yogsototh/hs-tls
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
444 commits 1 branch 11 tags 1.7 MiB
Commit graph

59 commits

Author SHA1 Message Date
Martin Grabmueller
6f1b13fc5a Add client cert support for SSL3. 2012-07-28 14:22:16 +02:00
Martin Grabmueller
a285eb345c Merge remote-tracking branch 'upstream/next' into client-certificate 
Conflicts:
	Network/TLS/Context.hs
	Network/TLS/Record/Disengage.hs
 2012-07-26 23:17:08 +02:00
Martin Grabmueller
8c18de4e66 Small optimization. 2012-07-26 23:08:31 +02:00
Martin Grabmueller
9aa9675d0c Use correct version number, simplify code. 2012-07-26 22:46:59 +02:00
Vincent Hanquez
c7c394d56e [SECURITY] add empty TLS packets before appdata 
Add empty appdata packet before appdata, when using <= TLS10 and using a
block cipher, to workaround the security problem related to CBC residue,
and the fact that it could be guessed by a malicious user, leading to
disclosure of secrets.
 2012-07-23 08:54:25 +01:00
Martin Grabmueller
92686e1457 Fix broken negotiation by separating active from pending crypt/mac states. 2012-07-18 17:32:26 +02:00
Martin Grabmueller
a348a56659 Clean up and simplify code. 2012-07-18 16:35:48 +02:00
Martin Grabmueller
c799b18c4c Fix encoding of CertRequest, so that encoding and decoding are inverses. 2012-07-17 17:33:11 +02:00
Martin Grabmueller
039c7d254e Separate finish from certificate verify digests. Will make it easier to support TLS1.2. 2012-07-16 16:19:48 +02:00
Martin Grabmueller
3c46042ce5 Integrate client certificate settings into RoleParams, 
remember client cert chain for use after handshake has
finished.
 2012-07-16 14:36:44 +02:00
Martin Grabmueller
2b101b6fa7 Add function for retrieving certificate verify digest. 2012-07-13 21:18:05 +02:00
Martin Grabmueller
e9abea6cb2 Extend state to hold information about ongoing client certificate exchange. 2012-07-13 21:16:46 +02:00
Martin Grabmueller
797f7822e4 Extend state to hold client private/public keys and add 
functions for signing and verifying with these keys.
 2012-07-13 21:08:23 +02:00
Felipe Lessa
cb0cb14732 Define 'state' only for mtl >= 2.1. 
Conflicts:

	Network/TLS/State.hs
 2012-04-20 21:08:53 +01:00
Felipe Lessa
3f280e2d70 Define MonadState TLSSt's state function. 
For some reason that I still don't know, when using state's
default definition with libraries

         base-4.5.0.0-40b99d05fae6a4eea95ea69e6e0c9702
         bytestring-0.9.2.1-18f26186028d7c0e92e78edc9071d376
         cereal-0.3.5.1-c85af6bc266354ac7b256440db39e874
         certificate-1.2.1-c61f160cdafc328081aeb08858403878
         crypto-api-0.10.1-a0c00402b73cec065108abe95d6cfaf2
         cryptocipher-0.3.0-d1785d4907a85f72ffd670491df324f2
         cryptohash-0.7.4-f6e253339d77757de756f81f77755b35
         mtl-2.1-e90c46af21f3870cee46f6218510d29d

I get <<loop>> for anything that uses the 'modify' function
(which in turn is defined in terms of 'state').  In particular, I
get it for 'startHandshakeClient' which is used in the beginning
by all tls clients.  For example,

  $ tls-simpleclient graph.facebook.com 443
  tls-simpleclient: <<loop>>

This commit fixes this bug.

(This is a harmless commit in the sense that even if I don't know
why this bug was happenning, it doesn't hurt to have an explicit
definition of 'state' -- it may actually save a few nanoseconds
here and there.)

Conflicts:

	Network/TLS/State.hs
 2012-04-20 21:07:08 +01:00
Vincent Hanquez
9da6b9c8c8 expand tabs. 2012-03-27 08:57:51 +01:00
Lennart Kolmodin
2ed8c777b6 Add client side of Next Protocol Negotiation. 2012-02-16 12:13:13 +04:00
Lennart Kolmodin
ab2a28ada6 Use callback instead of static state for supported NPN protocols. 
onSuggestNextProtocols in TLSParams.
Expose getNegotiatedProtocol to users.
Fix condition for when to understand NPN messages.
 2012-02-12 22:59:19 +04:00
Lennart Kolmodin
e3e7e3c02a Partial, but working, implementation of serverside NPN. 2012-02-08 13:20:28 +04:00
Vincent Hanquez
c17aa30599 prepare source for NPN. 2012-02-07 21:24:30 +00:00
Vincent Hanquez
6f02bb8548 generate key block when setting the master secret. 2011-12-20 07:41:15 +00:00
Vincent Hanquez
53a7b48c15 add new state for session tracking. 2011-12-20 07:38:35 +00:00
Vincent Hanquez
34b186b852 differentiate set master secret from a premaster secret or an already existing master secret 2011-12-20 07:30:19 +00:00
Vincent Hanquez
adf45a537d handle digest update after processing the packet 2011-12-01 08:42:43 +00:00
Vincent Hanquez
2a685b2601 remove the state machine is favor of a straightforward pattern matching state machine. 
simplify code massively and make it easy to support other packet flow later.
 2011-11-29 08:59:41 +00:00
Vincent Hanquez
7d24f39c50 directly put the hash in the new empty handshake instead of using a maybe. 2011-08-17 20:50:30 +01:00
Vincent Hanquez
6d5585c74a switch to one hashctx that can contains 2 hashctx, and add a special updateSSL for SSL3. 2011-08-14 16:18:09 +01:00
Vincent Hanquez
68be94060e update hash interface to hide the state through typeclass and existentialquantification. 2011-08-14 14:34:34 +01:00
Vincent Hanquez
a3b7419f8b Define hash structure to save some repetition 2011-08-13 12:30:36 +01:00
Vincent Hanquez
b72c6328b0 remove the keyblocksize that is redundant and easily calculated from other fields. 2011-08-13 12:04:23 +01:00
Vincent Hanquez
bd2a00782b rename bulk functions to be prefixed by bulk not cipher 2011-08-13 11:17:51 +01:00
Vincent Hanquez
7522d87ca3 introduce a bulk object to separate the cipher object creation by chunks 
limit code movement by reusing the same name
 2011-08-13 11:06:23 +01:00
Vincent Hanquez
84ace35a7e add an helper to use the compression context easily 2011-08-12 18:33:28 +01:00
Vincent Hanquez
abc571223a Change compression API to work properly. 
- distinguish compression from decompression
- add a context
- move from a record structure to typeclass + wrapping data for hiding the existential quantification.
 2011-08-12 18:31:58 +01:00
Vincent Hanquez
b34af4195f fix compilation error 2011-08-07 10:03:34 +01:00
Vincent Hanquez
9591a395a9 use functor <$> instead of maybe 2011-07-07 22:21:23 +01:00
Vincent Hanquez
96e6979ed4 misc change and start to trickle through the support for secure renegotiation 2011-06-07 08:13:43 +01:00
Vincent Hanquez
d3de5de4cd add way to store verified data and to activate/deactivate the feature 2011-06-07 07:41:31 +01:00
Vincent Hanquez
cead67c558 add secure renegociation flag in state 2011-06-06 08:03:18 +01:00
Vincent Hanquez
f464927a0b add a structure to parametrize decoding encoding related to version, key exchange type, ... 2011-05-12 09:13:53 +01:00
Vincent Hanquez
a7aaa3eee7 Remove the hardcoded srandomgen in favor of any cryptorandomgen instance. 
srandomgen is available separately in the cprng-aes package as Crypto.Random.AESCtr
 2011-04-11 19:56:43 +01:00
Vincent Hanquez
9083c53453 style change and use modify instead of get/put 2011-03-01 20:01:40 +00:00
Vincent Hanquez
6a0578ad0c simplify state manipulation 
separate the pure state manipulation from the monad doing the IO.
add some duplicate helpers to use the new monad.
 2011-03-01 20:01:40 +00:00
Vincent Hanquez
693891ad0c add a dedicated fromJust 
compared to the normal fromJust, it take an extra string to report
what kind of fromJust we were doing. it's quite valuable when
shuffling code and assertion break.

at some point, it need to be removed completely in favor of better types
that better reflect the actual state on the connection.
 2011-02-20 08:37:19 +00:00
Vincent Hanquez
857a4a06b8 add some assertion checking 2011-01-05 09:24:58 +00:00
Vincent Hanquez
cfff801bd9 properly finish SSL3 digest computation. 
change the cipher structure to contain the hash algorithm
instead of the mac algorithm.
 2010-10-06 09:07:48 +01:00
Vincent Hanquez
1bbd893e95 use modify instead of get >>= put (and same for modifyTLS) 2010-10-05 18:48:32 +01:00
Vincent Hanquez
3c2ebe5c08 more generation of SSL block/finished values. 2010-10-05 18:48:28 +01:00
Vincent Hanquez
6a9296727b improve the regeneration of client and server rng datas 2010-10-03 11:01:22 +01:00
Vincent Hanquez
383cf4c021 properly handle multiple packet fragments. 
as a bonus it cleans lots of differents part since the state machine
is inside receiving/sending code
 2010-10-02 22:41:00 +01:00