| License | BSD-style |
|---|---|
| Maintainer | Vincent Hanquez <vincent@snarc.org> |
| Stability | experimental |
| Portability | unknown |
| Safe Haskell | Safe-Inferred |
| Language | Haskell2010 |
Network.TLS.Extra.Cipher
Description
Synopsis
- ciphersuite_default :: [Cipher]
- ciphersuite_default_det :: [Cipher]
- ciphersuite_all :: [Cipher]
- ciphersuite_all_det :: [Cipher]
- ciphersuite_medium :: [Cipher]
- ciphersuite_strong :: [Cipher]
- ciphersuite_strong_det :: [Cipher]
- ciphersuite_unencrypted :: [Cipher]
- ciphersuite_dhe_rsa :: [Cipher]
- ciphersuite_dhe_dss :: [Cipher]
- cipher_null_SHA1 :: Cipher
- cipher_AES128_SHA1 :: Cipher
- cipher_AES256_SHA1 :: Cipher
- cipher_AES128_SHA256 :: Cipher
- cipher_AES256_SHA256 :: Cipher
- cipher_AES128CCM_SHA256 :: Cipher
- cipher_AES128CCM8_SHA256 :: Cipher
- cipher_AES128GCM_SHA256 :: Cipher
- cipher_AES256CCM_SHA256 :: Cipher
- cipher_AES256CCM8_SHA256 :: Cipher
- cipher_AES256GCM_SHA384 :: Cipher
- cipher_DHE_RSA_AES128_SHA1 :: Cipher
- cipher_DHE_RSA_AES256_SHA1 :: Cipher
- cipher_DHE_RSA_AES128_SHA256 :: Cipher
- cipher_DHE_RSA_AES256_SHA256 :: Cipher
- cipher_DHE_DSS_AES128_SHA1 :: Cipher
- cipher_DHE_DSS_AES256_SHA1 :: Cipher
- cipher_DHE_RSA_AES128CCM_SHA256 :: Cipher
- cipher_DHE_RSA_AES128CCM8_SHA256 :: Cipher
- cipher_DHE_RSA_AES128GCM_SHA256 :: Cipher
- cipher_DHE_RSA_AES256CCM_SHA256 :: Cipher
- cipher_DHE_RSA_AES256CCM8_SHA256 :: Cipher
- cipher_DHE_RSA_AES256GCM_SHA384 :: Cipher
- cipher_DHE_RSA_CHACHA20POLY1305_SHA256 :: Cipher
- cipher_ECDHE_RSA_AES128GCM_SHA256 :: Cipher
- cipher_ECDHE_RSA_AES256GCM_SHA384 :: Cipher
- cipher_ECDHE_RSA_AES128CBC_SHA256 :: Cipher
- cipher_ECDHE_RSA_AES128CBC_SHA :: Cipher
- cipher_ECDHE_RSA_AES256CBC_SHA :: Cipher
- cipher_ECDHE_RSA_AES256CBC_SHA384 :: Cipher
- cipher_ECDHE_RSA_CHACHA20POLY1305_SHA256 :: Cipher
- cipher_ECDHE_ECDSA_AES128CBC_SHA :: Cipher
- cipher_ECDHE_ECDSA_AES256CBC_SHA :: Cipher
- cipher_ECDHE_ECDSA_AES128CBC_SHA256 :: Cipher
- cipher_ECDHE_ECDSA_AES256CBC_SHA384 :: Cipher
- cipher_ECDHE_ECDSA_AES128CCM_SHA256 :: Cipher
- cipher_ECDHE_ECDSA_AES128CCM8_SHA256 :: Cipher
- cipher_ECDHE_ECDSA_AES128GCM_SHA256 :: Cipher
- cipher_ECDHE_ECDSA_AES256CCM_SHA256 :: Cipher
- cipher_ECDHE_ECDSA_AES256CCM8_SHA256 :: Cipher
- cipher_ECDHE_ECDSA_AES256GCM_SHA384 :: Cipher
- cipher_ECDHE_ECDSA_CHACHA20POLY1305_SHA256 :: Cipher
- cipher_TLS13_AES128GCM_SHA256 :: Cipher
- cipher_TLS13_AES256GCM_SHA384 :: Cipher
- cipher_TLS13_CHACHA20POLY1305_SHA256 :: Cipher
- cipher_TLS13_AES128CCM_SHA256 :: Cipher
- cipher_TLS13_AES128CCM8_SHA256 :: Cipher
- cipher_RSA_3DES_EDE_CBC_SHA1 :: Cipher
- cipher_RC4_128_MD5 :: Cipher
- cipher_RC4_128_SHA1 :: Cipher
- cipher_null_MD5 :: Cipher
- cipher_DHE_DSS_RC4_SHA1 :: Cipher
cipher suite
ciphersuite_default :: [Cipher] #
All AES and ChaCha20-Poly1305 ciphers supported ordered from strong to weak. This choice of ciphersuites should satisfy most normal needs. For otherwise strong ciphers we make little distinction between AES128 and AES256, and list each but the weakest of the AES128 ciphers ahead of the corresponding AES256 ciphers.
AEAD ciphers with equivalent security properties are ordered based on CPU
hardware-acceleration support. If this dynamic runtime behavior is not
desired, use ciphersuite_default_det instead.
ciphersuite_default_det :: [Cipher] #
Same as ciphersuite_default, but using deterministic preference not
influenced by the CPU.
ciphersuite_all :: [Cipher] #
Warning: This ciphersuite list contains RC4. Use ciphersuite_strong or ciphersuite_default instead.
The default ciphersuites + some not recommended last resort ciphers.
AEAD ciphers with equivalent security properties are ordered based on CPU
hardware-acceleration support. If this dynamic runtime behavior is not
desired, use ciphersuite_all_det instead.
ciphersuite_all_det :: [Cipher] #
Warning: This ciphersuite list contains RC4. Use ciphersuite_strong_det or ciphersuite_default_det instead.
Same as ciphersuite_all, but using deterministic preference not
influenced by the CPU.
ciphersuite_medium :: [Cipher] #
Deprecated: Use ciphersuite_strong or ciphersuite_default instead.
list of medium ciphers.
ciphersuite_strong :: [Cipher] #
The strongest ciphers supported. For ciphers with PFS, AEAD and SHA2, we list each AES128 variant after the corresponding AES256 and ChaCha20-Poly1305 variants. For weaker constructs, we use just the AES256 form.
AEAD ciphers with equivalent security properties are ordered based on CPU
hardware-acceleration support. If this dynamic runtime behavior is not
desired, use ciphersuite_strong_det instead.
ciphersuite_strong_det :: [Cipher] #
Same as ciphersuite_strong, but using deterministic preference not
influenced by the CPU.
ciphersuite_unencrypted :: [Cipher] #
all unencrypted ciphers, do not use on insecure network.
ciphersuite_dhe_rsa :: [Cipher] #
DHE-RSA cipher suite. This only includes ciphers bound specifically to DHE-RSA so TLS 1.3 ciphers must be added separately.
ciphersuite_dhe_dss :: [Cipher] #
individual ciphers
unencrypted cipher using RSA for key exchange and SHA1 for digest
cipher_AES128_SHA1 :: Cipher #
AES cipher (128 bit key), RSA key exchange and SHA1 for digest
cipher_AES256_SHA1 :: Cipher #
AES cipher (256 bit key), RSA key exchange and SHA1 for digest
cipher_AES128_SHA256 :: Cipher #
AES cipher (128 bit key), RSA key exchange and SHA256 for digest
cipher_AES256_SHA256 :: Cipher #
AES cipher (256 bit key), RSA key exchange and SHA256 for digest
cipher_AES128CCM_SHA256 :: Cipher #
AESCCM cipher (128 bit key), RSA key exchange. The SHA256 digest is used as a PRF, not as a MAC.
cipher_AES128CCM8_SHA256 :: Cipher #
AESCCM8 cipher (128 bit key), RSA key exchange. The SHA256 digest is used as a PRF, not as a MAC.
cipher_AES128GCM_SHA256 :: Cipher #
AESGCM cipher (128 bit key), RSA key exchange. The SHA256 digest is used as a PRF, not as a MAC.
cipher_AES256CCM_SHA256 :: Cipher #
AESCCM cipher (256 bit key), RSA key exchange. The SHA256 digest is used as a PRF, not as a MAC.
cipher_AES256CCM8_SHA256 :: Cipher #
AESCCM8 cipher (256 bit key), RSA key exchange. The SHA256 digest is used as a PRF, not as a MAC.
cipher_AES256GCM_SHA384 :: Cipher #
AESGCM cipher (256 bit key), RSA key exchange. The SHA384 digest is used as a PRF, not as a MAC.
cipher_DHE_RSA_AES128_SHA1 :: Cipher #
AES cipher (128 bit key), DHE key exchanged signed by RSA and SHA1 for digest
cipher_DHE_RSA_AES256_SHA1 :: Cipher #
AES cipher (256 bit key), DHE key exchanged signed by RSA and SHA1 for digest
cipher_DHE_DSS_AES128_SHA1 :: Cipher #
AES cipher (128 bit key), DHE key exchanged signed by DSA and SHA1 for digest
cipher_DHE_DSS_AES256_SHA1 :: Cipher #
AES cipher (256 bit key), DHE key exchanged signed by DSA and SHA1 for digest
obsolete and non-standard ciphers
cipher_RSA_3DES_EDE_CBC_SHA1 :: Cipher #
3DES cipher (168 bit key), RSA key exchange and SHA1 for digest
cipher_RC4_128_MD5 :: Cipher #
RC4 cipher, RSA key exchange and MD5 for digest
cipher_RC4_128_SHA1 :: Cipher #
RC4 cipher, RSA key exchange and SHA1 for digest
unencrypted cipher using RSA for key exchange and MD5 for digest