In a prior post, I described the use of Windows CryptoAPI to compute message digests and message authentication codes which ensure integrity of messages. We now move on to the use of symmetric algorithms in cryptography, which can be used for both message confidentiality and integrity. Asymmetric algorithms will be covered in future posts. Refer to the introductory post in this series for the difference between the two.(read more)
In my prior post, I introduced several abstractions — Cryptographic Service Providers, cryptographic contexts and key containers — that are part of Windows CryptoAPI and promised to look at cryptographic keys next.
Well, I changed my mind, figuring it might be better to first talk about simpler operations that do not require the use of keys at all. This post thus describes the generation of hashes, message digests and message integrity codes using Windows CryptoAPI and TWAPI.(read more)
This is the second in a series of posts on the use of cryptography on Windows. The previous blog post introduced the basic concepts related to cryptography. Here we delve into how those concepts are implemented in Windows at a system or architectural level and of course, how one accesses them from Tcl. This will lay the ground for discussing the actual cryptographic operations in future posts.(read more)
Security is currently the No. 1 priority for the software industry; and if that's not the case, it should be, given the current state of affairs with daily reports of major computer break-ins, credit card fraud, identity theft etc. It is important for applications, and application writers, to be aware of these issues and make use of all available technologies to protect against attacks.(read more)
In a series of prior posts, I had introduced the promise abstraction along with the
await functions which further simplify asynchronous programming with promises in certain scenarios. Accordingly, the Tcl
promise package has been updated to include the equivalent commands. This post introduces their use.
This blog post is adapted from my book The Tcl Programming Language.
Many programming tasks are very simply expressed and implemented through recursive algorithms, traversing a tree data structure being just one example. The primary reason recursion simplifies implementation is that the state of the computation is implicitly maintained, freeing the programmer from the burden of explicitly tracking the computational state of the program. For example, in a recursive tree walking implementation, the "current location" in the tree is implicitly tracked.
However, there are situations where a recursive model does not fit the needs of an application. For example, the application may want to traverse a tree in iterative fashion, retrieving one node at a time, operating on it and then potentially doing some unrelated computation before retrieving the next node at some unknown point in the future.
Here is where coroutines can bridge the impedance mismatch, presenting an iterative interface to a naturally recursive algorithm.(read more ...)
This post is about US encryption controls on open source software and what programmers need to do to comply with those regulations.
I must start with a caveat because I know practically nothing about the subject! Treat it as one person's understanding of the matter, not legal advice. I am not a lawyer, don't play one on TV or even actually know a real lawyer. I am writing this as an aid to others writing open source software in the hope it will make them aware of the concerned regulations.(read more)
A previous blog post described the
representation command and its use for introspecting Tcl's internal structures for storing data. I promised a follow-up post that talked about Tcl's compiled byte code and the
disassemble command for inspecting it. Well, only two years later, here is that post as promised.
In a prior post I had illustrated the use of the Tcl
promise package for asynchronous computing with some examples. There we had ignored the possibility of errors and exceptions and how they are handled in promise-based code. In this post, we build on the examples in that post to illustrate how promises greatly simplify handling of errors in async code.
I had previously described an experimental implementation of promises for Tcl. On re-reading my earlier post, I was somewhat dissatisfied with the treatment there in that I did not feel it fully reflected the value of the promise abstraction, getting somewhat caught up in the details. This post takes a somewhat different approach, concentrating more on examples and refraining from going into detail about each command or method. Here I am more interested giving you a flavor of programming with promises and motivating you to explore further.(read more)