TerribleTLS 1.0.0

Inadvisible pure-Scheme TLS 1.2 client

This is a TLS 1.0, TLS 1.1 and TLS 1.2 client written purely in R6RS Scheme.

Using it in its current version is inadvisible. Dozens of new pitfalls in the implementation techniques of TLS have been discovered since it was written.

⚠ This will be the last version to support TLS 1.0 and TLS 1.1.

$ akku update
$ akku install TerribleTLS
$ .akku/env
Authors

Göran Weinholt

Homepage

Information missing.

License

MIT

Dependencies

hashing
^1.0.0
industria
^2.2.0
struct-pack
^1.0.0
chez-srfi
^0.0.0-akku

Source code

https://gitlab.com/weinholt/TerribleTLS.git git
5504b17e08ef3e04c2e8a6018486426c1d05b9c9
Tag: v1.0.0

Package contents

  • (terrible-tls client) R6
    • → make-tls-wrapper flush-tls-output put-tls-record get-tls-record put-tls-alert-record put-tls-handshake put-tls-handshake-client-hello put-tls-handshake-certificate put-tls-handshake-client-key-exchange put-tls-handshake-certificate-verify put-tls-change-cipher-spec put-tls-handshake-finished put-tls-application-data tls-conn-remote-certs tls-conn-has-unprocessed-data?
    • ← (rnrs) R6
    • (srfi :1 lists) SRFI
    • (srfi :19 time) SRFI
    • ← (hashing md5)
    • ← (hashing sha-1)
    • ← (hashing sha-2)
    • ← (industria bytevectors)
    • ← (industria crypto ec)
    • ← (industria crypto ecdsa)
    • ← (industria crypto dh)
    • ← (industria crypto dsa)
    • ← (industria crypto entropy)
    • ← (industria crypto rsa)
    • ← (industria buffer)
    • ← (industria base64)
    • ← (struct pack)
    • ← (terrible-tls x509)
    • ← (terrible-tls private algorithms)
  • (terrible-tls private algorithms) R6 Internal
    • → tls-hash tls-hash-algorithm->oid tls-extension-supported-signature-algorithms tls-extension-supported-groups TLS-SIGNATURE-ANONYMOUS TLS-SIGNATURE-RSA TLS-SIGNATURE-DSA TLS-SIGNATURE-ECDSA TLS-HASH-NONE TLS-HASH-MD5 TLS-HASH-SHA-1 TLS-HASH-SHA-224 TLS-HASH-SHA-256 TLS-HASH-SHA-384 TLS-HASH-SHA-512 TLS-HASH-EdDSA TLS-GROUP-SECP256R1 TLS-GROUP-SECP384R1 TLS-GROUP-SECP521R1 TLS-GROUP-X25519 TLS-GROUP-X448 tls-prf-md5-sha1 tls-prf-sha256 null-cipher-suite supported-cipher-suites make-cs cs-name cs-id cs-kex cs-cipher cs-mac cs-key-length cs-fixed-iv-size cs-record-iv-size cs-block-size cs-expand-ekey cs-expand-dkey cs-hash-size cs-verify-data-length cs-compute-mac cs-encrypt! cs-decrypt!
    • ← (rnrs) R6
    • (srfi :39 parameters) SRFI
    • ← (industria bytevectors)
    • ← (struct pack)
    • ← (industria crypto aes)
    • ← (industria crypto dsa)
    • ← (industria crypto rsa)
    • ← (hashing md5)
    • ← (hashing sha-1)
    • ← (hashing sha-2)
  • (terrible-tls simple) R6
    • → tls-connect start-tls
    • ← (rnrs) R6
    • (srfi :1 lists) SRFI
    • ← (industria bytevectors)
    • ← (industria crypto rsa)
    • ← (industria tcp)
    • ← (terrible-tls client)
    • ← (terrible-tls x509)
  • (terrible-tls x509) R6
    • → certificate? certificate-from-bytevector certificate-public-key certificates-from-pem-file certificate->bytevector decipher-certificate-signature validate-certificate-path CA-path CA-file CA-procedure certificate-key-usage certificate-tbs-data print-certificate
    • ← (rnrs) R6
    • (srfi :13 strings) SRFI
    • (srfi :19 time) SRFI
    • (srfi :39 parameters) SRFI
    • ← (hashing md5)
    • ← (hashing sha-1)
    • ← (hashing sha-2)
    • ← (industria bytevectors)
    • ← (industria crypto ec)
    • ← (industria crypto ecdsa)
    • ← (industria crypto dsa)
    • ← (industria crypto rsa)
    • ← (industria der)
    • ← (industria base64)
    • ← (struct pack)

Version history

  • 2023-01-17 ~ 1.0.0
  • 2018-07-01 ~ 0.1.0-alpha.1
  • 2018-06-25 ~ 0.1.0-alpha.0