Portability | unknown |
---|---|
Stability | experimental |
Maintainer | Vincent Hanquez <vincent@snarc.org> |
- data TLSParams = TLSParams {
- pConnectVersion :: Version
- pAllowedVersions :: [Version]
- pCiphers :: [Cipher]
- pCompressions :: [Compression]
- pWantClientCert :: Bool
- pCertificates :: [(X509, Maybe PrivateKey)]
- onCertificatesRecv :: [X509] -> IO Bool
- defaultParams :: TLSParams
- data TLSCtx
- ctxHandle :: TLSCtx -> Handle
- client :: MonadIO m => TLSParams -> SRandomGen -> Handle -> m TLSCtx
- server :: MonadIO m => TLSParams -> SRandomGen -> Handle -> m TLSCtx
- bye :: MonadIO m => TLSCtx -> m ()
- handshake :: MonadIO m => TLSCtx -> m ()
- sendData :: MonadIO m => TLSCtx -> ByteString -> m ()
- recvData :: MonadIO m => TLSCtx -> m ByteString
- data PrivateKey = PrivRSA PrivateKey
- makeSRandomGen :: IO (Either GenError SRandomGen)
- data SRandomGen
- data Compression
- nullCompression :: Compression
- data Cipher
- cipher_null_null :: Cipher
- cipher_null_SHA1 :: Cipher
- cipher_null_MD5 :: Cipher
- cipher_RC4_128_MD5 :: Cipher
- cipher_RC4_128_SHA1 :: Cipher
- cipher_AES128_SHA1 :: Cipher
- cipher_AES256_SHA1 :: Cipher
- cipher_AES128_SHA256 :: Cipher
- cipher_AES256_SHA256 :: Cipher
- data Version
- data TLSError
- = Error_Misc String
- | Error_Certificate String
- | Error_Digest ([Word8], [Word8])
- | Error_Packet String
- | Error_Packet_Size_Mismatch (Int, Int)
- | Error_Packet_unexpected String String
- | Error_Internal_Packet_Remaining Int
- | Error_Internal_Packet_ByteProcessed Int Int Int
- | Error_Unknown_Version Word8 Word8
- | Error_Unknown_Type String
Context configuration
TLSParams | |
|
Context object
Creating a context
client :: MonadIO m => TLSParams -> SRandomGen -> Handle -> m TLSCtxSource
Create a new Client context with a configuration, a RNG, and a Handle. It reconfigures the handle buffermode to noBuffering
server :: MonadIO m => TLSParams -> SRandomGen -> Handle -> m TLSCtxSource
Create a new Server context with a configuration, a RNG, and a Handle. It reconfigures the handle buffermode to noBuffering
Initialisation and Termination of context
bye :: MonadIO m => TLSCtx -> m ()Source
notify the context that this side wants to close connection. this is important that it is called before closing the handle, otherwise the session might not be resumable (for version < TLS1.2).
this doesn't actually close the handle
handshake :: MonadIO m => TLSCtx -> m ()Source
Handshake for a new TLS connection This is to be called at the beginning of a connection, and during renegociation
High level API
sendData :: MonadIO m => TLSCtx -> ByteString -> m ()Source
sendData sends a bunch of data. It will automatically chunk data to acceptable packet size
recvData :: MonadIO m => TLSCtx -> m ByteStringSource
recvData get data out of Data packet, and automatically renegociate if a Handshake ClientHello is received
Crypto Key
Crypto RNG
makeSRandomGen :: IO (Either GenError SRandomGen)Source
initialize from system a new SrandomGen
data SRandomGen Source
An opaque object containing an AES CPRNG
Compressions & Predefined compressions
nullCompression :: CompressionSource
default null compression
Ciphers & Predefined ciphers
Versions
Versions known to TLS
SSL2 is just defined, but this version is and will not be supported.
TLS12 is not yet supported
Errors
TLSError that might be returned through the TLS stack
Eq TLSError | |
Show TLSError | |
Error TLSError | |
MonadError TLSError Get | |
MonadError TLSError TLSSt |