s2n-tls: High-level Haskell bindings to s2n-tls

[ apache, cryptography, library, network ] [ Propose Tags ] [ Report a vulnerability ]

Safe, high-level Haskell bindings to the s2n-tls library, providing memory-safe ForeignPtr wrappers and Haskell-idiomatic error handling.

[Skip to Readme]

Modules

[Index] [Quick Jump]

S2nTls

Downloads

s2n-tls-0.1.0.0.tar.gz [browse] (Cabal source package)
Package description (as included in the package)

Maintainer's Corner

Package maintainers

goertzenator

For package maintainers and hackage trustees

edit package information

Candidates

No Candidates

Versions [RSS]	0.1.0.0
Change log	CHANGELOG.md
Dependencies	base (>=4.14 && <5), bytestring (>=0.10 && <0.13), network (>=3.1 && <3.3), primitive (>=0.7 && <0.10), s2n-tls-ffi (>=0.1 && <0.2) [details]
Tested with	ghc ==9.8.2
License	Apache-2.0
Copyright	2026 Daniel Goertzen
Author	Daniel Goertzen
Maintainer	daniel.goertzen@gmail.com
Uploaded	by goertzenator at 2026-04-29T18:58:21Z
Category	Network, Cryptography
Home page	https://github.com/goertzenator/s2n-tls
Bug tracker	https://github.com/goertzenator/s2n-tls/issues
Source repo	head: git clone https://github.com/goertzenator/s2n-tls.git this: git clone https://github.com/goertzenator/s2n-tls.git(tag v0.1.0.0)
Distributions
Reverse Dependencies	1 direct, 0 indirect [details]
Downloads	5 total (5 in the last 30 days)
Rating	(no votes yet) [estimated by Bayesian average]
Your Rating	λ λ λ
Status	Docs uploaded by user Build status unknown [no reports yet]

Readme for s2n-tls-0.1.0.0

[back to package description]

s2n-tls

High-level Haskell bindings to s2n-tls, Amazon's TLS implementation.

Overview

This package provides safe, idiomatic Haskell bindings to the s2n-tls library with:

Automatic memory management using ForeignPtr for all opaque types
Haskell-idiomatic error handling with exceptions for truly exceptional errors and Either for expected conditions like non-blocking I/O

Quick Start

{-# LANGUAGE OverloadedRecordDot #-}
{-# LANGUAGE OverloadedStrings #-}

import Control.Exception (bracket)
import Network.Socket
import S2nTls

main :: IO ()
main = withS2nTls Linked $ \tls -> do
    config <- tls.newConfig
    tls.setCipherPreferences config "default_tls13"

    bracket (connectToServer "example.com" 443) close $ \sock -> do
        conn <- tls.newConnection Client
        tls.setConnectionConfig conn config
        tls.setServerName conn "example.com"
        tls.setSocket conn sock

        tls.blockingNegotiate conn
        tls.blockingSendAll conn "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n"
        response <- tls.blockingRecv conn 4096
        print response

Running Tests

Tests may exhaust the default mlock limit. Use:

S2N_DONT_MLOCK=1 cabal test

See the mlock section in the Haddock documentation for details on memory locking.

s2n-tls-ffi - Low-level FFI bindings (used internally by this package)
warp-s2n-tls - TLS support for Warp using s2n-tls

License

Apache-2.0