tls-extra-0.1.4: TLS extra default values and helpers

Portabilityunknown
Stabilityexperimental
MaintainerVincent Hanquez <vincent@snarc.org>

Network.TLS.Extra

Contents

Description

 

Synopsis

Cipher related definition

cipher suite

ciphersuite_all :: [Cipher]Source

all encrypted ciphers supported ordered from strong to weak. this choice of ciphersuite should satisfy most normal need

ciphersuite_medium :: [Cipher]Source

list of medium ciphers.

ciphersuite_strong :: [Cipher]Source

the strongest ciphers supported.

ciphersuite_unencrypted :: [Cipher]Source

all unencrypted ciphers, do not use on insecure network.

individual ciphers

cipher_null_null :: CipherSource

this is not stricly a usable cipher; it's the initial cipher of a TLS connection

cipher_null_SHA1 :: CipherSource

unencrypted cipher using RSA for key exchange and SHA1 for digest

cipher_null_MD5 :: CipherSource

unencrypted cipher using RSA for key exchange and MD5 for digest

cipher_RC4_128_MD5 :: CipherSource

RC4 cipher, RSA key exchange and MD5 for digest

cipher_RC4_128_SHA1 :: CipherSource

RC4 cipher, RSA key exchange and SHA1 for digest

cipher_AES128_SHA1 :: CipherSource

AES cipher (128 bit key), RSA key exchange and SHA1 for digest

cipher_AES256_SHA1 :: CipherSource

AES cipher (256 bit key), RSA key exchange and SHA1 for digest

cipher_AES128_SHA256 :: CipherSource

AES cipher (128 bit key), RSA key exchange and SHA256 for digest

cipher_AES256_SHA256 :: CipherSource

AES cipher (256 bit key), RSA key exchange and SHA256 for digest

Certificate helpers

certificateVerifyChain :: [X509] -> IO BoolSource

verify a certificates chain using the system certificates available.

each certificate of the list is verified against the next certificate, until it can be verified against a system certificate (system certificates are assumed as trusted)

certificateVerify :: X509 -> X509 -> IO BoolSource

verify a certificate against another one. the first certificate need to be signed by the second one for this function to succeed.