Hello community, here is the log from the commit of package ghc-tls for openSUSE:Factory checked in at 2016-05-12 09:34:09 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ghc-tls (Old) and /work/SRC/openSUSE:Factory/.ghc-tls.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ghc-tls" Changes: -------- --- /work/SRC/openSUSE:Factory/ghc-tls/ghc-tls.changes 2016-04-30 23:30:42.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.ghc-tls.new/ghc-tls.changes 2016-05-12 09:34:10.000000000 +0200 @@ -1,0 +2,13 @@ +Wed May 11 15:35:33 UTC 2016 - mimi...@gmail.com + +- update to 1.3.7 +* Disable SHA384 based cipher, as they don't work properly yet. + +------------------------------------------------------------------- +Sun May 8 11:22:31 UTC 2016 - mimi...@gmail.com + +- update to 1.3.6 +* Add new ciphers +* Improve some debugging and outputs + +------------------------------------------------------------------- Old: ---- tls-1.3.5.tar.gz New: ---- tls-1.3.7.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ghc-tls.spec ++++++ --- /var/tmp/diff_new_pack.B4HGvy/_old 2016-05-12 09:34:11.000000000 +0200 +++ /var/tmp/diff_new_pack.B4HGvy/_new 2016-05-12 09:34:11.000000000 +0200 @@ -21,7 +21,7 @@ %bcond_with tests Name: ghc-tls -Version: 1.3.5 +Version: 1.3.7 Release: 0 Summary: TLS/SSL protocol native implementation (Server and Client) License: BSD-3-Clause ++++++ tls-1.3.5.tar.gz -> tls-1.3.7.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.3.5/CHANGELOG.md new/tls-1.3.7/CHANGELOG.md --- old/tls-1.3.5/CHANGELOG.md 2016-04-09 15:47:25.000000000 +0200 +++ new/tls-1.3.7/CHANGELOG.md 2016-05-08 07:10:23.000000000 +0200 @@ -1,3 +1,12 @@ +## Version 1.3.7 + +- Disable SHA384 based cipher, as they don't work properly yet. + +## Version 1.3.6 + +- Add new ciphers +- Improve some debugging and outputs + ## Version 1.3.5 - Fix a bug with ECDHE based cipher where serialization diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.3.5/Network/TLS/Extension/EC.hs new/tls-1.3.7/Network/TLS/Extension/EC.hs --- old/tls-1.3.5/Network/TLS/Extension/EC.hs 2016-04-09 15:47:25.000000000 +0200 +++ new/tls-1.3.7/Network/TLS/Extension/EC.hs 2016-05-08 07:10:23.000000000 +0200 @@ -33,6 +33,9 @@ toCurveName 23 = Just SEC_p256r1 toCurveName 24 = Just SEC_p384r1 toCurveName 25 = Just SEC_p521r1 +--toCurveName 26 = Just Brainpool_P256r1 +--toCurveName 27 = Just Brainpool_P384r1 +--toCurveName 28 = Just Brainpool_P512r1 toCurveName _ = Nothing fromCurveName :: CurveName -> Maybe Word16 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.3.5/Network/TLS/Extension.hs new/tls-1.3.7/Network/TLS/Extension.hs --- old/tls-1.3.5/Network/TLS/Extension.hs 2016-04-09 15:47:25.000000000 +0200 +++ new/tls-1.3.7/Network/TLS/Extension.hs 2016-05-08 07:10:23.000000000 +0200 @@ -41,7 +41,6 @@ , availableEllipticCurves ) where -import Control.Applicative ((<$>),(<*>)) import Control.Monad import Data.Word @@ -53,6 +52,7 @@ import Network.TLS.Extension.EC import Network.TLS.Struct (ExtensionID, EnumSafe8(..), EnumSafe16(..), HashAndSignatureAlgorithm) import Network.TLS.Wire +import Network.TLS.Imports import Network.TLS.Packet (putSignatureHashAlgorithm, getSignatureHashAlgorithm) type HostName = String @@ -258,21 +258,32 @@ data NamedCurve = SEC CurveName + | BrainPool BrainPoolCurve | NamedCurve_arbitrary_explicit_prime_curves | NamedCurve_arbitrary_explicit_char2_curves deriving (Show,Eq) --- FIXME: currently maximum crypto strength of our supported --- cipher suite is 128 bits. Not support 384 and 512. +data BrainPoolCurve = + BrainPoolP512R1 -- 28 + | BrainPoolP384R1 -- 27 + | BrainPoolP256R1 -- 26 + deriving (Show,Eq) + availableEllipticCurves :: [NamedCurve] -availableEllipticCurves = [SEC SEC_p160r1, SEC SEC_p224r1, SEC SEC_p256r1] +availableEllipticCurves = [SEC SEC_p256r1, SEC SEC_p521r1] instance EnumSafe16 NamedCurve where fromEnumSafe16 NamedCurve_arbitrary_explicit_prime_curves = 0xFF01 fromEnumSafe16 NamedCurve_arbitrary_explicit_char2_curves = 0xFF02 fromEnumSafe16 (SEC nc) = maybe (error "named curve: internal error") id $ fromCurveName nc + fromEnumSafe16 (BrainPool BrainPoolP512R1) = 28 + fromEnumSafe16 (BrainPool BrainPoolP384R1) = 27 + fromEnumSafe16 (BrainPool BrainPoolP256R1) = 26 toEnumSafe16 0xFF01 = Just NamedCurve_arbitrary_explicit_prime_curves toEnumSafe16 0xFF02 = Just NamedCurve_arbitrary_explicit_char2_curves + toEnumSafe16 26 = Just (BrainPool BrainPoolP256R1) + toEnumSafe16 27 = Just (BrainPool BrainPoolP384R1) + toEnumSafe16 28 = Just (BrainPool BrainPoolP512R1) toEnumSafe16 n = SEC <$> toCurveName n -- on decode, filter all unknown curves diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.3.5/Network/TLS/Extra/Cipher.hs new/tls-1.3.7/Network/TLS/Extra/Cipher.hs --- old/tls-1.3.5/Network/TLS/Extra/Cipher.hs 2016-04-09 15:47:25.000000000 +0200 +++ new/tls-1.3.7/Network/TLS/Extra/Cipher.hs 2016-05-08 07:10:23.000000000 +0200 @@ -35,8 +35,11 @@ , cipher_DHE_DSS_RC4_SHA1 , cipher_DHE_RSA_AES128GCM_SHA256 , cipher_ECDHE_RSA_AES128GCM_SHA256 + , cipher_ECDHE_RSA_AES256GCM_SHA384 , cipher_ECDHE_RSA_AES128CBC_SHA256 , cipher_ECDHE_RSA_AES128CBC_SHA + , cipher_ECDHE_RSA_AES256CBC_SHA + , cipher_ECDHE_RSA_AES256CBC_SHA384 , cipher_ECDHE_ECDSA_AES128GCM_SHA256 ) where @@ -89,6 +92,24 @@ (output, aeadFinal) = aeadDecrypt aead input tag = aeadFinalize aeadFinal 16 +aes256gcm :: BulkDirection -> BulkKey -> BulkAEAD +aes256gcm BulkEncrypt key = + let ctx = noFail (cipherInit key) :: AES256 + in (\nonce d ad -> + let aeadIni = noFail (aeadInit AEAD_GCM ctx nonce) + in swap $ aeadSimpleEncrypt aeadIni ad d 16) +aes256gcm BulkDecrypt key = + let ctx = noFail (cipherInit key) :: AES256 + in (\nonce d ad -> + let aeadIni = noFail (aeadInit AEAD_GCM ctx nonce) + in simpleDecrypt aeadIni ad d) + where + simpleDecrypt aeadIni header input = (output, tag) + where + aead = aeadAppendHeader aeadIni header + (output, aeadFinal) = aeadDecrypt aead input + tag = aeadFinalize aeadFinal 16 + noFail :: CryptoFailable a -> a noFail = throwCryptoError @@ -119,6 +140,7 @@ ciphersuite_all :: [Cipher] ciphersuite_all = [ cipher_ECDHE_RSA_AES128GCM_SHA256 + , cipher_ECDHE_RSA_AES256CBC_SHA , cipher_ECDHE_ECDSA_AES128GCM_SHA256 , cipher_DHE_RSA_AES256_SHA256, cipher_DHE_RSA_AES128_SHA256 , cipher_DHE_RSA_AES256_SHA1, cipher_DHE_RSA_AES128_SHA1 @@ -136,7 +158,14 @@ -- | the strongest ciphers supported. ciphersuite_strong :: [Cipher] -ciphersuite_strong = [cipher_ECDHE_RSA_AES128GCM_SHA256, cipher_ECDHE_ECDSA_AES128GCM_SHA256, cipher_DHE_RSA_AES256_SHA256, cipher_AES256_SHA256, cipher_AES256_SHA1] +ciphersuite_strong = + [ cipher_ECDHE_RSA_AES128GCM_SHA256 + , cipher_ECDHE_RSA_AES256CBC_SHA + , cipher_ECDHE_ECDSA_AES128GCM_SHA256 + , cipher_DHE_RSA_AES256_SHA256 + , cipher_AES256_SHA256 + , cipher_AES256_SHA1 + ] -- | DHE-RSA cipher suite ciphersuite_dhe_rsa :: [Cipher] @@ -151,7 +180,7 @@ ciphersuite_unencrypted :: [Cipher] ciphersuite_unencrypted = [cipher_null_MD5, cipher_null_SHA1] -bulk_null, bulk_rc4, bulk_aes128, bulk_aes256, bulk_tripledes_ede, bulk_aes128gcm :: Bulk +bulk_null, bulk_rc4, bulk_aes128, bulk_aes256, bulk_tripledes_ede, bulk_aes128gcm, bulk_aes256gcm :: Bulk bulk_null = Bulk { bulkName = "null" , bulkKeySize = 0 @@ -194,6 +223,16 @@ , bulkF = BulkAeadF aes128gcm } +bulk_aes256gcm = Bulk + { bulkName = "AES256GCM" + , bulkKeySize = 32 -- RFC 5116 Sec 5.1: K_LEN + , bulkIVSize = 4 -- RFC 5288 GCMNonce.salt, fixed_iv_length + , bulkExplicitIV = 8 + , bulkAuthTagLen = 16 + , bulkBlockSize = 0 -- dummy, not used + , bulkF = BulkAeadF aes256gcm + } + bulk_aes256 = Bulk { bulkName = "AES256" , bulkKeySize = 32 @@ -269,6 +308,28 @@ , cipherMinVer = Just SSL3 } +-- | AES cipher (128 bit key), DHE key exchanged signed by DSA and SHA1 for digest +cipher_DHE_DSS_AES128_SHA1 :: Cipher +cipher_DHE_DSS_AES128_SHA1 = Cipher + { cipherID = 0x32 + , cipherName = "DHE-DSA-AES128-SHA1" + , cipherBulk = bulk_aes128 + , cipherHash = SHA1 + , cipherKeyExchange = CipherKeyExchange_DHE_DSS + , cipherMinVer = Nothing + } + +-- | AES cipher (128 bit key), DHE key exchanged signed by RSA and SHA1 for digest +cipher_DHE_RSA_AES128_SHA1 :: Cipher +cipher_DHE_RSA_AES128_SHA1 = Cipher + { cipherID = 0x33 + , cipherName = "DHE-RSA-AES128-SHA1" + , cipherBulk = bulk_aes128 + , cipherHash = SHA1 + , cipherKeyExchange = CipherKeyExchange_DHE_RSA + , cipherMinVer = Nothing + } + -- | AES cipher (256 bit key), RSA key exchange and SHA1 for digest cipher_AES256_SHA1 :: Cipher cipher_AES256_SHA1 = Cipher @@ -280,6 +341,22 @@ , cipherMinVer = Just SSL3 } +-- | AES cipher (256 bit key), DHE key exchanged signed by DSA and SHA1 for digest +cipher_DHE_DSS_AES256_SHA1 :: Cipher +cipher_DHE_DSS_AES256_SHA1 = cipher_DHE_DSS_AES128_SHA1 + { cipherID = 0x38 + , cipherName = "DHE-DSA-AES256-SHA1" + , cipherBulk = bulk_aes256 + } + +-- | AES cipher (256 bit key), DHE key exchanged signed by RSA and SHA1 for digest +cipher_DHE_RSA_AES256_SHA1 :: Cipher +cipher_DHE_RSA_AES256_SHA1 = cipher_DHE_RSA_AES128_SHA1 + { cipherID = 0x39 + , cipherName = "DHE-RSA-AES256-SHA1" + , cipherBulk = bulk_aes256 + } + -- | AES cipher (128 bit key), RSA key exchange and SHA256 for digest cipher_AES128_SHA256 :: Cipher cipher_AES128_SHA256 = Cipher @@ -302,43 +379,6 @@ , cipherMinVer = Just TLS12 } --- | AES cipher (128 bit key), DHE key exchanged signed by RSA and SHA1 for digest -cipher_DHE_RSA_AES128_SHA1 :: Cipher -cipher_DHE_RSA_AES128_SHA1 = Cipher - { cipherID = 0x33 - , cipherName = "DHE-RSA-AES128-SHA1" - , cipherBulk = bulk_aes128 - , cipherHash = SHA1 - , cipherKeyExchange = CipherKeyExchange_DHE_RSA - , cipherMinVer = Nothing - } - --- | AES cipher (256 bit key), DHE key exchanged signed by RSA and SHA1 for digest -cipher_DHE_RSA_AES256_SHA1 :: Cipher -cipher_DHE_RSA_AES256_SHA1 = cipher_DHE_RSA_AES128_SHA1 - { cipherID = 0x39 - , cipherName = "DHE-RSA-AES256-SHA1" - , cipherBulk = bulk_aes256 - } - --- | AES cipher (128 bit key), DHE key exchanged signed by DSA and SHA1 for digest -cipher_DHE_DSS_AES128_SHA1 :: Cipher -cipher_DHE_DSS_AES128_SHA1 = Cipher - { cipherID = 0x32 - , cipherName = "DHE-DSA-AES128-SHA1" - , cipherBulk = bulk_aes128 - , cipherHash = SHA1 - , cipherKeyExchange = CipherKeyExchange_DHE_DSS - , cipherMinVer = Nothing - } - --- | AES cipher (256 bit key), DHE key exchanged signed by DSA and SHA1 for digest -cipher_DHE_DSS_AES256_SHA1 :: Cipher -cipher_DHE_DSS_AES256_SHA1 = cipher_DHE_DSS_AES128_SHA1 - { cipherID = 0x38 - , cipherName = "DHE-DSA-AES256-SHA1" - , cipherBulk = bulk_aes256 - } cipher_DHE_DSS_RC4_SHA1 :: Cipher cipher_DHE_DSS_RC4_SHA1 = cipher_DHE_DSS_AES128_SHA1 @@ -383,16 +423,6 @@ , cipherMinVer = Just TLS12 -- RFC 5288 Sec 4 } -cipher_ECDHE_RSA_AES128GCM_SHA256 :: Cipher -cipher_ECDHE_RSA_AES128GCM_SHA256 = Cipher - { cipherID = 0xc02f - , cipherName = "ECDHE-RSA-AES128GCM-SHA256" - , cipherBulk = bulk_aes128gcm - , cipherHash = SHA256 - , cipherKeyExchange = CipherKeyExchange_ECDHE_RSA - , cipherMinVer = Just TLS12 -- RFC 5288 Sec 4 - } - cipher_ECDHE_RSA_AES128CBC_SHA :: Cipher cipher_ECDHE_RSA_AES128CBC_SHA = Cipher { cipherID = 0xc013 @@ -403,17 +433,36 @@ , cipherMinVer = Just TLS10 } ---TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 +cipher_ECDHE_RSA_AES256CBC_SHA :: Cipher +cipher_ECDHE_RSA_AES256CBC_SHA = Cipher + { cipherID = 0xc014 + , cipherName = "ECDHE-RSA-AES256CBC-SHA" + , cipherBulk = bulk_aes256 + , cipherHash = SHA1 + , cipherKeyExchange = CipherKeyExchange_ECDHE_RSA + , cipherMinVer = Just TLS10 + } + cipher_ECDHE_RSA_AES128CBC_SHA256 :: Cipher cipher_ECDHE_RSA_AES128CBC_SHA256 = Cipher { cipherID = 0xc027 - , cipherName = "ECDHE-RSA-AES128CBC-SHA" + , cipherName = "ECDHE-RSA-AES128CBC-SHA256" , cipherBulk = bulk_aes128 , cipherHash = SHA256 , cipherKeyExchange = CipherKeyExchange_ECDHE_RSA , cipherMinVer = Just TLS12 -- RFC 5288 Sec 4 } +cipher_ECDHE_RSA_AES256CBC_SHA384 :: Cipher +cipher_ECDHE_RSA_AES256CBC_SHA384 = Cipher + { cipherID = 0xc027 + , cipherName = "ECDHE-RSA-AES256CBC-SHA384" + , cipherBulk = bulk_aes256 + , cipherHash = SHA384 + , cipherKeyExchange = CipherKeyExchange_ECDHE_RSA + , cipherMinVer = Just TLS12 -- RFC 5288 Sec 4 + } + cipher_ECDHE_ECDSA_AES128GCM_SHA256 :: Cipher cipher_ECDHE_ECDSA_AES128GCM_SHA256 = Cipher { cipherID = 0xc02b @@ -423,6 +472,27 @@ , cipherKeyExchange = CipherKeyExchange_ECDHE_ECDSA , cipherMinVer = Just TLS12 -- RFC 5289 } + +cipher_ECDHE_RSA_AES128GCM_SHA256 :: Cipher +cipher_ECDHE_RSA_AES128GCM_SHA256 = Cipher + { cipherID = 0xc02f + , cipherName = "ECDHE-RSA-AES128GCM-SHA256" + , cipherBulk = bulk_aes128gcm + , cipherHash = SHA256 + , cipherKeyExchange = CipherKeyExchange_ECDHE_RSA + , cipherMinVer = Just TLS12 -- RFC 5288 Sec 4 + } + +cipher_ECDHE_RSA_AES256GCM_SHA384 :: Cipher +cipher_ECDHE_RSA_AES256GCM_SHA384 = Cipher + { cipherID = 0xc030 + , cipherName = "ECDHE-RSA-AES256GCM-SHA256" + , cipherBulk = bulk_aes256gcm + , cipherHash = SHA384 + , cipherKeyExchange = CipherKeyExchange_ECDHE_RSA + , cipherMinVer = Just TLS12 -- RFC 5289 + } + {- TLS 1.0 ciphers definition diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.3.5/Network/TLS/Handshake/Client.hs new/tls-1.3.7/Network/TLS/Handshake/Client.hs --- old/tls-1.3.5/Network/TLS/Handshake/Client.hs 2016-04-09 15:47:25.000000000 +0200 +++ new/tls-1.3.7/Network/TLS/Handshake/Client.hs 2016-05-08 07:10:23.000000000 +0200 @@ -21,6 +21,7 @@ import Network.TLS.ErrT import Network.TLS.Extension import Network.TLS.IO +import Network.TLS.Imports import Network.TLS.State hiding (getNegotiatedProtocol) import Network.TLS.Measurement import Network.TLS.Wire (encodeWord16) @@ -32,7 +33,6 @@ import qualified Data.ByteString as B import Data.ByteString.Char8 () -import Control.Applicative ((<$>), (<*>)) import Control.Monad.State import Control.Exception (SomeException) @@ -75,7 +75,7 @@ ] toExtensionRaw :: Extension e => e -> ExtensionRaw - toExtensionRaw ext = (extensionID ext, extensionEncode ext) + toExtensionRaw ext = ExtensionRaw (extensionID ext) (extensionEncode ext) secureReneg = if supportedSecureRenegotiation $ ctxSupported ctx @@ -114,7 +114,7 @@ [ ClientHello highestVer crand clientSession (map cipherID ciphers) (map compressionID compressions) extensions Nothing ] - return $ map fst extensions + return $ map (\(ExtensionRaw i _) -> i) extensions sendMaybeNPN = do suggest <- usingState_ ctx $ getServerNextProtocolSuggest @@ -262,8 +262,8 @@ _ -> return () -processServerExtension :: (ExtensionID, Bytes) -> TLSSt () -processServerExtension (0xff01, content) = do +processServerExtension :: ExtensionRaw -> TLSSt () +processServerExtension (ExtensionRaw 0xff01 content) = do cv <- getVerifiedData ClientRole sv <- getVerifiedData ServerRole let bs = extensionEncode (SecureRenegotiation cv $ Just sv) @@ -300,7 +300,7 @@ -- intersect sent extensions in client and the received extensions from server. -- if server returns extensions that we didn't request, fail. - when (not $ null $ filter (not . flip elem sentExts . fst) exts) $ + when (not $ null $ filter (not . flip elem sentExts . (\(ExtensionRaw i _) -> i)) exts) $ throwCore $ Error_Protocol ("spurious extensions received", True, UnsupportedExtension) let resumingSession = @@ -313,7 +313,7 @@ setVersion rver usingHState ctx $ setServerHelloParameters rver serverRan cipherAlg compressAlg - case extensionDecode False `fmap` (lookup extensionID_ApplicationLayerProtocolNegotiation exts) of + case extensionDecode False `fmap` (extensionLookup extensionID_ApplicationLayerProtocolNegotiation exts) of Just (Just (ApplicationLayerProtocolNegotiation [proto])) -> usingState_ ctx $ do mprotos <- getClientALPNSuggest case mprotos of @@ -323,7 +323,7 @@ _ -> return () _ -> return () - case extensionDecode False `fmap` (lookup extensionID_NextProtocolNegotiation exts) of + case extensionDecode False `fmap` (extensionLookup extensionID_NextProtocolNegotiation exts) of Just (Just (NextProtocolNegotiation protos)) -> usingState_ ctx $ do alpnDone <- getExtensionALPN unless alpnDone $ do diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.3.5/Network/TLS/Handshake/Common.hs new/tls-1.3.7/Network/TLS/Handshake/Common.hs --- old/tls-1.3.5/Network/TLS/Handshake/Common.hs 2016-04-09 15:47:25.000000000 +0200 +++ new/tls-1.3.7/Network/TLS/Handshake/Common.hs 2016-05-08 07:10:23.000000000 +0200 @@ -13,6 +13,7 @@ , runRecvState , recvPacketHandshake , onRecvStateHandshake + , extensionLookup ) where import Control.Concurrent.MVar @@ -30,6 +31,7 @@ import Network.TLS.Types import Network.TLS.Cipher import Network.TLS.Util +import Data.List (find) import Data.ByteString.Char8 () import Control.Monad.State @@ -132,3 +134,6 @@ , sessionCipher = cipherID $ fromJust "cipher" $ stCipher tx , sessionSecret = ms } + +extensionLookup toFind = fmap (\(ExtensionRaw _ content) -> content) + . find (\(ExtensionRaw eid content) -> eid == toFind) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.3.5/Network/TLS/Handshake/Process.hs new/tls-1.3.7/Network/TLS/Handshake/Process.hs --- old/tls-1.3.5/Network/TLS/Handshake/Process.hs 2016-04-09 15:47:25.000000000 +0200 +++ new/tls-1.3.7/Network/TLS/Handshake/Process.hs 2016-05-08 07:10:23.000000000 +0200 @@ -13,7 +13,6 @@ , getHandshakeDigest ) where -import Control.Applicative import Control.Concurrent.MVar import Control.Monad.State (gets) import Control.Monad @@ -27,6 +26,7 @@ import Network.TLS.State import Network.TLS.Context.Internal import Network.TLS.Crypto +import Network.TLS.Imports import Network.TLS.Handshake.State import Network.TLS.Handshake.Key import Network.TLS.Extension @@ -57,7 +57,7 @@ where secureRenegotiation = supportedSecureRenegotiation $ ctxSupported ctx -- RFC5746: secure renegotiation -- the renegotiation_info extension: 0xff01 - processClientExtension (0xff01, content) | secureRenegotiation = do + processClientExtension (ExtensionRaw 0xff01 content) | secureRenegotiation = do v <- getVerifiedData ClientRole let bs = extensionEncode (SecureRenegotiation v Nothing) unless (bs `bytesEq` content) $ throwError $ Error_Protocol ("client verified data not matching: " ++ show v ++ ":" ++ show content, True, HandshakeFailure) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.3.5/Network/TLS/Handshake/Server.hs new/tls-1.3.7/Network/TLS/Handshake/Server.hs --- old/tls-1.3.5/Network/TLS/Handshake/Server.hs 2016-04-09 15:47:25.000000000 +0200 +++ new/tls-1.3.7/Network/TLS/Handshake/Server.hs 2016-05-08 07:10:23.000000000 +0200 @@ -12,6 +12,7 @@ ) where import Network.TLS.Parameters +import Network.TLS.Imports import Network.TLS.Context.Internal import Network.TLS.Session import Network.TLS.Struct @@ -28,13 +29,11 @@ import Network.TLS.Handshake.Process import Network.TLS.Handshake.Key import Network.TLS.Measurement -import Data.Monoid import Data.Maybe (isJust, listToMaybe, mapMaybe) import Data.List (intersect, sortBy) import qualified Data.ByteString as B import Data.ByteString.Char8 () -import Control.Applicative ((<$>)) import Control.Monad.State import Network.TLS.Handshake.Signature @@ -112,7 +111,7 @@ when (null commonCompressions) $ throwCore $ Error_Protocol ("no compression in common with the client", True, HandshakeFailure) - let serverName = case extensionDecode False `fmap` (lookup extensionID_ServerName exts) of + let serverName = case extensionDecode False `fmap` (extensionLookup extensionID_ServerName exts) of Just (Just (ServerName ns)) -> listToMaybe (mapMaybe toHostName ns) where toHostName (ServerNameHostName hostName) = Just hostName toHostName (ServerNameOther _) = Nothing @@ -136,17 +135,17 @@ maybe (return ()) (usingState_ ctx . setClientSNI) serverName - case extensionDecode False `fmap` (lookup extensionID_ApplicationLayerProtocolNegotiation exts) of + case extensionDecode False `fmap` (extensionLookup extensionID_ApplicationLayerProtocolNegotiation exts) of Just (Just (ApplicationLayerProtocolNegotiation protos)) -> usingState_ ctx $ setClientALPNSuggest protos _ -> return () - case extensionDecode False `fmap` (lookup extensionID_EllipticCurves exts) of + case extensionDecode False `fmap` (extensionLookup extensionID_EllipticCurves exts) of Just (Just (EllipticCurvesSupported es)) -> usingState_ ctx $ setClientEllipticCurveSuggest es _ -> return () -- Currently, we don't send back EcPointFormats. In this case, -- the client chooses EcPointFormat_Uncompressed. - case extensionDecode False `fmap` (lookup extensionID_EcPointFormats exts) of + case extensionDecode False `fmap` (extensionLookup extensionID_EcPointFormats exts) of Just (Just (EcPointFormatsSupported fs)) -> usingState_ ctx $ setClientEcPointFormatSuggest fs _ -> return () @@ -163,7 +162,7 @@ doHandshake :: ServerParams -> Maybe Credential -> Context -> Version -> Cipher -> Compression -> Session -> Maybe SessionData - -> [(ExtensionID, a)] -> IO () + -> [ExtensionRaw] -> IO () doHandshake sparams mcred ctx chosenVersion usedCipher usedCompression clientSession resumeSessionData exts = do case resumeSessionData of Nothing -> do @@ -181,8 +180,8 @@ recvChangeCipherAndFinish ctx handshakeTerminate ctx where - clientRequestedNPN = isJust $ lookup extensionID_NextProtocolNegotiation exts - clientALPNSuggest = isJust $ lookup extensionID_ApplicationLayerProtocolNegotiation exts + clientRequestedNPN = isJust $ extensionLookup extensionID_NextProtocolNegotiation exts + clientALPNSuggest = isJust $ extensionLookup extensionID_ApplicationLayerProtocolNegotiation exts applicationProtocol = do protos <- alpn @@ -196,8 +195,8 @@ usingState_ ctx $ do setExtensionALPN True setNegotiatedProtocol proto - return $ [ ( extensionID_ApplicationLayerProtocolNegotiation - , extensionEncode $ ApplicationLayerProtocolNegotiation [proto]) ] + return $ [ ExtensionRaw extensionID_ApplicationLayerProtocolNegotiation + (extensionEncode $ ApplicationLayerProtocolNegotiation [proto]) ] (_, _) -> return [] | otherwise = return [] npn = do @@ -210,8 +209,8 @@ usingState_ ctx $ do setExtensionNPN True setServerNextProtocolSuggest protos - return [ ( extensionID_NextProtocolNegotiation - , extensionEncode $ NextProtocolNegotiation protos) ] + return [ ExtensionRaw extensionID_NextProtocolNegotiation + (extensionEncode $ NextProtocolNegotiation protos) ] Nothing -> return [] @@ -235,7 +234,7 @@ cvf <- getVerifiedData ClientRole svf <- getVerifiedData ServerRole return $ extensionEncode (SecureRenegotiation cvf $ Just svf) - return [ (0xff01, vf) ] + return [ ExtensionRaw 0xff01 vf ] else return [] protoExt <- applicationProtocol let extensions = secRengExt ++ protoExt diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.3.5/Network/TLS/Handshake/Signature.hs new/tls-1.3.7/Network/TLS/Handshake/Signature.hs --- old/tls-1.3.5/Network/TLS/Handshake/Signature.hs 2016-04-09 15:47:25.000000000 +0200 +++ new/tls-1.3.7/Network/TLS/Handshake/Signature.hs 2016-05-08 07:10:23.000000000 +0200 @@ -19,6 +19,7 @@ import Network.TLS.Crypto import Network.TLS.Context.Internal import Network.TLS.Struct +import Network.TLS.Imports import Network.TLS.Packet (generateCertificateVerify_SSL, encodeSignedDHParams, encodeSignedECDHParams) import Network.TLS.Parameters (supportedHashSignatures) import Network.TLS.State @@ -26,7 +27,6 @@ import Network.TLS.Handshake.Key import Network.TLS.Util -import Control.Applicative import Control.Monad.State certificateVerifyCheck :: Context @@ -79,6 +79,7 @@ signatureHashData SignatureRSA mhash = case mhash of Just HashSHA512 -> SHA512 + Just HashSHA384 -> SHA384 Just HashSHA256 -> SHA256 Just HashSHA1 -> SHA1 Nothing -> SHA1_MD5 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.3.5/Network/TLS/Imports.hs new/tls-1.3.7/Network/TLS/Imports.hs --- old/tls-1.3.5/Network/TLS/Imports.hs 1970-01-01 01:00:00.000000000 +0100 +++ new/tls-1.3.7/Network/TLS/Imports.hs 2016-05-08 07:10:23.000000000 +0200 @@ -0,0 +1,30 @@ +-- | +-- Module : Network.TLS.Imports +-- License : BSD-style +-- Maintainer : Vincent Hanquez <vinc...@snarc.org> +-- Stability : experimental +-- Portability : unknown +-- +{-# LANGUAGE NoImplicitPrelude #-} +module Network.TLS.Imports + ( + -- generic exports + Control.Applicative.Applicative(..) + , (Control.Applicative.<$>) + , Data.Monoid.Monoid(..) + -- project definition + , Bytes + , showBytesHex + ) where + +import qualified Control.Applicative +import qualified Data.Monoid + +import qualified Data.ByteString as B +import Data.ByteArray.Encoding as B +import qualified Prelude + +type Bytes = B.ByteString + +showBytesHex :: Bytes -> Prelude.String +showBytesHex bs = Prelude.show (B.convertToBase B.Base16 bs :: Bytes) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.3.5/Network/TLS/Packet.hs new/tls-1.3.7/Network/TLS/Packet.hs --- old/tls-1.3.5/Network/TLS/Packet.hs 2016-04-09 15:47:25.000000000 +0200 +++ new/tls-1.3.7/Network/TLS/Packet.hs 2016-05-08 07:10:23.000000000 +0200 @@ -58,12 +58,12 @@ , putSignatureHashAlgorithm ) where +import Network.TLS.Imports import Network.TLS.Struct import Network.TLS.Wire import Network.TLS.Cap import Data.Maybe (fromJust) import Data.Word -import Control.Applicative ((<$>), (<*>)) import Control.Monad import Data.ASN1.Types (fromASN1, toASN1) import Data.ASN1.Encoding (decodeASN1', encodeASN1') @@ -474,10 +474,10 @@ extdatalen <- getWord16 extdata <- getBytes $ fromIntegral extdatalen extxs <- getExtensions (len - fromIntegral extdatalen - 4) - return $ (extty, extdata) : extxs + return $ ExtensionRaw extty extdata : extxs putExtension :: ExtensionRaw -> Put -putExtension (ty, l) = putWord16 ty >> putOpaque16 l +putExtension (ExtensionRaw ty l) = putWord16 ty >> putOpaque16 l putExtensions :: [ExtensionRaw] -> Put putExtensions [] = return () diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.3.5/Network/TLS/Parameters.hs new/tls-1.3.7/Network/TLS/Parameters.hs --- old/tls-1.3.5/Network/TLS/Parameters.hs 2016-04-09 15:47:25.000000000 +0200 +++ new/tls-1.3.7/Network/TLS/Parameters.hs 2016-05-08 07:10:23.000000000 +0200 @@ -34,7 +34,6 @@ import Network.TLS.Credentials import Network.TLS.X509 import Network.TLS.RNG (Seed) -import Data.Monoid import Data.Default.Class import qualified Data.ByteString as B diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.3.5/Network/TLS/State.hs new/tls-1.3.7/Network/TLS/State.hs --- old/tls-1.3.5/Network/TLS/State.hs 2016-04-09 15:47:25.000000000 +0200 +++ new/tls-1.3.7/Network/TLS/State.hs 2016-05-08 07:10:23.000000000 +0200 @@ -57,7 +57,7 @@ , withRNG ) where -import Control.Applicative +import Network.TLS.Imports import Network.TLS.Struct import Network.TLS.RNG import Network.TLS.Types (Role(..)) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.3.5/Network/TLS/Struct.hs new/tls-1.3.7/Network/TLS/Struct.hs --- old/tls-1.3.5/Network/TLS/Struct.hs 2016-04-09 15:47:25.000000000 +0200 +++ new/tls-1.3.7/Network/TLS/Struct.hs 2016-05-08 07:10:23.000000000 +0200 @@ -17,7 +17,7 @@ , CipherType(..) , CipherData(..) , ExtensionID - , ExtensionRaw + , ExtensionRaw(..) , CertificateType(..) , HashAlgorithm(..) , SignatureAlgorithm(..) @@ -71,13 +71,12 @@ import Network.TLS.Crypto.DH import Network.TLS.Crypto.ECDH import Network.TLS.Util.Serialization +import Network.TLS.Imports #if MIN_VERSION_mtl(2,2,1) #else import Control.Monad.Error #endif -type Bytes = ByteString - data ConnectionEnd = ConnectionServer | ConnectionClient data CipherType = CipherStream | CipherBlock | CipherAEAD @@ -180,7 +179,12 @@ type FinishedData = Bytes type ExtensionID = Word16 -type ExtensionRaw = (ExtensionID, Bytes) + +data ExtensionRaw = ExtensionRaw ExtensionID Bytes + deriving (Eq) + +instance Show ExtensionRaw where + show (ExtensionRaw eid bs) = "ExtensionRaw " ++ show eid ++ " " ++ showBytesHex bs ++ "" constrRandom32 :: (Bytes -> a) -> Bytes -> Maybe a constrRandom32 constr l = if B.length l == 32 then Just (constr l) else Nothing diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.3.5/Network/TLS/Util.hs new/tls-1.3.7/Network/TLS/Util.hs --- old/tls-1.3.5/Network/TLS/Util.hs 2016-04-09 15:47:25.000000000 +0200 +++ new/tls-1.3.7/Network/TLS/Util.hs 2016-05-08 07:10:23.000000000 +0200 @@ -13,7 +13,7 @@ ) where import Data.List (foldl') -import Network.TLS.Struct (Bytes) +import Network.TLS.Imports (Bytes) import qualified Data.ByteString as B import Control.Exception (SomeException) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.3.5/Tests/Connection.hs new/tls-1.3.7/Tests/Connection.hs --- old/tls-1.3.5/Tests/Connection.hs 2016-04-09 15:47:25.000000000 +0200 +++ new/tls-1.3.7/Tests/Connection.hs 2016-05-08 07:10:23.000000000 +0200 @@ -32,6 +32,8 @@ { bulkName = "id" , bulkKeySize = 16 , bulkIVSize = 16 + , bulkExplicitIV= 0 + , bulkAuthTagLen= 0 , bulkBlockSize = 16 , bulkF = BulkBlockF $ \_ _ _ -> (\m -> (m, B.empty)) } @@ -61,6 +63,8 @@ { bulkName = "stream" , bulkKeySize = 16 , bulkIVSize = 0 + , bulkExplicitIV= 0 + , bulkAuthTagLen= 0 , bulkBlockSize = 0 , bulkF = BulkStreamF passThrough } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.3.5/Tests/PubKey.hs new/tls-1.3.7/Tests/PubKey.hs --- old/tls-1.3.5/Tests/PubKey.hs 2016-04-09 15:47:25.000000000 +0200 +++ new/tls-1.3.7/Tests/PubKey.hs 2016-05-08 07:10:23.000000000 +0200 @@ -56,6 +56,7 @@ dhParams = DH.Params { DH.params_p = 0x00ccaa3884b50789ebea8d39bef8bbc66e20f2a78f537a76f26b4edde5de8b0ff15a8193abf0873cbdc701323a2bf6e860affa6e043fe8300d47e95baf9f6354cb , DH.params_g = 0x2 + , DH.params_bits = 512 } dsaParams :: DSA.Params diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tls-1.3.5/tls.cabal new/tls-1.3.7/tls.cabal --- old/tls-1.3.5/tls.cabal 2016-04-09 15:47:25.000000000 +0200 +++ new/tls-1.3.7/tls.cabal 2016-05-08 07:10:23.000000000 +0200 @@ -1,5 +1,5 @@ Name: tls -Version: 1.3.5 +Version: 1.3.7 Description: Native Haskell TLS and SSL protocol implementation for server and client. . @@ -41,14 +41,14 @@ Library Build-Depends: base >= 3 && < 5 - , mtl + , mtl >= 2 , transformers , cereal >= 0.4 , bytestring , data-default-class -- crypto related , memory - , cryptonite >= 0.14 + , cryptonite >= 0.15 -- certificate related , asn1-types >= 0.2.0 , asn1-encoding @@ -92,6 +92,7 @@ Network.TLS.Handshake.State Network.TLS.Hooks Network.TLS.IO + Network.TLS.Imports Network.TLS.MAC Network.TLS.Measurement Network.TLS.Packet