yogsototh/hs-tls
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
296 commits 1 branch 11 tags 1.7 MiB
Commit graph

193 commits

Author SHA1 Message Date
Vincent Hanquez
eb8a00ef67 add a session ID type. 2011-12-12 08:25:21 +00:00
Vincent Hanquez
dace1096cf remove old comment 2011-12-12 08:24:39 +00:00
Vincent Hanquez
ccb94cea50 Merge branch 'master' into session 2011-12-06 00:23:18 +00:00
Vincent Hanquez
86335f18ce split context structure and accessor out of Core. 2011-12-06 00:15:00 +00:00
Vincent Hanquez
a269d84256 fix client side encoding of client key exchange on RSA. 2011-12-06 00:12:00 +00:00
Vincent Hanquez
726d301e6f fix TLS key exchange with version >= 1.0. 2011-12-05 20:10:28 +00:00
Vincent Hanquez
4ef7b0098f Merge branch 'master' into session 
Conflicts:
	Network/TLS/Core.hs
 2011-12-01 22:33:53 +00:00
Vincent Hanquez
9ec505a59a Merge branch 'hsm' 
Conflicts:
	Network/TLS/Core.hs
 2011-12-01 08:55:44 +00:00
Vincent Hanquez
13812b80f5 Merge branch 'measurements' 2011-12-01 08:54:15 +00:00
Vincent Hanquez
a16bdbba86 remove old readPacket. 2011-12-01 08:42:59 +00:00
Vincent Hanquez
adf45a537d handle digest update after processing the packet 2011-12-01 08:42:43 +00:00
Vincent Hanquez
e1fea031af consider clientkeyxchg as an opaque structure in internal layers, and make/process the content in higher layer. 2011-12-01 08:41:01 +00:00
Vincent Hanquez
eba62f6f74 append actual raised exception in the error. 2011-12-01 08:36:56 +00:00
Vincent Hanquez
3bdad41e21 consume ServerKeyExchange if it show up. 2011-12-01 08:34:41 +00:00
Vincent Hanquez
d6a198dad5 split recvRecord out of recvPacket. 2011-11-30 22:01:31 +00:00
Vincent Hanquez
2b4db87a7e cleanup the record layer properly from other layer on top. 
simplify and make the code much more straighforward.
 2011-11-30 21:51:22 +00:00
Vincent Hanquez
2a685b2601 remove the state machine is favor of a straightforward pattern matching state machine. 
simplify code massively and make it easy to support other packet flow later.
 2011-11-29 08:59:41 +00:00
Vincent Hanquez
0f4c6a0c47 refactor to be able to modify state machine mechanism 2011-11-28 08:01:19 +00:00
Vincent Hanquez
23113e3d3b separate code path on client to be able to handle session resume 2011-11-13 11:12:26 +00:00
Vincent Hanquez
63110fb5ce add a wrapper to recvPacket to only receive handshake types. 2011-11-13 11:11:39 +00:00
Vincent Hanquez
7a1c6808b7 add some cases and cleanup a bit the server key exchange message parsing. 2011-11-13 09:16:52 +00:00
Vincent Hanquez
0f4c448bf2 move comment where it should be. 2011-11-13 08:53:00 +00:00
Vincent Hanquez
ba4a2de730 separate code path on server when doing a session resume. 2011-11-12 16:15:05 +00:00
Vincent Hanquez
297f0d351b Check handshake policy on server during a new client handshake. 
It allows server to detect clients that want to abuse single handledly
the server resources by issuing handshakes.

The callback get some measurements on the number of bytes received and sent
since last handshake and also the number of handshake on this context.
 2011-11-12 11:05:12 +00:00
Vincent Hanquez
63fabf9956 add some measurements of bytes received/sent and number of handshakes per context. 2011-11-11 19:05:17 +00:00
Vincent Hanquez
9a0b4e0bd7 update to new cryptocipher and new certificate. 2011-10-31 22:10:32 +00:00
Vincent Hanquez
98ded9d6f4 only import X509 from the X509 module. 2011-10-11 05:36:15 +01:00
Vincent Hanquez
905aff7564 fix typo in error message 2011-10-08 09:41:09 +01:00
Vincent Hanquez
09e32f10c7 use strict time constant version of and and bytestring == during Reception. 2011-10-02 22:15:42 +01:00
Vincent Hanquez
bb9d46447f add strict version of and, && and bytestring equality 2011-10-02 22:15:21 +01:00
Vincent Hanquez
273d5285c2 allow definition of client and server with different connection/operations type 2011-09-29 09:22:27 +01:00
Vincent Hanquez
dff8e03476 curry the connection 2011-09-29 09:14:02 +01:00
Vincent Hanquez
9b099fd0ff vectorized the actual connection type, so one could use Socket or Fd as long as handles. 2011-09-29 08:29:28 +01:00
Vincent Hanquez
7d6116c20b put TLS12 in default allowed versions 2011-09-29 08:27:55 +01:00
Vincent Hanquez
7d24f39c50 directly put the hash in the new empty handshake instead of using a maybe. 2011-08-17 20:50:30 +01:00
Vincent Hanquez
ba942d0c24 separate the function to get one from multiple signature hash 2011-08-17 20:47:36 +01:00
Vincent Hanquez
46f89fcb15 add a type alias for HMAC 2011-08-14 17:51:20 +01:00
Vincent Hanquez
4a54c807e0 define hashSHA256. 2011-08-14 16:18:22 +01:00
Vincent Hanquez
6d5585c74a switch to one hashctx that can contains 2 hashctx, and add a special updateSSL for SSL3. 2011-08-14 16:18:09 +01:00
Vincent Hanquez
68be94060e update hash interface to hide the state through typeclass and existentialquantification. 2011-08-14 14:34:34 +01:00
Vincent Hanquez
d5ebf32b7f in the SSL3 case, we hardcode SHA1.hash and MD5.hash instead of using the hash abstraction. 2011-08-14 14:33:26 +01:00
Vincent Hanquez
394381a2f5 define more stuff for TLS1.2 related to PRF. 2011-08-14 12:21:54 +01:00
Vincent Hanquez
77efb1076a remove commented code 2011-08-14 10:27:15 +01:00
Vincent Hanquez
a3b7419f8b Define hash structure to save some repetition 2011-08-13 12:30:36 +01:00
Vincent Hanquez
b72c6328b0 remove the keyblocksize that is redundant and easily calculated from other fields. 2011-08-13 12:04:23 +01:00
Vincent Hanquez
bd2a00782b rename bulk functions to be prefixed by bulk not cipher 2011-08-13 11:17:51 +01:00
Vincent Hanquez
647dcb02aa set some size to int instead of pointlessly using word8/word16 2011-08-13 11:08:29 +01:00
Vincent Hanquez
7522d87ca3 introduce a bulk object to separate the cipher object creation by chunks 
limit code movement by reusing the same name
 2011-08-13 11:06:23 +01:00
Vincent Hanquez
b6a1b3ed14 misc cleanup 2011-08-13 07:56:17 +01:00
Vincent Hanquez
e4a4d99528 add some TLS12 prf related defs 2011-08-12 21:57:30 +01:00