Vincent Hanquez
98ded9d6f4
only import X509 from the X509 module.
2011-10-11 05:36:15 +01:00
Vincent Hanquez
905aff7564
fix typo in error message
2011-10-08 09:41:09 +01:00
Vincent Hanquez
09e32f10c7
use strict time constant version of and and bytestring == during Reception.
2011-10-02 22:15:42 +01:00
Vincent Hanquez
bb9d46447f
add strict version of and, && and bytestring equality
2011-10-02 22:15:21 +01:00
Vincent Hanquez
273d5285c2
allow definition of client and server with different connection/operations type
2011-09-29 09:22:27 +01:00
Vincent Hanquez
dff8e03476
curry the connection
2011-09-29 09:14:02 +01:00
Vincent Hanquez
9b099fd0ff
vectorized the actual connection type, so one could use Socket or Fd as long as handles.
2011-09-29 08:29:28 +01:00
Vincent Hanquez
7d6116c20b
put TLS12 in default allowed versions
2011-09-29 08:27:55 +01:00
Vincent Hanquez
7d24f39c50
directly put the hash in the new empty handshake instead of using a maybe.
2011-08-17 20:50:30 +01:00
Vincent Hanquez
ba942d0c24
separate the function to get one from multiple signature hash
2011-08-17 20:47:36 +01:00
Vincent Hanquez
46f89fcb15
add a type alias for HMAC
2011-08-14 17:51:20 +01:00
Vincent Hanquez
4a54c807e0
define hashSHA256.
2011-08-14 16:18:22 +01:00
Vincent Hanquez
6d5585c74a
switch to one hashctx that can contains 2 hashctx, and add a special updateSSL for SSL3.
2011-08-14 16:18:09 +01:00
Vincent Hanquez
68be94060e
update hash interface to hide the state through typeclass and existentialquantification.
2011-08-14 14:34:34 +01:00
Vincent Hanquez
d5ebf32b7f
in the SSL3 case, we hardcode SHA1.hash and MD5.hash instead of using the hash abstraction.
2011-08-14 14:33:26 +01:00
Vincent Hanquez
394381a2f5
define more stuff for TLS1.2 related to PRF.
2011-08-14 12:21:54 +01:00
Vincent Hanquez
77efb1076a
remove commented code
2011-08-14 10:27:15 +01:00
Vincent Hanquez
a3b7419f8b
Define hash structure to save some repetition
2011-08-13 12:30:36 +01:00
Vincent Hanquez
48165081a1
add Bulk to the list of exposed structure
2011-08-13 12:06:54 +01:00
Vincent Hanquez
b72c6328b0
remove the keyblocksize that is redundant and easily calculated from other fields.
2011-08-13 12:04:23 +01:00
Vincent Hanquez
bd2a00782b
rename bulk functions to be prefixed by bulk not cipher
2011-08-13 11:17:51 +01:00
Vincent Hanquez
647dcb02aa
set some size to int instead of pointlessly using word8/word16
2011-08-13 11:08:29 +01:00
Vincent Hanquez
7522d87ca3
introduce a bulk object to separate the cipher object creation by chunks
...
limit code movement by reusing the same name
2011-08-13 11:06:23 +01:00
Vincent Hanquez
b6a1b3ed14
misc cleanup
2011-08-13 07:56:17 +01:00
Vincent Hanquez
e4a4d99528
add some TLS12 prf related defs
2011-08-12 21:57:30 +01:00
Vincent Hanquez
58e758a1ab
misc cleanup
2011-08-12 20:59:14 +01:00
Vincent Hanquez
3c02e9acfc
Create a record type to help type safety
2011-08-12 18:41:49 +01:00
Vincent Hanquez
06baeecea7
remove space.
2011-08-12 18:33:43 +01:00
Vincent Hanquez
84ace35a7e
add an helper to use the compression context easily
2011-08-12 18:33:28 +01:00
Vincent Hanquez
d4ca9e0d9d
export Cipher constructor.
2011-08-12 18:32:18 +01:00
Vincent Hanquez
abc571223a
Change compression API to work properly.
...
- distinguish compression from decompression
- add a context
- move from a record structure to typeclass + wrapping data for hiding the existential quantification.
2011-08-12 18:31:58 +01:00
Vincent Hanquez
b34af4195f
fix compilation error
2011-08-07 10:03:34 +01:00
Vincent Hanquez
9591a395a9
use functor <$> instead of maybe
2011-07-07 22:21:23 +01:00
Vincent Hanquez
28e04f8849
Use the encode function to encode the secure renegotiation extension.
...
fix a bug on the client side when secure renegotiation is enabled on client and server.
2011-06-19 21:23:01 +01:00
Vincent Hanquez
c27fc6187d
properly encode/decode secure renegotiation extension
2011-06-13 08:33:14 +01:00
Vincent Hanquez
d2e6235410
throw proper error with partial packets and EOF
2011-06-13 08:19:29 +01:00
Vincent Hanquez
1b8474d388
create a sendClientKeyXchg
2011-06-12 21:55:22 +01:00
Vincent Hanquez
02f77a1225
set server and client parameter directly in core, not in the sending processing layer.
2011-06-12 21:42:55 +01:00
Vincent Hanquez
2d33ea3fad
separate the IO operation from the decoding.
2011-06-12 21:40:02 +01:00
Vincent Hanquez
69a40eb656
use throwCore instead of error
2011-06-12 21:39:34 +01:00
Vincent Hanquez
30d52f0398
fix comment
2011-06-12 21:39:17 +01:00
Vincent Hanquez
6945147122
add label to serialize get operations
2011-06-12 21:38:42 +01:00
Vincent Hanquez
1358a2ef56
throw error if recvPacket errors instead of ignoring it.
2011-06-12 21:38:18 +01:00
Vincent Hanquez
5207a41a57
reflect the fact in types that the record layer record returns list of same header type.
2011-06-10 21:24:46 +01:00
Vincent Hanquez
f56f5d6e41
add more handling of server key xchg and dh_anon
2011-06-07 08:59:20 +01:00
Vincent Hanquez
8329187394
fill the server hello in the server and check the return value in the client.
2011-06-07 08:28:02 +01:00
Vincent Hanquez
96e6979ed4
misc change and start to trickle through the support for secure renegotiation
2011-06-07 08:13:43 +01:00
Vincent Hanquez
d3de5de4cd
add way to store verified data and to activate/deactivate the feature
2011-06-07 07:41:31 +01:00
Vincent Hanquez
093cd2c9fb
use bytes directly instead of pointlessly unpacking it for extensions and finishedData
2011-06-06 08:16:24 +01:00
Vincent Hanquez
cead67c558
add secure renegociation flag in state
2011-06-06 08:03:18 +01:00