re-indent
This commit is contained in:
parent
5d69715a50
commit
67f01872dd
1 changed files with 212 additions and 219 deletions
|
@ -164,8 +164,8 @@ decodeHandshakeHeader = do
|
|||
return (ty, content)
|
||||
|
||||
decodeHandshakes :: ByteString -> Either TLSError [(HandshakeType, Bytes)]
|
||||
decodeHandshakes b = runGetErr "handshakes" getAll b where
|
||||
getAll = do
|
||||
decodeHandshakes b = runGetErr "handshakes" getAll b
|
||||
where getAll = do
|
||||
x <- decodeHandshakeHeader
|
||||
empty <- isEmpty
|
||||
if empty
|
||||
|
@ -189,8 +189,8 @@ decodeHandshake cp ty = runGetErr "handshake" $ case ty of
|
|||
decodeNextProtocolNegotiation
|
||||
|
||||
decodeDeprecatedHandshake :: ByteString -> Either TLSError Handshake
|
||||
decodeDeprecatedHandshake b = runGetErr "deprecatedhandshake" getDeprecated b where
|
||||
getDeprecated = do
|
||||
decodeDeprecatedHandshake b = runGetErr "deprecatedhandshake" getDeprecated b
|
||||
where getDeprecated = do
|
||||
1 <- getWord8
|
||||
ver <- getVersion
|
||||
cipherSpecLen <- fromEnum <$> getWord16
|
||||
|
@ -277,8 +277,7 @@ decodeCertRequest cp = do
|
|||
-- when (cParamsVersion cp < TLS12 && dNameLen < 3) $ fail "certrequest distinguishname not of the correct size"
|
||||
dNames <- getList (fromIntegral dNameLen) getDName
|
||||
return $ CertRequest certTypes sigHashAlgs dNames
|
||||
where
|
||||
getSignatureHashAlgorithms len = getList (fromIntegral len) (getSignatureHashAlgorithm >>= \sh -> return (2, sh))
|
||||
where getSignatureHashAlgorithms len = getList (fromIntegral len) (getSignatureHashAlgorithm >>= \sh -> return (2, sh))
|
||||
getDName = do
|
||||
dName <- getOpaque16
|
||||
when (B.length dName == 0) $ fail "certrequest: invalid DN length"
|
||||
|
@ -384,8 +383,7 @@ encodeHandshakeContent (CertRequest certTypes sigAlgs certAuthorities) = do
|
|||
Nothing -> return ()
|
||||
Just l -> putWords16 $ map (\(x,y) -> (fromIntegral $ valOfType x) * 256 + (fromIntegral $ valOfType y)) l
|
||||
encodeCertAuthorities certAuthorities
|
||||
where
|
||||
-- Convert a distinguished name to its DER encoding.
|
||||
where -- Convert a distinguished name to its DER encoding.
|
||||
encodeCA dn = return $ encodeASN1' DER (toASN1 dn []) --B.concat $ L.toChunks $ encodeDN dn
|
||||
|
||||
-- Encode a list of distinguished names.
|
||||
|
@ -486,15 +484,13 @@ type PRF = Bytes -> Bytes -> Int -> Bytes
|
|||
generateMasterSecret_SSL :: Bytes -> ClientRandom -> ServerRandom -> Bytes
|
||||
generateMasterSecret_SSL premasterSecret (ClientRandom c) (ServerRandom s) =
|
||||
B.concat $ map (computeMD5) ["A","BB","CCC"]
|
||||
where
|
||||
computeMD5 label = MD5.hash $ B.concat [ premasterSecret, computeSHA1 label ]
|
||||
where computeMD5 label = MD5.hash $ B.concat [ premasterSecret, computeSHA1 label ]
|
||||
computeSHA1 label = SHA1.hash $ B.concat [ label, premasterSecret, c, s ]
|
||||
|
||||
generateMasterSecret_TLS :: PRF -> Bytes -> ClientRandom -> ServerRandom -> Bytes
|
||||
generateMasterSecret_TLS prf premasterSecret (ClientRandom c) (ServerRandom s) =
|
||||
prf premasterSecret seed 48
|
||||
where
|
||||
seed = B.concat [ "master secret", c, s ]
|
||||
where seed = B.concat [ "master secret", c, s ]
|
||||
|
||||
generateMasterSecret :: Version -> Bytes -> ClientRandom -> ServerRandom -> Bytes
|
||||
generateMasterSecret SSL2 = generateMasterSecret_SSL
|
||||
|
@ -510,8 +506,7 @@ generateKeyBlock_TLS prf (ClientRandom c) (ServerRandom s) mastersecret kbsize =
|
|||
generateKeyBlock_SSL :: ClientRandom -> ServerRandom -> Bytes -> Int -> Bytes
|
||||
generateKeyBlock_SSL (ClientRandom c) (ServerRandom s) mastersecret kbsize =
|
||||
B.concat $ map computeMD5 $ take ((kbsize `div` 16) + 1) labels
|
||||
where
|
||||
labels = [ uncurry BC.replicate x | x <- zip [1..] ['A'..'Z'] ]
|
||||
where labels = [ uncurry BC.replicate x | x <- zip [1..] ['A'..'Z'] ]
|
||||
computeMD5 label = MD5.hash $ B.concat [ mastersecret, computeSHA1 label ]
|
||||
computeSHA1 label = SHA1.hash $ B.concat [ label, mastersecret, s, c ]
|
||||
|
||||
|
@ -524,13 +519,11 @@ generateKeyBlock TLS12 = generateKeyBlock_TLS prf_SHA256
|
|||
|
||||
generateFinished_TLS :: PRF -> Bytes -> Bytes -> HashCtx -> Bytes
|
||||
generateFinished_TLS prf label mastersecret hashctx = prf mastersecret seed 12
|
||||
where
|
||||
seed = B.concat [ label, hashFinal hashctx ]
|
||||
where seed = B.concat [ label, hashFinal hashctx ]
|
||||
|
||||
generateFinished_SSL :: Bytes -> Bytes -> HashCtx -> Bytes
|
||||
generateFinished_SSL sender mastersecret hashctx = B.concat [md5hash, sha1hash]
|
||||
where
|
||||
md5hash = MD5.hash $ B.concat [ mastersecret, pad2, md5left ]
|
||||
where md5hash = MD5.hash $ B.concat [ mastersecret, pad2, md5left ]
|
||||
sha1hash = SHA1.hash $ B.concat [ mastersecret, B.take 40 pad2, sha1left ]
|
||||
|
||||
lefthash = hashFinal $ flip hashUpdateSSL (pad1, B.take 40 pad1)
|
||||
|
|
Loading…
Reference in a new issue