added two PGP encrypt/decrypt scripts for testing

Author: Vic May

encrypted.bin

@@ -0,0 +1,59 @@
+# Usage: tclsh pgp_decrypt.tcl privkey.pem infile.bin
+
+if {[llength $argv] != 2} {
+    puts "Usage: tclsh pgp_decrypt.tcl privkey.pem infile.bin"
+    exit 1
+}
+set privfile [lindex $argv 0]
+set infile [lindex $argv 1]
+
+# Load ToSSL
+if {[catch {package require tossl}]} {
+    load ./libtossl.so
+}
+
+# Read the private key
+set f [open $privfile r]
+set priv [read $f]
+close $f
+
+# Read the encrypted file
+set f [open $infile rb]
+fconfigure $f -translation binary
+set raw [read $f]
+close $f
+
+# Check file length
+if {[string length $raw] < 12} {
+    puts stderr "Error: Encrypted file is too short or corrupt."
+    exit 2
+}
+
+# Parse lengths (big-endian 4 bytes each)
+set n [binary scan $raw "cccccccccccc" k1 k2 k3 k4 i1 i2 i3 i4 c1 c2 c3 c4]
+if {$n != 12} {
+    puts stderr "Error: Failed to parse length headers from encrypted file."
+    exit 2
+}
+set keylen [expr {($k1<<24)|($k2<<16)|($k3<<8)|($k4&0xff)}]
+set ivlen  [expr {($i1<<24)|($i2<<16)|($i3<<8)|($i4&0xff)}]
+set ctlen  [expr {($c1<<24)|($c2<<16)|($c3<<8)|($c4&0xff)}]
+
+set offset 12
+set wrapped_key [string range $raw $offset [expr {$offset+$keylen-1}]]
+set offset [expr {$offset+$keylen}]
+set aes_iv [string range $raw $offset [expr {$offset+$ivlen-1}]]
+set offset [expr {$offset+$ivlen}]
+set ciphertext [string range $raw $offset [expr {$offset+$ctlen-1}]]
+
+if {[string length $wrapped_key] != $keylen || [string length $aes_iv] != $ivlen || [string length $ciphertext] != $ctlen} {
+    puts stderr "Error: Encrypted file is truncated or corrupt (bad lengths)."
+    exit 2
+}
+
+# Decrypt AES key
+set aes_key [tossl::rsa::decrypt -privkey $priv $wrapped_key]
+# Decrypt message
+set message [tossl::decrypt -alg aes-128-cbc -key $aes_key -iv $aes_iv $ciphertext]
+
+puts "Decrypted message: $message"

pgp_decrypt.tcl

@@ -0,0 +1,45 @@
+# Usage: tclsh pgp_encrypt.tcl pubkey.pem "Secret message" outfile.bin
+
+if {[llength $argv] != 3} {
+    puts "Usage: tclsh pgp_encrypt.tcl pubkey.pem \"message\" outfile.bin"
+    exit 1
+}
+set pubfile [lindex $argv 0]
+set message [lindex $argv 1]
+set outfile [lindex $argv 2]
+
+# Load ToSSL
+if {[catch {package require tossl}]} {
+    load ./libtossl.so
+}
+
+# Read the public key
+set f [open $pubfile r]
+set pub [read $f]
+close $f
+
+# Generate random AES key and IV
+set aes_key [tossl::randbytes 16]
+set aes_iv  [tossl::randbytes 16]
+
+# Encrypt the message
+set ciphertext [tossl::encrypt -alg aes-128-cbc -key $aes_key -iv $aes_iv $message]
+set wrapped_key [tossl::rsa::encrypt -pubkey $pub $aes_key]
+
+# Write lengths and data to outfile (format: keylen, ivlen, ctlen, then each blob)
+set f [open $outfile wb]
+# Write lengths as 4 bytes each, big-endian
+set lengths [list [string length $wrapped_key] [string length $aes_iv] [string length $ciphertext]]
+foreach val $lengths {
+    puts -nonewline $f [binary format "cccc" \
+        [expr {($val>>24)&0xff}] \
+        [expr {($val>>16)&0xff}] \
+        [expr {($val>>8)&0xff}] \
+        [expr {$val&0xff}]]
+}
+puts -nonewline $f $wrapped_key
+puts -nonewline $f $aes_iv
+puts -nonewline $f $ciphertext
+close $f
+
+puts "Encrypted message written to $outfile"

pgp_encrypt.tcl

@@ -0,0 +1,29 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDTKrJr5Bxobptn
+pwId6+ClBp/a3sCp0aElfsD0KmwvvfK5s7eBXo5/+ie7ey2SP7RExkQC1zhGLzqY
+wUKwEUynytAS/KYPyI+J1pNDMquUHolMG7IGUA/NAahY5i6pY0XfVURMZeby2Scq
+w+ZeEoyhpZACd25vJE//bYQnY2QKcikJBtWW0k4iII+3HfkEU+dF51P7Zgg/lxCN
+z47uppjRbVhsSlQ0Ldip+XRgKsvYT5NBHPydsOSalvP3g9BDgJzoK77UqRlSx7ad
+1c5BVgqADKwFQ0NTNNgFXAJ4988f+63ExvmGcouWm8JiPD3IgMzwa7iH1Mv9lF1u
+gQZzBwGBAgMBAAECggEAIhg7PaNTmOL+8YHsHBOpLkv/BHJBzkl8CNdJ5UJyPFUh
+ey1SvC8dt/kWcDVnurzRaOdQNNs2CVL31ZEiqNXqOA9NgDtNvq+lyV4dYdStElnJ
+1kGEgXNs0a9qVIw5zXyrW+9i+yja3KwGIGgH6nl5PmJCebt517UXu4idtVRdYzgX
+ZaymaJvcESe8AOM0mL828AezUTKHCSKx3qfMCCVz/gxia70NWn6xRxJwrSQ4Q0bE
+dirgZtc8dVjQL2ta4AK6KbOqYptk9FTwl4QSekn4+3M0A5GwTW+MUnIs2KdXQOvd
+6ViBpqQS1uW+aX0lZLWJwfoaiGqx5L4XHsMnr/8cNwKBgQDqa9RLnekMUotZhz5U
+X/0xPhAdoxySTV76mNuOwzGCOA9IJ+AIsp/6N8+cOGsjUI/6n1SahZWkLFxh9FB/
+Pmg0lo+5p/lYVgVL1rP9Pwe9Q+jXnhHDVdspRg2IdP1WJsYrwVq0lBROX4OoRz8v
+kzkIL0Q5WiqXv6nJF+aw0c25twKBgQDmmt+s443gDtpQy+obaEijZV488KKVLPRb
+W8tT0aowXWIqP2uDtKYm+5ZkoYPwlvcW7xiOwvek6jZS3NpyptL+O8RlgVHPb/IX
+chCgmhIgcXHzR3JwAc4z6Bim37I751C0fL3WL9ZoNQkkosuht6WaQkO0rlra5ePP
+BbsFSu5+hwKBgQCZVfcDj0MFYGjuItzObAs9zo7UFAF4YUujN6FF/L/BodG9LPgK
+OG0USrVuRikubGABW38HpCGBxdKX8CtHUBbxbxqMIiejdID6XnJVUIlLb8Q6ZZbQ
+4rP8h2oKvBuJ4sr1jAA85i9yJGAGDrRx9ib0B5bkvOnnYOM6OnwXZOTgeQKBgQDc
+hTfmbcjLfYiaARYDVYs47YPbxMXE37Ng9fwPUI1uKK7p9bHLxeGpn6cm3il81fC9
+trEGPD1zMCH4xYgEYbGdOuxJoQvp0YRxlTt/STaSXcn5Odaec6uLiaShV4Nqs35C
+ypMDEsX26tiudxtBr4umYz25t43cjEB4RWOd4RUGWwKBgDMLs8GP2y0kCIk1SlGR
+BDOw8dtSkfPyJ5kGnGevTb0GihArTa36VQ19yd7zaySpwD4dy0LiDMoRFaAcOeQr
+tozihMn09JF24tp+FPIYNrRqaWbCli08Ffgpel10U0A8ZKgyknGODAicAnXQaYus
+xDYb1QygjT1CuKbEHCWBfb8t
+-----END PRIVATE KEY-----
+

privkey.pem

@@ -0,0 +1,10 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yqya+QcaG6bZ6cCHevg
+pQaf2t7AqdGhJX7A9CpsL73yubO3gV6Of/onu3stkj+0RMZEAtc4Ri86mMFCsBFM
+p8rQEvymD8iPidaTQzKrlB6JTBuyBlAPzQGoWOYuqWNF31VETGXm8tknKsPmXhKM
+oaWQAndubyRP/22EJ2NkCnIpCQbVltJOIiCPtx35BFPnRedT+2YIP5cQjc+O7qaY
+0W1YbEpUNC3Yqfl0YCrL2E+TQRz8nbDkmpbz94PQQ4Cc6Cu+1KkZUse2ndXOQVYK
+gAysBUNDUzTYBVwCePfPH/utxMb5hnKLlpvCYjw9yIDM8Gu4h9TL/ZRdboEGcwcB
+gQIDAQAB
+-----END PUBLIC KEY-----
+