úÎ, *c     unknown experimental#Vincent Hanquez <vincent@snarc.org>Topen a TCP client connection to a destination and port description (number or name) unknown experimental#Vincent Hanquez <vincent@snarc.org> 6combine many certificates checking function together. Q if one check fail, the whole sequence of checking is cuted short and return the  reject reason. Everify a certificates chain using the system certificates available. Meach certificate of the list is verified against the next certificate, until ^ it can be verified against a system certificate (system certificates are assumed as trusted) [This helper only check that the chain of certificate is valid, which means that each items \ received are signed by the next one, or by a system certificate. Some extra checks need to ] be done at the user level so that the certificate chain received make sense in the context. ]for example for HTTP, the user should typically verify the certificate subject match the URL  of connection. VTODO: verify validity, check revocation list if any, add optional user output to know  the rejection reason. *verify a certificate against another one. Y the first certificate need to be signed by the second one for this function to succeed. ,returns if this certificate is self signed. _Verify that the given certificate chain is application to the given fully qualified host name. WVerify certificate validity period that need to between the bounds of the certificate. ( TODO: maybe should verify whole chain. Dhash the certificate signing data using the supplied hash function. unknown experimental#Vincent Hanquez <vincent@snarc.org>=all encrypted ciphers supported ordered from strong to weak. < this choice of ciphersuite should satisfy most normal need list of medium ciphers. !the strongest ciphers supported. 9all unencrypted ciphers, do not use on insecure network. 'this is not stricly a usable cipher; it')s the initial cipher of a TLS connection Aunencrypted cipher using RSA for key exchange and MD5 for digest Bunencrypted cipher using RSA for key exchange and SHA1 for digest 0RC4 cipher, RSA key exchange and MD5 for digest 1RC4 cipher, RSA key exchange and SHA1 for digest ?AES cipher (128 bit key), RSA key exchange and SHA1 for digest ?AES cipher (256 bit key), RSA key exchange and SHA1 for digest AAES cipher (128 bit key), RSA key exchange and SHA256 for digest AAES cipher (256 bit key), RSA key exchange and SHA256 for digest    unknown experimental#Vincent Hanquez <vincent@snarc.org>          !"#$%&'tls-extra-0.3.1Network.TLS.ExtraNetwork.TLS.Extra.ThreadNetwork.TLS.Extra.CompressionNetwork.TLS.Extra.ConnectionNetwork.TLS.Extra.CertificateNetwork.TLS.Extra.CipherconnectionClientcertificateCheckscertificateVerifyChaincertificateVerifyAgainstcertificateSelfSignedcertificateVerifyDomaincertificateVerifyValiditycertificateFingerprintciphersuite_allciphersuite_mediumciphersuite_strongciphersuite_unencryptedcipher_null_nullcipher_null_MD5cipher_null_SHA1cipher_RC4_128_MD5cipher_RC4_128_SHA1cipher_AES128_SHA1cipher_AES256_SHA1cipher_AES128_SHA256cipher_AES256_SHA256 certMatchDNverifyFaes128_cbc_encryptaes128_cbc_decryptaes256_cbc_encryptaes256_cbc_decrypttoIVtoCtx initF_rc4 encryptF_rc4 decryptF_rc4