yogsototh/hs-tls
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
407 commits 1 branch 11 tags 1.7 MiB
Commit graph

71 commits

Author SHA1 Message Date
Vincent Hanquez
d592c7aad7 update for latest certificate 0.7 2011-02-20 17:43:10 +00:00
Vincent Hanquez
693891ad0c add a dedicated fromJust 
compared to the normal fromJust, it take an extra string to report
what kind of fromJust we were doing. it's quite valuable when
shuffling code and assertion break.

at some point, it need to be removed completely in favor of better types
that better reflect the actual state on the connection.
 2011-02-20 08:37:19 +00:00
Vincent Hanquez
22ea02ffe4 move to certificate >= 0.6 2011-02-20 08:35:14 +00:00
Vincent Hanquez
a78162e298 add support for ciphers without encryption. 2011-01-05 09:24:58 +00:00
Vincent Hanquez
a95dd8f45e Generalize key exchange and use in-house RSA. 
Remove need for spoon, since RSA will fails gracefully.
Add support for full private key format for fast decryption.
Generalization of key exchange to add future support for DH, etc.
 2010-11-04 19:10:00 +00:00
Vincent Hanquez
65942b945f massive change on the RNG and add support for CryptoRandomGen 
use an inline AES counter system to generate random data.
 2010-11-04 19:05:36 +00:00
Vincent Hanquez
a1469322e4 don't check padding content in SSL3 mode 2010-10-06 09:15:36 +01:00
Vincent Hanquez
f54be74cc4 properly encode RSA structure without extra length when doing SSL3 2010-10-06 09:11:57 +01:00
Vincent Hanquez
383cf4c021 properly handle multiple packet fragments. 
as a bonus it cleans lots of differents part since the state machine
is inside receiving/sending code
 2010-10-02 22:41:00 +01:00
Vincent Hanquez
e189f37a67 new state machine 2010-10-02 22:02:37 +01:00
Vincent Hanquez
5a6ff3abe8 take in account that we can receive multiple handshakes in the same tls fragment. 2010-10-02 10:58:41 +01:00
Vincent Hanquez
d188a180cc refactorize receiving packet thing 2010-10-02 09:09:46 +01:00
Vincent Hanquez
f033a0d973 reorganize the way we decrypt data to be nicer. 
as a bonus, finally check if padding is valid.
 2010-09-26 20:56:51 +01:00
Vincent Hanquez
cd2f8f8ee2 get a util file for some bytestring stuff 2010-09-26 18:51:23 +01:00
Vincent Hanquez
f37b2e3bce support TLS1.1 explicit block IV 
despite the fact that it works, it's missing a step at key block set time,
so that we don't use the computed IV, but use a random generated one seeded by
the computed IV.
 2010-09-26 14:57:35 +01:00
Vincent Hanquez
b71ea6729c remove few more unpacking/packing 2010-09-26 10:37:20 +01:00
Vincent Hanquez
8f91009884 use strict bytestring instead of lazy bytestring. 
the API stays mostly similar except for clientkeyxchg that need a bytes instead of [word8].
remove lots of unnessary packing/unpacking when setting up ciphers.
 2010-09-26 10:34:47 +01:00
Vincent Hanquez
2fe1d7e99a use <$> instead of fmap 2010-09-19 10:49:42 +01:00
Vincent Hanquez
b289546721 gives all certificate to processCertificate, so that we can check the chain later. 2010-09-18 11:00:07 +01:00
Vincent Hanquez
f4f4968a82 change clientkeyxchg data to be a specific type 2010-09-13 21:10:25 +01:00
Vincent Hanquez
0b5a0dc548 initial import 2010-09-09 22:47:19 +01:00