Index: generic/tlsDigest.c ================================================================== --- generic/tlsDigest.c +++ generic/tlsDigest.c @@ -1,10 +1,10 @@ /* * Message Digest (MD) and Message Authentication Code (MAC) Module * - * Provides commands to calculate a message digest (MD) or message - * authentication code (MAC) using a specified hash function and/or cipher. + * Provides commands to calculate a Message Digest (MD) or a Message + * Authentication Code (MAC). * * Copyright (C) 2023 Brian O'Hagan * */ @@ -307,16 +307,16 @@ *------------------------------------------------------------------- */ int DigestFinalize(Tcl_Interp *interp, DigestState *statePtr, Tcl_Obj **resultObj) { unsigned char md_buf[EVP_MAX_MD_SIZE]; unsigned int ulen; - int res = 0, md_len = 0; + int res = 0, md_len = 0, type = statePtr->format & 0xFF0; dprintf("Called"); /* Finalize cryptography function and get result */ - switch(statePtr->format & 0xFF0) { + switch(type) { case TYPE_MD: if (!(statePtr->format & IS_XOF)) { res = EVP_DigestFinal_ex(statePtr->ctx, md_buf, &ulen); md_len = (int) ulen; } else { @@ -1320,39 +1320,39 @@ * Side effects: * Sets result to message digest or error message * *------------------------------------------------------------------- */ - #define validate_argc(objc, objv) { \ + #define VALIDATE_ARGC(objc, objv) { \ if (objc != 2) { \ Tcl_WrongNumArgs(interp, 1, objv, "data"); \ return TCL_ERROR; \ } \ } int MD4ObjCmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) { - validate_argc(objc, objv); + VALIDATE_ARGC(objc, objv); return DigestDataHandler(interp, objv[1], EVP_md4(), NULL, HEX_FORMAT | TYPE_MD, NULL, NULL); } int MD5ObjCmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) { - validate_argc(objc, objv); + VALIDATE_ARGC(objc, objv); return DigestDataHandler(interp, objv[1], EVP_md5(), NULL, HEX_FORMAT | TYPE_MD, NULL, NULL); } int SHA1ObjCmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) { - validate_argc(objc, objv); + VALIDATE_ARGC(objc, objv); return DigestDataHandler(interp, objv[1], EVP_sha1(), NULL, HEX_FORMAT | TYPE_MD, NULL, NULL); } int SHA256ObjCmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) { - validate_argc(objc, objv); + VALIDATE_ARGC(objc, objv); return DigestDataHandler(interp, objv[1], EVP_sha256(), NULL, HEX_FORMAT | TYPE_MD, NULL, NULL); } int SHA512ObjCmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) { - validate_argc(objc, objv); + VALIDATE_ARGC(objc, objv); return DigestDataHandler(interp, objv[1], EVP_sha512(), NULL, HEX_FORMAT | TYPE_MD, NULL, NULL); } /* *------------------------------------------------------------------- Index: generic/tlsInfo.c ================================================================== --- generic/tlsInfo.c +++ generic/tlsInfo.c @@ -21,10 +21,11 @@ }; enum protocol { TLS_SSL2, TLS_SSL3, TLS_TLS1, TLS_TLS1_1, TLS_TLS1_2, TLS_TLS1_3, TLS_NONE }; +/*******************************************************************/ /* *------------------------------------------------------------------- * * NamesCallback -- @@ -38,75 +39,63 @@ * None. * *------------------------------------------------------------------- */ void NamesCallback(const OBJ_NAME *obj, void *arg) { - Tcl_Obj *objPtr = (Tcl_Obj *) arg; + Tcl_Obj *listObj = (Tcl_Obj *) arg; /* Fields: (int) type and alias, (const char*) name (alias from) and data (alias to) */ if (strstr(obj->name, "rsa") == NULL && strstr(obj->name, "RSA") == NULL) { - Tcl_ListObjAppendElement(NULL, objPtr, Tcl_NewStringObj(obj->name,-1)); + Tcl_ListObjAppendElement(NULL, listObj, Tcl_NewStringObj(obj->name,-1)); } } /*******************************************************************/ /* *------------------------------------------------------------------- * - * CipherObjCmd -- + * CipherInfo -- * - * Return a list of properties and values for cipherName. + * Return a list of properties and values for cipher. * * Results: * A standard Tcl list. * * Side effects: * None. * *------------------------------------------------------------------- */ -static int CipherObjCmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) { - Tcl_Obj *objPtr, *listPtr; - unsigned char *cipherName = NULL, *modeName = NULL; +int CipherInfo(Tcl_Interp *interp, Tcl_Obj *nameObj) { const EVP_CIPHER *cipher; + Tcl_Obj *resultObj, *listObj; unsigned long flags, mode; - - dprintf("Called"); - - /* Clear errors */ - Tcl_ResetResult(interp); - ERR_clear_error(); - - /* Validate arg count */ - if (objc != 2) { - Tcl_WrongNumArgs(interp, 1, objv, "name"); - return TCL_ERROR; - } + unsigned char *modeName = NULL; + char *name = Tcl_GetStringFromObj(nameObj,NULL); /* Get cipher */ - cipherName = Tcl_GetStringFromObj(objv[1], NULL); - cipher = EVP_get_cipherbyname(cipherName); + cipher = EVP_get_cipherbyname(name); if (cipher == NULL) { - Tcl_AppendResult(interp, "Invalid cipher \"", cipherName, "\"", NULL); + Tcl_AppendResult(interp, "Invalid cipher \"", name, "\"", NULL); return TCL_ERROR; } /* Get properties */ - objPtr = Tcl_NewListObj(0, NULL); - if (objPtr == NULL) { + resultObj = Tcl_NewListObj(0, NULL); + if (resultObj == NULL) { return TCL_ERROR; } - LAPPEND_STR(interp, objPtr, "nid", OBJ_nid2ln(EVP_CIPHER_nid(cipher)), -1); - LAPPEND_STR(interp, objPtr, "name", EVP_CIPHER_name(cipher), -1); - LAPPEND_STR(interp, objPtr, "description", "", -1); - LAPPEND_INT(interp, objPtr, "block_size", EVP_CIPHER_block_size(cipher)); - LAPPEND_INT(interp, objPtr, "key_length", EVP_CIPHER_key_length(cipher)); - LAPPEND_INT(interp, objPtr, "iv_length", EVP_CIPHER_iv_length(cipher)); - LAPPEND_STR(interp, objPtr, "type", OBJ_nid2ln(EVP_CIPHER_type(cipher)), -1); - LAPPEND_STR(interp, objPtr, "provider", "", -1); + LAPPEND_STR(interp, resultObj, "nid", OBJ_nid2ln(EVP_CIPHER_nid(cipher)), -1); + LAPPEND_STR(interp, resultObj, "name", EVP_CIPHER_name(cipher), -1); + LAPPEND_STR(interp, resultObj, "description", "", -1); + LAPPEND_INT(interp, resultObj, "block_size", EVP_CIPHER_block_size(cipher)); + LAPPEND_INT(interp, resultObj, "key_length", EVP_CIPHER_key_length(cipher)); + LAPPEND_INT(interp, resultObj, "iv_length", EVP_CIPHER_iv_length(cipher)); + LAPPEND_STR(interp, resultObj, "type", OBJ_nid2ln(EVP_CIPHER_type(cipher)), -1); + LAPPEND_STR(interp, resultObj, "provider", "", -1); flags = EVP_CIPHER_flags(cipher); mode = EVP_CIPHER_mode(cipher); /* EVP_CIPHER_get_mode */ switch(mode) { @@ -145,25 +134,25 @@ break; default: modeName = "unknown"; break; } - LAPPEND_STR(interp, objPtr, "mode", modeName, -1); + LAPPEND_STR(interp, resultObj, "mode", modeName, -1); /* Flags */ - listPtr = Tcl_NewListObj(0, NULL); - LAPPEND_BOOL(interp, listPtr, "Variable Length", flags & EVP_CIPH_VARIABLE_LENGTH); - LAPPEND_BOOL(interp, listPtr, "Always Call Init", flags & EVP_CIPH_ALWAYS_CALL_INIT); - LAPPEND_BOOL(interp, listPtr, "Custom IV", flags & EVP_CIPH_CUSTOM_IV); - LAPPEND_BOOL(interp, listPtr, "Control Init", flags & EVP_CIPH_CTRL_INIT); - LAPPEND_BOOL(interp, listPtr, "Custom Cipher", flags & EVP_CIPH_FLAG_CUSTOM_CIPHER); - LAPPEND_BOOL(interp, listPtr, "AEAD Cipher", flags & EVP_CIPH_FLAG_AEAD_CIPHER); - LAPPEND_BOOL(interp, listPtr, "Custom Copy", flags & EVP_CIPH_CUSTOM_COPY); - LAPPEND_BOOL(interp, listPtr, "Non FIPS Allow", flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW); - LAPPEND_OBJ(interp, objPtr, "flags", listPtr); - - Tcl_SetObjResult(interp, objPtr); + listObj = Tcl_NewListObj(0, NULL); + LAPPEND_BOOL(interp, listObj, "Variable Length", flags & EVP_CIPH_VARIABLE_LENGTH); + LAPPEND_BOOL(interp, listObj, "Always Call Init", flags & EVP_CIPH_ALWAYS_CALL_INIT); + LAPPEND_BOOL(interp, listObj, "Custom IV", flags & EVP_CIPH_CUSTOM_IV); + LAPPEND_BOOL(interp, listObj, "Control Init", flags & EVP_CIPH_CTRL_INIT); + LAPPEND_BOOL(interp, listObj, "Custom Cipher", flags & EVP_CIPH_FLAG_CUSTOM_CIPHER); + LAPPEND_BOOL(interp, listObj, "AEAD Cipher", flags & EVP_CIPH_FLAG_AEAD_CIPHER); + LAPPEND_BOOL(interp, listObj, "Custom Copy", flags & EVP_CIPH_CUSTOM_COPY); + LAPPEND_BOOL(interp, listObj, "Non FIPS Allow", flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW); + LAPPEND_OBJ(interp, resultObj, "flags", listObj); + + Tcl_SetObjResult(interp, resultObj); return TCL_OK; } /* *------------------------------------------------------------------- @@ -179,18 +168,56 @@ * None. * *------------------------------------------------------------------- */ int CipherList(Tcl_Interp *interp) { - Tcl_Obj *objPtr = Tcl_NewListObj(0, NULL); - if (objPtr == NULL) { + Tcl_Obj *resultObj = Tcl_NewListObj(0, NULL); + if (resultObj == NULL) { return TCL_ERROR; } - OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH, NamesCallback, (void *) objPtr); - Tcl_SetObjResult(interp, objPtr); + /* Same as EVP_CIPHER_do_all */ + OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH, NamesCallback, (void *) resultObj); + Tcl_SetObjResult(interp, resultObj); + return TCL_OK; +} + +/* + *------------------------------------------------------------------- + * + * CipherObjCmd -- + * + * Return a list of properties and values for cipherName. + * + * Results: + * A standard Tcl list. + * + * Side effects: + * None. + * + *------------------------------------------------------------------- + */ +static int CipherObjCmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) { + dprintf("Called"); + + /* Clear errors */ + Tcl_ResetResult(interp); + ERR_clear_error(); + + /* Validate arg count */ + if (objc == 1) { + return CipherList(interp); + + } else if (objc == 2) { + return CipherInfo(interp, objv[1]); + + } else { + Tcl_WrongNumArgs(interp, 1, objv, "?name?"); + return TCL_ERROR; + } return TCL_OK; + clientData = clientData; } /* *------------------------------------------------------------------- * @@ -320,16 +347,16 @@ sk = SSL_get_ciphers(ssl); /*sk = SSL_CTX_get_ciphers(ctx);*/ } if (sk != NULL) { - Tcl_Obj *objPtr = NULL; + Tcl_Obj *resultObj = NULL; if (!verbose) { char *cp; - objPtr = Tcl_NewListObj(0, NULL); - if (objPtr == NULL) { + resultObj = Tcl_NewListObj(0, NULL); + if (resultObj == NULL) { res = TCL_ERROR; goto done; } for (int i = 0; i < sk_SSL_CIPHER_num(sk); i++) { @@ -337,17 +364,17 @@ if (c == NULL) continue; /* cipher name or (NONE) */ cp = SSL_CIPHER_get_name(c); if (cp == NULL) break; - Tcl_ListObjAppendElement(interp, objPtr, Tcl_NewStringObj(cp, -1)); + Tcl_ListObjAppendElement(interp, resultObj, Tcl_NewStringObj(cp, -1)); } } else { char buf[BUFSIZ]; - objPtr = Tcl_NewStringObj("",0); - if (objPtr == NULL) { + resultObj = Tcl_NewStringObj("",0); + if (resultObj == NULL) { res = TCL_ERROR; goto done; } for (int i = 0; i < sk_SSL_CIPHER_num(sk); i++) { @@ -354,22 +381,22 @@ const SSL_CIPHER *c = sk_SSL_CIPHER_value(sk, i); if (c == NULL) continue; /* textual description of the cipher */ if (SSL_CIPHER_description(c, buf, sizeof(buf)) != NULL) { - Tcl_AppendToObj(objPtr, buf, (Tcl_Size) strlen(buf)); + Tcl_AppendToObj(resultObj, buf, (Tcl_Size) strlen(buf)); } else { - Tcl_AppendToObj(objPtr, "UNKNOWN\n", 8); + Tcl_AppendToObj(resultObj, "UNKNOWN\n", 8); } } } /* Clean up */ if (use_supported) { sk_SSL_CIPHER_free(sk); } - Tcl_SetObjResult(interp, objPtr); + Tcl_SetObjResult(interp, resultObj); } done: SSL_free(ssl); SSL_CTX_free(ctx); @@ -382,58 +409,60 @@ /* *------------------------------------------------------------------- * * DigestInfo -- * - * Return a list of properties and values for digestName. + * Return a list of properties and values for digest. * * Results: * A standard Tcl list. * * Side effects: * None. * *------------------------------------------------------------------- */ -int DigestInfo(Tcl_Interp *interp, char *digestName) { +int DigestInfo(Tcl_Interp *interp, Tcl_Obj *nameObj) { EVP_MD *md; - Tcl_Obj *objPtr, *listPtr; + Tcl_Obj *resultObj, *listObj; unsigned long flags; + int res = TCL_OK; + char *name = Tcl_GetStringFromObj(nameObj,NULL); /* Get message digest */ - md = EVP_get_digestbyname(digestName); + md = EVP_get_digestbyname(name); if (md == NULL) { - Tcl_AppendResult(interp, "Invalid digest \"", digestName, "\"", NULL); + Tcl_AppendResult(interp, "Invalid digest \"", name, "\"", NULL); return TCL_ERROR; } /* Get properties */ - objPtr = Tcl_NewListObj(0, NULL); - if (objPtr == NULL) { + resultObj = Tcl_NewListObj(0, NULL); + if (resultObj == NULL) { return TCL_ERROR; } - LAPPEND_STR(interp, objPtr, "name", EVP_MD_name(md), -1); - LAPPEND_STR(interp, objPtr, "description", "", -1); - LAPPEND_INT(interp, objPtr, "size", EVP_MD_size(md)); - LAPPEND_INT(interp, objPtr, "block_size", EVP_MD_block_size(md)); - LAPPEND_STR(interp, objPtr, "provider", "", -1); - LAPPEND_STR(interp, objPtr, "type", OBJ_nid2ln(EVP_MD_type(md)), -1); - LAPPEND_STR(interp, objPtr, "pkey_type", OBJ_nid2ln(EVP_MD_pkey_type(md)), -1); + LAPPEND_STR(interp, resultObj, "name", EVP_MD_name(md), -1); + LAPPEND_STR(interp, resultObj, "description", "", -1); + LAPPEND_INT(interp, resultObj, "size", EVP_MD_size(md)); + LAPPEND_INT(interp, resultObj, "block_size", EVP_MD_block_size(md)); + LAPPEND_STR(interp, resultObj, "provider", "", -1); + LAPPEND_STR(interp, resultObj, "type", OBJ_nid2ln(EVP_MD_type(md)), -1); + LAPPEND_STR(interp, resultObj, "pkey_type", OBJ_nid2ln(EVP_MD_pkey_type(md)), -1); flags = EVP_MD_flags(md); /* Flags */ - listPtr = Tcl_NewListObj(0, NULL); - LAPPEND_BOOL(interp, listPtr, "One-shot", flags & EVP_MD_FLAG_ONESHOT); - LAPPEND_BOOL(interp, listPtr, "XOF", flags & EVP_MD_FLAG_XOF); - LAPPEND_BOOL(interp, listPtr, "DigestAlgorithmId_NULL", flags & EVP_MD_FLAG_DIGALGID_NULL); - LAPPEND_BOOL(interp, listPtr, "DigestAlgorithmId_Abscent", flags & EVP_MD_FLAG_DIGALGID_ABSENT); - LAPPEND_BOOL(interp, listPtr, "DigestAlgorithmId_Custom", flags & EVP_MD_FLAG_DIGALGID_CUSTOM); - LAPPEND_BOOL(interp, listPtr, "FIPS", flags & EVP_MD_FLAG_FIPS); - LAPPEND_OBJ(interp, objPtr, "flags", listPtr); - - Tcl_SetObjResult(interp, objPtr); + listObj = Tcl_NewListObj(0, NULL); + LAPPEND_BOOL(interp, listObj, "One-shot", flags & EVP_MD_FLAG_ONESHOT); + LAPPEND_BOOL(interp, listObj, "XOF", flags & EVP_MD_FLAG_XOF); + LAPPEND_BOOL(interp, listObj, "DigestAlgorithmId_NULL", flags & EVP_MD_FLAG_DIGALGID_NULL); + LAPPEND_BOOL(interp, listObj, "DigestAlgorithmId_Abscent", flags & EVP_MD_FLAG_DIGALGID_ABSENT); + LAPPEND_BOOL(interp, listObj, "DigestAlgorithmId_Custom", flags & EVP_MD_FLAG_DIGALGID_CUSTOM); + LAPPEND_BOOL(interp, listObj, "FIPS", flags & EVP_MD_FLAG_FIPS); + LAPPEND_OBJ(interp, resultObj, "flags", listObj); + + Tcl_SetObjResult(interp, resultObj); return TCL_OK; } /* *------------------------------------------------------------------- @@ -449,17 +478,18 @@ * None. * *------------------------------------------------------------------- */ int DigestList(Tcl_Interp *interp) { - Tcl_Obj *objPtr = Tcl_NewListObj(0, NULL); - if (objPtr == NULL) { + Tcl_Obj *resultObj = Tcl_NewListObj(0, NULL); + if (resultObj == NULL) { return TCL_ERROR; } - OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH, NamesCallback, (void *) objPtr); - Tcl_SetObjResult(interp, objPtr); + /* Same as EVP_MD_do_all */ + OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH, NamesCallback, (void *) resultObj); + Tcl_SetObjResult(interp, resultObj); return TCL_OK; } /* *------------------------------------------------------------------- @@ -476,17 +506,22 @@ * *------------------------------------------------------------------- */ int DigestsObjCmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) { dprintf("Called"); + + /* Clear errors */ + Tcl_ResetResult(interp); + ERR_clear_error(); + /* Validate arg count */ if (objc == 1) { return DigestList(interp); } else if (objc == 2) { - return DigestInfo(interp, Tcl_GetStringFromObj(objv[1],NULL)); + return DigestInfo(interp, objv[1]); } else { Tcl_WrongNumArgs(interp, 1, objv, "?name?"); return TCL_ERROR; } @@ -509,27 +544,31 @@ * Side effects: * None. * *------------------------------------------------------------------- */ -int MacInfo(Tcl_Interp *interp, char *macName) { - if (strcmp(macName, "cmac") != 0 && strcmp(macName, "hmac") != 0) { - Tcl_AppendResult(interp, "Invalid MAC \"", macName, "\"", NULL); +int MacInfo(Tcl_Interp *interp, Tcl_Obj *nameObj) { + Tcl_Obj *resultObj; + int res = TCL_OK; + char *name = Tcl_GetStringFromObj(nameObj,NULL); + + if (strcmp(name, "cmac") != 0 && strcmp(name, "hmac") != 0) { + Tcl_AppendResult(interp, "Invalid MAC \"", name, "\"", NULL); return TCL_ERROR; } /* Get properties */ - objPtr = Tcl_NewListObj(0, NULL); - if (objPtr == NULL) { + resultObj = Tcl_NewListObj(0, NULL); + if (resultObj == NULL) { return TCL_ERROR; } - LAPPEND_STR(interp, objPtr, "name", macName, -1); - LAPPEND_STR(interp, objPtr, "description", "", -1); - LAPPEND_STR(interp, objPtr, "provider", "", -1); + LAPPEND_STR(interp, resultObj, "name", name, -1); + LAPPEND_STR(interp, resultObj, "description", "", -1); + LAPPEND_STR(interp, resultObj, "provider", "", -1); - Tcl_SetObjResult(interp, objPtr); - return TCL_OK; + Tcl_SetObjResult(interp, resultObj); + return res; } /* *------------------------------------------------------------------- * @@ -544,18 +583,18 @@ * None. * *------------------------------------------------------------------- */ int MacList(Tcl_Interp *interp) { - Tcl_Obj *objPtr = Tcl_NewListObj(0, NULL); - if (objPtr == NULL) { + Tcl_Obj *resultObj = Tcl_NewListObj(0, NULL); + if (resultObj == NULL) { return TCL_ERROR; } - Tcl_ListObjAppendElement(interp, objPtr, Tcl_NewStringObj("cmac", -1)); - Tcl_ListObjAppendElement(interp, objPtr, Tcl_NewStringObj("hmac", -1)); - Tcl_SetObjResult(interp, objPtr); + Tcl_ListObjAppendElement(interp, resultObj, Tcl_NewStringObj("cmac", -1)); + Tcl_ListObjAppendElement(interp, resultObj, Tcl_NewStringObj("hmac", -1)); + Tcl_SetObjResult(interp, resultObj); return TCL_OK; } /* *------------------------------------------------------------------- @@ -582,11 +621,11 @@ /* Validate arg count */ if (objc == 1) { return MacList(interp); } else if (objc == 2) { - return MacInfo(interp, Tcl_GetStringFromObj(objv[1],NULL)); + return MacInfo(interp, objv[1]); } else { Tcl_WrongNumArgs(interp, 1, objv, "?name?"); return TCL_ERROR; } @@ -599,47 +638,54 @@ /* *------------------------------------------------------------------- * * PkeyInfo -- * - * Return a list of properties and values for pkeyName. + * Return a list of properties and values for pkey. * * Results: * A standard Tcl list. * * Side effects: * None. * *------------------------------------------------------------------- */ -int PkeyInfo(Tcl_Interp *interp, char *pkeyName) { - Tcl_Obj *objPtr; +int PkeyInfo(Tcl_Interp *interp, Tcl_Obj *nameObj) { + Tcl_Obj *resultObj; + int res = TCL_OK; + char *name = Tcl_GetStringFromObj(nameObj,NULL); EVP_PKEY *pkey = NULL; -/* In work */ if (pkey == NULL) { - Tcl_AppendResult(interp, "Invalid public key method \"", pkeyName, "\"", NULL); + Tcl_AppendResult(interp, "Invalid public key method \"", name, "\"", NULL); return TCL_ERROR; } /* Get properties */ - objPtr = Tcl_NewListObj(0, NULL); - if (objPtr == NULL) { + resultObj = Tcl_NewListObj(0, NULL); + if (resultObj == NULL) { return TCL_ERROR; } - LAPPEND_STR(interp, objPtr, "name", OBJ_nid2ln(EVP_PKEY_id(pkey)), -1); - LAPPEND_STR(interp, objPtr, "description", "", -1); - LAPPEND_STR(interp, objPtr, "baseId", OBJ_nid2ln(EVP_PKEY_base_id(pkey)), -1); - LAPPEND_STR(interp, objPtr, "provider", "", -1); - LAPPEND_STR(interp, objPtr, "type", OBJ_nid2ln(EVP_PKEY_type(EVP_PKEY_id(pkey))), -1); - - LAPPEND_INT(interp, objPtr, "size", EVP_PKEY_size(pkey)); - LAPPEND_INT(interp, objPtr, "bits", EVP_PKEY_bits(pkey)); - LAPPEND_INT(interp, objPtr, "security_bits", EVP_PKEY_security_bits(pkey)); - - Tcl_SetObjResult(interp, objPtr); - return TCL_OK; + LAPPEND_STR(interp, resultObj, "name", OBJ_nid2ln(EVP_PKEY_id(pkey)), -1); + LAPPEND_STR(interp, resultObj, "description", "", -1); + LAPPEND_INT(interp, resultObj, "size", EVP_PKEY_size(pkey)); + LAPPEND_INT(interp, resultObj, "bits", EVP_PKEY_bits(pkey)); + LAPPEND_INT(interp, resultObj, "security_bits", EVP_PKEY_security_bits(pkey)); + LAPPEND_STR(interp, resultObj, "baseId", OBJ_nid2ln(EVP_PKEY_base_id(pkey)), -1); + LAPPEND_STR(interp, resultObj, "provider", "", -1); + LAPPEND_STR(interp, resultObj, "type", OBJ_nid2ln(EVP_PKEY_type(EVP_PKEY_id(pkey))), -1); + + { + int pnid; + if (EVP_PKEY_get_default_digest_nid(pkey, &pnid) > 0) { + LAPPEND_STR(interp, resultObj, "default_digest", OBJ_nid2ln(pnid), -2); + } + } + + Tcl_SetObjResult(interp, resultObj); + return res; } /* *------------------------------------------------------------------- * @@ -654,26 +700,26 @@ * None. * *------------------------------------------------------------------- */ int PkeyList(Tcl_Interp *interp) { - Tcl_Obj *objPtr = Tcl_NewListObj(0, NULL); - if (objPtr == NULL) { + Tcl_Obj *resultObj = Tcl_NewListObj(0, NULL); + if (resultObj == NULL) { return TCL_ERROR; } for (size_t i = 0; i < EVP_PKEY_meth_get_count(); i++) { const EVP_PKEY_METHOD *pmeth = EVP_PKEY_meth_get0(i); int pkey_id, pkey_flags; EVP_PKEY_meth_get0_info(&pkey_id, &pkey_flags, pmeth); - /*LAPPEND_STR(interp, objPtr, "name", OBJ_nid2ln(pkey_id), -1); - LAPPEND_STR(interp, objPtr, "type", pkey_flags & ASN1_PKEY_DYNAMIC ? "External" : "Built-in", -1);*/ + /*LAPPEND_STR(interp, resultObj, "name", OBJ_nid2ln(pkey_id), -1); + LAPPEND_STR(interp, resultObj, "type", pkey_flags & ASN1_PKEY_DYNAMIC ? "External" : "Built-in", -1);*/ - Tcl_ListObjAppendElement(interp, objPtr, Tcl_NewStringObj(OBJ_nid2ln(pkey_id), -1)); + Tcl_ListObjAppendElement(interp, resultObj, Tcl_NewStringObj(OBJ_nid2ln(pkey_id), -1)); } - Tcl_SetObjResult(interp, objPtr); + Tcl_SetObjResult(interp, resultObj); return TCL_OK; } /* *------------------------------------------------------------------- @@ -700,11 +746,11 @@ /* Validate arg count */ if (objc == 1) { return PkeyList(interp); } else if (objc == 2) { - return PkeyInfo(interp, Tcl_GetStringFromObj(objv[1],NULL)); + return PkeyInfo(interp, objv[1]); } else { Tcl_WrongNumArgs(interp, 1, objv, "?name?"); return TCL_ERROR; } @@ -729,11 +775,11 @@ * *------------------------------------------------------------------- */ static int ProtocolsObjCmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) { - Tcl_Obj *objPtr; + Tcl_Obj *resultObj; dprintf("Called"); /* Clear errors */ Tcl_ResetResult(interp); @@ -744,33 +790,33 @@ Tcl_WrongNumArgs(interp, 1, objv, NULL); return TCL_ERROR; } /* List all protocols */ - objPtr = Tcl_NewListObj(0, NULL); - if (objPtr == NULL) { + resultObj = Tcl_NewListObj(0, NULL); + if (resultObj == NULL) { return TCL_ERROR; } #if OPENSSL_VERSION_NUMBER < 0x10100000L && !defined(NO_SSL2) && !defined(OPENSSL_NO_SSL2) - Tcl_ListObjAppendElement(interp, objPtr, Tcl_NewStringObj(protocols[TLS_SSL2], -1)); + Tcl_ListObjAppendElement(interp, resultObj, Tcl_NewStringObj(protocols[TLS_SSL2], -1)); #endif #if !defined(NO_SSL3) && !defined(OPENSSL_NO_SSL3) && !defined(OPENSSL_NO_SSL3_METHOD) - Tcl_ListObjAppendElement(interp, objPtr, Tcl_NewStringObj(protocols[TLS_SSL3], -1)); + Tcl_ListObjAppendElement(interp, resultObj, Tcl_NewStringObj(protocols[TLS_SSL3], -1)); #endif #if !defined(NO_TLS1) && !defined(OPENSSL_NO_TLS1) && !defined(OPENSSL_NO_TLS1_METHOD) - Tcl_ListObjAppendElement(interp, objPtr, Tcl_NewStringObj(protocols[TLS_TLS1], -1)); + Tcl_ListObjAppendElement(interp, resultObj, Tcl_NewStringObj(protocols[TLS_TLS1], -1)); #endif #if !defined(NO_TLS1_1) && !defined(OPENSSL_NO_TLS1_1) && !defined(OPENSSL_NO_TLS1_1_METHOD) - Tcl_ListObjAppendElement(interp, objPtr, Tcl_NewStringObj(protocols[TLS_TLS1_1], -1)); + Tcl_ListObjAppendElement(interp, resultObj, Tcl_NewStringObj(protocols[TLS_TLS1_1], -1)); #endif #if !defined(NO_TLS1_2) && !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_TLS1_2_METHOD) - Tcl_ListObjAppendElement(interp, objPtr, Tcl_NewStringObj(protocols[TLS_TLS1_2], -1)); + Tcl_ListObjAppendElement(interp, resultObj, Tcl_NewStringObj(protocols[TLS_TLS1_2], -1)); #endif #if !defined(NO_TLS1_3) && !defined(OPENSSL_NO_TLS1_3) - Tcl_ListObjAppendElement(interp, objPtr, Tcl_NewStringObj(protocols[TLS_TLS1_3], -1)); + Tcl_ListObjAppendElement(interp, resultObj, Tcl_NewStringObj(protocols[TLS_TLS1_3], -1)); #endif - Tcl_SetObjResult(interp, objPtr); + Tcl_SetObjResult(interp, resultObj); return TCL_OK; clientData = clientData; } /*******************************************************************/ @@ -790,22 +836,22 @@ * *------------------------------------------------------------------- */ static int VersionObjCmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) { - Tcl_Obj *objPtr; + Tcl_Obj *resultObj; dprintf("Called"); /* Validate arg count */ if (objc != 1) { Tcl_WrongNumArgs(interp, 1, objv, NULL); return TCL_ERROR; } - objPtr = Tcl_NewStringObj(OPENSSL_VERSION_TEXT, -1); - Tcl_SetObjResult(interp, objPtr); + resultObj = Tcl_NewStringObj(OPENSSL_VERSION_TEXT, -1); + Tcl_SetObjResult(interp, resultObj); return TCL_OK; clientData = clientData; } /*******************************************************************/ @@ -840,5 +886,6 @@ Tcl_CreateObjCommand(interp, "tls::pkeys", PkeysObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::protocols", ProtocolsObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::version", VersionObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); return TCL_OK; } +