: crypto
00:06
Created cryptography branch check-in: 0cd384c2ff user: bohagan tags: crypto
2023-10-09
19:08
Updated to latest TEA and Tcl Config check-in: ec0cc9fbdf user: bohagan tags: trunk
2023-09-24
20:12
Moved definition of Append to List macros to tlsInt.h. Updated tls.c to use Append to List macros. check-in: 28d6418fa7 user: bohagan tags: trunk
2023-09-23
22:37
Updates for TCL 9.0 and Tcl_Size change check-in: c740ba0cb8 user: bohagan tags: trunk
2023-09-10
22:43
Added test cases to check for badssl.com certificate error conditions check-in: 6729942f38 user: bohagan tags: trunk
2023-09-05
19:18
Added pad to Tcl channel type structure for future changes Imported from: https://www.androwish.org/home/info/483455e044ff91ad check-in: 973237f3a8 user: bohagan tags: trunk
2023-09-02
22:07
Added verify result to handshake fail error message. check-in: 2e3a232d85 user: bohagan tags: trunk
21:13
Set automatic curve selection for ECDH temporary keys used during key exchange. Used to make a server always choose the most appropriate curve for a client. Disable compression even if supported. check-in: 1dbae1afec user: bohagan tags: trunk
20:03
Changed to only allow SSL2 and SSL3 to be manually enabled. See RFC 8996, Deprecating TLS 1.0 and TLS 1.1. Also see NIST SP 800-52r2 which requires TLS 1.2 and TLS 1.3, should not use TLS 1.1, and shall not use TLS 1.0, SSL 3.0, or SSL 2.0. check-in: 9d1bdab9a6 user: bohagan tags: trunk
2023-09-01
21:57
Merged status and X509 updates branch into master check-in: 3432ab03a3 user: bohagan tags: trunk
21:35
Added more X509 status Leaf check-in: af0ed7ddd0 user: bohagan tags: status_x509
2023-08-28
01:56
Added load CA file comments check-in: d4b5b9bd2a user: bohagan tags: status_x509
2023-08-20
19:45
Moved X509 functions to separate procedures. check-in: 2186b86385 user: bohagan tags: status_x509
2023-08-19
22:14
Added CA Issuers URL to X509 status check-in: 3b068ff2f6 user: bohagan tags: status_x509
20:30
Updated ConnectionInfoObjCmd to localize variables check-in: 070af72ccb user: bohagan tags: status_x509
18:04
Optimized CiphersObjCmd to use method variable. check-in: 543e7ab6d3 user: bohagan tags: status_x509
2023-08-14
03:16
Refactored X509 status to improve readability by using macros for common operations. check-in: 3a8336467a user: bohagan tags: status_x509
2023-08-13
01:00
Added get CA list to connection status check-in: c95df396da user: bohagan tags: status_x509
2023-08-12
04:07
Added session context, basic constraints, and publickeyhash status check-in: 4a0a74f238 user: bohagan tags: status_x509
03:34
Refactored X509 code to consolidate like functions, eliminate many buffers, etc Added function BIO_to_Buffer to consolidate copy BIO data to buffer. Moved get all data and certificate to end of function. check-in: a1bcda35b1 user: bohagan tags: status_x509
2023-08-10
03:16
Reordered get parameters in Tls_NewX509Obj to follow RFC 5280 section order. Added get self issued, Key usage, Extended Key usage, and purpose values. Added more comments, optimized code, etc. check-in: 10bcd4c88f user: bohagan tags: status_x509
2023-08-07
03:27
Added Issuer Alt Name to X509 status, refactored get SAN and CRL check-in: 35be4894ce user: bohagan tags: status_x509
2023-08-02
01:17
Added Certificate Revocation List (CRL) to X509 status. Moved get X509 extension items to end of function. check-in: f22fb82c96 user: bohagan tags: status_x509
2023-08-01
22:42
Added Certificate purposes to X509 status output. Corrected certificate alias get text bug. Refactored code to reduce number of variables and use common buffers for SHA fingerprints. check-in: e94d9cae93 user: bohagan tags: status_x509
2023-07-31
02:17
Added verify depth and mode status to connection status, renamed signatureType and signatureType check-in: 87010ba1d9 user: bohagan tags: status_x509
2023-07-30
22:25
Replaced custom X509 ASN1_UTCTIME_tostr function with OpenSSL function ASN1_TIME_print. Added catch errors returned from get certificate functions. check-in: b50520df51 user: bohagan tags: status_x509
03:39
Merged master into branch check-in: 739742d3d4 user: bohagan tags: status_x509
03:21
Merged errors_and_callbacks branch into master check-in: dbe759a0f2 user: bohagan tags: trunk
02:53
Updated default callbacks in tls.tcl file Leaf check-in: cdb51c799e user: bohagan tags: errors_and_callbacks
02:09
Add match result to ALPN callback parameters. This indicates if a common protocol was found or not. check-in: 75f1cfb376 user: bohagan tags: errors_and_callbacks
00:20
Updated password callback to add rwflag size arguments to callback. Callback now works like other callbacks with the function followed by args. Refactored get result processing. Added more info to doc file. check-in: c072b00aeb user: bohagan tags: errors_and_callbacks
2023-07-29
21:33
Added message status to callback command results. It is only available when OpenSSL is complied with the enable-ssl-trace option. check-in: 5ddead759f user: bohagan tags: errors_and_callbacks
2023-07-28
19:42
Set ErrorCode for returned errors check-in: d7ece0aec4 user: bohagan tags: errors_and_callbacks
18:41
Set/get invalid channel option now calls Tcl_BadChannelOption. check-in: 106dba31ae user: bohagan tags: errors_and_callbacks
17:01
Disabled skip channel IO during verify callback processing. Call Tcl_Error for connect/handshake errors. check-in: 6866efe8ea user: bohagan tags: errors_and_callbacks
16:07
Refactored Tls_Error handler to not set errorCode. Use error message, return result, or if none, fall-back to OpenSSL error queue. Added clear OpenSSL errors to start of each command function to remove old error messages. check-in: e85a439068 user: bohagan tags: errors_and_callbacks
2023-07-24
23:12
Comment and documentation updates. Added more checks for supported protocol versions. check-in: a4c50c7c74 user: bohagan tags: errors_and_callbacks
2023-07-21
23:29
Removed connect or handshake errors trigger background error. Removed Tls_Error call to background error handler when a callback command isn't defined. This would occur during connect/handshake errors. Fixes bug: https://core.tcl-lang.org/tcltls/tktview/2c7b748796 check-in: 6a11f12158 user: bohagan tags: errors_and_callbacks
23:01
Added new option -validatecommand to handle callbacks that require a return value. Consolidated evaluate callback commands into one function EvalCallback. Return alert codes for callbacks. Added more comments to callback functions. check-in: 91ff651d51 user: bohagan tags: errors_and_callbacks
2023-07-16
18:41
Added Next Protocol Negotiation (NPN) for TLS 1.0 to TLS 1.2. check-in: f7b84d671a user: bohagan tags: errors_and_callbacks
17:26
Added alert type to info callback parameters and refactored code. check-in: 0aa8ad9487 user: bohagan tags: errors_and_callbacks
16:02
Register ALPN callbacks only if protocols defined. Catch more errors in callbacks, return after set return values. check-in: 3b2e00d8a5 user: bohagan tags: errors_and_callbacks
15:21
Created error handler and callback updates branch check-in: 0d1d711916 user: bohagan tags: errors_and_callbacks
15:05
Merge status and X509 updates branch check-in: 1924dcd361 user: bohagan tags: trunk
03:33
X509 status optimizations to reduce number of buffers and reordered parameters to match certificate order. check-in: 335b04b2fe user: bohagan tags: status_x509
00:24
Added X509 authorityKeyIdentifier and OCSP URL parameters Fixed subjectKeyIdentifier Moved extension parameters to end of Tls_NewX509Obj check-in: a7be3ce74d user: bohagan tags: status_x509
2023-07-15
23:00
Added unique ids and signature value to status check-in: 8e446cb0bb user: bohagan tags: status_x509
21:37
Better grouped status and connection parameters in doc. check-in: c7828a9fcc user: bohagan tags: status_x509
20:47
Refactored convert X509 status binary values to hex strings. Renamed X509 parameter signatureAlgorithm to signature and digest to signingDigest. check-in: 8dd96d8c7b user: bohagan tags: status_x509
2023-07-10
01:13
Added all certificate info dump to X509 status. Renamed X509 status signature_algorithm to signatureAlgorithm, public_key_algorithm to publicKeyAlgorithm, and serial to serialNumber. Added publicKey and alias to X509 status. check-in: 58ee9890df user: bohagan tags: status_x509
2023-07-09
22:46
Changed to pass verify ok results string to callback. Renamed certificate status signature_hash to signatureHashAlgorithm. check-in: a5858c387a user: bohagan tags: status_x509
2023-06-21
23:37
Added Subject Alternate Name (SAN) to X509 status. Source: https://core.tcl-lang.org/tcltls/tktview/3c42b2ba11 check-in: a5843e5983 user: bohagan tags: status_x509
2023-06-20
03:42
Added Subject Key Identifier (SKI) to X509 status check-in: 3a3000bc1e user: bohagan tags: status_x509
2023-06-18
21:47
Added post handshake cert request option check-in: fec0e414e9 user: bohagan tags: status_x509
2023-06-17
23:09
Added signature hash and type to connection status Changed validation result to verification. check-in: e02e24c84a user: bohagan tags: status_x509
2023-06-16
18:04
Change to use NULL for empty pointers check-in: ee0728f6d6 user: bohagan tags: status_x509
2023-06-11
23:26
Use client or server methods instead of generic methods for protocol version selection check-in: f9da715266 user: bohagan tags: status_x509
20:12
Optimized get X509 certificate extensions check-in: eccad70fa9 user: bohagan tags: status_x509
02:27
Added more X509 certificate status info, show algorithm names, list used extensions, etc. check-in: 7265279af2 user: bohagan tags: status_x509
2023-06-10
21:25
Added master key, is server, and ticket lifetime to connection status. Reordered connection status results for better grouping. check-in: 4e75be42e6 user: bohagan tags: status_x509
20:33
Set protocol version method based on client or server option. check-in: 50c71137cb user: bohagan tags: status_x509
19:45
Added ALPN callback update to catch and return errors in select next protocol. check-in: 1a03a74d6e user: bohagan tags: status_x509
2023-06-05
02:47
More callback error checking. Added session ticket callback handling. Split set client and server session caching callbacks. check-in: e1f08bc122 user: bohagan tags: status_x509
02:09
Use SSL connection states instead of custom states. check-in: 3d083cdfaf user: bohagan tags: status_x509
2023-06-04
03:20
Set host name for certificate checks. Pass peer specified host name to Hello callback. Set host name for certificate checks. This is separate from SNI. Added peername to status command results. Source: https://core.tcl-lang.org/tcltls/tktview/b023257dcf and https://core.tcl-lang.org/tcltls/tktview/3c42b2ba11 check-in: 65f84287e7 user: bohagan tags: status_x509
2023-06-03
22:33
Added ALPN callback protocol selection. In ALPNCallback, server select from client provided protocol list uses -alpn protocols list to find first common protocol. check-in: f50ee33fd6 user: bohagan tags: status_x509
20:55
Added version and signature to X509 status check-in: 7d59536ee7 user: bohagan tags: status_x509
2023-06-02
22:23
Added compression state to connection status check-in: e5975c8072 user: bohagan tags: status_x509
2023-05-29
23:15
Added server callbacks for ALPN, SNI, and Hello messages check-in: a04a3aef6b user: bohagan tags: status_x509
2023-05-27
21:14
Optimized use of pointers and comment format updates. check-in: 500c6b97d6 user: bohagan tags: status_x509
19:20
Added session id and ticket to connection status. Added callback to handle session id and ticket updates after the handshake. check-in: 489f45bd81 user: bohagan tags: status_x509
03:06
Removed support for obsolete OpenSSL versions prior to v1.1.1. check-in: 0de7b4fc0a user: bohagan tags: status_x509
2023-05-26
22:43
Added set security level option to set all relevant parameters including cipher suite, encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key sizes and signature algorithms in one operation. check-in: 32ce5d6220 user: bohagan tags: status_x509
2023-05-24
23:26
Fixed test cases to run under Windows and added TLS 1.3 support check-in: 69314245a1 user: bohagan tags: status_x509