yogsototh/hs-tls
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

remove extra directory

Browse source
This commit is contained in:
Vincent Hanquez 2014-01-27 07:28:03 +00:00
parent 7287817fae
commit 7d64ffe5a4
11 changed files with 0 additions and 635 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
extra/.gitignore vendored
View file

@ -1,3 +0,0 @@
dist
*.o
cabal-dev

27
extra/LICENSE
View file

@ -1,27 +0,0 @@
Copyright (c) 2010-2012 Vincent Hanquez <vincent@snarc.org>
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. Neither the name of the author nor the names of his contributors
may be used to endorse or promote products derived from this software
without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
SUCH DAMAGE.

17
extra/Network/TLS/Extra.hs
View file

@ -1,17 +0,0 @@
-- |
-- Module : Network.TLS.Extra
-- License : BSD-style
-- Maintainer : Vincent Hanquez <vincent@snarc.org>
-- Stability : experimental
-- Portability : unknown
--
module Network.TLS.Extra
(
-- * Cipher related definition
module Network.TLS.Extra.Cipher
-- * File helpers
, module Network.TLS.Extra.File
) where
import Network.TLS.Extra.Cipher
import Network.TLS.Extra.File

388
extra/Network/TLS/Extra/Cipher.hs
View file

@ -1,388 +0,0 @@
-- |
-- Module : Network.TLS.Extra.Cipher
-- License : BSD-style
-- Maintainer : Vincent Hanquez <vincent@snarc.org>
-- Stability : experimental
-- Portability : unknown
--
{-# LANGUAGE CPP #-}
{-# LANGUAGE PackageImports #-}
module Network.TLS.Extra.Cipher
(
-- * cipher suite
ciphersuite_all
, ciphersuite_medium
, ciphersuite_strong
, ciphersuite_unencrypted
, ciphersuite_dhe_rsa
, ciphersuite_dhe_dss
-- * individual ciphers
, cipher_null_SHA1
, cipher_null_MD5
, cipher_RC4_128_MD5
, cipher_RC4_128_SHA1
, cipher_AES128_SHA1
, cipher_AES256_SHA1
, cipher_AES128_SHA256
, cipher_AES256_SHA256
, cipher_DHE_RSA_AES128_SHA1
, cipher_DHE_RSA_AES256_SHA1
, cipher_DHE_RSA_AES128_SHA256
, cipher_DHE_RSA_AES256_SHA256
, cipher_DHE_DSS_AES128_SHA1
, cipher_DHE_DSS_AES256_SHA1
, cipher_DHE_DSS_RC4_SHA1
) where
import qualified Data.ByteString as B
import Network.TLS (Version(..))
import Network.TLS.Cipher
import qualified "cipher-rc4" Crypto.Cipher.RC4 as RC4
import qualified Crypto.Hash.SHA256 as SHA256
import qualified Crypto.Hash.SHA1 as SHA1
import qualified Crypto.Hash.MD5 as MD5
import qualified "cipher-aes" Crypto.Cipher.AES as AES
aes_cbc_encrypt :: Key -> IV -> B.ByteString -> B.ByteString
aes_cbc_encrypt key iv d = AES.encryptCBC (AES.initAES key) iv d
aes_cbc_decrypt :: Key -> IV -> B.ByteString -> B.ByteString
aes_cbc_decrypt key iv d = AES.decryptCBC (AES.initAES key) iv d
aes128_cbc_encrypt = aes_cbc_encrypt
aes128_cbc_decrypt = aes_cbc_decrypt
aes256_cbc_encrypt = aes_cbc_encrypt
aes256_cbc_decrypt = aes_cbc_decrypt
toIV :: RC4.Ctx -> IV
toIV (RC4.Ctx ctx) = ctx
toCtx :: IV -> RC4.Ctx
toCtx iv = RC4.Ctx iv
initF_rc4 :: Key -> IV
initF_rc4 key = toIV $ RC4.initCtx key
encryptF_rc4 :: IV -> B.ByteString -> (B.ByteString, IV)
encryptF_rc4 iv d = (\(ctx, e) -> (e, toIV ctx)) $ RC4.combine (toCtx iv) d
decryptF_rc4 :: IV -> B.ByteString -> (B.ByteString, IV)
decryptF_rc4 iv e = (\(ctx, d) -> (d, toIV ctx)) $ RC4.combine (toCtx iv) e
-- | all encrypted ciphers supported ordered from strong to weak.
-- this choice of ciphersuite should satisfy most normal need
ciphersuite_all :: [Cipher]
ciphersuite_all =
[ cipher_DHE_RSA_AES256_SHA256, cipher_DHE_RSA_AES128_SHA256
, cipher_DHE_RSA_AES256_SHA1, cipher_DHE_RSA_AES128_SHA1
, cipher_DHE_DSS_AES256_SHA1, cipher_DHE_DSS_AES128_SHA1
, cipher_AES128_SHA256, cipher_AES256_SHA256
, cipher_AES128_SHA1, cipher_AES256_SHA1
, cipher_DHE_DSS_RC4_SHA1, cipher_RC4_128_SHA1, cipher_RC4_128_MD5
]
-- | list of medium ciphers.
ciphersuite_medium :: [Cipher]
ciphersuite_medium = [cipher_RC4_128_MD5, cipher_RC4_128_SHA1, cipher_AES128_SHA1, cipher_AES256_SHA1]
-- | the strongest ciphers supported.
ciphersuite_strong :: [Cipher]
ciphersuite_strong = [cipher_DHE_RSA_AES256_SHA256, cipher_AES256_SHA256, cipher_AES256_SHA1]
-- | DHE-RSA cipher suite
ciphersuite_dhe_rsa :: [Cipher]
ciphersuite_dhe_rsa = [cipher_DHE_RSA_AES256_SHA256, cipher_DHE_RSA_AES128_SHA256
, cipher_DHE_RSA_AES256_SHA1, cipher_DHE_RSA_AES128_SHA1]
ciphersuite_dhe_dss :: [Cipher]
ciphersuite_dhe_dss = [cipher_DHE_DSS_AES256_SHA1, cipher_DHE_DSS_AES128_SHA1, cipher_DHE_DSS_RC4_SHA1]
-- | all unencrypted ciphers, do not use on insecure network.
ciphersuite_unencrypted :: [Cipher]
ciphersuite_unencrypted = [cipher_null_MD5, cipher_null_SHA1]
bulk_null = Bulk
{ bulkName = "null"
, bulkKeySize = 0
, bulkIVSize = 0
, bulkBlockSize = 0
, bulkF = BulkStreamF (const B.empty) streamId streamId
}
where streamId = \iv b -> (b,iv)
bulk_rc4 = Bulk
{ bulkName = "RC4-128"
, bulkKeySize = 16
, bulkIVSize = 0
, bulkBlockSize = 0
, bulkF = BulkStreamF initF_rc4 encryptF_rc4 decryptF_rc4
}
bulk_aes128 = Bulk
{ bulkName = "AES128"
, bulkKeySize = 16
, bulkIVSize = 16
, bulkBlockSize = 16
, bulkF = BulkBlockF aes128_cbc_encrypt aes128_cbc_decrypt
}
bulk_aes256 = Bulk
{ bulkName = "AES256"
, bulkKeySize = 32
, bulkIVSize = 16
, bulkBlockSize = 16
, bulkF = BulkBlockF aes256_cbc_encrypt aes256_cbc_decrypt
}
hash_md5 = Hash
{ hashName = "MD5"
, hashSize = 16
, hashF = MD5.hash
}
hash_sha1 = Hash
{ hashName = "SHA1"
, hashSize = 20
, hashF = SHA1.hash
}
hash_sha256 = Hash
{ hashName = "SHA256"
, hashSize = 32
, hashF = SHA256.hash
}
-- | unencrypted cipher using RSA for key exchange and MD5 for digest
cipher_null_MD5 :: Cipher
cipher_null_MD5 = Cipher
{ cipherID = 0x1
, cipherName = "RSA-null-MD5"
, cipherBulk = bulk_null
, cipherHash = hash_md5
, cipherKeyExchange = CipherKeyExchange_RSA
, cipherMinVer = Nothing
}
-- | unencrypted cipher using RSA for key exchange and SHA1 for digest
cipher_null_SHA1 :: Cipher
cipher_null_SHA1 = Cipher
{ cipherID = 0x2
, cipherName = "RSA-null-SHA1"
, cipherBulk = bulk_null
, cipherHash = hash_sha1
, cipherKeyExchange = CipherKeyExchange_RSA
, cipherMinVer = Nothing
}
-- | RC4 cipher, RSA key exchange and MD5 for digest
cipher_RC4_128_MD5 :: Cipher
cipher_RC4_128_MD5 = Cipher
{ cipherID = 0x04
, cipherName = "RSA-rc4-128-md5"
, cipherBulk = bulk_rc4
, cipherHash = hash_md5
, cipherKeyExchange = CipherKeyExchange_RSA
, cipherMinVer = Nothing
}
-- | RC4 cipher, RSA key exchange and SHA1 for digest
cipher_RC4_128_SHA1 :: Cipher
cipher_RC4_128_SHA1 = Cipher
{ cipherID = 0x05
, cipherName = "RSA-rc4-128-sha1"
, cipherBulk = bulk_rc4
, cipherHash = hash_sha1
, cipherKeyExchange = CipherKeyExchange_RSA
, cipherMinVer = Nothing
}
-- | AES cipher (128 bit key), RSA key exchange and SHA1 for digest
cipher_AES128_SHA1 :: Cipher
cipher_AES128_SHA1 = Cipher
{ cipherID = 0x2f
, cipherName = "RSA-aes128-sha1"
, cipherBulk = bulk_aes128
, cipherHash = hash_sha1
, cipherKeyExchange = CipherKeyExchange_RSA
, cipherMinVer = Just SSL3
}
-- | AES cipher (256 bit key), RSA key exchange and SHA1 for digest
cipher_AES256_SHA1 :: Cipher
cipher_AES256_SHA1 = Cipher
{ cipherID = 0x35
, cipherName = "RSA-aes256-sha1"
, cipherBulk = bulk_aes256
, cipherHash = hash_sha1
, cipherKeyExchange = CipherKeyExchange_RSA
, cipherMinVer = Just SSL3
}
-- | AES cipher (128 bit key), RSA key exchange and SHA256 for digest
cipher_AES128_SHA256 :: Cipher
cipher_AES128_SHA256 = Cipher
{ cipherID = 0x3c
, cipherName = "RSA-aes128-sha256"
, cipherBulk = bulk_aes128
, cipherHash = hash_sha256
, cipherKeyExchange = CipherKeyExchange_RSA
, cipherMinVer = Just TLS12
}
-- | AES cipher (256 bit key), RSA key exchange and SHA256 for digest
cipher_AES256_SHA256 :: Cipher
cipher_AES256_SHA256 = Cipher
{ cipherID = 0x3d
, cipherName = "RSA-aes256-sha256"
, cipherBulk = bulk_aes256
, cipherHash = hash_sha256
, cipherKeyExchange = CipherKeyExchange_RSA
, cipherMinVer = Just TLS12
}
-- | AES cipher (128 bit key), DHE key exchanged signed by RSA and SHA1 for digest
cipher_DHE_RSA_AES128_SHA1 :: Cipher
cipher_DHE_RSA_AES128_SHA1 = Cipher
{ cipherID = 0x33
, cipherName = "DHE-RSA-AES128-SHA1"
, cipherBulk = bulk_aes128
, cipherHash = hash_sha1
, cipherKeyExchange = CipherKeyExchange_DHE_RSA
, cipherMinVer = Nothing
}
-- | AES cipher (256 bit key), DHE key exchanged signed by RSA and SHA1 for digest
cipher_DHE_RSA_AES256_SHA1 :: Cipher
cipher_DHE_RSA_AES256_SHA1 = cipher_DHE_RSA_AES128_SHA1
{ cipherID = 0x39
, cipherName = "DHE-RSA-AES256-SHA1"
, cipherBulk = bulk_aes256
}
-- | AES cipher (128 bit key), DHE key exchanged signed by DSA and SHA1 for digest
cipher_DHE_DSS_AES128_SHA1 :: Cipher
cipher_DHE_DSS_AES128_SHA1 = Cipher
{ cipherID = 0x32
, cipherName = "DHE-DSA-AES128-SHA1"
, cipherBulk = bulk_aes128
, cipherHash = hash_sha1
, cipherKeyExchange = CipherKeyExchange_DHE_DSS
, cipherMinVer = Nothing
}
-- | AES cipher (256 bit key), DHE key exchanged signed by DSA and SHA1 for digest
cipher_DHE_DSS_AES256_SHA1 :: Cipher
cipher_DHE_DSS_AES256_SHA1 = cipher_DHE_DSS_AES128_SHA1
{ cipherID = 0x38
, cipherName = "DHE-DSA-AES256-SHA1"
, cipherBulk = bulk_aes256
}
cipher_DHE_DSS_RC4_SHA1 :: Cipher
cipher_DHE_DSS_RC4_SHA1 = cipher_DHE_DSS_AES128_SHA1
{ cipherID = 0x66
, cipherName = "DHE-DSA-RC4-SHA1"
, cipherBulk = bulk_rc4
}
cipher_DHE_RSA_AES128_SHA256 :: Cipher
cipher_DHE_RSA_AES128_SHA256 = cipher_DHE_RSA_AES128_SHA1
{ cipherID = 0x67
, cipherName = "DHE-RSA-AES128-SHA256"
, cipherHash = hash_sha256
, cipherMinVer = Just TLS12
}
cipher_DHE_RSA_AES256_SHA256 :: Cipher
cipher_DHE_RSA_AES256_SHA256 = cipher_DHE_RSA_AES128_SHA256
{ cipherID = 0x6b
, cipherName = "DHE-RSA-AES256-SHA256"
, cipherBulk = bulk_aes256
}
{-
TLS 1.0 ciphers definition
CipherSuite TLS_NULL_WITH_NULL_NULL = { 0x00,0x00 };
CipherSuite TLS_RSA_WITH_NULL_MD5 = { 0x00,0x01 };
CipherSuite TLS_RSA_WITH_NULL_SHA = { 0x00,0x02 };
CipherSuite TLS_RSA_EXPORT_WITH_RC4_40_MD5 = { 0x00,0x03 };
CipherSuite TLS_RSA_WITH_RC4_128_MD5 = { 0x00,0x04 };
CipherSuite TLS_RSA_WITH_RC4_128_SHA = { 0x00,0x05 };
CipherSuite TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = { 0x00,0x06 };
CipherSuite TLS_RSA_WITH_IDEA_CBC_SHA = { 0x00,0x07 };
CipherSuite TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x08 };
CipherSuite TLS_RSA_WITH_DES_CBC_SHA = { 0x00,0x09 };
CipherSuite TLS_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x0A };
CipherSuite TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x0B };
CipherSuite TLS_DH_DSS_WITH_DES_CBC_SHA = { 0x00,0x0C };
CipherSuite TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = { 0x00,0x0D };
CipherSuite TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x0E };
CipherSuite TLS_DH_RSA_WITH_DES_CBC_SHA = { 0x00,0x0F };
CipherSuite TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x10 };
CipherSuite TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x11 };
CipherSuite TLS_DHE_DSS_WITH_DES_CBC_SHA = { 0x00,0x12 };
CipherSuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = { 0x00,0x13 };
CipherSuite TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x14 };
CipherSuite TLS_DHE_RSA_WITH_DES_CBC_SHA = { 0x00,0x15 };
CipherSuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x16 };
CipherSuite TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = { 0x00,0x17 };
CipherSuite TLS_DH_anon_WITH_RC4_128_MD5 = { 0x00,0x18 };
CipherSuite TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x19 };
CipherSuite TLS_DH_anon_WITH_DES_CBC_SHA = { 0x00,0x1A };
CipherSuite TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = { 0x00,0x1B };
TLS-DHE-RSA-WITH-AES-128-CBC-SHA {0x00,0x33}
TLS-DHE-RSA-WITH-AES-256-CBC-SHA {0x00,0x39}
TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 {0x00,0x67}
TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 {0x00,0x6B}
TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 {0x00,0x9E}
TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 {0x00,0x9F}
TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA {0x00,0x45}
TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA {0x00,0x88}
TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 {0x00,0xBE}
TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256 {0x00,0xC4}
TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 {0x00,0x7C}
TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA256 {0x00,0x7D}
TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA {0x00,0x16}
TLS-DHE-RSA-WITH-DES-CBC-SHA {0x00,0x15}
TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA {0xC0,0x13}
TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA {0xC0,0x14}
TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 {0xC0,0x27}
TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384 {0xC0,0x28}
TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 {0xC0,0x2F}
TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 {0xC0,0x30}
TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 {0xC0,0x76}
TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384 {0xC0,0x77}
TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 {0xC0,0x8A}
TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 {0xC0,0x8B}
TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA {0xC0,0x12}
TLS-ECDHE-RSA-WITH-RC4-128-SHA {0xC0,0x11}
TLS-ECDHE-RSA-WITH-NULL-SHA {0xC0,0x10}
TLS-PSK-WITH-RC4-128-SHA {0x00,0x8A}
TLS-PSK-WITH-3DES-EDE-CBC-SHA {0x00,0x8B}
TLS-PSK-WITH-AES-128-CBC-SHA {0x00,0x8C}
TLS-PSK-WITH-AES-256-CBC-SHA {0x00,0x8D}
TLS-PSK-WITH-AES-128-CBC-SHA256 {0x00,0xAE}
TLS-PSK-WITH-AES-256-CBC-SHA384 {0x00,0xAF}
TLS-PSK-WITH-AES-128-GCM-SHA256 {0x00,0xA8}
TLS-PSK-WITH-AES-256-GCM-SHA384 {0x00,0xA9}
TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256 {0xC0,0x94}
TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384 {0xC0,0x95}
TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256 {0xC0,0x8D}
TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384 {0xC0,0x8F}
TLS-PSK-WITH-NULL-SHA {0x00,0x2C}
TLS-PSK-WITH-NULL-SHA256 {0x00,0xB4}
TLS-PSK-WITH-NULL-SHA384 {0x00,0xB5}
best ciphers suite description:
<http://www.thesprawl.org/research/tls-and-ssl-cipher-suites/>
-}

12
extra/Network/TLS/Extra/Compression.hs
View file

@ -1,12 +0,0 @@
-- |
-- Module : Network.TLS.Extra.Compression
-- License : BSD-style
-- Maintainer : Vincent Hanquez <vincent@snarc.org>
-- Stability : experimental
-- Portability : unknown
--
module Network.TLS.Extra.Compression
(
) where
--import Network.TLS.Compression

50
extra/Network/TLS/Extra/File.hs
View file

@ -1,50 +0,0 @@
-- |
-- Module : Network.TLS.Extra.File
-- License : BSD-style
-- Maintainer : Vincent Hanquez <vincent@snarc.org>
-- Stability : experimental
-- Portability : unknown
--
-- Simple helpers to load private key and certificate files
-- to be handled by the TLS stack
module Network.TLS.Extra.File
( fileReadCertificate
, fileReadCertificateChain
, fileReadPrivateKey
) where
import Control.Applicative ((<$>))
import Data.X509.File
import Data.X509
-- | read one X509 certificate from a file.
--
-- the certificate must be in the usual PEM format
--
-- If no valid PEM encoded certificate is found in the file
-- this function will raise an error.
fileReadCertificate :: FilePath -> IO SignedCertificate
fileReadCertificate filepath = headError <$> readSignedObject filepath
where headError [] = error ("read certificate: not found in " ++ show filepath)
headError (x:_) = x
-- | read a CertificateChain from a file.
--
-- No checks are performed on the chain itself for validity or consistency.
--
-- the expected format is the list of PEM encoded signed certificate,
-- with the first one being the subject of the chain.
--
fileReadCertificateChain :: FilePath -> IO CertificateChain
fileReadCertificateChain filepath = CertificateChain <$> readSignedObject filepath
-- | read one private key from a file.
--
-- the private key must be in the usual PEM format
--
-- If no valid PEM encoded private key is found in the file
-- this function will raise an error.
fileReadPrivateKey :: FilePath -> IO PrivKey
fileReadPrivateKey filepath = headError <$> readKeyFile filepath
where headError [] = error ("read private key: no key found in " ++ show filepath)
headError (x:_) = x

2
extra/Setup.hs
View file

@ -1,2 +0,0 @@
import Distribution.Simple
main = defaultMain

3
extra/Tests.hs
View file

@ -1,3 +0,0 @@
import qualified Tests.Ciphers as Ciphers
main = Ciphers.runTests

40
extra/Tests/Ciphers.hs
View file

@ -1,40 +0,0 @@
module Tests.Ciphers
( runTests
) where
import Data.Word
import Control.Applicative ((<$>))
import Tests.Common
import Test.QuickCheck
import qualified Data.ByteString as B
import Network.TLS.Cipher
arbitraryKey :: Bulk -> Gen [Word8]
arbitraryKey bulk = vector (fromIntegral $ bulkKeySize bulk)
arbitraryIV :: Bulk -> Gen [Word8]
arbitraryIV bulk = vector (fromIntegral $ bulkIVSize bulk)
arbitraryText :: Bulk -> Gen [Word8]
arbitraryText bulk = vector (fromIntegral $ bulkBlockSize bulk)
bulk_test bulk = run_test n t
where
n = ("bulk: " ++ bulkName bulk ++ ": decrypt . encrypt = id")
t = case bulkF bulk of
BulkBlockF enc dec -> do
key <- B.pack <$> arbitraryKey bulk
iv <- B.pack <$> arbitraryIV bulk
t <- B.pack <$> arbitraryText bulk
return $ block enc dec key iv t
BulkStreamF ktoi enc dec -> do
key <- B.pack <$> arbitraryKey bulk
t <- B.pack <$> arbitraryText bulk
return $ stream ktoi enc dec key t
block e d key iv t = (d key iv . e key iv) t == t
stream ktoi e d key t = (fst . d iv . fst . e iv) t == t
where iv = ktoi key
runTests = mapM_ (bulk_test . cipherBulk) supportedCiphers

32
extra/Tests/Common.hs
View file

@ -1,32 +0,0 @@
module Tests.Common where
import System.IO
import Test.QuickCheck
import Network.TLS (Version(..))
import Network.TLS.Cipher
import Network.TLS.Extra
supportedVersions :: [Version]
supportedVersions = [SSL3, TLS10, TLS11]
supportedCiphers :: [Cipher]
supportedCiphers =
[ cipher_null_MD5
, cipher_null_SHA1
, cipher_AES128_SHA1
, cipher_AES256_SHA1
, cipher_RC4_128_MD5
, cipher_RC4_128_SHA1
]
{- main -}
myQuickCheckArgs = stdArgs
{ replay = Nothing
, maxSuccess = 500
, maxSize = 500
}
run_test n t =
putStr (" " ++ n ++ " ... ") >> hFlush stdout >> quickCheckWith myQuickCheckArgs t
liftM6 f m1 m2 m3 m4 m5 m6 = do { x1 <- m1; x2 <- m2; x3 <- m3; x4 <- m4; x5 <- m5; x6 <- m6; return (f x1 x2 x3 x4 x5 x6) }

61
extra/tls-extra.cabal
View file

@ -1,61 +0,0 @@
Name: tls-extra
Version: 0.7.0
Description:
a set of extra definitions, default values and helpers for tls.
License: BSD3
License-file: LICENSE
Copyright: Vincent Hanquez <vincent@snarc.org>
Author: Vincent Hanquez <vincent@snarc.org>
Maintainer: Vincent Hanquez <vincent@snarc.org>
Synopsis: TLS extra default values and helpers
Build-Type: Simple
Category: Network
stability: experimental
Cabal-Version: >=1.6
Homepage: http://github.com/vincenthz/hs-tls
Flag test
Description: Build unit test
Default: False
Library
Build-Depends: base > 3 && < 5
, tls >= 1.2.0 && < 1.3.0
, mtl
, network >= 2.3
, cryptohash >= 0.6
, bytestring
, x509
, x509-store
, cipher-rc4
, cipher-aes >= 0.2 && < 0.3
, crypto-pubkey >= 0.2.0
, crypto-random
, pem >= 0.1.0 && < 0.3.0
, time
Exposed-modules: Network.TLS.Extra
other-modules: Network.TLS.Extra.Cipher
Network.TLS.Extra.Compression
Network.TLS.Extra.File
ghc-options: -Wall -fno-warn-missing-signatures
if os(windows)
cpp-options: -DNOCERTVERIFY
executable Tests
Main-is: Tests.hs
if flag(test)
Buildable: True
Build-Depends: base >= 3 && < 5
, HUnit
, QuickCheck >= 2
, bytestring
, cprng-aes >= 0.5.0
, cipher-aes >= 0.2 && < 0.3
else
Buildable: False
if os(windows)
cpp-options: -DNOCERTVERIFY
source-repository head
type: git
location: git://github.com/vincenthz/hs-tls