Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable sha384 ciphers #168

Merged
merged 10 commits into from
Dec 17, 2016
1 change: 1 addition & 0 deletions core/Network/TLS/Cipher.hs
Original file line number Diff line number Diff line change
Expand Up @@ -125,6 +125,7 @@ data Cipher = Cipher
, cipherBulk :: Bulk
, cipherKeyExchange :: CipherKeyExchangeType
, cipherMinVer :: Maybe Version
, cipherPRFHash :: Maybe Hash
}

cipherKeyBlockSize :: Cipher -> Int
Expand Down
9 changes: 6 additions & 3 deletions core/Network/TLS/Context.hs
Original file line number Diff line number Diff line change
Expand Up @@ -122,13 +122,16 @@ instance TLSParams ServerParams where
CipherKeyExchange_DHE_RSA -> canSignRSA && canDHE
CipherKeyExchange_DHE_DSS -> canSignDSS && canDHE
CipherKeyExchange_ECDHE_RSA -> canSignRSA
-- unimplemented: non ephemeral DH
-- unimplemented: EC
CipherKeyExchange_ECDHE_ECDSA -> False
-- unimplemented: non ephemeral DH & ECDH.
-- Note, these *should not* be implemented, and have
-- (for example) been removed in OpenSSL 1.1.0
--
CipherKeyExchange_DH_DSS -> False
CipherKeyExchange_DH_RSA -> False
-- unimplemented: EC
CipherKeyExchange_ECDH_ECDSA -> False
CipherKeyExchange_ECDH_RSA -> False
CipherKeyExchange_ECDHE_ECDSA -> False

canDHE = isJust $ serverDHEParams sparams
canSignDSS = SignatureDSS `elem` signingAlgs
Expand Down
2 changes: 1 addition & 1 deletion core/Network/TLS/Extension.hs
Original file line number Diff line number Diff line change
Expand Up @@ -270,7 +270,7 @@ data BrainPoolCurve =
deriving (Show,Eq)

availableEllipticCurves :: [NamedCurve]
availableEllipticCurves = [SEC SEC_p256r1, SEC SEC_p521r1]
availableEllipticCurves = [SEC SEC_p256r1, SEC SEC_p384r1, SEC SEC_p521r1]

instance EnumSafe16 NamedCurve where
fromEnumSafe16 NamedCurve_arbitrary_explicit_prime_curves = 0xFF01
Expand Down
Loading