hs-tls/Network/TLS/Core.hs

-- |
-- Module      : Network.TLS.Core
-- License     : BSD-style
-- Maintainer  : Vincent Hanquez <vincent@snarc.org>
-- Stability   : experimental
-- Portability : unknown
--
module Network.TLS.Core
	( TLSParams(..)
	, defaultParams
	) where

import Network.TLS.Struct
import Network.TLS.Cipher
import Network.TLS.Compression
import Network.TLS.Crypto
import Data.Certificate.X509
import Data.List (intercalate)

data TLSParams = TLSParams
	{ pConnectVersion    :: Version             -- ^ version to use on client connection.
	, pAllowedVersions   :: [Version]           -- ^ allowed versions that we can use.
	, pCiphers           :: [Cipher]            -- ^ all ciphers supported ordered by priority.
	, pCompressions      :: [Compression]       -- ^ all compression supported ordered by priority.
	, pWantClientCert    :: Bool                -- ^ request a certificate from client.
	                                            -- use by server only.
	, pCertificates      :: [(X509, Maybe PrivateKey)] -- ^ the cert chain for this context with the associated keys if any.
	, onCertificatesRecv :: ([X509] -> IO Bool) -- ^ callback to verify received cert chain.
	}

defaultParams :: TLSParams
defaultParams = TLSParams
	{ pConnectVersion    = TLS10
	, pAllowedVersions   = [TLS10,TLS11]
	, pCiphers           = []
	, pCompressions      = [nullCompression]
	, pWantClientCert    = False
	, pCertificates      = []
	, onCertificatesRecv = (\_ -> return True)
	}

instance Show TLSParams where
	show p = "TLSParams { " ++ (intercalate "," $ map (\(k,v) -> k ++ "=" ++ v)
		[ ("connectVersion", show $ pConnectVersion p)
		, ("allowedVersions", show $ pAllowedVersions p)
		, ("ciphers", show $ pCiphers p)
		, ("compressions", show $ pCompressions p)
		, ("want-client-cert", show $ pWantClientCert p)
		, ("certificates", show $ length $ pCertificates p)
		]) ++ " }"
unify clientparams and serverparams 2011-03-01 20:01:40 +00:00			`-- \|`
			`-- Module : Network.TLS.Core`
			`-- License : BSD-style`
			`-- Maintainer : Vincent Hanquez <vincent@snarc.org>`
			`-- Stability : experimental`
			`-- Portability : unknown`
			`--`
			`module Network.TLS.Core`
			`( TLSParams(..)`
			`, defaultParams`
			`) where`

			`import Network.TLS.Struct`
			`import Network.TLS.Cipher`
			`import Network.TLS.Compression`
			`import Network.TLS.Crypto`
			`import Data.Certificate.X509`
			`import Data.List (intercalate)`

			`data TLSParams = TLSParams`
			`{ pConnectVersion :: Version -- ^ version to use on client connection.`
			`, pAllowedVersions :: [Version] -- ^ allowed versions that we can use.`
			`, pCiphers :: [Cipher] -- ^ all ciphers supported ordered by priority.`
			`, pCompressions :: [Compression] -- ^ all compression supported ordered by priority.`
			`, pWantClientCert :: Bool -- ^ request a certificate from client.`
			`-- use by server only.`
			`, pCertificates :: [(X509, Maybe PrivateKey)] -- ^ the cert chain for this context with the associated keys if any.`
			`, onCertificatesRecv :: ([X509] -> IO Bool) -- ^ callback to verify received cert chain.`
			`}`

			`defaultParams :: TLSParams`
			`defaultParams = TLSParams`
			`{ pConnectVersion = TLS10`
			`, pAllowedVersions = [TLS10,TLS11]`
			`, pCiphers = []`
			`, pCompressions = [nullCompression]`
			`, pWantClientCert = False`
			`, pCertificates = []`
			`, onCertificatesRecv = (\_ -> return True)`
			`}`

			`instance Show TLSParams where`
			`show p = "TLSParams { " ++ (intercalate "," $ map (\(k,v) -> k ++ "=" ++ v)`
			`[ ("connectVersion", show $ pConnectVersion p)`
			`, ("allowedVersions", show $ pAllowedVersions p)`
			`, ("ciphers", show $ pCiphers p)`
			`, ("compressions", show $ pCompressions p)`
			`, ("want-client-cert", show $ pWantClientCert p)`
			`, ("certificates", show $ length $ pCertificates p)`
			`]) ++ " }"`