~b      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`a Safe-Infered bcdefghij bcdefghij bcdefghijunknown experimental#Vincent Hanquez <vincent@snarc.org> Safe-Inferedk(record some data about this connection. l%number of handshakes on this context m$bytes received since last handshake n bytes sent since last handshake kolmnpqrst kolmnpqrstkolmnpqrstunknown experimental#Vincent Hanquez <vincent@snarc.org> Safe-InferedBevery compression need to be wrapped in this, to fit in structure ?supported compression algorithms need to be part of this class u,return the associated ID for this algorithm vRdeflate (compress) a bytestring using a compression context and return the result ) along with the new compression context. wTinflate (decompress) a bytestring using a compression context and return the result $ along the new compression context. xTintersect a list of ids commonly given by the other side with a list of compression ^ the function keeps the list of compression in order, to be able to find quickly the prefered  compression. default null compression uvwxyz uvwx uvwxyz Safe-Infered{|}~{|}~{|}~unknown experimental#Vincent Hanquez <vincent@snarc.org> Safe-Inferedprime modulus  generator public value (g^X mod p) Cdeprecated alert, should never be sent by compliant implementation 6TLSError that might be returned through the TLS stack handshake policy failed. mainly for instance of Error Versions known to TLS ESSL2 is just defined, but this version is and will not be supported.    !"       !"   ,       "!    unknown experimental#Vincent Hanquez <vincent@snarc.org> Safe-Infered#Cipher algorithm )#$%&'()* !+,-./01"#$%&'()*+,-./0123456'#$%&'()* !+,-./01"#$%&'()*+,-./01234 #$%&'()* !+,-./01" ,+*)('&%$#-0/.123456unknown experimental#Vincent Hanquez <vincent@snarc.org> Safe-Infered787878 unknown experimental#Vincent Hanquez <vincent@snarc.org> Safe-Infered9:;<=>?@ABCDEFGHIJKLMNOPQRS9:;<=>?@ABCDEFGHIJK9:;<=>?@ABCDEFGHIJK unknown experimental#Vincent Hanquez <vincent@snarc.org> Safe-InferedTcurrent protocol version Ucurrent key exchange type VWTUXYZ[\]^_`abcdefghijklmVWTUXYZ[\]^_`abcdefghijklmVWTUXYZ[\]^_`abcdefghijklm  Safe-Inferedn This is a strict version of and oThis is a strict version of &&. p&verify that 2 bytestrings are equals.  it'5s a non lazy version, that will compare every bytes. % arguments need to be of same length qrstunopqrstunopqrstunop unknown experimental#Vincent Hanquez <vincent@snarc.org>NoneJvwxyz{|}~Gvwxyz{|}~*vwxyz{|}~ unknown experimental#Vincent Hanquez <vincent@snarc.org> Safe-Infered2IA TLS Context is a handle augmented by tls specific state and parameters 3:return the connection object associated with this context 44Certificate Usage callback possible returns values. 5usage of certificate rejected 6usage of certificate accepted 7'Certificate and Chain rejection reason >%version to use on client connection. ?"allowed versions that we can use. @+all ciphers supported ordered by priority. A/all compression supported ordered by priority. B#request a certificate from client.  use by server only. EAthe cert chain for this context with the associated keys if any. Fcallback for logging G%callback on a beggining of handshake H(callback to verify received cert chain. I,callback to maybe resume session on server. J,callback when session have been established K.callback when session is invalidated by error L2try to establish a connection using this session. 523456789:;<=>?@ABCDEFGHIJKLMNOPQRST>kolmn 23456789:;<=>?@ABCDEFGHIJKLMNOPQRST234657;:98<=>?@ABCDEFGHIJKLMNOPQRSTunknown experimental#Vincent Hanquez <vincent@snarc.org> Safe-InferedRepresent a TLS record. Yturn a plaintext record into a compressed record using the compression function supplied Uturn a compressed record into a ciphertext record using the cipher function supplied Yturn a ciphertext fragment into a compressed fragment using the cipher function supplied _turn a compressed fragment into a plaintext fragment using the decompression function supplied 'turn a record into an header and bytes +turn a header and a fragment into a record turn a record into a header unknown experimental#Vincent Hanquez <vincent@snarc.org> Safe-Inferedunknown experimental#Vincent Hanquez <vincent@snarc.org> Safe-Inferedunknown experimental#Vincent Hanquez <vincent@snarc.org> Safe-Inferedunknown experimental#Vincent Hanquez <vincent@snarc.org> Safe-Inferedunknown experimental#Vincent Hanquez <vincent@snarc.org> Safe-Inferedunknown experimental#Vincent Hanquez <vincent@snarc.org> Safe-Infered 7receive one packet from the context that contains 1 or C many messages (many only in case of handshake). if will returns a 3 TLSError if the packet is unexpected or malformed Send one packet to the context YlCreate a new Client context with a configuration, a RNG, a generic connection and the connection operation. ZGCreate a new Client context with a configuration, a RNG, and a Handle.  It reconfigures the handle's  to  NoBuffering. [lCreate a new Server context with a configuration, a RNG, a generic connection and the connection operation. \GCreate a new Server context with a configuration, a RNG, and a Handle.  It reconfigures the handle's  to  NoBuffering. ]=notify the context that this side wants to close connection. J this is important that it is called before closing the handle, otherwise 1 the session might not be resumable (for version < TLS1.2).  this doesn't actually close the handle ^#Handshake for a new TLS connection Q This is to be called at the beginning of a connection, and during renegotiation _ sendData sends a bunch of data. < It will automatically chunk data to acceptable packet size `GrecvData get data out of Data packet, and automatically renegotiate if % a Handshake ClientHello is received UVWXY#Parameters to use for this context #Random number generator associated An abstract connection type 1A method for the connection buffer to be flushed 2A method for sending bytes through the connection 4A method for receiving bytes through the connection Z#parameters to use for this context 4random number generator associated with the context handle to use [\]^_`aUVWXYZ[\]^_`aUVWXYZ[\]^_`aunknown experimental#Vincent Hanquez <vincent@snarc.org> Safe-Infered    !"   VWTUXYZ[\]^_`abcdefghijklmunknown experimental#Vincent Hanquez <vincent@snarc.org> Safe-Inferedb  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ac<=>?@ABCDEFGHIJKLMNOPQR4657;:98TS 233Z\Y[]^_`a#$%&'()*+,-./01"! WXUV  !"#$%&'()*+,-./01234567899:;<=>?@@ABCDE F G H I J K L M N O P P Q R S T U V W X Y Z [ \ ] ^ _ ` ` a b c d e fgghhijklmnopqrstuvwxyz{|}~{      !"##$%&'()*+,-./0123456789:;<= > ? @ A B C D E F G H I J K L M N O PQRSQRTQRUQRVQRWQXYQXZQX[ \ ] ^ ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ ~                                                                                          tls-0.9.9 Network.TLSNetwork.TLS.MACNetwork.TLS.MeasurementNetwork.TLS.CompressionNetwork.TLS.CryptoNetwork.TLS.StructNetwork.TLS.CipherNetwork.TLS.CapNetwork.TLS.WireNetwork.TLS.PacketNetwork.TLS.UtilNetwork.TLS.StateNetwork.TLS.ContextNetwork.TLS.Record.TypesNetwork.TLS.Record.EngageNetwork.TLS.Record.DisengageNetwork.TLS.RecordNetwork.TLS.ReceivingNetwork.TLS.SendingNetwork.TLS.Core System.IO BufferModeNetwork.TLS.Internal Compression CompressionCcompressionCIDcompressionCDeflatecompressionCInflatenullCompression PrivateKeyPrivRSA SessionDatasessionVersion sessionCipher sessionSecret SessionIDTLSErrorError_Unknown_TypeError_Unknown_Version#Error_Internal_Packet_ByteProcessedError_Packet_ParsingError_Packet_unexpectedError_Packet_Size_Mismatch Error_Packet Error_EOF Error_RandomError_HandshakePolicyError_CertificateError_Protocol Error_MiscVersionTLS12TLS11TLS10SSL3SSL2CiphercipherID cipherName cipherHash cipherBulkcipherKeyExchange cipherMinVerBulkbulkName bulkKeySize bulkIVSize bulkBlockSizebulkFTLSCtx ctxConnectionTLSCertificateUsageCertificateUsageRejectCertificateUsageAcceptTLSCertificateRejectReasonCertificateRejectOtherCertificateRejectUnknownCACertificateRejectRevokedCertificateRejectExpired TLSParamspConnectVersionpAllowedVersionspCiphers pCompressionspWantClientCertpUseSecureRenegotiation pUseSession pCertificatespLogging onHandshakeonCertificatesRecvonSessionResumptiononSessionEstablishedonSessionInvalidatedsessionResumeWith TLSLoggingloggingPacketSentloggingPacketRecv loggingIOSent loggingIORecvdefaultLogging defaultParamsConnectionNotEstablishedHandshakeFailed clientWithclient serverWithserverbye handshakesendDatarecvData recvData'macSSLhmachmacMD5hmacSHA1 hmacSHA256prf_SHA1prf_MD5 prf_MD5SHA1 prf_SHA256 Measurement nbHandshakes bytesReceived bytesSentnewMeasurementaddBytesReceived addBytesSentresetBytesCountersincrementNbHandshakes compressionIDcompressionDeflatecompressionInflatecompressionIntersectID$fCompressionCNullCompression$fShowCompressionHashCtxKxErrorRSAError PublicKeyPubRSAhashInit hashUpdate hashUpdateSSL hashFinal hashMD5SHA1 hashSHA256 kxEncrypt kxDecrypt$fHashCtxCHashSHA256$fHashCtxCHashMD5SHA1 $fShowHashCtx$fShowPrivateKey$fShowPublicKeydh_pdh_gdh_YsDecryptionFailed TypeValuable valOfType valToType HandshakeFinished CertVerify CertRequest ServerKeyXchg ClientKeyXchgServerHelloDone HelloRequest Certificates ServerHello ClientHelloServerKeyXchgAlgorithmData SKX_Unknown SKX_DH_RSA SKX_DH_DSSSKX_RSA SKX_DHE_RSA SKX_DHE_DSS SKX_DH_AnonServerRSAParams rsa_modulus rsa_exponentServerDHParams HandshakeTypeHandshakeType_FinishedHandshakeType_ClientKeyXchgHandshakeType_CertVerifyHandshakeType_ServerHelloDoneHandshakeType_CertRequestHandshakeType_ServerKeyXchgHandshakeType_CertificateHandshakeType_ServerHelloHandshakeType_ClientHelloHandshakeType_HelloRequestAlertDescriptionNoRenegotiation UserCanceled InternalErrorInsufficientSecurityProtocolVersionExportRestriction DecryptError DecodeError AccessDenied UnknownCaIllegalParameterCertificateUnknownCertificateExpiredCertificateRevokedUnsupportedCertificateBadCertificateHandshakeFailureDecompressionFailureRecordOverflow BadRecordMacUnexpectedMessage CloseNotify AlertLevelAlertLevel_FatalAlertLevel_Warning Extension FinishedDataSession ClientRandom ServerRandomHeaderPacketAppDataChangeCipherSpecAlert ProtocolTypeProtocolType_AppDataProtocolType_HandshakeProtocolType_AlertProtocolType_ChangeCipherSpecSignatureAlgorithmSignatureOtherSignatureECDSA SignatureDSS SignatureRSASignatureAnonymous HashAlgorithm HashOther HashSHA512 HashSHA384 HashSHA256 HashSHA224HashSHA1HashMD5HashNoneCertificateTypeCertificateType_UnknownCertificateType_fortezza_dms CertificateType_DSS_Ephemeral_DH CertificateType_RSA_Ephemeral_DHCertificateType_DSS_Fixed_DHCertificateType_RSA_Fixed_DHCertificateType_DSS_SignCertificateType_RSA_Sign CipherDatacipherDataContent cipherDataMACcipherDataPadding CipherType CipherAEAD CipherBlock CipherStream ConnectionEndConnectionClientConnectionServerBytes serverRandom clientRandom packetTypetypeOfHandshake numericalVerverOfNum $fTypeValuableSignatureAlgorithm$fTypeValuableHashAlgorithm$fTypeValuableCertificateType$fTypeValuableAlertDescription$fTypeValuableAlertLevel$fTypeValuableHandshakeType$fTypeValuableProtocolType$fTypeValuableCipherType$fTypeValuableConnectionEnd$fExceptionTLSError$fErrorTLSErrorHashhashNamehashSizehashFCipherKeyExchangeTypeCipherKeyExchange_ECDHE_ECDSACipherKeyExchange_ECDH_RSACipherKeyExchange_ECDH_ECDSACipherKeyExchange_DH_RSACipherKeyExchange_DH_DSSCipherKeyExchange_DHE_DSSCipherKeyExchange_ECDHE_RSACipherKeyExchange_DHE_RSACipherKeyExchange_DH_AnonCipherKeyExchange_RSA BulkFunctions BulkStreamF BulkBlockF BulkNoneFIVKeycipherKeyBlockSizecipherExchangeNeedMoreData $fEqCipher $fShowCipherhasHelloExtensionshasExplicitBlockIVrunGet getWords8 getWord16 getWords16 getWord24 getOpaque8 getOpaque16 getOpaque24 processBytes putWords8 putWord16 putWords16 putWord24putBytes putOpaque8 putOpaque16 putOpaque24 encodeWord16 encodeWord64cereal-0.3.5.2Data.Serialize.GetgetWord8getBytesisEmpty remainingGetData.Serialize.PutputWord8runPutPutcParamsVersioncParamsKeyXchgType CurrentParams decodeHeader encodeHeaderencodeHeaderNoVer decodeAlert decodeAlerts encodeAlertsdecodeHandshakesdecodeHandshakeencodeHandshakeencodeHandshakesencodeHandshakeHeaderencodeHandshakeContentdecodeChangeCipherSpecencodeChangeCipherSpecdecodeExtSecureRenegotiationencodeExtSecureRenegotiationdecodePreMasterSecretencodePreMasterSecretgenerateMasterSecretgenerateKeyBlockgenerateClientFinishedgenerateServerFinishedand'&&!bytesEqsubtakelast partition3 partition6fromJustTLSStTLSStatestClientContext stVersion stHandshake stSessionstSessionResuming stTxEncrypted stRxEncryptedstTxCryptStatestRxCryptState stTxMacState stRxMacStatestCipher stCompression stRandomGenstSecureRenegotiationstClientVerifiedDatastServerVerifiedDataTLSHandshakeStatehstClientVersionhstClientRandomhstServerRandomhstMasterSecrethstRSAPublicKeyhstRSAPrivateKeyhstHandshakeDigest TLSMacState msSequence TLSCryptStatecstKeycstIV cstMacSecretassert runTLSState newTLSState withTLSRNGwithCompression genTLSRandom makeDigestupdateVerifiedDatafinishHandshakeTypeMaterialfinishHandshakeMaterialswitchTxEncryptionswitchRxEncryptionsetServerRandomsetMasterSecretsetMasterSecretFromPre setPublicKey setPrivateKeygetSessionData setSession getSessionisSessionResumingneedEmptyPacket setKeyBlock setCipher setVersionsetSecureRenegotiationgetSecureRenegotiationgetCipherKeyExchangeTypegetVerifiedDataisClientContextstartHandshakeClientupdateHandshakeDigestgetHandshakeDigest endHandshake$fMonadStateTLSStateTLSSt$fFunctorTLSSt$fShowStateRNG ctxParams updateMeasure withMeasureconnectionFlushconnectionSendconnectionRecvctxEOFsetEOFctxEstablishedsetEstablished ctxLogging newCtxWithnewCtx throwCore usingState usingState_ getStateRNG$fShowTLSParamsRecordfragmentCompressfragmentCipherfragmentUncipherfragmentUncompress recordToRaw rawToRecordrecordToHeader Ciphertext Compressed PlaintextFragmentfragmentPlaintextfragmentCiphertextfragmentGetBytesonRecordFragment engageRecorddisengageRecord processPacketprocessHandshakeprocessServerHello writePacket encryptRSA recvPacket sendPacket#$fExceptionConnectionNotEstablished$fExceptionHandshakeFailed