Portability | unknown |
---|---|

Stability | experimental |

Maintainer | Vincent Hanquez <vincent@snarc.org> |

- ciphersuite_all :: [Cipher]
- ciphersuite_medium :: [Cipher]
- ciphersuite_strong :: [Cipher]
- ciphersuite_unencrypted :: [Cipher]
- cipher_null_null :: Cipher
- cipher_null_SHA1 :: Cipher
- cipher_null_MD5 :: Cipher
- cipher_RC4_128_MD5 :: Cipher
- cipher_RC4_128_SHA1 :: Cipher
- cipher_AES128_SHA1 :: Cipher
- cipher_AES256_SHA1 :: Cipher
- cipher_AES128_SHA256 :: Cipher
- cipher_AES256_SHA256 :: Cipher
- certificateVerifyChain :: [X509] -> IO Bool
- certificateVerify :: X509 -> X509 -> IO Bool

# Cipher related definition

# cipher suite

ciphersuite_all :: [Cipher]Source

all encrypted ciphers supported ordered from strong to weak. this choice of ciphersuite should satisfy most normal need

ciphersuite_medium :: [Cipher]Source

list of medium ciphers.

ciphersuite_strong :: [Cipher]Source

the strongest ciphers supported.

ciphersuite_unencrypted :: [Cipher]Source

all unencrypted ciphers, do not use on insecure network.

# individual ciphers

cipher_null_null :: CipherSource

this is not stricly a usable cipher; it's the initial cipher of a TLS connection

cipher_null_SHA1 :: CipherSource

unencrypted cipher using RSA for key exchange and SHA1 for digest

cipher_null_MD5 :: CipherSource

unencrypted cipher using RSA for key exchange and MD5 for digest

cipher_RC4_128_MD5 :: CipherSource

RC4 cipher, RSA key exchange and MD5 for digest

cipher_RC4_128_SHA1 :: CipherSource

RC4 cipher, RSA key exchange and SHA1 for digest

cipher_AES128_SHA1 :: CipherSource

AES cipher (128 bit key), RSA key exchange and SHA1 for digest

cipher_AES256_SHA1 :: CipherSource

AES cipher (256 bit key), RSA key exchange and SHA1 for digest

cipher_AES128_SHA256 :: CipherSource

AES cipher (128 bit key), RSA key exchange and SHA256 for digest

cipher_AES256_SHA256 :: CipherSource

AES cipher (256 bit key), RSA key exchange and SHA256 for digest

# Certificate helpers

certificateVerifyChain :: [X509] -> IO BoolSource

verify a certificates chain using the system certificates available.

each certificate of the list is verified against the next certificate, until it can be verified against a system certificate (system certificates are assumed as trusted)