AWS s2n-tls v1.7.5-61e99178
s2n-tls is a C99 implementation of the TLS/SSL protocols that is designed to be simple, small, fast, and with security as a priority.
Loading...
Searching...
No Matches
s2n.h
Go to the documentation of this file.
1/*
2 * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License").
5 * You may not use this file except in compliance with the License.
6 * A copy of the License is located at
7 *
8 * http://aws.amazon.com/apache2.0
9 *
10 * or in the "license" file accompanying this file. This file is distributed
11 * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
12 * express or implied. See the License for the specific language governing
13 * permissions and limitations under the License.
14 */
15
22
23#pragma once
24
25#ifndef S2N_API
29 #define S2N_API
30#endif
31
32#ifdef __cplusplus
33extern "C" {
34#endif
35
36#include <stdbool.h>
37#include <stdint.h>
38#include <stdio.h>
39#include <sys/types.h>
40#ifndef _WIN32
41 #include <sys/uio.h>
42#else
43/* struct iovec equivalent for Windows */
44struct iovec {
45 void *iov_base;
46 size_t iov_len;
47};
48#endif
49
53#define S2N_SUCCESS 0
57#define S2N_FAILURE -1
58
62#define S2N_CALLBACK_BLOCKED -2
63
67#define S2N_MINIMUM_SUPPORTED_TLS_RECORD_MAJOR_VERSION 2
68
72#define S2N_MAXIMUM_SUPPORTED_TLS_RECORD_MAJOR_VERSION 3
73
77#define S2N_SSLv2 20
78
82#define S2N_SSLv3 30
83
87#define S2N_TLS10 31
88
92#define S2N_TLS11 32
93
97#define S2N_TLS12 33
98
102#define S2N_TLS13 34
103
107#define S2N_UNKNOWN_PROTOCOL_VERSION 0
108
126S2N_API extern __thread int s2n_errno;
127
134S2N_API extern int *s2n_errno_location(void);
135
168
179S2N_API extern int s2n_error_get_type(int error);
180
184struct s2n_config;
185
189struct s2n_connection;
190
206
220
227S2N_API extern unsigned long s2n_get_openssl_version(void);
228
237S2N_API extern int s2n_init(void);
238
246S2N_API extern int s2n_cleanup(void);
247
253S2N_API extern int s2n_cleanup_final(void);
254
258typedef enum {
259 S2N_FIPS_MODE_DISABLED = 0,
260 S2N_FIPS_MODE_ENABLED,
262
278
291S2N_API extern struct s2n_config *s2n_config_new(void);
292
306S2N_API extern struct s2n_config *s2n_config_new_minimal(void);
307
314S2N_API extern int s2n_config_free(struct s2n_config *config);
315
322S2N_API extern int s2n_config_free_dhparams(struct s2n_config *config);
323
330S2N_API extern int s2n_config_free_cert_chain_and_key(struct s2n_config *config);
331
337typedef int (*s2n_clock_time_nanoseconds)(void *, uint64_t *);
338
359typedef int (*s2n_cache_retrieve_callback)(struct s2n_connection *conn, void *, const void *key, uint64_t key_size, void *value, uint64_t *value_size);
360
374typedef int (*s2n_cache_store_callback)(struct s2n_connection *conn, void *, uint64_t ttl_in_seconds, const void *key, uint64_t key_size, const void *value, uint64_t value_size);
375
386typedef int (*s2n_cache_delete_callback)(struct s2n_connection *conn, void *, const void *key, uint64_t key_size);
387
400S2N_API extern int s2n_config_set_wall_clock(struct s2n_config *config, s2n_clock_time_nanoseconds clock_fn, void *ctx);
401
414S2N_API extern int s2n_config_set_monotonic_clock(struct s2n_config *config, s2n_clock_time_nanoseconds clock_fn, void *ctx);
415
423S2N_API extern const char *s2n_strerror(int error, const char *lang);
424
434S2N_API extern const char *s2n_strerror_debug(int error, const char *lang);
435
442S2N_API extern const char *s2n_strerror_name(int error);
443
450S2N_API extern const char *s2n_strerror_source(int error);
451
455struct s2n_stacktrace;
456
463
470S2N_API extern int s2n_stack_traces_enabled_set(bool newval);
471
478
486S2N_API extern int s2n_print_stacktrace(FILE *fptr);
487
494
501S2N_API extern int s2n_get_stacktrace(struct s2n_stacktrace *trace);
502
512S2N_API extern int s2n_config_set_cache_store_callback(struct s2n_config *config, s2n_cache_store_callback cache_store_callback, void *data);
513
523S2N_API extern int s2n_config_set_cache_retrieve_callback(struct s2n_config *config, s2n_cache_retrieve_callback cache_retrieve_callback, void *data);
524
534S2N_API extern int s2n_config_set_cache_delete_callback(struct s2n_config *config, s2n_cache_delete_callback cache_delete_callback, void *data);
535
539typedef int (*s2n_mem_init_callback)(void);
540
544typedef int (*s2n_mem_cleanup_callback)(void);
545
554typedef int (*s2n_mem_malloc_callback)(void **ptr, uint32_t requested, uint32_t *allocated);
555
559typedef int (*s2n_mem_free_callback)(void *ptr, uint32_t size);
560
572S2N_API extern int s2n_mem_set_callbacks(s2n_mem_init_callback mem_init_callback, s2n_mem_cleanup_callback mem_cleanup_callback,
573 s2n_mem_malloc_callback mem_malloc_callback, s2n_mem_free_callback mem_free_callback);
574
578typedef int (*s2n_rand_init_callback)(void);
579
583typedef int (*s2n_rand_cleanup_callback)(void);
584
588typedef int (*s2n_rand_seed_callback)(void *data, uint32_t size);
589
593typedef int (*s2n_rand_mix_callback)(void *data, uint32_t size);
594
608S2N_API extern int s2n_rand_set_callbacks(s2n_rand_init_callback rand_init_callback, s2n_rand_cleanup_callback rand_cleanup_callback,
609 s2n_rand_seed_callback rand_seed_callback, s2n_rand_mix_callback rand_mix_callback);
610
614typedef enum {
615 S2N_EXTENSION_SERVER_NAME = 0,
616 S2N_EXTENSION_MAX_FRAG_LEN = 1,
617 S2N_EXTENSION_OCSP_STAPLING = 5,
618 S2N_EXTENSION_SUPPORTED_GROUPS = 10,
619 S2N_EXTENSION_EC_POINT_FORMATS = 11,
620 S2N_EXTENSION_SIGNATURE_ALGORITHMS = 13,
621 S2N_EXTENSION_ALPN = 16,
622 S2N_EXTENSION_CERTIFICATE_TRANSPARENCY = 18,
623 S2N_EXTENSION_SUPPORTED_VERSIONS = 43,
624 S2N_EXTENSION_RENEGOTIATION_INFO = 65281,
626
630typedef enum {
631 S2N_TLS_MAX_FRAG_LEN_512 = 1,
632 S2N_TLS_MAX_FRAG_LEN_1024 = 2,
633 S2N_TLS_MAX_FRAG_LEN_2048 = 3,
634 S2N_TLS_MAX_FRAG_LEN_4096 = 4,
636
640struct s2n_cert;
641
645struct s2n_cert_chain_and_key;
646
650struct s2n_pkey;
651
655typedef struct s2n_pkey s2n_cert_public_key;
656
660typedef struct s2n_pkey s2n_cert_private_key;
661
668S2N_API extern struct s2n_cert_chain_and_key *s2n_cert_chain_and_key_new(void);
669
685S2N_API extern int s2n_cert_chain_and_key_load_pem(struct s2n_cert_chain_and_key *chain_and_key, const char *chain_pem, const char *private_key_pem);
686
702S2N_API extern int s2n_cert_chain_and_key_load_pem_bytes(struct s2n_cert_chain_and_key *chain_and_key, uint8_t *chain_pem, uint32_t chain_pem_len, uint8_t *private_key_pem, uint32_t private_key_pem_len);
703
715S2N_API extern int s2n_cert_chain_and_key_load_public_pem_bytes(struct s2n_cert_chain_and_key *chain_and_key, uint8_t *chain_pem, uint32_t chain_pem_len);
716
723S2N_API extern int s2n_cert_chain_and_key_free(struct s2n_cert_chain_and_key *cert_and_key);
724
732S2N_API extern int s2n_cert_chain_and_key_set_ctx(struct s2n_cert_chain_and_key *cert_and_key, void *ctx);
733
740S2N_API extern void *s2n_cert_chain_and_key_get_ctx(struct s2n_cert_chain_and_key *cert_and_key);
741
748S2N_API extern s2n_cert_private_key *s2n_cert_chain_and_key_get_private_key(struct s2n_cert_chain_and_key *cert_and_key);
749
758S2N_API extern int s2n_cert_chain_and_key_set_ocsp_data(struct s2n_cert_chain_and_key *chain_and_key, const uint8_t *data, uint32_t length);
759
769S2N_API extern int s2n_cert_chain_and_key_set_sct_list(struct s2n_cert_chain_and_key *chain_and_key, const uint8_t *data, uint32_t length);
770
783typedef struct s2n_cert_chain_and_key *(*s2n_cert_tiebreak_callback)(struct s2n_cert_chain_and_key *cert1, struct s2n_cert_chain_and_key *cert2, uint8_t *name, uint32_t name_len);
784
794S2N_API extern int s2n_config_set_cert_tiebreak_callback(struct s2n_config *config, s2n_cert_tiebreak_callback cert_tiebreak_cb);
795
810S2N_API extern int s2n_config_add_cert_chain_and_key(struct s2n_config *config, const char *cert_chain_pem, const char *private_key_pem);
811
829S2N_API extern int s2n_config_add_cert_chain_and_key_to_store(struct s2n_config *config, struct s2n_cert_chain_and_key *cert_key_pair);
830
850S2N_API extern int s2n_config_set_cert_chain_and_key_defaults(struct s2n_config *config,
851 struct s2n_cert_chain_and_key **cert_key_pairs, uint32_t num_cert_key_pairs);
852
877S2N_API extern int s2n_config_set_verification_ca_location(struct s2n_config *config, const char *ca_pem_filename, const char *ca_dir);
878
898S2N_API extern int s2n_config_add_pem_to_trust_store(struct s2n_config *config, const char *pem);
899
911S2N_API extern int s2n_config_wipe_trust_store(struct s2n_config *config);
912
926S2N_API extern int s2n_config_load_system_certs(struct s2n_config *config);
927
931typedef enum {
932 S2N_VERIFY_AFTER_SIGN_DISABLED,
933 S2N_VERIFY_AFTER_SIGN_ENABLED
935
948S2N_API extern int s2n_config_set_verify_after_sign(struct s2n_config *config, s2n_verify_after_sign mode);
949
972S2N_API extern int s2n_config_set_send_buffer_size(struct s2n_config *config, uint32_t size);
973
991S2N_API extern int s2n_config_set_recv_multi_record(struct s2n_config *config, bool enabled);
992
1007typedef uint8_t (*s2n_verify_host_fn)(const char *host_name, size_t host_name_len, void *data);
1008
1023S2N_API extern int s2n_config_set_verify_host_callback(struct s2n_config *config, s2n_verify_host_fn, void *data);
1024
1037S2N_API extern int s2n_config_set_check_stapled_ocsp_response(struct s2n_config *config, uint8_t check_ocsp);
1038
1061S2N_API extern int s2n_config_disable_x509_time_verification(struct s2n_config *config);
1062
1085S2N_API extern int s2n_config_disable_x509_intent_verification(struct s2n_config *config);
1086
1094S2N_API extern int s2n_config_disable_x509_verification(struct s2n_config *config);
1095
1106S2N_API extern int s2n_config_set_max_cert_chain_depth(struct s2n_config *config, uint16_t max_depth);
1107
1116S2N_API extern int s2n_config_add_dhparams(struct s2n_config *config, const char *dhparams_pem);
1117
1124S2N_API extern int s2n_config_set_cipher_preferences(struct s2n_config *config, const char *version);
1125
1135S2N_API extern int s2n_config_append_protocol_preference(struct s2n_config *config, const uint8_t *protocol, uint8_t protocol_len);
1136
1154S2N_API extern int s2n_config_set_protocol_preferences(struct s2n_config *config, const char *const *protocols, int protocol_count);
1155
1161typedef enum {
1162 S2N_STATUS_REQUEST_NONE = 0,
1163 S2N_STATUS_REQUEST_OCSP = 1
1165
1181S2N_API extern int s2n_config_set_status_request_type(struct s2n_config *config, s2n_status_request_type type);
1182
1186typedef enum {
1187 S2N_CT_SUPPORT_NONE = 0,
1188 S2N_CT_SUPPORT_REQUEST = 1
1190
1198S2N_API extern int s2n_config_set_ct_support_level(struct s2n_config *config, s2n_ct_support_level level);
1199
1210typedef enum {
1211 S2N_ALERT_FAIL_ON_WARNINGS = 0,
1212 S2N_ALERT_IGNORE_WARNINGS = 1
1214
1222S2N_API extern int s2n_config_set_alert_behavior(struct s2n_config *config, s2n_alert_behavior alert_behavior);
1223
1237S2N_API extern int s2n_config_set_extension_data(struct s2n_config *config, s2n_tls_extension_type type, const uint8_t *data, uint32_t length);
1238
1252S2N_API extern int s2n_config_send_max_fragment_length(struct s2n_config *config, s2n_max_frag_len mfl_code);
1253
1264S2N_API extern int s2n_config_accept_max_fragment_length(struct s2n_config *config);
1265
1273S2N_API extern int s2n_config_set_session_state_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs);
1274
1282S2N_API extern int s2n_config_set_session_tickets_onoff(struct s2n_config *config, uint8_t enabled);
1283
1294S2N_API extern int s2n_config_set_session_cache_onoff(struct s2n_config *config, uint8_t enabled);
1295
1305S2N_API extern int s2n_config_set_ticket_encrypt_decrypt_key_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs);
1306
1317S2N_API extern int s2n_config_set_ticket_decrypt_key_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs);
1318
1332S2N_API extern int s2n_config_add_ticket_crypto_key(struct s2n_config *config, const uint8_t *name, uint32_t name_len,
1333 uint8_t *key, uint32_t key_len, uint64_t intro_time_in_seconds_from_epoch);
1334
1348S2N_API extern int s2n_config_require_ticket_forward_secrecy(struct s2n_config *config, bool enabled);
1349
1357S2N_API extern int s2n_config_set_ctx(struct s2n_config *config, void *ctx);
1358
1367S2N_API extern int s2n_config_get_ctx(struct s2n_config *config, void **ctx);
1368
1372typedef enum {
1373 S2N_SERVER,
1374 S2N_CLIENT
1375} s2n_mode;
1376
1393S2N_API extern struct s2n_connection *s2n_connection_new(s2n_mode mode);
1394
1402S2N_API extern int s2n_connection_set_config(struct s2n_connection *conn, struct s2n_config *config);
1403
1411S2N_API extern int s2n_connection_set_ctx(struct s2n_connection *conn, void *ctx);
1412
1418S2N_API extern void *s2n_connection_get_ctx(struct s2n_connection *conn);
1419
1426typedef int s2n_client_hello_fn(struct s2n_connection *conn, void *ctx);
1427
1435typedef enum {
1436 S2N_CLIENT_HELLO_CB_BLOCKING,
1437 S2N_CLIENT_HELLO_CB_NONBLOCKING
1439
1448S2N_API extern int s2n_config_set_client_hello_cb(struct s2n_config *config, s2n_client_hello_fn client_hello_callback, void *ctx);
1449
1459S2N_API extern int s2n_config_set_client_hello_cb_mode(struct s2n_config *config, s2n_client_hello_cb_mode cb_mode);
1460
1468S2N_API extern int s2n_client_hello_cb_done(struct s2n_connection *conn);
1469
1477S2N_API extern int s2n_connection_server_name_extension_used(struct s2n_connection *conn);
1478
1482struct s2n_client_hello;
1483
1493S2N_API extern struct s2n_client_hello *s2n_connection_get_client_hello(struct s2n_connection *conn);
1494
1510S2N_API extern struct s2n_client_hello *s2n_client_hello_parse_message(const uint8_t *bytes, uint32_t size);
1511
1522S2N_API extern int s2n_client_hello_free(struct s2n_client_hello **ch);
1523
1533S2N_API extern ssize_t s2n_client_hello_get_raw_message_length(struct s2n_client_hello *ch);
1534
1554S2N_API extern ssize_t s2n_client_hello_get_raw_message(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length);
1555
1563S2N_API extern ssize_t s2n_client_hello_get_cipher_suites_length(struct s2n_client_hello *ch);
1564
1578S2N_API extern ssize_t s2n_client_hello_get_cipher_suites(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length);
1579
1587S2N_API extern ssize_t s2n_client_hello_get_extensions_length(struct s2n_client_hello *ch);
1588
1597S2N_API extern ssize_t s2n_client_hello_get_extensions(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length);
1598
1607S2N_API extern ssize_t s2n_client_hello_get_extension_length(struct s2n_client_hello *ch, s2n_tls_extension_type extension_type);
1608
1620S2N_API extern ssize_t s2n_client_hello_get_extension_by_id(struct s2n_client_hello *ch, s2n_tls_extension_type extension_type, uint8_t *out, uint32_t max_length);
1621
1631S2N_API extern int s2n_client_hello_has_extension(struct s2n_client_hello *ch, uint16_t extension_iana, bool *exists);
1632
1642S2N_API extern int s2n_client_hello_get_session_id_length(struct s2n_client_hello *ch, uint32_t *out_length);
1643
1659S2N_API extern int s2n_client_hello_get_session_id(struct s2n_client_hello *ch, uint8_t *out, uint32_t *out_length, uint32_t max_length);
1660
1668S2N_API extern int s2n_client_hello_get_compression_methods_length(struct s2n_client_hello *ch, uint32_t *out_length);
1669
1688S2N_API extern int s2n_client_hello_get_compression_methods(struct s2n_client_hello *ch, uint8_t *list, uint32_t list_length, uint32_t *out_length);
1689
1700S2N_API extern int s2n_client_hello_get_legacy_protocol_version(struct s2n_client_hello *ch, uint8_t *out);
1701
1716S2N_API extern int s2n_client_hello_get_random(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length);
1717
1740S2N_API extern int s2n_client_hello_get_supported_groups(struct s2n_client_hello *ch, uint16_t *groups,
1741 uint16_t groups_count_max, uint16_t *groups_count);
1742
1749S2N_API extern int s2n_client_hello_get_server_name_length(struct s2n_client_hello *ch, uint16_t *length);
1750
1761S2N_API extern int s2n_client_hello_get_server_name(struct s2n_client_hello *ch, uint8_t *server_name, uint16_t length, uint16_t *out_length);
1762
1774S2N_API extern int s2n_connection_set_fd(struct s2n_connection *conn, int fd);
1775
1787S2N_API extern int s2n_connection_set_read_fd(struct s2n_connection *conn, int readfd);
1788
1797S2N_API extern int s2n_connection_set_write_fd(struct s2n_connection *conn, int writefd);
1798
1806S2N_API extern int s2n_connection_get_read_fd(struct s2n_connection *conn, int *readfd);
1807
1815S2N_API extern int s2n_connection_get_write_fd(struct s2n_connection *conn, int *writefd);
1816
1825S2N_API extern int s2n_connection_use_corked_io(struct s2n_connection *conn);
1826
1830typedef int s2n_recv_fn(void *io_context, uint8_t *buf, uint32_t len);
1831
1835typedef int s2n_send_fn(void *io_context, const uint8_t *buf, uint32_t len);
1836
1847S2N_API extern int s2n_connection_set_recv_ctx(struct s2n_connection *conn, void *ctx);
1848
1859S2N_API extern int s2n_connection_set_send_ctx(struct s2n_connection *conn, void *ctx);
1860
1872S2N_API extern int s2n_connection_set_recv_cb(struct s2n_connection *conn, s2n_recv_fn recv);
1873
1885S2N_API extern int s2n_connection_set_send_cb(struct s2n_connection *conn, s2n_send_fn send);
1886
1896S2N_API extern int s2n_connection_prefer_throughput(struct s2n_connection *conn);
1897
1907S2N_API extern int s2n_connection_prefer_low_latency(struct s2n_connection *conn);
1908
1968S2N_API extern int s2n_connection_set_recv_buffering(struct s2n_connection *conn, bool enabled);
1969
2013S2N_API extern uint32_t s2n_peek_buffered(struct s2n_connection *conn);
2014
2026S2N_API extern int s2n_connection_set_dynamic_buffers(struct s2n_connection *conn, bool enabled);
2027
2044S2N_API extern int s2n_connection_set_dynamic_record_threshold(struct s2n_connection *conn, uint32_t resize_threshold, uint16_t timeout_threshold);
2045
2059S2N_API extern int s2n_connection_set_verify_host_callback(struct s2n_connection *conn, s2n_verify_host_fn host_fn, void *data);
2060
2074typedef enum {
2075 S2N_BUILT_IN_BLINDING,
2076 S2N_SELF_SERVICE_BLINDING
2077} s2n_blinding;
2078
2087S2N_API extern int s2n_connection_set_blinding(struct s2n_connection *conn, s2n_blinding blinding);
2088
2094S2N_API extern uint64_t s2n_connection_get_delay(struct s2n_connection *conn);
2095
2122S2N_API extern int s2n_config_set_max_blinding_delay(struct s2n_config *config, uint32_t seconds);
2123
2132S2N_API extern int s2n_connection_set_cipher_preferences(struct s2n_connection *conn, const char *version);
2133
2138typedef enum {
2139 S2N_KEY_UPDATE_NOT_REQUESTED = 0,
2140 S2N_KEY_UPDATE_REQUESTED
2142
2157S2N_API extern int s2n_connection_request_key_update(struct s2n_connection *conn, s2n_peer_key_update peer_request);
2168S2N_API extern int s2n_connection_append_protocol_preference(struct s2n_connection *conn, const uint8_t *protocol, uint8_t protocol_len);
2169
2179S2N_API extern int s2n_connection_set_protocol_preferences(struct s2n_connection *conn, const char *const *protocols, int protocol_count);
2180
2200S2N_API extern int s2n_set_server_name(struct s2n_connection *conn, const char *server_name);
2201
2211S2N_API extern const char *s2n_get_server_name(struct s2n_connection *conn);
2212
2219S2N_API extern const char *s2n_get_application_protocol(struct s2n_connection *conn);
2220
2228S2N_API extern const uint8_t *s2n_connection_get_ocsp_response(struct s2n_connection *conn, uint32_t *length);
2229
2237S2N_API extern const uint8_t *s2n_connection_get_sct_list(struct s2n_connection *conn, uint32_t *length);
2238
2244typedef enum {
2245 S2N_NOT_BLOCKED = 0,
2246 S2N_BLOCKED_ON_READ,
2247 S2N_BLOCKED_ON_WRITE,
2248 S2N_BLOCKED_ON_APPLICATION_INPUT,
2249 S2N_BLOCKED_ON_EARLY_DATA,
2251
2267S2N_API extern int s2n_negotiate(struct s2n_connection *conn, s2n_blocked_status *blocked);
2268
2286S2N_API extern ssize_t s2n_send(struct s2n_connection *conn, const void *buf, ssize_t size, s2n_blocked_status *blocked);
2287
2288#ifndef _WIN32
2300S2N_API extern ssize_t s2n_sendv(struct s2n_connection *conn, const struct iovec *bufs, ssize_t count, s2n_blocked_status *blocked);
2301
2320S2N_API extern ssize_t s2n_sendv_with_offset(struct s2n_connection *conn, const struct iovec *bufs, ssize_t count, ssize_t offs, s2n_blocked_status *blocked);
2321#endif
2322
2338S2N_API extern ssize_t s2n_recv(struct s2n_connection *conn, void *buf, ssize_t size, s2n_blocked_status *blocked);
2339
2351S2N_API extern uint32_t s2n_peek(struct s2n_connection *conn);
2352
2361S2N_API extern int s2n_connection_free_handshake(struct s2n_connection *conn);
2362
2372S2N_API extern int s2n_connection_release_buffers(struct s2n_connection *conn);
2373
2384S2N_API extern int s2n_connection_wipe(struct s2n_connection *conn);
2385
2395S2N_API extern int s2n_connection_free(struct s2n_connection *conn);
2396
2412S2N_API extern int s2n_shutdown(struct s2n_connection *conn, s2n_blocked_status *blocked);
2413
2440S2N_API extern int s2n_shutdown_send(struct s2n_connection *conn, s2n_blocked_status *blocked);
2441
2462typedef enum {
2463 S2N_CERT_AUTH_NONE,
2464 S2N_CERT_AUTH_REQUIRED,
2465 S2N_CERT_AUTH_OPTIONAL
2467
2475S2N_API extern int s2n_config_get_client_auth_type(struct s2n_config *config, s2n_cert_auth_type *client_auth_type);
2476
2487S2N_API extern int s2n_config_set_client_auth_type(struct s2n_config *config, s2n_cert_auth_type client_auth_type);
2488
2496S2N_API extern int s2n_connection_get_client_auth_type(struct s2n_connection *conn, s2n_cert_auth_type *client_auth_type);
2497
2508S2N_API extern int s2n_connection_set_client_auth_type(struct s2n_connection *conn, s2n_cert_auth_type client_auth_type);
2509
2525S2N_API extern int s2n_connection_get_client_cert_chain(struct s2n_connection *conn, uint8_t **der_cert_chain_out, uint32_t *cert_chain_len);
2526
2534S2N_API extern int s2n_config_set_initial_ticket_count(struct s2n_config *config, uint8_t num);
2535
2543S2N_API extern int s2n_connection_add_new_tickets_to_send(struct s2n_connection *conn, uint8_t num);
2544
2557S2N_API extern int s2n_connection_get_tickets_sent(struct s2n_connection *conn, uint16_t *num);
2558
2567S2N_API extern int s2n_connection_set_server_keying_material_lifetime(struct s2n_connection *conn, uint32_t lifetime_in_secs);
2568
2569struct s2n_session_ticket;
2570
2585typedef int (*s2n_session_ticket_fn)(struct s2n_connection *conn, void *ctx, struct s2n_session_ticket *ticket);
2586
2599S2N_API extern int s2n_config_set_session_ticket_cb(struct s2n_config *config, s2n_session_ticket_fn callback, void *ctx);
2600
2607S2N_API extern int s2n_session_ticket_get_data_len(struct s2n_session_ticket *ticket, size_t *data_len);
2608
2620S2N_API extern int s2n_session_ticket_get_data(struct s2n_session_ticket *ticket, size_t max_data_len, uint8_t *data);
2621
2628S2N_API extern int s2n_session_ticket_get_lifetime(struct s2n_session_ticket *ticket, uint32_t *session_lifetime);
2629
2642S2N_API extern int s2n_connection_set_session(struct s2n_connection *conn, const uint8_t *session, size_t length);
2643
2657S2N_API extern int s2n_connection_get_session(struct s2n_connection *conn, uint8_t *session, size_t max_length);
2658
2670S2N_API extern int s2n_connection_get_session_ticket_lifetime_hint(struct s2n_connection *conn);
2671
2679S2N_API extern int s2n_connection_get_session_length(struct s2n_connection *conn);
2680
2690S2N_API extern int s2n_connection_get_session_id_length(struct s2n_connection *conn);
2691
2705S2N_API extern int s2n_connection_get_session_id(struct s2n_connection *conn, uint8_t *session_id, size_t max_length);
2706
2714S2N_API extern int s2n_connection_is_session_resumed(struct s2n_connection *conn);
2715
2723S2N_API extern int s2n_connection_is_ocsp_stapled(struct s2n_connection *conn);
2724
2729typedef enum {
2730 S2N_TLS_SIGNATURE_ANONYMOUS = 0,
2731 S2N_TLS_SIGNATURE_RSA = 1,
2732 S2N_TLS_SIGNATURE_ECDSA = 3,
2733 S2N_TLS_SIGNATURE_MLDSA = 9,
2734
2735 /* Use Private Range for RSA PSS since it's not defined there */
2736 S2N_TLS_SIGNATURE_RSA_PSS_RSAE = 224,
2737 S2N_TLS_SIGNATURE_RSA_PSS_PSS
2739
2743typedef enum {
2744 S2N_TLS_HASH_NONE = 0,
2745 S2N_TLS_HASH_MD5 = 1,
2746 S2N_TLS_HASH_SHA1 = 2,
2747 S2N_TLS_HASH_SHA224 = 3,
2748 S2N_TLS_HASH_SHA256 = 4,
2749 S2N_TLS_HASH_SHA384 = 5,
2750 S2N_TLS_HASH_SHA512 = 6,
2751
2752 /* Use Private Range for MD5_SHA1 */
2753 S2N_TLS_HASH_MD5_SHA1 = 224
2755
2765
2774S2N_API extern int s2n_connection_get_selected_digest_algorithm(struct s2n_connection *conn, s2n_tls_hash_algorithm *chosen_alg);
2775
2785
2795
2832S2N_API extern int s2n_connection_get_signature_scheme(struct s2n_connection *conn, const char **scheme_name);
2833
2847S2N_API extern struct s2n_cert_chain_and_key *s2n_connection_get_selected_cert(struct s2n_connection *conn);
2848
2854S2N_API extern int s2n_cert_chain_get_length(const struct s2n_cert_chain_and_key *chain_and_key, uint32_t *cert_length);
2855
2874S2N_API extern int s2n_cert_chain_get_cert(const struct s2n_cert_chain_and_key *chain_and_key, struct s2n_cert **out_cert, const uint32_t cert_idx);
2875
2901S2N_API extern int s2n_cert_get_der(const struct s2n_cert *cert, const uint8_t **out_cert_der, uint32_t *cert_length);
2902
2913S2N_API extern int s2n_connection_get_peer_cert_chain(const struct s2n_connection *conn, struct s2n_cert_chain_and_key *cert_chain);
2914
2922S2N_API extern int s2n_cert_get_x509_extension_value_length(struct s2n_cert *cert, const uint8_t *oid, uint32_t *ext_value_len);
2923
2935S2N_API extern int s2n_cert_get_x509_extension_value(struct s2n_cert *cert, const uint8_t *oid, uint8_t *ext_value, uint32_t *ext_value_len, bool *critical);
2936
2944S2N_API extern int s2n_cert_get_utf8_string_from_extension_data_length(const uint8_t *extension_data, uint32_t extension_len, uint32_t *utf8_str_len);
2945
2957S2N_API extern int s2n_cert_get_utf8_string_from_extension_data(const uint8_t *extension_data, uint32_t extension_len, uint8_t *out_data, uint32_t *out_len);
2958
2962typedef enum {
2963 S2N_PSK_HMAC_SHA256,
2964 S2N_PSK_HMAC_SHA384,
2965} s2n_psk_hmac;
2966
2970struct s2n_psk;
2971
2980S2N_API struct s2n_psk *s2n_external_psk_new(void);
2981
2987S2N_API int s2n_psk_free(struct s2n_psk **psk);
2988
3006S2N_API int s2n_psk_set_identity(struct s2n_psk *psk, const uint8_t *identity, uint16_t identity_size);
3007
3024S2N_API int s2n_psk_set_secret(struct s2n_psk *psk, const uint8_t *secret, uint16_t secret_size);
3025
3033S2N_API int s2n_psk_set_hmac(struct s2n_psk *psk, s2n_psk_hmac hmac);
3034
3044S2N_API int s2n_connection_append_psk(struct s2n_connection *conn, struct s2n_psk *psk);
3045
3052typedef enum {
3053 S2N_PSK_MODE_RESUMPTION,
3054 S2N_PSK_MODE_EXTERNAL
3055} s2n_psk_mode;
3056
3064S2N_API int s2n_config_set_psk_mode(struct s2n_config *config, s2n_psk_mode mode);
3065
3074S2N_API int s2n_connection_set_psk_mode(struct s2n_connection *conn, s2n_psk_mode mode);
3075
3087S2N_API int s2n_connection_get_negotiated_psk_identity_length(struct s2n_connection *conn, uint16_t *identity_length);
3088
3105S2N_API int s2n_connection_get_negotiated_psk_identity(struct s2n_connection *conn, uint8_t *identity, uint16_t max_identity_length);
3106
3107struct s2n_offered_psk;
3108
3119S2N_API struct s2n_offered_psk *s2n_offered_psk_new(void);
3120
3126S2N_API int s2n_offered_psk_free(struct s2n_offered_psk **psk);
3127
3135S2N_API int s2n_offered_psk_get_identity(struct s2n_offered_psk *psk, uint8_t **identity, uint16_t *size);
3136
3137struct s2n_offered_psk_list;
3138
3151S2N_API bool s2n_offered_psk_list_has_next(struct s2n_offered_psk_list *psk_list);
3152
3160S2N_API int s2n_offered_psk_list_next(struct s2n_offered_psk_list *psk_list, struct s2n_offered_psk *psk);
3161
3170S2N_API int s2n_offered_psk_list_reread(struct s2n_offered_psk_list *psk_list);
3171
3183S2N_API int s2n_offered_psk_list_choose_psk(struct s2n_offered_psk_list *psk_list, struct s2n_offered_psk *psk);
3184
3199typedef int (*s2n_psk_selection_callback)(struct s2n_connection *conn, void *context,
3200 struct s2n_offered_psk_list *psk_list);
3201
3211S2N_API int s2n_config_set_psk_selection_callback(struct s2n_config *config, s2n_psk_selection_callback cb, void *context);
3212
3219S2N_API extern uint64_t s2n_connection_get_wire_bytes_in(struct s2n_connection *conn);
3220
3227S2N_API extern uint64_t s2n_connection_get_wire_bytes_out(struct s2n_connection *conn);
3228
3238S2N_API extern int s2n_connection_get_client_protocol_version(struct s2n_connection *conn);
3239
3249S2N_API extern int s2n_connection_get_server_protocol_version(struct s2n_connection *conn);
3250
3260S2N_API extern int s2n_connection_get_actual_protocol_version(struct s2n_connection *conn);
3261
3271S2N_API extern int s2n_connection_get_client_hello_version(struct s2n_connection *conn);
3272
3284S2N_API extern int s2n_client_hello_get_legacy_record_version(struct s2n_client_hello *ch, uint8_t *out);
3285
3293S2N_API extern int s2n_connection_client_cert_used(struct s2n_connection *conn);
3294
3308S2N_API extern const char *s2n_connection_get_cipher(struct s2n_connection *conn);
3309
3321typedef enum {
3322 S2N_SNI_NONE = 1,
3323 S2N_SNI_EXACT_MATCH,
3324 S2N_SNI_WILDCARD_MATCH,
3325 S2N_SNI_NO_MATCH,
3327
3340S2N_API extern int s2n_connection_get_certificate_match(struct s2n_connection *conn, s2n_cert_sni_match *match_status);
3341
3371S2N_API extern int s2n_connection_get_master_secret(const struct s2n_connection *conn,
3372 uint8_t *secret_bytes, size_t max_size);
3373
3390S2N_API extern int s2n_connection_tls_exporter(struct s2n_connection *conn,
3391 const uint8_t *label, uint32_t label_length, const uint8_t *context, uint32_t context_length,
3392 uint8_t *output, uint32_t output_length);
3393
3409S2N_API extern int s2n_connection_get_cipher_iana_value(struct s2n_connection *conn, uint8_t *first, uint8_t *second);
3410
3418S2N_API extern int s2n_connection_is_valid_for_cipher_preferences(struct s2n_connection *conn, const char *version);
3419
3428S2N_API extern const char *s2n_connection_get_curve(struct s2n_connection *conn);
3429
3440S2N_API extern const char *s2n_connection_get_kem_name(struct s2n_connection *conn);
3441
3452S2N_API extern const char *s2n_connection_get_kem_group_name(struct s2n_connection *conn);
3453
3466S2N_API extern int s2n_connection_get_key_exchange_group(struct s2n_connection *conn, const char **group_name);
3467
3475S2N_API extern int s2n_connection_get_alert(struct s2n_connection *conn);
3476
3483S2N_API extern const char *s2n_connection_get_handshake_type_name(struct s2n_connection *conn);
3484
3490S2N_API extern const char *s2n_connection_get_last_message_name(struct s2n_connection *conn);
3491
3495struct s2n_async_pkey_op;
3496
3505typedef enum {
3506 S2N_ASYNC_PKEY_VALIDATION_FAST,
3507 S2N_ASYNC_PKEY_VALIDATION_STRICT
3509
3513typedef enum {
3514 S2N_ASYNC_DECRYPT,
3515 S2N_ASYNC_SIGN
3517
3530typedef int (*s2n_async_pkey_fn)(struct s2n_connection *conn, struct s2n_async_pkey_op *op);
3531
3538S2N_API extern int s2n_config_set_async_pkey_callback(struct s2n_config *config, s2n_async_pkey_fn fn);
3539
3552S2N_API extern int s2n_async_pkey_op_perform(struct s2n_async_pkey_op *op, s2n_cert_private_key *key);
3553
3567S2N_API extern int s2n_async_pkey_op_apply(struct s2n_async_pkey_op *op, struct s2n_connection *conn);
3568
3578S2N_API extern int s2n_async_pkey_op_free(struct s2n_async_pkey_op *op);
3579
3588
3595S2N_API extern int s2n_async_pkey_op_get_op_type(struct s2n_async_pkey_op *op, s2n_async_pkey_op_type *type);
3596
3603S2N_API extern int s2n_async_pkey_op_get_input_size(struct s2n_async_pkey_op *op, uint32_t *data_len);
3604
3624S2N_API extern int s2n_async_pkey_op_get_input(struct s2n_async_pkey_op *op, uint8_t *data, uint32_t data_len);
3625
3637S2N_API extern int s2n_async_pkey_op_set_output(struct s2n_async_pkey_op *op, const uint8_t *data, uint32_t data_len);
3638
3658typedef int (*s2n_key_log_fn)(void *ctx, struct s2n_connection *conn, uint8_t *logline, size_t len);
3659
3677S2N_API extern int s2n_config_set_key_log_cb(struct s2n_config *config, s2n_key_log_fn callback, void *ctx);
3678
3685S2N_API extern int s2n_config_enable_cert_req_dss_legacy_compat(struct s2n_config *config);
3686
3697S2N_API int s2n_config_set_server_max_early_data_size(struct s2n_config *config, uint32_t max_early_data_size);
3698
3709S2N_API int s2n_connection_set_server_max_early_data_size(struct s2n_connection *conn, uint32_t max_early_data_size);
3710
3726S2N_API int s2n_connection_set_server_early_data_context(struct s2n_connection *conn, const uint8_t *context, uint16_t context_size);
3727
3743S2N_API int s2n_psk_configure_early_data(struct s2n_psk *psk, uint32_t max_early_data_size,
3744 uint8_t cipher_suite_first_byte, uint8_t cipher_suite_second_byte);
3745
3757S2N_API int s2n_psk_set_application_protocol(struct s2n_psk *psk, const uint8_t *application_protocol, uint8_t size);
3758
3770S2N_API int s2n_psk_set_early_data_context(struct s2n_psk *psk, const uint8_t *context, uint16_t size);
3771
3781typedef enum {
3782 S2N_EARLY_DATA_STATUS_OK,
3783 S2N_EARLY_DATA_STATUS_NOT_REQUESTED,
3784 S2N_EARLY_DATA_STATUS_REJECTED,
3785 S2N_EARLY_DATA_STATUS_END,
3787
3798
3810S2N_API int s2n_connection_get_remaining_early_data_size(struct s2n_connection *conn, uint32_t *allowed_early_data_size);
3811
3823S2N_API int s2n_connection_get_max_early_data_size(struct s2n_connection *conn, uint32_t *max_early_data_size);
3824
3839S2N_API int s2n_send_early_data(struct s2n_connection *conn, const uint8_t *data, ssize_t data_len,
3840 ssize_t *data_sent, s2n_blocked_status *blocked);
3841
3856S2N_API int s2n_recv_early_data(struct s2n_connection *conn, uint8_t *data, ssize_t max_data_len,
3857 ssize_t *data_received, s2n_blocked_status *blocked);
3858
3859struct s2n_offered_early_data;
3860
3878typedef int (*s2n_early_data_cb)(struct s2n_connection *conn, struct s2n_offered_early_data *early_data);
3879
3887S2N_API int s2n_config_set_early_data_cb(struct s2n_config *config, s2n_early_data_cb cb);
3888
3896S2N_API int s2n_offered_early_data_get_context_length(struct s2n_offered_early_data *early_data, uint16_t *context_len);
3897
3906S2N_API int s2n_offered_early_data_get_context(struct s2n_offered_early_data *early_data, uint8_t *context, uint16_t max_len);
3907
3914S2N_API int s2n_offered_early_data_reject(struct s2n_offered_early_data *early_data);
3915
3922S2N_API int s2n_offered_early_data_accept(struct s2n_offered_early_data *early_data);
3923
3949S2N_API int s2n_config_get_supported_groups(struct s2n_config *config, uint16_t *groups, uint16_t groups_count_max,
3950 uint16_t *groups_count);
3951
3955typedef enum {
3956 S2N_SERIALIZED_CONN_NONE = 0,
3957 S2N_SERIALIZED_CONN_V1 = 1
3959
3973
3985S2N_API int s2n_connection_serialization_length(struct s2n_connection *conn, uint32_t *length);
3986
4023S2N_API int s2n_connection_serialize(struct s2n_connection *conn, uint8_t *buffer, uint32_t buffer_length);
4024
4048S2N_API int s2n_connection_deserialize(struct s2n_connection *conn, uint8_t *buffer, uint32_t buffer_length);
4049
4071
4075S2N_API s2n_mode s2n_connection_get_mode(struct s2n_connection *conn);
4076
4077#ifdef __cplusplus
4078}
4079#endif
S2N_API s2n_mode s2n_connection_get_mode(struct s2n_connection *conn)
S2N_API int s2n_config_set_session_state_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs)
S2N_API int s2n_connection_append_psk(struct s2n_connection *conn, struct s2n_psk *psk)
S2N_API int s2n_async_pkey_op_get_input(struct s2n_async_pkey_op *op, uint8_t *data, uint32_t data_len)
struct s2n_cert_chain_and_key *(* s2n_cert_tiebreak_callback)(struct s2n_cert_chain_and_key *cert1, struct s2n_cert_chain_and_key *cert2, uint8_t *name, uint32_t name_len)
Definition s2n.h:783
int s2n_client_hello_fn(struct s2n_connection *conn, void *ctx)
Definition s2n.h:1426
S2N_API int s2n_psk_set_early_data_context(struct s2n_psk *psk, const uint8_t *context, uint16_t size)
S2N_API int s2n_offered_early_data_get_context(struct s2n_offered_early_data *early_data, uint8_t *context, uint16_t max_len)
S2N_API int s2n_config_set_verify_host_callback(struct s2n_config *config, s2n_verify_host_fn, void *data)
s2n_tls_hash_algorithm
Definition s2n.h:2743
S2N_API int s2n_config_set_cert_tiebreak_callback(struct s2n_config *config, s2n_cert_tiebreak_callback cert_tiebreak_cb)
S2N_API int s2n_config_set_cert_authorities_from_trust_store(struct s2n_config *config)
S2N_API int s2n_config_set_cache_retrieve_callback(struct s2n_config *config, s2n_cache_retrieve_callback cache_retrieve_callback, void *data)
S2N_API int s2n_connection_get_negotiated_psk_identity(struct s2n_connection *conn, uint8_t *identity, uint16_t max_identity_length)
int s2n_recv_fn(void *io_context, uint8_t *buf, uint32_t len)
Definition s2n.h:1830
S2N_API int s2n_connection_add_new_tickets_to_send(struct s2n_connection *conn, uint8_t num)
int(* s2n_clock_time_nanoseconds)(void *, uint64_t *)
Definition s2n.h:337
S2N_API int s2n_config_set_key_log_cb(struct s2n_config *config, s2n_key_log_fn callback, void *ctx)
S2N_API int s2n_connection_free_handshake(struct s2n_connection *conn)
S2N_API int s2n_config_set_client_hello_cb_mode(struct s2n_config *config, s2n_client_hello_cb_mode cb_mode)
S2N_API int s2n_cert_chain_and_key_load_public_pem_bytes(struct s2n_cert_chain_and_key *chain_and_key, uint8_t *chain_pem, uint32_t chain_pem_len)
S2N_API int s2n_config_send_max_fragment_length(struct s2n_config *config, s2n_max_frag_len mfl_code)
S2N_API int s2n_offered_psk_get_identity(struct s2n_offered_psk *psk, uint8_t **identity, uint16_t *size)
S2N_API int s2n_recv_early_data(struct s2n_connection *conn, uint8_t *data, ssize_t max_data_len, ssize_t *data_received, s2n_blocked_status *blocked)
S2N_API const char * s2n_strerror_name(int error)
S2N_API int s2n_connection_prefer_throughput(struct s2n_connection *conn)
S2N_API uint64_t s2n_connection_get_wire_bytes_out(struct s2n_connection *conn)
S2N_API int s2n_client_hello_get_server_name(struct s2n_client_hello *ch, uint8_t *server_name, uint16_t length, uint16_t *out_length)
S2N_API int s2n_connection_get_selected_digest_algorithm(struct s2n_connection *conn, s2n_tls_hash_algorithm *chosen_alg)
S2N_API int s2n_connection_get_read_fd(struct s2n_connection *conn, int *readfd)
s2n_max_frag_len
Definition s2n.h:630
S2N_API struct s2n_offered_psk * s2n_offered_psk_new(void)
S2N_API ssize_t s2n_sendv_with_offset(struct s2n_connection *conn, const struct iovec *bufs, ssize_t count, ssize_t offs, s2n_blocked_status *blocked)
S2N_API uint32_t s2n_peek(struct s2n_connection *conn)
S2N_API int s2n_client_hello_has_extension(struct s2n_client_hello *ch, uint16_t extension_iana, bool *exists)
S2N_API const char * s2n_connection_get_kem_group_name(struct s2n_connection *conn)
S2N_API int s2n_connection_append_protocol_preference(struct s2n_connection *conn, const uint8_t *protocol, uint8_t protocol_len)
S2N_API int s2n_config_accept_max_fragment_length(struct s2n_config *config)
S2N_API int s2n_send_early_data(struct s2n_connection *conn, const uint8_t *data, ssize_t data_len, ssize_t *data_sent, s2n_blocked_status *blocked)
S2N_API int s2n_config_add_pem_to_trust_store(struct s2n_config *config, const char *pem)
S2N_API int s2n_connection_set_protocol_preferences(struct s2n_connection *conn, const char *const *protocols, int protocol_count)
S2N_API bool s2n_offered_psk_list_has_next(struct s2n_offered_psk_list *psk_list)
S2N_API int s2n_config_set_psk_mode(struct s2n_config *config, s2n_psk_mode mode)
S2N_API int s2n_psk_configure_early_data(struct s2n_psk *psk, uint32_t max_early_data_size, uint8_t cipher_suite_first_byte, uint8_t cipher_suite_second_byte)
S2N_API int s2n_config_enable_cert_req_dss_legacy_compat(struct s2n_config *config)
S2N_API int s2n_config_get_client_auth_type(struct s2n_config *config, s2n_cert_auth_type *client_auth_type)
S2N_API int s2n_config_set_extension_data(struct s2n_config *config, s2n_tls_extension_type type, const uint8_t *data, uint32_t length)
S2N_API const char * s2n_get_server_name(struct s2n_connection *conn)
S2N_API int s2n_offered_early_data_reject(struct s2n_offered_early_data *early_data)
S2N_API int s2n_connection_get_session_id(struct s2n_connection *conn, uint8_t *session_id, size_t max_length)
S2N_API int s2n_connection_client_cert_used(struct s2n_connection *conn)
S2N_API __thread int s2n_errno
S2N_API int s2n_config_set_async_pkey_callback(struct s2n_config *config, s2n_async_pkey_fn fn)
S2N_API int s2n_config_append_protocol_preference(struct s2n_config *config, const uint8_t *protocol, uint8_t protocol_len)
int(* s2n_async_pkey_fn)(struct s2n_connection *conn, struct s2n_async_pkey_op *op)
Definition s2n.h:3530
S2N_API int s2n_config_set_cert_chain_and_key_defaults(struct s2n_config *config, struct s2n_cert_chain_and_key **cert_key_pairs, uint32_t num_cert_key_pairs)
S2N_API int s2n_connection_get_selected_client_cert_digest_algorithm(struct s2n_connection *conn, s2n_tls_hash_algorithm *chosen_alg)
S2N_API int s2n_cert_chain_get_length(const struct s2n_cert_chain_and_key *chain_and_key, uint32_t *cert_length)
s2n_blinding
Definition s2n.h:2074
S2N_API int s2n_connection_get_selected_signature_algorithm(struct s2n_connection *conn, s2n_tls_signature_algorithm *chosen_alg)
S2N_API int s2n_print_stacktrace(FILE *fptr)
S2N_API int s2n_connection_set_server_keying_material_lifetime(struct s2n_connection *conn, uint32_t lifetime_in_secs)
int(* s2n_psk_selection_callback)(struct s2n_connection *conn, void *context, struct s2n_offered_psk_list *psk_list)
Definition s2n.h:3199
S2N_API int s2n_config_set_status_request_type(struct s2n_config *config, s2n_status_request_type type)
S2N_API uint64_t s2n_connection_get_wire_bytes_in(struct s2n_connection *conn)
s2n_cert_sni_match
Definition s2n.h:3321
S2N_API int s2n_psk_set_application_protocol(struct s2n_psk *psk, const uint8_t *application_protocol, uint8_t size)
S2N_API int s2n_config_set_cipher_preferences(struct s2n_config *config, const char *version)
s2n_async_pkey_validation_mode
Definition s2n.h:3505
S2N_API ssize_t s2n_recv(struct s2n_connection *conn, void *buf, ssize_t size, s2n_blocked_status *blocked)
S2N_API struct s2n_cert_chain_and_key * s2n_cert_chain_and_key_new(void)
s2n_psk_mode
Definition s2n.h:3052
S2N_API int s2n_config_load_system_certs(struct s2n_config *config)
S2N_API int s2n_async_pkey_op_apply(struct s2n_async_pkey_op *op, struct s2n_connection *conn)
S2N_API int s2n_config_free(struct s2n_config *config)
S2N_API int s2n_connection_get_negotiated_psk_identity_length(struct s2n_connection *conn, uint16_t *identity_length)
S2N_API int s2n_init(void)
s2n_error_type
Definition s2n.h:150
@ S2N_ERR_T_OK
Definition s2n.h:152
@ S2N_ERR_T_CLOSED
Definition s2n.h:156
@ S2N_ERR_T_USAGE
Definition s2n.h:166
@ S2N_ERR_T_ALERT
Definition s2n.h:160
@ S2N_ERR_T_INTERNAL
Definition s2n.h:164
@ S2N_ERR_T_IO
Definition s2n.h:154
@ S2N_ERR_T_BLOCKED
Definition s2n.h:158
@ S2N_ERR_T_PROTO
Definition s2n.h:162
S2N_API int s2n_connection_get_selected_client_cert_signature_algorithm(struct s2n_connection *conn, s2n_tls_signature_algorithm *chosen_alg)
S2N_API int s2n_client_hello_get_server_name_length(struct s2n_client_hello *ch, uint16_t *length)
S2N_API int s2n_config_set_wall_clock(struct s2n_config *config, s2n_clock_time_nanoseconds clock_fn, void *ctx)
S2N_API int s2n_connection_set_send_ctx(struct s2n_connection *conn, void *ctx)
S2N_API int s2n_psk_set_hmac(struct s2n_psk *psk, s2n_psk_hmac hmac)
int(* s2n_key_log_fn)(void *ctx, struct s2n_connection *conn, uint8_t *logline, size_t len)
Definition s2n.h:3658
S2N_API int s2n_cert_chain_and_key_set_ctx(struct s2n_cert_chain_and_key *cert_and_key, void *ctx)
int(* s2n_rand_mix_callback)(void *data, uint32_t size)
Definition s2n.h:593
S2N_API int s2n_connection_set_send_cb(struct s2n_connection *conn, s2n_send_fn send)
S2N_API ssize_t s2n_client_hello_get_raw_message_length(struct s2n_client_hello *ch)
S2N_API int s2n_config_set_initial_ticket_count(struct s2n_config *config, uint8_t num)
S2N_API s2n_cert_private_key * s2n_cert_chain_and_key_get_private_key(struct s2n_cert_chain_and_key *cert_and_key)
S2N_API int s2n_connection_set_dynamic_buffers(struct s2n_connection *conn, bool enabled)
S2N_API int s2n_cert_chain_and_key_load_pem_bytes(struct s2n_cert_chain_and_key *chain_and_key, uint8_t *chain_pem, uint32_t chain_pem_len, uint8_t *private_key_pem, uint32_t private_key_pem_len)
S2N_API int s2n_config_set_ticket_encrypt_decrypt_key_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs)
S2N_API int s2n_connection_get_alert(struct s2n_connection *conn)
S2N_API void * s2n_cert_chain_and_key_get_ctx(struct s2n_cert_chain_and_key *cert_and_key)
S2N_API int s2n_connection_get_tickets_sent(struct s2n_connection *conn, uint16_t *num)
int(* s2n_cache_retrieve_callback)(struct s2n_connection *conn, void *, const void *key, uint64_t key_size, void *value, uint64_t *value_size)
Definition s2n.h:359
S2N_API const char * s2n_strerror(int error, const char *lang)
S2N_API struct s2n_connection * s2n_connection_new(s2n_mode mode)
S2N_API int s2n_config_set_alert_behavior(struct s2n_config *config, s2n_alert_behavior alert_behavior)
S2N_API int s2n_config_set_ticket_decrypt_key_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs)
S2N_API int s2n_config_free_dhparams(struct s2n_config *config)
S2N_API int s2n_session_ticket_get_lifetime(struct s2n_session_ticket *ticket, uint32_t *session_lifetime)
S2N_API ssize_t s2n_client_hello_get_extension_by_id(struct s2n_client_hello *ch, s2n_tls_extension_type extension_type, uint8_t *out, uint32_t max_length)
S2N_API int s2n_offered_psk_list_choose_psk(struct s2n_offered_psk_list *psk_list, struct s2n_offered_psk *psk)
S2N_API const char * s2n_connection_get_kem_name(struct s2n_connection *conn)
S2N_API int s2n_connection_serialize(struct s2n_connection *conn, uint8_t *buffer, uint32_t buffer_length)
S2N_API const uint8_t * s2n_connection_get_sct_list(struct s2n_connection *conn, uint32_t *length)
S2N_API int s2n_connection_get_client_cert_chain(struct s2n_connection *conn, uint8_t **der_cert_chain_out, uint32_t *cert_chain_len)
S2N_API int s2n_config_add_cert_chain_and_key(struct s2n_config *config, const char *cert_chain_pem, const char *private_key_pem)
S2N_API int s2n_config_set_ct_support_level(struct s2n_config *config, s2n_ct_support_level level)
S2N_API int s2n_config_set_serialization_version(struct s2n_config *config, s2n_serialization_version version)
S2N_API int s2n_connection_set_server_max_early_data_size(struct s2n_connection *conn, uint32_t max_early_data_size)
S2N_API int s2n_psk_set_identity(struct s2n_psk *psk, const uint8_t *identity, uint16_t identity_size)
S2N_API int s2n_mem_set_callbacks(s2n_mem_init_callback mem_init_callback, s2n_mem_cleanup_callback mem_cleanup_callback, s2n_mem_malloc_callback mem_malloc_callback, s2n_mem_free_callback mem_free_callback)
S2N_API int s2n_offered_early_data_accept(struct s2n_offered_early_data *early_data)
S2N_API int s2n_connection_set_fd(struct s2n_connection *conn, int fd)
S2N_API int s2n_connection_set_recv_ctx(struct s2n_connection *conn, void *ctx)
S2N_API int s2n_connection_get_actual_protocol_version(struct s2n_connection *conn)
S2N_API int s2n_connection_set_blinding(struct s2n_connection *conn, s2n_blinding blinding)
S2N_API int s2n_client_hello_get_supported_groups(struct s2n_client_hello *ch, uint16_t *groups, uint16_t groups_count_max, uint16_t *groups_count)
S2N_API int s2n_connection_set_recv_cb(struct s2n_connection *conn, s2n_recv_fn recv)
struct s2n_pkey s2n_cert_public_key
Definition s2n.h:655
S2N_API int s2n_cleanup(void)
S2N_API int s2n_config_set_send_buffer_size(struct s2n_config *config, uint32_t size)
int(* s2n_mem_free_callback)(void *ptr, uint32_t size)
Definition s2n.h:559
int(* s2n_rand_cleanup_callback)(void)
Definition s2n.h:583
int(* s2n_mem_init_callback)(void)
Definition s2n.h:539
S2N_API int s2n_connection_server_name_extension_used(struct s2n_connection *conn)
S2N_API ssize_t s2n_sendv(struct s2n_connection *conn, const struct iovec *bufs, ssize_t count, s2n_blocked_status *blocked)
S2N_API int s2n_config_set_session_cache_onoff(struct s2n_config *config, uint8_t enabled)
S2N_API int s2n_connection_get_certificate_match(struct s2n_connection *conn, s2n_cert_sni_match *match_status)
S2N_API int s2n_async_pkey_op_set_output(struct s2n_async_pkey_op *op, const uint8_t *data, uint32_t data_len)
S2N_API int s2n_client_hello_get_compression_methods_length(struct s2n_client_hello *ch, uint32_t *out_length)
S2N_API int s2n_connection_set_server_early_data_context(struct s2n_connection *conn, const uint8_t *context, uint16_t context_size)
S2N_API int s2n_free_stacktrace(void)
s2n_mode
Definition s2n.h:1372
S2N_API int s2n_connection_deserialize(struct s2n_connection *conn, uint8_t *buffer, uint32_t buffer_length)
s2n_verify_after_sign
Definition s2n.h:931
s2n_client_hello_cb_mode
Definition s2n.h:1435
S2N_API int s2n_config_set_monotonic_clock(struct s2n_config *config, s2n_clock_time_nanoseconds clock_fn, void *ctx)
S2N_API int s2n_get_stacktrace(struct s2n_stacktrace *trace)
S2N_API int s2n_config_set_async_pkey_validation_mode(struct s2n_config *config, s2n_async_pkey_validation_mode mode)
S2N_API int s2n_cert_chain_and_key_free(struct s2n_cert_chain_and_key *cert_and_key)
s2n_status_request_type
Definition s2n.h:1161
S2N_API int s2n_psk_free(struct s2n_psk **psk)
S2N_API int s2n_connection_get_server_protocol_version(struct s2n_connection *conn)
S2N_API int s2n_connection_get_remaining_early_data_size(struct s2n_connection *conn, uint32_t *allowed_early_data_size)
S2N_API int s2n_cleanup_final(void)
S2N_API int s2n_client_hello_get_session_id_length(struct s2n_client_hello *ch, uint32_t *out_length)
S2N_API int s2n_connection_set_write_fd(struct s2n_connection *conn, int writefd)
S2N_API int s2n_connection_request_key_update(struct s2n_connection *conn, s2n_peer_key_update peer_request)
S2N_API int s2n_config_set_cache_delete_callback(struct s2n_config *config, s2n_cache_delete_callback cache_delete_callback, void *data)
S2N_API ssize_t s2n_client_hello_get_cipher_suites_length(struct s2n_client_hello *ch)
S2N_API int s2n_config_require_ticket_forward_secrecy(struct s2n_config *config, bool enabled)
S2N_API int s2n_cert_get_utf8_string_from_extension_data_length(const uint8_t *extension_data, uint32_t extension_len, uint32_t *utf8_str_len)
S2N_API int s2n_config_set_verification_ca_location(struct s2n_config *config, const char *ca_pem_filename, const char *ca_dir)
s2n_psk_hmac
Definition s2n.h:2962
S2N_API const char * s2n_connection_get_handshake_type_name(struct s2n_connection *conn)
S2N_API int s2n_config_free_cert_chain_and_key(struct s2n_config *config)
S2N_API int s2n_config_set_recv_multi_record(struct s2n_config *config, bool enabled)
s2n_cert_auth_type
Definition s2n.h:2462
int(* s2n_session_ticket_fn)(struct s2n_connection *conn, void *ctx, struct s2n_session_ticket *ticket)
Definition s2n.h:2585
S2N_API const char * s2n_strerror_source(int error)
S2N_API int s2n_connection_get_session_ticket_lifetime_hint(struct s2n_connection *conn)
uint8_t(* s2n_verify_host_fn)(const char *host_name, size_t host_name_len, void *data)
Definition s2n.h:1007
S2N_API const uint8_t * s2n_connection_get_ocsp_response(struct s2n_connection *conn, uint32_t *length)
S2N_API int s2n_offered_psk_list_next(struct s2n_offered_psk_list *psk_list, struct s2n_offered_psk *psk)
S2N_API int s2n_config_set_cache_store_callback(struct s2n_config *config, s2n_cache_store_callback cache_store_callback, void *data)
s2n_serialization_version
Definition s2n.h:3955
S2N_API int s2n_offered_early_data_get_context_length(struct s2n_offered_early_data *early_data, uint16_t *context_len)
S2N_API int s2n_connection_get_max_early_data_size(struct s2n_connection *conn, uint32_t *max_early_data_size)
S2N_API int s2n_offered_psk_free(struct s2n_offered_psk **psk)
S2N_API int s2n_config_add_dhparams(struct s2n_config *config, const char *dhparams_pem)
int(* s2n_mem_malloc_callback)(void **ptr, uint32_t requested, uint32_t *allocated)
Definition s2n.h:554
S2N_API int s2n_connection_get_write_fd(struct s2n_connection *conn, int *writefd)
S2N_API int s2n_connection_use_corked_io(struct s2n_connection *conn)
S2N_API int s2n_config_set_client_auth_type(struct s2n_config *config, s2n_cert_auth_type client_auth_type)
S2N_API int s2n_async_pkey_op_free(struct s2n_async_pkey_op *op)
S2N_API int s2n_connection_serialization_length(struct s2n_connection *conn, uint32_t *length)
s2n_tls_signature_algorithm
Definition s2n.h:2729
S2N_API int s2n_config_set_protocol_preferences(struct s2n_config *config, const char *const *protocols, int protocol_count)
S2N_API int s2n_config_set_ctx(struct s2n_config *config, void *ctx)
S2N_API int s2n_stack_traces_enabled_set(bool newval)
struct s2n_pkey s2n_cert_private_key
Definition s2n.h:660
S2N_API ssize_t s2n_send(struct s2n_connection *conn, const void *buf, ssize_t size, s2n_blocked_status *blocked)
S2N_API int s2n_connection_prefer_low_latency(struct s2n_connection *conn)
S2N_API int s2n_cert_chain_and_key_set_ocsp_data(struct s2n_cert_chain_and_key *chain_and_key, const uint8_t *data, uint32_t length)
S2N_API ssize_t s2n_client_hello_get_extensions_length(struct s2n_client_hello *ch)
S2N_API int s2n_connection_free(struct s2n_connection *conn)
S2N_API uint32_t s2n_peek_buffered(struct s2n_connection *conn)
S2N_API int s2n_config_set_verify_after_sign(struct s2n_config *config, s2n_verify_after_sign mode)
S2N_API struct s2n_cert_chain_and_key * s2n_connection_get_selected_cert(struct s2n_connection *conn)
S2N_API int s2n_async_pkey_op_get_op_type(struct s2n_async_pkey_op *op, s2n_async_pkey_op_type *type)
S2N_API int s2n_config_set_max_blinding_delay(struct s2n_config *config, uint32_t seconds)
S2N_API int s2n_connection_get_client_auth_type(struct s2n_connection *conn, s2n_cert_auth_type *client_auth_type)
S2N_API int s2n_connection_set_read_fd(struct s2n_connection *conn, int readfd)
S2N_API int s2n_config_set_session_ticket_cb(struct s2n_config *config, s2n_session_ticket_fn callback, void *ctx)
s2n_peer_key_update
Definition s2n.h:2138
S2N_API int s2n_config_disable_x509_verification(struct s2n_config *config)
S2N_API int s2n_config_set_client_hello_cb(struct s2n_config *config, s2n_client_hello_fn client_hello_callback, void *ctx)
S2N_API struct s2n_client_hello * s2n_client_hello_parse_message(const uint8_t *bytes, uint32_t size)
S2N_API struct s2n_config * s2n_config_new(void)
S2N_API int s2n_connection_set_session(struct s2n_connection *conn, const uint8_t *session, size_t length)
S2N_API int s2n_connection_get_client_protocol_version(struct s2n_connection *conn)
S2N_API int s2n_connection_get_session_length(struct s2n_connection *conn)
s2n_early_data_status_t
Definition s2n.h:3781
S2N_API struct s2n_psk * s2n_external_psk_new(void)
s2n_tls_extension_type
Definition s2n.h:614
S2N_API int s2n_config_get_ctx(struct s2n_config *config, void **ctx)
S2N_API int s2n_connection_set_cipher_preferences(struct s2n_connection *conn, const char *version)
S2N_API struct s2n_config * s2n_config_new_minimal(void)
S2N_API int s2n_cert_get_x509_extension_value(struct s2n_cert *cert, const uint8_t *oid, uint8_t *ext_value, uint32_t *ext_value_len, bool *critical)
S2N_API ssize_t s2n_client_hello_get_cipher_suites(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length)
S2N_API uint64_t s2n_connection_get_delay(struct s2n_connection *conn)
s2n_alert_behavior
Definition s2n.h:1210
S2N_API ssize_t s2n_client_hello_get_extension_length(struct s2n_client_hello *ch, s2n_tls_extension_type extension_type)
S2N_API int s2n_connection_set_psk_mode(struct s2n_connection *conn, s2n_psk_mode mode)
S2N_API int s2n_config_disable_x509_time_verification(struct s2n_config *config)
S2N_API int s2n_connection_get_cipher_iana_value(struct s2n_connection *conn, uint8_t *first, uint8_t *second)
S2N_API int s2n_connection_set_ctx(struct s2n_connection *conn, void *ctx)
S2N_API int s2n_connection_set_config(struct s2n_connection *conn, struct s2n_config *config)
S2N_API const char * s2n_strerror_debug(int error, const char *lang)
S2N_API int s2n_connection_get_early_data_status(struct s2n_connection *conn, s2n_early_data_status_t *status)
S2N_API int s2n_config_set_server_max_early_data_size(struct s2n_config *config, uint32_t max_early_data_size)
S2N_API int s2n_config_add_cert_chain_and_key_to_store(struct s2n_config *config, struct s2n_cert_chain_and_key *cert_key_pair)
S2N_API struct s2n_client_hello * s2n_connection_get_client_hello(struct s2n_connection *conn)
S2N_API ssize_t s2n_client_hello_get_raw_message(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length)
S2N_API int s2n_offered_psk_list_reread(struct s2n_offered_psk_list *psk_list)
S2N_API int s2n_config_set_early_data_cb(struct s2n_config *config, s2n_early_data_cb cb)
S2N_API int s2n_connection_is_valid_for_cipher_preferences(struct s2n_connection *conn, const char *version)
S2N_API int s2n_crypto_disable_init(void)
S2N_API int s2n_cert_get_x509_extension_value_length(struct s2n_cert *cert, const uint8_t *oid, uint32_t *ext_value_len)
int(* s2n_cache_delete_callback)(struct s2n_connection *conn, void *, const void *key, uint64_t key_size)
Definition s2n.h:386
S2N_API int s2n_connection_get_session_id_length(struct s2n_connection *conn)
S2N_API int s2n_config_get_supported_groups(struct s2n_config *config, uint16_t *groups, uint16_t groups_count_max, uint16_t *groups_count)
S2N_API bool s2n_stack_traces_enabled(void)
S2N_API int s2n_connection_set_client_auth_type(struct s2n_connection *conn, s2n_cert_auth_type client_auth_type)
S2N_API void * s2n_connection_get_ctx(struct s2n_connection *conn)
S2N_API int s2n_connection_get_client_hello_version(struct s2n_connection *conn)
S2N_API int s2n_client_hello_get_legacy_record_version(struct s2n_client_hello *ch, uint8_t *out)
S2N_API int s2n_negotiate(struct s2n_connection *conn, s2n_blocked_status *blocked)
S2N_API int s2n_connection_get_master_secret(const struct s2n_connection *conn, uint8_t *secret_bytes, size_t max_size)
S2N_API int s2n_connection_set_verify_host_callback(struct s2n_connection *conn, s2n_verify_host_fn host_fn, void *data)
S2N_API int s2n_cert_chain_and_key_set_sct_list(struct s2n_cert_chain_and_key *chain_and_key, const uint8_t *data, uint32_t length)
S2N_API int s2n_client_hello_free(struct s2n_client_hello **ch)
S2N_API int s2n_connection_get_key_exchange_group(struct s2n_connection *conn, const char **group_name)
int s2n_send_fn(void *io_context, const uint8_t *buf, uint32_t len)
Definition s2n.h:1835
S2N_API int s2n_psk_set_secret(struct s2n_psk *psk, const uint8_t *secret, uint16_t secret_size)
int(* s2n_cache_store_callback)(struct s2n_connection *conn, void *, uint64_t ttl_in_seconds, const void *key, uint64_t key_size, const void *value, uint64_t value_size)
Definition s2n.h:374
int(* s2n_rand_init_callback)(void)
Definition s2n.h:578
S2N_API int s2n_async_pkey_op_get_input_size(struct s2n_async_pkey_op *op, uint32_t *data_len)
S2N_API int s2n_client_hello_get_compression_methods(struct s2n_client_hello *ch, uint8_t *list, uint32_t list_length, uint32_t *out_length)
S2N_API int s2n_config_set_max_cert_chain_depth(struct s2n_config *config, uint16_t max_depth)
S2N_API int s2n_calculate_stacktrace(void)
S2N_API int s2n_client_hello_get_random(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length)
S2N_API int s2n_connection_set_dynamic_record_threshold(struct s2n_connection *conn, uint32_t resize_threshold, uint16_t timeout_threshold)
S2N_API int s2n_connection_is_ocsp_stapled(struct s2n_connection *conn)
int(* s2n_early_data_cb)(struct s2n_connection *conn, struct s2n_offered_early_data *early_data)
Definition s2n.h:3878
S2N_API int s2n_connection_get_session(struct s2n_connection *conn, uint8_t *session, size_t max_length)
S2N_API int s2n_get_fips_mode(s2n_fips_mode *fips_mode)
S2N_API int s2n_connection_set_recv_buffering(struct s2n_connection *conn, bool enabled)
S2N_API int s2n_connection_is_session_resumed(struct s2n_connection *conn)
S2N_API int s2n_connection_wipe(struct s2n_connection *conn)
S2N_API const char * s2n_get_application_protocol(struct s2n_connection *conn)
int(* s2n_mem_cleanup_callback)(void)
Definition s2n.h:544
S2N_API int s2n_config_add_ticket_crypto_key(struct s2n_config *config, const uint8_t *name, uint32_t name_len, uint8_t *key, uint32_t key_len, uint64_t intro_time_in_seconds_from_epoch)
int(* s2n_rand_seed_callback)(void *data, uint32_t size)
Definition s2n.h:588
S2N_API int s2n_client_hello_get_session_id(struct s2n_client_hello *ch, uint8_t *out, uint32_t *out_length, uint32_t max_length)
S2N_API ssize_t s2n_client_hello_get_extensions(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length)
S2N_API int s2n_connection_tls_exporter(struct s2n_connection *conn, const uint8_t *label, uint32_t label_length, const uint8_t *context, uint32_t context_length, uint8_t *output, uint32_t output_length)
s2n_ct_support_level
Definition s2n.h:1186
S2N_API int s2n_async_pkey_op_perform(struct s2n_async_pkey_op *op, s2n_cert_private_key *key)
S2N_API int s2n_connection_get_peer_cert_chain(const struct s2n_connection *conn, struct s2n_cert_chain_and_key *cert_chain)
S2N_API int s2n_disable_atexit(void)
S2N_API int s2n_config_set_psk_selection_callback(struct s2n_config *config, s2n_psk_selection_callback cb, void *context)
S2N_API int s2n_error_get_type(int error)
S2N_API int s2n_shutdown_send(struct s2n_connection *conn, s2n_blocked_status *blocked)
S2N_API const char * s2n_connection_get_cipher(struct s2n_connection *conn)
s2n_async_pkey_op_type
Definition s2n.h:3513
S2N_API int s2n_cert_chain_and_key_load_pem(struct s2n_cert_chain_and_key *chain_and_key, const char *chain_pem, const char *private_key_pem)
S2N_API int s2n_client_hello_get_legacy_protocol_version(struct s2n_client_hello *ch, uint8_t *out)
S2N_API unsigned long s2n_get_openssl_version(void)
#define S2N_API
Definition s2n.h:29
S2N_API const char * s2n_connection_get_last_message_name(struct s2n_connection *conn)
S2N_API int s2n_rand_set_callbacks(s2n_rand_init_callback rand_init_callback, s2n_rand_cleanup_callback rand_cleanup_callback, s2n_rand_seed_callback rand_seed_callback, s2n_rand_mix_callback rand_mix_callback)
S2N_API int s2n_connection_get_signature_scheme(struct s2n_connection *conn, const char **scheme_name)
S2N_API int s2n_set_server_name(struct s2n_connection *conn, const char *server_name)
S2N_API int s2n_client_hello_cb_done(struct s2n_connection *conn)
S2N_API const char * s2n_connection_get_curve(struct s2n_connection *conn)
s2n_blocked_status
Definition s2n.h:2244
S2N_API int s2n_config_wipe_trust_store(struct s2n_config *config)
S2N_API int s2n_cert_get_utf8_string_from_extension_data(const uint8_t *extension_data, uint32_t extension_len, uint8_t *out_data, uint32_t *out_len)
S2N_API int s2n_connection_release_buffers(struct s2n_connection *conn)
S2N_API int s2n_session_ticket_get_data(struct s2n_session_ticket *ticket, size_t max_data_len, uint8_t *data)
S2N_API int s2n_config_disable_x509_intent_verification(struct s2n_config *config)
S2N_API int s2n_config_set_session_tickets_onoff(struct s2n_config *config, uint8_t enabled)
S2N_API int * s2n_errno_location(void)
s2n_fips_mode
Definition s2n.h:258
S2N_API int s2n_session_ticket_get_data_len(struct s2n_session_ticket *ticket, size_t *data_len)
S2N_API int s2n_cert_chain_get_cert(const struct s2n_cert_chain_and_key *chain_and_key, struct s2n_cert **out_cert, const uint32_t cert_idx)
S2N_API int s2n_shutdown(struct s2n_connection *conn, s2n_blocked_status *blocked)
S2N_API int s2n_cert_get_der(const struct s2n_cert *cert, const uint8_t **out_cert_der, uint32_t *cert_length)
S2N_API int s2n_config_set_check_stapled_ocsp_response(struct s2n_config *config, uint8_t check_ocsp)