Vincent Hanquez
ad6ed6beac
add some Show and Eq instances
2014-01-27 03:50:04 +00:00
Vincent Hanquez
51d9c999f0
align properly
2014-01-26 14:15:30 +00:00
Vincent Hanquez
86375aaa57
move onHandshake to a serverHooks, and remove CommonHooks everywhere.
...
export modifyHooks as contextModifyHooks
2014-01-26 07:02:43 +00:00
Vincent Hanquez
251a0b2193
move logging into dynamic hooks
2014-01-26 06:50:47 +00:00
Vincent Hanquez
8dccb7d7bd
document hooks
2014-01-26 06:38:53 +00:00
Vincent Hanquez
11575711bc
add dynamic recv certificate hook and remove the static one.
2014-01-26 06:37:17 +00:00
Vincent Hanquez
4e5ff7f53d
Change the way parameters are created.
...
This is still WIP and this commit is truly horrific. Sadly, it's just
too much effort to do clean commit with this, and it doesn't mix with
experimentation either.
2014-01-25 16:51:51 +00:00
Vincent Hanquez
68594044c7
remove connectVersion.
2014-01-17 07:11:07 +00:00
Vincent Hanquez
f0bc03863b
add a way to get information about a context.
...
WIP need to include certificate information.
2014-01-17 07:10:28 +00:00
Vincent Hanquez
2d1aeb76c2
make compression an instance of Eq.
2014-01-17 07:09:50 +00:00
Vincent Hanquez
439ea6ba85
use the backend class completely and mark contextNewOnX symbols as deprecated
2014-01-17 06:55:33 +00:00
Vincent Hanquez
eb90d5be00
define failOnEitherError
2014-01-16 10:48:47 +00:00
Vincent Hanquez
aa8856c68a
remove connectVersion as it should be the maximum of allowedVersions
2014-01-12 07:15:16 +00:00
Vincent Hanquez
50797bae50
cleanup import
2014-01-10 08:30:30 +00:00
Vincent Hanquez
453fab50ed
split Backend and introduce a new HasBackend class
...
the HasBackend class allow to not have multiples contextNewOnX calls,
but instead will favor only one contextNew that can take all HasBackend types.
2014-01-10 07:01:34 +00:00
Vincent Hanquez
614b5b4c6b
split parameters from context
2014-01-05 11:14:17 +00:00
Vincent Hanquez
8a05317d40
slightly better error when no ciphers are available
2014-01-02 06:09:09 +00:00
Vincent Hanquez
323fb95fbe
consistent style in record structure.
2013-12-28 15:26:33 +00:00
Vincent Hanquez
85f436afe6
add a system to filter cipher that we can't use because we don't have the right credentials loaded.
2013-12-28 15:25:13 +00:00
Vincent Hanquez
acf9708199
use the new credentials system to be able to handle RSA and DSS certificate at the same time.
2013-12-28 15:24:20 +00:00
Vincent Hanquez
9a05ac9553
limit the X509 import list of what we need
2013-12-28 15:20:07 +00:00
Vincent Hanquez
f72293d32f
properly do DSS/RSA in DHE methods.
2013-12-28 15:19:39 +00:00
Vincent Hanquez
a111d703a4
simplify the handshake key state.
...
we don't need to differentiate client/server, as a remote key will always be public and
the private key always local.
2013-12-28 15:17:42 +00:00
Vincent Hanquez
64946c8fb8
error in serverKeyXchg with RSA.
2013-12-28 15:15:06 +00:00
Vincent Hanquez
761ba1ac5c
add support for DSS signature.
2013-12-28 15:14:09 +00:00
Vincent Hanquez
b3068deec8
add support for DSA signing and verification.
2013-12-28 15:13:43 +00:00
Vincent Hanquez
8e6a6d9456
add a credentials module
2013-12-28 15:12:14 +00:00
Vincent Hanquez
08997c96f0
default the version if not set which allow to report very early error (e.g. no cipher in common) properly
2013-12-28 15:09:25 +00:00
Vincent Hanquez
891cf168ac
add simple method to get the certificate leaf.
2013-12-28 15:07:20 +00:00
Vincent Hanquez
02dd7b8aa7
add support for DHE (only with RSA signing so far)
2013-12-11 16:39:25 +08:00
Vincent Hanquez
a223673eed
make HandshakeM an instance of Applicative.
2013-12-11 16:36:35 +08:00
Vincent Hanquez
2a09d51ba5
cleanup imports
2013-12-11 16:36:16 +08:00
Vincent Hanquez
64d2ba9cd7
add better methods for making DigitallySigned data structure and veryfying them
2013-12-11 16:34:45 +08:00
Vincent Hanquez
6d63cde8cb
change ServerDHParams to re-use the DH abstraction in Crypto.DH.
2013-12-11 16:01:55 +08:00
Vincent Hanquez
1e62ddd53f
properly account for difference of methods in key exchange.
...
still only RSA supported.
2013-12-11 16:01:07 +08:00
Vincent Hanquez
6fb2108b63
add SHA512 as defined hash
2013-12-11 15:55:58 +08:00
Vincent Hanquez
798a4b5787
move logging and hooks into a Hooks module
2013-12-11 15:55:24 +08:00
Vincent Hanquez
b234f1377f
automatically add Crypto.DH in Crypto.
2013-12-11 15:54:32 +08:00
Vincent Hanquez
0236445101
add some wrapper for DH operations.
2013-12-11 15:53:55 +08:00
Vincent Hanquez
c805734abd
use the new Crypto.Random instead of the compat Crypto.Random.API
2013-12-11 15:53:11 +08:00
Vincent Hanquez
96ae52e4cd
make clear what we're talking about in the header.
2013-12-11 15:50:35 +08:00
Vincent Hanquez
9ea497adf6
add a function to generate digitally signed structure for DHParams.
2013-12-07 17:51:57 +08:00
Vincent Hanquez
b43ef69988
rename ServerDHParams marshalling functions
2013-12-07 17:51:28 +08:00
Vincent Hanquez
12c32816bc
add HashSHA1 for DSS signature for < TLS12.
2013-12-07 14:50:07 +08:00
Vincent Hanquez
d05c7a4be1
comment the reason of the existence of hashUpdateSSL.
2013-12-07 14:49:34 +08:00
Vincent Hanquez
50b56ff2cf
use the new digitallySigned structure for CertVerify.
2013-12-07 14:37:14 +08:00
Vincent Hanquez
f6b4ee34ac
abstract signature creation/verification
2013-12-07 14:25:58 +08:00
Vincent Hanquez
ad37d02523
cleanup CertificateVerify signature data generation
2013-12-07 13:10:17 +08:00
Vincent Hanquez
0a032bbc27
factor some code in client certificate verify message generation.
2013-12-07 12:44:45 +08:00
Vincent Hanquez
14fe8102c8
marshall signature as digitally-signed
2013-12-07 12:10:01 +08:00