Check-in [0a899f2c18]
Overview
Comment:Updated digests command to filter out RSA digests since only used for signature algorithms.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | crypto
Files: files | file ages | folders
SHA3-256: 0a899f2c187f23478c5d9aa93578dba09433d76a3d717b4ff0f5b4da13be6820
User & Date: bohagan on 2023-10-14 23:16:25
Other Links: branch diff | manifest | tags
Context
2023-10-15
21:31
Added parse flag option macro check-in: d986eba4cc user: bohagan tags: crypto
2023-10-14
23:16
Updated digests command to filter out RSA digests since only used for signature algorithms. check-in: 0a899f2c18 user: bohagan tags: crypto
23:02
Updated test suite to add digest command check-in: 5f6b36170e user: bohagan tags: crypto
Changes

Modified generic/tls.c from [e558c674d7] to [5aecfbd855].

1064
1065
1066
1067
1068
1069
1070


1071


1072
1073
1074
1075
1076
1077
1078
1064
1065
1066
1067
1068
1069
1070
1071
1072

1073
1074
1075
1076
1077
1078
1079
1080
1081







+
+
-
+
+







 *	None.
 *
 *-------------------------------------------------------------------
 */
void ListCallback(const OBJ_NAME *obj, void *arg) {
    Tcl_Obj *objPtr = (Tcl_Obj *) arg;
    if (1 || !obj->alias) {
	/* Filter out signed digests (a.k.a signature algorithms) */
	if (strstr(obj->name, "rsa") == NULL && strstr(obj->name, "RSA") == NULL) {
	Tcl_ListObjAppendElement(NULL, objPtr, Tcl_NewStringObj(obj->name,-1));
	    Tcl_ListObjAppendElement(NULL, objPtr, Tcl_NewStringObj(obj->name,-1));
	}
    }
}

int
DigestListCmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) {
    Tcl_Obj *objPtr = Tcl_NewListObj(0, NULL);

Modified tests/ciphers.csv from [8c0c3374a7] to [ed55bdfb63].

11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
11
12
13
14
15
16
17

18
19
20
21
22
23
24







-







command,"::tcltest::testConstraint OpenSSL [string match ""OpenSSL*"" [::tls::version]]",,,,,,,,,
,,,,,,,,,,
command,# Helper functions,,,,,,,,,
command,"proc lcompare {list1 list2} {set m """";set u """";foreach i $list1 {if {$i ni $list2} {lappend m $i}};foreach i $list2 {if {$i ni $list1} {lappend u $i}};return [list ""missing"" $m ""unexpected"" $u]}",,,,,,,,,
command,proc exec_get {delim args} {return [split [exec openssl {*}$args] $delim]},,,,,,,,,
command,"proc exec_get_ciphers {} {set list [list];set data [exec openssl ciphers ALL];foreach cipher [split $data "":""] {lappend list [string tolower $cipher]};return [lsort $list]}",,,,,,,,,
command,"proc exec_get_digests {} {set list [list];set data [exec openssl dgst -list];foreach line [split $data ""\n""] {foreach digest $line {if {[string match ""-*"" $digest]} {lappend list [string trimleft $digest ""-""]}}};return [lsort $list]}",,,,,,,,,
command,"proc no_rsa {digests} {set list [list];foreach digest $digests {if {![string match -nocase ""*RSA*"" $digest]} {lappend list $digest}};return [lsort $list]}",,,,,,,,,
,,,,,,,,,,
command,# Test list ciphers,,,,,,,,,
CiphersAll,,,,lcompare [lsort [exec_get_ciphers]] [lsort [::tls::ciphers]],,,missing {} unexpected {},,,
,,,,,,,,,,
command,# Test list ciphers for protocols,,,,,,,,,
CiphersProtocols,SSL2,ssl2,,"lcompare [exec_get "":"" ciphers -ssl2] [::tls::ciphers ssl2]",,,missing {} unexpected {},,,
CiphersProtocols,SSL3,ssl3,,"lcompare [exec_get "":"" ciphers -ssl3] [::tls::ciphers ssl3]",,,missing {} unexpected {},,,
45
46
47
48
49
50
51
52

53
54
55
56
57
58
59
60
61
62
63
64
65
44
45
46
47
48
49
50

51
52
53
54
55
56
57
58
59
60
61
62
63
64







-
+













CiphersSpecific,TLS1.3,tls1.3,,"lcompare [exec_get "":"" ciphers -tls1_3 -s] [::tls::ciphers tls1.3 0 1]",,,missing {} unexpected {},,,
,,,,,,,,,,
command,# Test version,,,,,,,,,
Version,All,,,::tls::version,,glob,*,,,
Version,OpenSSL,OpenSSL,,::tls::version,,glob,OpenSSL*,,,
,,,,,,,,,,
command,# Test list digests,,,,,,,,,
Digest List,Digest List,,,lcompare [exec_get_digests] [no-rsa [tls::digests]],,,missing {} unexpected {},,,
Digest List,Digest List,,,lcompare [lsort [exec_get_digests]] [lsort [tls::digests]],,,missing {} unexpected {},,,
,,,,,,,,,,
command,# Test Digests,,,,,,,,,
Digest,md4 opt,,,"tls::md4 ""Example string for message digest tests.""",,,181CDCF9DB9B6FA8FC0A3BF9C34E29D9,,,
Digest,md5 opt,,,"tls::md5 ""Example string for message digest tests.""",,,CCB1BE2E11D8183E843FF73DA8C6D206,,,
Digest,sha1 opt,,,"tls::sha1 ""Example string for message digest tests.""",,,3AEFE840CA492C387E903F15ED6019E7AD833B47,,,
Digest,sha256 opt,,,"tls::sha256 ""Example string for message digest tests.""",,,B7DFDDEB0314A74FF56A8AC1E3DC57DF09BB52A96DA50F6549EB62CA61A0A491,,,
Digest,md4,,,"tls::digest md4 ""Example string for message digest tests.""",,,181CDCF9DB9B6FA8FC0A3BF9C34E29D9,,,
Digest,md5,,,"tls::digest md5 ""Example string for message digest tests.""",,,CCB1BE2E11D8183E843FF73DA8C6D206,,,
Digest,sha1,,,"tls::digest sha1 ""Example string for message digest tests.""",,,3AEFE840CA492C387E903F15ED6019E7AD833B47,,,
Digest,sha256,,,"tls::digest sha256 ""Example string for message digest tests.""",,,B7DFDDEB0314A74FF56A8AC1E3DC57DF09BB52A96DA50F6549EB62CA61A0A491,,,
,,,,,,,,,,
command,# Test protocols,,,,,,,,,
Protocols,All,,,lcompare $protocols [::tls::protocols],,,missing {ssl2 ssl3} unexpected {},,,

Modified tests/ciphers.test from [c92518c18a] to [1825bf394f].

19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
19
20
21
22
23
24
25

26
27
28
29
30
31
32







-







foreach protocol [::tls::protocols] {::tcltest::testConstraint $protocol 1}
::tcltest::testConstraint OpenSSL [string match "OpenSSL*" [::tls::version]]
# Helper functions
proc lcompare {list1 list2} {set m "";set u "";foreach i $list1 {if {$i ni $list2} {lappend m $i}};foreach i $list2 {if {$i ni $list1} {lappend u $i}};return [list "missing" $m "unexpected" $u]}
proc exec_get {delim args} {return [split [exec openssl {*}$args] $delim]}
proc exec_get_ciphers {} {set list [list];set data [exec openssl ciphers ALL];foreach cipher [split $data ":"] {lappend list [string tolower $cipher]};return [lsort $list]}
proc exec_get_digests {} {set list [list];set data [exec openssl dgst -list];foreach line [split $data "\n"] {foreach digest $line {if {[string match "-*" $digest]} {lappend list [string trimleft $digest "-"]}}};return [lsort $list]}
proc no_rsa {digests} {set list [list];foreach digest $digests {if {![string match -nocase "*RSA*" $digest]} {lappend list $digest}};return [lsort $list]}
# Test list ciphers


test CiphersAll-1.1 {} -body {
	lcompare [lsort [exec_get_ciphers]] [lsort [::tls::ciphers]]
    } -result {missing {} unexpected {}}
# Test list ciphers for protocols
118
119
120
121
122
123
124
125

126
127
128
129
130
131
132
117
118
119
120
121
122
123

124
125
126
127
128
129
130
131







-
+







test Version-5.2 {OpenSSL} -constraints {OpenSSL} -body {
	::tls::version
    } -match {glob} -result {OpenSSL*}
# Test list digests


test Digest_List-6.1 {Digest List} -body {
	lcompare [exec_get_digests] [no-rsa [tls::digests]]
	lcompare [lsort [exec_get_digests]] [lsort [tls::digests]]
    } -result {missing {} unexpected {}}
# Test Digests


test Digest-7.1 {md4 opt} -body {
	tls::md4 "Example string for message digest tests."
    } -result {181CDCF9DB9B6FA8FC0A3BF9C34E29D9}