haskell / win32

Haskell support for the Win32 API
http://hackage.haskell.org/package/Win32
Other
97 stars 63 forks source link

Support for `schannel.h` and `wincrypt.h` functions #196

Open blucoat opened 2 years ago

blucoat commented 2 years ago

Is anyone currently working on adding support for the win32 functions needed to establish a TLS connection? Is this the appropriate place to add them, or would they belong in a separate package?

The need here is that I would like to write a library analogous to Rust's native-tls crate, which uses the system-native TLS implementation on as many platforms as possible. This is preferred in some cases over bundling a TLS implementation with the application, because it can receive security updates and enhancements without intervention from the application's maintainer. Moreover, it allows the application to respect system-wide configuration, like the set of trusted root CA's.

This is a feature request, but if nobody else is working on it or wants to work on it, I can do it When I Have Spare Time (TM).

Mistuke commented 2 years ago

Hi!

Is anyone currently working on adding support for the win32 functions needed to establish a TLS connection? Is this the appropriate place to add them, or would they belong in a separate package?

I'm not aware, though there are a number of TLS packages on hackage. I wouldn't object to having the API bindings here, but usually specialized packages like what you're proposing are better off having the bindings inside the package just lessen the maintenance overhead that comes with depending on third party bindings.

This is a feature request, but if nobody else is working on it or wants to work on it, I can do it When I Have Spare Time (TM).

I'm afraid that at the moment I don't have the spare cycles to add all the needed API calls and structures. The advantage of doing this in your own package is that you can do the heavy lifting in C and just expose simplified APIs to use on the Haskell side. I think that's probably the best way to do so.

But again, I won't object to having the bindings in Win32.