Recent

Author Topic: Direct use of OpenSSL without using intermediate libraries (LNet, Indy, Synapse)  (Read 1723 times)

delphius

  • Jr. Member
  • **
  • Posts: 65
Please, pros, explain to me why, when developing Free Pascal (Lazarus) programs, we must necessarily rely on intermediary libraries like LNet, Indy, Synapse, etc.?
Why is it impossible to work with OpenSSL directly for any tasks requiring tls/ssl, as tfphttpclient does, just using fpc openssl unit?

How will such code from the example working with OpenSSL over simple sockets directly be worse?
Code: Pascal  [Select][+][-]
  1. program opensslget;
  2.  
  3. {$mode objfpc}{$H+}
  4. {$Packrecords C}
  5.  
  6. uses
  7.   SysUtils, sockets, resolve, openssl;
  8.  
  9. type
  10.   PSSL_CIPHER = ^SSL_CIPHER;
  11.   // https://github.com/openssl/openssl/blob/ed4a71d18d939f557b430c4369d118b55c1c0b6c/ssl/ssl_local.h#L397
  12.   SSL_CIPHER = record
  13.     valid: LongWord;
  14.     name: PChar;
  15.     stdname: PChar;
  16.     id: packed array[0..1] of Char;
  17.     algorithm_mkey: LongWord;
  18.     algorithm_auth: LongWord;
  19.     algorithm_enc: LongWord;
  20.     algorithm_mac: LongWord;
  21.     min_tls: Integer;
  22.     max_tls: Integer;
  23.     min_dtls: Integer;
  24.     max_dtls: Integer;
  25.     algo_strength: LongWord;
  26.     algorithm2: LongWord;
  27.     strength_bits: LongInt;
  28.     alg_bits: LongWord;
  29.   end;
  30.  
  31. const
  32.   // The read functions work based on the SSL/TLS records. The data are received in records (with a maximum record size of 16kB)
  33.   // For TLS 1.2 and earlier, that limit is 2^14 octets. TLS 1.3 uses a limit of 2^14+1 octets.
  34.   // https://www.rfc-editor.org/rfc/rfc8449.html#section-4
  35.   BUF_SIZE = 16 * 1024;
  36.  
  37.   Host = 'example.org';
  38.   Port = 443;
  39.  
  40.   {$IFDEF WINDOWS}
  41.   ext = '.dll';
  42.   {$ELSE}
  43.   ext = '.so.3';
  44.   {$ENDIF}
  45.  
  46. var
  47.   filepath, trustedCertFile: string;
  48.   //OpenSSL
  49.   ctx: PSSL_CTX;
  50.   ssl: PSSL;
  51.   cipherPtr: PSSL_CIPHER;
  52.   server_cert:pX509;
  53.   in_buf: array[0..BUF_SIZE - 1] of char;
  54.   request: string;
  55.   nbytes_written, nbytes_read, ssl_error: integer;
  56.   cert_str: AnsiString;
  57.   tempBuf: AnsiString;
  58.   //Sockets
  59.   CSocket: TSocket;
  60.   Address: TInetSockAddr;
  61.   IPAddr: string;
  62.   hrs: THostResolver;
  63.  
  64. procedure PrintSSLCipherInfo(const cipher: SSL_CIPHER);
  65. begin
  66.   Writeln('Cipher Name: ', cipher.name);
  67.   Writeln('RFC Name: ', cipher.stdname);
  68.   // https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4
  69.   Writeln('TLS Cipher ID: ', '0x' + IntToHex(Ord(cipher.id[1]), 2) + ', 0x' + IntToHex(Ord(cipher.id[0]), 2));
  70.   Writeln('Key Exchange Algorithm: ', cipher.algorithm_mkey);
  71.   Writeln('Server Authentication Algorithm: ', cipher.algorithm_auth);
  72.   Writeln('Symmetric Encryption Algorithm: ', cipher.algorithm_enc);
  73.   Writeln('Symmetric Authentication Algorithm: ', cipher.algorithm_mac);
  74.   Writeln('Minimum SSL/TLS Protocol Version: ', cipher.min_tls);
  75.   Writeln('Maximum SSL/TLS Protocol Version: ', cipher.max_tls);
  76.   Writeln('Minimum DTLS Protocol Version: ', cipher.min_dtls);
  77.   Writeln('Maximum DTLS Protocol Version: ', cipher.max_dtls);
  78.   Writeln('Strength and Export Flags: ', cipher.algo_strength);
  79.   Writeln('Extra Flags: ', cipher.algorithm2);
  80.   Writeln('Number of Bits Used: ', cipher.strength_bits);
  81.   Writeln('Number of Bits for Algorithm: ', cipher.alg_bits);
  82. end;
  83.  
  84. begin
  85.   filepath := ExtractFilePath(ParamStr(0));
  86.   // https://curl.se/ca/cacert.pem
  87.   trustedCertFile := filepath + 'cacert.pem';
  88.   // Load OpenSSL dynamic libraries from program folder
  89.   InitSSLInterface(filepath + 'libssl' + ext, filepath + 'libcrypto' + ext);
  90.  
  91.   // Show libs version https://github.com/openssl/openssl/blob/8f51b2279eda1e0cffb3400c2e5b5c3771f62ea7/include/openssl/crypto.h.in#L162
  92.   WriteLn('OpenSSL version: ' + OpenSSLGetVersion(7)); // OPENSSL_FULL_VERSION_STRING
  93.  
  94.   // Create an SSL context.
  95.   ctx := SSLCTXnew(SslTLSMethod);
  96.   if not Assigned(ctx) then
  97.   begin
  98.     WriteLn('Could not create SSL context');
  99.     Halt(1);
  100.   end;
  101.  
  102.   // Load trusted certificates.
  103.   if SSLCTXloadverifylocations(ctx, PChar(trustedCertFile), '') <= 0 then
  104.     begin
  105.       WriteLn('Could not load trusted certificates');
  106.       Halt(1);
  107.     end;
  108.  
  109.   // Set verification options.
  110.   SSLCTXsetverify(ctx, SSL_VERIFY_PEER, nil);
  111.   SSLCTXsetmode(ctx, SSL_MODE_AUTO_RETRY);
  112.  
  113.   // Create SSL connection
  114.   ssl := SSLnew(ctx);
  115.   if ssl = nil then
  116.   begin
  117.     Writeln('Error creating SSL connection');
  118.     Halt(1);
  119.   end;
  120.  
  121.   // Create simple socket
  122.   CSocket := fpsocket(AF_INET, SOCK_STREAM, 0);
  123.   if CSocket = -1 then
  124.   begin
  125.     WriteLn('Error creating socket');
  126.     Halt(1);
  127.   end;
  128.  
  129.   // Resolve domain name to IP adress
  130.   hrs := THostResolver.Create(nil);
  131.   if hrs.NameLookup(Host) then
  132.   begin
  133.     IPAddr := hrs.AddressAsString;
  134.     WriteLn('Resolved IP Address: ', IPAddr);
  135.   end
  136.   else
  137.   begin
  138.     WriteLn('Failed to resolve the hostname: ', Host);
  139.     Halt(1);
  140.   end;
  141.  
  142.   // Connect to host
  143.   with Address do
  144.    begin
  145.       sin_family := AF_INET; //TCP/IP
  146.       sin_port:= htons(word(Port)); //Port
  147.       sin_addr:=StrToNetAddr(hrs.AddressAsString); // IP address
  148.    end;
  149.  
  150.   hrs.Free;
  151.  
  152.   if fpconnect(CSocket, @Address, SizeOf(Address)) < 0 then
  153.   begin
  154.     WriteLn('Error connecting to server.');
  155.     Halt(1);
  156.   end;
  157.  
  158.   writeln('Connected ', Host, ':', Port);
  159.  
  160.   // Set file descriptor (fd) of connected socket to SSL connection
  161.   SSLsetfd(ssl, CSocket);
  162.  
  163.   // Establish SSL connection
  164.   if SslConnect(ssl) <= 0 then
  165.   begin
  166.     Writeln('SSL connection error.');
  167.     Halt(1);
  168.   end;
  169.   Writeln('SSL connection established.');
  170.   WriteLn('----' + #13#10 + 'SSL connection cipher description:');
  171.   // https://www.openssl.org/docs/manmaster/man3/SSL_get_cipher.html
  172.   cipherPtr := SSLgetcurrentcipher(ssl);
  173.   PrintSSLCipherInfo(cipherPtr^);
  174.   WriteLn('----');
  175.   // https://www.openssl.org/docs/manmaster/man3/SSL_get_version.html
  176.   WriteLn('SSL/TLS version: ' + SslGetVersion(ssl));
  177.   WriteLn('----');
  178.   // https://www.openssl.org/docs/manmaster/man3/SSL_get_peer_certificate.html
  179.   server_cert := SslGetPeerCertificate(ssl);
  180.   WriteLn('Server certificate:');
  181.   SetLength(tempBuf, 1024);
  182.   // https://www.openssl.org/docs/man3.0/man3/X509_NAME_oneline.html
  183.   // https://www.openssl.org/docs/manmaster/man3/X509_get_subject_name.html
  184.   cert_str := X509NameOneline(X509GetSubjectName(server_cert), tempBuf, Length(tempBuf));
  185.   cert_str := StringReplace(cert_str, '\xC2\xA0', ' ', [rfReplaceAll]);
  186.   WriteLn('Subject: ', cert_str);
  187.   // https://www.openssl.org/docs/manmaster/man3/X509_get_issuer_name.html
  188.   cert_str := X509NameOneline(X509GetIssuerName(server_cert), tempBuf, Length(tempBuf));
  189.   cert_str := StringReplace(cert_str, '\xC2\xA0', ' ', [rfReplaceAll]);
  190.   WriteLn('Issuer: ', cert_str + #13#10);
  191.  
  192.   // We could do all sorts of certificate verification stuff here before deallocating the certificate
  193.   // https://www.openssl.org/docs/manmaster/man3/X509_free.html
  194.   X509free(server_cert);
  195.  
  196.   // Create an HTTP GET request.
  197.   request :=
  198.     'GET / HTTP/1.1'#13#10 +
  199.     'Host: ' + Host + #13#10 +
  200.     'Connection: close'#13#10 +
  201.     'User-Agent: Example TLS client'#13#10#13#10;
  202.  
  203.   // Send the request to the server.
  204.   WriteLn('--> Sending to the server:');
  205.   Write(request);
  206.   // https://www.openssl.org/docs/manmaster/man3/SSL_write.html
  207.   nbytes_written := SslWrite(ssl, PChar(request), Length(request));
  208.   if nbytes_written <> Length(request) then
  209.   begin
  210.     WriteLn('Could not send all data to the server');
  211.     Halt(1);
  212.   end;
  213.  
  214.   WriteLn('--> Sending to the server finished');
  215.   WriteLn('<-- Receiving from the server:');
  216.  
  217.   // Receive and display the server's response.
  218.   repeat
  219.     // https://www.openssl.org/docs/manmaster/man3/SSL_read.html
  220.     nbytes_read := SslRead(ssl, @in_buf, BUF_SIZE);
  221.     if nbytes_read <= 0 then
  222.     begin
  223.       ssl_error := SSLgeterror(ssl, nbytes_read);
  224.       if ssl_error = SSL_ERROR_ZERO_RETURN then
  225.         Break
  226.       else
  227.       begin
  228.         WriteLn('Error ', ssl_error, ' while reading data from the server');
  229.         Halt(1);
  230.       end;
  231.     end;
  232.  
  233.     Write(UTF8Encode(Copy(in_buf, 0, nbytes_read)));
  234.   until False;
  235.  
  236.   WriteLn('<-- Receiving from the server finished');
  237.  
  238.   // Send SSL/TLS close_notify
  239.   // https://www.openssl.org/docs/manmaster/man3/SSL_shutdown.html
  240.   repeat
  241.     ssl_error := SslShutdown(ssl);  
  242.   until ssl_error <> 0;
  243.  
  244.   if ssl_error = 1 then
  245.       WriteLn('SSL connection sussefully closed.')
  246.     else
  247.       // https://www.openssl.org/docs/manmaster/man3/SSL_get_error.html
  248.       WriteLn('SSL connection closed with error.', Err_Error_String(SSLgeterror(ssl, ssl_error), Nil));
  249.  
  250.   // Close socket
  251.   CloseSocket(CSocket);
  252.  
  253.   // Clean up.
  254.   if Assigned(ssl) then
  255.     SslFree(ssl);
  256.  
  257.   if Assigned(ctx) then
  258.     SSLCtxFree(ctx);
  259. end.
  260.  
« Last Edit: September 17, 2023, 10:03:31 am by delphius »
fpmtls - ssl/tls 1.3 implementation in pure pascal
fpmailsend - sending a simple email message
pascal-webui - use web browser as gui and fpc as backend

rvk

  • Hero Member
  • *****
  • Posts: 5651
How will such code from the example working with OpenSSL over simple sockets directly be worse?
Won't work on Windows 64 bit with FPC/Lazarus 64 bit.
Won't work on Linux (any bitness).
Won't work on... etc.

Using intermediate libraries takes so much work out of your hands.
I won't even begin to describe how you would need to explain this to beginners.
If I want to show you how to do something, I can show you code, using one of those libraries, without worrying what platform you are on.
The code you showed only works on one platform (so not cross-platform).

It works, but is only for a small portion of users.

Why is it impossible to work with OpenSSL directly for any tasks requiring tls/ssl, as tfphttpclient does, just using fpc openssl unit?
You said that earlier. But I'm not sure if I understand your objections.
fphttpclient in combination with openssl is just one way.
BTW. The openssl from FPC comes from Synapse !!

Synpase with openssl is just another way.

LNet is another way.

Indy is another way.

All have their own upsides and downsides. But they are all examples of communications library in combination with some sort of ssl library. And most are cross-platform and ready to use.


delphius

  • Jr. Member
  • **
  • Posts: 65
Won't work on Windows 64 bit with FPC/Lazarus 64 bit.
Won't work on Linux (any bitness).
Won't work on... etc.

Well, that's how work on all intermediary libraries began, isn't it?  ::)

The code you showed only works on one platform (so not cross-platform).

Well, technically it compiles and works on both Windows and Linux. And this is just an example, not the basis of a real library.

And I am interested in the opinion of professionals and experienced users, to whom I do not consider myself in any way.

Thank you for your opinion!  :)

BTW. The openssl from FPC comes from Synapse !!

Yes, I understand this perfectly well, but I relied on it precisely because it already exists and it is built into fpc, although it requires global reworking

But they are all examples of communications library in combination with some sort of ssl library. And most are cross-platform and ready to use.

I would like to have such a library in the standard delivery of the fpc that works reliably and cross-platform out of the box without dancing with a tambourine.
Maybe I want a lot?  :D
« Last Edit: September 15, 2023, 03:52:28 pm by delphius »
fpmtls - ssl/tls 1.3 implementation in pure pascal
fpmailsend - sending a simple email message
pascal-webui - use web browser as gui and fpc as backend

rvk

  • Hero Member
  • *****
  • Posts: 5651
I would like to have such a library in the standard delivery of the fpc that works reliably and cross-platform out of the box without dancing with a tambourine.
Maybe I want a lot?  :D
True... but remember... when including such library in FPC in the FCL, it can't be easily recompiled again.
So new functionality can't be easily added (as you have seen).

openssl.pas from FPC is perfectly fine (except that DLLVersions is hard coded and needs to be 'hacked' to privide newer functionality).

But if you are going to include a new_openssl.pas in FPC in the FCL, it is compiled in automatically and can't be changed anymore (easily).

The only way out of this is include it as extra package (which you can recompile), NOT part of the FCL from FPC itself.

And that's exactly how Synapse, LNet and Indy do it. So using the latest version of those libraries you have always the latest functionality.

But there is nothing wrong with developing your own delcom package (delphius communication package) which can be included in the OPM for easy addition to FPC/Lazarus ;)

So you would need to make the decision:
Inside the FCL and delivered with FPC but static and you can't change it easily
or included as added package via OPM and you can always provide the latest version more easily.

« Last Edit: September 15, 2023, 04:54:06 pm by rvk »

delphius

  • Jr. Member
  • **
  • Posts: 65
But there is nothing wrong with developing your own delcom package (delphius communication package) which can be included in the OPM for easy addition to FPC/Lazarus ;)

 :D thank you so much for the offer, but I would not like to invent another bike, those that already exist ride great

I see my tactics in small pinpoint strikes on gaps in functionality based on my own needs in the first place, trying not to use external dependencies at all, except for fpc and not to generate new ones, creating a single base that will pull a loop of dependencies with increasing levels of abstraction and functionality.

Inside the FCL and delivered with FPC but static and you can't change it easily
or included as added package via OPM and you can always provide the latest version more easily.

Of course, the second option looks more acceptable, but who prevents combining both options, if in fact there will be a binding only to standard fpc modules and there will be no own core, then you can simply include in the fcl those parts that have reached maximum stability and maturity, leaving the parts that need improvement or dynamic parts in an external package

package via OPM

And then the second painful question pops up, which torments me and to which I do not find an answer  %)

I (oh horror  :o) do not use Lazarus for development
I spend 90 percent of my coding time in VSCode + omnipascal + fpc + gdb. Ooops.
Where is the cli version of opm wich I can use? (I know about python CLI package manager for Lazarus from respectable Warfley)
Where is the package manager for fpc like nuget/npm/pip/ect or vcpkg at worst?  :D
fppkg? Ok, where its online repo with all this beautiful things I've found every day on github(lab)? (I know about FPPKG Repository Server from respectable Joost van der Sluis)

These are all questions without answers to myself   :(
« Last Edit: September 15, 2023, 10:02:29 pm by delphius »
fpmtls - ssl/tls 1.3 implementation in pure pascal
fpmailsend - sending a simple email message
pascal-webui - use web browser as gui and fpc as backend

Thaddy

  • Hero Member
  • *****
  • Posts: 13273
Well, our member Xor-el wrote a compatible replacement in ALL pure Pascal - so not an interface - some years ago. Yoy do not need to rely on Openssl etc, because once you adhere to the standards it can - and has been - written in pure Pascal.
It is merely the usual laziness that prohibits some people to use the source.... (  :o )

(But then again, Xor-el's real name is rather unpronounceable for anybody but Nigerians  :P )
Google his code. It is on gitbub. And he is a computer scientist.

« Last Edit: September 16, 2023, 02:39:54 pm by Thaddy »
I actually get compliments for being rude... (well, Dutch, but that is the same)

maurobio

  • Hero Member
  • *****
  • Posts: 616
  • Ecology is everything.
    • GitHub
Hi, Thaddy!

Here is Xor-el's GitHub page:

https://github.com/Xor-el

Could you please tell us precisely what is the library you cited? There are several there.

Thank you!

With best regards,
UCSD Pascal / Burroughs 6700 / Master Control Program
Delphi 7.0 Personal Edition
Lazarus 2.0.12 - FPC 3.2.0 on GNU/Linux Mint 19.1, Lubuntu 18.04, Windows XP SP3, Windows 7 Professional, Windows 10 Home

delphius

  • Jr. Member
  • **
  • Posts: 65
Hi, Thaddy!

Here is Xor-el's GitHub page:

https://github.com/Xor-el

Could you please tell us precisely what is the library you cited? There are several there.

Thank you!

With best regards,

He means https://github.com/Xor-el/CryptoLib4Pascal , Its in my bookmarks for the future since a long time ago.
But the problem is, that we need to realise whole TLSv1.3 protocol base on it, and this is solvable, but quite difficult task  :D
It can be compared with a new net lib writing with all its difficulties and underwater stones
fpmtls - ssl/tls 1.3 implementation in pure pascal
fpmailsend - sending a simple email message
pascal-webui - use web browser as gui and fpc as backend

maurobio

  • Hero Member
  • *****
  • Posts: 616
  • Ecology is everything.
    • GitHub
Ave, @delphius!

Quote
But the problem is, that we need to realise whole TLSv1.3 protocol base on it, and this is solvable, but quite difficult task

I see. Along with the problems already pointed out by @rvk, this whole situation looks more and more like a "Catch-22" condition (as wonderfully described in Joseph Heller's novel of the same name).

With warmest regards,
UCSD Pascal / Burroughs 6700 / Master Control Program
Delphi 7.0 Personal Edition
Lazarus 2.0.12 - FPC 3.2.0 on GNU/Linux Mint 19.1, Lubuntu 18.04, Windows XP SP3, Windows 7 Professional, Windows 10 Home

toby

  • Full Member
  • ***
  • Posts: 241

delphius

i'd love to get your  opensslget code working that you posted in the topic

i have fpc-3.3.1 installed and i have OpenSSL 3.0.5 installed but still don't get anything from the opensslgetversion line

what can i look for?

delphius

  • Jr. Member
  • **
  • Posts: 65

delphius

i'd love to get your  opensslget code working that you posted in the topic

i have fpc-3.3.1 installed and i have OpenSSL 3.0.5 installed but still don't get anything from the opensslgetversion line

what can i look for?

Let's first check that this code will work for you if libssl.so.3 and libcrypto.so.3 of the latest version (3.1.2) are in the program folder.

Build them from the source code or I can send you the libraries I have already compiled for linux.

For the program to pick them up, or force load them using InitSSLInterface(filepath + 'libssl' + ext, filepath + 'libcrypto' + ext); or use the alternative method I suggested

If you succeed and the code works, then we will deal further, already with your specific linux distribution and libraries.

Remember that I am constantly modifying the code in the first message, so for the purity of the experiment, copy it again from the first message of the topic
« Last Edit: September 17, 2023, 10:39:44 pm by delphius »
fpmtls - ssl/tls 1.3 implementation in pure pascal
fpmailsend - sending a simple email message
pascal-webui - use web browser as gui and fpc as backend

toby

  • Full Member
  • ***
  • Posts: 241
delphius

it works great i had to assign filepath varoable to the REAL location of my libs

/usr/local/lib64/libssl.so.3
/usr/local/lib64/libcrypto.so.3

i had thought they were in /usr/local/lib/ and not where they really were in /usr/local/lib64
thanks for making me check - i never thought to verify their location for almost 2 days
i thought the problem was in openssl.pas so you should see how i butchered it up

very nice program also :)   works on my own server perfectly and maybe faster then curl :)

---

just a question if you know
what on earth is opensslsockets unit used for?

delphius

  • Jr. Member
  • **
  • Posts: 65
i thought the problem was in openssl.pas so you should see how i butchered it up
I'm glad you did it!  ;)

very nice program also :)   works on my own server perfectly and maybe faster then curl
It's just a POC (proof of concept) its insecure & buggy :D I do not recommend to use it in production, just for testing
fphttpclient makes this work perfectly

just a question if you know
what on earth is opensslsockets unit used for?

Its just a higher level pascal wraper to OpenSSL lib, to improve the easiness of using it.
You can use openssl.pas directly, or thru the higer level of abstraction with opensslsockets.pas
Or even you just can transpile last OpenSSL c header file, and work max close to OpenSSL lib

Its just like difference between socket and ssocket units
« Last Edit: September 18, 2023, 03:54:43 pm by delphius »
fpmtls - ssl/tls 1.3 implementation in pure pascal
fpmailsend - sending a simple email message
pascal-webui - use web browser as gui and fpc as backend

toby

  • Full Member
  • ***
  • Posts: 241
a suggestion why not do your new code as attachment in a new post reply - so someone just coming upon this topic can see your program developement etc

i saved the original opensslget.pas (that became opensslmail.pas and now this new opensslget.pas

easier to see a new post and not waste bandwidth downloading the first post to see if
changes were made

i check the time of the modification but  they use 'today' and gmt time?  so i really have no idea whose 'today' it is

---

i made a separate pempath as i doubt anyone will keep their .pem in the same dir as the libssl/libcrypto libs

---

Hint: Variable "tempBuf" of a managed type does not seem to be initialized

i added tempBuf := ''; above it's setlength
tempBuf := '';
      SetLength(tempBuf, 1024);


delphius

  • Jr. Member
  • **
  • Posts: 65
a suggestion why not do your new code as attachment in a new post reply - so someone just coming upon this topic can see your program developement etc
easier to see a new post and not waste bandwidth downloading the first post to see if
changes were made

I'll make it easier, I'll put this code on github in a separate repository so that the progress of the experiments is visible

So far, the research conducted in search of a ready-made native TLS 1.3 solution for Free Pascal or Delphi has not been crowned

It looks like we have to write everything almost from scratch

However, the free pascal repository is doing a lot of work in the direction of cryptography, it pleases!

https://gitlab.com/freepascal.org/fpc/source/-/tree/main/packages/gnutls - GnuTLS (Low-level binding for GnuTLS library)

https://gitlab.com/freepascal.org/fpc/source/-/tree/main/packages/fcl-hash
https://gitlab.com/freepascal.org/fpc/source/-/blob/main/packages/fcl-hash/src/fphashutils.pp - Bytes transform
https://gitlab.com/freepascal.org/fpc/source/-/blob/main/packages/fcl-hash/src/fpsha256.pp - SHA256 and HMACSha256 routines
https://gitlab.com/freepascal.org/fpc/source/-/blob/main/packages/fcl-hash/src/fpecc.pp - Elliptic curve crypto hashing
https://gitlab.com/freepascal.org/fpc/source/-/blob/main/packages/fcl-hash/src/fpecdsa.pp - ECDSA elliptic encryption routines
https://gitlab.com/freepascal.org/fpc/source/-/blob/main/packages/fcl-hash/src/fptlsbigint.pas - Big Integer
https://gitlab.com/freepascal.org/fpc/source/-/blob/main/packages/fcl-hash/src/fppem.pp - PEM key management
https://gitlab.com/freepascal.org/fpc/source/-/blob/main/packages/fcl-hash/src/fpsha512.pp - SHA512/SHA384 and HMACSha512/HMACSha384 routines
https://gitlab.com/freepascal.org/fpc/source/-/blob/main/packages/fcl-hash/src/fprsa.pas - RSA routines
https://gitlab.com/freepascal.org/fpc/source/-/blob/main/packages/fcl-hash/src/onetimepass.pp - HOTP and TOTP One-time password algorithms. Compatible with the Google Authenticator

https://gitlab.com/freepascal.org/fpc/source/-/tree/main/packages/hash - crc, md5, sha-1, etc
https://gitlab.com/freepascal.org/fpc/source/-/blob/main/packages/hash/src/hmac.pp - Hash-based supporting HMAC-MD5 and HMAC-SHA-1
fpmtls - ssl/tls 1.3 implementation in pure pascal
fpmailsend - sending a simple email message
pascal-webui - use web browser as gui and fpc as backend

 

TinyPortal © 2005-2018