hs-tls/core/Network/TLS/State.hs

{-# LANGUAGE CPP #-}
{-# LANGUAGE Rank2Types #-}
{-# LANGUAGE MultiParamTypeClasses #-}
{-# LANGUAGE GeneralizedNewtypeDeriving #-}
-- |
-- Module      : Network.TLS.State
-- License     : BSD-style
-- Maintainer  : Vincent Hanquez <vincent@snarc.org>
-- Stability   : experimental
-- Portability : unknown
--
-- the State module contains calls related to state initialization/manipulation
-- which is use by the Receiving module and the Sending module.
--
module Network.TLS.State
    ( TLSState(..)
    , TLSSt
    , runTLSState
    , newTLSState
    , withTLSRNG
    , updateVerifiedData
    , finishHandshakeTypeMaterial
    , finishHandshakeMaterial
    , certVerifyHandshakeTypeMaterial
    , certVerifyHandshakeMaterial
    , setVersion
    , setVersionIfUnset
    , getVersion
    , getVersionWithDefault
    , setSecureRenegotiation
    , getSecureRenegotiation
    , setExtensionNPN
    , getExtensionNPN
    , setNegotiatedProtocol
    , getNegotiatedProtocol
    , setServerNextProtocolSuggest
    , getServerNextProtocolSuggest
    , getClientCertificateChain
    , setClientCertificateChain
    , getVerifiedData
    , setSession
    , getSession
    , isSessionResuming
    , isClientContext
    -- * random
    , genRandom
    , withRNG
    ) where

import Control.Applicative
import Network.TLS.Struct
import Network.TLS.RNG
import Network.TLS.Types (Role(..))
import qualified Data.ByteString as B
import Control.Monad.State
import Control.Monad.Error
import Crypto.Random
import Data.X509 (CertificateChain)

data TLSState = TLSState
    { stSession             :: Session
    , stSessionResuming     :: Bool
    , stSecureRenegotiation :: Bool  -- RFC 5746
    , stClientVerifiedData  :: Bytes -- RFC 5746
    , stServerVerifiedData  :: Bytes -- RFC 5746
    , stExtensionNPN        :: Bool  -- NPN draft extension
    , stNegotiatedProtocol  :: Maybe B.ByteString -- NPN protocol
    , stServerNextProtocolSuggest :: Maybe [B.ByteString]
    , stClientCertificateChain :: Maybe CertificateChain
    , stRandomGen           :: StateRNG
    , stVersion             :: Maybe Version
    , stClientContext       :: Role
    } deriving (Show)

newtype TLSSt a = TLSSt { runTLSSt :: ErrorT TLSError (State TLSState) a }
    deriving (Monad, MonadError TLSError, Functor, Applicative)

instance MonadState TLSState TLSSt where
    put x = TLSSt (lift $ put x)
    get   = TLSSt (lift get)
#if MIN_VERSION_mtl(2,1,0)
    state f = TLSSt (lift $ state f)
#endif

runTLSState :: TLSSt a -> TLSState -> (Either TLSError a, TLSState)
runTLSState f st = runState (runErrorT (runTLSSt f)) st

newTLSState :: CPRG g => g -> Role -> TLSState
newTLSState rng clientContext = TLSState
    { stSession             = Session Nothing
    , stSessionResuming     = False
    , stSecureRenegotiation = False
    , stClientVerifiedData  = B.empty
    , stServerVerifiedData  = B.empty
    , stExtensionNPN        = False
    , stNegotiatedProtocol  = Nothing
    , stServerNextProtocolSuggest = Nothing
    , stClientCertificateChain = Nothing
    , stRandomGen           = StateRNG rng
    , stVersion             = Nothing
    , stClientContext       = clientContext
    }

updateVerifiedData :: Role -> Bytes -> TLSSt ()
updateVerifiedData sending bs = do
    cc <- isClientContext
    if cc /= sending
        then modify (\st -> st { stServerVerifiedData = bs })
        else modify (\st -> st { stClientVerifiedData = bs })

finishHandshakeTypeMaterial :: HandshakeType -> Bool
finishHandshakeTypeMaterial HandshakeType_ClientHello     = True
finishHandshakeTypeMaterial HandshakeType_ServerHello     = True
finishHandshakeTypeMaterial HandshakeType_Certificate     = True
finishHandshakeTypeMaterial HandshakeType_HelloRequest    = False
finishHandshakeTypeMaterial HandshakeType_ServerHelloDone = True
finishHandshakeTypeMaterial HandshakeType_ClientKeyXchg   = True
finishHandshakeTypeMaterial HandshakeType_ServerKeyXchg   = True
finishHandshakeTypeMaterial HandshakeType_CertRequest     = True
finishHandshakeTypeMaterial HandshakeType_CertVerify      = True
finishHandshakeTypeMaterial HandshakeType_Finished        = True
finishHandshakeTypeMaterial HandshakeType_NPN             = True

finishHandshakeMaterial :: Handshake -> Bool
finishHandshakeMaterial = finishHandshakeTypeMaterial . typeOfHandshake

certVerifyHandshakeTypeMaterial :: HandshakeType -> Bool
certVerifyHandshakeTypeMaterial HandshakeType_ClientHello     = True
certVerifyHandshakeTypeMaterial HandshakeType_ServerHello     = True
certVerifyHandshakeTypeMaterial HandshakeType_Certificate     = True
certVerifyHandshakeTypeMaterial HandshakeType_HelloRequest    = False
certVerifyHandshakeTypeMaterial HandshakeType_ServerHelloDone = True
certVerifyHandshakeTypeMaterial HandshakeType_ClientKeyXchg   = True
certVerifyHandshakeTypeMaterial HandshakeType_ServerKeyXchg   = True
certVerifyHandshakeTypeMaterial HandshakeType_CertRequest     = True
certVerifyHandshakeTypeMaterial HandshakeType_CertVerify      = False
certVerifyHandshakeTypeMaterial HandshakeType_Finished        = False
certVerifyHandshakeTypeMaterial HandshakeType_NPN             = False

certVerifyHandshakeMaterial :: Handshake -> Bool
certVerifyHandshakeMaterial = certVerifyHandshakeTypeMaterial . typeOfHandshake

setSession :: Session -> Bool -> TLSSt ()
setSession session resuming = modify (\st -> st { stSession = session, stSessionResuming = resuming })

getSession :: TLSSt Session
getSession = gets stSession

isSessionResuming :: TLSSt Bool
isSessionResuming = gets stSessionResuming

setVersion :: Version -> TLSSt ()
setVersion ver = modify (\st -> st { stVersion = Just ver })

setVersionIfUnset :: Version -> TLSSt ()
setVersionIfUnset ver = modify maybeSet
  where maybeSet st = case stVersion st of
                           Nothing -> st { stVersion = Just ver }
                           Just _  -> st

getVersion :: TLSSt Version
getVersion = maybe (error $ "internal error: version hasn't been set yet") id <$> gets stVersion

getVersionWithDefault :: Version -> TLSSt Version
getVersionWithDefault defaultVer = maybe defaultVer id <$> gets stVersion

setSecureRenegotiation :: Bool -> TLSSt ()
setSecureRenegotiation b = modify (\st -> st { stSecureRenegotiation = b })

getSecureRenegotiation :: TLSSt Bool
getSecureRenegotiation = gets stSecureRenegotiation

setExtensionNPN :: Bool -> TLSSt ()
setExtensionNPN b = modify (\st -> st { stExtensionNPN = b })

getExtensionNPN :: TLSSt Bool
getExtensionNPN = gets stExtensionNPN

setNegotiatedProtocol :: B.ByteString -> TLSSt ()
setNegotiatedProtocol s = modify (\st -> st { stNegotiatedProtocol = Just s })

getNegotiatedProtocol :: TLSSt (Maybe B.ByteString)
getNegotiatedProtocol = gets stNegotiatedProtocol

setServerNextProtocolSuggest :: [B.ByteString] -> TLSSt ()
setServerNextProtocolSuggest ps = modify (\st -> st { stServerNextProtocolSuggest = Just ps})

getServerNextProtocolSuggest :: TLSSt (Maybe [B.ByteString])
getServerNextProtocolSuggest = gets stServerNextProtocolSuggest

setClientCertificateChain :: CertificateChain -> TLSSt ()
setClientCertificateChain s = modify (\st -> st { stClientCertificateChain = Just s })

getClientCertificateChain :: TLSSt (Maybe CertificateChain)
getClientCertificateChain = gets stClientCertificateChain

getVerifiedData :: Role -> TLSSt Bytes
getVerifiedData client = gets (if client == ClientRole then stClientVerifiedData else stServerVerifiedData)

isClientContext :: TLSSt Role
isClientContext = gets stClientContext

genRandom :: Int -> TLSSt Bytes
genRandom n = do
    st <- get
    case withTLSRNG (stRandomGen st) (cprgGenerate n) of
            (bytes, rng') -> put (st { stRandomGen = rng' }) >> return bytes

withRNG :: (forall g . CPRG g => g -> (a, g)) -> TLSSt a
withRNG f = do
    st <- get
    let (a,rng') = withTLSRNG (stRandomGen st) f
    put (st { stRandomGen = rng' })
    return a
use HandshakeState directly without grabbing the TLSState 2013-08-01 07:12:54 +00:00			`{-# LANGUAGE CPP #-}`
			`{-# LANGUAGE Rank2Types #-}`
			`{-# LANGUAGE MultiParamTypeClasses #-}`
			`{-# LANGUAGE GeneralizedNewtypeDeriving #-}`
initial import 2010-09-09 21:47:19 +00:00			`-- \|`
			`-- Module : Network.TLS.State`
			`-- License : BSD-style`
			`-- Maintainer : Vincent Hanquez <vincent@snarc.org>`
			`-- Stability : experimental`
			`-- Portability : unknown`
			`--`
			`-- the State module contains calls related to state initialization/manipulation`
			`-- which is use by the Receiving module and the Sending module.`
			`--`
			`module Network.TLS.State`
re-indent 2013-07-12 06:27:28 +00:00			`( TLSState(..)`
			`, TLSSt`
			`, runTLSState`
			`, newTLSState`
			`, withTLSRNG`
			`, updateVerifiedData`
			`, finishHandshakeTypeMaterial`
			`, finishHandshakeMaterial`
			`, certVerifyHandshakeTypeMaterial`
			`, certVerifyHandshakeMaterial`
			`, setVersion`
Fix version usage related to downgrading * properly chose the highest version supported on the server, instead of chosing the first that match. * use the client version in the RSA client exchange instead of the negotiated version * delay hashing mechanism to serverHello message so that choosing MD5SHA1 or SHA256 is done after the server chose the version. 2013-12-03 07:17:27 +00:00			`, setVersionIfUnset`
split record state from state. 2013-07-13 07:03:25 +00:00			`, getVersion`
default the version if not set which allow to report very early error (e.g. no cipher in common) properly 2013-12-28 15:09:25 +00:00			`, getVersionWithDefault`
re-indent 2013-07-12 06:27:28 +00:00			`, setSecureRenegotiation`
			`, getSecureRenegotiation`
			`, setExtensionNPN`
			`, getExtensionNPN`
			`, setNegotiatedProtocol`
			`, getNegotiatedProtocol`
			`, setServerNextProtocolSuggest`
			`, getServerNextProtocolSuggest`
			`, getClientCertificateChain`
			`, setClientCertificateChain`
			`, getVerifiedData`
			`, setSession`
			`, getSession`
			`, isSessionResuming`
			`, isClientContext`
add a TLSSt wrapper for RNG operations 2013-07-28 06:32:44 +00:00			`-- * random`
			`, genRandom`
			`, withRNG`
re-indent 2013-07-12 06:27:28 +00:00			`) where`
initial import 2010-09-09 21:47:19 +00:00
use HandshakeState directly without grabbing the TLSState 2013-08-01 07:12:54 +00:00			`import Control.Applicative`
initial import 2010-09-09 21:47:19 +00:00			`import Network.TLS.Struct`
split record state from state. 2013-07-13 07:03:25 +00:00			`import Network.TLS.RNG`
move to a proper role type for client\|server 2013-07-21 09:16:01 +00:00			`import Network.TLS.Types (Role(..))`
use strict bytestring instead of lazy bytestring. the API stays mostly similar except for clientkeyxchg that need a bytes instead of [word8]. remove lots of unnessary packing/unpacking when setting up ciphers. 2010-09-26 09:34:47 +00:00			`import qualified Data.ByteString as B`
simplify state manipulation separate the pure state manipulation from the monad doing the IO. add some duplicate helpers to use the new monad. 2011-03-01 20:01:40 +00:00			`import Control.Monad.State`
			`import Control.Monad.Error`
move to crypto-random 2013-09-01 06:42:43 +00:00			`import Crypto.Random`
update for x509 2013-05-19 07:05:46 +00:00			`import Data.X509 (CertificateChain)`
initial import 2010-09-09 21:47:19 +00:00
first stab at separating record state from other state. 2013-07-11 08:03:33 +00:00			`data TLSState = TLSState`
move handshake state out of state 2013-08-01 07:47:40 +00:00			`{ stSession :: Session`
re-indent 2013-07-12 06:27:28 +00:00			`, stSessionResuming :: Bool`
			`, stSecureRenegotiation :: Bool -- RFC 5746`
			`, stClientVerifiedData :: Bytes -- RFC 5746`
			`, stServerVerifiedData :: Bytes -- RFC 5746`
			`, stExtensionNPN :: Bool -- NPN draft extension`
			`, stNegotiatedProtocol :: Maybe B.ByteString -- NPN protocol`
			`, stServerNextProtocolSuggest :: Maybe [B.ByteString]`
			`, stClientCertificateChain :: Maybe CertificateChain`
Fix version usage related to downgrading * properly chose the highest version supported on the server, instead of chosing the first that match. * use the client version in the RSA client exchange instead of the negotiated version * delay hashing mechanism to serverHello message so that choosing MD5SHA1 or SHA256 is done after the server chose the version. 2013-12-03 07:17:27 +00:00			`, stRandomGen :: StateRNG`
			`, stVersion :: Maybe Version`
Separate tx/rx state from a single RecordState unroll a reader/state/error monad into a single simple monad, and move back version and client context in state. 2013-07-25 20:53:32 +00:00			`, stClientContext :: Role`
re-indent 2013-07-12 06:27:28 +00:00			`} deriving (Show)`
initial import 2010-09-09 21:47:19 +00:00
simplify state manipulation separate the pure state manipulation from the monad doing the IO. add some duplicate helpers to use the new monad. 2011-03-01 20:01:40 +00:00			`newtype TLSSt a = TLSSt { runTLSSt :: ErrorT TLSError (State TLSState) a }`
use HandshakeState directly without grabbing the TLSState 2013-08-01 07:12:54 +00:00			`deriving (Monad, MonadError TLSError, Functor, Applicative)`
simplify state manipulation separate the pure state manipulation from the monad doing the IO. add some duplicate helpers to use the new monad. 2011-03-01 20:01:40 +00:00
			`instance MonadState TLSState TLSSt where`
re-indent 2013-07-12 06:27:28 +00:00			`put x = TLSSt (lift $ put x)`
			`get = TLSSt (lift get)`
Define 'state' only for mtl >= 2.1. Conflicts: Network/TLS/State.hs 2012-04-20 15:37:47 +00:00			`#if MIN_VERSION_mtl(2,1,0)`
re-indent 2013-07-12 06:27:28 +00:00			`state f = TLSSt (lift $ state f)`
Define 'state' only for mtl >= 2.1. Conflicts: Network/TLS/State.hs 2012-04-20 15:37:47 +00:00			`#endif`
simplify state manipulation separate the pure state manipulation from the monad doing the IO. add some duplicate helpers to use the new monad. 2011-03-01 20:01:40 +00:00
			`runTLSState :: TLSSt a -> TLSState -> (Either TLSError a, TLSState)`
			`runTLSState f st = runState (runErrorT (runTLSSt f)) st`
initial import 2010-09-09 21:47:19 +00:00
move to a proper role type for client\|server 2013-07-21 09:16:01 +00:00			`newTLSState :: CPRG g => g -> Role -> TLSState`
first stab at separating record state from other state. 2013-07-11 08:03:33 +00:00			`newTLSState rng clientContext = TLSState`
move handshake state out of state 2013-08-01 07:47:40 +00:00			`{ stSession = Session Nothing`
re-indent 2013-07-12 06:27:28 +00:00			`, stSessionResuming = False`
			`, stSecureRenegotiation = False`
			`, stClientVerifiedData = B.empty`
			`, stServerVerifiedData = B.empty`
			`, stExtensionNPN = False`
			`, stNegotiatedProtocol = Nothing`
			`, stServerNextProtocolSuggest = Nothing`
			`, stClientCertificateChain = Nothing`
move random gen back into state 2013-07-24 16:35:57 +00:00			`, stRandomGen = StateRNG rng`
Fix version usage related to downgrading * properly chose the highest version supported on the server, instead of chosing the first that match. * use the client version in the RSA client exchange instead of the negotiated version * delay hashing mechanism to serverHello message so that choosing MD5SHA1 or SHA256 is done after the server chose the version. 2013-12-03 07:17:27 +00:00			`, stVersion = Nothing`
Separate tx/rx state from a single RecordState unroll a reader/state/error monad into a single simple monad, and move back version and client context in state. 2013-07-25 20:53:32 +00:00			`, stClientContext = clientContext`
re-indent 2013-07-12 06:27:28 +00:00			`}`
first stab at separating record state from other state. 2013-07-11 08:03:33 +00:00
remove unnecessary parametrization 2013-08-01 07:49:20 +00:00			`updateVerifiedData :: Role -> Bytes -> TLSSt ()`
add way to store verified data and to activate/deactivate the feature 2011-06-07 06:41:31 +00:00			`updateVerifiedData sending bs = do`
re-indent 2013-07-12 06:27:28 +00:00			`cc <- isClientContext`
			`if cc /= sending`
			`then modify (\st -> st { stServerVerifiedData = bs })`
			`else modify (\st -> st { stClientVerifiedData = bs })`
add way to store verified data and to activate/deactivate the feature 2011-06-07 06:41:31 +00:00
initial import 2010-09-09 21:47:19 +00:00			`finishHandshakeTypeMaterial :: HandshakeType -> Bool`
			`finishHandshakeTypeMaterial HandshakeType_ClientHello = True`
			`finishHandshakeTypeMaterial HandshakeType_ServerHello = True`
			`finishHandshakeTypeMaterial HandshakeType_Certificate = True`
			`finishHandshakeTypeMaterial HandshakeType_HelloRequest = False`
			`finishHandshakeTypeMaterial HandshakeType_ServerHelloDone = True`
			`finishHandshakeTypeMaterial HandshakeType_ClientKeyXchg = True`
			`finishHandshakeTypeMaterial HandshakeType_ServerKeyXchg = True`
			`finishHandshakeTypeMaterial HandshakeType_CertRequest = True`
Fix encoding of CertRequest, so that encoding and decoding are inverses. 2012-07-17 15:33:11 +00:00			`finishHandshakeTypeMaterial HandshakeType_CertVerify = True`
initial import 2010-09-09 21:47:19 +00:00			`finishHandshakeTypeMaterial HandshakeType_Finished = True`
prepare source for NPN. 2012-02-07 21:24:30 +00:00			`finishHandshakeTypeMaterial HandshakeType_NPN = True`
initial import 2010-09-09 21:47:19 +00:00
			`finishHandshakeMaterial :: Handshake -> Bool`
			`finishHandshakeMaterial = finishHandshakeTypeMaterial . typeOfHandshake`

Separate finish from certificate verify digests. Will make it easier to support TLS1.2. 2012-07-16 14:19:48 +00:00			`certVerifyHandshakeTypeMaterial :: HandshakeType -> Bool`
			`certVerifyHandshakeTypeMaterial HandshakeType_ClientHello = True`
			`certVerifyHandshakeTypeMaterial HandshakeType_ServerHello = True`
			`certVerifyHandshakeTypeMaterial HandshakeType_Certificate = True`
			`certVerifyHandshakeTypeMaterial HandshakeType_HelloRequest = False`
			`certVerifyHandshakeTypeMaterial HandshakeType_ServerHelloDone = True`
			`certVerifyHandshakeTypeMaterial HandshakeType_ClientKeyXchg = True`
			`certVerifyHandshakeTypeMaterial HandshakeType_ServerKeyXchg = True`
			`certVerifyHandshakeTypeMaterial HandshakeType_CertRequest = True`
			`certVerifyHandshakeTypeMaterial HandshakeType_CertVerify = False`
			`certVerifyHandshakeTypeMaterial HandshakeType_Finished = False`
			`certVerifyHandshakeTypeMaterial HandshakeType_NPN = False`

			`certVerifyHandshakeMaterial :: Handshake -> Bool`
			`certVerifyHandshakeMaterial = certVerifyHandshakeTypeMaterial . typeOfHandshake`

remove unnecessary parametrization 2013-08-01 07:49:20 +00:00			`setSession :: Session -> Bool -> TLSSt ()`
add new state for session tracking. 2011-12-20 07:38:35 +00:00			`setSession session resuming = modify (\st -> st { stSession = session, stSessionResuming = resuming })`

remove unnecessary parametrization 2013-08-01 07:49:20 +00:00			`getSession :: TLSSt Session`
add new state for session tracking. 2011-12-20 07:38:35 +00:00			`getSession = gets stSession`

remove unnecessary parametrization 2013-08-01 07:49:20 +00:00			`isSessionResuming :: TLSSt Bool`
add new state for session tracking. 2011-12-20 07:38:35 +00:00			`isSessionResuming = gets stSessionResuming`

remove unnecessary parametrization 2013-08-01 07:49:20 +00:00			`setVersion :: Version -> TLSSt ()`
Fix version usage related to downgrading * properly chose the highest version supported on the server, instead of chosing the first that match. * use the client version in the RSA client exchange instead of the negotiated version * delay hashing mechanism to serverHello message so that choosing MD5SHA1 or SHA256 is done after the server chose the version. 2013-12-03 07:17:27 +00:00			`setVersion ver = modify (\st -> st { stVersion = Just ver })`

			`setVersionIfUnset :: Version -> TLSSt ()`
			`setVersionIfUnset ver = modify maybeSet`
			`where maybeSet st = case stVersion st of`
			`Nothing -> st { stVersion = Just ver }`
			`Just _ -> st`
initial import 2010-09-09 21:47:19 +00:00
remove unnecessary parametrization 2013-08-01 07:49:20 +00:00			`getVersion :: TLSSt Version`
default the version if not set which allow to report very early error (e.g. no cipher in common) properly 2013-12-28 15:09:25 +00:00			`getVersion = maybe (error $ "internal error: version hasn't been set yet") id <$> gets stVersion`

			`getVersionWithDefault :: Version -> TLSSt Version`
			`getVersionWithDefault defaultVer = maybe defaultVer id <$> gets stVersion`
split record state from state. 2013-07-13 07:03:25 +00:00
remove unnecessary parametrization 2013-08-01 07:49:20 +00:00			`setSecureRenegotiation :: Bool -> TLSSt ()`
misc change and start to trickle through the support for secure renegotiation 2011-06-07 07:13:43 +00:00			`setSecureRenegotiation b = modify (\st -> st { stSecureRenegotiation = b })`

remove unnecessary parametrization 2013-08-01 07:49:20 +00:00			`getSecureRenegotiation :: TLSSt Bool`
use gets where possible and make thing nicer 2012-10-30 04:46:19 +00:00			`getSecureRenegotiation = gets stSecureRenegotiation`
misc change and start to trickle through the support for secure renegotiation 2011-06-07 07:13:43 +00:00
remove unnecessary parametrization 2013-08-01 07:49:20 +00:00			`setExtensionNPN :: Bool -> TLSSt ()`
Use callback instead of static state for supported NPN protocols. onSuggestNextProtocols in TLSParams. Expose getNegotiatedProtocol to users. Fix condition for when to understand NPN messages. 2012-02-12 18:59:19 +00:00			`setExtensionNPN b = modify (\st -> st { stExtensionNPN = b })`
Partial, but working, implementation of serverside NPN. 2012-02-08 09:20:28 +00:00
remove unnecessary parametrization 2013-08-01 07:49:20 +00:00			`getExtensionNPN :: TLSSt Bool`
use gets where possible and make thing nicer 2012-10-30 04:46:19 +00:00			`getExtensionNPN = gets stExtensionNPN`
Partial, but working, implementation of serverside NPN. 2012-02-08 09:20:28 +00:00
remove unnecessary parametrization 2013-08-01 07:49:20 +00:00			`setNegotiatedProtocol :: B.ByteString -> TLSSt ()`
Use callback instead of static state for supported NPN protocols. onSuggestNextProtocols in TLSParams. Expose getNegotiatedProtocol to users. Fix condition for when to understand NPN messages. 2012-02-12 18:59:19 +00:00			`setNegotiatedProtocol s = modify (\st -> st { stNegotiatedProtocol = Just s })`
Partial, but working, implementation of serverside NPN. 2012-02-08 09:20:28 +00:00
remove unnecessary parametrization 2013-08-01 07:49:20 +00:00			`getNegotiatedProtocol :: TLSSt (Maybe B.ByteString)`
use gets where possible and make thing nicer 2012-10-30 04:46:19 +00:00			`getNegotiatedProtocol = gets stNegotiatedProtocol`
Partial, but working, implementation of serverside NPN. 2012-02-08 09:20:28 +00:00
remove unnecessary parametrization 2013-08-01 07:49:20 +00:00			`setServerNextProtocolSuggest :: [B.ByteString] -> TLSSt ()`
Add client side of Next Protocol Negotiation. 2012-02-16 08:05:46 +00:00			`setServerNextProtocolSuggest ps = modify (\st -> st { stServerNextProtocolSuggest = Just ps})`

remove unnecessary parametrization 2013-08-01 07:49:20 +00:00			`getServerNextProtocolSuggest :: TLSSt (Maybe [B.ByteString])`
			`getServerNextProtocolSuggest = gets stServerNextProtocolSuggest`
Add client side of Next Protocol Negotiation. 2012-02-16 08:05:46 +00:00
remove unnecessary parametrization 2013-08-01 07:49:20 +00:00			`setClientCertificateChain :: CertificateChain -> TLSSt ()`
Integrate client certificate settings into RoleParams, remember client cert chain for use after handshake has finished. 2012-07-16 12:36:44 +00:00			`setClientCertificateChain s = modify (\st -> st { stClientCertificateChain = Just s })`

remove unnecessary parametrization 2013-08-01 07:49:20 +00:00			`getClientCertificateChain :: TLSSt (Maybe CertificateChain)`
use gets where possible and make thing nicer 2012-10-30 04:46:19 +00:00			`getClientCertificateChain = gets stClientCertificateChain`
Integrate client certificate settings into RoleParams, remember client cert chain for use after handshake has finished. 2012-07-16 12:36:44 +00:00
remove unnecessary parametrization 2013-08-01 07:49:20 +00:00			`getVerifiedData :: Role -> TLSSt Bytes`
move processServerHello in Handshake 2013-07-24 05:50:56 +00:00			`getVerifiedData client = gets (if client == ClientRole then stClientVerifiedData else stServerVerifiedData)`
misc change and start to trickle through the support for secure renegotiation 2011-06-07 07:13:43 +00:00
remove unnecessary parametrization 2013-08-01 07:49:20 +00:00			`isClientContext :: TLSSt Role`
Separate tx/rx state from a single RecordState unroll a reader/state/error monad into a single simple monad, and move back version and client context in state. 2013-07-25 20:53:32 +00:00			`isClientContext = gets stClientContext`
initial import 2010-09-09 21:47:19 +00:00
split record state from state. 2013-07-13 07:03:25 +00:00			`genRandom :: Int -> TLSSt Bytes`
move random gen back into state 2013-07-24 16:35:57 +00:00			`genRandom n = do`
			`st <- get`
move to crypto-random 2013-09-01 06:42:43 +00:00			`case withTLSRNG (stRandomGen st) (cprgGenerate n) of`
move random gen back into state 2013-07-24 16:35:57 +00:00			`(bytes, rng') -> put (st { stRandomGen = rng' }) >> return bytes`
add a TLSSt wrapper for RNG operations 2013-07-28 06:32:44 +00:00
			`withRNG :: (forall g . CPRG g => g -> (a, g)) -> TLSSt a`
			`withRNG f = do`
			`st <- get`
			`let (a,rng') = withTLSRNG (stRandomGen st) f`
			`put (st { stRandomGen = rng' })`
			`return a`