-- Hoogle documentation, generated by Haddock -- See Hoogle, http://www.haskell.org/hoogle/ -- | TLS/SSL protocol native implementation (Server and Client) -- -- native TLS protocol implementation, focusing on purity and more -- type-checking. -- -- Currently implement the SSL3.0, TLS1.0 and TLS1.1 protocol. Not yet -- properly secure and missing some features. Do not yet use as -- replacement to more mature implementation. -- -- only RSA supported as Key exchange for now. @package tls @version 0.6.2 module Network.TLS data TLSParams TLSParams :: Version -> [Version] -> [Cipher] -> [Compression] -> Bool -> [(X509, Maybe PrivateKey)] -> TLSLogging -> ([X509] -> IO Bool) -> TLSParams -- | version to use on client connection. pConnectVersion :: TLSParams -> Version -- | allowed versions that we can use. pAllowedVersions :: TLSParams -> [Version] -- | all ciphers supported ordered by priority. pCiphers :: TLSParams -> [Cipher] -- | all compression supported ordered by priority. pCompressions :: TLSParams -> [Compression] -- | request a certificate from client. use by server only. pWantClientCert :: TLSParams -> Bool -- | the cert chain for this context with the associated keys if any. pCertificates :: TLSParams -> [(X509, Maybe PrivateKey)] -- | callback for logging pLogging :: TLSParams -> TLSLogging -- | callback to verify received cert chain. onCertificatesRecv :: TLSParams -> ([X509] -> IO Bool) data TLSLogging TLSLogging :: (String -> IO ()) -> (String -> IO ()) -> (Bytes -> IO ()) -> (Header -> Bytes -> IO ()) -> TLSLogging loggingPacketSent :: TLSLogging -> String -> IO () loggingPacketRecv :: TLSLogging -> String -> IO () loggingIOSent :: TLSLogging -> Bytes -> IO () loggingIORecv :: TLSLogging -> Header -> Bytes -> IO () defaultParams :: TLSParams defaultLogging :: TLSLogging -- | A TLS Context is a handle augmented by tls specific state and -- parameters data TLSCtx -- | return the handle associated with this context ctxHandle :: TLSCtx -> Handle -- | Create a new Client context with a configuration, a RNG, and a Handle. -- It reconfigures the handle buffermode to noBuffering client :: (MonadIO m, CryptoRandomGen g) => TLSParams -> g -> Handle -> m TLSCtx -- | Create a new Server context with a configuration, a RNG, and a Handle. -- It reconfigures the handle buffermode to noBuffering server :: (MonadIO m, CryptoRandomGen g) => TLSParams -> g -> Handle -> m TLSCtx -- | notify the context that this side wants to close connection. this is -- important that it is called before closing the handle, otherwise the -- session might not be resumable (for version < TLS1.2). -- -- this doesn't actually close the handle bye :: MonadIO m => TLSCtx -> m () -- | Handshake for a new TLS connection This is to be called at the -- beginning of a connection, and during renegociation handshake :: MonadIO m => TLSCtx -> m () -- | sendData sends a bunch of data. It will automatically chunk data to -- acceptable packet size sendData :: MonadIO m => TLSCtx -> ByteString -> m () -- | recvData get data out of Data packet, and automatically renegociate if -- a Handshake ClientHello is received recvData :: MonadIO m => TLSCtx -> m ByteString data PrivateKey PrivRSA :: PrivateKey -> PrivateKey -- | Compression algorithm data Compression -- | default null compression nullCompression :: Compression -- | Cipher algorithm data Cipher -- | Versions known to TLS -- -- SSL2 is just defined, but this version is and will not be supported. -- -- TLS12 is not yet supported data Version SSL2 :: Version SSL3 :: Version TLS10 :: Version TLS11 :: Version TLS12 :: Version -- | TLSError that might be returned through the TLS stack data TLSError Error_Misc :: String -> TLSError Error_Certificate :: String -> TLSError Error_Random :: String -> TLSError Error_Digest :: ([Word8], [Word8]) -> TLSError Error_Packet :: String -> TLSError Error_Packet_Size_Mismatch :: (Int, Int) -> TLSError Error_Packet_unexpected :: String -> String -> TLSError Error_Packet_Parsing :: String -> TLSError Error_Internal_Packet_ByteProcessed :: Int -> Int -> Int -> TLSError Error_Unknown_Version :: Word8 -> Word8 -> TLSError Error_Unknown_Type :: String -> TLSError