This extension provides TCL script access to secure socket communications using the Transport Layer Security (TLS) protocol. It provides a generic binding to OpenSSL, utilizing the Tcl_StackChannel API in TCL 8.4 and higher. These sockets behave exactly the same as channels created using the built-in -socket command, along with additional options for controlling +socket command, but provide additional options for controlling the SSL/TLS session.
Typically one would use the tls::socket command to create a new encrypted -TCP socket. It is compatible with the native TCL ::socket command. -Alternatively for an existing TCP socket, the tls::import command can be -used to start TLS on the connection.
+The following are the commands provided by the TcLTLS package. See the +Examples for example usage and the "demos" directory for +more example usage.
Optional function to set the default options used by tls::socket. If you -call tls::import directly, this command has no effect. This command -supports all of the same options as the tls::socket command, though you -should limit your options to only TLS related ones.
This is a helper function that utilizes the underlying commands socket and tls::import to create the connection. It behaves the same as the native TCL socket command, but also supports the tls:import command options with one additional option. It returns the channel handle id @@ -197,11 +196,11 @@ parameters for SSL handshake. Valid options are:
Specifies the directory where the Certificate Authority (CA) certificates are stored. The default is platform specific and can be set at compile time. The default location can be overridden by the SSL_CERT_DIR environment variable. See Certificate Validation for more details.
Specifies the Uniform Resource Identifier (URI) for the Certificate Authority (CA) store, which may be a single container or a catalog of containers. Starting with OpenSSL 3.2 on MS Windows, set to "org.openssl.winstore://" -to use the built-in MS Windows Certificate Store. See -Certificate Validation for more details.
Specifies the name of the file with the certificate to use in PEM format as the local (client or server) certificate. It also contains the public key.
Specifies the certificate to use as a DER encoded string (X.509 DER).
Specifies the list of cipher suites to use for TLS 1.3 as a colon ":" separated list of cipher suite names. See the OpenSSL -documentation for the full list of valid values.
Specifies the callback command to be invoked at several points during the handshake to pass errors, tracing information, and protocol messages. See Callback Options for more info.
Force this channel to share the same SSL_CTX structure as the specified channel, and therefore share config, callbacks, etc.
Specifies the callback command to invoke when OpenSSL needs to obtain a password. This is typically used to unlock the private key of a certificate. -The callback should return a password string. See Callback Options -for more info.
Allow post-handshake session ticket updates.
Allow post-handshake session ticket updates. This option is new for TclTLS 1.8.
Request a certificate from the peer during the SSL handshake. This is needed to do Certificate Validation. Starting in TclTLS 1.8, the default is true. Starting in TclTLS 2.0, If set to false and -require is true, then this will be overridden to true. @@ -277,21 +278,23 @@
Specifies the security level (value from 0 to 5). The security level affects the allowed cipher suite encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key sizes and signature algorithms. The default is 1 prior to OpenSSL 3.2 and 2 thereafter. Level 3 and higher disable support for session tickets and -only accept cipher suites that provide forward secrecy.
Specifies whether to act as a server and respond with a server handshake when a client connects and provides a client handshake. The default is false.
Specify the peer's hostname. This is used to set the TLS Server Name Indication (SNI) extension. Set this to the expected servername in the server's certificate or one of the Subject Alternate Names (SAN). Starting in TclTLS 2.0, this will default to the host for the tls::socket command.
Specifies the session id to resume a session. Not supported yet.
Specifies the session id to resume a session. Not supported yet. +This option is new for TclTLS 1.8.
Enable use of SSL v2.The default is false. OpenSSL 1.1+ no longer supports SSL v2, so this may not have any effect. See the tls::protocols command for supported protocols.
Specifies the callback command to invoke to validate the peer certificates and other config info during the protocol negotiation phase. This can be used by TCL scripts to perform their own Certificate Validation to supplement the default validation provided by OpenSSL. The script must return a boolean true -to continue the negotiation. See Callback Options for more info.
Compliment to tls::import. Used to remove the top level stacked channel from channel. This unstacks the encryption of a regular TCL channel. An error is thrown if TLS is not the top stacked channel type.
SSL Status
The protocol selected after Application-Layer Protocol Negotiation (ALPN).
The protocol selected after Application-Layer Protocol Negotiation (ALPN). +This value is new for TclTLS 1.8.
The current cipher in use for the session.
The peername from the certificate.
The peername from the certificate. +This value is new for TclTLS 1.8.
The protocol version used for the connection: SSL2, SSL3, TLS1, TLS1.1, TLS1.2, TLS1.3, or unknown.
The protocol version used for the connection: SSL2, SSL3, TLS1, TLS1.1, TLS1.2, +TLS1.3, or unknown. This value is new for TclTLS 1.8.
The number of bits used for the session key.
The signature hash algorithm.
The signature hash algorithm. +This value is new for TclTLS 1.8.
The signature type value.
The signature type value. +This value is new for TclTLS 1.8.
Maximum depth for the certificate chain verification. Default is -1, to check all.
Maximum depth for the certificate chain verification. Default is -1, to check all. +This value is new for TclTLS 1.8.
List of certificate verification modes.
List of certificate verification modes. +This value is new for TclTLS 1.8.
Certificate verification result.
Certificate verification result. +This value is new for TclTLS 1.8.
List of the Certificate Authorities used to create the certificate.
List of the Certificate Authorities used to create the certificate. +This value is new for TclTLS 1.8.
Certificate Status
Dump of all certificate info.
Dump of all certificate info. +This value is new for TclTLS 1.8.
The certificate version.
The serial number of the certificate as a hex string.
The serial number of the certificate as a hex string. +This value was changed from serial in TclTLS 1.8.
Cipher algorithm used for certificate signature.
Cipher algorithm used for certificate signature. +This value is new for TclTLS 1.8.
The distinguished name (DN) of the certificate issuer.
The beginning date of the certificate validity.
The distinguished name (DN) of the certificate subject. Fields include: Common Name (CN), Organization (O), Locality or City (L), State or Province (S), and Country Name (C).
The issuer unique id.
The issuer unique id. +This value is new for TclTLS 1.8.
The subject unique id.
The subject unique id. +This value is new for TclTLS 1.8.
Number of certificate extensions.
Number of certificate extensions. +This value is new for TclTLS 1.8.
List of certificate extension names.
List of certificate extension names. +This value is new for TclTLS 1.8.
Authority Key Identifier (AKI) of the Issuing CA certificate that signed the SSL certificate as a hex string. This value matches the SKI value of the -Intermediate CA certificate.
Subject Key Identifier (SKI) hash of the public key inside the certificate as a -hex string. Used to identify certificates that contain a particular public key.
List of all of the Subject Alternative Names (SAN) including domain names, sub -domains, and IP addresses that are secured by the certificate.
List of all Online Certificate Status Protocol (OCSP) URLs that can be used to -check the validity of this certificate.
The PEM encoded certificate.
Cipher algorithm used for the certificate signature.
Cipher algorithm used for the certificate signature. +This value is new for TclTLS 1.8.
Certificate signature as a hex string.
Certificate signature as a hex string. +This value is new for TclTLS 1.8.
Certificate signing digest as a hex string.
Certificate signing digest as a hex string. +This value is new for TclTLS 1.8.
Certificate signature public key algorithm.
Certificate signature public key algorithm. +This value is new for TclTLS 1.8.
Certificate signature public key as a hex string.
Certificate signature public key as a hex string. +This value is new for TclTLS 1.8.
Number of bits used for certificate signature key.
Number of bits used for certificate signature key. +This value is new for TclTLS 1.8.
Whether the certificate signature is self signed.
Whether the certificate signature is self signed. +This value is new for TclTLS 1.8.
The SHA1 hash of the certificate as a hex string.
The SHA1 hash of the certificate as a hex string. +This value is new for TclTLS 1.8.
The SHA256 hash of the certificate as a hex string.
The SHA256 hash of the certificate as a hex string. +This value is new for TclTLS 1.8.
Returns the current connection status of an SSL channel. The result is a list -of key-value pairs describing the connection. Returned values include:
+of key-value pairs describing the connection. +This command is new for TclTLS 1.8. Returned values include:SSL Status
State of the connection.
Unique session master key.
Server cache mode (client, server, or both).
Without any args, returns a list of all symmetric ciphers for use with the +
Without any options, it returns a list of all symmetric ciphers for use with the -cipher option. With protocol, only the ciphers supported for that protocol are returned. See the tls::protocols command for the supported protocols. If verbose is specified as true then a verbose, human readable list is returned with additional information on the cipher. If supported -is specified as true, then only the ciphers supported for protocol will be listed.
Returns a list of the supported SSL/TLS protocols. Valid values are: ssl2, ssl3, tls1, tls1.1, tls1.2, and -tls1.3. Exact list depends on OpenSSL version and compile time flags.
Returns the OpenSSL version string.
Specifies the Uniform Resource Identifier (URI) for the Certificate Authority (CA) store, which may be a single container or a catalog of containers. Starting with OpenSSL 3.2 on MS Windows, set to "org.openssl.winstore://" -to use the built-in MS Windows Certificate Store. -This store only supports root certificate stores. See +to use the built-in MS Windows Certificate Store. Starting in TclTLS 2.0, this +is the default if -cadir, -cadir, and -castore are +not specified. This store only supports root certificate stores. See Certificate Validation for more details.
Request a certificate from the peer during the SSL handshake. This is needed to do Certificate Validation. Starting in TclTLS 1.8, the default is true. Starting in TclTLS 2.0, If set to false and @@ -589,11 +626,13 @@ or MS Windows and OpenSSL is installed, the SSL_CERT_DIR and/or SSL_CERT_FILE environment variables or the one of the -cadir, -cadir, or -castore options must be defined.
On MS Windows, starting in OpenSSL 3.2, it is now possible to access the built-in Windows Certificate Store from OpenSSL. This can utilized by -setting the -castore option to "org.openssl.winstore://".
If OpenSSL is not installed or the CA certificates are not available in PEM format, the CA certificates must be downloaded and installed with the user software. The CURL team makes them available at CA certificates extracted from Mozilla in the "cacert.pem" file. You must then either set the @@ -778,15 +817,15 @@ certificate, even if it is invalid when the -validatecommand option is set to tls::validate_command.
The use of the variable tls::debug is not recommended. It may be removed from future releases.
The following are example scripts to download a webpage and file using the -http package. See Certificate Validation for whether the +http package. See Certificate Validation for when the -cadir, -cafile, and -castore options are also -needed. See the demos directory for more example scripts.
+needed. See the "demos" directory for more example scripts.Example #1: Download a web page
package require http package require tls set url "https://www.tcl.tk/" Index: doc/tls.man ================================================================== --- doc/tls.man +++ doc/tls.man @@ -19,28 +19,27 @@ This extension provides TCL script access to secure socket communications using the Transport Layer Security (TLS) protocol. It provides a generic binding to [uri "https://www.openssl.org/" OpenSSL], utilizing the [syscmd Tcl_StackChannel] API in TCL 8.4 and higher. These sockets behave exactly the same as channels created using the built-in -[syscmd socket] command, along with additional options for controlling +[syscmd socket] command, but provide additional options for controlling the SSL/TLS session. [section Commands] -Typically one would use the [cmd tls::socket] command to create a new encrypted -TCP socket. It is compatible with the native TCL [syscmd ::socket] command. -Alternatively for an existing TCP socket, the [cmd tls::import] command can be -used to start TLS on the connection. +The following are the commands provided by the TcLTLS package. See the +[sectref Examples] for example usage and the [file demos] directory for +more example usage. [list_begin definitions] [call [cmd tls::init] [opt [arg -option]] [opt [arg value]] [opt [arg "-option value ..."]]] Optional function to set the default options used by [cmd tls::socket]. If you -call [cmd tls::import] directly, this command has no effect. This command -supports all of the same options as the [cmd tls::socket] command, though you -should limit your options to only TLS related ones. +call [cmd tls::import] directly, the values set by this command have no effect. +This command supports all of the same options as the [cmd tls::socket] command, +though you should limit your options to only TLS related ones. [call [cmd tls::socket] [opt [arg -option]] [opt [arg value]] [opt [arg "-option value ..."]] [arg host] [arg port]] This is a helper function that utilizes the underlying commands [syscmd socket] and [cmd tls::import] to create the connection. It behaves the same as the @@ -73,11 +72,11 @@ [list_begin options] [opt_def -alpn [arg list]] List of protocols to offer during Application-Layer Protocol Negotiation (ALPN). For example: [const h2] and [const http/1.1], but not [const h3] or -[const quic]. +[const quic]. This option is new for TclTLS 1.8. [opt_def -cadir [arg directory]] Specifies the directory where the Certificate Authority (CA) certificates are stored. The default is platform specific and can be set at compile time. The default location can be overridden by the [var SSL_CERT_DIR] environment @@ -91,12 +90,13 @@ [opt_def -castore [arg URI]] Specifies the Uniform Resource Identifier (URI) for the Certificate Authority (CA) store, which may be a single container or a catalog of containers. Starting with OpenSSL 3.2 on MS Windows, set to "[const "org.openssl.winstore://"]" -to use the built-in MS Windows Certificate Store. See -[sectref "Certificate Validation"] for more details. +to use the built-in MS Windows Certificate Store. +See [sectref "Certificate Validation"] for more details. +This option is new for TclTLS 1.8. [opt_def -certfile [arg filename]] Specifies the name of the file with the certificate to use in PEM format as the local (client or server) certificate. It also contains the public key. @@ -118,10 +118,11 @@ [opt_def -ciphersuites [arg string]] Specifies the list of cipher suites to use for TLS 1.3 as a colon "[const :]" separated list of cipher suite names. See the [uri "https://docs.openssl.org/master/man1/openssl-ciphers/#options" OpenSSL] documentation for the full list of valid values. +This option is new for TclTLS 1.8. [opt_def -command [arg callback]] Specifies the callback command to be invoked at several points during the handshake to pass errors, tracing information, and protocol messages. See [sectref "Callback Options"] for more info. @@ -141,15 +142,15 @@ specified [arg channel], and therefore share config, callbacks, etc. [opt_def -password [arg callback]] Specifies the callback command to invoke when OpenSSL needs to obtain a password. This is typically used to unlock the private key of a certificate. -The callback should return a password string. See [sectref "Callback Options"] -for more info. +The callback should return a password string. This option has changed for +TclTLS 1.8. See [sectref "Callback Options"] for more info. [opt_def -post_handshake [arg bool]] -Allow post-handshake session ticket updates. +Allow post-handshake session ticket updates. This option is new for TclTLS 1.8. [opt_def -request [arg bool]] Request a certificate from the peer during the SSL handshake. This is needed to do Certificate Validation. Starting in TclTLS 1.8, the default is [const true]. Starting in TclTLS 2.0, If set to [const false] and @@ -171,10 +172,11 @@ the allowed cipher suite encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key sizes and signature algorithms. The default is 1 prior to OpenSSL 3.2 and 2 thereafter. Level 3 and higher disable support for session tickets and only accept cipher suites that provide forward secrecy. +This option is new for TclTLS 1.8. [opt_def -server [arg bool]] Specifies whether to act as a server and respond with a server handshake when a client connects and provides a client handshake. The default is [const false]. @@ -184,10 +186,11 @@ or one of the Subject Alternate Names (SAN). Starting in TclTLS 2.0, this will default to the host for the [cmd tls::socket] command. [opt_def -session_id [arg binary_string]] Specifies the session id to resume a session. Not supported yet. +This option is new for TclTLS 1.8. [opt_def -ssl2 [arg bool]] Enable use of SSL v2.The default is [const false]. OpenSSL 1.1+ no longer supports SSL v2, so this may not have any effect. See the [cmd tls::protocols] command for supported protocols. @@ -218,10 +221,11 @@ Specifies the callback command to invoke to validate the peer certificates and other config info during the protocol negotiation phase. This can be used by TCL scripts to perform their own Certificate Validation to supplement the default validation provided by OpenSSL. The script must return a boolean true to continue the negotiation. See [sectref "Callback Options"] for more info. +This option is new for TclTLS 1.8. [list_end] [call [cmd tls::unimport] [arg channel]] @@ -249,58 +253,70 @@ [list_begin definitions] [def "[var alpn] [arg protocol]"] The protocol selected after Application-Layer Protocol Negotiation (ALPN). +This value is new for TclTLS 1.8. [def "[var cipher] [arg cipher]"] The current cipher in use for the session. [def "[var peername] [arg name]"] The peername from the certificate. +This value is new for TclTLS 1.8. [def "[var protocol] [arg version]"] -The protocol version used for the connection: SSL2, SSL3, TLS1, TLS1.1, TLS1.2, TLS1.3, or unknown. +The protocol version used for the connection: SSL2, SSL3, TLS1, TLS1.1, TLS1.2, +TLS1.3, or unknown. This value is new for TclTLS 1.8. [def "[var sbits] [arg n]"] The number of bits used for the session key. [def "[var signatureHashAlgorithm] [arg algorithm]"] The signature hash algorithm. +This value is new for TclTLS 1.8. [def "[var signatureType] [arg type]"] The signature type value. +This value is new for TclTLS 1.8. [def "[var verifyDepth] [arg n]"] Maximum depth for the certificate chain verification. Default is -1, to check all. +This value is new for TclTLS 1.8. [def "[var verifyMode] [arg list]"] List of certificate verification modes. +This value is new for TclTLS 1.8. [def "[var verifyResult] [arg result]"] Certificate verification result. +This value is new for TclTLS 1.8. [def "[var ca_names] [arg list]"] List of the Certificate Authorities used to create the certificate. +This value is new for TclTLS 1.8. [list_end] Certificate Status [list_begin definitions] [def "[var all] [arg string]"] Dump of all certificate info. +This value is new for TclTLS 1.8. [def "[var version] [arg value]"] The certificate version. [def "[var serialNumber] [arg string]"] The serial number of the certificate as a hex string. +This value was changed from serial in TclTLS 1.8. [def "[var signature] [arg algorithm]"] Cipher algorithm used for certificate signature. +This value is new for TclTLS 1.8. [def "[var issuer] [arg string]"] The distinguished name (DN) of the certificate issuer. [def "[var notBefore] [arg date]"] @@ -314,73 +330,91 @@ Name (CN), Organization (O), Locality or City (L), State or Province (S), and Country Name (C). [def "[var issuerUniqueID] [arg string]"] The issuer unique id. +This value is new for TclTLS 1.8. [def "[var subjectUniqueID] [arg string]"] The subject unique id. +This value is new for TclTLS 1.8. [def "[var num_extensions] [arg n]"] Number of certificate extensions. +This value is new for TclTLS 1.8. [def "[var extensions] [arg list]"] List of certificate extension names. +This value is new for TclTLS 1.8. [def "[var authorityKeyIdentifier] [arg string]"] Authority Key Identifier (AKI) of the Issuing CA certificate that signed the SSL certificate as a hex string. This value matches the SKI value of the Intermediate CA certificate. +This value is new for TclTLS 1.8. [def "[var subjectKeyIdentifier] [arg string]"] Subject Key Identifier (SKI) hash of the public key inside the certificate as a hex string. Used to identify certificates that contain a particular public key. +This value is new for TclTLS 1.8. [def "[var subjectAltName] [arg list]"] List of all of the Subject Alternative Names (SAN) including domain names, sub domains, and IP addresses that are secured by the certificate. +This value is new for TclTLS 1.8. [def "[var ocsp] [arg list]"] List of all Online Certificate Status Protocol (OCSP) URLs that can be used to check the validity of this certificate. +This value is new for TclTLS 1.8. [def "[var certificate] [arg cert]"] The PEM encoded certificate. [def "[var signatureAlgorithm] [arg algorithm]"] Cipher algorithm used for the certificate signature. +This value is new for TclTLS 1.8. [def "[var signatureValue] [arg string]"] Certificate signature as a hex string. +This value is new for TclTLS 1.8. [def "[var signatureDigest] [arg version]"] Certificate signing digest as a hex string. +This value is new for TclTLS 1.8. [def "[var publicKeyAlgorithm] [arg algorithm]"] Certificate signature public key algorithm. +This value is new for TclTLS 1.8. [def "[var publicKey] [arg string]"] Certificate signature public key as a hex string. +This value is new for TclTLS 1.8. [def "[var bits] [arg n]"] Number of bits used for certificate signature key. +This value is new for TclTLS 1.8. [def "[var self_signed] [arg boolean]"] Whether the certificate signature is self signed. +This value is new for TclTLS 1.8. [def "[var sha1_hash] [arg hash]"] The SHA1 hash of the certificate as a hex string. +This value is new for TclTLS 1.8. [def "[var sha256_hash] [arg hash]"] The SHA256 hash of the certificate as a hex string. +This value is new for TclTLS 1.8. [list_end] [call [cmd tls::connection] [arg channel]] Returns the current connection status of an SSL channel. The result is a list -of key-value pairs describing the connection. Returned values include: +of key-value pairs describing the connection. +This command is new for TclTLS 1.8. Returned values include: [para] SSL Status @@ -487,22 +521,24 @@ [list_end] [call [cmd tls::ciphers] [opt [arg protocol]] [opt [arg verbose]] [opt [arg supported]]] -Without any args, returns a list of all symmetric ciphers for use with the +Without any options, it returns a list of all symmetric ciphers for use with the [arg -cipher] option. With [arg protocol], only the ciphers supported for that protocol are returned. See the [cmd tls::protocols] command for the supported protocols. If [arg verbose] is specified as true then a verbose, human readable list is returned with additional information on the cipher. If [arg supported] is specified as true, then only the ciphers supported for protocol will be listed. +The [arg supported] arg is new for TclTLS 1.8. [call [cmd tls::protocols]] Returns a list of the supported SSL/TLS protocols. Valid values are: [const ssl2], [const ssl3], [const tls1], [const tls1.1], [const tls1.2], and [const tls1.3]. Exact list depends on OpenSSL version and compile time flags. +This command is new for TclTLS 1.8. [call [cmd tls::version]] Returns the OpenSSL version string. @@ -548,11 +584,11 @@ [list_begin options] [opt_def -cadir [arg directory]] Specifies the directory where the Certificate Authority (CA) certificates are -stored. The default is platform specific, but is usually [file "/etc/ssl/certs"] on +stored. The default is platform specific, but is usually [file /etc/ssl/certs] on Linux/Unix systems. The default location can be overridden by the [var SSL_CERT_DIR] environment variable. [opt_def -cafile [arg filename]] Specifies the file with the Certificate Authority (CA) certificates to use in @@ -563,12 +599,13 @@ [opt_def -castore [arg URI]] Specifies the Uniform Resource Identifier (URI) for the Certificate Authority (CA) store, which may be a single container or a catalog of containers. Starting with OpenSSL 3.2 on MS Windows, set to "[const "org.openssl.winstore://"]" -to use the built-in MS Windows Certificate Store. -This store only supports root certificate stores. See +to use the built-in MS Windows Certificate Store. Starting in TclTLS 2.0, this +is the default if [option -cadir], [option -cadir], and [option -castore] are +not specified. This store only supports root certificate stores. See [sectref "Certificate Validation"] for more details. [opt_def -request [arg bool]] Request a certificate from the peer during the SSL handshake. This is needed to do Certificate Validation. Starting in TclTLS 1.8, the default is @@ -616,10 +653,12 @@ [item] On MS Windows, starting in OpenSSL 3.2, it is now possible to access the built-in Windows Certificate Store from OpenSSL. This can utilized by setting the [option -castore] option to "[const org.openssl.winstore://]". +In TclTLS 2.0, this is the default value if [option -cadir], +[option -cadir], and [option -castore] are not specified. [item] If OpenSSL is not installed or the CA certificates are not available in PEM format, the CA certificates must be downloaded and installed with the user software. The CURL team makes them available at @@ -870,16 +909,16 @@ [para] [emph "The use of the variable [var tls::debug] is not recommended. It may be removed from future releases."] -[section "HTTP Package Examples"] +[section "Examples"] The following are example scripts to download a webpage and file using the -http package. See [sectref "Certificate Validation"] for whether the +http package. See [sectref "Certificate Validation"] for when the [option -cadir], [option -cafile], and [option -castore] options are also -needed. See the demos directory for more example scripts. +needed. See the [file demos] directory for more example scripts. [para] Example #1: Download a web page Index: doc/tls.n ================================================================== --- doc/tls.n +++ doc/tls.n @@ -307,23 +307,22 @@ This extension provides TCL script access to secure socket communications using the Transport Layer Security (TLS) protocol\&. It provides a generic binding to \fIOpenSSL\fR [https://www\&.openssl\&.org/], utilizing the \fBTcl_StackChannel\fR API in TCL 8\&.4 and higher\&. These sockets behave exactly the same as channels created using the built-in -\fBsocket\fR command, along with additional options for controlling +\fBsocket\fR command, but provide additional options for controlling the SSL/TLS session\&. .SH COMMANDS -Typically one would use the \fBtls::socket\fR command to create a new encrypted -TCP socket\&. It is compatible with the native TCL \fB::socket\fR command\&. -Alternatively for an existing TCP socket, the \fBtls::import\fR command can be -used to start TLS on the connection\&. +The following are the commands provided by the TcLTLS package\&. See the +\fBExamples\fR for example usage and the "\fIdemos\fR" directory for +more example usage\&. .TP \fBtls::init\fR ?\fI-option\fR? ?\fIvalue\fR? ?\fI-option value \&.\&.\&.\fR? Optional function to set the default options used by \fBtls::socket\fR\&. If you -call \fBtls::import\fR directly, this command has no effect\&. This command -supports all of the same options as the \fBtls::socket\fR command, though you -should limit your options to only TLS related ones\&. +call \fBtls::import\fR directly, the values set by this command have no effect\&. +This command supports all of the same options as the \fBtls::socket\fR command, +though you should limit your options to only TLS related ones\&. .TP \fBtls::socket\fR ?\fI-option\fR? ?\fIvalue\fR? ?\fI-option value \&.\&.\&.\fR? \fIhost\fR \fIport\fR This is a helper function that utilizes the underlying commands \fBsocket\fR and \fBtls::import\fR to create the connection\&. It behaves the same as the native TCL \fBsocket\fR command, but also supports the \fBtls:import\fR @@ -350,11 +349,11 @@ .RS .TP \fB-alpn\fR \fIlist\fR List of protocols to offer during Application-Layer Protocol Negotiation (ALPN)\&. For example: \fBh2\fR and \fBhttp/1\&.1\fR, but not \fBh3\fR or -\fBquic\fR\&. +\fBquic\fR\&. This option is new for TclTLS 1\&.8\&. .TP \fB-cadir\fR \fIdirectory\fR Specifies the directory where the Certificate Authority (CA) certificates are stored\&. The default is platform specific and can be set at compile time\&. The default location can be overridden by the \fBSSL_CERT_DIR\fR environment @@ -368,12 +367,13 @@ .TP \fB-castore\fR \fIURI\fR Specifies the Uniform Resource Identifier (URI) for the Certificate Authority (CA) store, which may be a single container or a catalog of containers\&. Starting with OpenSSL 3\&.2 on MS Windows, set to "\fBorg\&.openssl\&.winstore://\fR" -to use the built-in MS Windows Certificate Store\&. See -\fBCertificate Validation\fR for more details\&. +to use the built-in MS Windows Certificate Store\&. +See \fBCertificate Validation\fR for more details\&. +This option is new for TclTLS 1\&.8\&. .TP \fB-certfile\fR \fIfilename\fR Specifies the name of the file with the certificate to use in PEM format as the local (client or server) certificate\&. It also contains the public key\&. .TP @@ -395,10 +395,11 @@ \fB-ciphersuites\fR \fIstring\fR Specifies the list of cipher suites to use for TLS 1\&.3 as a colon "\fB:\fR" separated list of cipher suite names\&. See the \fIOpenSSL\fR [https://docs\&.openssl\&.org/master/man1/openssl-ciphers/#options] documentation for the full list of valid values\&. +This option is new for TclTLS 1\&.8\&. .TP \fB-command\fR \fIcallback\fR Specifies the callback command to be invoked at several points during the handshake to pass errors, tracing information, and protocol messages\&. See \fBCallback Options\fR for more info\&. @@ -418,15 +419,15 @@ specified \fIchannel\fR, and therefore share config, callbacks, etc\&. .TP \fB-password\fR \fIcallback\fR Specifies the callback command to invoke when OpenSSL needs to obtain a password\&. This is typically used to unlock the private key of a certificate\&. -The callback should return a password string\&. See \fBCallback Options\fR -for more info\&. +The callback should return a password string\&. This option has changed for +TclTLS 1\&.8\&. See \fBCallback Options\fR for more info\&. .TP \fB-post_handshake\fR \fIbool\fR -Allow post-handshake session ticket updates\&. +Allow post-handshake session ticket updates\&. This option is new for TclTLS 1\&.8\&. .TP \fB-request\fR \fIbool\fR Request a certificate from the peer during the SSL handshake\&. This is needed to do Certificate Validation\&. Starting in TclTLS 1\&.8, the default is \fBtrue\fR\&. Starting in TclTLS 2\&.0, If set to \fBfalse\fR and @@ -448,10 +449,11 @@ the allowed cipher suite encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key sizes and signature algorithms\&. The default is 1 prior to OpenSSL 3\&.2 and 2 thereafter\&. Level 3 and higher disable support for session tickets and only accept cipher suites that provide forward secrecy\&. +This option is new for TclTLS 1\&.8\&. .TP \fB-server\fR \fIbool\fR Specifies whether to act as a server and respond with a server handshake when a client connects and provides a client handshake\&. The default is \fBfalse\fR\&. .TP @@ -461,10 +463,11 @@ or one of the Subject Alternate Names (SAN)\&. Starting in TclTLS 2\&.0, this will default to the host for the \fBtls::socket\fR command\&. .TP \fB-session_id\fR \fIbinary_string\fR Specifies the session id to resume a session\&. Not supported yet\&. +This option is new for TclTLS 1\&.8\&. .TP \fB-ssl2\fR \fIbool\fR Enable use of SSL v2\&.The default is \fBfalse\fR\&. OpenSSL 1\&.1+ no longer supports SSL v2, so this may not have any effect\&. See the \fBtls::protocols\fR command for supported protocols\&. @@ -495,10 +498,11 @@ Specifies the callback command to invoke to validate the peer certificates and other config info during the protocol negotiation phase\&. This can be used by TCL scripts to perform their own Certificate Validation to supplement the default validation provided by OpenSSL\&. The script must return a boolean true to continue the negotiation\&. See \fBCallback Options\fR for more info\&. +This option is new for TclTLS 1\&.8\&. .RE .TP \fBtls::unimport\fR \fIchannel\fR Compliment to \fBtls::import\fR\&. Used to remove the top level stacked channel from \fIchannel\fR\&. This unstacks the encryption of a regular TCL channel\&. An @@ -519,56 +523,68 @@ SSL Status .RS .TP \fBalpn\fR \fIprotocol\fR The protocol selected after Application-Layer Protocol Negotiation (ALPN)\&. +This value is new for TclTLS 1\&.8\&. .TP \fBcipher\fR \fIcipher\fR The current cipher in use for the session\&. .TP \fBpeername\fR \fIname\fR The peername from the certificate\&. +This value is new for TclTLS 1\&.8\&. .TP \fBprotocol\fR \fIversion\fR -The protocol version used for the connection: SSL2, SSL3, TLS1, TLS1\&.1, TLS1\&.2, TLS1\&.3, or unknown\&. +The protocol version used for the connection: SSL2, SSL3, TLS1, TLS1\&.1, TLS1\&.2, +TLS1\&.3, or unknown\&. This value is new for TclTLS 1\&.8\&. .TP \fBsbits\fR \fIn\fR The number of bits used for the session key\&. .TP \fBsignatureHashAlgorithm\fR \fIalgorithm\fR The signature hash algorithm\&. +This value is new for TclTLS 1\&.8\&. .TP \fBsignatureType\fR \fItype\fR The signature type value\&. +This value is new for TclTLS 1\&.8\&. .TP \fBverifyDepth\fR \fIn\fR Maximum depth for the certificate chain verification\&. Default is -1, to check all\&. +This value is new for TclTLS 1\&.8\&. .TP \fBverifyMode\fR \fIlist\fR List of certificate verification modes\&. +This value is new for TclTLS 1\&.8\&. .TP \fBverifyResult\fR \fIresult\fR Certificate verification result\&. +This value is new for TclTLS 1\&.8\&. .TP \fBca_names\fR \fIlist\fR List of the Certificate Authorities used to create the certificate\&. +This value is new for TclTLS 1\&.8\&. .RE .IP Certificate Status .RS .TP \fBall\fR \fIstring\fR Dump of all certificate info\&. +This value is new for TclTLS 1\&.8\&. .TP \fBversion\fR \fIvalue\fR The certificate version\&. .TP \fBserialNumber\fR \fIstring\fR The serial number of the certificate as a hex string\&. +This value was changed from serial in TclTLS 1\&.8\&. .TP \fBsignature\fR \fIalgorithm\fR Cipher algorithm used for certificate signature\&. +This value is new for TclTLS 1\&.8\&. .TP \fBissuer\fR \fIstring\fR The distinguished name (DN) of the certificate issuer\&. .TP \fBnotBefore\fR \fIdate\fR @@ -582,71 +598,89 @@ Name (CN), Organization (O), Locality or City (L), State or Province (S), and Country Name (C)\&. .TP \fBissuerUniqueID\fR \fIstring\fR The issuer unique id\&. +This value is new for TclTLS 1\&.8\&. .TP \fBsubjectUniqueID\fR \fIstring\fR The subject unique id\&. +This value is new for TclTLS 1\&.8\&. .TP \fBnum_extensions\fR \fIn\fR Number of certificate extensions\&. +This value is new for TclTLS 1\&.8\&. .TP \fBextensions\fR \fIlist\fR List of certificate extension names\&. +This value is new for TclTLS 1\&.8\&. .TP \fBauthorityKeyIdentifier\fR \fIstring\fR Authority Key Identifier (AKI) of the Issuing CA certificate that signed the SSL certificate as a hex string\&. This value matches the SKI value of the Intermediate CA certificate\&. +This value is new for TclTLS 1\&.8\&. .TP \fBsubjectKeyIdentifier\fR \fIstring\fR Subject Key Identifier (SKI) hash of the public key inside the certificate as a hex string\&. Used to identify certificates that contain a particular public key\&. +This value is new for TclTLS 1\&.8\&. .TP \fBsubjectAltName\fR \fIlist\fR List of all of the Subject Alternative Names (SAN) including domain names, sub domains, and IP addresses that are secured by the certificate\&. +This value is new for TclTLS 1\&.8\&. .TP \fBocsp\fR \fIlist\fR List of all Online Certificate Status Protocol (OCSP) URLs that can be used to check the validity of this certificate\&. +This value is new for TclTLS 1\&.8\&. .TP \fBcertificate\fR \fIcert\fR The PEM encoded certificate\&. .TP \fBsignatureAlgorithm\fR \fIalgorithm\fR Cipher algorithm used for the certificate signature\&. +This value is new for TclTLS 1\&.8\&. .TP \fBsignatureValue\fR \fIstring\fR Certificate signature as a hex string\&. +This value is new for TclTLS 1\&.8\&. .TP \fBsignatureDigest\fR \fIversion\fR Certificate signing digest as a hex string\&. +This value is new for TclTLS 1\&.8\&. .TP \fBpublicKeyAlgorithm\fR \fIalgorithm\fR Certificate signature public key algorithm\&. +This value is new for TclTLS 1\&.8\&. .TP \fBpublicKey\fR \fIstring\fR Certificate signature public key as a hex string\&. +This value is new for TclTLS 1\&.8\&. .TP \fBbits\fR \fIn\fR Number of bits used for certificate signature key\&. +This value is new for TclTLS 1\&.8\&. .TP \fBself_signed\fR \fIboolean\fR Whether the certificate signature is self signed\&. +This value is new for TclTLS 1\&.8\&. .TP \fBsha1_hash\fR \fIhash\fR The SHA1 hash of the certificate as a hex string\&. +This value is new for TclTLS 1\&.8\&. .TP \fBsha256_hash\fR \fIhash\fR The SHA256 hash of the certificate as a hex string\&. +This value is new for TclTLS 1\&.8\&. .RE .TP \fBtls::connection\fR \fIchannel\fR Returns the current connection status of an SSL channel\&. The result is a list -of key-value pairs describing the connection\&. Returned values include: +of key-value pairs describing the connection\&. +This command is new for TclTLS 1\&.8\&. Returned values include: .sp SSL Status .RS .TP \fBstate\fR \fIstate\fR @@ -744,21 +778,23 @@ \fBsession_cache_mode\fR \fImode\fR Server cache mode (client, server, or both)\&. .RE .TP \fBtls::ciphers\fR ?\fIprotocol\fR? ?\fIverbose\fR? ?\fIsupported\fR? -Without any args, returns a list of all symmetric ciphers for use with the +Without any options, it returns a list of all symmetric ciphers for use with the \fI-cipher\fR option\&. With \fIprotocol\fR, only the ciphers supported for that protocol are returned\&. See the \fBtls::protocols\fR command for the supported protocols\&. If \fIverbose\fR is specified as true then a verbose, human readable list is returned with additional information on the cipher\&. If \fIsupported\fR is specified as true, then only the ciphers supported for protocol will be listed\&. +The \fIsupported\fR arg is new for TclTLS 1\&.8\&. .TP \fBtls::protocols\fR Returns a list of the supported SSL/TLS protocols\&. Valid values are: \fBssl2\fR, \fBssl3\fR, \fBtls1\fR, \fBtls1\&.1\fR, \fBtls1\&.2\fR, and \fBtls1\&.3\fR\&. Exact list depends on OpenSSL version and compile time flags\&. +This command is new for TclTLS 1\&.8\&. .TP \fBtls::version\fR Returns the OpenSSL version string\&. .PP .SH "CERTIFICATE VALIDATION" @@ -808,12 +844,13 @@ .TP \fB-castore\fR \fIURI\fR Specifies the Uniform Resource Identifier (URI) for the Certificate Authority (CA) store, which may be a single container or a catalog of containers\&. Starting with OpenSSL 3\&.2 on MS Windows, set to "\fBorg\&.openssl\&.winstore://\fR" -to use the built-in MS Windows Certificate Store\&. -This store only supports root certificate stores\&. See +to use the built-in MS Windows Certificate Store\&. Starting in TclTLS 2\&.0, this +is the default if \fB-cadir\fR, \fB-cadir\fR, and \fB-castore\fR are +not specified\&. This store only supports root certificate stores\&. See \fBCertificate Validation\fR for more details\&. .TP \fB-request\fR \fIbool\fR Request a certificate from the peer during the SSL handshake\&. This is needed to do Certificate Validation\&. Starting in TclTLS 1\&.8, the default is @@ -853,10 +890,12 @@ \fB-cadir\fR, or \fB-castore\fR options must be defined\&. .IP \(bu On MS Windows, starting in OpenSSL 3\&.2, it is now possible to access the built-in Windows Certificate Store from OpenSSL\&. This can utilized by setting the \fB-castore\fR option to "\fBorg\&.openssl\&.winstore://\fR"\&. +In TclTLS 2\&.0, this is the default value if \fB-cadir\fR, +\fB-cadir\fR, and \fB-castore\fR are not specified\&. .IP \(bu If OpenSSL is not installed or the CA certificates are not available in PEM format, the CA certificates must be downloaded and installed with the user software\&. The CURL team makes them available at \fICA certificates extracted @@ -1064,15 +1103,15 @@ certificate, even if it is invalid when the \fB-validatecommand\fR option is set to \fBtls::validate_command\fR\&. .PP \fIThe use of the variable \fBtls::debug\fR is not recommended\&. It may be removed from future releases\&.\fR -.SH "HTTP PACKAGE EXAMPLES" +.SH EXAMPLES The following are example scripts to download a webpage and file using the -http package\&. See \fBCertificate Validation\fR for whether the +http package\&. See \fBCertificate Validation\fR for when the \fB-cadir\fR, \fB-cafile\fR, and \fB-castore\fR options are also -needed\&. See the demos directory for more example scripts\&. +needed\&. See the "\fIdemos\fR" directory for more example scripts\&. .PP Example #1: Download a web page .CS