libghc-tls-doc 1.3.8-3 / usr / share / doc / libghc-tls-doc / html / tls.txt

This file is indexed.

/usr/share/doc/libghc-tls-doc/html/tls.txt is in libghc-tls-doc 1.3.8-3.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
-- Hoogle documentation, generated by Haddock
-- See Hoogle, http://www.haskell.org/hoogle/


-- | TLS/SSL protocol native implementation (Server and Client)
--   
--   Native Haskell TLS and SSL protocol implementation for server and
--   client.
--   
--   This provides a high-level implementation of a sensitive security
--   protocol, eliminating a common set of security issues through the use
--   of the advanced type system, high level constructions and common
--   Haskell features.
--   
--   Currently implement the SSL3.0, TLS1.0, TLS1.1 and TLS1.2 protocol,
--   and support RSA and Ephemeral (Elliptic curve and regular) Diffie
--   Hellman key exchanges, and many extensions.
--   
--   Some debug tools linked with tls, are available through the
--   <a>http://hackage.haskell.org/package/tls-debug/</a>.
@package tls
@version 1.3.8


module Network.TLS
data ClientParams
ClientParams :: Maybe MaxFragmentEnum -> (HostName, Bytes) -> Bool -> Maybe (SessionID, SessionData) -> Shared -> ClientHooks -> Supported -> DebugParams -> ClientParams
[clientUseMaxFragmentLength] :: ClientParams -> Maybe MaxFragmentEnum

-- | Define the name of the server, along with an extra service
--   identification blob. this is important that the hostname part is
--   properly filled for security reason, as it allow to properly associate
--   the remote side with the given certificate during a handshake.
--   
--   The extra blob is useful to differentiate services running on the same
--   host, but that might have different certificates given. It's only used
--   as part of the X509 validation infrastructure.
[clientServerIdentification] :: ClientParams -> (HostName, Bytes)

-- | Allow the use of the Server Name Indication TLS extension during
--   handshake, which allow the client to specify which host name, it's
--   trying to access. This is useful to distinguish CNAME aliasing (e.g.
--   web virtual host).
[clientUseServerNameIndication] :: ClientParams -> Bool

-- | try to establish a connection using this session.
[clientWantSessionResume] :: ClientParams -> Maybe (SessionID, SessionData)
[clientShared] :: ClientParams -> Shared
[clientHooks] :: ClientParams -> ClientHooks
[clientSupported] :: ClientParams -> Supported
[clientDebug] :: ClientParams -> DebugParams
data ServerParams
ServerParams :: Bool -> [SignedCertificate] -> Maybe DHParams -> Shared -> ServerHooks -> Supported -> DebugParams -> ServerParams

-- | request a certificate from client.
[serverWantClientCert] :: ServerParams -> Bool

-- | This is a list of certificates from which the disinguished names are
--   sent in certificate request messages. For TLS1.0, it should not be
--   empty.
[serverCACertificates] :: ServerParams -> [SignedCertificate]

-- | Server Optional Diffie Hellman parameters. If this value is not
--   properly set, no Diffie Hellman key exchange will take place.
[serverDHEParams] :: ServerParams -> Maybe DHParams
[serverShared] :: ServerParams -> Shared
[serverHooks] :: ServerParams -> ServerHooks
[serverSupported] :: ServerParams -> Supported
[serverDebug] :: ServerParams -> DebugParams

-- | All settings should not be used in production
data DebugParams
DebugParams :: Maybe Seed -> (Seed -> IO ()) -> DebugParams

-- | Disable the true randomness in favor of deterministic seed that will
--   produce a deterministic random from. This is useful for tests and
--   debugging purpose. Do not use in production
[debugSeed] :: DebugParams -> Maybe Seed

-- | Add a way to print the seed that was randomly generated. re-using the
--   same seed will reproduce the same randomness with <a>debugSeed</a>
[debugPrintSeed] :: DebugParams -> Seed -> IO ()

-- | A set of callbacks run by the clients for various corners of TLS
--   establishment
data ClientHooks
ClientHooks :: (([CertificateType], Maybe [HashAndSignatureAlgorithm], [DistinguishedName]) -> IO (Maybe (CertificateChain, PrivKey))) -> Maybe ([ByteString] -> IO ByteString) -> (CertificateStore -> ValidationCache -> ServiceID -> CertificateChain -> IO [FailedReason]) -> IO (Maybe [ByteString]) -> ClientHooks

-- | This action is called when the server sends a certificate request. The
--   parameter is the information from the request. The action should
--   select a certificate chain of one of the given certificate types where
--   the last certificate in the chain should be signed by one of the given
--   distinguished names. Each certificate should be signed by the
--   following one, except for the last. At least the first of the
--   certificates in the chain must have a corresponding private key,
--   because that is used for signing the certificate verify message.
--   
--   Note that is is the responsibility of this action to select a
--   certificate matching one of the requested certificate types. Returning
--   a non-matching one will lead to handshake failure later.
--   
--   Returning a certificate chain not matching the distinguished names may
--   lead to problems or not, depending whether the server accepts it.
[onCertificateRequest] :: ClientHooks -> ([CertificateType], Maybe [HashAndSignatureAlgorithm], [DistinguishedName]) -> IO (Maybe (CertificateChain, PrivKey))
[onNPNServerSuggest] :: ClientHooks -> Maybe ([ByteString] -> IO ByteString)
[onServerCertificate] :: ClientHooks -> CertificateStore -> ValidationCache -> ServiceID -> CertificateChain -> IO [FailedReason]
[onSuggestALPN] :: ClientHooks -> IO (Maybe [ByteString])

-- | A set of callbacks run by the server for various corners of the TLS
--   establishment
data ServerHooks
ServerHooks :: (CertificateChain -> IO CertificateUsage) -> IO Bool -> (Version -> [Cipher] -> Cipher) -> (Maybe HostName -> IO Credentials) -> IO (Maybe [ByteString]) -> (Measurement -> IO Bool) -> Maybe ([ByteString] -> IO ByteString) -> ServerHooks

-- | This action is called when a client certificate chain is received from
--   the client. When it returns a CertificateUsageReject value, the
--   handshake is aborted.
[onClientCertificate] :: ServerHooks -> CertificateChain -> IO CertificateUsage

-- | This action is called when the client certificate cannot be verified.
--   A <a>Nothing</a> argument indicates a wrong signature, a 'Just e'
--   message signals a crypto error.
[onUnverifiedClientCert] :: ServerHooks -> IO Bool

-- | Allow the server to choose the cipher relative to the the client
--   version and the client list of ciphers.
--   
--   This could be useful with old clients and as a workaround to the BEAST
--   (where RC4 is sometimes prefered with TLS &lt; 1.1)
--   
--   The client cipher list cannot be empty.
[onCipherChoosing] :: ServerHooks -> Version -> [Cipher] -> Cipher

-- | Allow the server to indicate additional credentials to be used
--   depending on the host name indicated by the client.
--   
--   This is most useful for transparent proxies where credentials must be
--   generated on the fly according to the host the client is trying to
--   connect to.
[onServerNameIndication] :: ServerHooks -> Maybe HostName -> IO Credentials

-- | suggested next protocols accoring to the next protocol negotiation
--   extension.
[onSuggestNextProtocols] :: ServerHooks -> IO (Maybe [ByteString])

-- | at each new handshake, we call this hook to see if we allow handshake
--   to happens.
[onNewHandshake] :: ServerHooks -> Measurement -> IO Bool
[onALPNClientSuggest] :: ServerHooks -> Maybe ([ByteString] -> IO ByteString)

-- | List all the supported algorithms, versions, ciphers, etc supported.
data Supported
Supported :: [Version] -> [Cipher] -> [Compression] -> [HashAndSignatureAlgorithm] -> Bool -> Bool -> Bool -> Bool -> Bool -> Supported

-- | Supported Versions by this context On the client side, the highest
--   version will be used to establish the connection. On the server side,
--   the highest version that is less or equal than the client version will
--   be chosed.
[supportedVersions] :: Supported -> [Version]

-- | Supported cipher methods
[supportedCiphers] :: Supported -> [Cipher]

-- | supported compressions methods
[supportedCompressions] :: Supported -> [Compression]

-- | All supported hash/signature algorithms pair for client certificate
--   verification, ordered by decreasing priority.
[supportedHashSignatures] :: Supported -> [HashAndSignatureAlgorithm]

-- | Secure renegotiation defined in RFC5746. If <a>True</a>, clients send
--   the renegotiation_info extension. If <a>True</a>, servers handle the
--   extension or the renegotiation SCSV then send the renegotiation_info
--   extension.
[supportedSecureRenegotiation] :: Supported -> Bool

-- | If <a>True</a>, renegotiation is allowed from the client side. This is
--   vulnerable to DOS attacks. If <a>False</a>, renegotiation is allowed
--   only from the server side via HelloRequest.
[supportedClientInitiatedRenegotiation] :: Supported -> Bool

-- | Set if we support session.
[supportedSession] :: Supported -> Bool

-- | Support for fallback SCSV defined in RFC7507. If <a>True</a>, servers
--   reject handshakes which suggest a lower protocol than the highest
--   protocol supported.
[supportedFallbackScsv] :: Supported -> Bool

-- | In ver &lt;= TLS1.0, block ciphers using CBC are using CBC residue as
--   IV, which can be guessed by an attacker. Hence, an empty packet is
--   normally sent before a normal data packet, to prevent guessability.
--   Some Microsoft TLS-based protocol implementations, however, consider
--   these empty packets as a protocol violation and disconnect. If this
--   parameter is <a>False</a>, empty packets will never be added, which is
--   less secure, but might help in rare cases.
[supportedEmptyPacket] :: Supported -> Bool
data Shared
Shared :: Credentials -> SessionManager -> CertificateStore -> ValidationCache -> Shared
[sharedCredentials] :: Shared -> Credentials
[sharedSessionManager] :: Shared -> SessionManager
[sharedCAStore] :: Shared -> CertificateStore
[sharedValidationCache] :: Shared -> ValidationCache

-- | A collection of hooks actions.
data Hooks
Hooks :: (Handshake -> IO Handshake) -> (CertificateChain -> IO ()) -> Logging -> Hooks

-- | called at each handshake message received
[hookRecvHandshake] :: Hooks -> Handshake -> IO Handshake

-- | called at each certificate chain message received
[hookRecvCertificates] :: Hooks -> CertificateChain -> IO ()

-- | hooks on IO and packets, receiving and sending.
[hookLogging] :: Hooks -> Logging

-- | Hooks for logging
--   
--   This is called when sending and receiving packets and IO
data Logging
Logging :: (String -> IO ()) -> (String -> IO ()) -> (ByteString -> IO ()) -> (Header -> ByteString -> IO ()) -> Logging
[loggingPacketSent] :: Logging -> String -> IO ()
[loggingPacketRecv] :: Logging -> String -> IO ()
[loggingIOSent] :: Logging -> ByteString -> IO ()
[loggingIORecv] :: Logging -> Header -> ByteString -> IO ()

-- | record some data about this connection.
data Measurement
Measurement :: !Word32 -> !Word32 -> !Word32 -> Measurement

-- | number of handshakes on this context
[nbHandshakes] :: Measurement -> !Word32

-- | bytes received since last handshake
[bytesReceived] :: Measurement -> !Word32

-- | bytes sent since last handshake
[bytesSent] :: Measurement -> !Word32

-- | Certificate Usage callback possible returns values.
data CertificateUsage

-- | usage of certificate accepted
CertificateUsageAccept :: CertificateUsage

-- | usage of certificate rejected
CertificateUsageReject :: CertificateRejectReason -> CertificateUsage

-- | Certificate and Chain rejection reason
data CertificateRejectReason
CertificateRejectExpired :: CertificateRejectReason
CertificateRejectRevoked :: CertificateRejectReason
CertificateRejectUnknownCA :: CertificateRejectReason
CertificateRejectOther :: String -> CertificateRejectReason
defaultParamsClient :: HostName -> Bytes -> ClientParams
data MaxFragmentEnum
MaxFragment512 :: MaxFragmentEnum
MaxFragment1024 :: MaxFragmentEnum
MaxFragment2048 :: MaxFragmentEnum
MaxFragment4096 :: MaxFragmentEnum
type HashAndSignatureAlgorithm = (HashAlgorithm, SignatureAlgorithm)
data HashAlgorithm
HashNone :: HashAlgorithm
HashMD5 :: HashAlgorithm
HashSHA1 :: HashAlgorithm
HashSHA224 :: HashAlgorithm
HashSHA256 :: HashAlgorithm
HashSHA384 :: HashAlgorithm
HashSHA512 :: HashAlgorithm
HashOther :: Word8 -> HashAlgorithm
data SignatureAlgorithm
SignatureAnonymous :: SignatureAlgorithm
SignatureRSA :: SignatureAlgorithm
SignatureDSS :: SignatureAlgorithm
SignatureECDSA :: SignatureAlgorithm
SignatureOther :: Word8 -> SignatureAlgorithm
data CertificateType
CertificateType_RSA_Sign :: CertificateType
CertificateType_DSS_Sign :: CertificateType
CertificateType_RSA_Fixed_DH :: CertificateType
CertificateType_DSS_Fixed_DH :: CertificateType
CertificateType_RSA_Ephemeral_DH :: CertificateType
CertificateType_DSS_Ephemeral_DH :: CertificateType
CertificateType_fortezza_dms :: CertificateType
CertificateType_Unknown :: Word8 -> CertificateType
data ProtocolType
ProtocolType_ChangeCipherSpec :: ProtocolType
ProtocolType_Alert :: ProtocolType
ProtocolType_Handshake :: ProtocolType
ProtocolType_AppData :: ProtocolType
ProtocolType_DeprecatedHandshake :: ProtocolType
data Header
Header :: ProtocolType -> Version -> Word16 -> Header

-- | A session ID
type SessionID = ByteString

-- | Session data to resume
data SessionData
SessionData :: Version -> CipherID -> ByteString -> SessionData
[sessionVersion] :: SessionData -> Version
[sessionCipher] :: SessionData -> CipherID
[sessionSecret] :: SessionData -> ByteString

-- | A session manager
data SessionManager
SessionManager :: (SessionID -> IO (Maybe SessionData)) -> (SessionID -> SessionData -> IO ()) -> (SessionID -> IO ()) -> SessionManager

-- | used on server side to decide whether to resume a client session.
[sessionResume] :: SessionManager -> SessionID -> IO (Maybe SessionData)

-- | used when a session is established.
[sessionEstablish] :: SessionManager -> SessionID -> SessionData -> IO ()

-- | used when a session is invalidated.
[sessionInvalidate] :: SessionManager -> SessionID -> IO ()
noSessionManager :: SessionManager

-- | Connection IO backend
data Backend
Backend :: IO () -> IO () -> (ByteString -> IO ()) -> (Int -> IO ByteString) -> Backend

-- | Flush the connection sending buffer, if any.
[backendFlush] :: Backend -> IO ()

-- | Close the connection.
[backendClose] :: Backend -> IO ()

-- | Send a bytestring through the connection.
[backendSend] :: Backend -> ByteString -> IO ()

-- | Receive specified number of bytes from the connection.
[backendRecv] :: Backend -> Int -> IO ByteString

-- | A TLS Context keep tls specific state, parameters and backend
--   information.
data Context

-- | return the backend object associated with this context
ctxConnection :: Context -> Backend
class TLSParams a
class HasBackend a

-- | create a new context using the backend and parameters specified.
contextNew :: (MonadIO m, HasBackend backend, TLSParams params) => backend -> params -> m Context

-- | create a new context on an handle.

-- | <i>Deprecated: use contextNew</i>
contextNewOnHandle :: (MonadIO m, TLSParams params) => Handle -> params -> m Context

-- | create a new context on a socket.

-- | <i>Deprecated: use contextNew</i>
contextNewOnSocket :: (MonadIO m, TLSParams params) => Socket -> params -> m Context
contextFlush :: Context -> IO ()
contextClose :: Context -> IO ()
contextHookSetHandshakeRecv :: Context -> (Handshake -> IO Handshake) -> IO ()
contextHookSetCertificateRecv :: Context -> (CertificateChain -> IO ()) -> IO ()
contextHookSetLogging :: Context -> Logging -> IO ()
contextModifyHooks :: Context -> (Hooks -> Hooks) -> IO ()

-- | Information related to a running context, e.g. current cipher
data Information
Information :: Version -> Cipher -> Compression -> Maybe Bytes -> Maybe ClientRandom -> Maybe ServerRandom -> Information
[infoVersion] :: Information -> Version
[infoCipher] :: Information -> Cipher
[infoCompression] :: Information -> Compression
[infoMasterSecret] :: Information -> Maybe Bytes
[infoClientRandom] :: Information -> Maybe ClientRandom
[infoServerRandom] :: Information -> Maybe ServerRandom
unClientRandom :: ClientRandom -> Bytes
unServerRandom :: ServerRandom -> Bytes

-- | Information about the current context
contextGetInformation :: Context -> IO (Maybe Information)
newtype Credentials
Credentials :: [Credential] -> Credentials
type Credential = (CertificateChain, PrivKey)

-- | try to create a new credential object from a public certificate and
--   the associated private key that are stored on the filesystem in PEM
--   format.
credentialLoadX509 :: FilePath -> FilePath -> IO (Either String Credential)

-- | similar to <a>credentialLoadX509</a> but take the certificate and
--   private key from memory instead of from the filesystem.
credentialLoadX509FromMemory :: Bytes -> Bytes -> Either String Credential

-- | similar to <a>credentialLoadX509</a> but also allow specifying chain
--   certificates.
credentialLoadX509Chain :: FilePath -> [FilePath] -> FilePath -> IO (Either String Credential)

-- | similar to <a>credentialLoadX509FromMemory</a> but also allow
--   specifying chain certificates.
credentialLoadX509ChainFromMemory :: Bytes -> [Bytes] -> Bytes -> Either String Credential

-- | notify the context that this side wants to close connection. this is
--   important that it is called before closing the handle, otherwise the
--   session might not be resumable (for version &lt; TLS1.2).
--   
--   this doesn't actually close the handle
bye :: MonadIO m => Context -> m ()

-- | Handshake for a new TLS connection This is to be called at the
--   beginning of a connection, and during renegotiation
handshake :: MonadIO m => Context -> m ()

-- | If the Next Protocol Negotiation extension has been used, this will
--   return get the protocol agreed upon.
getNegotiatedProtocol :: MonadIO m => Context -> m (Maybe ByteString)

-- | If the Server Name Indication extension has been used, return the
--   hostname specified by the client.
getClientSNI :: MonadIO m => Context -> m (Maybe HostName)

-- | sendData sends a bunch of data. It will automatically chunk data to
--   acceptable packet size
sendData :: MonadIO m => Context -> ByteString -> m ()

-- | recvData get data out of Data packet, and automatically renegotiate if
--   a Handshake ClientHello is received
recvData :: MonadIO m => Context -> m ByteString

-- | same as recvData but returns a lazy bytestring.

-- | <i>Deprecated: use recvData that returns strict bytestring</i>
recvData' :: MonadIO m => Context -> m ByteString

-- | Public key types known and used in X.509
data PubKey :: *

-- | RSA public key
PubKeyRSA :: PublicKey -> PubKey

-- | DSA public key
PubKeyDSA :: PublicKey -> PubKey

-- | DH format with (p,g,q,j,(seed,pgenCounter))
PubKeyDH :: (Integer, Integer, Integer, Maybe Integer, ([Word8], Integer)) -> PubKey

-- | EC public key
PubKeyEC :: PubKeyEC -> PubKey

-- | unrecognized format
PubKeyUnknown :: OID -> ByteString -> PubKey

-- | Private key types known and used in X.509
data PrivKey :: *

-- | RSA private key
PrivKeyRSA :: PrivateKey -> PrivKey

-- | DSA private key
PrivKeyDSA :: PrivateKey -> PrivKey

-- | supported compression algorithms need to be part of this class
class CompressionC a
compressionCID :: CompressionC a => a -> CompressionID
compressionCDeflate :: CompressionC a => a -> ByteString -> (a, ByteString)
compressionCInflate :: CompressionC a => a -> ByteString -> (a, ByteString)

-- | every compression need to be wrapped in this, to fit in structure
data Compression
Compression :: a -> Compression

-- | Compression identification
type CompressionID = Word8

-- | default null compression
nullCompression :: Compression

-- | This is the default compression which is a NOOP.
data NullCompression

-- | return the associated ID for this algorithm
compressionID :: Compression -> CompressionID

-- | deflate (compress) a bytestring using a compression context and return
--   the result along with the new compression context.
compressionDeflate :: ByteString -> Compression -> (Compression, ByteString)

-- | inflate (decompress) a bytestring using a compression context and
--   return the result along the new compression context.
compressionInflate :: ByteString -> Compression -> (Compression, ByteString)

-- | intersect a list of ids commonly given by the other side with a list
--   of compression the function keeps the list of compression in order, to
--   be able to find quickly the prefered compression.
compressionIntersectID :: [Compression] -> [Word8] -> [Compression]
data CipherKeyExchangeType
CipherKeyExchange_RSA :: CipherKeyExchangeType
CipherKeyExchange_DH_Anon :: CipherKeyExchangeType
CipherKeyExchange_DHE_RSA :: CipherKeyExchangeType
CipherKeyExchange_ECDHE_RSA :: CipherKeyExchangeType
CipherKeyExchange_DHE_DSS :: CipherKeyExchangeType
CipherKeyExchange_DH_DSS :: CipherKeyExchangeType
CipherKeyExchange_DH_RSA :: CipherKeyExchangeType
CipherKeyExchange_ECDH_ECDSA :: CipherKeyExchangeType
CipherKeyExchange_ECDH_RSA :: CipherKeyExchangeType
CipherKeyExchange_ECDHE_ECDSA :: CipherKeyExchangeType
data Bulk
Bulk :: String -> Int -> Int -> Int -> Int -> Int -> BulkFunctions -> Bulk
[bulkName] :: Bulk -> String
[bulkKeySize] :: Bulk -> Int
[bulkIVSize] :: Bulk -> Int
[bulkExplicitIV] :: Bulk -> Int
[bulkAuthTagLen] :: Bulk -> Int
[bulkBlockSize] :: Bulk -> Int
[bulkF] :: Bulk -> BulkFunctions
data BulkFunctions
BulkBlockF :: (BulkDirection -> BulkKey -> BulkBlock) -> BulkFunctions
BulkStreamF :: (BulkDirection -> BulkKey -> BulkStream) -> BulkFunctions
BulkAeadF :: (BulkDirection -> BulkKey -> BulkAEAD) -> BulkFunctions
data BulkDirection
BulkEncrypt :: BulkDirection
BulkDecrypt :: BulkDirection
data BulkState
BulkStateStream :: BulkStream -> BulkState
BulkStateBlock :: BulkBlock -> BulkState
BulkStateAEAD :: BulkAEAD -> BulkState
BulkStateUninitialized :: BulkState
newtype BulkStream
BulkStream :: (ByteString -> (ByteString, BulkStream)) -> BulkStream
type BulkBlock = BulkIV -> ByteString -> (ByteString, BulkIV)
type BulkAEAD = BulkNonce -> ByteString -> BulkAdditionalData -> (ByteString, AuthTag)
bulkInit :: Bulk -> BulkDirection -> BulkKey -> BulkState
data Hash
MD5 :: Hash
SHA1 :: Hash
SHA224 :: Hash
SHA256 :: Hash
SHA384 :: Hash
SHA512 :: Hash
SHA1_MD5 :: Hash

-- | Cipher algorithm
data Cipher
Cipher :: CipherID -> String -> Hash -> Bulk -> CipherKeyExchangeType -> Maybe Version -> Cipher
[cipherID] :: Cipher -> CipherID
[cipherName] :: Cipher -> String
[cipherHash] :: Cipher -> Hash
[cipherBulk] :: Cipher -> Bulk
[cipherKeyExchange] :: Cipher -> CipherKeyExchangeType
[cipherMinVer] :: Cipher -> Maybe Version

-- | Cipher identification
type CipherID = Word16
cipherKeyBlockSize :: Cipher -> Int
type BulkKey = ByteString
type BulkIV = ByteString
type BulkNonce = ByteString
type BulkAdditionalData = ByteString

-- | Check if a specific <a>Cipher</a> is allowed to be used with the
--   version specified
cipherAllowedForVersion :: Version -> Cipher -> Bool
cipherExchangeNeedMoreData :: CipherKeyExchangeType -> Bool
hasMAC :: BulkFunctions -> Bool
hasRecordIV :: BulkFunctions -> Bool

-- | Versions known to TLS
--   
--   SSL2 is just defined, but this version is and will not be supported.
data Version
SSL2 :: Version
SSL3 :: Version
TLS10 :: Version
TLS11 :: Version
TLS12 :: Version

-- | TLSError that might be returned through the TLS stack
data TLSError

-- | mainly for instance of Error
Error_Misc :: String -> TLSError
Error_Protocol :: (String, Bool, AlertDescription) -> TLSError
Error_Certificate :: String -> TLSError

-- | handshake policy failed.
Error_HandshakePolicy :: String -> TLSError
Error_EOF :: TLSError
Error_Packet :: String -> TLSError
Error_Packet_unexpected :: String -> String -> TLSError
Error_Packet_Parsing :: String -> TLSError
data KxError
RSAError :: Error -> KxError
KxUnsupported :: KxError
data AlertDescription
CloseNotify :: AlertDescription
UnexpectedMessage :: AlertDescription
BadRecordMac :: AlertDescription

-- | deprecated alert, should never be sent by compliant implementation
DecryptionFailed :: AlertDescription
RecordOverflow :: AlertDescription
DecompressionFailure :: AlertDescription
HandshakeFailure :: AlertDescription
BadCertificate :: AlertDescription
UnsupportedCertificate :: AlertDescription
CertificateRevoked :: AlertDescription
CertificateExpired :: AlertDescription
CertificateUnknown :: AlertDescription
IllegalParameter :: AlertDescription
UnknownCa :: AlertDescription
AccessDenied :: AlertDescription
DecodeError :: AlertDescription
DecryptError :: AlertDescription
ExportRestriction :: AlertDescription
ProtocolVersion :: AlertDescription
InsufficientSecurity :: AlertDescription
InternalError :: AlertDescription
InappropriateFallback :: AlertDescription
UserCanceled :: AlertDescription
NoRenegotiation :: AlertDescription
UnsupportedExtension :: AlertDescription
CertificateUnobtainable :: AlertDescription
UnrecognizedName :: AlertDescription
BadCertificateStatusResponse :: AlertDescription
BadCertificateHashValue :: AlertDescription

-- | TLS Exceptions related to bad user usage or asynchronous errors
data TLSException

-- | Early termination exception with the reason and the error associated
Terminated :: Bool -> String -> TLSError -> TLSException

-- | Handshake failed for the reason attached
HandshakeFailed :: TLSError -> TLSException

-- | Usage error when the connection has not been established and the user
--   is trying to send or receive data
ConnectionNotEstablished :: TLSException

-- | A set of checks to activate or parametrize to perform on certificates.
--   
--   It's recommended to use <a>defaultChecks</a> to create the structure,
--   to better cope with future changes or expansion of the structure.
data ValidationChecks :: *
ValidationChecks :: Bool -> Maybe DateTime -> Bool -> Bool -> Bool -> Bool -> [ExtKeyUsageFlag] -> [ExtKeyUsagePurpose] -> Bool -> ValidationChecks

-- | check time validity of every certificate in the chain. the make sure
--   that current time is between each validity bounds in the certificate
[checkTimeValidity] :: ValidationChecks -> Bool

-- | The time when the validity check happens. When set to Nothing, the
--   current time will be used
[checkAtTime] :: ValidationChecks -> Maybe DateTime

-- | Check that no certificate is included that shouldn't be included.
--   unfortunately despite the specification violation, a lots of real
--   world server serves useless and usually old certificates that are not
--   relevant to the certificate sent, in their chain.
[checkStrictOrdering] :: ValidationChecks -> Bool

-- | Check that signing certificate got the CA basic constraint. this is
--   absolutely not recommended to turn it off.
[checkCAConstraints] :: ValidationChecks -> Bool

-- | Check the whole certificate chain without stopping at the first
--   failure. Allow gathering a exhaustive list of failure reasons. if this
--   is turn off, it's absolutely not safe to ignore a failed reason even
--   it doesn't look serious (e.g. Expired) as other more serious checks
--   would not have been performed.
[checkExhaustive] :: ValidationChecks -> Bool

-- | Check that the leaf certificate is version 3. If disable, version 2
--   certificate is authorized in leaf position and key usage cannot be
--   checked.
[checkLeafV3] :: ValidationChecks -> Bool

-- | Check that the leaf certificate is authorized to be used for certain
--   usage. If set to empty list no check are performed, otherwise all the
--   flags is the list need to exists in the key usage extension. If the
--   extension is not present, the check will pass and behave as if the
--   certificate key is not restricted to any specific usage.
[checkLeafKeyUsage] :: ValidationChecks -> [ExtKeyUsageFlag]

-- | Check that the leaf certificate is authorized to be used for certain
--   purpose. If set to empty list no check are performed, otherwise all
--   the flags is the list need to exists in the extended key usage
--   extension if present. If the extension is not present, then the check
--   will pass and behave as if the certificate is not restricted to any
--   specific purpose.
[checkLeafKeyPurpose] :: ValidationChecks -> [ExtKeyUsagePurpose]

-- | Check the top certificate names matching the fully qualified hostname
--   (FQHN). it's not recommended to turn this check off, if no other name
--   checks are performed.
[checkFQHN] :: ValidationChecks -> Bool

-- | A set of hooks to manipulate the way the verification works.
--   
--   BEWARE, it's easy to change behavior leading to compromised security.
data ValidationHooks :: *
ValidationHooks :: (DistinguishedName -> Certificate -> Bool) -> (DateTime -> Certificate -> [FailedReason]) -> (HostName -> Certificate -> [FailedReason]) -> ([FailedReason] -> [FailedReason]) -> ValidationHooks

-- | check the the issuer <a>DistinguishedName</a> match the subject
--   <a>DistinguishedName</a> of a certificate.
[hookMatchSubjectIssuer] :: ValidationHooks -> DistinguishedName -> Certificate -> Bool

-- | validate that the parametrized time valide with the certificate in
--   argument
[hookValidateTime] :: ValidationHooks -> DateTime -> Certificate -> [FailedReason]

-- | validate the certificate leaf name with the DNS named used to connect
[hookValidateName] :: ValidationHooks -> HostName -> Certificate -> [FailedReason]

-- | user filter to modify the list of failure reasons
[hookFilterReason] :: ValidationHooks -> [FailedReason] -> [FailedReason]

-- | All the callbacks needed for querying and adding to the cache.
data ValidationCache :: *
ValidationCache :: ValidationCacheQueryCallback -> ValidationCacheAddCallback -> ValidationCache

-- | cache querying callback
[cacheQuery] :: ValidationCache -> ValidationCacheQueryCallback

-- | cache adding callback
[cacheAdd] :: ValidationCache -> ValidationCacheAddCallback

-- | The result of a cache query
data ValidationCacheResult :: *

-- | cache allow this fingerprint to go through
ValidationCachePass :: ValidationCacheResult

-- | cache denied this fingerprint for further validation
ValidationCacheDenied :: String -> ValidationCacheResult

-- | unknown fingerprint in cache
ValidationCacheUnknown :: ValidationCacheResult

-- | create a simple constant cache that list exceptions to the
--   certification validation. Typically this is use to allow self-signed
--   certificates for specific use, with out-of-bounds user checks.
--   
--   No fingerprints will be added after the instance is created.
--   
--   The underlying structure for the check is kept as a list, as usually
--   the exception list will be short, but when the list go above a dozen
--   exceptions it's recommended to use another cache mechanism with a
--   faster lookup mechanism (hashtable, map, etc).
--   
--   Note that only one fingerprint is allowed per ServiceID, for other
--   use, another cache mechanism need to be use.
exceptionValidationCache :: [(ServiceID, Fingerprint)] -> ValidationCache


module Network.TLS.Extra.Cipher

-- | all encrypted ciphers supported ordered from strong to weak. this
--   choice of ciphersuite should satisfy most normal need
ciphersuite_all :: [Cipher]

-- | list of medium ciphers.
ciphersuite_medium :: [Cipher]

-- | the strongest ciphers supported.
ciphersuite_strong :: [Cipher]

-- | all unencrypted ciphers, do not use on insecure network.
ciphersuite_unencrypted :: [Cipher]

-- | DHE-RSA cipher suite
ciphersuite_dhe_rsa :: [Cipher]
ciphersuite_dhe_dss :: [Cipher]

-- | unencrypted cipher using RSA for key exchange and SHA1 for digest
cipher_null_SHA1 :: Cipher

-- | unencrypted cipher using RSA for key exchange and MD5 for digest
cipher_null_MD5 :: Cipher

-- | RC4 cipher, RSA key exchange and MD5 for digest
cipher_RC4_128_MD5 :: Cipher

-- | RC4 cipher, RSA key exchange and SHA1 for digest
cipher_RC4_128_SHA1 :: Cipher

-- | AES cipher (128 bit key), RSA key exchange and SHA1 for digest
cipher_AES128_SHA1 :: Cipher

-- | AES cipher (256 bit key), RSA key exchange and SHA1 for digest
cipher_AES256_SHA1 :: Cipher

-- | AES cipher (128 bit key), RSA key exchange and SHA256 for digest
cipher_AES128_SHA256 :: Cipher

-- | AES cipher (256 bit key), RSA key exchange and SHA256 for digest
cipher_AES256_SHA256 :: Cipher

-- | 3DES cipher (168 bit key), RSA key exchange and SHA1 for digest
cipher_RSA_3DES_EDE_CBC_SHA1 :: Cipher

-- | AES cipher (128 bit key), DHE key exchanged signed by RSA and SHA1 for
--   digest
cipher_DHE_RSA_AES128_SHA1 :: Cipher

-- | AES cipher (256 bit key), DHE key exchanged signed by RSA and SHA1 for
--   digest
cipher_DHE_RSA_AES256_SHA1 :: Cipher
cipher_DHE_RSA_AES128_SHA256 :: Cipher
cipher_DHE_RSA_AES256_SHA256 :: Cipher

-- | AES cipher (128 bit key), DHE key exchanged signed by DSA and SHA1 for
--   digest
cipher_DHE_DSS_AES128_SHA1 :: Cipher

-- | AES cipher (256 bit key), DHE key exchanged signed by DSA and SHA1 for
--   digest
cipher_DHE_DSS_AES256_SHA1 :: Cipher
cipher_DHE_DSS_RC4_SHA1 :: Cipher
cipher_DHE_RSA_AES128GCM_SHA256 :: Cipher
cipher_ECDHE_RSA_AES128GCM_SHA256 :: Cipher
cipher_ECDHE_RSA_AES256GCM_SHA384 :: Cipher
cipher_ECDHE_RSA_AES128CBC_SHA256 :: Cipher
cipher_ECDHE_RSA_AES128CBC_SHA :: Cipher
cipher_ECDHE_RSA_AES256CBC_SHA :: Cipher
cipher_ECDHE_RSA_AES256CBC_SHA384 :: Cipher
cipher_ECDHE_ECDSA_AES128GCM_SHA256 :: Cipher


-- | default values and ciphers
module Network.TLS.Extra

APT Browse - Built by Thomas Orozco.