commsec-keyexchange-0.3.3: Key agreement for commsec.

Safe HaskellNone
LanguageHaskell98

Network.CommSec.KeyExchange

Description

This module provides an authenticated key exchange using the station to station protocol and RSA signatures for authentication.

For example, after presharing ssh keys generated using ssh-keygen:

 import Crypto.PubKey.OpenSsh
 import qualified Data.ByteString as B
 import Network.CommSec.KeyExchange

 main = do
     -- Step 1: (not shown) get file paths, host, and port somehow.
     -- Step 2: Read in the keys
     OpenSshPrivateKeyRsa priv (either error id . (x - decodePrivate x)) fmap B.readFile myPrivateKeyFile
     OpenSshPublicKeyRsa them _ <- (either error id . decodePublic) fmap B.readFile theirPublicKeyFile

     -- Step 3: Listen for and accept a connection (or connect to the listener)
     if listener
         then accept host port them priv
         else connect host port them priv

Synopsis

Documentation

connect :: HostName -> PortNumber -> [PublicKey] -> PrivateKey -> IO (PublicKey, Connection) Source

Connect to the specified host and port, establishing a secure, authenticated connection with a party holding the public key.

accept :: PortNumber -> [PublicKey] -> PrivateKey -> Maybe HostName -> IO (PublicKey, Connection) Source

Listen for and accept a connection on the host and port, establishing a secure, authenticated connection with a party holding the specified public key.

send :: Connection -> ByteString -> IO ()

Send a datagram, first encrypting it, using the given secure connection.

data Connection :: *

A connection is a secure bidirectional communication channel.

Constructors

Conn 

Fields

inCtx :: MVar InContext
 
outCtx :: MVar OutContext
 
socket :: Socket
 
socketAddr :: SockAddr

address of remote

close :: Connection -> IO ()

Close a connection

type HostName = String

Either a host name e.g., "haskell.org" or a numeric host address string consisting of a dotted decimal IPv4 address or an IPv6 address e.g., "192.168.0.1".