hs-tls/core/Network/TLS/State.hs

{-# LANGUAGE GeneralizedNewtypeDeriving, FlexibleContexts, MultiParamTypeClasses, ExistentialQuantification, RankNTypes, CPP #-}
-- |
-- Module      : Network.TLS.State
-- License     : BSD-style
-- Maintainer  : Vincent Hanquez <vincent@snarc.org>
-- Stability   : experimental
-- Portability : unknown
--
-- the State module contains calls related to state initialization/manipulation
-- which is use by the Receiving module and the Sending module.
--
module Network.TLS.State
    ( TLSState(..)
    , TLSSt
    , runTLSState
    , HandshakeState(..)
    , withHandshakeM
    , newTLSState
    , withTLSRNG
    , updateVerifiedData
    , finishHandshakeTypeMaterial
    , finishHandshakeMaterial
    , certVerifyHandshakeTypeMaterial
    , certVerifyHandshakeMaterial
    , setVersion
    , getVersion
    , setSecureRenegotiation
    , getSecureRenegotiation
    , setExtensionNPN
    , getExtensionNPN
    , setNegotiatedProtocol
    , getNegotiatedProtocol
    , setServerNextProtocolSuggest
    , getServerNextProtocolSuggest
    , getClientCertificateChain
    , setClientCertificateChain
    , getVerifiedData
    , setSession
    , getSession
    , getSessionData
    , isSessionResuming
    , isClientContext
    , startHandshakeClient
    , getHandshakeDigest
    , endHandshake
    -- * random
    , genRandom
    , withRNG
    ) where

import Data.Maybe (isNothing)
import Network.TLS.Struct
import Network.TLS.Crypto
import Network.TLS.Handshake.State
import Network.TLS.RNG
import Network.TLS.Types (Role(..))
import qualified Data.ByteString as B
import Control.Monad
import Control.Monad.State
import Control.Monad.Error
import Crypto.Random.API
import Data.X509 (CertificateChain)

data TLSState = TLSState
    { stHandshake           :: !(Maybe HandshakeState)
    , stSession             :: Session
    , stSessionResuming     :: Bool
    , stSecureRenegotiation :: Bool  -- RFC 5746
    , stClientVerifiedData  :: Bytes -- RFC 5746
    , stServerVerifiedData  :: Bytes -- RFC 5746
    , stExtensionNPN        :: Bool  -- NPN draft extension
    , stNegotiatedProtocol  :: Maybe B.ByteString -- NPN protocol
    , stServerNextProtocolSuggest :: Maybe [B.ByteString]
    , stClientCertificateChain :: Maybe CertificateChain
    , stRandomGen                 :: StateRNG
    , stVersion             :: Version
    , stClientContext       :: Role
    } deriving (Show)

newtype TLSSt a = TLSSt { runTLSSt :: ErrorT TLSError (State TLSState) a }
    deriving (Monad, MonadError TLSError)

instance Functor TLSSt where
    fmap f = TLSSt . fmap f . runTLSSt

instance MonadState TLSState TLSSt where
    put x = TLSSt (lift $ put x)
    get   = TLSSt (lift get)
#if MIN_VERSION_mtl(2,1,0)
    state f = TLSSt (lift $ state f)
#endif

runTLSState :: TLSSt a -> TLSState -> (Either TLSError a, TLSState)
runTLSState f st = runState (runErrorT (runTLSSt f)) st

newTLSState :: CPRG g => g -> Role -> TLSState
newTLSState rng clientContext = TLSState
    { stHandshake           = Nothing
    , stSession             = Session Nothing
    , stSessionResuming     = False
    , stSecureRenegotiation = False
    , stClientVerifiedData  = B.empty
    , stServerVerifiedData  = B.empty
    , stExtensionNPN        = False
    , stNegotiatedProtocol  = Nothing
    , stServerNextProtocolSuggest = Nothing
    , stClientCertificateChain = Nothing
    , stRandomGen           = StateRNG rng
    , stVersion             = TLS10
    , stClientContext       = clientContext
    }

updateVerifiedData :: MonadState TLSState m => Role -> Bytes -> m ()
updateVerifiedData sending bs = do
    cc <- isClientContext
    if cc /= sending
        then modify (\st -> st { stServerVerifiedData = bs })
        else modify (\st -> st { stClientVerifiedData = bs })

finishHandshakeTypeMaterial :: HandshakeType -> Bool
finishHandshakeTypeMaterial HandshakeType_ClientHello     = True
finishHandshakeTypeMaterial HandshakeType_ServerHello     = True
finishHandshakeTypeMaterial HandshakeType_Certificate     = True
finishHandshakeTypeMaterial HandshakeType_HelloRequest    = False
finishHandshakeTypeMaterial HandshakeType_ServerHelloDone = True
finishHandshakeTypeMaterial HandshakeType_ClientKeyXchg   = True
finishHandshakeTypeMaterial HandshakeType_ServerKeyXchg   = True
finishHandshakeTypeMaterial HandshakeType_CertRequest     = True
finishHandshakeTypeMaterial HandshakeType_CertVerify      = True
finishHandshakeTypeMaterial HandshakeType_Finished        = True
finishHandshakeTypeMaterial HandshakeType_NPN             = True

finishHandshakeMaterial :: Handshake -> Bool
finishHandshakeMaterial = finishHandshakeTypeMaterial . typeOfHandshake

certVerifyHandshakeTypeMaterial :: HandshakeType -> Bool
certVerifyHandshakeTypeMaterial HandshakeType_ClientHello     = True
certVerifyHandshakeTypeMaterial HandshakeType_ServerHello     = True
certVerifyHandshakeTypeMaterial HandshakeType_Certificate     = True
certVerifyHandshakeTypeMaterial HandshakeType_HelloRequest    = False
certVerifyHandshakeTypeMaterial HandshakeType_ServerHelloDone = True
certVerifyHandshakeTypeMaterial HandshakeType_ClientKeyXchg   = True
certVerifyHandshakeTypeMaterial HandshakeType_ServerKeyXchg   = True
certVerifyHandshakeTypeMaterial HandshakeType_CertRequest     = True
certVerifyHandshakeTypeMaterial HandshakeType_CertVerify      = False
certVerifyHandshakeTypeMaterial HandshakeType_Finished        = False
certVerifyHandshakeTypeMaterial HandshakeType_NPN             = False

certVerifyHandshakeMaterial :: Handshake -> Bool
certVerifyHandshakeMaterial = certVerifyHandshakeTypeMaterial . typeOfHandshake

getSessionData :: MonadState TLSState m => m (Maybe SessionData)
getSessionData = get >>= \st -> return (stHandshake st >>= hstMasterSecret >>= wrapSessionData st)
  where wrapSessionData st masterSecret = do
            return $ SessionData
                    { sessionVersion = stVersion st
                    , sessionCipher  = undefined -- cipherID $ fromJust "cipher" $ stCipher $ stTxState $ st
                    , sessionSecret  = masterSecret
                    }

setSession :: MonadState TLSState m => Session -> Bool -> m ()
setSession session resuming = modify (\st -> st { stSession = session, stSessionResuming = resuming })

getSession :: MonadState TLSState m => m Session
getSession = gets stSession

isSessionResuming :: MonadState TLSState m => m Bool
isSessionResuming = gets stSessionResuming

setVersion :: MonadState TLSState m => Version -> m ()
setVersion ver = modify (\st -> st { stVersion = ver })

getVersion :: MonadState TLSState m => m Version
getVersion = gets stVersion

setSecureRenegotiation :: MonadState TLSState m => Bool -> m ()
setSecureRenegotiation b = modify (\st -> st { stSecureRenegotiation = b })

getSecureRenegotiation :: MonadState TLSState m => m Bool
getSecureRenegotiation = gets stSecureRenegotiation

setExtensionNPN :: MonadState TLSState m => Bool -> m ()
setExtensionNPN b = modify (\st -> st { stExtensionNPN = b })

getExtensionNPN :: MonadState TLSState m => m Bool
getExtensionNPN = gets stExtensionNPN

setNegotiatedProtocol :: MonadState TLSState m => B.ByteString -> m ()
setNegotiatedProtocol s = modify (\st -> st { stNegotiatedProtocol = Just s })

getNegotiatedProtocol :: MonadState TLSState m => m (Maybe B.ByteString)
getNegotiatedProtocol = gets stNegotiatedProtocol

setServerNextProtocolSuggest :: MonadState TLSState m => [B.ByteString] -> m ()
setServerNextProtocolSuggest ps = modify (\st -> st { stServerNextProtocolSuggest = Just ps})

getServerNextProtocolSuggest :: MonadState TLSState m => m (Maybe [B.ByteString])
getServerNextProtocolSuggest = get >>= return . stServerNextProtocolSuggest

setClientCertificateChain :: MonadState TLSState m => CertificateChain -> m ()
setClientCertificateChain s = modify (\st -> st { stClientCertificateChain = Just s })

getClientCertificateChain :: MonadState TLSState m => m (Maybe CertificateChain)
getClientCertificateChain = gets stClientCertificateChain

getVerifiedData :: MonadState TLSState m => Role -> m Bytes
getVerifiedData client = gets (if client == ClientRole then stClientVerifiedData else stServerVerifiedData)

isClientContext :: MonadState TLSState m => m Role
isClientContext = gets stClientContext

startHandshakeClient :: MonadState TLSState m => Version -> ClientRandom -> m ()
startHandshakeClient ver crand = do
    -- FIXME check if handshake is already not null
    let initCtx = if ver < TLS12 then hashMD5SHA1 else hashSHA256
    chs <- get >>= return . stHandshake
    when (isNothing chs) $
        modify (\st -> st { stHandshake = Just $ newEmptyHandshake ver crand initCtx })

withHandshakeM :: MonadState TLSState m => HandshakeM a -> m a
withHandshakeM f =
    get >>= \st -> case stHandshake st of
                    Nothing  -> fail "handshake missing"
                    Just hst -> do let (a, nhst) = runHandshake hst f
                                   put (st { stHandshake = Just nhst })
                                   return a

endHandshake :: MonadState TLSState m => m ()
endHandshake = modify (\st -> st { stHandshake = Nothing })

genRandom :: Int -> TLSSt Bytes
genRandom n = do
    st <- get
    case withTLSRNG (stRandomGen st) (genRandomBytes n) of
            (bytes, rng') -> put (st { stRandomGen = rng' }) >> return bytes

withRNG :: (forall g . CPRG g => g -> (a, g)) -> TLSSt a
withRNG f = do
    st <- get
    let (a,rng') = withTLSRNG (stRandomGen st) f
    put (st { stRandomGen = rng' })
    return a
Define 'state' only for mtl >= 2.1. Conflicts: Network/TLS/State.hs 2012-04-20 15:37:47 +00:00			`{-# LANGUAGE GeneralizedNewtypeDeriving, FlexibleContexts, MultiParamTypeClasses, ExistentialQuantification, RankNTypes, CPP #-}`
initial import 2010-09-09 21:47:19 +00:00			`-- \|`
			`-- Module : Network.TLS.State`
			`-- License : BSD-style`
			`-- Maintainer : Vincent Hanquez <vincent@snarc.org>`
			`-- Stability : experimental`
			`-- Portability : unknown`
			`--`
			`-- the State module contains calls related to state initialization/manipulation`
			`-- which is use by the Receiving module and the Sending module.`
			`--`
			`module Network.TLS.State`
re-indent 2013-07-12 06:27:28 +00:00			`( TLSState(..)`
			`, TLSSt`
			`, runTLSState`
separate handshake state from state. 2013-07-18 06:19:05 +00:00			`, HandshakeState(..)`
add accessor from context and state to HandshakeM 2013-07-19 06:47:33 +00:00			`, withHandshakeM`
re-indent 2013-07-12 06:27:28 +00:00			`, newTLSState`
			`, withTLSRNG`
			`, updateVerifiedData`
			`, finishHandshakeTypeMaterial`
			`, finishHandshakeMaterial`
			`, certVerifyHandshakeTypeMaterial`
			`, certVerifyHandshakeMaterial`
			`, setVersion`
split record state from state. 2013-07-13 07:03:25 +00:00			`, getVersion`
re-indent 2013-07-12 06:27:28 +00:00			`, setSecureRenegotiation`
			`, getSecureRenegotiation`
			`, setExtensionNPN`
			`, getExtensionNPN`
			`, setNegotiatedProtocol`
			`, getNegotiatedProtocol`
			`, setServerNextProtocolSuggest`
			`, getServerNextProtocolSuggest`
			`, getClientCertificateChain`
			`, setClientCertificateChain`
			`, getVerifiedData`
			`, setSession`
			`, getSession`
			`, getSessionData`
			`, isSessionResuming`
			`, isClientContext`
			`, startHandshakeClient`
			`, getHandshakeDigest`
			`, endHandshake`
add a TLSSt wrapper for RNG operations 2013-07-28 06:32:44 +00:00			`-- * random`
			`, genRandom`
			`, withRNG`
re-indent 2013-07-12 06:27:28 +00:00			`) where`
initial import 2010-09-09 21:47:19 +00:00
add a dedicated fromJust compared to the normal fromJust, it take an extra string to report what kind of fromJust we were doing. it's quite valuable when shuffling code and assertion break. at some point, it need to be removed completely in favor of better types that better reflect the actual state on the connection. 2011-02-20 08:37:19 +00:00			`import Data.Maybe (isNothing)`
initial import 2010-09-09 21:47:19 +00:00			`import Network.TLS.Struct`
			`import Network.TLS.Crypto`
separate handshake state from state. 2013-07-18 06:19:05 +00:00			`import Network.TLS.Handshake.State`
split record state from state. 2013-07-13 07:03:25 +00:00			`import Network.TLS.RNG`
move to a proper role type for client\|server 2013-07-21 09:16:01 +00:00			`import Network.TLS.Types (Role(..))`
use strict bytestring instead of lazy bytestring. the API stays mostly similar except for clientkeyxchg that need a bytes instead of [word8]. remove lots of unnessary packing/unpacking when setting up ciphers. 2010-09-26 09:34:47 +00:00			`import qualified Data.ByteString as B`
initial import 2010-09-09 21:47:19 +00:00			`import Control.Monad`
simplify state manipulation separate the pure state manipulation from the monad doing the IO. add some duplicate helpers to use the new monad. 2011-03-01 20:01:40 +00:00			`import Control.Monad.State`
			`import Control.Monad.Error`
switch to CPRG instead of CryptoRandomGen 2012-12-05 07:47:17 +00:00			`import Crypto.Random.API`
update for x509 2013-05-19 07:05:46 +00:00			`import Data.X509 (CertificateChain)`
initial import 2010-09-09 21:47:19 +00:00
first stab at separating record state from other state. 2013-07-11 08:03:33 +00:00			`data TLSState = TLSState`
remove alias TLSHandshakeState 2013-07-19 06:05:37 +00:00			`{ stHandshake :: !(Maybe HandshakeState)`
re-indent 2013-07-12 06:27:28 +00:00			`, stSession :: Session`
			`, stSessionResuming :: Bool`
			`, stSecureRenegotiation :: Bool -- RFC 5746`
			`, stClientVerifiedData :: Bytes -- RFC 5746`
			`, stServerVerifiedData :: Bytes -- RFC 5746`
			`, stExtensionNPN :: Bool -- NPN draft extension`
			`, stNegotiatedProtocol :: Maybe B.ByteString -- NPN protocol`
			`, stServerNextProtocolSuggest :: Maybe [B.ByteString]`
			`, stClientCertificateChain :: Maybe CertificateChain`
move random gen back into state 2013-07-24 16:35:57 +00:00			`, stRandomGen :: StateRNG`
Separate tx/rx state from a single RecordState unroll a reader/state/error monad into a single simple monad, and move back version and client context in state. 2013-07-25 20:53:32 +00:00			`, stVersion :: Version`
			`, stClientContext :: Role`
re-indent 2013-07-12 06:27:28 +00:00			`} deriving (Show)`
initial import 2010-09-09 21:47:19 +00:00
simplify state manipulation separate the pure state manipulation from the monad doing the IO. add some duplicate helpers to use the new monad. 2011-03-01 20:01:40 +00:00			`newtype TLSSt a = TLSSt { runTLSSt :: ErrorT TLSError (State TLSState) a }`
re-indent 2013-07-12 06:27:28 +00:00			`deriving (Monad, MonadError TLSError)`
simplify state manipulation separate the pure state manipulation from the monad doing the IO. add some duplicate helpers to use the new monad. 2011-03-01 20:01:40 +00:00
			`instance Functor TLSSt where`
re-indent 2013-07-12 06:27:28 +00:00			`fmap f = TLSSt . fmap f . runTLSSt`
simplify state manipulation separate the pure state manipulation from the monad doing the IO. add some duplicate helpers to use the new monad. 2011-03-01 20:01:40 +00:00
			`instance MonadState TLSState TLSSt where`
re-indent 2013-07-12 06:27:28 +00:00			`put x = TLSSt (lift $ put x)`
			`get = TLSSt (lift get)`
Define 'state' only for mtl >= 2.1. Conflicts: Network/TLS/State.hs 2012-04-20 15:37:47 +00:00			`#if MIN_VERSION_mtl(2,1,0)`
re-indent 2013-07-12 06:27:28 +00:00			`state f = TLSSt (lift $ state f)`
Define 'state' only for mtl >= 2.1. Conflicts: Network/TLS/State.hs 2012-04-20 15:37:47 +00:00			`#endif`
simplify state manipulation separate the pure state manipulation from the monad doing the IO. add some duplicate helpers to use the new monad. 2011-03-01 20:01:40 +00:00
			`runTLSState :: TLSSt a -> TLSState -> (Either TLSError a, TLSState)`
			`runTLSState f st = runState (runErrorT (runTLSSt f)) st`
initial import 2010-09-09 21:47:19 +00:00
move to a proper role type for client\|server 2013-07-21 09:16:01 +00:00			`newTLSState :: CPRG g => g -> Role -> TLSState`
first stab at separating record state from other state. 2013-07-11 08:03:33 +00:00			`newTLSState rng clientContext = TLSState`
re-indent 2013-07-12 06:27:28 +00:00			`{ stHandshake = Nothing`
			`, stSession = Session Nothing`
			`, stSessionResuming = False`
			`, stSecureRenegotiation = False`
			`, stClientVerifiedData = B.empty`
			`, stServerVerifiedData = B.empty`
			`, stExtensionNPN = False`
			`, stNegotiatedProtocol = Nothing`
			`, stServerNextProtocolSuggest = Nothing`
			`, stClientCertificateChain = Nothing`
move random gen back into state 2013-07-24 16:35:57 +00:00			`, stRandomGen = StateRNG rng`
Separate tx/rx state from a single RecordState unroll a reader/state/error monad into a single simple monad, and move back version and client context in state. 2013-07-25 20:53:32 +00:00			`, stVersion = TLS10`
			`, stClientContext = clientContext`
re-indent 2013-07-12 06:27:28 +00:00			`}`
first stab at separating record state from other state. 2013-07-11 08:03:33 +00:00
move to a proper role type for client\|server 2013-07-21 09:16:01 +00:00			`updateVerifiedData :: MonadState TLSState m => Role -> Bytes -> m ()`
add way to store verified data and to activate/deactivate the feature 2011-06-07 06:41:31 +00:00			`updateVerifiedData sending bs = do`
re-indent 2013-07-12 06:27:28 +00:00			`cc <- isClientContext`
			`if cc /= sending`
			`then modify (\st -> st { stServerVerifiedData = bs })`
			`else modify (\st -> st { stClientVerifiedData = bs })`
add way to store verified data and to activate/deactivate the feature 2011-06-07 06:41:31 +00:00
initial import 2010-09-09 21:47:19 +00:00			`finishHandshakeTypeMaterial :: HandshakeType -> Bool`
			`finishHandshakeTypeMaterial HandshakeType_ClientHello = True`
			`finishHandshakeTypeMaterial HandshakeType_ServerHello = True`
			`finishHandshakeTypeMaterial HandshakeType_Certificate = True`
			`finishHandshakeTypeMaterial HandshakeType_HelloRequest = False`
			`finishHandshakeTypeMaterial HandshakeType_ServerHelloDone = True`
			`finishHandshakeTypeMaterial HandshakeType_ClientKeyXchg = True`
			`finishHandshakeTypeMaterial HandshakeType_ServerKeyXchg = True`
			`finishHandshakeTypeMaterial HandshakeType_CertRequest = True`
Fix encoding of CertRequest, so that encoding and decoding are inverses. 2012-07-17 15:33:11 +00:00			`finishHandshakeTypeMaterial HandshakeType_CertVerify = True`
initial import 2010-09-09 21:47:19 +00:00			`finishHandshakeTypeMaterial HandshakeType_Finished = True`
prepare source for NPN. 2012-02-07 21:24:30 +00:00			`finishHandshakeTypeMaterial HandshakeType_NPN = True`
initial import 2010-09-09 21:47:19 +00:00
			`finishHandshakeMaterial :: Handshake -> Bool`
			`finishHandshakeMaterial = finishHandshakeTypeMaterial . typeOfHandshake`

Separate finish from certificate verify digests. Will make it easier to support TLS1.2. 2012-07-16 14:19:48 +00:00			`certVerifyHandshakeTypeMaterial :: HandshakeType -> Bool`
			`certVerifyHandshakeTypeMaterial HandshakeType_ClientHello = True`
			`certVerifyHandshakeTypeMaterial HandshakeType_ServerHello = True`
			`certVerifyHandshakeTypeMaterial HandshakeType_Certificate = True`
			`certVerifyHandshakeTypeMaterial HandshakeType_HelloRequest = False`
			`certVerifyHandshakeTypeMaterial HandshakeType_ServerHelloDone = True`
			`certVerifyHandshakeTypeMaterial HandshakeType_ClientKeyXchg = True`
			`certVerifyHandshakeTypeMaterial HandshakeType_ServerKeyXchg = True`
			`certVerifyHandshakeTypeMaterial HandshakeType_CertRequest = True`
			`certVerifyHandshakeTypeMaterial HandshakeType_CertVerify = False`
			`certVerifyHandshakeTypeMaterial HandshakeType_Finished = False`
			`certVerifyHandshakeTypeMaterial HandshakeType_NPN = False`

			`certVerifyHandshakeMaterial :: Handshake -> Bool`
			`certVerifyHandshakeMaterial = certVerifyHandshakeTypeMaterial . typeOfHandshake`

add new state for session tracking. 2011-12-20 07:38:35 +00:00			`getSessionData :: MonadState TLSState m => m (Maybe SessionData)`
use gets where possible and make thing nicer 2012-10-30 04:46:19 +00:00			`getSessionData = get >>= \st -> return (stHandshake st >>= hstMasterSecret >>= wrapSessionData st)`
re-indent 2013-07-12 06:27:28 +00:00			`where wrapSessionData st masterSecret = do`
			`return $ SessionData`
Separate tx/rx state from a single RecordState unroll a reader/state/error monad into a single simple monad, and move back version and client context in state. 2013-07-25 20:53:32 +00:00			`{ sessionVersion = stVersion st`
move tx state into a mvar in the context. 2013-08-01 07:05:03 +00:00			`, sessionCipher = undefined -- cipherID $ fromJust "cipher" $ stCipher $ stTxState $ st`
re-indent 2013-07-12 06:27:28 +00:00			`, sessionSecret = masterSecret`
			`}`
add new state for session tracking. 2011-12-20 07:38:35 +00:00
			`setSession :: MonadState TLSState m => Session -> Bool -> m ()`
			`setSession session resuming = modify (\st -> st { stSession = session, stSessionResuming = resuming })`

			`getSession :: MonadState TLSState m => m Session`
			`getSession = gets stSession`

			`isSessionResuming :: MonadState TLSState m => m Bool`
			`isSessionResuming = gets stSessionResuming`

simplify state manipulation separate the pure state manipulation from the monad doing the IO. add some duplicate helpers to use the new monad. 2011-03-01 20:01:40 +00:00			`setVersion :: MonadState TLSState m => Version -> m ()`
Separate tx/rx state from a single RecordState unroll a reader/state/error monad into a single simple monad, and move back version and client context in state. 2013-07-25 20:53:32 +00:00			`setVersion ver = modify (\st -> st { stVersion = ver })`
initial import 2010-09-09 21:47:19 +00:00
split record state from state. 2013-07-13 07:03:25 +00:00			`getVersion :: MonadState TLSState m => m Version`
Separate tx/rx state from a single RecordState unroll a reader/state/error monad into a single simple monad, and move back version and client context in state. 2013-07-25 20:53:32 +00:00			`getVersion = gets stVersion`
split record state from state. 2013-07-13 07:03:25 +00:00
misc change and start to trickle through the support for secure renegotiation 2011-06-07 07:13:43 +00:00			`setSecureRenegotiation :: MonadState TLSState m => Bool -> m ()`
			`setSecureRenegotiation b = modify (\st -> st { stSecureRenegotiation = b })`

			`getSecureRenegotiation :: MonadState TLSState m => m Bool`
use gets where possible and make thing nicer 2012-10-30 04:46:19 +00:00			`getSecureRenegotiation = gets stSecureRenegotiation`
misc change and start to trickle through the support for secure renegotiation 2011-06-07 07:13:43 +00:00
Use callback instead of static state for supported NPN protocols. onSuggestNextProtocols in TLSParams. Expose getNegotiatedProtocol to users. Fix condition for when to understand NPN messages. 2012-02-12 18:59:19 +00:00			`setExtensionNPN :: MonadState TLSState m => Bool -> m ()`
			`setExtensionNPN b = modify (\st -> st { stExtensionNPN = b })`
Partial, but working, implementation of serverside NPN. 2012-02-08 09:20:28 +00:00
Use callback instead of static state for supported NPN protocols. onSuggestNextProtocols in TLSParams. Expose getNegotiatedProtocol to users. Fix condition for when to understand NPN messages. 2012-02-12 18:59:19 +00:00			`getExtensionNPN :: MonadState TLSState m => m Bool`
use gets where possible and make thing nicer 2012-10-30 04:46:19 +00:00			`getExtensionNPN = gets stExtensionNPN`
Partial, but working, implementation of serverside NPN. 2012-02-08 09:20:28 +00:00
Use callback instead of static state for supported NPN protocols. onSuggestNextProtocols in TLSParams. Expose getNegotiatedProtocol to users. Fix condition for when to understand NPN messages. 2012-02-12 18:59:19 +00:00			`setNegotiatedProtocol :: MonadState TLSState m => B.ByteString -> m ()`
			`setNegotiatedProtocol s = modify (\st -> st { stNegotiatedProtocol = Just s })`
Partial, but working, implementation of serverside NPN. 2012-02-08 09:20:28 +00:00
Use callback instead of static state for supported NPN protocols. onSuggestNextProtocols in TLSParams. Expose getNegotiatedProtocol to users. Fix condition for when to understand NPN messages. 2012-02-12 18:59:19 +00:00			`getNegotiatedProtocol :: MonadState TLSState m => m (Maybe B.ByteString)`
use gets where possible and make thing nicer 2012-10-30 04:46:19 +00:00			`getNegotiatedProtocol = gets stNegotiatedProtocol`
Partial, but working, implementation of serverside NPN. 2012-02-08 09:20:28 +00:00
Add client side of Next Protocol Negotiation. 2012-02-16 08:05:46 +00:00			`setServerNextProtocolSuggest :: MonadState TLSState m => [B.ByteString] -> m ()`
			`setServerNextProtocolSuggest ps = modify (\st -> st { stServerNextProtocolSuggest = Just ps})`

			`getServerNextProtocolSuggest :: MonadState TLSState m => m (Maybe [B.ByteString])`
			`getServerNextProtocolSuggest = get >>= return . stServerNextProtocolSuggest`

update for x509 2013-05-19 07:05:46 +00:00			`setClientCertificateChain :: MonadState TLSState m => CertificateChain -> m ()`
Integrate client certificate settings into RoleParams, remember client cert chain for use after handshake has finished. 2012-07-16 12:36:44 +00:00			`setClientCertificateChain s = modify (\st -> st { stClientCertificateChain = Just s })`

update for x509 2013-05-19 07:05:46 +00:00			`getClientCertificateChain :: MonadState TLSState m => m (Maybe CertificateChain)`
use gets where possible and make thing nicer 2012-10-30 04:46:19 +00:00			`getClientCertificateChain = gets stClientCertificateChain`
Integrate client certificate settings into RoleParams, remember client cert chain for use after handshake has finished. 2012-07-16 12:36:44 +00:00
move processServerHello in Handshake 2013-07-24 05:50:56 +00:00			`getVerifiedData :: MonadState TLSState m => Role -> m Bytes`
			`getVerifiedData client = gets (if client == ClientRole then stClientVerifiedData else stServerVerifiedData)`
misc change and start to trickle through the support for secure renegotiation 2011-06-07 07:13:43 +00:00
move to a proper role type for client\|server 2013-07-21 09:16:01 +00:00			`isClientContext :: MonadState TLSState m => m Role`
Separate tx/rx state from a single RecordState unroll a reader/state/error monad into a single simple monad, and move back version and client context in state. 2013-07-25 20:53:32 +00:00			`isClientContext = gets stClientContext`
initial import 2010-09-09 21:47:19 +00:00
simplify state manipulation separate the pure state manipulation from the monad doing the IO. add some duplicate helpers to use the new monad. 2011-03-01 20:01:40 +00:00			`startHandshakeClient :: MonadState TLSState m => Version -> ClientRandom -> m ()`
initial import 2010-09-09 21:47:19 +00:00			`startHandshakeClient ver crand = do`
re-indent 2013-07-12 06:27:28 +00:00			`-- FIXME check if handshake is already not null`
			`let initCtx = if ver < TLS12 then hashMD5SHA1 else hashSHA256`
			`chs <- get >>= return . stHandshake`
			`when (isNothing chs) $`
			`modify (\st -> st { stHandshake = Just $ newEmptyHandshake ver crand initCtx })`
initial import 2010-09-09 21:47:19 +00:00
add accessor from context and state to HandshakeM 2013-07-19 06:47:33 +00:00			`withHandshakeM :: MonadState TLSState m => HandshakeM a -> m a`
			`withHandshakeM f =`
			`get >>= \st -> case stHandshake st of`
			`Nothing -> fail "handshake missing"`
			`Just hst -> do let (a, nhst) = runHandshake hst f`
			`put (st { stHandshake = Just nhst })`
			`return a`

simplify state manipulation separate the pure state manipulation from the monad doing the IO. add some duplicate helpers to use the new monad. 2011-03-01 20:01:40 +00:00			`endHandshake :: MonadState TLSState m => m ()`
			`endHandshake = modify (\st -> st { stHandshake = Nothing })`
split record state from state. 2013-07-13 07:03:25 +00:00
			`genRandom :: Int -> TLSSt Bytes`
move random gen back into state 2013-07-24 16:35:57 +00:00			`genRandom n = do`
			`st <- get`
			`case withTLSRNG (stRandomGen st) (genRandomBytes n) of`
			`(bytes, rng') -> put (st { stRandomGen = rng' }) >> return bytes`
add a TLSSt wrapper for RNG operations 2013-07-28 06:32:44 +00:00
			`withRNG :: (forall g . CPRG g => g -> (a, g)) -> TLSSt a`
			`withRNG f = do`
			`st <- get`
			`let (a,rng') = withTLSRNG (stRandomGen st) f`
			`put (st { stRandomGen = rng' })`
			`return a`