hs-tls/core/Network/TLS/Sending.hs

-- |
-- Module      : Network.TLS.Sending
-- License     : BSD-style
-- Maintainer  : Vincent Hanquez <vincent@snarc.org>
-- Stability   : experimental
-- Portability : unknown
--
-- the Sending module contains calls related to marshalling packets according
-- to the TLS state 
--
module Network.TLS.Sending (writePacket, encryptRSA, signRSA) where

import Control.Applicative ((<$>))
import Control.Monad.State

import Data.ByteString (ByteString)
import qualified Data.ByteString as B

import Network.TLS.Util
import Network.TLS.Struct
import Network.TLS.Record
import Network.TLS.Packet
import Network.TLS.State
import Network.TLS.Crypto

{-
 - 'makePacketData' create a Header and a content bytestring related to a packet
 - this doesn't change any state
 -}
makeRecord :: Packet -> TLSSt (Record Plaintext)
makeRecord pkt = do
        ver <- stVersion <$> get
        content <- writePacketContent pkt
        return $ Record (packetType pkt) ver (fragmentPlaintext content)

{-
 - ChangeCipherSpec state change need to be handled after encryption otherwise
 - its own packet would be encrypted with the new context, instead of beeing sent
 - under the current context
 -}
postprocessRecord :: Record Ciphertext -> TLSSt (Record Ciphertext)
postprocessRecord record@(Record ProtocolType_ChangeCipherSpec _ _) =
        switchTxEncryption >> return record
postprocessRecord record = return record

{-
 - marshall packet data
 -}
encodeRecord :: Record Ciphertext -> TLSSt ByteString
encodeRecord record = return $ B.concat [ encodeHeader hdr, content ]
        where (hdr, content) = recordToRaw record

{-
 - just update TLS state machine
 -}
preProcessPacket :: Packet -> TLSSt ()
preProcessPacket (Alert _)          = return ()
preProcessPacket (AppData _)        = return ()
preProcessPacket (ChangeCipherSpec) = return ()
preProcessPacket (Handshake hss)    = forM_ hss $ \hs -> do
        case hs of
                Finished fdata -> updateVerifiedData True fdata
                _              -> return ()
        when (certVerifyHandshakeMaterial hs) $ addHandshakeMessage $ encodeHandshake hs
        when (finishHandshakeTypeMaterial $ typeOfHandshake hs) (updateHandshakeDigest $ encodeHandshake hs)

{-
 - writePacket transform a packet into marshalled data related to current state
 - and updating state on the go
 -}
writePacket :: Packet -> TLSSt ByteString
writePacket pkt = do
        preProcessPacket pkt
        makeRecord pkt >>= engageRecord >>= postprocessRecord >>= encodeRecord

{------------------------------------------------------------------------------}
{- SENDING Helpers                                                            -}
{------------------------------------------------------------------------------}

{- if the RSA encryption fails we just return an empty bytestring, and let the protocol
 - fail by itself; however it would be probably better to just report it since it's an internal problem.
 -}
encryptRSA :: ByteString -> TLSSt ByteString
encryptRSA content = do
        st <- get
        let rsakey = fromJust "rsa public key" $ hstRSAPublicKey $ fromJust "handshake" $ stHandshake st
            (v,rng') = withTLSRNG (stRandomGen st) (\g -> kxEncrypt g rsakey content)
         in do put (st { stRandomGen = rng' })
               case v of
                    Left err       -> fail ("rsa encrypt failed: " ++ show err)
                    Right econtent -> return econtent

signRSA :: (ByteString -> ByteString, ByteString) -> ByteString -> TLSSt ByteString
signRSA hsh content = do
        st <- get
        let rsakey = fromJust "rsa client private key" $ hstRSAClientPrivateKey $ fromJust "handshake" $ stHandshake st
        case kxSign rsakey hsh content of
                Left err       -> fail ("rsa sign failed: " ++ show err)
                Right econtent -> return econtent

writePacketContent :: Packet -> TLSSt ByteString
writePacketContent (Handshake hss)    = return $ encodeHandshakes hss
writePacketContent (Alert a)          = return $ encodeAlerts a
writePacketContent (ChangeCipherSpec) = return $ encodeChangeCipherSpec
writePacketContent (AppData x)        = return x
initial import 2010-09-09 21:47:19 +00:00			`-- \|`
			`-- Module : Network.TLS.Sending`
			`-- License : BSD-style`
			`-- Maintainer : Vincent Hanquez <vincent@snarc.org>`
			`-- Stability : experimental`
			`-- Portability : unknown`
			`--`
			`-- the Sending module contains calls related to marshalling packets according`
			`-- to the TLS state`
			`--`
Extend state to hold client private/public keys and add functions for signing and verifying with these keys. 2012-07-13 19:08:23 +00:00			`module Network.TLS.Sending (writePacket, encryptRSA, signRSA) where`
initial import 2010-09-09 21:47:19 +00:00
Create a record type to help type safety 2011-08-12 17:41:49 +00:00			`import Control.Applicative ((<$>))`
initial import 2010-09-09 21:47:19 +00:00			`import Control.Monad.State`

use strict bytestring instead of lazy bytestring. the API stays mostly similar except for clientkeyxchg that need a bytes instead of [word8]. remove lots of unnessary packing/unpacking when setting up ciphers. 2010-09-26 09:34:47 +00:00			`import Data.ByteString (ByteString)`
initial import 2010-09-09 21:47:19 +00:00			`import qualified Data.ByteString as B`

get a util file for some bytestring stuff 2010-09-26 17:51:23 +00:00			`import Network.TLS.Util`
initial import 2010-09-09 21:47:19 +00:00			`import Network.TLS.Struct`
Create a record type to help type safety 2011-08-12 17:41:49 +00:00			`import Network.TLS.Record`
initial import 2010-09-09 21:47:19 +00:00			`import Network.TLS.Packet`
			`import Network.TLS.State`
			`import Network.TLS.Crypto`

			`{-`
			`- 'makePacketData' create a Header and a content bytestring related to a packet`
			`- this doesn't change any state`
			`-}`
Create a record type to help type safety 2011-08-12 17:41:49 +00:00			`makeRecord :: Packet -> TLSSt (Record Plaintext)`
			`makeRecord pkt = do`
expand tabs. 2012-03-27 07:57:51 +00:00			`ver <- stVersion <$> get`
			`content <- writePacketContent pkt`
			`return $ Record (packetType pkt) ver (fragmentPlaintext content)`
initial import 2010-09-09 21:47:19 +00:00
			`{-`
			`- ChangeCipherSpec state change need to be handled after encryption otherwise`
			`- its own packet would be encrypted with the new context, instead of beeing sent`
			`- under the current context`
			`-}`
Create a record type to help type safety 2011-08-12 17:41:49 +00:00			`postprocessRecord :: Record Ciphertext -> TLSSt (Record Ciphertext)`
			`postprocessRecord record@(Record ProtocolType_ChangeCipherSpec _ _) =`
expand tabs. 2012-03-27 07:57:51 +00:00			`switchTxEncryption >> return record`
Create a record type to help type safety 2011-08-12 17:41:49 +00:00			`postprocessRecord record = return record`
initial import 2010-09-09 21:47:19 +00:00
			`{-`
			`- marshall packet data`
			`-}`
Create a record type to help type safety 2011-08-12 17:41:49 +00:00			`encodeRecord :: Record Ciphertext -> TLSSt ByteString`
			`encodeRecord record = return $ B.concat [ encodeHeader hdr, content ]`
expand tabs. 2012-03-27 07:57:51 +00:00			`where (hdr, content) = recordToRaw record`
initial import 2010-09-09 21:47:19 +00:00
new state machine 2010-10-02 21:02:37 +00:00			`{-`
			`- just update TLS state machine`
			`-}`
reflect the fact in types that the record layer record returns list of same header type. 2011-06-10 20:24:46 +00:00			`preProcessPacket :: Packet -> TLSSt ()`
			`preProcessPacket (Alert _) = return ()`
			`preProcessPacket (AppData _) = return ()`
remove the state machine is favor of a straightforward pattern matching state machine. simplify code massively and make it easy to support other packet flow later. 2011-11-29 08:59:41 +00:00			`preProcessPacket (ChangeCipherSpec) = return ()`
reflect the fact in types that the record layer record returns list of same header type. 2011-06-10 20:24:46 +00:00			`preProcessPacket (Handshake hss) = forM_ hss $ \hs -> do`
expand tabs. 2012-03-27 07:57:51 +00:00			`case hs of`
			`Finished fdata -> updateVerifiedData True fdata`
			`_ -> return ()`
Use correct version number, simplify code. 2012-07-26 20:46:59 +00:00			`when (certVerifyHandshakeMaterial hs) $ addHandshakeMessage $ encodeHandshake hs`
Ensure that the same handshake packets are included in the handshake digest for sending and receiving. 2012-07-13 19:23:01 +00:00			`when (finishHandshakeTypeMaterial $ typeOfHandshake hs) (updateHandshakeDigest $ encodeHandshake hs)`
initial import 2010-09-09 21:47:19 +00:00
			`{-`
			`- writePacket transform a packet into marshalled data related to current state`
			`- and updating state on the go`
			`-}`
simplify state manipulation separate the pure state manipulation from the monad doing the IO. add some duplicate helpers to use the new monad. 2011-03-01 20:01:40 +00:00			`writePacket :: Packet -> TLSSt ByteString`
Create a record type to help type safety 2011-08-12 17:41:49 +00:00			`writePacket pkt = do`
expand tabs. 2012-03-27 07:57:51 +00:00			`preProcessPacket pkt`
remove useless symbols. fixes warnings. 2012-10-16 07:02:44 +00:00			`makeRecord pkt >>= engageRecord >>= postprocessRecord >>= encodeRecord`
initial import 2010-09-09 21:47:19 +00:00
			`{------------------------------------------------------------------------------}`
			`{- SENDING Helpers -}`
			`{------------------------------------------------------------------------------}`

			`{- if the RSA encryption fails we just return an empty bytestring, and let the protocol`
			`- fail by itself; however it would be probably better to just report it since it's an internal problem.`
			`-}`
simplify state manipulation separate the pure state manipulation from the monad doing the IO. add some duplicate helpers to use the new monad. 2011-03-01 20:01:40 +00:00			`encryptRSA :: ByteString -> TLSSt ByteString`
initial import 2010-09-09 21:47:19 +00:00			`encryptRSA content = do`
expand tabs. 2012-03-27 07:57:51 +00:00			`st <- get`
			`let rsakey = fromJust "rsa public key" $ hstRSAPublicKey $ fromJust "handshake" $ stHandshake st`
switch to CPRG instead of CryptoRandomGen 2012-12-05 07:47:17 +00:00			`(v,rng') = withTLSRNG (stRandomGen st) (\g -> kxEncrypt g rsakey content)`
			`in do put (st { stRandomGen = rng' })`
			`case v of`
			`Left err -> fail ("rsa encrypt failed: " ++ show err)`
			`Right econtent -> return econtent`
initial import 2010-09-09 21:47:19 +00:00
Harmonize code for pre-1.2 and 1.2 versions. 2012-07-26 21:06:08 +00:00			`signRSA :: (ByteString -> ByteString, ByteString) -> ByteString -> TLSSt ByteString`
Start client certificate support for TLS1.2. Add some checks for matching cert types, sig/hash algorithms, etc. Remove some obsolete FIXMEs and comments. 2012-07-18 20:19:11 +00:00			`signRSA hsh content = do`
Extend state to hold client private/public keys and add functions for signing and verifying with these keys. 2012-07-13 19:08:23 +00:00			`st <- get`
			`let rsakey = fromJust "rsa client private key" $ hstRSAClientPrivateKey $ fromJust "handshake" $ stHandshake st`
Start client certificate support for TLS1.2. Add some checks for matching cert types, sig/hash algorithms, etc. Remove some obsolete FIXMEs and comments. 2012-07-18 20:19:11 +00:00			`case kxSign rsakey hsh content of`
Extend state to hold client private/public keys and add functions for signing and verifying with these keys. 2012-07-13 19:08:23 +00:00			`Left err -> fail ("rsa sign failed: " ++ show err)`
			`Right econtent -> return econtent`

simplify state manipulation separate the pure state manipulation from the monad doing the IO. add some duplicate helpers to use the new monad. 2011-03-01 20:01:40 +00:00			`writePacketContent :: Packet -> TLSSt ByteString`
consider clientkeyxchg as an opaque structure in internal layers, and make/process the content in higher layer. 2011-12-01 08:41:01 +00:00			`writePacketContent (Handshake hss) = return $ encodeHandshakes hss`
reflect the fact in types that the record layer record returns list of same header type. 2011-06-10 20:24:46 +00:00			`writePacketContent (Alert a) = return $ encodeAlerts a`
			`writePacketContent (ChangeCipherSpec) = return $ encodeChangeCipherSpec`
			`writePacketContent (AppData x) = return x`