AWS s2n-tls v1.5.10-23209c46
s2n-tls is a C99 implementation of the TLS/SSL protocols that is designed to be simple, small, fast, and with security as a priority.
Loading...
Searching...
No Matches
s2n.h
Go to the documentation of this file.
1/*
2 * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License").
5 * You may not use this file except in compliance with the License.
6 * A copy of the License is located at
7 *
8 * http://aws.amazon.com/apache2.0
9 *
10 * or in the "license" file accompanying this file. This file is distributed
11 * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
12 * express or implied. See the License for the specific language governing
13 * permissions and limitations under the License.
14 */
15
23#pragma once
24
25#ifndef S2N_API
29 #define S2N_API
30#endif
31
32#ifdef __cplusplus
33extern "C" {
34#endif
35
36#include <stdbool.h>
37#include <stdint.h>
38#include <stdio.h>
39#include <sys/types.h>
40#include <sys/uio.h>
41
45#define S2N_SUCCESS 0
49#define S2N_FAILURE -1
50
54#define S2N_CALLBACK_BLOCKED -2
55
59#define S2N_MINIMUM_SUPPORTED_TLS_RECORD_MAJOR_VERSION 2
60
64#define S2N_MAXIMUM_SUPPORTED_TLS_RECORD_MAJOR_VERSION 3
65
69#define S2N_SSLv2 20
70
74#define S2N_SSLv3 30
75
79#define S2N_TLS10 31
80
84#define S2N_TLS11 32
85
89#define S2N_TLS12 33
90
94#define S2N_TLS13 34
95
99#define S2N_UNKNOWN_PROTOCOL_VERSION 0
100
118S2N_API extern __thread int s2n_errno;
119
126S2N_API extern int *s2n_errno_location(void);
127
142typedef enum {
160
171S2N_API extern int s2n_error_get_type(int error);
172
176struct s2n_config;
177
181struct s2n_connection;
182
198
212
219S2N_API extern unsigned long s2n_get_openssl_version(void);
220
229S2N_API extern int s2n_init(void);
230
237S2N_API extern int s2n_cleanup(void);
238
239/*
240 * Performs a complete deinitialization and cleanup of the s2n-tls library.
241 *
242 * @returns S2N_SUCCESS on success. S2N_FAILURE on failure
243 */
244S2N_API extern int s2n_cleanup_final(void);
245
246typedef enum {
247 S2N_FIPS_MODE_DISABLED = 0,
248 S2N_FIPS_MODE_ENABLED,
249} s2n_fips_mode;
250
265S2N_API extern int s2n_get_fips_mode(s2n_fips_mode *fips_mode);
266
279S2N_API extern struct s2n_config *s2n_config_new(void);
280
294S2N_API extern struct s2n_config *s2n_config_new_minimal(void);
295
302S2N_API extern int s2n_config_free(struct s2n_config *config);
303
310S2N_API extern int s2n_config_free_dhparams(struct s2n_config *config);
311
318S2N_API extern int s2n_config_free_cert_chain_and_key(struct s2n_config *config);
319
327typedef int (*s2n_clock_time_nanoseconds)(void *, uint64_t *);
328
349typedef int (*s2n_cache_retrieve_callback)(struct s2n_connection *conn, void *, const void *key, uint64_t key_size, void *value, uint64_t *value_size);
350
364typedef int (*s2n_cache_store_callback)(struct s2n_connection *conn, void *, uint64_t ttl_in_seconds, const void *key, uint64_t key_size, const void *value, uint64_t value_size);
365
376typedef int (*s2n_cache_delete_callback)(struct s2n_connection *conn, void *, const void *key, uint64_t key_size);
377
390S2N_API extern int s2n_config_set_wall_clock(struct s2n_config *config, s2n_clock_time_nanoseconds clock_fn, void *ctx);
391
404S2N_API extern int s2n_config_set_monotonic_clock(struct s2n_config *config, s2n_clock_time_nanoseconds clock_fn, void *ctx);
405
413S2N_API extern const char *s2n_strerror(int error, const char *lang);
414
424S2N_API extern const char *s2n_strerror_debug(int error, const char *lang);
425
432S2N_API extern const char *s2n_strerror_name(int error);
433
440S2N_API extern const char *s2n_strerror_source(int error);
441
445struct s2n_stacktrace;
446
453
460S2N_API extern int s2n_stack_traces_enabled_set(bool newval);
461
468
476S2N_API extern int s2n_print_stacktrace(FILE *fptr);
477
484
491S2N_API extern int s2n_get_stacktrace(struct s2n_stacktrace *trace);
492
502S2N_API extern int s2n_config_set_cache_store_callback(struct s2n_config *config, s2n_cache_store_callback cache_store_callback, void *data);
503
513S2N_API extern int s2n_config_set_cache_retrieve_callback(struct s2n_config *config, s2n_cache_retrieve_callback cache_retrieve_callback, void *data);
514
524S2N_API extern int s2n_config_set_cache_delete_callback(struct s2n_config *config, s2n_cache_delete_callback cache_delete_callback, void *data);
525
529typedef int (*s2n_mem_init_callback)(void);
530
534typedef int (*s2n_mem_cleanup_callback)(void);
535
544typedef int (*s2n_mem_malloc_callback)(void **ptr, uint32_t requested, uint32_t *allocated);
545
549typedef int (*s2n_mem_free_callback)(void *ptr, uint32_t size);
550
562S2N_API extern int s2n_mem_set_callbacks(s2n_mem_init_callback mem_init_callback, s2n_mem_cleanup_callback mem_cleanup_callback,
563 s2n_mem_malloc_callback mem_malloc_callback, s2n_mem_free_callback mem_free_callback);
564
568typedef int (*s2n_rand_init_callback)(void);
569
573typedef int (*s2n_rand_cleanup_callback)(void);
574
579typedef int (*s2n_rand_seed_callback)(void *data, uint32_t size);
580
585typedef int (*s2n_rand_mix_callback)(void *data, uint32_t size);
586
600S2N_API extern int s2n_rand_set_callbacks(s2n_rand_init_callback rand_init_callback, s2n_rand_cleanup_callback rand_cleanup_callback,
601 s2n_rand_seed_callback rand_seed_callback, s2n_rand_mix_callback rand_mix_callback);
602
606typedef enum {
607 S2N_EXTENSION_SERVER_NAME = 0,
608 S2N_EXTENSION_MAX_FRAG_LEN = 1,
609 S2N_EXTENSION_OCSP_STAPLING = 5,
610 S2N_EXTENSION_SUPPORTED_GROUPS = 10,
611 S2N_EXTENSION_EC_POINT_FORMATS = 11,
612 S2N_EXTENSION_SIGNATURE_ALGORITHMS = 13,
613 S2N_EXTENSION_ALPN = 16,
614 S2N_EXTENSION_CERTIFICATE_TRANSPARENCY = 18,
615 S2N_EXTENSION_SUPPORTED_VERSIONS = 43,
616 S2N_EXTENSION_RENEGOTIATION_INFO = 65281,
618
622typedef enum {
623 S2N_TLS_MAX_FRAG_LEN_512 = 1,
624 S2N_TLS_MAX_FRAG_LEN_1024 = 2,
625 S2N_TLS_MAX_FRAG_LEN_2048 = 3,
626 S2N_TLS_MAX_FRAG_LEN_4096 = 4,
628
632struct s2n_cert;
633
637struct s2n_cert_chain_and_key;
638
642struct s2n_pkey;
643
647typedef struct s2n_pkey s2n_cert_public_key;
648
652typedef struct s2n_pkey s2n_cert_private_key;
653
660S2N_API extern struct s2n_cert_chain_and_key *s2n_cert_chain_and_key_new(void);
661
677S2N_API extern int s2n_cert_chain_and_key_load_pem(struct s2n_cert_chain_and_key *chain_and_key, const char *chain_pem, const char *private_key_pem);
678
694S2N_API extern int s2n_cert_chain_and_key_load_pem_bytes(struct s2n_cert_chain_and_key *chain_and_key, uint8_t *chain_pem, uint32_t chain_pem_len, uint8_t *private_key_pem, uint32_t private_key_pem_len);
695
707S2N_API extern int s2n_cert_chain_and_key_load_public_pem_bytes(struct s2n_cert_chain_and_key *chain_and_key, uint8_t *chain_pem, uint32_t chain_pem_len);
708
715S2N_API extern int s2n_cert_chain_and_key_free(struct s2n_cert_chain_and_key *cert_and_key);
716
724S2N_API extern int s2n_cert_chain_and_key_set_ctx(struct s2n_cert_chain_and_key *cert_and_key, void *ctx);
725
732S2N_API extern void *s2n_cert_chain_and_key_get_ctx(struct s2n_cert_chain_and_key *cert_and_key);
733
740S2N_API extern s2n_cert_private_key *s2n_cert_chain_and_key_get_private_key(struct s2n_cert_chain_and_key *cert_and_key);
741
750S2N_API extern int s2n_cert_chain_and_key_set_ocsp_data(struct s2n_cert_chain_and_key *chain_and_key, const uint8_t *data, uint32_t length);
751
761S2N_API extern int s2n_cert_chain_and_key_set_sct_list(struct s2n_cert_chain_and_key *chain_and_key, const uint8_t *data, uint32_t length);
762
775typedef struct s2n_cert_chain_and_key *(*s2n_cert_tiebreak_callback)(struct s2n_cert_chain_and_key *cert1, struct s2n_cert_chain_and_key *cert2, uint8_t *name, uint32_t name_len);
776
786S2N_API extern int s2n_config_set_cert_tiebreak_callback(struct s2n_config *config, s2n_cert_tiebreak_callback cert_tiebreak_cb);
787
802S2N_API extern int s2n_config_add_cert_chain_and_key(struct s2n_config *config, const char *cert_chain_pem, const char *private_key_pem);
803
821S2N_API extern int s2n_config_add_cert_chain_and_key_to_store(struct s2n_config *config, struct s2n_cert_chain_and_key *cert_key_pair);
822
842S2N_API extern int s2n_config_set_cert_chain_and_key_defaults(struct s2n_config *config,
843 struct s2n_cert_chain_and_key **cert_key_pairs, uint32_t num_cert_key_pairs);
844
869S2N_API extern int s2n_config_set_verification_ca_location(struct s2n_config *config, const char *ca_pem_filename, const char *ca_dir);
870
890S2N_API extern int s2n_config_add_pem_to_trust_store(struct s2n_config *config, const char *pem);
891
903S2N_API extern int s2n_config_wipe_trust_store(struct s2n_config *config);
904
918S2N_API extern int s2n_config_load_system_certs(struct s2n_config *config);
919
920typedef enum {
921 S2N_VERIFY_AFTER_SIGN_DISABLED,
922 S2N_VERIFY_AFTER_SIGN_ENABLED
923} s2n_verify_after_sign;
924
937S2N_API extern int s2n_config_set_verify_after_sign(struct s2n_config *config, s2n_verify_after_sign mode);
938
961S2N_API extern int s2n_config_set_send_buffer_size(struct s2n_config *config, uint32_t size);
962
980S2N_API extern int s2n_config_set_recv_multi_record(struct s2n_config *config, bool enabled);
981
996typedef uint8_t (*s2n_verify_host_fn)(const char *host_name, size_t host_name_len, void *data);
997
1012S2N_API extern int s2n_config_set_verify_host_callback(struct s2n_config *config, s2n_verify_host_fn, void *data);
1013
1026S2N_API extern int s2n_config_set_check_stapled_ocsp_response(struct s2n_config *config, uint8_t check_ocsp);
1027
1050S2N_API extern int s2n_config_disable_x509_time_verification(struct s2n_config *config);
1051
1059S2N_API extern int s2n_config_disable_x509_verification(struct s2n_config *config);
1060
1071S2N_API extern int s2n_config_set_max_cert_chain_depth(struct s2n_config *config, uint16_t max_depth);
1072
1081S2N_API extern int s2n_config_add_dhparams(struct s2n_config *config, const char *dhparams_pem);
1082
1089S2N_API extern int s2n_config_set_cipher_preferences(struct s2n_config *config, const char *version);
1090
1100S2N_API extern int s2n_config_append_protocol_preference(struct s2n_config *config, const uint8_t *protocol, uint8_t protocol_len);
1101
1119S2N_API extern int s2n_config_set_protocol_preferences(struct s2n_config *config, const char *const *protocols, int protocol_count);
1120
1126typedef enum {
1127 S2N_STATUS_REQUEST_NONE = 0,
1128 S2N_STATUS_REQUEST_OCSP = 1
1130
1146S2N_API extern int s2n_config_set_status_request_type(struct s2n_config *config, s2n_status_request_type type);
1147
1151typedef enum {
1152 S2N_CT_SUPPORT_NONE = 0,
1153 S2N_CT_SUPPORT_REQUEST = 1
1155
1163S2N_API extern int s2n_config_set_ct_support_level(struct s2n_config *config, s2n_ct_support_level level);
1164
1175typedef enum {
1176 S2N_ALERT_FAIL_ON_WARNINGS = 0,
1177 S2N_ALERT_IGNORE_WARNINGS = 1
1179
1187S2N_API extern int s2n_config_set_alert_behavior(struct s2n_config *config, s2n_alert_behavior alert_behavior);
1188
1202S2N_API extern int s2n_config_set_extension_data(struct s2n_config *config, s2n_tls_extension_type type, const uint8_t *data, uint32_t length);
1203
1217S2N_API extern int s2n_config_send_max_fragment_length(struct s2n_config *config, s2n_max_frag_len mfl_code);
1218
1229S2N_API extern int s2n_config_accept_max_fragment_length(struct s2n_config *config);
1230
1238S2N_API extern int s2n_config_set_session_state_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs);
1239
1247S2N_API extern int s2n_config_set_session_tickets_onoff(struct s2n_config *config, uint8_t enabled);
1248
1259S2N_API extern int s2n_config_set_session_cache_onoff(struct s2n_config *config, uint8_t enabled);
1260
1270S2N_API extern int s2n_config_set_ticket_encrypt_decrypt_key_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs);
1271
1282S2N_API extern int s2n_config_set_ticket_decrypt_key_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs);
1283
1297S2N_API extern int s2n_config_add_ticket_crypto_key(struct s2n_config *config, const uint8_t *name, uint32_t name_len,
1298 uint8_t *key, uint32_t key_len, uint64_t intro_time_in_seconds_from_epoch);
1299
1313S2N_API extern int s2n_config_require_ticket_forward_secrecy(struct s2n_config *config, bool enabled);
1314
1322S2N_API extern int s2n_config_set_ctx(struct s2n_config *config, void *ctx);
1323
1332S2N_API extern int s2n_config_get_ctx(struct s2n_config *config, void **ctx);
1333
1337typedef enum {
1338 S2N_SERVER,
1339 S2N_CLIENT
1340} s2n_mode;
1341
1358S2N_API extern struct s2n_connection *s2n_connection_new(s2n_mode mode);
1359
1367S2N_API extern int s2n_connection_set_config(struct s2n_connection *conn, struct s2n_config *config);
1368
1376S2N_API extern int s2n_connection_set_ctx(struct s2n_connection *conn, void *ctx);
1377
1383S2N_API extern void *s2n_connection_get_ctx(struct s2n_connection *conn);
1384
1391typedef int s2n_client_hello_fn(struct s2n_connection *conn, void *ctx);
1392
1400typedef enum {
1401 S2N_CLIENT_HELLO_CB_BLOCKING,
1402 S2N_CLIENT_HELLO_CB_NONBLOCKING
1404
1413S2N_API extern int s2n_config_set_client_hello_cb(struct s2n_config *config, s2n_client_hello_fn client_hello_callback, void *ctx);
1414
1424S2N_API extern int s2n_config_set_client_hello_cb_mode(struct s2n_config *config, s2n_client_hello_cb_mode cb_mode);
1425
1433S2N_API extern int s2n_client_hello_cb_done(struct s2n_connection *conn);
1434
1442S2N_API extern int s2n_connection_server_name_extension_used(struct s2n_connection *conn);
1443
1447struct s2n_client_hello;
1448
1458S2N_API extern struct s2n_client_hello *s2n_connection_get_client_hello(struct s2n_connection *conn);
1459
1475S2N_API extern struct s2n_client_hello *s2n_client_hello_parse_message(const uint8_t *bytes, uint32_t size);
1476
1487S2N_API extern int s2n_client_hello_free(struct s2n_client_hello **ch);
1488
1498S2N_API extern ssize_t s2n_client_hello_get_raw_message_length(struct s2n_client_hello *ch);
1499
1519S2N_API extern ssize_t s2n_client_hello_get_raw_message(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length);
1520
1528S2N_API extern ssize_t s2n_client_hello_get_cipher_suites_length(struct s2n_client_hello *ch);
1529
1543S2N_API extern ssize_t s2n_client_hello_get_cipher_suites(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length);
1544
1552S2N_API extern ssize_t s2n_client_hello_get_extensions_length(struct s2n_client_hello *ch);
1553
1562S2N_API extern ssize_t s2n_client_hello_get_extensions(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length);
1563
1572S2N_API extern ssize_t s2n_client_hello_get_extension_length(struct s2n_client_hello *ch, s2n_tls_extension_type extension_type);
1573
1585S2N_API extern ssize_t s2n_client_hello_get_extension_by_id(struct s2n_client_hello *ch, s2n_tls_extension_type extension_type, uint8_t *out, uint32_t max_length);
1586
1596S2N_API extern int s2n_client_hello_has_extension(struct s2n_client_hello *ch, uint16_t extension_iana, bool *exists);
1597
1607S2N_API extern int s2n_client_hello_get_session_id_length(struct s2n_client_hello *ch, uint32_t *out_length);
1608
1624S2N_API extern int s2n_client_hello_get_session_id(struct s2n_client_hello *ch, uint8_t *out, uint32_t *out_length, uint32_t max_length);
1625
1633S2N_API extern int s2n_client_hello_get_compression_methods_length(struct s2n_client_hello *ch, uint32_t *out_length);
1634
1653S2N_API extern int s2n_client_hello_get_compression_methods(struct s2n_client_hello *ch, uint8_t *list, uint32_t list_length, uint32_t *out_length);
1654
1665S2N_API extern int s2n_client_hello_get_legacy_protocol_version(struct s2n_client_hello *ch, uint8_t *out);
1666
1689S2N_API extern int s2n_client_hello_get_supported_groups(struct s2n_client_hello *ch, uint16_t *groups,
1690 uint16_t groups_count_max, uint16_t *groups_count);
1691
1698S2N_API extern int s2n_client_hello_get_server_name_length(struct s2n_client_hello *ch, uint16_t *length);
1699
1710S2N_API extern int s2n_client_hello_get_server_name(struct s2n_client_hello *ch, uint8_t *server_name, uint16_t length, uint16_t *out_length);
1711
1723S2N_API extern int s2n_connection_set_fd(struct s2n_connection *conn, int fd);
1724
1736S2N_API extern int s2n_connection_set_read_fd(struct s2n_connection *conn, int readfd);
1737
1746S2N_API extern int s2n_connection_set_write_fd(struct s2n_connection *conn, int writefd);
1747
1755S2N_API extern int s2n_connection_get_read_fd(struct s2n_connection *conn, int *readfd);
1756
1764S2N_API extern int s2n_connection_get_write_fd(struct s2n_connection *conn, int *writefd);
1765
1774S2N_API extern int s2n_connection_use_corked_io(struct s2n_connection *conn);
1775
1779typedef int s2n_recv_fn(void *io_context, uint8_t *buf, uint32_t len);
1780
1784typedef int s2n_send_fn(void *io_context, const uint8_t *buf, uint32_t len);
1785
1796S2N_API extern int s2n_connection_set_recv_ctx(struct s2n_connection *conn, void *ctx);
1797
1808S2N_API extern int s2n_connection_set_send_ctx(struct s2n_connection *conn, void *ctx);
1809
1821S2N_API extern int s2n_connection_set_recv_cb(struct s2n_connection *conn, s2n_recv_fn recv);
1822
1834S2N_API extern int s2n_connection_set_send_cb(struct s2n_connection *conn, s2n_send_fn send);
1835
1845S2N_API extern int s2n_connection_prefer_throughput(struct s2n_connection *conn);
1846
1856S2N_API extern int s2n_connection_prefer_low_latency(struct s2n_connection *conn);
1857
1917S2N_API extern int s2n_connection_set_recv_buffering(struct s2n_connection *conn, bool enabled);
1918
1936S2N_API extern uint32_t s2n_peek_buffered(struct s2n_connection *conn);
1937
1949S2N_API extern int s2n_connection_set_dynamic_buffers(struct s2n_connection *conn, bool enabled);
1950
1967S2N_API extern int s2n_connection_set_dynamic_record_threshold(struct s2n_connection *conn, uint32_t resize_threshold, uint16_t timeout_threshold);
1968
1982S2N_API extern int s2n_connection_set_verify_host_callback(struct s2n_connection *conn, s2n_verify_host_fn host_fn, void *data);
1983
1997typedef enum {
1998 S2N_BUILT_IN_BLINDING,
1999 S2N_SELF_SERVICE_BLINDING
2000} s2n_blinding;
2001
2010S2N_API extern int s2n_connection_set_blinding(struct s2n_connection *conn, s2n_blinding blinding);
2011
2017S2N_API extern uint64_t s2n_connection_get_delay(struct s2n_connection *conn);
2018
2045S2N_API extern int s2n_config_set_max_blinding_delay(struct s2n_config *config, uint32_t seconds);
2046
2055S2N_API extern int s2n_connection_set_cipher_preferences(struct s2n_connection *conn, const char *version);
2056
2061typedef enum {
2062 S2N_KEY_UPDATE_NOT_REQUESTED = 0,
2063 S2N_KEY_UPDATE_REQUESTED
2065
2080S2N_API extern int s2n_connection_request_key_update(struct s2n_connection *conn, s2n_peer_key_update peer_request);
2091S2N_API extern int s2n_connection_append_protocol_preference(struct s2n_connection *conn, const uint8_t *protocol, uint8_t protocol_len);
2092
2102S2N_API extern int s2n_connection_set_protocol_preferences(struct s2n_connection *conn, const char *const *protocols, int protocol_count);
2103
2123S2N_API extern int s2n_set_server_name(struct s2n_connection *conn, const char *server_name);
2124
2134S2N_API extern const char *s2n_get_server_name(struct s2n_connection *conn);
2135
2142S2N_API extern const char *s2n_get_application_protocol(struct s2n_connection *conn);
2143
2151S2N_API extern const uint8_t *s2n_connection_get_ocsp_response(struct s2n_connection *conn, uint32_t *length);
2152
2160S2N_API extern const uint8_t *s2n_connection_get_sct_list(struct s2n_connection *conn, uint32_t *length);
2161
2167typedef enum {
2168 S2N_NOT_BLOCKED = 0,
2169 S2N_BLOCKED_ON_READ,
2170 S2N_BLOCKED_ON_WRITE,
2171 S2N_BLOCKED_ON_APPLICATION_INPUT,
2172 S2N_BLOCKED_ON_EARLY_DATA,
2174
2190S2N_API extern int s2n_negotiate(struct s2n_connection *conn, s2n_blocked_status *blocked);
2191
2209S2N_API extern ssize_t s2n_send(struct s2n_connection *conn, const void *buf, ssize_t size, s2n_blocked_status *blocked);
2210
2222S2N_API extern ssize_t s2n_sendv(struct s2n_connection *conn, const struct iovec *bufs, ssize_t count, s2n_blocked_status *blocked);
2223
2241S2N_API extern ssize_t s2n_sendv_with_offset(struct s2n_connection *conn, const struct iovec *bufs, ssize_t count, ssize_t offs, s2n_blocked_status *blocked);
2242
2258S2N_API extern ssize_t s2n_recv(struct s2n_connection *conn, void *buf, ssize_t size, s2n_blocked_status *blocked);
2259
2271S2N_API extern uint32_t s2n_peek(struct s2n_connection *conn);
2272
2281S2N_API extern int s2n_connection_free_handshake(struct s2n_connection *conn);
2282
2292S2N_API extern int s2n_connection_release_buffers(struct s2n_connection *conn);
2293
2304S2N_API extern int s2n_connection_wipe(struct s2n_connection *conn);
2305
2315S2N_API extern int s2n_connection_free(struct s2n_connection *conn);
2316
2332S2N_API extern int s2n_shutdown(struct s2n_connection *conn, s2n_blocked_status *blocked);
2333
2360S2N_API extern int s2n_shutdown_send(struct s2n_connection *conn, s2n_blocked_status *blocked);
2361
2382typedef enum {
2383 S2N_CERT_AUTH_NONE,
2384 S2N_CERT_AUTH_REQUIRED,
2385 S2N_CERT_AUTH_OPTIONAL
2387
2395S2N_API extern int s2n_config_get_client_auth_type(struct s2n_config *config, s2n_cert_auth_type *client_auth_type);
2396
2407S2N_API extern int s2n_config_set_client_auth_type(struct s2n_config *config, s2n_cert_auth_type client_auth_type);
2408
2416S2N_API extern int s2n_connection_get_client_auth_type(struct s2n_connection *conn, s2n_cert_auth_type *client_auth_type);
2417
2428S2N_API extern int s2n_connection_set_client_auth_type(struct s2n_connection *conn, s2n_cert_auth_type client_auth_type);
2429
2445S2N_API extern int s2n_connection_get_client_cert_chain(struct s2n_connection *conn, uint8_t **der_cert_chain_out, uint32_t *cert_chain_len);
2446
2454S2N_API extern int s2n_config_set_initial_ticket_count(struct s2n_config *config, uint8_t num);
2455
2463S2N_API extern int s2n_connection_add_new_tickets_to_send(struct s2n_connection *conn, uint8_t num);
2464
2477S2N_API extern int s2n_connection_get_tickets_sent(struct s2n_connection *conn, uint16_t *num);
2478
2487S2N_API extern int s2n_connection_set_server_keying_material_lifetime(struct s2n_connection *conn, uint32_t lifetime_in_secs);
2488
2489struct s2n_session_ticket;
2490
2505typedef int (*s2n_session_ticket_fn)(struct s2n_connection *conn, void *ctx, struct s2n_session_ticket *ticket);
2506
2519S2N_API extern int s2n_config_set_session_ticket_cb(struct s2n_config *config, s2n_session_ticket_fn callback, void *ctx);
2520
2527S2N_API extern int s2n_session_ticket_get_data_len(struct s2n_session_ticket *ticket, size_t *data_len);
2528
2540S2N_API extern int s2n_session_ticket_get_data(struct s2n_session_ticket *ticket, size_t max_data_len, uint8_t *data);
2541
2548S2N_API extern int s2n_session_ticket_get_lifetime(struct s2n_session_ticket *ticket, uint32_t *session_lifetime);
2549
2562S2N_API extern int s2n_connection_set_session(struct s2n_connection *conn, const uint8_t *session, size_t length);
2563
2577S2N_API extern int s2n_connection_get_session(struct s2n_connection *conn, uint8_t *session, size_t max_length);
2578
2590S2N_API extern int s2n_connection_get_session_ticket_lifetime_hint(struct s2n_connection *conn);
2591
2599S2N_API extern int s2n_connection_get_session_length(struct s2n_connection *conn);
2600
2610S2N_API extern int s2n_connection_get_session_id_length(struct s2n_connection *conn);
2611
2625S2N_API extern int s2n_connection_get_session_id(struct s2n_connection *conn, uint8_t *session_id, size_t max_length);
2626
2634S2N_API extern int s2n_connection_is_session_resumed(struct s2n_connection *conn);
2635
2643S2N_API extern int s2n_connection_is_ocsp_stapled(struct s2n_connection *conn);
2644
2649typedef enum {
2650 S2N_TLS_SIGNATURE_ANONYMOUS = 0,
2651 S2N_TLS_SIGNATURE_RSA = 1,
2652 S2N_TLS_SIGNATURE_ECDSA = 3,
2653
2654 /* Use Private Range for RSA PSS since it's not defined there */
2655 S2N_TLS_SIGNATURE_RSA_PSS_RSAE = 224,
2656 S2N_TLS_SIGNATURE_RSA_PSS_PSS
2658
2662typedef enum {
2663 S2N_TLS_HASH_NONE = 0,
2664 S2N_TLS_HASH_MD5 = 1,
2665 S2N_TLS_HASH_SHA1 = 2,
2666 S2N_TLS_HASH_SHA224 = 3,
2667 S2N_TLS_HASH_SHA256 = 4,
2668 S2N_TLS_HASH_SHA384 = 5,
2669 S2N_TLS_HASH_SHA512 = 6,
2670
2671 /* Use Private Range for MD5_SHA1 */
2672 S2N_TLS_HASH_MD5_SHA1 = 224
2674
2684
2693S2N_API extern int s2n_connection_get_selected_digest_algorithm(struct s2n_connection *conn, s2n_tls_hash_algorithm *chosen_alg);
2694
2704
2714
2728S2N_API extern struct s2n_cert_chain_and_key *s2n_connection_get_selected_cert(struct s2n_connection *conn);
2729
2735S2N_API extern int s2n_cert_chain_get_length(const struct s2n_cert_chain_and_key *chain_and_key, uint32_t *cert_length);
2736
2755S2N_API extern int s2n_cert_chain_get_cert(const struct s2n_cert_chain_and_key *chain_and_key, struct s2n_cert **out_cert, const uint32_t cert_idx);
2756
2782S2N_API extern int s2n_cert_get_der(const struct s2n_cert *cert, const uint8_t **out_cert_der, uint32_t *cert_length);
2783
2794S2N_API extern int s2n_connection_get_peer_cert_chain(const struct s2n_connection *conn, struct s2n_cert_chain_and_key *cert_chain);
2795
2803S2N_API extern int s2n_cert_get_x509_extension_value_length(struct s2n_cert *cert, const uint8_t *oid, uint32_t *ext_value_len);
2804
2816S2N_API extern int s2n_cert_get_x509_extension_value(struct s2n_cert *cert, const uint8_t *oid, uint8_t *ext_value, uint32_t *ext_value_len, bool *critical);
2817
2825S2N_API extern int s2n_cert_get_utf8_string_from_extension_data_length(const uint8_t *extension_data, uint32_t extension_len, uint32_t *utf8_str_len);
2826
2838S2N_API extern int s2n_cert_get_utf8_string_from_extension_data(const uint8_t *extension_data, uint32_t extension_len, uint8_t *out_data, uint32_t *out_len);
2839
2843typedef enum {
2844 S2N_PSK_HMAC_SHA256,
2845 S2N_PSK_HMAC_SHA384,
2846} s2n_psk_hmac;
2847
2851struct s2n_psk;
2852
2861S2N_API struct s2n_psk *s2n_external_psk_new(void);
2862
2868S2N_API int s2n_psk_free(struct s2n_psk **psk);
2869
2887S2N_API int s2n_psk_set_identity(struct s2n_psk *psk, const uint8_t *identity, uint16_t identity_size);
2888
2905S2N_API int s2n_psk_set_secret(struct s2n_psk *psk, const uint8_t *secret, uint16_t secret_size);
2906
2914S2N_API int s2n_psk_set_hmac(struct s2n_psk *psk, s2n_psk_hmac hmac);
2915
2925S2N_API int s2n_connection_append_psk(struct s2n_connection *conn, struct s2n_psk *psk);
2926
2933typedef enum {
2934 S2N_PSK_MODE_RESUMPTION,
2935 S2N_PSK_MODE_EXTERNAL
2936} s2n_psk_mode;
2937
2945S2N_API int s2n_config_set_psk_mode(struct s2n_config *config, s2n_psk_mode mode);
2946
2955S2N_API int s2n_connection_set_psk_mode(struct s2n_connection *conn, s2n_psk_mode mode);
2956
2968S2N_API int s2n_connection_get_negotiated_psk_identity_length(struct s2n_connection *conn, uint16_t *identity_length);
2969
2986S2N_API int s2n_connection_get_negotiated_psk_identity(struct s2n_connection *conn, uint8_t *identity, uint16_t max_identity_length);
2987
2988struct s2n_offered_psk;
2989
3000S2N_API struct s2n_offered_psk *s2n_offered_psk_new(void);
3001
3007S2N_API int s2n_offered_psk_free(struct s2n_offered_psk **psk);
3008
3016S2N_API int s2n_offered_psk_get_identity(struct s2n_offered_psk *psk, uint8_t **identity, uint16_t *size);
3017
3018struct s2n_offered_psk_list;
3019
3032S2N_API bool s2n_offered_psk_list_has_next(struct s2n_offered_psk_list *psk_list);
3033
3041S2N_API int s2n_offered_psk_list_next(struct s2n_offered_psk_list *psk_list, struct s2n_offered_psk *psk);
3042
3051S2N_API int s2n_offered_psk_list_reread(struct s2n_offered_psk_list *psk_list);
3052
3064S2N_API int s2n_offered_psk_list_choose_psk(struct s2n_offered_psk_list *psk_list, struct s2n_offered_psk *psk);
3065
3080typedef int (*s2n_psk_selection_callback)(struct s2n_connection *conn, void *context,
3081 struct s2n_offered_psk_list *psk_list);
3082
3092S2N_API int s2n_config_set_psk_selection_callback(struct s2n_config *config, s2n_psk_selection_callback cb, void *context);
3093
3100S2N_API extern uint64_t s2n_connection_get_wire_bytes_in(struct s2n_connection *conn);
3101
3108S2N_API extern uint64_t s2n_connection_get_wire_bytes_out(struct s2n_connection *conn);
3109
3119S2N_API extern int s2n_connection_get_client_protocol_version(struct s2n_connection *conn);
3120
3130S2N_API extern int s2n_connection_get_server_protocol_version(struct s2n_connection *conn);
3131
3141S2N_API extern int s2n_connection_get_actual_protocol_version(struct s2n_connection *conn);
3142
3152S2N_API extern int s2n_connection_get_client_hello_version(struct s2n_connection *conn);
3153
3165S2N_API extern int s2n_client_hello_get_legacy_record_version(struct s2n_client_hello *ch, uint8_t *out);
3166
3174S2N_API extern int s2n_connection_client_cert_used(struct s2n_connection *conn);
3175
3189S2N_API extern const char *s2n_connection_get_cipher(struct s2n_connection *conn);
3190
3202typedef enum {
3203 S2N_SNI_NONE = 1,
3204 S2N_SNI_EXACT_MATCH,
3205 S2N_SNI_WILDCARD_MATCH,
3206 S2N_SNI_NO_MATCH,
3208
3221S2N_API extern int s2n_connection_get_certificate_match(struct s2n_connection *conn, s2n_cert_sni_match *match_status);
3222
3252S2N_API extern int s2n_connection_get_master_secret(const struct s2n_connection *conn,
3253 uint8_t *secret_bytes, size_t max_size);
3254
3265S2N_API extern int s2n_connection_tls_exporter(struct s2n_connection *conn,
3266 const uint8_t *label, uint32_t label_length, const uint8_t *context, uint32_t context_length,
3267 uint8_t *output, uint32_t output_length);
3268
3284S2N_API extern int s2n_connection_get_cipher_iana_value(struct s2n_connection *conn, uint8_t *first, uint8_t *second);
3285
3293S2N_API extern int s2n_connection_is_valid_for_cipher_preferences(struct s2n_connection *conn, const char *version);
3294
3301S2N_API extern const char *s2n_connection_get_curve(struct s2n_connection *conn);
3302
3309S2N_API extern const char *s2n_connection_get_kem_name(struct s2n_connection *conn);
3310
3317S2N_API extern const char *s2n_connection_get_kem_group_name(struct s2n_connection *conn);
3318
3326S2N_API extern int s2n_connection_get_alert(struct s2n_connection *conn);
3327
3334S2N_API extern const char *s2n_connection_get_handshake_type_name(struct s2n_connection *conn);
3335
3341S2N_API extern const char *s2n_connection_get_last_message_name(struct s2n_connection *conn);
3342
3346struct s2n_async_pkey_op;
3347
3356typedef enum {
3357 S2N_ASYNC_PKEY_VALIDATION_FAST,
3358 S2N_ASYNC_PKEY_VALIDATION_STRICT
3360
3364typedef enum {
3365 S2N_ASYNC_DECRYPT,
3366 S2N_ASYNC_SIGN
3368
3381typedef int (*s2n_async_pkey_fn)(struct s2n_connection *conn, struct s2n_async_pkey_op *op);
3382
3389S2N_API extern int s2n_config_set_async_pkey_callback(struct s2n_config *config, s2n_async_pkey_fn fn);
3390
3403S2N_API extern int s2n_async_pkey_op_perform(struct s2n_async_pkey_op *op, s2n_cert_private_key *key);
3404
3418S2N_API extern int s2n_async_pkey_op_apply(struct s2n_async_pkey_op *op, struct s2n_connection *conn);
3419
3429S2N_API extern int s2n_async_pkey_op_free(struct s2n_async_pkey_op *op);
3430
3439
3446S2N_API extern int s2n_async_pkey_op_get_op_type(struct s2n_async_pkey_op *op, s2n_async_pkey_op_type *type);
3447
3454S2N_API extern int s2n_async_pkey_op_get_input_size(struct s2n_async_pkey_op *op, uint32_t *data_len);
3455
3472S2N_API extern int s2n_async_pkey_op_get_input(struct s2n_async_pkey_op *op, uint8_t *data, uint32_t data_len);
3473
3485S2N_API extern int s2n_async_pkey_op_set_output(struct s2n_async_pkey_op *op, const uint8_t *data, uint32_t data_len);
3486
3506typedef int (*s2n_key_log_fn)(void *ctx, struct s2n_connection *conn, uint8_t *logline, size_t len);
3507
3525S2N_API extern int s2n_config_set_key_log_cb(struct s2n_config *config, s2n_key_log_fn callback, void *ctx);
3526
3533S2N_API extern int s2n_config_enable_cert_req_dss_legacy_compat(struct s2n_config *config);
3534
3545S2N_API int s2n_config_set_server_max_early_data_size(struct s2n_config *config, uint32_t max_early_data_size);
3546
3557S2N_API int s2n_connection_set_server_max_early_data_size(struct s2n_connection *conn, uint32_t max_early_data_size);
3558
3574S2N_API int s2n_connection_set_server_early_data_context(struct s2n_connection *conn, const uint8_t *context, uint16_t context_size);
3575
3591S2N_API int s2n_psk_configure_early_data(struct s2n_psk *psk, uint32_t max_early_data_size,
3592 uint8_t cipher_suite_first_byte, uint8_t cipher_suite_second_byte);
3593
3605S2N_API int s2n_psk_set_application_protocol(struct s2n_psk *psk, const uint8_t *application_protocol, uint8_t size);
3606
3618S2N_API int s2n_psk_set_early_data_context(struct s2n_psk *psk, const uint8_t *context, uint16_t size);
3619
3629typedef enum {
3630 S2N_EARLY_DATA_STATUS_OK,
3631 S2N_EARLY_DATA_STATUS_NOT_REQUESTED,
3632 S2N_EARLY_DATA_STATUS_REJECTED,
3633 S2N_EARLY_DATA_STATUS_END,
3635
3646
3658S2N_API int s2n_connection_get_remaining_early_data_size(struct s2n_connection *conn, uint32_t *allowed_early_data_size);
3659
3671S2N_API int s2n_connection_get_max_early_data_size(struct s2n_connection *conn, uint32_t *max_early_data_size);
3672
3687S2N_API int s2n_send_early_data(struct s2n_connection *conn, const uint8_t *data, ssize_t data_len,
3688 ssize_t *data_sent, s2n_blocked_status *blocked);
3689
3704S2N_API int s2n_recv_early_data(struct s2n_connection *conn, uint8_t *data, ssize_t max_data_len,
3705 ssize_t *data_received, s2n_blocked_status *blocked);
3706
3707struct s2n_offered_early_data;
3708
3726typedef int (*s2n_early_data_cb)(struct s2n_connection *conn, struct s2n_offered_early_data *early_data);
3727
3735S2N_API int s2n_config_set_early_data_cb(struct s2n_config *config, s2n_early_data_cb cb);
3736
3744S2N_API int s2n_offered_early_data_get_context_length(struct s2n_offered_early_data *early_data, uint16_t *context_len);
3745
3754S2N_API int s2n_offered_early_data_get_context(struct s2n_offered_early_data *early_data, uint8_t *context, uint16_t max_len);
3755
3762S2N_API int s2n_offered_early_data_reject(struct s2n_offered_early_data *early_data);
3763
3770S2N_API int s2n_offered_early_data_accept(struct s2n_offered_early_data *early_data);
3771
3797S2N_API int s2n_config_get_supported_groups(struct s2n_config *config, uint16_t *groups, uint16_t groups_count_max,
3798 uint16_t *groups_count);
3799
3800/* Indicates which serialized connection version will be provided. The default value is
3801 * S2N_SERIALIZED_CONN_NONE, which indicates the feature is off.
3802 */
3803typedef enum {
3804 S2N_SERIALIZED_CONN_NONE = 0,
3805 S2N_SERIALIZED_CONN_V1 = 1
3806} s2n_serialization_version;
3807
3820S2N_API int s2n_config_set_serialization_version(struct s2n_config *config, s2n_serialization_version version);
3821
3833S2N_API int s2n_connection_serialization_length(struct s2n_connection *conn, uint32_t *length);
3834
3859S2N_API int s2n_connection_serialize(struct s2n_connection *conn, uint8_t *buffer, uint32_t buffer_length);
3860
3882S2N_API int s2n_connection_deserialize(struct s2n_connection *conn, uint8_t *buffer, uint32_t buffer_length);
3883
3884/* Load all acceptable certificate authorities from the currently configured trust store.
3885 *
3886 * The loaded certificate authorities will be advertised during the handshake.
3887 * This can help your peer select a certificate if they have multiple certificate
3888 * chains available.
3889 *
3890 * For now, s2n-tls only supports advertising certificate authorities to support
3891 * client auth, so only servers will send the list of certificate authorities.
3892 *
3893 * To avoid configuration mistakes, certificate authorities cannot be loaded from
3894 * a trust store that includes the default system certificates. That means that
3895 * s2n_config_new_minimal or s2n_config_wipe_trust_store should be used.
3896 *
3897 * s2n-tls currently limits the total certificate authorities size to 10k bytes.
3898 * This method will fail if the certificate authorities retrieved from the trust
3899 * store exceed that limit.
3900 *
3901 * @param config A pointer to the s2n_config object.
3902 * @returns S2N_SUCCESS on success. S2N_FAILURE on failure.
3903 */
3904S2N_API int s2n_config_set_cert_authorities_from_trust_store(struct s2n_config *config);
3905
3906#ifdef __cplusplus
3907}
3908#endif
S2N_API int s2n_config_set_session_state_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs)
S2N_API int s2n_connection_append_psk(struct s2n_connection *conn, struct s2n_psk *psk)
S2N_API int s2n_async_pkey_op_get_input(struct s2n_async_pkey_op *op, uint8_t *data, uint32_t data_len)
struct s2n_cert_chain_and_key *(* s2n_cert_tiebreak_callback)(struct s2n_cert_chain_and_key *cert1, struct s2n_cert_chain_and_key *cert2, uint8_t *name, uint32_t name_len)
Definition: s2n.h:775
int s2n_client_hello_fn(struct s2n_connection *conn, void *ctx)
Definition: s2n.h:1391
S2N_API int s2n_psk_set_early_data_context(struct s2n_psk *psk, const uint8_t *context, uint16_t size)
S2N_API int s2n_offered_early_data_get_context(struct s2n_offered_early_data *early_data, uint8_t *context, uint16_t max_len)
S2N_API int s2n_config_set_verify_host_callback(struct s2n_config *config, s2n_verify_host_fn, void *data)
s2n_tls_hash_algorithm
Definition: s2n.h:2662
S2N_API int s2n_config_set_cert_tiebreak_callback(struct s2n_config *config, s2n_cert_tiebreak_callback cert_tiebreak_cb)
S2N_API int s2n_config_set_cache_retrieve_callback(struct s2n_config *config, s2n_cache_retrieve_callback cache_retrieve_callback, void *data)
S2N_API int s2n_connection_get_negotiated_psk_identity(struct s2n_connection *conn, uint8_t *identity, uint16_t max_identity_length)
int s2n_recv_fn(void *io_context, uint8_t *buf, uint32_t len)
Definition: s2n.h:1779
S2N_API int s2n_connection_add_new_tickets_to_send(struct s2n_connection *conn, uint8_t num)
int(* s2n_clock_time_nanoseconds)(void *, uint64_t *)
Definition: s2n.h:327
S2N_API int s2n_config_set_key_log_cb(struct s2n_config *config, s2n_key_log_fn callback, void *ctx)
S2N_API int s2n_connection_free_handshake(struct s2n_connection *conn)
S2N_API int s2n_config_set_client_hello_cb_mode(struct s2n_config *config, s2n_client_hello_cb_mode cb_mode)
S2N_API int s2n_cert_chain_and_key_load_public_pem_bytes(struct s2n_cert_chain_and_key *chain_and_key, uint8_t *chain_pem, uint32_t chain_pem_len)
S2N_API int s2n_config_send_max_fragment_length(struct s2n_config *config, s2n_max_frag_len mfl_code)
S2N_API int s2n_offered_psk_get_identity(struct s2n_offered_psk *psk, uint8_t **identity, uint16_t *size)
S2N_API int s2n_recv_early_data(struct s2n_connection *conn, uint8_t *data, ssize_t max_data_len, ssize_t *data_received, s2n_blocked_status *blocked)
S2N_API const char * s2n_strerror_name(int error)
S2N_API int s2n_connection_prefer_throughput(struct s2n_connection *conn)
S2N_API uint64_t s2n_connection_get_wire_bytes_out(struct s2n_connection *conn)
S2N_API int s2n_client_hello_get_server_name(struct s2n_client_hello *ch, uint8_t *server_name, uint16_t length, uint16_t *out_length)
S2N_API int s2n_connection_get_selected_digest_algorithm(struct s2n_connection *conn, s2n_tls_hash_algorithm *chosen_alg)
S2N_API int s2n_connection_get_read_fd(struct s2n_connection *conn, int *readfd)
s2n_max_frag_len
Definition: s2n.h:622
S2N_API struct s2n_offered_psk * s2n_offered_psk_new(void)
S2N_API ssize_t s2n_sendv_with_offset(struct s2n_connection *conn, const struct iovec *bufs, ssize_t count, ssize_t offs, s2n_blocked_status *blocked)
S2N_API uint32_t s2n_peek(struct s2n_connection *conn)
S2N_API int s2n_client_hello_has_extension(struct s2n_client_hello *ch, uint16_t extension_iana, bool *exists)
S2N_API const char * s2n_connection_get_kem_group_name(struct s2n_connection *conn)
S2N_API int s2n_connection_append_protocol_preference(struct s2n_connection *conn, const uint8_t *protocol, uint8_t protocol_len)
S2N_API int s2n_config_accept_max_fragment_length(struct s2n_config *config)
S2N_API int s2n_send_early_data(struct s2n_connection *conn, const uint8_t *data, ssize_t data_len, ssize_t *data_sent, s2n_blocked_status *blocked)
S2N_API int s2n_config_add_pem_to_trust_store(struct s2n_config *config, const char *pem)
S2N_API int s2n_connection_set_protocol_preferences(struct s2n_connection *conn, const char *const *protocols, int protocol_count)
S2N_API bool s2n_offered_psk_list_has_next(struct s2n_offered_psk_list *psk_list)
S2N_API int s2n_config_set_psk_mode(struct s2n_config *config, s2n_psk_mode mode)
S2N_API int s2n_psk_configure_early_data(struct s2n_psk *psk, uint32_t max_early_data_size, uint8_t cipher_suite_first_byte, uint8_t cipher_suite_second_byte)
S2N_API int s2n_config_enable_cert_req_dss_legacy_compat(struct s2n_config *config)
S2N_API int s2n_config_get_client_auth_type(struct s2n_config *config, s2n_cert_auth_type *client_auth_type)
S2N_API int s2n_config_set_extension_data(struct s2n_config *config, s2n_tls_extension_type type, const uint8_t *data, uint32_t length)
S2N_API const char * s2n_get_server_name(struct s2n_connection *conn)
S2N_API int s2n_offered_early_data_reject(struct s2n_offered_early_data *early_data)
S2N_API int s2n_connection_get_session_id(struct s2n_connection *conn, uint8_t *session_id, size_t max_length)
S2N_API int s2n_connection_client_cert_used(struct s2n_connection *conn)
S2N_API __thread int s2n_errno
S2N_API int s2n_config_set_async_pkey_callback(struct s2n_config *config, s2n_async_pkey_fn fn)
S2N_API int s2n_config_append_protocol_preference(struct s2n_config *config, const uint8_t *protocol, uint8_t protocol_len)
int(* s2n_async_pkey_fn)(struct s2n_connection *conn, struct s2n_async_pkey_op *op)
Definition: s2n.h:3381
S2N_API int s2n_config_set_cert_chain_and_key_defaults(struct s2n_config *config, struct s2n_cert_chain_and_key **cert_key_pairs, uint32_t num_cert_key_pairs)
S2N_API int s2n_connection_get_selected_client_cert_digest_algorithm(struct s2n_connection *conn, s2n_tls_hash_algorithm *chosen_alg)
S2N_API int s2n_cert_chain_get_length(const struct s2n_cert_chain_and_key *chain_and_key, uint32_t *cert_length)
s2n_blinding
Definition: s2n.h:1997
S2N_API int s2n_connection_get_selected_signature_algorithm(struct s2n_connection *conn, s2n_tls_signature_algorithm *chosen_alg)
S2N_API int s2n_print_stacktrace(FILE *fptr)
S2N_API int s2n_connection_set_server_keying_material_lifetime(struct s2n_connection *conn, uint32_t lifetime_in_secs)
int(* s2n_psk_selection_callback)(struct s2n_connection *conn, void *context, struct s2n_offered_psk_list *psk_list)
Definition: s2n.h:3080
S2N_API int s2n_config_set_status_request_type(struct s2n_config *config, s2n_status_request_type type)
S2N_API uint64_t s2n_connection_get_wire_bytes_in(struct s2n_connection *conn)
s2n_cert_sni_match
Definition: s2n.h:3202
S2N_API int s2n_psk_set_application_protocol(struct s2n_psk *psk, const uint8_t *application_protocol, uint8_t size)
S2N_API int s2n_config_set_cipher_preferences(struct s2n_config *config, const char *version)
s2n_async_pkey_validation_mode
Definition: s2n.h:3356
S2N_API ssize_t s2n_recv(struct s2n_connection *conn, void *buf, ssize_t size, s2n_blocked_status *blocked)
S2N_API struct s2n_cert_chain_and_key * s2n_cert_chain_and_key_new(void)
s2n_psk_mode
Definition: s2n.h:2933
S2N_API int s2n_config_load_system_certs(struct s2n_config *config)
S2N_API int s2n_async_pkey_op_apply(struct s2n_async_pkey_op *op, struct s2n_connection *conn)
S2N_API int s2n_config_free(struct s2n_config *config)
S2N_API int s2n_connection_get_negotiated_psk_identity_length(struct s2n_connection *conn, uint16_t *identity_length)
S2N_API int s2n_init(void)
s2n_error_type
Definition: s2n.h:142
@ S2N_ERR_T_OK
Definition: s2n.h:144
@ S2N_ERR_T_CLOSED
Definition: s2n.h:148
@ S2N_ERR_T_USAGE
Definition: s2n.h:158
@ S2N_ERR_T_ALERT
Definition: s2n.h:152
@ S2N_ERR_T_INTERNAL
Definition: s2n.h:156
@ S2N_ERR_T_IO
Definition: s2n.h:146
@ S2N_ERR_T_BLOCKED
Definition: s2n.h:150
@ S2N_ERR_T_PROTO
Definition: s2n.h:154
S2N_API int s2n_connection_get_selected_client_cert_signature_algorithm(struct s2n_connection *conn, s2n_tls_signature_algorithm *chosen_alg)
S2N_API int s2n_client_hello_get_server_name_length(struct s2n_client_hello *ch, uint16_t *length)
S2N_API int s2n_config_set_wall_clock(struct s2n_config *config, s2n_clock_time_nanoseconds clock_fn, void *ctx)
S2N_API int s2n_connection_set_send_ctx(struct s2n_connection *conn, void *ctx)
S2N_API int s2n_psk_set_hmac(struct s2n_psk *psk, s2n_psk_hmac hmac)
int(* s2n_key_log_fn)(void *ctx, struct s2n_connection *conn, uint8_t *logline, size_t len)
Definition: s2n.h:3506
S2N_API int s2n_cert_chain_and_key_set_ctx(struct s2n_cert_chain_and_key *cert_and_key, void *ctx)
int(* s2n_rand_mix_callback)(void *data, uint32_t size)
Definition: s2n.h:585
S2N_API int s2n_connection_set_send_cb(struct s2n_connection *conn, s2n_send_fn send)
S2N_API ssize_t s2n_client_hello_get_raw_message_length(struct s2n_client_hello *ch)
S2N_API int s2n_config_set_initial_ticket_count(struct s2n_config *config, uint8_t num)
S2N_API s2n_cert_private_key * s2n_cert_chain_and_key_get_private_key(struct s2n_cert_chain_and_key *cert_and_key)
S2N_API int s2n_connection_set_dynamic_buffers(struct s2n_connection *conn, bool enabled)
S2N_API int s2n_cert_chain_and_key_load_pem_bytes(struct s2n_cert_chain_and_key *chain_and_key, uint8_t *chain_pem, uint32_t chain_pem_len, uint8_t *private_key_pem, uint32_t private_key_pem_len)
S2N_API int s2n_config_set_ticket_encrypt_decrypt_key_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs)
S2N_API int s2n_connection_get_alert(struct s2n_connection *conn)
S2N_API void * s2n_cert_chain_and_key_get_ctx(struct s2n_cert_chain_and_key *cert_and_key)
S2N_API int s2n_connection_get_tickets_sent(struct s2n_connection *conn, uint16_t *num)
int(* s2n_cache_retrieve_callback)(struct s2n_connection *conn, void *, const void *key, uint64_t key_size, void *value, uint64_t *value_size)
Definition: s2n.h:349
S2N_API const char * s2n_strerror(int error, const char *lang)
S2N_API struct s2n_connection * s2n_connection_new(s2n_mode mode)
S2N_API int s2n_config_set_alert_behavior(struct s2n_config *config, s2n_alert_behavior alert_behavior)
S2N_API int s2n_config_set_ticket_decrypt_key_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs)
S2N_API int s2n_config_free_dhparams(struct s2n_config *config)
S2N_API int s2n_session_ticket_get_lifetime(struct s2n_session_ticket *ticket, uint32_t *session_lifetime)
S2N_API ssize_t s2n_client_hello_get_extension_by_id(struct s2n_client_hello *ch, s2n_tls_extension_type extension_type, uint8_t *out, uint32_t max_length)
S2N_API int s2n_offered_psk_list_choose_psk(struct s2n_offered_psk_list *psk_list, struct s2n_offered_psk *psk)
S2N_API const char * s2n_connection_get_kem_name(struct s2n_connection *conn)
S2N_API int s2n_connection_serialize(struct s2n_connection *conn, uint8_t *buffer, uint32_t buffer_length)
S2N_API const uint8_t * s2n_connection_get_sct_list(struct s2n_connection *conn, uint32_t *length)
S2N_API int s2n_connection_get_client_cert_chain(struct s2n_connection *conn, uint8_t **der_cert_chain_out, uint32_t *cert_chain_len)
S2N_API int s2n_config_add_cert_chain_and_key(struct s2n_config *config, const char *cert_chain_pem, const char *private_key_pem)
S2N_API int s2n_config_set_ct_support_level(struct s2n_config *config, s2n_ct_support_level level)
S2N_API int s2n_config_set_serialization_version(struct s2n_config *config, s2n_serialization_version version)
S2N_API int s2n_connection_set_server_max_early_data_size(struct s2n_connection *conn, uint32_t max_early_data_size)
S2N_API int s2n_psk_set_identity(struct s2n_psk *psk, const uint8_t *identity, uint16_t identity_size)
S2N_API int s2n_mem_set_callbacks(s2n_mem_init_callback mem_init_callback, s2n_mem_cleanup_callback mem_cleanup_callback, s2n_mem_malloc_callback mem_malloc_callback, s2n_mem_free_callback mem_free_callback)
S2N_API int s2n_offered_early_data_accept(struct s2n_offered_early_data *early_data)
S2N_API int s2n_connection_set_fd(struct s2n_connection *conn, int fd)
S2N_API int s2n_connection_set_recv_ctx(struct s2n_connection *conn, void *ctx)
S2N_API int s2n_connection_get_actual_protocol_version(struct s2n_connection *conn)
S2N_API int s2n_connection_set_blinding(struct s2n_connection *conn, s2n_blinding blinding)
S2N_API int s2n_client_hello_get_supported_groups(struct s2n_client_hello *ch, uint16_t *groups, uint16_t groups_count_max, uint16_t *groups_count)
S2N_API int s2n_connection_set_recv_cb(struct s2n_connection *conn, s2n_recv_fn recv)
struct s2n_pkey s2n_cert_public_key
Definition: s2n.h:647
S2N_API int s2n_cleanup(void)
S2N_API int s2n_config_set_send_buffer_size(struct s2n_config *config, uint32_t size)
int(* s2n_mem_free_callback)(void *ptr, uint32_t size)
Definition: s2n.h:549
int(* s2n_rand_cleanup_callback)(void)
Definition: s2n.h:573
int(* s2n_mem_init_callback)(void)
Definition: s2n.h:529
S2N_API int s2n_connection_server_name_extension_used(struct s2n_connection *conn)
S2N_API ssize_t s2n_sendv(struct s2n_connection *conn, const struct iovec *bufs, ssize_t count, s2n_blocked_status *blocked)
S2N_API int s2n_config_set_session_cache_onoff(struct s2n_config *config, uint8_t enabled)
S2N_API int s2n_connection_get_certificate_match(struct s2n_connection *conn, s2n_cert_sni_match *match_status)
S2N_API int s2n_async_pkey_op_set_output(struct s2n_async_pkey_op *op, const uint8_t *data, uint32_t data_len)
S2N_API int s2n_client_hello_get_compression_methods_length(struct s2n_client_hello *ch, uint32_t *out_length)
S2N_API int s2n_connection_set_server_early_data_context(struct s2n_connection *conn, const uint8_t *context, uint16_t context_size)
S2N_API int s2n_free_stacktrace(void)
s2n_mode
Definition: s2n.h:1337
S2N_API int s2n_connection_deserialize(struct s2n_connection *conn, uint8_t *buffer, uint32_t buffer_length)
s2n_client_hello_cb_mode
Definition: s2n.h:1400
S2N_API int s2n_config_set_monotonic_clock(struct s2n_config *config, s2n_clock_time_nanoseconds clock_fn, void *ctx)
S2N_API int s2n_get_stacktrace(struct s2n_stacktrace *trace)
S2N_API int s2n_config_set_async_pkey_validation_mode(struct s2n_config *config, s2n_async_pkey_validation_mode mode)
S2N_API int s2n_cert_chain_and_key_free(struct s2n_cert_chain_and_key *cert_and_key)
s2n_status_request_type
Definition: s2n.h:1126
S2N_API int s2n_psk_free(struct s2n_psk **psk)
S2N_API int s2n_connection_get_server_protocol_version(struct s2n_connection *conn)
S2N_API int s2n_connection_get_remaining_early_data_size(struct s2n_connection *conn, uint32_t *allowed_early_data_size)
S2N_API int s2n_client_hello_get_session_id_length(struct s2n_client_hello *ch, uint32_t *out_length)
S2N_API int s2n_connection_set_write_fd(struct s2n_connection *conn, int writefd)
S2N_API int s2n_connection_request_key_update(struct s2n_connection *conn, s2n_peer_key_update peer_request)
S2N_API int s2n_config_set_cache_delete_callback(struct s2n_config *config, s2n_cache_delete_callback cache_delete_callback, void *data)
S2N_API ssize_t s2n_client_hello_get_cipher_suites_length(struct s2n_client_hello *ch)
S2N_API int s2n_config_require_ticket_forward_secrecy(struct s2n_config *config, bool enabled)
S2N_API int s2n_cert_get_utf8_string_from_extension_data_length(const uint8_t *extension_data, uint32_t extension_len, uint32_t *utf8_str_len)
S2N_API int s2n_config_set_verification_ca_location(struct s2n_config *config, const char *ca_pem_filename, const char *ca_dir)
s2n_psk_hmac
Definition: s2n.h:2843
S2N_API const char * s2n_connection_get_handshake_type_name(struct s2n_connection *conn)
S2N_API int s2n_config_free_cert_chain_and_key(struct s2n_config *config)
S2N_API int s2n_config_set_recv_multi_record(struct s2n_config *config, bool enabled)
s2n_cert_auth_type
Definition: s2n.h:2382
int(* s2n_session_ticket_fn)(struct s2n_connection *conn, void *ctx, struct s2n_session_ticket *ticket)
Definition: s2n.h:2505
S2N_API const char * s2n_strerror_source(int error)
S2N_API int s2n_connection_get_session_ticket_lifetime_hint(struct s2n_connection *conn)
uint8_t(* s2n_verify_host_fn)(const char *host_name, size_t host_name_len, void *data)
Definition: s2n.h:996
S2N_API const uint8_t * s2n_connection_get_ocsp_response(struct s2n_connection *conn, uint32_t *length)
S2N_API int s2n_offered_psk_list_next(struct s2n_offered_psk_list *psk_list, struct s2n_offered_psk *psk)
S2N_API int s2n_config_set_cache_store_callback(struct s2n_config *config, s2n_cache_store_callback cache_store_callback, void *data)
S2N_API int s2n_offered_early_data_get_context_length(struct s2n_offered_early_data *early_data, uint16_t *context_len)
S2N_API int s2n_connection_get_max_early_data_size(struct s2n_connection *conn, uint32_t *max_early_data_size)
S2N_API int s2n_offered_psk_free(struct s2n_offered_psk **psk)
S2N_API int s2n_config_add_dhparams(struct s2n_config *config, const char *dhparams_pem)
int(* s2n_mem_malloc_callback)(void **ptr, uint32_t requested, uint32_t *allocated)
Definition: s2n.h:544
S2N_API int s2n_connection_get_write_fd(struct s2n_connection *conn, int *writefd)
S2N_API int s2n_connection_use_corked_io(struct s2n_connection *conn)
S2N_API int s2n_config_set_client_auth_type(struct s2n_config *config, s2n_cert_auth_type client_auth_type)
S2N_API int s2n_async_pkey_op_free(struct s2n_async_pkey_op *op)
S2N_API int s2n_connection_serialization_length(struct s2n_connection *conn, uint32_t *length)
s2n_tls_signature_algorithm
Definition: s2n.h:2649
S2N_API int s2n_config_set_protocol_preferences(struct s2n_config *config, const char *const *protocols, int protocol_count)
S2N_API int s2n_config_set_ctx(struct s2n_config *config, void *ctx)
S2N_API int s2n_stack_traces_enabled_set(bool newval)
struct s2n_pkey s2n_cert_private_key
Definition: s2n.h:652
S2N_API ssize_t s2n_send(struct s2n_connection *conn, const void *buf, ssize_t size, s2n_blocked_status *blocked)
S2N_API int s2n_connection_prefer_low_latency(struct s2n_connection *conn)
S2N_API int s2n_cert_chain_and_key_set_ocsp_data(struct s2n_cert_chain_and_key *chain_and_key, const uint8_t *data, uint32_t length)
S2N_API ssize_t s2n_client_hello_get_extensions_length(struct s2n_client_hello *ch)
S2N_API int s2n_connection_free(struct s2n_connection *conn)
S2N_API uint32_t s2n_peek_buffered(struct s2n_connection *conn)
S2N_API int s2n_config_set_verify_after_sign(struct s2n_config *config, s2n_verify_after_sign mode)
S2N_API struct s2n_cert_chain_and_key * s2n_connection_get_selected_cert(struct s2n_connection *conn)
S2N_API int s2n_async_pkey_op_get_op_type(struct s2n_async_pkey_op *op, s2n_async_pkey_op_type *type)
S2N_API int s2n_config_set_max_blinding_delay(struct s2n_config *config, uint32_t seconds)
S2N_API int s2n_connection_get_client_auth_type(struct s2n_connection *conn, s2n_cert_auth_type *client_auth_type)
S2N_API int s2n_connection_set_read_fd(struct s2n_connection *conn, int readfd)
S2N_API int s2n_config_set_session_ticket_cb(struct s2n_config *config, s2n_session_ticket_fn callback, void *ctx)
s2n_peer_key_update
Definition: s2n.h:2061
S2N_API int s2n_config_disable_x509_verification(struct s2n_config *config)
S2N_API int s2n_config_set_client_hello_cb(struct s2n_config *config, s2n_client_hello_fn client_hello_callback, void *ctx)
S2N_API struct s2n_client_hello * s2n_client_hello_parse_message(const uint8_t *bytes, uint32_t size)
S2N_API struct s2n_config * s2n_config_new(void)
S2N_API int s2n_connection_set_session(struct s2n_connection *conn, const uint8_t *session, size_t length)
S2N_API int s2n_connection_get_client_protocol_version(struct s2n_connection *conn)
S2N_API int s2n_connection_get_session_length(struct s2n_connection *conn)
s2n_early_data_status_t
Definition: s2n.h:3629
S2N_API struct s2n_psk * s2n_external_psk_new(void)
s2n_tls_extension_type
Definition: s2n.h:606
S2N_API int s2n_config_get_ctx(struct s2n_config *config, void **ctx)
S2N_API int s2n_connection_set_cipher_preferences(struct s2n_connection *conn, const char *version)
S2N_API struct s2n_config * s2n_config_new_minimal(void)
S2N_API int s2n_cert_get_x509_extension_value(struct s2n_cert *cert, const uint8_t *oid, uint8_t *ext_value, uint32_t *ext_value_len, bool *critical)
S2N_API ssize_t s2n_client_hello_get_cipher_suites(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length)
S2N_API uint64_t s2n_connection_get_delay(struct s2n_connection *conn)
s2n_alert_behavior
Definition: s2n.h:1175
S2N_API ssize_t s2n_client_hello_get_extension_length(struct s2n_client_hello *ch, s2n_tls_extension_type extension_type)
S2N_API int s2n_connection_set_psk_mode(struct s2n_connection *conn, s2n_psk_mode mode)
S2N_API int s2n_config_disable_x509_time_verification(struct s2n_config *config)
S2N_API int s2n_connection_get_cipher_iana_value(struct s2n_connection *conn, uint8_t *first, uint8_t *second)
S2N_API int s2n_connection_set_ctx(struct s2n_connection *conn, void *ctx)
S2N_API int s2n_connection_set_config(struct s2n_connection *conn, struct s2n_config *config)
S2N_API const char * s2n_strerror_debug(int error, const char *lang)
S2N_API int s2n_connection_get_early_data_status(struct s2n_connection *conn, s2n_early_data_status_t *status)
S2N_API int s2n_config_set_server_max_early_data_size(struct s2n_config *config, uint32_t max_early_data_size)
S2N_API int s2n_config_add_cert_chain_and_key_to_store(struct s2n_config *config, struct s2n_cert_chain_and_key *cert_key_pair)
S2N_API struct s2n_client_hello * s2n_connection_get_client_hello(struct s2n_connection *conn)
S2N_API ssize_t s2n_client_hello_get_raw_message(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length)
S2N_API int s2n_offered_psk_list_reread(struct s2n_offered_psk_list *psk_list)
S2N_API int s2n_config_set_early_data_cb(struct s2n_config *config, s2n_early_data_cb cb)
S2N_API int s2n_connection_is_valid_for_cipher_preferences(struct s2n_connection *conn, const char *version)
S2N_API int s2n_crypto_disable_init(void)
S2N_API int s2n_cert_get_x509_extension_value_length(struct s2n_cert *cert, const uint8_t *oid, uint32_t *ext_value_len)
int(* s2n_cache_delete_callback)(struct s2n_connection *conn, void *, const void *key, uint64_t key_size)
Definition: s2n.h:376
S2N_API int s2n_connection_get_session_id_length(struct s2n_connection *conn)
S2N_API int s2n_config_get_supported_groups(struct s2n_config *config, uint16_t *groups, uint16_t groups_count_max, uint16_t *groups_count)
S2N_API bool s2n_stack_traces_enabled(void)
S2N_API int s2n_connection_set_client_auth_type(struct s2n_connection *conn, s2n_cert_auth_type client_auth_type)
S2N_API void * s2n_connection_get_ctx(struct s2n_connection *conn)
S2N_API int s2n_connection_get_client_hello_version(struct s2n_connection *conn)
S2N_API int s2n_client_hello_get_legacy_record_version(struct s2n_client_hello *ch, uint8_t *out)
S2N_API int s2n_negotiate(struct s2n_connection *conn, s2n_blocked_status *blocked)
S2N_API int s2n_connection_get_master_secret(const struct s2n_connection *conn, uint8_t *secret_bytes, size_t max_size)
S2N_API int s2n_connection_set_verify_host_callback(struct s2n_connection *conn, s2n_verify_host_fn host_fn, void *data)
S2N_API int s2n_cert_chain_and_key_set_sct_list(struct s2n_cert_chain_and_key *chain_and_key, const uint8_t *data, uint32_t length)
S2N_API int s2n_client_hello_free(struct s2n_client_hello **ch)
int s2n_send_fn(void *io_context, const uint8_t *buf, uint32_t len)
Definition: s2n.h:1784
S2N_API int s2n_psk_set_secret(struct s2n_psk *psk, const uint8_t *secret, uint16_t secret_size)
int(* s2n_cache_store_callback)(struct s2n_connection *conn, void *, uint64_t ttl_in_seconds, const void *key, uint64_t key_size, const void *value, uint64_t value_size)
Definition: s2n.h:364
int(* s2n_rand_init_callback)(void)
Definition: s2n.h:568
S2N_API int s2n_async_pkey_op_get_input_size(struct s2n_async_pkey_op *op, uint32_t *data_len)
S2N_API int s2n_client_hello_get_compression_methods(struct s2n_client_hello *ch, uint8_t *list, uint32_t list_length, uint32_t *out_length)
S2N_API int s2n_config_set_max_cert_chain_depth(struct s2n_config *config, uint16_t max_depth)
S2N_API int s2n_calculate_stacktrace(void)
S2N_API int s2n_connection_set_dynamic_record_threshold(struct s2n_connection *conn, uint32_t resize_threshold, uint16_t timeout_threshold)
S2N_API int s2n_connection_is_ocsp_stapled(struct s2n_connection *conn)
int(* s2n_early_data_cb)(struct s2n_connection *conn, struct s2n_offered_early_data *early_data)
Definition: s2n.h:3726
S2N_API int s2n_connection_get_session(struct s2n_connection *conn, uint8_t *session, size_t max_length)
S2N_API int s2n_get_fips_mode(s2n_fips_mode *fips_mode)
S2N_API int s2n_connection_set_recv_buffering(struct s2n_connection *conn, bool enabled)
S2N_API int s2n_connection_is_session_resumed(struct s2n_connection *conn)
S2N_API int s2n_connection_wipe(struct s2n_connection *conn)
S2N_API const char * s2n_get_application_protocol(struct s2n_connection *conn)
int(* s2n_mem_cleanup_callback)(void)
Definition: s2n.h:534
S2N_API int s2n_config_add_ticket_crypto_key(struct s2n_config *config, const uint8_t *name, uint32_t name_len, uint8_t *key, uint32_t key_len, uint64_t intro_time_in_seconds_from_epoch)
int(* s2n_rand_seed_callback)(void *data, uint32_t size)
Definition: s2n.h:579
S2N_API int s2n_client_hello_get_session_id(struct s2n_client_hello *ch, uint8_t *out, uint32_t *out_length, uint32_t max_length)
S2N_API ssize_t s2n_client_hello_get_extensions(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length)
S2N_API int s2n_connection_tls_exporter(struct s2n_connection *conn, const uint8_t *label, uint32_t label_length, const uint8_t *context, uint32_t context_length, uint8_t *output, uint32_t output_length)
s2n_ct_support_level
Definition: s2n.h:1151
S2N_API int s2n_async_pkey_op_perform(struct s2n_async_pkey_op *op, s2n_cert_private_key *key)
S2N_API int s2n_connection_get_peer_cert_chain(const struct s2n_connection *conn, struct s2n_cert_chain_and_key *cert_chain)
S2N_API int s2n_disable_atexit(void)
S2N_API int s2n_config_set_psk_selection_callback(struct s2n_config *config, s2n_psk_selection_callback cb, void *context)
S2N_API int s2n_error_get_type(int error)
S2N_API int s2n_shutdown_send(struct s2n_connection *conn, s2n_blocked_status *blocked)
S2N_API const char * s2n_connection_get_cipher(struct s2n_connection *conn)
s2n_async_pkey_op_type
Definition: s2n.h:3364
S2N_API int s2n_cert_chain_and_key_load_pem(struct s2n_cert_chain_and_key *chain_and_key, const char *chain_pem, const char *private_key_pem)
S2N_API int s2n_client_hello_get_legacy_protocol_version(struct s2n_client_hello *ch, uint8_t *out)
S2N_API unsigned long s2n_get_openssl_version(void)
#define S2N_API
Definition: s2n.h:29
S2N_API const char * s2n_connection_get_last_message_name(struct s2n_connection *conn)
S2N_API int s2n_rand_set_callbacks(s2n_rand_init_callback rand_init_callback, s2n_rand_cleanup_callback rand_cleanup_callback, s2n_rand_seed_callback rand_seed_callback, s2n_rand_mix_callback rand_mix_callback)
S2N_API int s2n_set_server_name(struct s2n_connection *conn, const char *server_name)
S2N_API int s2n_client_hello_cb_done(struct s2n_connection *conn)
S2N_API const char * s2n_connection_get_curve(struct s2n_connection *conn)
s2n_blocked_status
Definition: s2n.h:2167
S2N_API int s2n_config_wipe_trust_store(struct s2n_config *config)
S2N_API int s2n_cert_get_utf8_string_from_extension_data(const uint8_t *extension_data, uint32_t extension_len, uint8_t *out_data, uint32_t *out_len)
S2N_API int s2n_connection_release_buffers(struct s2n_connection *conn)
S2N_API int s2n_session_ticket_get_data(struct s2n_session_ticket *ticket, size_t max_data_len, uint8_t *data)
S2N_API int s2n_config_set_session_tickets_onoff(struct s2n_config *config, uint8_t enabled)
S2N_API int * s2n_errno_location(void)
S2N_API int s2n_session_ticket_get_data_len(struct s2n_session_ticket *ticket, size_t *data_len)
S2N_API int s2n_cert_chain_get_cert(const struct s2n_cert_chain_and_key *chain_and_key, struct s2n_cert **out_cert, const uint32_t cert_idx)
S2N_API int s2n_shutdown(struct s2n_connection *conn, s2n_blocked_status *blocked)
S2N_API int s2n_cert_get_der(const struct s2n_cert *cert, const uint8_t **out_cert_der, uint32_t *cert_length)
S2N_API int s2n_config_set_check_stapled_ocsp_response(struct s2n_config *config, uint8_t check_ocsp)