yogsototh/hs-tls
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
366 commits 1 branch 11 tags 1.7 MiB
Commit graph

44 commits

Author SHA1 Message Date
Vincent Hanquez
9da6b9c8c8 expand tabs. 2012-03-27 08:57:51 +01:00
Lennart Kolmodin
2ed8c777b6 Add client side of Next Protocol Negotiation. 2012-02-16 12:13:13 +04:00
Lennart Kolmodin
ab2a28ada6 Use callback instead of static state for supported NPN protocols. 
onSuggestNextProtocols in TLSParams.
Expose getNegotiatedProtocol to users.
Fix condition for when to understand NPN messages.
 2012-02-12 22:59:19 +04:00
Lennart Kolmodin
e3e7e3c02a Partial, but working, implementation of serverside NPN. 2012-02-08 13:20:28 +04:00
Vincent Hanquez
c17aa30599 prepare source for NPN. 2012-02-07 21:24:30 +00:00
Vincent Hanquez
6f02bb8548 generate key block when setting the master secret. 2011-12-20 07:41:15 +00:00
Vincent Hanquez
53a7b48c15 add new state for session tracking. 2011-12-20 07:38:35 +00:00
Vincent Hanquez
34b186b852 differentiate set master secret from a premaster secret or an already existing master secret 2011-12-20 07:30:19 +00:00
Vincent Hanquez
adf45a537d handle digest update after processing the packet 2011-12-01 08:42:43 +00:00
Vincent Hanquez
2a685b2601 remove the state machine is favor of a straightforward pattern matching state machine. 
simplify code massively and make it easy to support other packet flow later.
 2011-11-29 08:59:41 +00:00
Vincent Hanquez
7d24f39c50 directly put the hash in the new empty handshake instead of using a maybe. 2011-08-17 20:50:30 +01:00
Vincent Hanquez
6d5585c74a switch to one hashctx that can contains 2 hashctx, and add a special updateSSL for SSL3. 2011-08-14 16:18:09 +01:00
Vincent Hanquez
68be94060e update hash interface to hide the state through typeclass and existentialquantification. 2011-08-14 14:34:34 +01:00
Vincent Hanquez
a3b7419f8b Define hash structure to save some repetition 2011-08-13 12:30:36 +01:00
Vincent Hanquez
b72c6328b0 remove the keyblocksize that is redundant and easily calculated from other fields. 2011-08-13 12:04:23 +01:00
Vincent Hanquez
bd2a00782b rename bulk functions to be prefixed by bulk not cipher 2011-08-13 11:17:51 +01:00
Vincent Hanquez
7522d87ca3 introduce a bulk object to separate the cipher object creation by chunks 
limit code movement by reusing the same name
 2011-08-13 11:06:23 +01:00
Vincent Hanquez
84ace35a7e add an helper to use the compression context easily 2011-08-12 18:33:28 +01:00
Vincent Hanquez
abc571223a Change compression API to work properly. 
- distinguish compression from decompression
- add a context
- move from a record structure to typeclass + wrapping data for hiding the existential quantification.
 2011-08-12 18:31:58 +01:00
Vincent Hanquez
b34af4195f fix compilation error 2011-08-07 10:03:34 +01:00
Vincent Hanquez
9591a395a9 use functor <$> instead of maybe 2011-07-07 22:21:23 +01:00
Vincent Hanquez
96e6979ed4 misc change and start to trickle through the support for secure renegotiation 2011-06-07 08:13:43 +01:00
Vincent Hanquez
d3de5de4cd add way to store verified data and to activate/deactivate the feature 2011-06-07 07:41:31 +01:00
Vincent Hanquez
cead67c558 add secure renegociation flag in state 2011-06-06 08:03:18 +01:00
Vincent Hanquez
f464927a0b add a structure to parametrize decoding encoding related to version, key exchange type, ... 2011-05-12 09:13:53 +01:00
Vincent Hanquez
a7aaa3eee7 Remove the hardcoded srandomgen in favor of any cryptorandomgen instance. 
srandomgen is available separately in the cprng-aes package as Crypto.Random.AESCtr
 2011-04-11 19:56:43 +01:00
Vincent Hanquez
9083c53453 style change and use modify instead of get/put 2011-03-01 20:01:40 +00:00
Vincent Hanquez
6a0578ad0c simplify state manipulation 
separate the pure state manipulation from the monad doing the IO.
add some duplicate helpers to use the new monad.
 2011-03-01 20:01:40 +00:00
Vincent Hanquez
693891ad0c add a dedicated fromJust 
compared to the normal fromJust, it take an extra string to report
what kind of fromJust we were doing. it's quite valuable when
shuffling code and assertion break.

at some point, it need to be removed completely in favor of better types
that better reflect the actual state on the connection.
 2011-02-20 08:37:19 +00:00
Vincent Hanquez
857a4a06b8 add some assertion checking 2011-01-05 09:24:58 +00:00
Vincent Hanquez
cfff801bd9 properly finish SSL3 digest computation. 
change the cipher structure to contain the hash algorithm
instead of the mac algorithm.
 2010-10-06 09:07:48 +01:00
Vincent Hanquez
1bbd893e95 use modify instead of get >>= put (and same for modifyTLS) 2010-10-05 18:48:32 +01:00
Vincent Hanquez
3c2ebe5c08 more generation of SSL block/finished values. 2010-10-05 18:48:28 +01:00
Vincent Hanquez
6a9296727b improve the regeneration of client and server rng datas 2010-10-03 11:01:22 +01:00
Vincent Hanquez
383cf4c021 properly handle multiple packet fragments. 
as a bonus it cleans lots of differents part since the state machine
is inside receiving/sending code
 2010-10-02 22:41:00 +01:00
Vincent Hanquez
e189f37a67 new state machine 2010-10-02 22:02:37 +01:00
Vincent Hanquez
8049ad6c6f add a way to update Digest when we have a handshaket type and the content of the header 2010-10-02 10:54:49 +01:00
Vincent Hanquez
eb3ed06af1 add TLS state machine to track that we receive correct message at the correct type 2010-10-02 10:32:29 +01:00
Vincent Hanquez
cd2f8f8ee2 get a util file for some bytestring stuff 2010-09-26 18:51:23 +01:00
Vincent Hanquez
2f76b2a245 add non finished method to generate finished content for protocol < TLS10 2010-09-26 16:32:28 +01:00
Vincent Hanquez
c664f30407 add support for SSL generation of master secret 2010-09-26 16:07:14 +01:00
Vincent Hanquez
938e8db365 remove dead field 2010-09-26 15:31:35 +01:00
Vincent Hanquez
8f91009884 use strict bytestring instead of lazy bytestring. 
the API stays mostly similar except for clientkeyxchg that need a bytes instead of [word8].
remove lots of unnessary packing/unpacking when setting up ciphers.
 2010-09-26 10:34:47 +01:00
Vincent Hanquez
0b5a0dc548 initial import 2010-09-09 22:47:19 +01:00