add a cap file to differenciate protocol version capabilities.
define 2 capabilities for hello extensions and explicit IV. use hello extensions checking in decode / encode of clientHello
This commit is contained in:
parent
8b9054ca5f
commit
c70736cf19
3 changed files with 25 additions and 4 deletions
19
Network/TLS/Cap.hs
Normal file
19
Network/TLS/Cap.hs
Normal file
|
@ -0,0 +1,19 @@
|
|||
-- |
|
||||
-- Module : Network.TLS.Cap
|
||||
-- License : BSD-style
|
||||
-- Maintainer : Vincent Hanquez <vincent@snarc.org>
|
||||
-- Stability : experimental
|
||||
-- Portability : unknown
|
||||
--
|
||||
|
||||
module Network.TLS.Cap
|
||||
( hasHelloExtensions
|
||||
, hasExplicitBlockIV
|
||||
) where
|
||||
|
||||
import Network.TLS.Struct
|
||||
|
||||
hasHelloExtensions, hasExplicitBlockIV :: Version -> Bool
|
||||
|
||||
hasHelloExtensions ver = ver >= TLS12
|
||||
hasExplicitBlockIV ver = ver >= TLS11
|
|
@ -37,13 +37,14 @@ module Network.TLS.Packet
|
|||
) where
|
||||
|
||||
import Data.Word
|
||||
import Network.TLS.Struct
|
||||
import Network.TLS.Cap
|
||||
import Network.TLS.Wire
|
||||
import Data.Either (partitionEithers)
|
||||
import Data.Maybe (fromJust, isNothing)
|
||||
import Control.Applicative ((<$>))
|
||||
import Control.Monad
|
||||
import Control.Monad.Error
|
||||
import Network.TLS.Struct
|
||||
import Data.Certificate.X509
|
||||
import Network.TLS.Crypto
|
||||
import Network.TLS.MAC
|
||||
|
@ -125,7 +126,7 @@ decodeClientHello = do
|
|||
ciphers <- getWords16
|
||||
compressions <- getWords8
|
||||
r <- remaining
|
||||
exts <- if ver >= TLS12 && r > 0
|
||||
exts <- if hasHelloExtensions ver && r > 0
|
||||
then fmap fromIntegral getWord16 >>= getExtensions >>= return . Just
|
||||
else return Nothing
|
||||
return $ ClientHello ver random session ciphers compressions exts
|
||||
|
@ -138,7 +139,7 @@ decodeServerHello = do
|
|||
cipherid <- getWord16
|
||||
compressionid <- getWord8
|
||||
r <- remaining
|
||||
exts <- if ver >= TLS12 && r > 0
|
||||
exts <- if hasHelloExtensions ver && r > 0
|
||||
then fmap fromIntegral getWord16 >>= getExtensions >>= return . Just
|
||||
else return Nothing
|
||||
return $ ServerHello ver random session cipherid compressionid exts
|
||||
|
|
|
@ -43,7 +43,8 @@ Library
|
|||
Network.TLS.Cipher
|
||||
Network.TLS.SRandom
|
||||
Network.TLS.MAC
|
||||
other-modules: Network.TLS.Compression
|
||||
other-modules: Network.TLS.Cap
|
||||
Network.TLS.Compression
|
||||
Network.TLS.Crypto
|
||||
Network.TLS.Packet
|
||||
Network.TLS.State
|
||||
|
|
Loading…
Reference in a new issue