continue work from mirleft#430: revise [deriving sexp] to [sexp_of]

lib/ciphersuite.ml

@@ -1,8 +1,8 @@
 (** Ciphersuite definitions and some helper functions. *)
 
 (** sum type of all possible key exchange methods *)
-type key_exchange_algorithm_dhe = [ `FFDHE | `ECDHE ] [@@deriving sexp]
-type key_exchange_algorithm = [ key_exchange_algorithm_dhe | `RSA ] [@@deriving sexp]
+type key_exchange_algorithm_dhe = [ `FFDHE | `ECDHE ] [@@deriving sexp_of]
+type key_exchange_algorithm = [ key_exchange_algorithm_dhe | `RSA ] [@@deriving sexp_of]
 
 (** [required_usage kex] is [usage] which a certificate must have if it is used in the given [kex] method *)
 let required_usage = function
@@ -13,15 +13,15 @@ type block_cipher =
   | TRIPLE_DES_EDE_CBC
   | AES_128_CBC
   | AES_256_CBC
-  [@@deriving sexp]
+  [@@deriving sexp_of]
 
 type aead_cipher =
   | AES_128_CCM
   | AES_256_CCM
   | AES_128_GCM
   | AES_256_GCM
   | CHACHA20_POLY1305
-  [@@deriving sexp]
+  [@@deriving sexp_of]
 
 module H = struct
   type t = Mirage_crypto.Hash.hash
@@ -31,20 +31,14 @@ module H = struct
       (`SHA256, "sha256") ; (`SHA384, "sha384") ; (`SHA512, "sha512") ]
 
   let sexp_of_t h = Sexplib.Sexp.Atom (List.assoc h hs)
-
-  let inv_hs = List.map (fun (a, b) -> (b, a)) hs
-
-  let t_of_sexp = function
-    | Sexplib.Sexp.Atom h -> List.assoc (String.lowercase_ascii h) inv_hs
-    | _ -> failwith "can't convert sexp to hash"
 end
 
-type payload_protection13 = [ `AEAD of aead_cipher ] [@@deriving sexp]
+type payload_protection13 = [ `AEAD of aead_cipher ] [@@deriving sexp_of]
 
 type payload_protection =  [
   payload_protection13
   | `Block of block_cipher * H.t
-  ] [@@deriving sexp]
+  ] [@@deriving sexp_of]
 
 (* this is K_LEN, max 8 N_MIN from RFC5116 sections 5.1 & 5.2 -- as defined in TLS1.3 RFC 8446 Section 5.3 *)
 let kn_13 = function
@@ -80,7 +74,7 @@ type ciphersuite13 = [
   | `AES_256_GCM_SHA384
   | `CHACHA20_POLY1305_SHA256
   | `AES_128_CCM_SHA256
-] [@@deriving sexp]
+] [@@deriving sexp_of]
 
 let privprot13 = function
   | `AES_128_GCM_SHA256 -> AES_128_GCM
@@ -138,7 +132,7 @@ type ciphersuite = [
   | `ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
   | `ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
   | `ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
-]  [@@deriving sexp]
+]  [@@deriving sexp_of]
 
 let ciphersuite_to_ciphersuite13 : ciphersuite -> ciphersuite13 option = function
   | #ciphersuite13 as cs -> Some cs

lib/core.ml

@@ -5,15 +5,15 @@ open Sexplib.Conv
 open Packet
 open Ciphersuite
 
-type tls13 = [ `TLS_1_3 ] [@@deriving sexp]
+type tls13 = [ `TLS_1_3 ] [@@deriving sexp_of]
 
 type tls_before_13 = [
   | `TLS_1_0
   | `TLS_1_1
   | `TLS_1_2
-] [@@deriving sexp]
+] [@@deriving sexp_of]
 
-type tls_version = [ tls13 | tls_before_13 ] [@@deriving sexp]
+type tls_version = [ tls13 | tls_before_13 ] [@@deriving sexp_of]
 
 let pair_of_tls_version = function
   | `TLS_1_0   -> (3, 1)
@@ -55,7 +55,7 @@ type tls_any_version = [
   | tls_version
   | `SSL_3
   | `TLS_1_X of int
-] [@@deriving sexp]
+] [@@deriving sexp_of]
 
 let any_version_to_version = function
   | #tls_version as v -> Some v
@@ -92,23 +92,23 @@ let min_protocol_version (lo, _) = lo
 type tls_hdr = {
   content_type : content_type;
   version      : tls_any_version;
-} [@@deriving sexp]
+} [@@deriving sexp_of]
 
 module SessionID = struct
-  type t = Cstruct_sexp.t [@@deriving sexp]
+  type t = Cstruct_sexp.t [@@deriving sexp_of]
   let compare = Cstruct.compare
   let hash t = Hashtbl.hash (Cstruct.to_bigarray t)
   let equal = Cstruct.equal
 end
 
 module PreSharedKeyID = struct
-  type t = Cstruct_sexp.t [@@deriving sexp]
+  type t = Cstruct_sexp.t [@@deriving sexp_of]
   let compare = Cstruct.compare
   let hash t = Hashtbl.hash (Cstruct.to_bigarray t)
   let equal = Cstruct.equal
 end
 
-type psk_identity = (Cstruct_sexp.t * int32) * Cstruct_sexp.t [@@deriving sexp]
+type psk_identity = (Cstruct_sexp.t * int32) * Cstruct_sexp.t [@@deriving sexp_of]
 
 let binders_len psks =
   let binder_len (_, binder) =
@@ -126,7 +126,7 @@ type group = [
   | `P256
   | `P384
   | `P521
-] [@@deriving sexp]
+] [@@deriving sexp_of]
 
 let named_group_to_group = function
   | FFDHE2048 -> Some `FFDHE2048
@@ -181,7 +181,7 @@ type signature_algorithm = [
   | `RSA_PSS_PSS_SHA256
   | `RSA_PSS_PSS_SHA384
     | `RSA_PSS_PSS_SHA512 *)
-] [@@deriving sexp]
+] [@@deriving sexp_of]
 
 let hash_of_signature_algorithm = function
   | `RSA_PKCS1_MD5 -> `MD5
@@ -257,13 +257,13 @@ type client_extension = [
   | `PskKeyExchangeModes of psk_key_exchange_mode list
   | `ECPointFormats
   | `UnknownExtension of (int * Cstruct_sexp.t)
-] [@@deriving sexp]
+] [@@deriving sexp_of]
 
 type server13_extension = [
   | `KeyShare of (group * Cstruct_sexp.t)
   | `PreSharedKey of int
   | `SelectedVersion of tls_version (* only used internally in writer!! *)
-] [@@deriving sexp]
+] [@@deriving sexp_of]
 
 type server_extension = [
   server13_extension
@@ -274,7 +274,7 @@ type server_extension = [
   | `ALPN of string
   | `ECPointFormats
   | `UnknownExtension of (int * Cstruct_sexp.t)
-] [@@deriving sexp]
+] [@@deriving sexp_of]
 
 type encrypted_extension = [
   | `Hostname
@@ -283,57 +283,57 @@ type encrypted_extension = [
   | `ALPN of string
   | `EarlyDataIndication
   | `UnknownExtension of (int * Cstruct_sexp.t)
-] [@@deriving sexp]
+] [@@deriving sexp_of]
 
 type hello_retry_extension = [
   | `SelectedGroup of group (* only used internally in writer!! *)
   | `Cookie of Cstruct_sexp.t
   | `SelectedVersion of tls_version (* only used internally in writer!! *)
   | `UnknownExtension of (int * Cstruct_sexp.t)
-] [@@deriving sexp]
+] [@@deriving sexp_of]
 
 type client_hello = {
   client_version : tls_any_version;
   client_random  : Cstruct_sexp.t;
   sessionid      : SessionID.t option;
   ciphersuites   : any_ciphersuite list;
   extensions     : client_extension list
-} [@@deriving sexp]
+} [@@deriving sexp_of]
 
 type server_hello = {
   server_version : tls_version;
   server_random  : Cstruct_sexp.t;
   sessionid      : SessionID.t option;
   ciphersuite    : ciphersuite;
   extensions     : server_extension list
-} [@@deriving sexp]
+} [@@deriving sexp_of]
 
 type dh_parameters = {
   dh_p  : Cstruct_sexp.t;
   dh_g  : Cstruct_sexp.t;
   dh_Ys : Cstruct_sexp.t;
-} [@@deriving sexp]
+} [@@deriving sexp_of]
 
 type hello_retry = {
   retry_version : tls_version ;
   ciphersuite : ciphersuite13 ;
   sessionid : SessionID.t option ;
   selected_group : group ;
   extensions : hello_retry_extension list
-} [@@deriving sexp]
+} [@@deriving sexp_of]
 
 type session_ticket_extension = [
   | `EarlyDataIndication of int32
   | `UnknownExtension of int * Cstruct_sexp.t
-] [@@deriving sexp]
+] [@@deriving sexp_of]
 
 type session_ticket = {
   lifetime : int32 ;
   age_add : int32 ;
   nonce : Cstruct_sexp.t ;
   ticket : Cstruct_sexp.t ;
   extensions : session_ticket_extension list
-} [@@deriving sexp]
+} [@@deriving sexp_of]
 
 type certificate_request_extension = [
   (*  | `StatusRequest *)
@@ -361,12 +361,12 @@ type tls_handshake =
   | SessionTicket of session_ticket
   | KeyUpdate of key_update_request_type
   | EndOfEarlyData
-  [@@deriving sexp]
+  [@@deriving sexp_of]
 
-type tls_alert = alert_level * alert_type [@@deriving sexp]
+type tls_alert = alert_level * alert_type [@@deriving sexp_of]
 
 (** the master secret of a TLS connection *)
-type master_secret = Cstruct_sexp.t [@@deriving sexp]
+type master_secret = Cstruct_sexp.t [@@deriving sexp_of]
 
 module Cert = struct
   include X509.Certificate
@@ -375,20 +375,12 @@ end
 
 module Priv = struct
   include X509.Private_key
-  let t_of_sexp _ = failwith "can't convert private key from S-expression"
   let sexp_of_t _ = Sexplib.Sexp.Atom "private key"
 end
 
 module Ptime = struct
   include Ptime
   let sexp_of_t ts = Sexplib.Sexp.Atom (Ptime.to_rfc3339 ts)
-  let t_of_sexp = function
-    | (Sexplib.Sexp.Atom data) as s ->
-      begin match Ptime.of_rfc3339 data with
-        | Ok (t, _, _) -> t
-        | Error _ -> Sexplib.Conv.of_sexp_error "couldn't parse timestamp" s
-      end
-    | s -> Sexplib.Conv.of_sexp_error "couldn't parse timestamp, not an atom" s
 end
 
 type psk13 = {
@@ -399,9 +391,9 @@ type psk13 = {
   early_data : int32 ;
   issued_at : Ptime.t ;
   (* origin : [ `Resumption | `External ] (* using different labels for binder_key *) *)
-} [@@deriving sexp]
+} [@@deriving sexp_of]
 
-type epoch_state = [ `ZeroRTT | `Established ] [@@deriving sexp]
+type epoch_state = [ `ZeroRTT | `Established ] [@@deriving sexp_of]
 
 (** information about an open session *)
 type epoch_data = {

lib/engine.ml

@@ -116,7 +116,7 @@ let new_state config role =
     fragment  = Cstruct.create 0 ;
   }
 
-type raw_record = tls_hdr * Cstruct_sexp.t [@@deriving sexp]
+type raw_record = tls_hdr * Cstruct_sexp.t [@@deriving sexp_of]
 
 (* well-behaved pure encryptor *)
 let encrypt (version : tls_version) (st : crypto_state) ty buf =

lib/reader.ml

@@ -12,7 +12,7 @@ type error =
   | Overflow       of int
   | UnknownVersion of (int * int)
   | UnknownContent of int
-  [@@deriving sexp]
+  [@@deriving sexp_of]
 
 exception Reader_error of error
 

lib/state.ml

@@ -13,7 +13,7 @@ type hmac_key = Cstruct.t
 type iv_mode =
   | Iv of Cstruct_sexp.t  (* traditional CBC (reusing last cipherblock) *)
   | Random_iv        (* TLS 1.1 and higher explicit IV (we use random) *)
-  [@@deriving sexp]
+  [@@deriving sexp_of]
 
 type 'k cbc_cipher    = (module Cipher_block.S.CBC with type key = 'k)
 type 'k cbc_state = {
@@ -56,7 +56,7 @@ type crypto_context = {
 } [@@deriving sexp_of]
 
 (* the raw handshake log we need to carry around *)
-type hs_log = Cstruct_sexp.t list [@@deriving sexp]
+type hs_log = Cstruct_sexp.t list [@@deriving sexp_of]
 
 type dh_secret = [
   | `Finite_field of Mirage_crypto_pk.Dh.secret
@@ -70,7 +70,7 @@ let dh_secret_of_sexp = Conv.of_sexp_error "dh_secret_of_sexp: not implemented"
 
 
 (* a collection of client and server verify bytes for renegotiation *)
-type reneg_params = Cstruct_sexp.t * Cstruct_sexp.t [@@deriving sexp]
+type reneg_params = Cstruct_sexp.t * Cstruct_sexp.t [@@deriving sexp_of]
 
 type common_session_data = {
   server_random          : Cstruct_sexp.t ; (* 32 bytes random from the server hello *)
@@ -134,7 +134,7 @@ type kdf = {
   secret : Cstruct_sexp.t ;
   cipher : Ciphersuite.ciphersuite13 ;
   hash : Ciphersuite.H.t ;
-} [@@deriving sexp]
+} [@@deriving sexp_of]
 
 (* TODO needs log of CH..CF for post-handshake auth *)
 (* TODO drop master_secret!? *)
@@ -189,7 +189,7 @@ type handshake_state = {
 type crypto_state = crypto_context option [@@deriving sexp_of]
 
 (* record consisting of a content type and a byte vector *)
-type record = Packet.content_type * Cstruct_sexp.t [@@deriving sexp]
+type record = Packet.content_type * Cstruct_sexp.t [@@deriving sexp_of]
 
 (* response returned by a handler *)
 type rec_resp = [