{-# LANGUAGE FlexibleContexts #-}
{-# LANGUAGE OverloadedStrings #-}

module Network.TLS.Packet13 (
    encodeHandshake13,
    decodeHandshakeRecord13,
    decodeHandshake13,
    decodeHandshakes13,
    encodeCertificate13,
) where

import qualified Data.ByteString as B
import Data.X509 (
    CertificateChain,
    CertificateChainRaw (..),
    decodeCertificateChain,
    encodeCertificateChain,
 )
import Network.TLS.ErrT
import Network.TLS.Imports
import Network.TLS.Packet
import Network.TLS.Struct
import Network.TLS.Struct13
import Network.TLS.Types
import Network.TLS.Wire

encodeHandshake13 :: Handshake13 -> ByteString
encodeHandshake13 :: Handshake13 -> ByteString
encodeHandshake13 Handshake13
hdsk = ByteString
pkt
  where
    tp :: HandshakeType
tp = Handshake13 -> HandshakeType
typeOfHandshake13 Handshake13
hdsk
    content :: ByteString
content = Handshake13 -> ByteString
encodeHandshake13' Handshake13
hdsk
    len :: Int
len = ByteString -> Int
B.length ByteString
content
    header :: ByteString
header = HandshakeType -> Int -> ByteString
encodeHandshakeHeader13 HandshakeType
tp Int
len
    pkt :: ByteString
pkt = [ByteString] -> ByteString
B.concat [ByteString
header, ByteString
content]

-- TLS 1.3 does not use "select (extensions_present)".
putExtensions :: [ExtensionRaw] -> Put
putExtensions :: [ExtensionRaw] -> Put
putExtensions [ExtensionRaw]
es = ByteString -> Put
putOpaque16 (Put -> ByteString
runPut (Put -> ByteString) -> Put -> ByteString
forall a b. (a -> b) -> a -> b
$ (ExtensionRaw -> Put) -> [ExtensionRaw] -> Put
forall (t :: * -> *) (m :: * -> *) a b.
(Foldable t, Monad m) =>
(a -> m b) -> t a -> m ()
mapM_ ExtensionRaw -> Put
putExtension [ExtensionRaw]
es)

encodeHandshake13' :: Handshake13 -> ByteString
encodeHandshake13' :: Handshake13 -> ByteString
encodeHandshake13' (ServerHello13 ServerRandom
random Session
session Word16
cipherId [ExtensionRaw]
exts) = Put -> ByteString
runPut (Put -> ByteString) -> Put -> ByteString
forall a b. (a -> b) -> a -> b
$ do
    Version -> Put
putBinaryVersion Version
TLS12
    ServerRandom -> Put
putServerRandom32 ServerRandom
random
    Session -> Put
putSession Session
session
    Word16 -> Put
putWord16 Word16
cipherId
    Putter Word8
putWord8 Word8
0 -- compressionID nullCompression
    [ExtensionRaw] -> Put
putExtensions [ExtensionRaw]
exts
encodeHandshake13' (EncryptedExtensions13 [ExtensionRaw]
exts) = Put -> ByteString
runPut (Put -> ByteString) -> Put -> ByteString
forall a b. (a -> b) -> a -> b
$ [ExtensionRaw] -> Put
putExtensions [ExtensionRaw]
exts
encodeHandshake13' (CertRequest13 ByteString
reqctx [ExtensionRaw]
exts) = Put -> ByteString
runPut (Put -> ByteString) -> Put -> ByteString
forall a b. (a -> b) -> a -> b
$ do
    ByteString -> Put
putOpaque8 ByteString
reqctx
    [ExtensionRaw] -> Put
putExtensions [ExtensionRaw]
exts
encodeHandshake13' (Certificate13 ByteString
reqctx CertificateChain
cc [[ExtensionRaw]]
ess) = ByteString -> CertificateChain -> [[ExtensionRaw]] -> ByteString
encodeCertificate13 ByteString
reqctx CertificateChain
cc [[ExtensionRaw]]
ess
encodeHandshake13' (CertVerify13 HashAndSignatureAlgorithm
hs ByteString
signature) = Put -> ByteString
runPut (Put -> ByteString) -> Put -> ByteString
forall a b. (a -> b) -> a -> b
$ do
    HashAndSignatureAlgorithm -> Put
putSignatureHashAlgorithm HashAndSignatureAlgorithm
hs
    ByteString -> Put
putOpaque16 ByteString
signature
encodeHandshake13' (Finished13 ByteString
dat) = Put -> ByteString
runPut (Put -> ByteString) -> Put -> ByteString
forall a b. (a -> b) -> a -> b
$ ByteString -> Put
putBytes ByteString
dat
encodeHandshake13' (NewSessionTicket13 Second
life Second
ageadd ByteString
nonce ByteString
label [ExtensionRaw]
exts) = Put -> ByteString
runPut (Put -> ByteString) -> Put -> ByteString
forall a b. (a -> b) -> a -> b
$ do
    Second -> Put
putWord32 Second
life
    Second -> Put
putWord32 Second
ageadd
    ByteString -> Put
putOpaque8 ByteString
nonce
    ByteString -> Put
putOpaque16 ByteString
label
    [ExtensionRaw] -> Put
putExtensions [ExtensionRaw]
exts
encodeHandshake13' Handshake13
EndOfEarlyData13 = ByteString
""
encodeHandshake13' (KeyUpdate13 KeyUpdate
UpdateNotRequested) = Put -> ByteString
runPut (Put -> ByteString) -> Put -> ByteString
forall a b. (a -> b) -> a -> b
$ Putter Word8
putWord8 Word8
0
encodeHandshake13' (KeyUpdate13 KeyUpdate
UpdateRequested) = Put -> ByteString
runPut (Put -> ByteString) -> Put -> ByteString
forall a b. (a -> b) -> a -> b
$ Putter Word8
putWord8 Word8
1

encodeHandshakeHeader13 :: HandshakeType -> Int -> ByteString
encodeHandshakeHeader13 :: HandshakeType -> Int -> ByteString
encodeHandshakeHeader13 HandshakeType
ty Int
len = Put -> ByteString
runPut (Put -> ByteString) -> Put -> ByteString
forall a b. (a -> b) -> a -> b
$ do
    Putter Word8
putWord8 (HandshakeType -> Word8
fromHandshakeType HandshakeType
ty)
    Int -> Put
putWord24 Int
len

decodeHandshakes13 :: MonadError TLSError m => ByteString -> m [Handshake13]
decodeHandshakes13 :: forall (m :: * -> *).
MonadError TLSError m =>
ByteString -> m [Handshake13]
decodeHandshakes13 ByteString
bs = case ByteString -> GetResult (HandshakeType, ByteString)
decodeHandshakeRecord13 ByteString
bs of
    GotError TLSError
err -> TLSError -> m [Handshake13]
forall a. TLSError -> m a
forall e (m :: * -> *) a. MonadError e m => e -> m a
throwError TLSError
err
    GotPartial ByteString -> GetResult (HandshakeType, ByteString)
_cont -> [Char] -> m [Handshake13]
forall a. HasCallStack => [Char] -> a
error [Char]
"decodeHandshakes13"
    GotSuccess (HandshakeType
ty, ByteString
content) -> case HandshakeType -> ByteString -> Either TLSError Handshake13
decodeHandshake13 HandshakeType
ty ByteString
content of
        Left TLSError
e -> TLSError -> m [Handshake13]
forall a. TLSError -> m a
forall e (m :: * -> *) a. MonadError e m => e -> m a
throwError TLSError
e
        Right Handshake13
h -> [Handshake13] -> m [Handshake13]
forall a. a -> m a
forall (m :: * -> *) a. Monad m => a -> m a
return [Handshake13
h]
    GotSuccessRemaining (HandshakeType
ty, ByteString
content) ByteString
left -> case HandshakeType -> ByteString -> Either TLSError Handshake13
decodeHandshake13 HandshakeType
ty ByteString
content of
        Left TLSError
e -> TLSError -> m [Handshake13]
forall a. TLSError -> m a
forall e (m :: * -> *) a. MonadError e m => e -> m a
throwError TLSError
e
        Right Handshake13
h -> (Handshake13
h Handshake13 -> [Handshake13] -> [Handshake13]
forall a. a -> [a] -> [a]
:) ([Handshake13] -> [Handshake13])
-> m [Handshake13] -> m [Handshake13]
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> ByteString -> m [Handshake13]
forall (m :: * -> *).
MonadError TLSError m =>
ByteString -> m [Handshake13]
decodeHandshakes13 ByteString
left

decodeHandshakeRecord13 :: ByteString -> GetResult (HandshakeType, ByteString)
decodeHandshakeRecord13 :: ByteString -> GetResult (HandshakeType, ByteString)
decodeHandshakeRecord13 = [Char]
-> Get (HandshakeType, ByteString)
-> ByteString
-> GetResult (HandshakeType, ByteString)
forall a. [Char] -> Get a -> ByteString -> GetResult a
runGet [Char]
"handshake-record" (Get (HandshakeType, ByteString)
 -> ByteString -> GetResult (HandshakeType, ByteString))
-> Get (HandshakeType, ByteString)
-> ByteString
-> GetResult (HandshakeType, ByteString)
forall a b. (a -> b) -> a -> b
$ do
    HandshakeType
ty <- Get HandshakeType
getHandshakeType
    ByteString
content <- Get ByteString
getOpaque24
    (HandshakeType, ByteString) -> Get (HandshakeType, ByteString)
forall a. a -> Get a
forall (m :: * -> *) a. Monad m => a -> m a
return (HandshakeType
ty, ByteString
content)

decodeHandshake13
    :: HandshakeType -> ByteString -> Either TLSError Handshake13
decodeHandshake13 :: HandshakeType -> ByteString -> Either TLSError Handshake13
decodeHandshake13 HandshakeType
ty = [Char]
-> Get Handshake13 -> ByteString -> Either TLSError Handshake13
forall a. [Char] -> Get a -> ByteString -> Either TLSError a
runGetErr ([Char]
"handshake[" [Char] -> [Char] -> [Char]
forall a. [a] -> [a] -> [a]
++ HandshakeType -> [Char]
forall a. Show a => a -> [Char]
show HandshakeType
ty [Char] -> [Char] -> [Char]
forall a. [a] -> [a] -> [a]
++ [Char]
"]") (Get Handshake13 -> ByteString -> Either TLSError Handshake13)
-> Get Handshake13 -> ByteString -> Either TLSError Handshake13
forall a b. (a -> b) -> a -> b
$ case HandshakeType
ty of
    HandshakeType
HandshakeType_ServerHello -> Get Handshake13
decodeServerHello13
    HandshakeType
HandshakeType_Finished -> Get Handshake13
decodeFinished13
    HandshakeType
HandshakeType_EncryptedExtensions -> Get Handshake13
decodeEncryptedExtensions13
    HandshakeType
HandshakeType_CertRequest -> Get Handshake13
decodeCertRequest13
    HandshakeType
HandshakeType_Certificate -> Get Handshake13
decodeCertificate13
    HandshakeType
HandshakeType_CertVerify -> Get Handshake13
decodeCertVerify13
    HandshakeType
HandshakeType_NewSessionTicket -> Get Handshake13
decodeNewSessionTicket13
    HandshakeType
HandshakeType_EndOfEarlyData -> Handshake13 -> Get Handshake13
forall a. a -> Get a
forall (m :: * -> *) a. Monad m => a -> m a
return Handshake13
EndOfEarlyData13
    HandshakeType
HandshakeType_KeyUpdate -> Get Handshake13
decodeKeyUpdate13
    (HandshakeType Word8
x) -> [Char] -> Get Handshake13
forall a. [Char] -> Get a
forall (m :: * -> *) a. MonadFail m => [Char] -> m a
fail ([Char] -> Get Handshake13) -> [Char] -> Get Handshake13
forall a b. (a -> b) -> a -> b
$ [Char]
"Unsupported HandshakeType " [Char] -> [Char] -> [Char]
forall a. [a] -> [a] -> [a]
++ Word8 -> [Char]
forall a. Show a => a -> [Char]
show Word8
x

decodeServerHello13 :: Get Handshake13
decodeServerHello13 :: Get Handshake13
decodeServerHello13 = do
    Version
_ver <- Get Version
getBinaryVersion
    ServerRandom
random <- Get ServerRandom
getServerRandom32
    Session
session <- Get Session
getSession
    Word16
cipherid <- Get Word16
getWord16
    Word8
_comp <- Get Word8
getWord8
    [ExtensionRaw]
exts <- Word16 -> Int
forall a b. (Integral a, Num b) => a -> b
fromIntegral (Word16 -> Int) -> Get Word16 -> Get Int
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> Get Word16
getWord16 Get Int -> (Int -> Get [ExtensionRaw]) -> Get [ExtensionRaw]
forall a b. Get a -> (a -> Get b) -> Get b
forall (m :: * -> *) a b. Monad m => m a -> (a -> m b) -> m b
>>= Int -> Get [ExtensionRaw]
getExtensions
    Handshake13 -> Get Handshake13
forall a. a -> Get a
forall (m :: * -> *) a. Monad m => a -> m a
return (Handshake13 -> Get Handshake13) -> Handshake13 -> Get Handshake13
forall a b. (a -> b) -> a -> b
$ ServerRandom -> Session -> Word16 -> [ExtensionRaw] -> Handshake13
ServerHello13 ServerRandom
random Session
session Word16
cipherid [ExtensionRaw]
exts

decodeFinished13 :: Get Handshake13
decodeFinished13 :: Get Handshake13
decodeFinished13 = ByteString -> Handshake13
Finished13 (ByteString -> Handshake13) -> Get ByteString -> Get Handshake13
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> (Get Int
remaining Get Int -> (Int -> Get ByteString) -> Get ByteString
forall a b. Get a -> (a -> Get b) -> Get b
forall (m :: * -> *) a b. Monad m => m a -> (a -> m b) -> m b
>>= Int -> Get ByteString
getBytes)

decodeEncryptedExtensions13 :: Get Handshake13
decodeEncryptedExtensions13 :: Get Handshake13
decodeEncryptedExtensions13 =
    [ExtensionRaw] -> Handshake13
EncryptedExtensions13 ([ExtensionRaw] -> Handshake13)
-> Get [ExtensionRaw] -> Get Handshake13
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> do
        Int
len <- Word16 -> Int
forall a b. (Integral a, Num b) => a -> b
fromIntegral (Word16 -> Int) -> Get Word16 -> Get Int
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> Get Word16
getWord16
        Int -> Get [ExtensionRaw]
getExtensions Int
len

decodeCertRequest13 :: Get Handshake13
decodeCertRequest13 :: Get Handshake13
decodeCertRequest13 = do
    ByteString
reqctx <- Get ByteString
getOpaque8
    Int
len <- Word16 -> Int
forall a b. (Integral a, Num b) => a -> b
fromIntegral (Word16 -> Int) -> Get Word16 -> Get Int
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> Get Word16
getWord16
    [ExtensionRaw]
exts <- Int -> Get [ExtensionRaw]
getExtensions Int
len
    Handshake13 -> Get Handshake13
forall a. a -> Get a
forall (m :: * -> *) a. Monad m => a -> m a
return (Handshake13 -> Get Handshake13) -> Handshake13 -> Get Handshake13
forall a b. (a -> b) -> a -> b
$ ByteString -> [ExtensionRaw] -> Handshake13
CertRequest13 ByteString
reqctx [ExtensionRaw]
exts

decodeCertificate13 :: Get Handshake13
decodeCertificate13 :: Get Handshake13
decodeCertificate13 = do
    ByteString
reqctx <- Get ByteString
getOpaque8
    Int
len <- Int -> Int
forall a b. (Integral a, Num b) => a -> b
fromIntegral (Int -> Int) -> Get Int -> Get Int
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> Get Int
getWord24
    ([ByteString]
certRaws, [[ExtensionRaw]]
ess) <- [(ByteString, [ExtensionRaw])] -> ([ByteString], [[ExtensionRaw]])
forall a b. [(a, b)] -> ([a], [b])
unzip ([(ByteString, [ExtensionRaw])]
 -> ([ByteString], [[ExtensionRaw]]))
-> Get [(ByteString, [ExtensionRaw])]
-> Get ([ByteString], [[ExtensionRaw]])
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> Int
-> Get (Int, (ByteString, [ExtensionRaw]))
-> Get [(ByteString, [ExtensionRaw])]
forall a. Int -> Get (Int, a) -> Get [a]
getList Int
len Get (Int, (ByteString, [ExtensionRaw]))
getCert
    case CertificateChainRaw -> Either (Int, [Char]) CertificateChain
decodeCertificateChain (CertificateChainRaw -> Either (Int, [Char]) CertificateChain)
-> CertificateChainRaw -> Either (Int, [Char]) CertificateChain
forall a b. (a -> b) -> a -> b
$ [ByteString] -> CertificateChainRaw
CertificateChainRaw [ByteString]
certRaws of
        Left (Int
i, [Char]
s) -> [Char] -> Get Handshake13
forall a. [Char] -> Get a
forall (m :: * -> *) a. MonadFail m => [Char] -> m a
fail ([Char]
"error certificate parsing " [Char] -> [Char] -> [Char]
forall a. [a] -> [a] -> [a]
++ Int -> [Char]
forall a. Show a => a -> [Char]
show Int
i [Char] -> [Char] -> [Char]
forall a. [a] -> [a] -> [a]
++ [Char]
":" [Char] -> [Char] -> [Char]
forall a. [a] -> [a] -> [a]
++ [Char]
s)
        Right CertificateChain
cc -> Handshake13 -> Get Handshake13
forall a. a -> Get a
forall (m :: * -> *) a. Monad m => a -> m a
return (Handshake13 -> Get Handshake13) -> Handshake13 -> Get Handshake13
forall a b. (a -> b) -> a -> b
$ ByteString -> CertificateChain -> [[ExtensionRaw]] -> Handshake13
Certificate13 ByteString
reqctx CertificateChain
cc [[ExtensionRaw]]
ess
  where
    getCert :: Get (Int, (ByteString, [ExtensionRaw]))
getCert = do
        Int
l <- Int -> Int
forall a b. (Integral a, Num b) => a -> b
fromIntegral (Int -> Int) -> Get Int -> Get Int
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> Get Int
getWord24
        ByteString
cert <- Int -> Get ByteString
getBytes Int
l
        Int
len <- Word16 -> Int
forall a b. (Integral a, Num b) => a -> b
fromIntegral (Word16 -> Int) -> Get Word16 -> Get Int
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> Get Word16
getWord16
        [ExtensionRaw]
exts <- Int -> Get [ExtensionRaw]
getExtensions Int
len
        (Int, (ByteString, [ExtensionRaw]))
-> Get (Int, (ByteString, [ExtensionRaw]))
forall a. a -> Get a
forall (m :: * -> *) a. Monad m => a -> m a
return (Int
3 Int -> Int -> Int
forall a. Num a => a -> a -> a
+ Int
l Int -> Int -> Int
forall a. Num a => a -> a -> a
+ Int
2 Int -> Int -> Int
forall a. Num a => a -> a -> a
+ Int
len, (ByteString
cert, [ExtensionRaw]
exts))

decodeCertVerify13 :: Get Handshake13
decodeCertVerify13 :: Get Handshake13
decodeCertVerify13 = HashAndSignatureAlgorithm -> ByteString -> Handshake13
CertVerify13 (HashAndSignatureAlgorithm -> ByteString -> Handshake13)
-> Get HashAndSignatureAlgorithm -> Get (ByteString -> Handshake13)
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> Get HashAndSignatureAlgorithm
getSignatureHashAlgorithm Get (ByteString -> Handshake13)
-> Get ByteString -> Get Handshake13
forall a b. Get (a -> b) -> Get a -> Get b
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
<*> Get ByteString
getOpaque16

decodeNewSessionTicket13 :: Get Handshake13
decodeNewSessionTicket13 :: Get Handshake13
decodeNewSessionTicket13 = do
    Second
life <- Get Second
getWord32
    Second
ageadd <- Get Second
getWord32
    ByteString
nonce <- Get ByteString
getOpaque8
    ByteString
label <- Get ByteString
getOpaque16
    Int
len <- Word16 -> Int
forall a b. (Integral a, Num b) => a -> b
fromIntegral (Word16 -> Int) -> Get Word16 -> Get Int
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> Get Word16
getWord16
    [ExtensionRaw]
exts <- Int -> Get [ExtensionRaw]
getExtensions Int
len
    Handshake13 -> Get Handshake13
forall a. a -> Get a
forall (m :: * -> *) a. Monad m => a -> m a
return (Handshake13 -> Get Handshake13) -> Handshake13 -> Get Handshake13
forall a b. (a -> b) -> a -> b
$ Second
-> Second
-> ByteString
-> ByteString
-> [ExtensionRaw]
-> Handshake13
NewSessionTicket13 Second
life Second
ageadd ByteString
nonce ByteString
label [ExtensionRaw]
exts

decodeKeyUpdate13 :: Get Handshake13
decodeKeyUpdate13 :: Get Handshake13
decodeKeyUpdate13 = do
    Word8
ru <- Get Word8
getWord8
    case Word8
ru of
        Word8
0 -> Handshake13 -> Get Handshake13
forall a. a -> Get a
forall (m :: * -> *) a. Monad m => a -> m a
return (Handshake13 -> Get Handshake13) -> Handshake13 -> Get Handshake13
forall a b. (a -> b) -> a -> b
$ KeyUpdate -> Handshake13
KeyUpdate13 KeyUpdate
UpdateNotRequested
        Word8
1 -> Handshake13 -> Get Handshake13
forall a. a -> Get a
forall (m :: * -> *) a. Monad m => a -> m a
return (Handshake13 -> Get Handshake13) -> Handshake13 -> Get Handshake13
forall a b. (a -> b) -> a -> b
$ KeyUpdate -> Handshake13
KeyUpdate13 KeyUpdate
UpdateRequested
        Word8
x -> [Char] -> Get Handshake13
forall a. [Char] -> Get a
forall (m :: * -> *) a. MonadFail m => [Char] -> m a
fail ([Char] -> Get Handshake13) -> [Char] -> Get Handshake13
forall a b. (a -> b) -> a -> b
$ [Char]
"Unknown request_update: " [Char] -> [Char] -> [Char]
forall a. [a] -> [a] -> [a]
++ Word8 -> [Char]
forall a. Show a => a -> [Char]
show Word8
x

encodeCertificate13
    :: CertReqContext -> CertificateChain -> [[ExtensionRaw]] -> ByteString
encodeCertificate13 :: ByteString -> CertificateChain -> [[ExtensionRaw]] -> ByteString
encodeCertificate13 ByteString
reqctx CertificateChain
cc [[ExtensionRaw]]
ess = Put -> ByteString
runPut (Put -> ByteString) -> Put -> ByteString
forall a b. (a -> b) -> a -> b
$ do
    ByteString -> Put
putOpaque8 ByteString
reqctx
    ByteString -> Put
putOpaque24 (Put -> ByteString
runPut (Put -> ByteString) -> Put -> ByteString
forall a b. (a -> b) -> a -> b
$ ((ByteString, [ExtensionRaw]) -> Put)
-> [(ByteString, [ExtensionRaw])] -> Put
forall (t :: * -> *) (m :: * -> *) a b.
(Foldable t, Monad m) =>
(a -> m b) -> t a -> m ()
mapM_ (ByteString, [ExtensionRaw]) -> Put
putCert ([(ByteString, [ExtensionRaw])] -> Put)
-> [(ByteString, [ExtensionRaw])] -> Put
forall a b. (a -> b) -> a -> b
$ [ByteString] -> [[ExtensionRaw]] -> [(ByteString, [ExtensionRaw])]
forall a b. [a] -> [b] -> [(a, b)]
zip [ByteString]
certs [[ExtensionRaw]]
ess)
  where
    CertificateChainRaw [ByteString]
certs = CertificateChain -> CertificateChainRaw
encodeCertificateChain CertificateChain
cc
    putCert :: (ByteString, [ExtensionRaw]) -> Put
putCert (ByteString
certRaw, [ExtensionRaw]
exts) = do
        ByteString -> Put
putOpaque24 ByteString
certRaw
        [ExtensionRaw] -> Put
putExtensions [ExtensionRaw]
exts