yogsototh/hs-tls
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
263 commits 1 branch 11 tags 1.7 MiB
Commit graph

263 commits

This branch
This branch
All branches
Author SHA1 Message Date
Vincent Hanquez
e5aebd8ad5 move back to mtl 2010-11-04 19:01:38 +00:00
Vincent Hanquez
863c09e0d4 put the throwError inside the runGet instead of outside. 
related to a monad either overlapping report.
 2010-11-03 23:06:04 +00:00
Vincent Hanquez
f4841baa80 add support for quickcheck 2.3 2010-11-03 23:04:03 +00:00
Vincent Hanquez
721f07ec0a align base between library and executable 2010-11-02 08:26:50 +00:00
Vincent Hanquez
6314709a84 put back the upper limit 2010-11-02 08:06:32 +00:00
Vincent Hanquez
0d342a68f7 use monads-fd instead of mtl 2010-10-24 12:02:45 +01:00
Vincent Hanquez
7a5139c5ce depends on cryptohash 0.6 and adapt to the new modules location. 2010-10-24 12:02:41 +01:00
Vincent Hanquez
3210758258 update cabal file and bump version to 0.2 2010-10-06 09:21:20 +01:00
Vincent Hanquez
a1469322e4 don't check padding content in SSL3 mode 2010-10-06 09:15:36 +01:00
Vincent Hanquez
f54be74cc4 properly encode RSA structure without extra length when doing SSL3 2010-10-06 09:11:57 +01:00
Vincent Hanquez
cfff801bd9 properly finish SSL3 digest computation. 
change the cipher structure to contain the hash algorithm
instead of the mac algorithm.
 2010-10-06 09:07:48 +01:00
Vincent Hanquez
1bbd893e95 use modify instead of get >>= put (and same for modifyTLS) 2010-10-05 18:48:32 +01:00
Vincent Hanquez
3c2ebe5c08 more generation of SSL block/finished values. 2010-10-05 18:48:28 +01:00
Vincent Hanquez
9c4a3a0223 use the AES rng as the TLSState rng, and generate random bytes on demand 
client/premaster/secret random bytes are now generated by the TLSstate rng
on demand, simplifying the use of basic routines (connect/listen) and the
renegociation process.

also the AES rng is a CPRNG, compared to system.random PRNG, which
might gives a better warmer fuzzy random feeling.
 2010-10-03 11:23:12 +01:00
Vincent Hanquez
6a9296727b improve the regeneration of client and server rng datas 2010-10-03 11:01:22 +01:00
Vincent Hanquez
10e7329bb5 requires certificate v0.3 2010-10-03 10:32:37 +01:00
Vincent Hanquez
9641ca7c83 add prototype to processServerInfo 2010-10-03 10:32:23 +01:00
Vincent Hanquez
c1a273f5d4 bump version to 0.1.4 2010-10-02 22:42:13 +01:00
Vincent Hanquez
383cf4c021 properly handle multiple packet fragments. 
as a bonus it cleans lots of differents part since the state machine
is inside receiving/sending code
 2010-10-02 22:41:00 +01:00
Vincent Hanquez
e189f37a67 new state machine 2010-10-02 22:02:37 +01:00
Vincent Hanquez
5a6ff3abe8 take in account that we can receive multiple handshakes in the same tls fragment. 2010-10-02 10:58:41 +01:00
Vincent Hanquez
8049ad6c6f add a way to update Digest when we have a handshaket type and the content of the header 2010-10-02 10:54:49 +01:00
Vincent Hanquez
eb3ed06af1 add TLS state machine to track that we receive correct message at the correct type 2010-10-02 10:32:29 +01:00
Vincent Hanquez
d188a180cc refactorize receiving packet thing 2010-10-02 09:09:46 +01:00
Vincent Hanquez
0c1dfe0837 bump version to 0.1.3 2010-09-27 08:14:46 +01:00
Vincent Hanquez
f033a0d973 reorganize the way we decrypt data to be nicer. 
as a bonus, finally check if padding is valid.
 2010-09-26 20:56:51 +01:00
Vincent Hanquez
6d1e38a337 add partition3 utility 2010-09-26 20:56:47 +01:00
Vincent Hanquez
07bfcd2094 typo 2010-09-26 20:54:14 +01:00
Vincent Hanquez
49a32f5e82 add util file in cabal 2010-09-26 18:52:58 +01:00
Vincent Hanquez
cd2f8f8ee2 get a util file for some bytestring stuff 2010-09-26 18:51:23 +01:00
Vincent Hanquez
148f4e467c update TODO 2010-09-26 17:04:28 +01:00
Vincent Hanquez
349406b64a remove data.word 2010-09-26 16:33:39 +01:00
Vincent Hanquez
2f76b2a245 add non finished method to generate finished content for protocol < TLS10 2010-09-26 16:32:28 +01:00
Vincent Hanquez
60de6551e4 add missing signature 2010-09-26 16:07:29 +01:00
Vincent Hanquez
c664f30407 add support for SSL generation of master secret 2010-09-26 16:07:14 +01:00
Vincent Hanquez
fc4c76862c use specified version when initiating connection. 2010-09-26 15:31:46 +01:00
Vincent Hanquez
938e8db365 remove dead field 2010-09-26 15:31:35 +01:00
Vincent Hanquez
756de301c5 allow TLS1.1 in the stunnel example. however still default to TLS1.0. 2010-09-26 15:02:59 +01:00
Vincent Hanquez
9f5e19758d remove the gnutls item from the TODO. it's working in TLS1.1 and TLS1.0. 2010-09-26 14:58:50 +01:00
Vincent Hanquez
f37b2e3bce support TLS1.1 explicit block IV 
despite the fact that it works, it's missing a step at key block set time,
so that we don't use the computed IV, but use a random generated one seeded by
the computed IV.
 2010-09-26 14:57:35 +01:00
Vincent Hanquez
b71ea6729c remove few more unpacking/packing 2010-09-26 10:37:20 +01:00
Vincent Hanquez
8f91009884 use strict bytestring instead of lazy bytestring. 
the API stays mostly similar except for clientkeyxchg that need a bytes instead of [word8].
remove lots of unnessary packing/unpacking when setting up ciphers.
 2010-09-26 10:34:47 +01:00
Vincent Hanquez
c70736cf19 add a cap file to differenciate protocol version capabilities. 
define 2 capabilities for hello extensions and explicit IV.
use hello extensions checking in decode / encode of clientHello
 2010-09-26 08:46:09 +01:00
Vincent Hanquez
8b9054ca5f add homepage link 2010-09-25 23:17:30 +01:00
Vincent Hanquez
2fd8087211 remove the haskell98 dependency and switch to the random package. 2010-09-24 08:30:25 +01:00
Vincent Hanquez
53287505d1 bump version 0.1.2 2010-09-22 18:32:45 +01:00
Vincent Hanquez
663436a3cb expose some needed modules and expose TLSClient type 
(noticed by Michael Snoyman)
 2010-09-22 18:31:42 +01:00
Vincent Hanquez
cb850131da add a server callbacks when receiving Certificates 2010-09-20 08:45:41 +01:00
Vincent Hanquez
3d4c69da9e tidy up imports 2010-09-19 10:50:37 +01:00
Vincent Hanquez
2fe1d7e99a use <$> instead of fmap 2010-09-19 10:49:42 +01:00