hs-tls/Network/TLS/Crypto.hs

{-# OPTIONS_HADDOCK hide #-}
{-# LANGUAGE ExistentialQuantification #-}
module Network.TLS.Crypto
        ( HashCtx(..)
        , hashInit
        , hashUpdate
        , hashUpdateSSL
        , hashFinal

        -- * constructor
        , hashMD5SHA1
        , hashSHA256

        -- * key exchange generic interface
        , PublicKey(..)
        , PrivateKey(..)
        , kxEncrypt
        , kxDecrypt
        , kxSign
        , kxVerify
        , KxError(..)
        ) where

import qualified Crypto.Hash.SHA256 as SHA256
import qualified Crypto.Hash.SHA1 as SHA1
import qualified Crypto.Hash.MD5 as MD5
import qualified Data.ByteString as B
import Data.ByteString (ByteString)
import qualified Crypto.Cipher.RSA as RSA
import Crypto.Random (CryptoRandomGen)

data PublicKey = PubRSA RSA.PublicKey

data PrivateKey = PrivRSA RSA.PrivateKey

instance Show PublicKey where
        show (_) = "PublicKey(..)"

instance Show PrivateKey where
        show (_) = "privateKey(..)"

data KxError = RSAError RSA.Error
        deriving (Show)

data KeyXchg =
          KxRSA RSA.PublicKey RSA.PrivateKey
        deriving (Show)

class HashCtxC a where
        hashCName      :: a -> String
        hashCInit      :: a -> a
        hashCUpdate    :: a -> B.ByteString -> a
        hashCUpdateSSL :: a -> (B.ByteString,B.ByteString) -> a
        hashCFinal     :: a -> B.ByteString

data HashCtx = forall h . HashCtxC h => HashCtx h

instance Show HashCtx where
        show (HashCtx c) = hashCName c

{- MD5 & SHA1 joined -}
data HashMD5SHA1 = HashMD5SHA1 SHA1.Ctx MD5.Ctx

instance HashCtxC HashMD5SHA1 where
        hashCName _                  = "MD5-SHA1"
        hashCInit _                  = HashMD5SHA1 SHA1.init MD5.init
        hashCUpdate (HashMD5SHA1 sha1ctx md5ctx) b = HashMD5SHA1 (SHA1.update sha1ctx b) (MD5.update md5ctx b)
        hashCUpdateSSL (HashMD5SHA1 sha1ctx md5ctx) (b1,b2) = HashMD5SHA1 (SHA1.update sha1ctx b2) (MD5.update md5ctx b1)
        hashCFinal  (HashMD5SHA1 sha1ctx md5ctx)   = B.concat [MD5.finalize md5ctx, SHA1.finalize sha1ctx]

data HashSHA256 = HashSHA256 SHA256.Ctx

instance HashCtxC HashSHA256 where
        hashCName _                    = "SHA256"
        hashCInit _                    = HashSHA256 SHA256.init
        hashCUpdate (HashSHA256 ctx) b = HashSHA256 (SHA256.update ctx b)
        hashCUpdateSSL _ _             = undefined
        hashCFinal  (HashSHA256 ctx)   = SHA256.finalize ctx

-- functions to use the hidden class.
hashInit :: HashCtx -> HashCtx
hashInit   (HashCtx h)   = HashCtx $ hashCInit h

hashUpdate :: HashCtx -> B.ByteString -> HashCtx
hashUpdate (HashCtx h) b = HashCtx $ hashCUpdate h b

hashUpdateSSL :: HashCtx -> (B.ByteString,B.ByteString) -> HashCtx
hashUpdateSSL (HashCtx h) bs = HashCtx $ hashCUpdateSSL h bs

hashFinal :: HashCtx -> B.ByteString
hashFinal  (HashCtx h)   = hashCFinal h

-- real hash constructors
hashMD5SHA1, hashSHA256 :: HashCtx
hashMD5SHA1 = HashCtx (HashMD5SHA1 SHA1.init MD5.init)
hashSHA256  = HashCtx (HashSHA256 SHA256.init)

{- key exchange methods encrypt and decrypt for each supported algorithm -}
generalizeRSAError :: Either RSA.Error a -> Either KxError a
generalizeRSAError (Left e)  = Left (RSAError e)
generalizeRSAError (Right x) = Right x

kxEncrypt :: CryptoRandomGen g => g -> PublicKey -> ByteString -> Either KxError (ByteString, g)
kxEncrypt g (PubRSA pk) b = generalizeRSAError $ RSA.encrypt g pk b

kxDecrypt :: PrivateKey -> ByteString -> Either KxError ByteString
kxDecrypt (PrivRSA pk) b  = generalizeRSAError $ RSA.decrypt pk b

-- Verify that the signature matches the given message, using the
-- public key.
--
kxVerify :: PublicKey -> (ByteString -> ByteString, ByteString) -> ByteString -> ByteString -> Either KxError Bool
kxVerify (PubRSA pk) hsh msg sign =
  let hashF = fst hsh
      hashASN1 = snd hsh
  in generalizeRSAError $ RSA.verify hashF hashASN1 pk msg sign

-- Sign the given message using the private key.
--
kxSign :: PrivateKey -> (ByteString -> ByteString, ByteString) -> ByteString -> Either KxError ByteString
kxSign (PrivRSA pk) hsh msg  =
  let hashF = fst hsh
      hashASN1 = snd hsh
  in generalizeRSAError $ RSA.sign hashF hashASN1 pk msg
add more haddock related stuff 2011-03-02 08:43:05 +00:00			`{-# OPTIONS_HADDOCK hide #-}`
update hash interface to hide the state through typeclass and existentialquantification. 2011-08-14 13:34:34 +00:00			`{-# LANGUAGE ExistentialQuantification #-}`
initial import 2010-09-09 21:47:19 +00:00			`module Network.TLS.Crypto`
expand tabs. 2012-03-27 07:57:51 +00:00			`( HashCtx(..)`
			`, hashInit`
			`, hashUpdate`
			`, hashUpdateSSL`
			`, hashFinal`

			`-- * constructor`
			`, hashMD5SHA1`
			`, hashSHA256`

			`-- * key exchange generic interface`
			`, PublicKey(..)`
			`, PrivateKey(..)`
			`, kxEncrypt`
			`, kxDecrypt`
Add functions for signing/verifying with private/public keys. 2012-07-13 14:33:12 +00:00			`, kxSign`
			`, kxVerify`
expand tabs. 2012-03-27 07:57:51 +00:00			`, KxError(..)`
			`) where`
initial import 2010-09-09 21:47:19 +00:00
define hashSHA256. 2011-08-14 15:18:22 +00:00			`import qualified Crypto.Hash.SHA256 as SHA256`
depends on cryptohash 0.6 and adapt to the new modules location. 2010-10-24 10:36:36 +00:00			`import qualified Crypto.Hash.SHA1 as SHA1`
			`import qualified Crypto.Hash.MD5 as MD5`
initial import 2010-09-09 21:47:19 +00:00			`import qualified Data.ByteString as B`
use strict bytestring instead of lazy bytestring. the API stays mostly similar except for clientkeyxchg that need a bytes instead of [word8]. remove lots of unnessary packing/unpacking when setting up ciphers. 2010-09-26 09:34:47 +00:00			`import Data.ByteString (ByteString)`
Generalize key exchange and use in-house RSA. Remove need for spoon, since RSA will fails gracefully. Add support for full private key format for fast decryption. Generalization of key exchange to add future support for DH, etc. 2010-11-04 19:10:00 +00:00			`import qualified Crypto.Cipher.RSA as RSA`
			`import Crypto.Random (CryptoRandomGen)`

			`data PublicKey = PubRSA RSA.PublicKey`

			`data PrivateKey = PrivRSA RSA.PrivateKey`

			`instance Show PublicKey where`
expand tabs. 2012-03-27 07:57:51 +00:00			`show (_) = "PublicKey(..)"`
Generalize key exchange and use in-house RSA. Remove need for spoon, since RSA will fails gracefully. Add support for full private key format for fast decryption. Generalization of key exchange to add future support for DH, etc. 2010-11-04 19:10:00 +00:00
			`instance Show PrivateKey where`
expand tabs. 2012-03-27 07:57:51 +00:00			`show (_) = "privateKey(..)"`
Generalize key exchange and use in-house RSA. Remove need for spoon, since RSA will fails gracefully. Add support for full private key format for fast decryption. Generalization of key exchange to add future support for DH, etc. 2010-11-04 19:10:00 +00:00
			`data KxError = RSAError RSA.Error`
expand tabs. 2012-03-27 07:57:51 +00:00			`deriving (Show)`
initial import 2010-09-09 21:47:19 +00:00
Generalize key exchange and use in-house RSA. Remove need for spoon, since RSA will fails gracefully. Add support for full private key format for fast decryption. Generalization of key exchange to add future support for DH, etc. 2010-11-04 19:10:00 +00:00			`data KeyXchg =`
expand tabs. 2012-03-27 07:57:51 +00:00			`KxRSA RSA.PublicKey RSA.PrivateKey`
			`deriving (Show)`
Generalize key exchange and use in-house RSA. Remove need for spoon, since RSA will fails gracefully. Add support for full private key format for fast decryption. Generalization of key exchange to add future support for DH, etc. 2010-11-04 19:10:00 +00:00
update hash interface to hide the state through typeclass and existentialquantification. 2011-08-14 13:34:34 +00:00			`class HashCtxC a where`
expand tabs. 2012-03-27 07:57:51 +00:00			`hashCName :: a -> String`
			`hashCInit :: a -> a`
			`hashCUpdate :: a -> B.ByteString -> a`
			`hashCUpdateSSL :: a -> (B.ByteString,B.ByteString) -> a`
			`hashCFinal :: a -> B.ByteString`
initial import 2010-09-09 21:47:19 +00:00
update hash interface to hide the state through typeclass and existentialquantification. 2011-08-14 13:34:34 +00:00			`data HashCtx = forall h . HashCtxC h => HashCtx h`
initial import 2010-09-09 21:47:19 +00:00
update hash interface to hide the state through typeclass and existentialquantification. 2011-08-14 13:34:34 +00:00			`instance Show HashCtx where`
expand tabs. 2012-03-27 07:57:51 +00:00			`show (HashCtx c) = hashCName c`
initial import 2010-09-09 21:47:19 +00:00
update hash interface to hide the state through typeclass and existentialquantification. 2011-08-14 13:34:34 +00:00			`{- MD5 & SHA1 joined -}`
			`data HashMD5SHA1 = HashMD5SHA1 SHA1.Ctx MD5.Ctx`

			`instance HashCtxC HashMD5SHA1 where`
expand tabs. 2012-03-27 07:57:51 +00:00			`hashCName _ = "MD5-SHA1"`
			`hashCInit _ = HashMD5SHA1 SHA1.init MD5.init`
			`hashCUpdate (HashMD5SHA1 sha1ctx md5ctx) b = HashMD5SHA1 (SHA1.update sha1ctx b) (MD5.update md5ctx b)`
			`hashCUpdateSSL (HashMD5SHA1 sha1ctx md5ctx) (b1,b2) = HashMD5SHA1 (SHA1.update sha1ctx b2) (MD5.update md5ctx b1)`
			`hashCFinal (HashMD5SHA1 sha1ctx md5ctx) = B.concat [MD5.finalize md5ctx, SHA1.finalize sha1ctx]`
update hash interface to hide the state through typeclass and existentialquantification. 2011-08-14 13:34:34 +00:00
define hashSHA256. 2011-08-14 15:18:22 +00:00			`data HashSHA256 = HashSHA256 SHA256.Ctx`
update hash interface to hide the state through typeclass and existentialquantification. 2011-08-14 13:34:34 +00:00
define hashSHA256. 2011-08-14 15:18:22 +00:00			`instance HashCtxC HashSHA256 where`
expand tabs. 2012-03-27 07:57:51 +00:00			`hashCName _ = "SHA256"`
			`hashCInit _ = HashSHA256 SHA256.init`
			`hashCUpdate (HashSHA256 ctx) b = HashSHA256 (SHA256.update ctx b)`
			`hashCUpdateSSL _ _ = undefined`
			`hashCFinal (HashSHA256 ctx) = SHA256.finalize ctx`
update hash interface to hide the state through typeclass and existentialquantification. 2011-08-14 13:34:34 +00:00
			`-- functions to use the hidden class.`
			`hashInit :: HashCtx -> HashCtx`
			`hashInit (HashCtx h) = HashCtx $ hashCInit h`

			`hashUpdate :: HashCtx -> B.ByteString -> HashCtx`
			`hashUpdate (HashCtx h) b = HashCtx $ hashCUpdate h b`

switch to one hashctx that can contains 2 hashctx, and add a special updateSSL for SSL3. 2011-08-14 15:18:09 +00:00			`hashUpdateSSL :: HashCtx -> (B.ByteString,B.ByteString) -> HashCtx`
			`hashUpdateSSL (HashCtx h) bs = HashCtx $ hashCUpdateSSL h bs`

update hash interface to hide the state through typeclass and existentialquantification. 2011-08-14 13:34:34 +00:00			`hashFinal :: HashCtx -> B.ByteString`
			`hashFinal (HashCtx h) = hashCFinal h`

			`-- real hash constructors`
switch to one hashctx that can contains 2 hashctx, and add a special updateSSL for SSL3. 2011-08-14 15:18:09 +00:00			`hashMD5SHA1, hashSHA256 :: HashCtx`
update hash interface to hide the state through typeclass and existentialquantification. 2011-08-14 13:34:34 +00:00			`hashMD5SHA1 = HashCtx (HashMD5SHA1 SHA1.init MD5.init)`
define hashSHA256. 2011-08-14 15:18:22 +00:00			`hashSHA256 = HashCtx (HashSHA256 SHA256.init)`
initial import 2010-09-09 21:47:19 +00:00
Generalize key exchange and use in-house RSA. Remove need for spoon, since RSA will fails gracefully. Add support for full private key format for fast decryption. Generalization of key exchange to add future support for DH, etc. 2010-11-04 19:10:00 +00:00			`{- key exchange methods encrypt and decrypt for each supported algorithm -}`
			`generalizeRSAError :: Either RSA.Error a -> Either KxError a`
			`generalizeRSAError (Left e) = Left (RSAError e)`
			`generalizeRSAError (Right x) = Right x`
initial import 2010-09-09 21:47:19 +00:00
Generalize key exchange and use in-house RSA. Remove need for spoon, since RSA will fails gracefully. Add support for full private key format for fast decryption. Generalization of key exchange to add future support for DH, etc. 2010-11-04 19:10:00 +00:00			`kxEncrypt :: CryptoRandomGen g => g -> PublicKey -> ByteString -> Either KxError (ByteString, g)`
			`kxEncrypt g (PubRSA pk) b = generalizeRSAError $ RSA.encrypt g pk b`
use strict bytestring instead of lazy bytestring. the API stays mostly similar except for clientkeyxchg that need a bytes instead of [word8]. remove lots of unnessary packing/unpacking when setting up ciphers. 2010-09-26 09:34:47 +00:00
Generalize key exchange and use in-house RSA. Remove need for spoon, since RSA will fails gracefully. Add support for full private key format for fast decryption. Generalization of key exchange to add future support for DH, etc. 2010-11-04 19:10:00 +00:00			`kxDecrypt :: PrivateKey -> ByteString -> Either KxError ByteString`
			`kxDecrypt (PrivRSA pk) b = generalizeRSAError $ RSA.decrypt pk b`
Add functions for signing/verifying with private/public keys. 2012-07-13 14:33:12 +00:00
			`-- Verify that the signature matches the given message, using the`
			`-- public key.`
			`--`
Harmonize code for pre-1.2 and 1.2 versions. 2012-07-26 21:06:08 +00:00			`kxVerify :: PublicKey -> (ByteString -> ByteString, ByteString) -> ByteString -> ByteString -> Either KxError Bool`
Start client certificate support for TLS1.2. Add some checks for matching cert types, sig/hash algorithms, etc. Remove some obsolete FIXMEs and comments. 2012-07-18 20:19:11 +00:00			`kxVerify (PubRSA pk) hsh msg sign =`
Harmonize code for pre-1.2 and 1.2 versions. 2012-07-26 21:06:08 +00:00			`let hashF = fst hsh`
			`hashASN1 = snd hsh`
Add functions for signing/verifying with private/public keys. 2012-07-13 14:33:12 +00:00			`in generalizeRSAError $ RSA.verify hashF hashASN1 pk msg sign`

			`-- Sign the given message using the private key.`
			`--`
Harmonize code for pre-1.2 and 1.2 versions. 2012-07-26 21:06:08 +00:00			`kxSign :: PrivateKey -> (ByteString -> ByteString, ByteString) -> ByteString -> Either KxError ByteString`
Start client certificate support for TLS1.2. Add some checks for matching cert types, sig/hash algorithms, etc. Remove some obsolete FIXMEs and comments. 2012-07-18 20:19:11 +00:00			`kxSign (PrivRSA pk) hsh msg =`
Harmonize code for pre-1.2 and 1.2 versions. 2012-07-26 21:06:08 +00:00			`let hashF = fst hsh`
			`hashASN1 = snd hsh`
Add functions for signing/verifying with private/public keys. 2012-07-13 14:33:12 +00:00			`in generalizeRSAError $ RSA.sign hashF hashASN1 pk msg`