-
Notifications
You must be signed in to change notification settings - Fork 91
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
TLS 1.3 #167
Comments
Usage of
|
Using TLS 1.3 serversUsing MightyFirst, clone mighty:
Then, clone the
Build it (this takes a long time at the first time):
Create
And run:
Next time
Public servers
tls-simpleserver
|
How to use this package for non HaskellersFirst timeYou need GHC(Glasgow Haskell Compiler) to compile Haskell code. Recently, many Haskellers use
Install GHC:
GHC is installed in
Now, you should clone this repository:
Let's build Haskell tls. At the first time, this takes a long time!
OK.
Next time
|
Proposed APIs for 0RTT
|
I was wondering if there's much progress on this in the last 5 months - it would be good to add a checklist of tasks done and yet to be done to the issue description above - would help people know if there's something they an help with too. Link for reference if you haven't used this feature before: https://github.com/blog/1375-task-lists-in-gfm-issues-pulls-comments |
I'm actively working: The first commit of tls13-18 contains what's done and todo. I will support TLS 1.3 ID20 soon. Some features of TLS 1.3 have already merged into the master. |
@axman6 I re-wrote the first text. I hope you like it. |
I also wrote usage of tls-simpleclient. See above. |
You've got one above and beyond Kazu, this is fantastic! Glad to see things are progressing so well. Do you have any comments on what an interface using the early data feature would look like? Wondering how easy it might be to use in general network code and also if it'll be accessible from say Wai. |
You've gone above and beyond* |
Client side: You can set early data to Server side:
|
I also wrote how to use this lib in the server side. See above. |
See: haskell-tls#167 This jumbo patch will be eventually divided into logical patches after standardization of TLS 1.3 is finished and before a pull request is sent. This patch is jumbo to observe the entire patch to make difference minimum. This patch is repeatedly rebased and overridden to clean up the TLS 1.3 code. Take care.
See: haskell-tls#167 This jumbo patch will be eventually divided into logical patches after standardization of TLS 1.3 is finished and before a pull request is sent. This patch is jumbo to observe the entire patch to make difference minimum. This patch is repeatedly rebased and overridden to clean up the TLS 1.3 code. Take care.
What is "isPointValid for draft 19" exactly? |
TLS 1.3 draft says:
So, the |
@kazu-yamamoto |
@kazu-yamamoto Thanks for the reference, I didn't find it. This is mostly right, with the point format chosen for X25519 and X448 there is not much to validate. One small exception though: RFC7748 mentions an optional all-zero result check after D-H. This check becomes a MUST in draft-ietf-tls-rfc4492bis § 5.10 and 5.11. |
Check length but this is already implemented in cryptonite. :-)
We should implement it. |
We don't need to do anything special in tls if cryptonite has a check for point-at-infinity in ECIES, like described on the Wikipedia page or SEC 1 standard. All-zero value is identity element of X25519 and X448. But this means ECIES functions |
@ocheron Would you bring this issue to cryptonite repo? |
Yes that's my plan. |
Quick status update:
[EDIT: both now fixed in cryptonite-0.24] |
Anything I can do to help move this along? |
I'm waiting for RFC8446 to be published. :-) |
Ah ok, that I cannot help you with :). |
Note
My implementation has been fully merged to this upstream. This contents are now outdated.
See #282.
Introduction
This is the current status of TLS 1.3 implementation in Haskell. This text is repeatedly updated if necessary.
If you are not Haskellers, please refer to this first.
If you want to use TLS 1.3 of the
tls
package in Haskell, you should track thetls13
branch of the kazu-yamamoto's fork:All draft versions are available on this branch. See the commit logs.
On the
tls13
branch, commits are frequently squashed, rebased and force-updated. So, you should do the following if necessary:Supported
Interoperability
TLS 1.3 draft 28 interoperability
Other clients to Haskell TLS server:
Haskell client to other servers:
TLS 1.3 draft 23/24 interoperability
Other clients to Haskell TLS server:
Haskell client to other servers:
draft 22
Other clients to Haskell TLS server:
Haskell client to other servers:
draft 21
Other clients to Haskell TLS server:
Haskell client to other servers:
draft 20
Other clients to Haskell TLS server:
Haskell client to other servers:
draft 19
The specification of draft 19 has a bug that EndOfEarlyData is not included in transcript calculation. Draft 19 implementators should include it.
I don't spend time for draft 19 anymore because of draft 20.
Other clients to Haskell TLS server:
Haskell client to other servers:
draft 18
Other clients to Haskell TLS server
Haskell client to other servers
Things merged or fixed
Todo
Todo but NOT motivated
The text was updated successfully, but these errors were encountered: