\msN      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLM NOPQRSTUVWX OPQRSUVWX OPQRSUVWXunknown experimental#Vincent Hanquez <vincent@snarc.org> YZBevery compression need to be wrapped in this, to fit in structure ?supported compression algorithms need to be part of this class [,return the associated ID for this algorithm \Rdeflate (compress) a bytestring using a compression context and return the result ) along with the new compression context. ]Tinflate (decompress) a bytestring using a compression context and return the result $ along the new compression context. ^Tintersect a list of ids commonly given by the other side with a list of compression ^ the function keeps the list of compression in order, to be able to find quickly the prefered  compression. default null compression [\]^ [\]^_`abcdefghijklmnopqrstuvwxycdmnopqrstuvxycddmnnoppqrstuvxyunknown experimental#Vincent Hanquez <vincent@snarc.org>z{|}~prime modulus  generator public value (g^X mod p) Cdeprecated alert, should never be sent by compliant implementation 6TLSError that might be returned through the TLS stack mainly for instance of Error Versions known to TLS ESSL2 is just defined, but this version is and will not be supported. TLS12 is not yet supported z{|}~ z{|{|} ~~   unknown experimental#Vincent Hanquez <vincent@snarc.org>'Cipher algorithm  !"#$%&'()*     ' !"#$%&'()*     ' !"# !"#$%&'()*%&'()*           unknown experimental#Vincent Hanquez <vincent@snarc.org>unknown experimental#Vincent Hanquez <vincent@snarc.org>  !"#$%&'()*+,-./0 !"#$%&'(  !"#$%&'( unknown experimental#Vincent Hanquez <vincent@snarc.org>D1234current protocol version 5current key exchange type 6789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrst2345<=>?@ACDTUVWghijmpst2345345<=>?@ACDTUVWghijmpst uvwxyz This is a strict version of and {This is a strict version of &&. |&verify that 2 bytestrings are equals.  it'5s a non lazy version, that will compare every bytes. % arguments need to be of same length uvwxyz{|uvwxyz{| unknown experimental#Vincent Hanquez <vincent@snarc.org>^}~U}U}  unknown experimental#Vincent Hanquez <vincent@snarc.org>Represent a TLS record. Yturn a plaintext record into a compressed record using the compression function supplied Uturn a compressed record into a ciphertext record using the cipher function supplied Yturn a ciphertext fragment into a compressed fragment using the cipher function supplied _turn a compressed fragment into a plaintext fragment using the decompression function supplied 'turn a record into an header and bytes +turn a header and a fragment into a record turn a record into a header  unknown experimental#Vincent Hanquez <vincent@snarc.org> unknown experimental#Vincent Hanquez <vincent@snarc.org> unknown experimental#Vincent Hanquez <vincent@snarc.org>A+IA TLS Context is a handle augmented by tls specific state and parameters ,:return the connection object associated with this context    is the handle has EOFed or not.    -./%version to use on client connection. 0"allowed versions that we can use. 1+all ciphers supported ordered by priority. 2/all compression supported ordered by priority. 3#request a certificate from client.  use by server only. 45Athe cert chain for this context with the associated keys if any. 6callback for logging 7(callback to verify received cert chain. 84Certificate Usage callback possible returns values. 9usage of certificate rejected :usage of certificate accepted ;'Certificate and Chain rejection reason <=>?@ABCDEFG7receive one packet from the context that contains 1 or C many messages (many only in case of handshake). if will returns a 3 TLSError if the packet is unexpected or malformed Send one packet to the context  lCreate a new Client context with a configuration, a RNG, a generic connection and the connection operation. HGCreate a new Client context with a configuration, a RNG, and a Handle. 6 It reconfigures the handle buffermode to noBuffering !lCreate a new Server context with a configuration, a RNG, a generic connection and the connection operation. IGCreate a new Server context with a configuration, a RNG, and a Handle. 6 It reconfigures the handle buffermode to noBuffering J=notify the context that this side wants to close connection. J this is important that it is called before closing the handle, otherwise 1 the session might not be resumable (for version < TLS1.2).  this doesn't actually close the handle "#$K#Handshake for a new TLS connection Q This is to be called at the beginning of a connection, and during renegociation L sendData sends a bunch of data. < It will automatically chunk data to acceptable packet size MGrecvData get data out of Data packet, and automatically renegociate if % a Handshake ClientHello is received (+,-./0123456789:;<=>?@ABCDEFG H!IJKLM(+,,- ./01234567./012345678:99:;?>=<<=>?@ABCDEABCDEFG H!IJKLMunknown experimental#Vincent Hanquez <vincent@snarc.org>z{|}~ 2345<=>?@ACDTUVWghijmpstunknown experimental#Vincent Hanquez <vincent@snarc.org>N  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMO-./01234567@ABCDE8:9;?>=<GF+,,HIJKLM !"#$%&'()*  % !"#$%&'()*+,,-./01233456789:;;<=>?@ABCDEFGHIJKLMMNOPQRSTUVWXYZ[\]^_`abcdeefghijjkkllmnopqrstuvwxyz{|}~j      !"#$%&'(&')&'*&'+&',&-.&-/&-0 1 2 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | | } ~ ~                                                                                                                         9      tls-0.8.2 Network.TLSNetwork.TLS.MACNetwork.TLS.CompressionNetwork.TLS.CryptoNetwork.TLS.StructNetwork.TLS.CipherNetwork.TLS.CapNetwork.TLS.WireNetwork.TLS.PacketNetwork.TLS.UtilNetwork.TLS.StateNetwork.TLS.RecordNetwork.TLS.ReceivingNetwork.TLS.SendingNetwork.TLS.CoreNetwork.TLS.Internal Compression CompressionCcompressionCIDcompressionCDeflatecompressionCInflatenullCompression PrivateKeyPrivRSATLSErrorError_Unknown_TypeError_Unknown_Version#Error_Internal_Packet_ByteProcessedError_Packet_ParsingError_Packet_unexpectedError_Packet_Size_Mismatch Error_Packet Error_EOF Error_RandomError_CertificateError_Protocol Error_MiscVersionTLS12TLS11TLS10SSL3SSL2CiphercipherID cipherName cipherHash cipherBulkcipherKeyExchange cipherMinVerBulkbulkName bulkKeySize bulkIVSize bulkBlockSizebulkFTLSCtx ctxConnection TLSParamspConnectVersionpAllowedVersionspCiphers pCompressionspWantClientCertpUseSecureRenegotiation pCertificatespLoggingonCertificatesRecvTLSCertificateUsageCertificateUsageRejectCertificateUsageAcceptTLSCertificateRejectReasonCertificateRejectOtherCertificateRejectUnknownCACertificateRejectRevokedCertificateRejectExpired TLSLoggingloggingPacketSentloggingPacketRecv loggingIOSent loggingIORecvdefaultLogging defaultParamsclientserverbye handshakesendDatarecvDataHMACmacSSLhmachmacMD5hmacSHA1 hmacSHA256hmacIterprf_SHA1prf_MD5 prf_MD5SHA1 prf_SHA256NullCompression compressionIDcompressionDeflatecompressionInflatecompressionIntersectID HashSHA256 HashMD5SHA1HashCtxHashCtxC hashCName hashCInit hashCUpdatehashCUpdateSSL hashCFinalKeyXchgKxRSAKxErrorRSAError PublicKeyPubRSAhashInit hashUpdate hashUpdateSSL hashFinal hashMD5SHA1 hashSHA256generalizeRSAError kxEncrypt kxDecrypt TypeValuable valOfType valToType HandshakeFinished CertVerify CertRequest ServerKeyXchg ClientKeyXchgServerHelloDone HelloRequest Certificates ServerHello ClientHelloServerKeyXchgAlgorithmData SKX_Unknown SKX_DH_RSA SKX_DH_DSSSKX_RSA SKX_DHE_RSA SKX_DHE_DSS SKX_DH_AnonServerRSAParams rsa_modulus rsa_exponentServerDHParamsdh_pdh_gdh_Ys HandshakeTypeHandshakeType_FinishedHandshakeType_ClientKeyXchgHandshakeType_CertVerifyHandshakeType_ServerHelloDoneHandshakeType_CertRequestHandshakeType_ServerKeyXchgHandshakeType_CertificateHandshakeType_ServerHelloHandshakeType_ClientHelloHandshakeType_HelloRequestAlertDescriptionNoRenegotiation UserCanceled InternalErrorInsufficientSecurityProtocolVersionExportRestriction DecryptError DecodeError AccessDenied UnknownCaIllegalParameterCertificateUnknownCertificateExpiredCertificateRevokedUnsupportedCertificateBadCertificateHandshakeFailureDecompressionFailureRecordOverflowDecryptionFailed BadRecordMacUnexpectedMessage CloseNotify AlertLevelAlertLevel_FatalAlertLevel_Warning Extension FinishedData CompressionIDCipherIDSession ClientKeyData ClientRandom ServerRandomHeaderPacketAppDataChangeCipherSpecAlert ProtocolTypeProtocolType_AppDataProtocolType_HandshakeProtocolType_AlertProtocolType_ChangeCipherSpecSignatureAlgorithmSignatureOtherSignatureECDSA SignatureDSS SignatureRSASignatureAnonymous HashAlgorithm HashOther HashSHA512 HashSHA384 HashSHA224HashSHA1HashMD5HashNoneCertificateTypeCertificateType_UnknownCertificateType_fortezza_dms CertificateType_DSS_Ephemeral_DH CertificateType_RSA_Ephemeral_DHCertificateType_DSS_Fixed_DHCertificateType_RSA_Fixed_DHCertificateType_DSS_SignCertificateType_RSA_Sign CipherDatacipherDataContent cipherDataMACcipherDataPadding CipherType CipherAEAD CipherBlock CipherStream ConnectionEndConnectionClientConnectionServerBytesconstrRandom32 serverRandom clientRandom packetTypetypeOfHandshake numericalVerverOfNumHashhashNamehashSizehashFCipherKeyExchangeTypeCipherKeyExchange_ECDHE_ECDSACipherKeyExchange_ECDH_RSACipherKeyExchange_ECDH_ECDSACipherKeyExchange_DH_RSACipherKeyExchange_DH_DSSCipherKeyExchange_DHE_DSSCipherKeyExchange_ECDHE_RSACipherKeyExchange_DHE_RSACipherKeyExchange_DH_AnonCipherKeyExchange_RSA BulkFunctions BulkStreamF BulkBlockF BulkNoneFIVKeycipherKeyBlockSizecipherExchangeNeedMoreDatahasHelloExtensionshasExplicitBlockIVrunGet getWords8 getWord16 getWords16 getWord24 processBytes putWords8 putWord16 putWords16 putWord24putBytes encodeWord64cereal-0.3.4.0Data.Serialize.GetgetWord8getBytesisEmpty remainingGetData.Serialize.PutputWord8runPutPutPRF CurrentParamscParamsVersioncParamsKeyXchgType runGetErr getVersion putVersion getHeaderType putHeaderTypegetHandshakeType decodeHeader encodeHeaderencodeHeaderNoVer decodeAlert decodeAlerts encodeAlertsdecodeHandshakeHeaderdecodeHandshakesdecodeHandshakedecodeHelloRequestdecodeClientHellodecodeServerHellodecodeServerHelloDonedecodeCertificatesdecodeFinishedgetSignatureHashAlgorithmgetSignatureHashAlgorithmsdecodeCertRequestdecodeCertVerifydecodeClientKeyXchgos2ipdecodeServerKeyXchg_DHdecodeServerKeyXchg_RSAdecodeServerKeyXchgencodeHandshakeencodeHandshakesencodeHandshakeHeaderencodeHandshakeContent getRandom32getServerRandom32getClientRandom32 putRandom32putClientRandom32putServerRandom32getClientKeyData46putClientKeyData46 getSession putSessiongetCertsputCert getExtensions putExtension putExtensionsdecodeChangeCipherSpecencodeChangeCipherSpecdecodeExtSecureRenegotiationencodeExtSecureRenegotiationgenerateMasterSecret_SSLgenerateMasterSecret_TLSgenerateMasterSecretgenerateKeyBlock_TLSgenerateKeyBlock_SSLgenerateKeyBlockgenerateFinished_TLSgenerateFinished_SSLgenerateClientFinishedgenerateServerFinishedsubtakelast partition3 partition6fromJustand'&&!bytesEqTLSStrunTLSStTLSStatestClientContext stVersionstStatus stHandshake stTxEncrypted stRxEncryptedstTxCryptStatestRxCryptState stTxMacState stRxMacStatestCipher stCompression stRandomGenstSecureRenegotiationstClientVerifiedDatastServerVerifiedDataStateRNGTLSHandshakeStatehstClientVersionhstClientRandomhstServerRandomhstMasterSecrethstRSAPublicKeyhstRSAPrivateKeyhstHandshakeDigest TLSMacState msSequence TLSCryptStatecstKeycstIV cstMacSecret TLSStatusStatusOkStatusHandshakeStatusHandshakeReq StatusInitHandshakeStatusHsStatusServerChangeCipherHsStatusClientFinishedHsStatusClientChangeCipherHsStatusClientCertificateVerifyHsStatusClientKeyXchgHsStatusClientCertificateHsStatusServerHelloDoneHsStatusServerCertificateReqHsStatusServerKeyXchgHsStatusServerCertificateHsStatusServerHelloHsStatusClientHelloassert runTLSState newTLSState withTLSRNGwithCompression genTLSRandom makeDigesthsStatusTransitionTable updateStatusupdateStatusHsupdateStatusCCupdateVerifiedDatafinishHandshakeTypeMaterialfinishHandshakeMaterialswitchTxEncryptionswitchRxEncryptionsetServerRandomsetMasterSecret setPublicKey setPrivateKey setKeyBlock setCipher setVersionsetSecureRenegotiationgetSecureRenegotiationgetCipherKeyExchangeTypegetVerifiedDataisClientContextnewEmptyHandshakestartHandshakeClienthasValidHandshakeupdateHandshakeupdateHandshakeDigestupdateHandshakeDigestSplittedgetHandshakeDigest endHandshake Ciphertext Compressed PlaintextFragmentRecordfragmentPlaintextfragmentCiphertextfragmentGetBytesonRecordFragment fragmentMapfragmentCompressfragmentCipherfragmentUncipherfragmentUncompress recordToRaw rawToRecordrecordToHeader returnEither readPacket checkState processPacketprocessHandshake decryptRSAprocessClientKeyXchgprocessClientFinisheduncompressContentdecryptContent getCipherData decryptDataprocessCertificates makeRecord processRecordcompressRecord encryptRecordpostprocessRecord encodeRecordpreProcessPacket writePacket encryptRSAencryptContent encryptDatawritePacketContent ctxParamsctxStatectxEOF_ctxConnectionFlushctxConnectionSendctxConnectionRecvconnectionFlushconnectionSendconnectionRecvctxEOF throwCore newCtxWithnewCtx ctxLogging usingState usingState_ getStateRNG whileStatus errorToAlertsetEOF readExact recvPacketrecvPacketSuccess sendPacket clientWith serverWithhandshakeClienthandshakeServerWithhandshakeServer