{-# LANGUAGE Rank2Types #-}
{-# LANGUAGE MultiParamTypeClasses #-}
{-# LANGUAGE GeneralizedNewtypeDeriving #-}
-- |
-- Module      : Network.TLS.State
-- License     : BSD-style
-- Maintainer  : Vincent Hanquez <vincent@snarc.org>
-- Stability   : experimental
-- Portability : unknown
--
-- the State module contains calls related to state initialization/manipulation
-- which is use by the Receiving module and the Sending module.
--
module Network.TLS.State
    ( TLSState(..)
    , TLSSt
    , runTLSState
    , newTLSState
    , withTLSRNG
    , updateVerifiedData
    , finishHandshakeTypeMaterial
    , finishHandshakeMaterial
    , certVerifyHandshakeTypeMaterial
    , certVerifyHandshakeMaterial
    , setVersion
    , setVersionIfUnset
    , getVersion
    , getVersionWithDefault
    , setSecureRenegotiation
    , getSecureRenegotiation
    , setExtensionALPN
    , getExtensionALPN
    , setNegotiatedProtocol
    , getNegotiatedProtocol
    , setClientALPNSuggest
    , getClientALPNSuggest
    , setClientEcPointFormatSuggest
    , getClientEcPointFormatSuggest
    , getClientCertificateChain
    , setClientCertificateChain
    , setClientSNI
    , getClientSNI
    , getVerifiedData
    , setSession
    , getSession
    , isSessionResuming
    , isClientContext
    , setExporterMasterSecret
    , getExporterMasterSecret
    , setTLS13KeyShare
    , getTLS13KeyShare
    , setTLS13PreSharedKey
    , getTLS13PreSharedKey
    , setTLS13HRR
    , getTLS13HRR
    , setTLS13Cookie
    , getTLS13Cookie
    , setClientSupportsPHA
    , getClientSupportsPHA
    -- * random
    , genRandom
    , withRNG
    ) where

import Network.TLS.Imports
import Network.TLS.Struct
import Network.TLS.Struct13
import Network.TLS.RNG
import Network.TLS.Types (Role(..), HostName)
import Network.TLS.Wire (GetContinuation)
import Network.TLS.Extension
import qualified Data.ByteString as B
import Control.Monad.State.Strict
import Network.TLS.ErrT
import Crypto.Random
import Data.X509 (CertificateChain)

data TLSState = TLSState
    { TLSState -> Session
stSession             :: Session
    , TLSState -> Bool
stSessionResuming     :: Bool
    , TLSState -> Bool
stSecureRenegotiation :: Bool  -- RFC 5746
    , TLSState -> ByteString
stClientVerifiedData  :: ByteString -- RFC 5746
    , TLSState -> ByteString
stServerVerifiedData  :: ByteString -- RFC 5746
    , TLSState -> Bool
stExtensionALPN       :: Bool  -- RFC 7301
    , TLSState -> Maybe (GetContinuation (HandshakeType, ByteString))
stHandshakeRecordCont :: Maybe (GetContinuation (HandshakeType, ByteString))
    , TLSState -> Maybe ByteString
stNegotiatedProtocol  :: Maybe B.ByteString -- ALPN protocol
    , TLSState -> Maybe (GetContinuation (HandshakeType13, ByteString))
stHandshakeRecordCont13 :: Maybe (GetContinuation (HandshakeType13, ByteString))
    , TLSState -> Maybe [ByteString]
stClientALPNSuggest   :: Maybe [B.ByteString]
    , TLSState -> Maybe [Group]
stClientGroupSuggest  :: Maybe [Group]
    , TLSState -> Maybe [EcPointFormat]
stClientEcPointFormatSuggest :: Maybe [EcPointFormat]
    , TLSState -> Maybe CertificateChain
stClientCertificateChain :: Maybe CertificateChain
    , TLSState -> Maybe HostName
stClientSNI           :: Maybe HostName
    , TLSState -> StateRNG
stRandomGen           :: StateRNG
    , TLSState -> Maybe Version
stVersion             :: Maybe Version
    , TLSState -> Role
stClientContext       :: Role
    , TLSState -> Maybe KeyShare
stTLS13KeyShare       :: Maybe KeyShare
    , TLSState -> Maybe PreSharedKey
stTLS13PreSharedKey   :: Maybe PreSharedKey
    , TLSState -> Bool
stTLS13HRR            :: !Bool
    , TLSState -> Maybe Cookie
stTLS13Cookie         :: Maybe Cookie
    , TLSState -> Maybe ByteString
stExporterMasterSecret :: Maybe ByteString -- TLS 1.3
    , TLSState -> Bool
stClientSupportsPHA   :: !Bool -- Post-Handshake Authentication (TLS 1.3)
    }

newtype TLSSt a = TLSSt { forall a. TLSSt a -> ErrT TLSError (State TLSState) a
runTLSSt :: ErrT TLSError (State TLSState) a }
    deriving (Applicative TLSSt
forall a. a -> TLSSt a
forall a b. TLSSt a -> TLSSt b -> TLSSt b
forall a b. TLSSt a -> (a -> TLSSt b) -> TLSSt b
forall (m :: * -> *).
Applicative m
-> (forall a b. m a -> (a -> m b) -> m b)
-> (forall a b. m a -> m b -> m b)
-> (forall a. a -> m a)
-> Monad m
return :: forall a. a -> TLSSt a
$creturn :: forall a. a -> TLSSt a
>> :: forall a b. TLSSt a -> TLSSt b -> TLSSt b
$c>> :: forall a b. TLSSt a -> TLSSt b -> TLSSt b
>>= :: forall a b. TLSSt a -> (a -> TLSSt b) -> TLSSt b
$c>>= :: forall a b. TLSSt a -> (a -> TLSSt b) -> TLSSt b
Monad, MonadError TLSError, forall a b. a -> TLSSt b -> TLSSt a
forall a b. (a -> b) -> TLSSt a -> TLSSt b
forall (f :: * -> *).
(forall a b. (a -> b) -> f a -> f b)
-> (forall a b. a -> f b -> f a) -> Functor f
<$ :: forall a b. a -> TLSSt b -> TLSSt a
$c<$ :: forall a b. a -> TLSSt b -> TLSSt a
fmap :: forall a b. (a -> b) -> TLSSt a -> TLSSt b
$cfmap :: forall a b. (a -> b) -> TLSSt a -> TLSSt b
Functor, Functor TLSSt
forall a. a -> TLSSt a
forall a b. TLSSt a -> TLSSt b -> TLSSt a
forall a b. TLSSt a -> TLSSt b -> TLSSt b
forall a b. TLSSt (a -> b) -> TLSSt a -> TLSSt b
forall a b c. (a -> b -> c) -> TLSSt a -> TLSSt b -> TLSSt c
forall (f :: * -> *).
Functor f
-> (forall a. a -> f a)
-> (forall a b. f (a -> b) -> f a -> f b)
-> (forall a b c. (a -> b -> c) -> f a -> f b -> f c)
-> (forall a b. f a -> f b -> f b)
-> (forall a b. f a -> f b -> f a)
-> Applicative f
<* :: forall a b. TLSSt a -> TLSSt b -> TLSSt a
$c<* :: forall a b. TLSSt a -> TLSSt b -> TLSSt a
*> :: forall a b. TLSSt a -> TLSSt b -> TLSSt b
$c*> :: forall a b. TLSSt a -> TLSSt b -> TLSSt b
liftA2 :: forall a b c. (a -> b -> c) -> TLSSt a -> TLSSt b -> TLSSt c
$cliftA2 :: forall a b c. (a -> b -> c) -> TLSSt a -> TLSSt b -> TLSSt c
<*> :: forall a b. TLSSt (a -> b) -> TLSSt a -> TLSSt b
$c<*> :: forall a b. TLSSt (a -> b) -> TLSSt a -> TLSSt b
pure :: forall a. a -> TLSSt a
$cpure :: forall a. a -> TLSSt a
Applicative)

instance MonadState TLSState TLSSt where
    put :: TLSState -> TLSSt ()
put TLSState
x = forall a. ErrT TLSError (State TLSState) a -> TLSSt a
TLSSt (forall (t :: (* -> *) -> * -> *) (m :: * -> *) a.
(MonadTrans t, Monad m) =>
m a -> t m a
lift forall a b. (a -> b) -> a -> b
$ forall s (m :: * -> *). MonadState s m => s -> m ()
put TLSState
x)
    get :: TLSSt TLSState
get   = forall a. ErrT TLSError (State TLSState) a -> TLSSt a
TLSSt (forall (t :: (* -> *) -> * -> *) (m :: * -> *) a.
(MonadTrans t, Monad m) =>
m a -> t m a
lift forall s (m :: * -> *). MonadState s m => m s
get)
    state :: forall a. (TLSState -> (a, TLSState)) -> TLSSt a
state TLSState -> (a, TLSState)
f = forall a. ErrT TLSError (State TLSState) a -> TLSSt a
TLSSt (forall (t :: (* -> *) -> * -> *) (m :: * -> *) a.
(MonadTrans t, Monad m) =>
m a -> t m a
lift forall a b. (a -> b) -> a -> b
$ forall s (m :: * -> *) a. MonadState s m => (s -> (a, s)) -> m a
state TLSState -> (a, TLSState)
f)

runTLSState :: TLSSt a -> TLSState -> (Either TLSError a, TLSState)
runTLSState :: forall a. TLSSt a -> TLSState -> (Either TLSError a, TLSState)
runTLSState TLSSt a
f TLSState
st = forall s a. State s a -> s -> (a, s)
runState (forall e (m :: * -> *) a. ExceptT e m a -> m (Either e a)
runErrT (forall a. TLSSt a -> ErrT TLSError (State TLSState) a
runTLSSt TLSSt a
f)) TLSState
st

newTLSState :: StateRNG -> Role -> TLSState
newTLSState :: StateRNG -> Role -> TLSState
newTLSState StateRNG
rng Role
clientContext = TLSState
    { stSession :: Session
stSession             = Maybe ByteString -> Session
Session forall a. Maybe a
Nothing
    , stSessionResuming :: Bool
stSessionResuming     = Bool
False
    , stSecureRenegotiation :: Bool
stSecureRenegotiation = Bool
False
    , stClientVerifiedData :: ByteString
stClientVerifiedData  = ByteString
B.empty
    , stServerVerifiedData :: ByteString
stServerVerifiedData  = ByteString
B.empty
    , stExtensionALPN :: Bool
stExtensionALPN       = Bool
False
    , stHandshakeRecordCont :: Maybe (GetContinuation (HandshakeType, ByteString))
stHandshakeRecordCont = forall a. Maybe a
Nothing
    , stHandshakeRecordCont13 :: Maybe (GetContinuation (HandshakeType13, ByteString))
stHandshakeRecordCont13 = forall a. Maybe a
Nothing
    , stNegotiatedProtocol :: Maybe ByteString
stNegotiatedProtocol  = forall a. Maybe a
Nothing
    , stClientALPNSuggest :: Maybe [ByteString]
stClientALPNSuggest   = forall a. Maybe a
Nothing
    , stClientGroupSuggest :: Maybe [Group]
stClientGroupSuggest  = forall a. Maybe a
Nothing
    , stClientEcPointFormatSuggest :: Maybe [EcPointFormat]
stClientEcPointFormatSuggest = forall a. Maybe a
Nothing
    , stClientCertificateChain :: Maybe CertificateChain
stClientCertificateChain = forall a. Maybe a
Nothing
    , stClientSNI :: Maybe HostName
stClientSNI           = forall a. Maybe a
Nothing
    , stRandomGen :: StateRNG
stRandomGen           = StateRNG
rng
    , stVersion :: Maybe Version
stVersion             = forall a. Maybe a
Nothing
    , stClientContext :: Role
stClientContext       = Role
clientContext
    , stTLS13KeyShare :: Maybe KeyShare
stTLS13KeyShare       = forall a. Maybe a
Nothing
    , stTLS13PreSharedKey :: Maybe PreSharedKey
stTLS13PreSharedKey   = forall a. Maybe a
Nothing
    , stTLS13HRR :: Bool
stTLS13HRR            = Bool
False
    , stTLS13Cookie :: Maybe Cookie
stTLS13Cookie         = forall a. Maybe a
Nothing
    , stExporterMasterSecret :: Maybe ByteString
stExporterMasterSecret = forall a. Maybe a
Nothing
    , stClientSupportsPHA :: Bool
stClientSupportsPHA   = Bool
False
    }

updateVerifiedData :: Role -> ByteString -> TLSSt ()
updateVerifiedData :: Role -> ByteString -> TLSSt ()
updateVerifiedData Role
sending ByteString
bs = do
    Role
cc <- TLSSt Role
isClientContext
    if Role
cc forall a. Eq a => a -> a -> Bool
/= Role
sending
        then forall s (m :: * -> *). MonadState s m => (s -> s) -> m ()
modify (\TLSState
st -> TLSState
st { stServerVerifiedData :: ByteString
stServerVerifiedData = ByteString
bs })
        else forall s (m :: * -> *). MonadState s m => (s -> s) -> m ()
modify (\TLSState
st -> TLSState
st { stClientVerifiedData :: ByteString
stClientVerifiedData = ByteString
bs })

finishHandshakeTypeMaterial :: HandshakeType -> Bool
finishHandshakeTypeMaterial :: HandshakeType -> Bool
finishHandshakeTypeMaterial HandshakeType
HandshakeType_ClientHello     = Bool
True
finishHandshakeTypeMaterial HandshakeType
HandshakeType_ServerHello     = Bool
True
finishHandshakeTypeMaterial HandshakeType
HandshakeType_Certificate     = Bool
True
finishHandshakeTypeMaterial HandshakeType
HandshakeType_HelloRequest    = Bool
False
finishHandshakeTypeMaterial HandshakeType
HandshakeType_ServerHelloDone = Bool
True
finishHandshakeTypeMaterial HandshakeType
HandshakeType_ClientKeyXchg   = Bool
True
finishHandshakeTypeMaterial HandshakeType
HandshakeType_ServerKeyXchg   = Bool
True
finishHandshakeTypeMaterial HandshakeType
HandshakeType_CertRequest     = Bool
True
finishHandshakeTypeMaterial HandshakeType
HandshakeType_CertVerify      = Bool
True
finishHandshakeTypeMaterial HandshakeType
HandshakeType_Finished        = Bool
True

finishHandshakeMaterial :: Handshake -> Bool
finishHandshakeMaterial :: Handshake -> Bool
finishHandshakeMaterial = HandshakeType -> Bool
finishHandshakeTypeMaterial forall b c a. (b -> c) -> (a -> b) -> a -> c
. Handshake -> HandshakeType
typeOfHandshake

certVerifyHandshakeTypeMaterial :: HandshakeType -> Bool
certVerifyHandshakeTypeMaterial :: HandshakeType -> Bool
certVerifyHandshakeTypeMaterial HandshakeType
HandshakeType_ClientHello     = Bool
True
certVerifyHandshakeTypeMaterial HandshakeType
HandshakeType_ServerHello     = Bool
True
certVerifyHandshakeTypeMaterial HandshakeType
HandshakeType_Certificate     = Bool
True
certVerifyHandshakeTypeMaterial HandshakeType
HandshakeType_HelloRequest    = Bool
False
certVerifyHandshakeTypeMaterial HandshakeType
HandshakeType_ServerHelloDone = Bool
True
certVerifyHandshakeTypeMaterial HandshakeType
HandshakeType_ClientKeyXchg   = Bool
True
certVerifyHandshakeTypeMaterial HandshakeType
HandshakeType_ServerKeyXchg   = Bool
True
certVerifyHandshakeTypeMaterial HandshakeType
HandshakeType_CertRequest     = Bool
True
certVerifyHandshakeTypeMaterial HandshakeType
HandshakeType_CertVerify      = Bool
False
certVerifyHandshakeTypeMaterial HandshakeType
HandshakeType_Finished        = Bool
False

certVerifyHandshakeMaterial :: Handshake -> Bool
certVerifyHandshakeMaterial :: Handshake -> Bool
certVerifyHandshakeMaterial = HandshakeType -> Bool
certVerifyHandshakeTypeMaterial forall b c a. (b -> c) -> (a -> b) -> a -> c
. Handshake -> HandshakeType
typeOfHandshake

setSession :: Session -> Bool -> TLSSt ()
setSession :: Session -> Bool -> TLSSt ()
setSession Session
session Bool
resuming = forall s (m :: * -> *). MonadState s m => (s -> s) -> m ()
modify (\TLSState
st -> TLSState
st { stSession :: Session
stSession = Session
session, stSessionResuming :: Bool
stSessionResuming = Bool
resuming })

getSession :: TLSSt Session
getSession :: TLSSt Session
getSession = forall s (m :: * -> *) a. MonadState s m => (s -> a) -> m a
gets TLSState -> Session
stSession

isSessionResuming :: TLSSt Bool
isSessionResuming :: TLSSt Bool
isSessionResuming = forall s (m :: * -> *) a. MonadState s m => (s -> a) -> m a
gets TLSState -> Bool
stSessionResuming

setVersion :: Version -> TLSSt ()
setVersion :: Version -> TLSSt ()
setVersion Version
ver = forall s (m :: * -> *). MonadState s m => (s -> s) -> m ()
modify (\TLSState
st -> TLSState
st { stVersion :: Maybe Version
stVersion = forall a. a -> Maybe a
Just Version
ver })

setVersionIfUnset :: Version -> TLSSt ()
setVersionIfUnset :: Version -> TLSSt ()
setVersionIfUnset Version
ver = forall s (m :: * -> *). MonadState s m => (s -> s) -> m ()
modify TLSState -> TLSState
maybeSet
  where maybeSet :: TLSState -> TLSState
maybeSet TLSState
st = case TLSState -> Maybe Version
stVersion TLSState
st of
                           Maybe Version
Nothing -> TLSState
st { stVersion :: Maybe Version
stVersion = forall a. a -> Maybe a
Just Version
ver }
                           Just Version
_  -> TLSState
st

getVersion :: TLSSt Version
getVersion :: TLSSt Version
getVersion = forall a. a -> Maybe a -> a
fromMaybe (forall a. HasCallStack => HostName -> a
error HostName
"internal error: version hasn't been set yet") forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> forall s (m :: * -> *) a. MonadState s m => (s -> a) -> m a
gets TLSState -> Maybe Version
stVersion

getVersionWithDefault :: Version -> TLSSt Version
getVersionWithDefault :: Version -> TLSSt Version
getVersionWithDefault Version
defaultVer = forall a. a -> Maybe a -> a
fromMaybe Version
defaultVer forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> forall s (m :: * -> *) a. MonadState s m => (s -> a) -> m a
gets TLSState -> Maybe Version
stVersion

setSecureRenegotiation :: Bool -> TLSSt ()
setSecureRenegotiation :: Bool -> TLSSt ()
setSecureRenegotiation Bool
b = forall s (m :: * -> *). MonadState s m => (s -> s) -> m ()
modify (\TLSState
st -> TLSState
st { stSecureRenegotiation :: Bool
stSecureRenegotiation = Bool
b })

getSecureRenegotiation :: TLSSt Bool
getSecureRenegotiation :: TLSSt Bool
getSecureRenegotiation = forall s (m :: * -> *) a. MonadState s m => (s -> a) -> m a
gets TLSState -> Bool
stSecureRenegotiation

setExtensionALPN :: Bool -> TLSSt ()
setExtensionALPN :: Bool -> TLSSt ()
setExtensionALPN Bool
b = forall s (m :: * -> *). MonadState s m => (s -> s) -> m ()
modify (\TLSState
st -> TLSState
st { stExtensionALPN :: Bool
stExtensionALPN = Bool
b })

getExtensionALPN :: TLSSt Bool
getExtensionALPN :: TLSSt Bool
getExtensionALPN = forall s (m :: * -> *) a. MonadState s m => (s -> a) -> m a
gets TLSState -> Bool
stExtensionALPN

setNegotiatedProtocol :: B.ByteString -> TLSSt ()
setNegotiatedProtocol :: ByteString -> TLSSt ()
setNegotiatedProtocol ByteString
s = forall s (m :: * -> *). MonadState s m => (s -> s) -> m ()
modify (\TLSState
st -> TLSState
st { stNegotiatedProtocol :: Maybe ByteString
stNegotiatedProtocol = forall a. a -> Maybe a
Just ByteString
s })

getNegotiatedProtocol :: TLSSt (Maybe B.ByteString)
getNegotiatedProtocol :: TLSSt (Maybe ByteString)
getNegotiatedProtocol = forall s (m :: * -> *) a. MonadState s m => (s -> a) -> m a
gets TLSState -> Maybe ByteString
stNegotiatedProtocol

setClientALPNSuggest :: [B.ByteString] -> TLSSt ()
setClientALPNSuggest :: [ByteString] -> TLSSt ()
setClientALPNSuggest [ByteString]
ps = forall s (m :: * -> *). MonadState s m => (s -> s) -> m ()
modify (\TLSState
st -> TLSState
st { stClientALPNSuggest :: Maybe [ByteString]
stClientALPNSuggest = forall a. a -> Maybe a
Just [ByteString]
ps})

getClientALPNSuggest :: TLSSt (Maybe [B.ByteString])
getClientALPNSuggest :: TLSSt (Maybe [ByteString])
getClientALPNSuggest = forall s (m :: * -> *) a. MonadState s m => (s -> a) -> m a
gets TLSState -> Maybe [ByteString]
stClientALPNSuggest

setClientEcPointFormatSuggest :: [EcPointFormat] -> TLSSt ()
setClientEcPointFormatSuggest :: [EcPointFormat] -> TLSSt ()
setClientEcPointFormatSuggest [EcPointFormat]
epf = forall s (m :: * -> *). MonadState s m => (s -> s) -> m ()
modify (\TLSState
st -> TLSState
st { stClientEcPointFormatSuggest :: Maybe [EcPointFormat]
stClientEcPointFormatSuggest = forall a. a -> Maybe a
Just [EcPointFormat]
epf})

getClientEcPointFormatSuggest :: TLSSt (Maybe [EcPointFormat])
getClientEcPointFormatSuggest :: TLSSt (Maybe [EcPointFormat])
getClientEcPointFormatSuggest = forall s (m :: * -> *) a. MonadState s m => (s -> a) -> m a
gets TLSState -> Maybe [EcPointFormat]
stClientEcPointFormatSuggest

setClientCertificateChain :: CertificateChain -> TLSSt ()
setClientCertificateChain :: CertificateChain -> TLSSt ()
setClientCertificateChain CertificateChain
s = forall s (m :: * -> *). MonadState s m => (s -> s) -> m ()
modify (\TLSState
st -> TLSState
st { stClientCertificateChain :: Maybe CertificateChain
stClientCertificateChain = forall a. a -> Maybe a
Just CertificateChain
s })

getClientCertificateChain :: TLSSt (Maybe CertificateChain)
getClientCertificateChain :: TLSSt (Maybe CertificateChain)
getClientCertificateChain = forall s (m :: * -> *) a. MonadState s m => (s -> a) -> m a
gets TLSState -> Maybe CertificateChain
stClientCertificateChain

setClientSNI :: HostName -> TLSSt ()
setClientSNI :: HostName -> TLSSt ()
setClientSNI HostName
hn = forall s (m :: * -> *). MonadState s m => (s -> s) -> m ()
modify (\TLSState
st -> TLSState
st { stClientSNI :: Maybe HostName
stClientSNI = forall a. a -> Maybe a
Just HostName
hn })

getClientSNI :: TLSSt (Maybe HostName)
getClientSNI :: TLSSt (Maybe HostName)
getClientSNI = forall s (m :: * -> *) a. MonadState s m => (s -> a) -> m a
gets TLSState -> Maybe HostName
stClientSNI

getVerifiedData :: Role -> TLSSt ByteString
getVerifiedData :: Role -> TLSSt ByteString
getVerifiedData Role
client = forall s (m :: * -> *) a. MonadState s m => (s -> a) -> m a
gets (if Role
client forall a. Eq a => a -> a -> Bool
== Role
ClientRole then TLSState -> ByteString
stClientVerifiedData else TLSState -> ByteString
stServerVerifiedData)

isClientContext :: TLSSt Role
isClientContext :: TLSSt Role
isClientContext = forall s (m :: * -> *) a. MonadState s m => (s -> a) -> m a
gets TLSState -> Role
stClientContext

genRandom :: Int -> TLSSt ByteString
genRandom :: Int -> TLSSt ByteString
genRandom Int
n = do
    forall a. MonadPseudoRandom StateRNG a -> TLSSt a
withRNG (forall (m :: * -> *) byteArray.
(MonadRandom m, ByteArray byteArray) =>
Int -> m byteArray
getRandomBytes Int
n)

withRNG :: MonadPseudoRandom StateRNG a -> TLSSt a
withRNG :: forall a. MonadPseudoRandom StateRNG a -> TLSSt a
withRNG MonadPseudoRandom StateRNG a
f = do
    TLSState
st <- forall s (m :: * -> *). MonadState s m => m s
get
    let (a
a,StateRNG
rng') = forall a. StateRNG -> MonadPseudoRandom StateRNG a -> (a, StateRNG)
withTLSRNG (TLSState -> StateRNG
stRandomGen TLSState
st) MonadPseudoRandom StateRNG a
f
    forall s (m :: * -> *). MonadState s m => s -> m ()
put (TLSState
st { stRandomGen :: StateRNG
stRandomGen = StateRNG
rng' })
    forall (m :: * -> *) a. Monad m => a -> m a
return a
a

setExporterMasterSecret :: ByteString -> TLSSt ()
setExporterMasterSecret :: ByteString -> TLSSt ()
setExporterMasterSecret ByteString
key = forall s (m :: * -> *). MonadState s m => (s -> s) -> m ()
modify (\TLSState
st -> TLSState
st { stExporterMasterSecret :: Maybe ByteString
stExporterMasterSecret = forall a. a -> Maybe a
Just ByteString
key })

getExporterMasterSecret :: TLSSt (Maybe ByteString)
getExporterMasterSecret :: TLSSt (Maybe ByteString)
getExporterMasterSecret = forall s (m :: * -> *) a. MonadState s m => (s -> a) -> m a
gets TLSState -> Maybe ByteString
stExporterMasterSecret

setTLS13KeyShare :: Maybe KeyShare -> TLSSt ()
setTLS13KeyShare :: Maybe KeyShare -> TLSSt ()
setTLS13KeyShare Maybe KeyShare
mks = forall s (m :: * -> *). MonadState s m => (s -> s) -> m ()
modify (\TLSState
st -> TLSState
st { stTLS13KeyShare :: Maybe KeyShare
stTLS13KeyShare = Maybe KeyShare
mks })

getTLS13KeyShare :: TLSSt (Maybe KeyShare)
getTLS13KeyShare :: TLSSt (Maybe KeyShare)
getTLS13KeyShare = forall s (m :: * -> *) a. MonadState s m => (s -> a) -> m a
gets TLSState -> Maybe KeyShare
stTLS13KeyShare

setTLS13PreSharedKey :: Maybe PreSharedKey -> TLSSt ()
setTLS13PreSharedKey :: Maybe PreSharedKey -> TLSSt ()
setTLS13PreSharedKey Maybe PreSharedKey
mpsk = forall s (m :: * -> *). MonadState s m => (s -> s) -> m ()
modify (\TLSState
st -> TLSState
st { stTLS13PreSharedKey :: Maybe PreSharedKey
stTLS13PreSharedKey = Maybe PreSharedKey
mpsk })

getTLS13PreSharedKey :: TLSSt (Maybe PreSharedKey)
getTLS13PreSharedKey :: TLSSt (Maybe PreSharedKey)
getTLS13PreSharedKey = forall s (m :: * -> *) a. MonadState s m => (s -> a) -> m a
gets TLSState -> Maybe PreSharedKey
stTLS13PreSharedKey

setTLS13HRR :: Bool -> TLSSt ()
setTLS13HRR :: Bool -> TLSSt ()
setTLS13HRR Bool
b = forall s (m :: * -> *). MonadState s m => (s -> s) -> m ()
modify (\TLSState
st -> TLSState
st { stTLS13HRR :: Bool
stTLS13HRR = Bool
b })

getTLS13HRR :: TLSSt Bool
getTLS13HRR :: TLSSt Bool
getTLS13HRR = forall s (m :: * -> *) a. MonadState s m => (s -> a) -> m a
gets TLSState -> Bool
stTLS13HRR

setTLS13Cookie :: Maybe Cookie -> TLSSt ()
setTLS13Cookie :: Maybe Cookie -> TLSSt ()
setTLS13Cookie Maybe Cookie
mcookie = forall s (m :: * -> *). MonadState s m => (s -> s) -> m ()
modify (\TLSState
st -> TLSState
st { stTLS13Cookie :: Maybe Cookie
stTLS13Cookie = Maybe Cookie
mcookie })

getTLS13Cookie :: TLSSt (Maybe Cookie)
getTLS13Cookie :: TLSSt (Maybe Cookie)
getTLS13Cookie = forall s (m :: * -> *) a. MonadState s m => (s -> a) -> m a
gets TLSState -> Maybe Cookie
stTLS13Cookie

setClientSupportsPHA :: Bool -> TLSSt ()
setClientSupportsPHA :: Bool -> TLSSt ()
setClientSupportsPHA Bool
b = forall s (m :: * -> *). MonadState s m => (s -> s) -> m ()
modify (\TLSState
st -> TLSState
st { stClientSupportsPHA :: Bool
stClientSupportsPHA = Bool
b })

getClientSupportsPHA :: TLSSt Bool
getClientSupportsPHA :: TLSSt Bool
getClientSupportsPHA = forall s (m :: * -> *) a. MonadState s m => (s -> a) -> m a
gets TLSState -> Bool
stClientSupportsPHA