yogsototh/hs-tls
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
363 commits 1 branch 11 tags 1.7 MiB
Commit graph

363 commits

This branch
This branch
All branches
Author SHA1 Message Date
Vincent Hanquez
fc420e13f8 add nullCompression and an instance of show for compression data. 2011-03-01 20:01:40 +00:00
Vincent Hanquez
bafea87656 bump tls version to 0.3.3 2011-02-20 17:43:10 +00:00
Vincent Hanquez
ccfc30c2df bump certificate version to 0.7 minimum 2011-02-20 17:43:10 +00:00
Vincent Hanquez
d592c7aad7 update for latest certificate 0.7 2011-02-20 17:43:10 +00:00
Vincent Hanquez
deb8082647 misc change to arbitrary stuff 2011-02-20 17:43:09 +00:00
Vincent Hanquez
cffafdb421 stylistic change in cabal file. 2011-02-20 17:35:09 +00:00
Vincent Hanquez
c6154ae126 fix a bug with SSL3 during the creation of crypt state. 
The test for partition was too strict, and the SSL3 generator
is quite likely to generate more data whereas the TLS generator
generate the correct amount every time.

now bigger bytestring than necessary are now valid as well.
 2011-02-20 08:49:23 +00:00
Vincent Hanquez
90b7a0fd9b remove the need for CPP using stdArgs instead of Args 2011-02-20 08:49:08 +00:00
Vincent Hanquez
0132190eb9 bump crypto-api to >= 0.5 2011-02-20 08:37:31 +00:00
Vincent Hanquez
693891ad0c add a dedicated fromJust 
compared to the normal fromJust, it take an extra string to report
what kind of fromJust we were doing. it's quite valuable when
shuffling code and assertion break.

at some point, it need to be removed completely in favor of better types
that better reflect the actual state on the connection.
 2011-02-20 08:37:19 +00:00
Vincent Hanquez
22ea02ffe4 move to certificate >= 0.6 2011-02-20 08:35:14 +00:00
Vincent Hanquez
4458931597 prepend which side (client/server) had an exception 2011-02-20 08:21:02 +00:00
Vincent Hanquez
a3ea15886f use AES in cryptocipher 0.2.5 2011-02-20 08:13:53 +00:00
Vincent Hanquez
af02dd0839 add stricter partition(3|6) utils that doesn't use wire (and thus no binary) 2011-01-05 09:24:58 +00:00
Vincent Hanquez
857a4a06b8 add some assertion checking 2011-01-05 09:24:58 +00:00
Vincent Hanquez
a78162e298 add support for ciphers without encryption. 2011-01-05 09:24:58 +00:00
Vincent Hanquez
54640db618 add cipher 0x1 and 0x2 (no encryption with RSA) 2011-01-05 09:24:46 +00:00
Vincent Hanquez
e5e331fdf1 move to certificate 0.5 2011-01-02 09:49:21 +00:00
Vincent Hanquez
4cd29853a6 bump version to 0.3.2 2010-12-15 11:55:40 +00:00
Vincent Hanquez
8aa4fdc3ea certificate upgrade to 0.4 and fixup tests 2010-12-14 23:27:02 +00:00
Vincent Hanquez
3020ba5c28 allow SSL3 in stunnel 2010-12-14 23:26:51 +00:00
Vincent Hanquez
18cf6a5392 test ciphers in a basic fashion for now. 2010-12-07 09:15:34 +00:00
Vincent Hanquez
4b3cd2c2f7 export key/iv 2010-12-07 09:15:22 +00:00
Vincent Hanquez
4b00c76e19 move supportedVersions and supportedCiphers in common 2010-12-07 09:02:38 +00:00
Vincent Hanquez
701643a863 remove old comment 2010-12-06 22:54:56 +00:00
Vincent Hanquez
4c3fe2fa64 actualize TODO 2010-12-06 22:54:18 +00:00
Vincent Hanquez
bec3255ff3 add a (non-valid) signature, otherwise test fail. 2010-12-06 08:18:16 +00:00
Vincent Hanquez
ebd5ad9937 add testing of certificates into the marshaller 2010-12-06 08:12:34 +00:00
Vincent Hanquez
06fddf5065 add a module to generate certificates 2010-12-06 08:07:05 +00:00
Vincent Hanquez
baa2baecfc Test arbitrary clientstate and serverstate for protocol initiate 
this gives a useful test coverage of possibles connections parameters
regarding versions, ciphers, etc that the user can choose, and check
that it all lead to a TLS connected state.
 2010-12-04 13:10:49 +00:00
Vincent Hanquez
ccbd2f4ca4 move liftM6 into common 2010-12-04 13:09:42 +00:00
Vincent Hanquez
9796739ce0 add some instances of show for serverparams. 2010-12-04 13:09:02 +00:00
Vincent Hanquez
b3a8c1e1d6 add an instance of Eq for Ciphers. if two cipherID are eq then it's eq. 2010-12-04 13:08:38 +00:00
Vincent Hanquez
32913e0f0f start factoring out helpers so that we can make more connection tests 2010-12-04 12:09:38 +00:00
Vincent Hanquez
a59a0d840c minor quickcheck changes 2010-12-03 07:22:48 +00:00
Vincent Hanquez
07da6e5b06 Add monadic IO test that establish connection from a client and server. 
The test establish a TLS connection on a socketpair, and then
check that by injecting arbitrary data in the client we receive
the exact same thing on the server side.

The test need more sophistication in general, as to arbitrarily test
TLS versions, different ciphers & key exchange, certificates, etc.
 2010-11-30 08:31:09 +00:00
Vincent Hanquez
bc638906f2 move the marshal test into a specific file. 2010-11-30 08:26:22 +00:00
Vincent Hanquez
c9f4cbbd70 create a common test file 2010-11-30 08:21:10 +00:00
Vincent Hanquez
2f9563b2cd increase warning levels for stunnel 2010-11-30 08:19:38 +00:00
Vincent Hanquez
c09f90316f Improve stunnel example to behave more like a stunnel program. 
The client side is behaving like a real stunnel now, waiting local connection
and relaying it through the TLS connection and back to the local connection.

The server side is improved, however it doesn't properly relay it to the local
port on the server. For now it prints the message to stdout and reply a constant
to a client. it waits for EOF from the client before finishing.
 2010-11-30 08:12:49 +00:00
Vincent Hanquez
a2896bce31 add options to bind to unix socket or file descriptor 2010-11-28 11:50:55 +00:00
Vincent Hanquez
95c94749d2 use cmdargs in stunnel instead of GetArgs 
prepare options for the implementation of an actual stunnel program,
where data are relayed from encrypted to normal connection and vice versa.
 2010-11-28 11:37:36 +00:00
Vincent Hanquez
d787160713 rename connect in client module to initiate. 
add a deprecated pragma for connect and keep it for compatibility
 2010-11-28 10:30:05 +00:00
Vincent Hanquez
e48584cbbb bump version to 0.3.1 2010-11-07 10:21:57 +00:00
Vincent Hanquez
03a5a8c3c9 certificate need at least 0.3.2 and cereal 0.3. 2010-11-07 10:21:32 +00:00
Vincent Hanquez
d061b37730 remove RandomGen generator and provide a reseed functions to regenerate the RNG. 2010-11-07 10:19:12 +00:00
Vincent Hanquez
c25f1ae72d bump version to 0.3 2010-11-04 19:12:00 +00:00
Vincent Hanquez
a95dd8f45e Generalize key exchange and use in-house RSA. 
Remove need for spoon, since RSA will fails gracefully.
Add support for full private key format for fast decryption.
Generalization of key exchange to add future support for DH, etc.
 2010-11-04 19:10:00 +00:00
Vincent Hanquez
65942b945f massive change on the RNG and add support for CryptoRandomGen 
use an inline AES counter system to generate random data.
 2010-11-04 19:05:36 +00:00
Vincent Hanquez
c8d3931c83 add cereal and depends on crypto-api 2010-11-04 19:02:04 +00:00