AWS s2n-tls  PROJECT_NUMBER_PLACEHOLDER
s2n-tls is a C99 implementation of the TLS/SSL protocols that is designed to be simple, small, fast, and with security as a priority.
s2n.h
Go to the documentation of this file.
1 /*
2  * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License").
5  * You may not use this file except in compliance with the License.
6  * A copy of the License is located at
7  *
8  * http://aws.amazon.com/apache2.0
9  *
10  * or in the "license" file accompanying this file. This file is distributed
11  * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
12  * express or implied. See the License for the specific language governing
13  * permissions and limitations under the License.
14  */
15 
23 #pragma once
24 
25 #ifndef S2N_API
26 
29  #define S2N_API
30 #endif
31 
32 #ifdef __cplusplus
33 extern "C" {
34 #endif
35 
36 #include <stdbool.h>
37 #include <stdint.h>
38 #include <stdio.h>
39 #include <sys/types.h>
40 #include <sys/uio.h>
41 
45 #define S2N_SUCCESS 0
46 
49 #define S2N_FAILURE -1
50 
54 #define S2N_CALLBACK_BLOCKED -2
55 
59 #define S2N_MINIMUM_SUPPORTED_TLS_RECORD_MAJOR_VERSION 2
60 
64 #define S2N_MAXIMUM_SUPPORTED_TLS_RECORD_MAJOR_VERSION 3
65 
69 #define S2N_SSLv2 20
70 
74 #define S2N_SSLv3 30
75 
79 #define S2N_TLS10 31
80 
84 #define S2N_TLS11 32
85 
89 #define S2N_TLS12 33
90 
94 #define S2N_TLS13 34
95 
99 #define S2N_UNKNOWN_PROTOCOL_VERSION 0
100 
118 S2N_API extern __thread int s2n_errno;
119 
126 S2N_API extern int *s2n_errno_location(void);
127 
142 typedef enum {
160 
171 S2N_API extern int s2n_error_get_type(int error);
172 
176 struct s2n_config;
177 
181 struct s2n_connection;
182 
197 S2N_API extern int s2n_crypto_disable_init(void);
198 
211 S2N_API extern int s2n_disable_atexit(void);
212 
219 S2N_API extern unsigned long s2n_get_openssl_version(void);
220 
229 S2N_API extern int s2n_init(void);
230 
237 S2N_API extern int s2n_cleanup(void);
238 
239 /*
240  * Performs a complete deinitialization and cleanup of the s2n-tls library.
241  *
242  * @returns S2N_SUCCESS on success. S2N_FAILURE on failure
243  */
244 S2N_API extern int s2n_cleanup_final(void);
245 
246 typedef enum {
247  S2N_FIPS_MODE_DISABLED = 0,
248  S2N_FIPS_MODE_ENABLED,
249 } s2n_fips_mode;
250 
265 S2N_API extern int s2n_get_fips_mode(s2n_fips_mode *fips_mode);
266 
279 S2N_API extern struct s2n_config *s2n_config_new(void);
280 
294 S2N_API extern struct s2n_config *s2n_config_new_minimal(void);
295 
302 S2N_API extern int s2n_config_free(struct s2n_config *config);
303 
310 S2N_API extern int s2n_config_free_dhparams(struct s2n_config *config);
311 
318 S2N_API extern int s2n_config_free_cert_chain_and_key(struct s2n_config *config);
319 
327 typedef int (*s2n_clock_time_nanoseconds)(void *, uint64_t *);
328 
349 typedef int (*s2n_cache_retrieve_callback)(struct s2n_connection *conn, void *, const void *key, uint64_t key_size, void *value, uint64_t *value_size);
350 
364 typedef int (*s2n_cache_store_callback)(struct s2n_connection *conn, void *, uint64_t ttl_in_seconds, const void *key, uint64_t key_size, const void *value, uint64_t value_size);
365 
376 typedef int (*s2n_cache_delete_callback)(struct s2n_connection *conn, void *, const void *key, uint64_t key_size);
377 
390 S2N_API extern int s2n_config_set_wall_clock(struct s2n_config *config, s2n_clock_time_nanoseconds clock_fn, void *ctx);
391 
404 S2N_API extern int s2n_config_set_monotonic_clock(struct s2n_config *config, s2n_clock_time_nanoseconds clock_fn, void *ctx);
405 
413 S2N_API extern const char *s2n_strerror(int error, const char *lang);
414 
424 S2N_API extern const char *s2n_strerror_debug(int error, const char *lang);
425 
432 S2N_API extern const char *s2n_strerror_name(int error);
433 
440 S2N_API extern const char *s2n_strerror_source(int error);
441 
445 struct s2n_stacktrace;
446 
452 S2N_API extern bool s2n_stack_traces_enabled(void);
453 
460 S2N_API extern int s2n_stack_traces_enabled_set(bool newval);
461 
467 S2N_API extern int s2n_calculate_stacktrace(void);
468 
476 S2N_API extern int s2n_print_stacktrace(FILE *fptr);
477 
483 S2N_API extern int s2n_free_stacktrace(void);
484 
491 S2N_API extern int s2n_get_stacktrace(struct s2n_stacktrace *trace);
492 
502 S2N_API extern int s2n_config_set_cache_store_callback(struct s2n_config *config, s2n_cache_store_callback cache_store_callback, void *data);
503 
513 S2N_API extern int s2n_config_set_cache_retrieve_callback(struct s2n_config *config, s2n_cache_retrieve_callback cache_retrieve_callback, void *data);
514 
524 S2N_API extern int s2n_config_set_cache_delete_callback(struct s2n_config *config, s2n_cache_delete_callback cache_delete_callback, void *data);
525 
529 typedef int (*s2n_mem_init_callback)(void);
530 
534 typedef int (*s2n_mem_cleanup_callback)(void);
535 
544 typedef int (*s2n_mem_malloc_callback)(void **ptr, uint32_t requested, uint32_t *allocated);
545 
549 typedef int (*s2n_mem_free_callback)(void *ptr, uint32_t size);
550 
562 S2N_API extern int s2n_mem_set_callbacks(s2n_mem_init_callback mem_init_callback, s2n_mem_cleanup_callback mem_cleanup_callback,
563  s2n_mem_malloc_callback mem_malloc_callback, s2n_mem_free_callback mem_free_callback);
564 
568 typedef int (*s2n_rand_init_callback)(void);
569 
573 typedef int (*s2n_rand_cleanup_callback)(void);
574 
579 typedef int (*s2n_rand_seed_callback)(void *data, uint32_t size);
580 
585 typedef int (*s2n_rand_mix_callback)(void *data, uint32_t size);
586 
600 S2N_API extern int s2n_rand_set_callbacks(s2n_rand_init_callback rand_init_callback, s2n_rand_cleanup_callback rand_cleanup_callback,
601  s2n_rand_seed_callback rand_seed_callback, s2n_rand_mix_callback rand_mix_callback);
602 
606 typedef enum {
607  S2N_EXTENSION_SERVER_NAME = 0,
608  S2N_EXTENSION_MAX_FRAG_LEN = 1,
609  S2N_EXTENSION_OCSP_STAPLING = 5,
610  S2N_EXTENSION_SUPPORTED_GROUPS = 10,
611  S2N_EXTENSION_EC_POINT_FORMATS = 11,
612  S2N_EXTENSION_SIGNATURE_ALGORITHMS = 13,
613  S2N_EXTENSION_ALPN = 16,
614  S2N_EXTENSION_CERTIFICATE_TRANSPARENCY = 18,
615  S2N_EXTENSION_SUPPORTED_VERSIONS = 43,
616  S2N_EXTENSION_RENEGOTIATION_INFO = 65281,
618 
622 typedef enum {
623  S2N_TLS_MAX_FRAG_LEN_512 = 1,
624  S2N_TLS_MAX_FRAG_LEN_1024 = 2,
625  S2N_TLS_MAX_FRAG_LEN_2048 = 3,
626  S2N_TLS_MAX_FRAG_LEN_4096 = 4,
628 
632 struct s2n_cert;
633 
637 struct s2n_cert_chain_and_key;
638 
642 struct s2n_pkey;
643 
647 typedef struct s2n_pkey s2n_cert_public_key;
648 
652 typedef struct s2n_pkey s2n_cert_private_key;
653 
660 S2N_API extern struct s2n_cert_chain_and_key *s2n_cert_chain_and_key_new(void);
661 
677 S2N_API extern int s2n_cert_chain_and_key_load_pem(struct s2n_cert_chain_and_key *chain_and_key, const char *chain_pem, const char *private_key_pem);
678 
694 S2N_API extern int s2n_cert_chain_and_key_load_pem_bytes(struct s2n_cert_chain_and_key *chain_and_key, uint8_t *chain_pem, uint32_t chain_pem_len, uint8_t *private_key_pem, uint32_t private_key_pem_len);
695 
707 S2N_API extern int s2n_cert_chain_and_key_load_public_pem_bytes(struct s2n_cert_chain_and_key *chain_and_key, uint8_t *chain_pem, uint32_t chain_pem_len);
708 
715 S2N_API extern int s2n_cert_chain_and_key_free(struct s2n_cert_chain_and_key *cert_and_key);
716 
724 S2N_API extern int s2n_cert_chain_and_key_set_ctx(struct s2n_cert_chain_and_key *cert_and_key, void *ctx);
725 
732 S2N_API extern void *s2n_cert_chain_and_key_get_ctx(struct s2n_cert_chain_and_key *cert_and_key);
733 
740 S2N_API extern s2n_cert_private_key *s2n_cert_chain_and_key_get_private_key(struct s2n_cert_chain_and_key *cert_and_key);
741 
750 S2N_API extern int s2n_cert_chain_and_key_set_ocsp_data(struct s2n_cert_chain_and_key *chain_and_key, const uint8_t *data, uint32_t length);
751 
761 S2N_API extern int s2n_cert_chain_and_key_set_sct_list(struct s2n_cert_chain_and_key *chain_and_key, const uint8_t *data, uint32_t length);
762 
775 typedef struct s2n_cert_chain_and_key *(*s2n_cert_tiebreak_callback)(struct s2n_cert_chain_and_key *cert1, struct s2n_cert_chain_and_key *cert2, uint8_t *name, uint32_t name_len);
776 
786 S2N_API extern int s2n_config_set_cert_tiebreak_callback(struct s2n_config *config, s2n_cert_tiebreak_callback cert_tiebreak_cb);
787 
802 S2N_API extern int s2n_config_add_cert_chain_and_key(struct s2n_config *config, const char *cert_chain_pem, const char *private_key_pem);
803 
821 S2N_API extern int s2n_config_add_cert_chain_and_key_to_store(struct s2n_config *config, struct s2n_cert_chain_and_key *cert_key_pair);
822 
842 S2N_API extern int s2n_config_set_cert_chain_and_key_defaults(struct s2n_config *config,
843  struct s2n_cert_chain_and_key **cert_key_pairs, uint32_t num_cert_key_pairs);
844 
869 S2N_API extern int s2n_config_set_verification_ca_location(struct s2n_config *config, const char *ca_pem_filename, const char *ca_dir);
870 
890 S2N_API extern int s2n_config_add_pem_to_trust_store(struct s2n_config *config, const char *pem);
891 
903 S2N_API extern int s2n_config_wipe_trust_store(struct s2n_config *config);
904 
918 S2N_API extern int s2n_config_load_system_certs(struct s2n_config *config);
919 
920 typedef enum {
921  S2N_VERIFY_AFTER_SIGN_DISABLED,
922  S2N_VERIFY_AFTER_SIGN_ENABLED
923 } s2n_verify_after_sign;
924 
937 S2N_API extern int s2n_config_set_verify_after_sign(struct s2n_config *config, s2n_verify_after_sign mode);
938 
961 S2N_API extern int s2n_config_set_send_buffer_size(struct s2n_config *config, uint32_t size);
962 
980 S2N_API extern int s2n_config_set_recv_multi_record(struct s2n_config *config, bool enabled);
981 
996 typedef uint8_t (*s2n_verify_host_fn)(const char *host_name, size_t host_name_len, void *data);
997 
1012 S2N_API extern int s2n_config_set_verify_host_callback(struct s2n_config *config, s2n_verify_host_fn, void *data);
1013 
1026 S2N_API extern int s2n_config_set_check_stapled_ocsp_response(struct s2n_config *config, uint8_t check_ocsp);
1027 
1050 S2N_API extern int s2n_config_disable_x509_time_verification(struct s2n_config *config);
1051 
1059 S2N_API extern int s2n_config_disable_x509_verification(struct s2n_config *config);
1060 
1071 S2N_API extern int s2n_config_set_max_cert_chain_depth(struct s2n_config *config, uint16_t max_depth);
1072 
1081 S2N_API extern int s2n_config_add_dhparams(struct s2n_config *config, const char *dhparams_pem);
1082 
1089 S2N_API extern int s2n_config_set_cipher_preferences(struct s2n_config *config, const char *version);
1090 
1100 S2N_API extern int s2n_config_append_protocol_preference(struct s2n_config *config, const uint8_t *protocol, uint8_t protocol_len);
1101 
1119 S2N_API extern int s2n_config_set_protocol_preferences(struct s2n_config *config, const char *const *protocols, int protocol_count);
1120 
1126 typedef enum {
1127  S2N_STATUS_REQUEST_NONE = 0,
1128  S2N_STATUS_REQUEST_OCSP = 1
1130 
1146 S2N_API extern int s2n_config_set_status_request_type(struct s2n_config *config, s2n_status_request_type type);
1147 
1151 typedef enum {
1152  S2N_CT_SUPPORT_NONE = 0,
1153  S2N_CT_SUPPORT_REQUEST = 1
1155 
1163 S2N_API extern int s2n_config_set_ct_support_level(struct s2n_config *config, s2n_ct_support_level level);
1164 
1175 typedef enum {
1176  S2N_ALERT_FAIL_ON_WARNINGS = 0,
1177  S2N_ALERT_IGNORE_WARNINGS = 1
1179 
1187 S2N_API extern int s2n_config_set_alert_behavior(struct s2n_config *config, s2n_alert_behavior alert_behavior);
1188 
1202 S2N_API extern int s2n_config_set_extension_data(struct s2n_config *config, s2n_tls_extension_type type, const uint8_t *data, uint32_t length);
1203 
1217 S2N_API extern int s2n_config_send_max_fragment_length(struct s2n_config *config, s2n_max_frag_len mfl_code);
1218 
1229 S2N_API extern int s2n_config_accept_max_fragment_length(struct s2n_config *config);
1230 
1238 S2N_API extern int s2n_config_set_session_state_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs);
1239 
1247 S2N_API extern int s2n_config_set_session_tickets_onoff(struct s2n_config *config, uint8_t enabled);
1248 
1259 S2N_API extern int s2n_config_set_session_cache_onoff(struct s2n_config *config, uint8_t enabled);
1260 
1270 S2N_API extern int s2n_config_set_ticket_encrypt_decrypt_key_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs);
1271 
1282 S2N_API extern int s2n_config_set_ticket_decrypt_key_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs);
1283 
1297 S2N_API extern int s2n_config_add_ticket_crypto_key(struct s2n_config *config, const uint8_t *name, uint32_t name_len,
1298  uint8_t *key, uint32_t key_len, uint64_t intro_time_in_seconds_from_epoch);
1299 
1313 S2N_API extern int s2n_config_require_ticket_forward_secrecy(struct s2n_config *config, bool enabled);
1314 
1322 S2N_API extern int s2n_config_set_ctx(struct s2n_config *config, void *ctx);
1323 
1332 S2N_API extern int s2n_config_get_ctx(struct s2n_config *config, void **ctx);
1333 
1337 typedef enum {
1338  S2N_SERVER,
1339  S2N_CLIENT
1340 } s2n_mode;
1341 
1358 S2N_API extern struct s2n_connection *s2n_connection_new(s2n_mode mode);
1359 
1367 S2N_API extern int s2n_connection_set_config(struct s2n_connection *conn, struct s2n_config *config);
1368 
1376 S2N_API extern int s2n_connection_set_ctx(struct s2n_connection *conn, void *ctx);
1377 
1383 S2N_API extern void *s2n_connection_get_ctx(struct s2n_connection *conn);
1384 
1391 typedef int s2n_client_hello_fn(struct s2n_connection *conn, void *ctx);
1392 
1400 typedef enum {
1401  S2N_CLIENT_HELLO_CB_BLOCKING,
1402  S2N_CLIENT_HELLO_CB_NONBLOCKING
1404 
1413 S2N_API extern int s2n_config_set_client_hello_cb(struct s2n_config *config, s2n_client_hello_fn client_hello_callback, void *ctx);
1414 
1424 S2N_API extern int s2n_config_set_client_hello_cb_mode(struct s2n_config *config, s2n_client_hello_cb_mode cb_mode);
1425 
1433 S2N_API extern int s2n_client_hello_cb_done(struct s2n_connection *conn);
1434 
1442 S2N_API extern int s2n_connection_server_name_extension_used(struct s2n_connection *conn);
1443 
1447 struct s2n_client_hello;
1448 
1458 S2N_API extern struct s2n_client_hello *s2n_connection_get_client_hello(struct s2n_connection *conn);
1459 
1475 S2N_API extern struct s2n_client_hello *s2n_client_hello_parse_message(const uint8_t *bytes, uint32_t size);
1476 
1487 S2N_API extern int s2n_client_hello_free(struct s2n_client_hello **ch);
1488 
1498 S2N_API extern ssize_t s2n_client_hello_get_raw_message_length(struct s2n_client_hello *ch);
1499 
1519 S2N_API extern ssize_t s2n_client_hello_get_raw_message(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length);
1520 
1528 S2N_API extern ssize_t s2n_client_hello_get_cipher_suites_length(struct s2n_client_hello *ch);
1529 
1543 S2N_API extern ssize_t s2n_client_hello_get_cipher_suites(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length);
1544 
1552 S2N_API extern ssize_t s2n_client_hello_get_extensions_length(struct s2n_client_hello *ch);
1553 
1562 S2N_API extern ssize_t s2n_client_hello_get_extensions(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length);
1563 
1572 S2N_API extern ssize_t s2n_client_hello_get_extension_length(struct s2n_client_hello *ch, s2n_tls_extension_type extension_type);
1573 
1585 S2N_API extern ssize_t s2n_client_hello_get_extension_by_id(struct s2n_client_hello *ch, s2n_tls_extension_type extension_type, uint8_t *out, uint32_t max_length);
1586 
1596 S2N_API extern int s2n_client_hello_has_extension(struct s2n_client_hello *ch, uint16_t extension_iana, bool *exists);
1597 
1607 S2N_API extern int s2n_client_hello_get_session_id_length(struct s2n_client_hello *ch, uint32_t *out_length);
1608 
1624 S2N_API extern int s2n_client_hello_get_session_id(struct s2n_client_hello *ch, uint8_t *out, uint32_t *out_length, uint32_t max_length);
1625 
1633 S2N_API extern int s2n_client_hello_get_compression_methods_length(struct s2n_client_hello *ch, uint32_t *out_length);
1634 
1653 S2N_API extern int s2n_client_hello_get_compression_methods(struct s2n_client_hello *ch, uint8_t *list, uint32_t list_length, uint32_t *out_length);
1654 
1665 S2N_API extern int s2n_client_hello_get_legacy_protocol_version(struct s2n_client_hello *ch, uint8_t *out);
1666 
1689 S2N_API extern int s2n_client_hello_get_supported_groups(struct s2n_client_hello *ch, uint16_t *groups,
1690  uint16_t groups_count_max, uint16_t *groups_count);
1691 
1698 S2N_API extern int s2n_client_hello_get_server_name_length(struct s2n_client_hello *ch, uint16_t *length);
1699 
1710 S2N_API extern int s2n_client_hello_get_server_name(struct s2n_client_hello *ch, uint8_t *server_name, uint16_t length, uint16_t *out_length);
1711 
1723 S2N_API extern int s2n_connection_set_fd(struct s2n_connection *conn, int fd);
1724 
1736 S2N_API extern int s2n_connection_set_read_fd(struct s2n_connection *conn, int readfd);
1737 
1746 S2N_API extern int s2n_connection_set_write_fd(struct s2n_connection *conn, int writefd);
1747 
1755 S2N_API extern int s2n_connection_get_read_fd(struct s2n_connection *conn, int *readfd);
1756 
1764 S2N_API extern int s2n_connection_get_write_fd(struct s2n_connection *conn, int *writefd);
1765 
1774 S2N_API extern int s2n_connection_use_corked_io(struct s2n_connection *conn);
1775 
1779 typedef int s2n_recv_fn(void *io_context, uint8_t *buf, uint32_t len);
1780 
1784 typedef int s2n_send_fn(void *io_context, const uint8_t *buf, uint32_t len);
1785 
1796 S2N_API extern int s2n_connection_set_recv_ctx(struct s2n_connection *conn, void *ctx);
1797 
1808 S2N_API extern int s2n_connection_set_send_ctx(struct s2n_connection *conn, void *ctx);
1809 
1821 S2N_API extern int s2n_connection_set_recv_cb(struct s2n_connection *conn, s2n_recv_fn recv);
1822 
1834 S2N_API extern int s2n_connection_set_send_cb(struct s2n_connection *conn, s2n_send_fn send);
1835 
1845 S2N_API extern int s2n_connection_prefer_throughput(struct s2n_connection *conn);
1846 
1856 S2N_API extern int s2n_connection_prefer_low_latency(struct s2n_connection *conn);
1857 
1917 S2N_API extern int s2n_connection_set_recv_buffering(struct s2n_connection *conn, bool enabled);
1918 
1936 S2N_API extern uint32_t s2n_peek_buffered(struct s2n_connection *conn);
1937 
1949 S2N_API extern int s2n_connection_set_dynamic_buffers(struct s2n_connection *conn, bool enabled);
1950 
1967 S2N_API extern int s2n_connection_set_dynamic_record_threshold(struct s2n_connection *conn, uint32_t resize_threshold, uint16_t timeout_threshold);
1968 
1982 S2N_API extern int s2n_connection_set_verify_host_callback(struct s2n_connection *conn, s2n_verify_host_fn host_fn, void *data);
1983 
1997 typedef enum {
1998  S2N_BUILT_IN_BLINDING,
1999  S2N_SELF_SERVICE_BLINDING
2000 } s2n_blinding;
2001 
2010 S2N_API extern int s2n_connection_set_blinding(struct s2n_connection *conn, s2n_blinding blinding);
2011 
2017 S2N_API extern uint64_t s2n_connection_get_delay(struct s2n_connection *conn);
2018 
2045 S2N_API extern int s2n_config_set_max_blinding_delay(struct s2n_config *config, uint32_t seconds);
2046 
2055 S2N_API extern int s2n_connection_set_cipher_preferences(struct s2n_connection *conn, const char *version);
2056 
2061 typedef enum {
2062  S2N_KEY_UPDATE_NOT_REQUESTED = 0,
2063  S2N_KEY_UPDATE_REQUESTED
2065 
2080 S2N_API extern int s2n_connection_request_key_update(struct s2n_connection *conn, s2n_peer_key_update peer_request);
2091 S2N_API extern int s2n_connection_append_protocol_preference(struct s2n_connection *conn, const uint8_t *protocol, uint8_t protocol_len);
2092 
2102 S2N_API extern int s2n_connection_set_protocol_preferences(struct s2n_connection *conn, const char *const *protocols, int protocol_count);
2103 
2123 S2N_API extern int s2n_set_server_name(struct s2n_connection *conn, const char *server_name);
2124 
2134 S2N_API extern const char *s2n_get_server_name(struct s2n_connection *conn);
2135 
2142 S2N_API extern const char *s2n_get_application_protocol(struct s2n_connection *conn);
2143 
2151 S2N_API extern const uint8_t *s2n_connection_get_ocsp_response(struct s2n_connection *conn, uint32_t *length);
2152 
2160 S2N_API extern const uint8_t *s2n_connection_get_sct_list(struct s2n_connection *conn, uint32_t *length);
2161 
2167 typedef enum {
2168  S2N_NOT_BLOCKED = 0,
2169  S2N_BLOCKED_ON_READ,
2170  S2N_BLOCKED_ON_WRITE,
2171  S2N_BLOCKED_ON_APPLICATION_INPUT,
2172  S2N_BLOCKED_ON_EARLY_DATA,
2174 
2190 S2N_API extern int s2n_negotiate(struct s2n_connection *conn, s2n_blocked_status *blocked);
2191 
2209 S2N_API extern ssize_t s2n_send(struct s2n_connection *conn, const void *buf, ssize_t size, s2n_blocked_status *blocked);
2210 
2222 S2N_API extern ssize_t s2n_sendv(struct s2n_connection *conn, const struct iovec *bufs, ssize_t count, s2n_blocked_status *blocked);
2223 
2241 S2N_API extern ssize_t s2n_sendv_with_offset(struct s2n_connection *conn, const struct iovec *bufs, ssize_t count, ssize_t offs, s2n_blocked_status *blocked);
2242 
2258 S2N_API extern ssize_t s2n_recv(struct s2n_connection *conn, void *buf, ssize_t size, s2n_blocked_status *blocked);
2259 
2271 S2N_API extern uint32_t s2n_peek(struct s2n_connection *conn);
2272 
2281 S2N_API extern int s2n_connection_free_handshake(struct s2n_connection *conn);
2282 
2292 S2N_API extern int s2n_connection_release_buffers(struct s2n_connection *conn);
2293 
2304 S2N_API extern int s2n_connection_wipe(struct s2n_connection *conn);
2305 
2315 S2N_API extern int s2n_connection_free(struct s2n_connection *conn);
2316 
2332 S2N_API extern int s2n_shutdown(struct s2n_connection *conn, s2n_blocked_status *blocked);
2333 
2360 S2N_API extern int s2n_shutdown_send(struct s2n_connection *conn, s2n_blocked_status *blocked);
2361 
2382 typedef enum {
2383  S2N_CERT_AUTH_NONE,
2384  S2N_CERT_AUTH_REQUIRED,
2385  S2N_CERT_AUTH_OPTIONAL
2387 
2395 S2N_API extern int s2n_config_get_client_auth_type(struct s2n_config *config, s2n_cert_auth_type *client_auth_type);
2396 
2407 S2N_API extern int s2n_config_set_client_auth_type(struct s2n_config *config, s2n_cert_auth_type client_auth_type);
2408 
2416 S2N_API extern int s2n_connection_get_client_auth_type(struct s2n_connection *conn, s2n_cert_auth_type *client_auth_type);
2417 
2428 S2N_API extern int s2n_connection_set_client_auth_type(struct s2n_connection *conn, s2n_cert_auth_type client_auth_type);
2429 
2445 S2N_API extern int s2n_connection_get_client_cert_chain(struct s2n_connection *conn, uint8_t **der_cert_chain_out, uint32_t *cert_chain_len);
2446 
2454 S2N_API extern int s2n_config_set_initial_ticket_count(struct s2n_config *config, uint8_t num);
2455 
2463 S2N_API extern int s2n_connection_add_new_tickets_to_send(struct s2n_connection *conn, uint8_t num);
2464 
2477 S2N_API extern int s2n_connection_get_tickets_sent(struct s2n_connection *conn, uint16_t *num);
2478 
2487 S2N_API extern int s2n_connection_set_server_keying_material_lifetime(struct s2n_connection *conn, uint32_t lifetime_in_secs);
2488 
2489 struct s2n_session_ticket;
2490 
2505 typedef int (*s2n_session_ticket_fn)(struct s2n_connection *conn, void *ctx, struct s2n_session_ticket *ticket);
2506 
2519 S2N_API extern int s2n_config_set_session_ticket_cb(struct s2n_config *config, s2n_session_ticket_fn callback, void *ctx);
2520 
2527 S2N_API extern int s2n_session_ticket_get_data_len(struct s2n_session_ticket *ticket, size_t *data_len);
2528 
2540 S2N_API extern int s2n_session_ticket_get_data(struct s2n_session_ticket *ticket, size_t max_data_len, uint8_t *data);
2541 
2548 S2N_API extern int s2n_session_ticket_get_lifetime(struct s2n_session_ticket *ticket, uint32_t *session_lifetime);
2549 
2562 S2N_API extern int s2n_connection_set_session(struct s2n_connection *conn, const uint8_t *session, size_t length);
2563 
2577 S2N_API extern int s2n_connection_get_session(struct s2n_connection *conn, uint8_t *session, size_t max_length);
2578 
2590 S2N_API extern int s2n_connection_get_session_ticket_lifetime_hint(struct s2n_connection *conn);
2591 
2599 S2N_API extern int s2n_connection_get_session_length(struct s2n_connection *conn);
2600 
2610 S2N_API extern int s2n_connection_get_session_id_length(struct s2n_connection *conn);
2611 
2625 S2N_API extern int s2n_connection_get_session_id(struct s2n_connection *conn, uint8_t *session_id, size_t max_length);
2626 
2634 S2N_API extern int s2n_connection_is_session_resumed(struct s2n_connection *conn);
2635 
2643 S2N_API extern int s2n_connection_is_ocsp_stapled(struct s2n_connection *conn);
2644 
2649 typedef enum {
2650  S2N_TLS_SIGNATURE_ANONYMOUS = 0,
2651  S2N_TLS_SIGNATURE_RSA = 1,
2652  S2N_TLS_SIGNATURE_ECDSA = 3,
2653  S2N_TLS_SIGNATURE_MLDSA = 9,
2654 
2655  /* Use Private Range for RSA PSS since it's not defined there */
2656  S2N_TLS_SIGNATURE_RSA_PSS_RSAE = 224,
2657  S2N_TLS_SIGNATURE_RSA_PSS_PSS
2659 
2663 typedef enum {
2664  S2N_TLS_HASH_NONE = 0,
2665  S2N_TLS_HASH_MD5 = 1,
2666  S2N_TLS_HASH_SHA1 = 2,
2667  S2N_TLS_HASH_SHA224 = 3,
2668  S2N_TLS_HASH_SHA256 = 4,
2669  S2N_TLS_HASH_SHA384 = 5,
2670  S2N_TLS_HASH_SHA512 = 6,
2671 
2672  /* Use Private Range for MD5_SHA1 */
2673  S2N_TLS_HASH_MD5_SHA1 = 224
2675 
2684 S2N_API extern int s2n_connection_get_selected_signature_algorithm(struct s2n_connection *conn, s2n_tls_signature_algorithm *chosen_alg);
2685 
2694 S2N_API extern int s2n_connection_get_selected_digest_algorithm(struct s2n_connection *conn, s2n_tls_hash_algorithm *chosen_alg);
2695 
2704 S2N_API extern int s2n_connection_get_selected_client_cert_signature_algorithm(struct s2n_connection *conn, s2n_tls_signature_algorithm *chosen_alg);
2705 
2714 S2N_API extern int s2n_connection_get_selected_client_cert_digest_algorithm(struct s2n_connection *conn, s2n_tls_hash_algorithm *chosen_alg);
2715 
2729 S2N_API extern struct s2n_cert_chain_and_key *s2n_connection_get_selected_cert(struct s2n_connection *conn);
2730 
2736 S2N_API extern int s2n_cert_chain_get_length(const struct s2n_cert_chain_and_key *chain_and_key, uint32_t *cert_length);
2737 
2756 S2N_API extern int s2n_cert_chain_get_cert(const struct s2n_cert_chain_and_key *chain_and_key, struct s2n_cert **out_cert, const uint32_t cert_idx);
2757 
2783 S2N_API extern int s2n_cert_get_der(const struct s2n_cert *cert, const uint8_t **out_cert_der, uint32_t *cert_length);
2784 
2795 S2N_API extern int s2n_connection_get_peer_cert_chain(const struct s2n_connection *conn, struct s2n_cert_chain_and_key *cert_chain);
2796 
2804 S2N_API extern int s2n_cert_get_x509_extension_value_length(struct s2n_cert *cert, const uint8_t *oid, uint32_t *ext_value_len);
2805 
2817 S2N_API extern int s2n_cert_get_x509_extension_value(struct s2n_cert *cert, const uint8_t *oid, uint8_t *ext_value, uint32_t *ext_value_len, bool *critical);
2818 
2826 S2N_API extern int s2n_cert_get_utf8_string_from_extension_data_length(const uint8_t *extension_data, uint32_t extension_len, uint32_t *utf8_str_len);
2827 
2839 S2N_API extern int s2n_cert_get_utf8_string_from_extension_data(const uint8_t *extension_data, uint32_t extension_len, uint8_t *out_data, uint32_t *out_len);
2840 
2844 typedef enum {
2845  S2N_PSK_HMAC_SHA256,
2846  S2N_PSK_HMAC_SHA384,
2847 } s2n_psk_hmac;
2848 
2852 struct s2n_psk;
2853 
2862 S2N_API struct s2n_psk *s2n_external_psk_new(void);
2863 
2869 S2N_API int s2n_psk_free(struct s2n_psk **psk);
2870 
2888 S2N_API int s2n_psk_set_identity(struct s2n_psk *psk, const uint8_t *identity, uint16_t identity_size);
2889 
2906 S2N_API int s2n_psk_set_secret(struct s2n_psk *psk, const uint8_t *secret, uint16_t secret_size);
2907 
2915 S2N_API int s2n_psk_set_hmac(struct s2n_psk *psk, s2n_psk_hmac hmac);
2916 
2926 S2N_API int s2n_connection_append_psk(struct s2n_connection *conn, struct s2n_psk *psk);
2927 
2934 typedef enum {
2935  S2N_PSK_MODE_RESUMPTION,
2936  S2N_PSK_MODE_EXTERNAL
2937 } s2n_psk_mode;
2938 
2946 S2N_API int s2n_config_set_psk_mode(struct s2n_config *config, s2n_psk_mode mode);
2947 
2956 S2N_API int s2n_connection_set_psk_mode(struct s2n_connection *conn, s2n_psk_mode mode);
2957 
2969 S2N_API int s2n_connection_get_negotiated_psk_identity_length(struct s2n_connection *conn, uint16_t *identity_length);
2970 
2987 S2N_API int s2n_connection_get_negotiated_psk_identity(struct s2n_connection *conn, uint8_t *identity, uint16_t max_identity_length);
2988 
2989 struct s2n_offered_psk;
2990 
3001 S2N_API struct s2n_offered_psk *s2n_offered_psk_new(void);
3002 
3008 S2N_API int s2n_offered_psk_free(struct s2n_offered_psk **psk);
3009 
3017 S2N_API int s2n_offered_psk_get_identity(struct s2n_offered_psk *psk, uint8_t **identity, uint16_t *size);
3018 
3019 struct s2n_offered_psk_list;
3020 
3033 S2N_API bool s2n_offered_psk_list_has_next(struct s2n_offered_psk_list *psk_list);
3034 
3042 S2N_API int s2n_offered_psk_list_next(struct s2n_offered_psk_list *psk_list, struct s2n_offered_psk *psk);
3043 
3052 S2N_API int s2n_offered_psk_list_reread(struct s2n_offered_psk_list *psk_list);
3053 
3065 S2N_API int s2n_offered_psk_list_choose_psk(struct s2n_offered_psk_list *psk_list, struct s2n_offered_psk *psk);
3066 
3081 typedef int (*s2n_psk_selection_callback)(struct s2n_connection *conn, void *context,
3082  struct s2n_offered_psk_list *psk_list);
3083 
3093 S2N_API int s2n_config_set_psk_selection_callback(struct s2n_config *config, s2n_psk_selection_callback cb, void *context);
3094 
3101 S2N_API extern uint64_t s2n_connection_get_wire_bytes_in(struct s2n_connection *conn);
3102 
3109 S2N_API extern uint64_t s2n_connection_get_wire_bytes_out(struct s2n_connection *conn);
3110 
3120 S2N_API extern int s2n_connection_get_client_protocol_version(struct s2n_connection *conn);
3121 
3131 S2N_API extern int s2n_connection_get_server_protocol_version(struct s2n_connection *conn);
3132 
3142 S2N_API extern int s2n_connection_get_actual_protocol_version(struct s2n_connection *conn);
3143 
3153 S2N_API extern int s2n_connection_get_client_hello_version(struct s2n_connection *conn);
3154 
3166 S2N_API extern int s2n_client_hello_get_legacy_record_version(struct s2n_client_hello *ch, uint8_t *out);
3167 
3175 S2N_API extern int s2n_connection_client_cert_used(struct s2n_connection *conn);
3176 
3190 S2N_API extern const char *s2n_connection_get_cipher(struct s2n_connection *conn);
3191 
3203 typedef enum {
3204  S2N_SNI_NONE = 1,
3205  S2N_SNI_EXACT_MATCH,
3206  S2N_SNI_WILDCARD_MATCH,
3207  S2N_SNI_NO_MATCH,
3209 
3222 S2N_API extern int s2n_connection_get_certificate_match(struct s2n_connection *conn, s2n_cert_sni_match *match_status);
3223 
3253 S2N_API extern int s2n_connection_get_master_secret(const struct s2n_connection *conn,
3254  uint8_t *secret_bytes, size_t max_size);
3255 
3266 S2N_API extern int s2n_connection_tls_exporter(struct s2n_connection *conn,
3267  const uint8_t *label, uint32_t label_length, const uint8_t *context, uint32_t context_length,
3268  uint8_t *output, uint32_t output_length);
3269 
3285 S2N_API extern int s2n_connection_get_cipher_iana_value(struct s2n_connection *conn, uint8_t *first, uint8_t *second);
3286 
3294 S2N_API extern int s2n_connection_is_valid_for_cipher_preferences(struct s2n_connection *conn, const char *version);
3295 
3304 S2N_API extern const char *s2n_connection_get_curve(struct s2n_connection *conn);
3305 
3316 S2N_API extern const char *s2n_connection_get_kem_name(struct s2n_connection *conn);
3317 
3328 S2N_API extern const char *s2n_connection_get_kem_group_name(struct s2n_connection *conn);
3329 
3342 S2N_API extern int s2n_connection_get_key_exchange_group(struct s2n_connection *conn, const char **group_name);
3343 
3351 S2N_API extern int s2n_connection_get_alert(struct s2n_connection *conn);
3352 
3359 S2N_API extern const char *s2n_connection_get_handshake_type_name(struct s2n_connection *conn);
3360 
3366 S2N_API extern const char *s2n_connection_get_last_message_name(struct s2n_connection *conn);
3367 
3371 struct s2n_async_pkey_op;
3372 
3381 typedef enum {
3382  S2N_ASYNC_PKEY_VALIDATION_FAST,
3383  S2N_ASYNC_PKEY_VALIDATION_STRICT
3385 
3389 typedef enum {
3390  S2N_ASYNC_DECRYPT,
3391  S2N_ASYNC_SIGN
3393 
3406 typedef int (*s2n_async_pkey_fn)(struct s2n_connection *conn, struct s2n_async_pkey_op *op);
3407 
3414 S2N_API extern int s2n_config_set_async_pkey_callback(struct s2n_config *config, s2n_async_pkey_fn fn);
3415 
3428 S2N_API extern int s2n_async_pkey_op_perform(struct s2n_async_pkey_op *op, s2n_cert_private_key *key);
3429 
3443 S2N_API extern int s2n_async_pkey_op_apply(struct s2n_async_pkey_op *op, struct s2n_connection *conn);
3444 
3454 S2N_API extern int s2n_async_pkey_op_free(struct s2n_async_pkey_op *op);
3455 
3463 S2N_API extern int s2n_config_set_async_pkey_validation_mode(struct s2n_config *config, s2n_async_pkey_validation_mode mode);
3464 
3471 S2N_API extern int s2n_async_pkey_op_get_op_type(struct s2n_async_pkey_op *op, s2n_async_pkey_op_type *type);
3472 
3479 S2N_API extern int s2n_async_pkey_op_get_input_size(struct s2n_async_pkey_op *op, uint32_t *data_len);
3480 
3500 S2N_API extern int s2n_async_pkey_op_get_input(struct s2n_async_pkey_op *op, uint8_t *data, uint32_t data_len);
3501 
3513 S2N_API extern int s2n_async_pkey_op_set_output(struct s2n_async_pkey_op *op, const uint8_t *data, uint32_t data_len);
3514 
3534 typedef int (*s2n_key_log_fn)(void *ctx, struct s2n_connection *conn, uint8_t *logline, size_t len);
3535 
3553 S2N_API extern int s2n_config_set_key_log_cb(struct s2n_config *config, s2n_key_log_fn callback, void *ctx);
3554 
3561 S2N_API extern int s2n_config_enable_cert_req_dss_legacy_compat(struct s2n_config *config);
3562 
3573 S2N_API int s2n_config_set_server_max_early_data_size(struct s2n_config *config, uint32_t max_early_data_size);
3574 
3585 S2N_API int s2n_connection_set_server_max_early_data_size(struct s2n_connection *conn, uint32_t max_early_data_size);
3586 
3602 S2N_API int s2n_connection_set_server_early_data_context(struct s2n_connection *conn, const uint8_t *context, uint16_t context_size);
3603 
3619 S2N_API int s2n_psk_configure_early_data(struct s2n_psk *psk, uint32_t max_early_data_size,
3620  uint8_t cipher_suite_first_byte, uint8_t cipher_suite_second_byte);
3621 
3633 S2N_API int s2n_psk_set_application_protocol(struct s2n_psk *psk, const uint8_t *application_protocol, uint8_t size);
3634 
3646 S2N_API int s2n_psk_set_early_data_context(struct s2n_psk *psk, const uint8_t *context, uint16_t size);
3647 
3657 typedef enum {
3658  S2N_EARLY_DATA_STATUS_OK,
3659  S2N_EARLY_DATA_STATUS_NOT_REQUESTED,
3660  S2N_EARLY_DATA_STATUS_REJECTED,
3661  S2N_EARLY_DATA_STATUS_END,
3663 
3673 S2N_API int s2n_connection_get_early_data_status(struct s2n_connection *conn, s2n_early_data_status_t *status);
3674 
3686 S2N_API int s2n_connection_get_remaining_early_data_size(struct s2n_connection *conn, uint32_t *allowed_early_data_size);
3687 
3699 S2N_API int s2n_connection_get_max_early_data_size(struct s2n_connection *conn, uint32_t *max_early_data_size);
3700 
3715 S2N_API int s2n_send_early_data(struct s2n_connection *conn, const uint8_t *data, ssize_t data_len,
3716  ssize_t *data_sent, s2n_blocked_status *blocked);
3717 
3732 S2N_API int s2n_recv_early_data(struct s2n_connection *conn, uint8_t *data, ssize_t max_data_len,
3733  ssize_t *data_received, s2n_blocked_status *blocked);
3734 
3735 struct s2n_offered_early_data;
3736 
3754 typedef int (*s2n_early_data_cb)(struct s2n_connection *conn, struct s2n_offered_early_data *early_data);
3755 
3763 S2N_API int s2n_config_set_early_data_cb(struct s2n_config *config, s2n_early_data_cb cb);
3764 
3772 S2N_API int s2n_offered_early_data_get_context_length(struct s2n_offered_early_data *early_data, uint16_t *context_len);
3773 
3782 S2N_API int s2n_offered_early_data_get_context(struct s2n_offered_early_data *early_data, uint8_t *context, uint16_t max_len);
3783 
3790 S2N_API int s2n_offered_early_data_reject(struct s2n_offered_early_data *early_data);
3791 
3798 S2N_API int s2n_offered_early_data_accept(struct s2n_offered_early_data *early_data);
3799 
3825 S2N_API int s2n_config_get_supported_groups(struct s2n_config *config, uint16_t *groups, uint16_t groups_count_max,
3826  uint16_t *groups_count);
3827 
3828 /* Indicates which serialized connection version will be provided. The default value is
3829  * S2N_SERIALIZED_CONN_NONE, which indicates the feature is off.
3830  */
3831 typedef enum {
3832  S2N_SERIALIZED_CONN_NONE = 0,
3833  S2N_SERIALIZED_CONN_V1 = 1
3834 } s2n_serialization_version;
3835 
3848 S2N_API int s2n_config_set_serialization_version(struct s2n_config *config, s2n_serialization_version version);
3849 
3861 S2N_API int s2n_connection_serialization_length(struct s2n_connection *conn, uint32_t *length);
3862 
3887 S2N_API int s2n_connection_serialize(struct s2n_connection *conn, uint8_t *buffer, uint32_t buffer_length);
3888 
3910 S2N_API int s2n_connection_deserialize(struct s2n_connection *conn, uint8_t *buffer, uint32_t buffer_length);
3911 
3912 /* Load all acceptable certificate authorities from the currently configured trust store.
3913  *
3914  * The loaded certificate authorities will be advertised during the handshake.
3915  * This can help your peer select a certificate if they have multiple certificate
3916  * chains available.
3917  *
3918  * For now, s2n-tls only supports advertising certificate authorities to support
3919  * client auth, so only servers will send the list of certificate authorities.
3920  *
3921  * To avoid configuration mistakes, certificate authorities cannot be loaded from
3922  * a trust store that includes the default system certificates. That means that
3923  * s2n_config_new_minimal or s2n_config_wipe_trust_store should be used.
3924  *
3925  * s2n-tls currently limits the total certificate authorities size to 10k bytes.
3926  * This method will fail if the certificate authorities retrieved from the trust
3927  * store exceed that limit.
3928  *
3929  * @param config A pointer to the s2n_config object.
3930  * @returns S2N_SUCCESS on success. S2N_FAILURE on failure.
3931  */
3932 S2N_API int s2n_config_set_cert_authorities_from_trust_store(struct s2n_config *config);
3933 
3934 #ifdef __cplusplus
3935 }
3936 #endif
S2N_API int s2n_config_set_cipher_preferences(struct s2n_config *config, const char *version)
S2N_API int s2n_connection_get_server_protocol_version(struct s2n_connection *conn)
S2N_API int s2n_connection_set_psk_mode(struct s2n_connection *conn, s2n_psk_mode mode)
S2N_API int s2n_config_set_session_cache_onoff(struct s2n_config *config, uint8_t enabled)
S2N_API int s2n_rand_set_callbacks(s2n_rand_init_callback rand_init_callback, s2n_rand_cleanup_callback rand_cleanup_callback, s2n_rand_seed_callback rand_seed_callback, s2n_rand_mix_callback rand_mix_callback)
S2N_API int s2n_set_server_name(struct s2n_connection *conn, const char *server_name)
S2N_API int s2n_config_set_client_auth_type(struct s2n_config *config, s2n_cert_auth_type client_auth_type)
S2N_API int s2n_connection_get_negotiated_psk_identity_length(struct s2n_connection *conn, uint16_t *identity_length)
S2N_API int s2n_async_pkey_op_perform(struct s2n_async_pkey_op *op, s2n_cert_private_key *key)
S2N_API int s2n_client_hello_get_session_id_length(struct s2n_client_hello *ch, uint32_t *out_length)
s2n_tls_signature_algorithm
Definition: s2n.h:2649
S2N_API struct s2n_cert_chain_and_key * s2n_connection_get_selected_cert(struct s2n_connection *conn)
S2N_API ssize_t s2n_sendv(struct s2n_connection *conn, const struct iovec *bufs, ssize_t count, s2n_blocked_status *blocked)
S2N_API const char * s2n_connection_get_handshake_type_name(struct s2n_connection *conn)
S2N_API s2n_cert_private_key * s2n_cert_chain_and_key_get_private_key(struct s2n_cert_chain_and_key *cert_and_key)
S2N_API int s2n_connection_get_key_exchange_group(struct s2n_connection *conn, const char **group_name)
S2N_API int s2n_config_set_status_request_type(struct s2n_config *config, s2n_status_request_type type)
S2N_API int s2n_connection_get_session(struct s2n_connection *conn, uint8_t *session, size_t max_length)
S2N_API int s2n_config_get_supported_groups(struct s2n_config *config, uint16_t *groups, uint16_t groups_count_max, uint16_t *groups_count)
S2N_API int s2n_cleanup(void)
S2N_API int s2n_error_get_type(int error)
S2N_API int s2n_connection_get_negotiated_psk_identity(struct s2n_connection *conn, uint8_t *identity, uint16_t max_identity_length)
S2N_API int s2n_config_free_dhparams(struct s2n_config *config)
S2N_API int s2n_config_set_verification_ca_location(struct s2n_config *config, const char *ca_pem_filename, const char *ca_dir)
S2N_API const char * s2n_connection_get_last_message_name(struct s2n_connection *conn)
S2N_API int s2n_connection_get_cipher_iana_value(struct s2n_connection *conn, uint8_t *first, uint8_t *second)
S2N_API int s2n_connection_get_client_cert_chain(struct s2n_connection *conn, uint8_t **der_cert_chain_out, uint32_t *cert_chain_len)
int(* s2n_mem_free_callback)(void *ptr, uint32_t size)
Definition: s2n.h:549
int(* s2n_clock_time_nanoseconds)(void *, uint64_t *)
Definition: s2n.h:327
S2N_API int s2n_recv_early_data(struct s2n_connection *conn, uint8_t *data, ssize_t max_data_len, ssize_t *data_received, s2n_blocked_status *blocked)
S2N_API int s2n_offered_early_data_reject(struct s2n_offered_early_data *early_data)
s2n_cert_auth_type
Definition: s2n.h:2382
Definition: s2n.h:148
S2N_API int s2n_config_set_async_pkey_callback(struct s2n_config *config, s2n_async_pkey_fn fn)
S2N_API int s2n_mem_set_callbacks(s2n_mem_init_callback mem_init_callback, s2n_mem_cleanup_callback mem_cleanup_callback, s2n_mem_malloc_callback mem_malloc_callback, s2n_mem_free_callback mem_free_callback)
S2N_API int s2n_connection_append_psk(struct s2n_connection *conn, struct s2n_psk *psk)
S2N_API int s2n_connection_get_selected_client_cert_signature_algorithm(struct s2n_connection *conn, s2n_tls_signature_algorithm *chosen_alg)
S2N_API ssize_t s2n_send(struct s2n_connection *conn, const void *buf, ssize_t size, s2n_blocked_status *blocked)
s2n_tls_extension_type
Definition: s2n.h:606
S2N_API int s2n_session_ticket_get_data(struct s2n_session_ticket *ticket, size_t max_data_len, uint8_t *data)
S2N_API int s2n_offered_early_data_get_context_length(struct s2n_offered_early_data *early_data, uint16_t *context_len)
s2n_async_pkey_op_type
Definition: s2n.h:3389
S2N_API int s2n_async_pkey_op_set_output(struct s2n_async_pkey_op *op, const uint8_t *data, uint32_t data_len)
S2N_API int s2n_config_set_extension_data(struct s2n_config *config, s2n_tls_extension_type type, const uint8_t *data, uint32_t length)
S2N_API int s2n_connection_get_session_ticket_lifetime_hint(struct s2n_connection *conn)
S2N_API uint64_t s2n_connection_get_wire_bytes_out(struct s2n_connection *conn)
S2N_API int s2n_shutdown(struct s2n_connection *conn, s2n_blocked_status *blocked)
S2N_API const char * s2n_connection_get_cipher(struct s2n_connection *conn)
s2n_ct_support_level
Definition: s2n.h:1151
struct s2n_cert_chain_and_key *(* s2n_cert_tiebreak_callback)(struct s2n_cert_chain_and_key *cert1, struct s2n_cert_chain_and_key *cert2, uint8_t *name, uint32_t name_len)
Definition: s2n.h:775
S2N_API int s2n_config_set_early_data_cb(struct s2n_config *config, s2n_early_data_cb cb)
S2N_API int s2n_config_accept_max_fragment_length(struct s2n_config *config)
int(* s2n_cache_delete_callback)(struct s2n_connection *conn, void *, const void *key, uint64_t key_size)
Definition: s2n.h:376
S2N_API int s2n_config_set_cert_chain_and_key_defaults(struct s2n_config *config, struct s2n_cert_chain_and_key **cert_key_pairs, uint32_t num_cert_key_pairs)
S2N_API int s2n_connection_get_session_length(struct s2n_connection *conn)
S2N_API int s2n_get_stacktrace(struct s2n_stacktrace *trace)
int(* s2n_cache_store_callback)(struct s2n_connection *conn, void *, uint64_t ttl_in_seconds, const void *key, uint64_t key_size, const void *value, uint64_t value_size)
Definition: s2n.h:364
S2N_API int s2n_config_set_client_hello_cb(struct s2n_config *config, s2n_client_hello_fn client_hello_callback, void *ctx)
S2N_API int s2n_connection_set_server_keying_material_lifetime(struct s2n_connection *conn, uint32_t lifetime_in_secs)
S2N_API int s2n_config_set_session_tickets_onoff(struct s2n_config *config, uint8_t enabled)
S2N_API int s2n_config_set_monotonic_clock(struct s2n_config *config, s2n_clock_time_nanoseconds clock_fn, void *ctx)
S2N_API int s2n_async_pkey_op_get_op_type(struct s2n_async_pkey_op *op, s2n_async_pkey_op_type *type)
S2N_API int s2n_config_add_cert_chain_and_key_to_store(struct s2n_config *config, struct s2n_cert_chain_and_key *cert_key_pair)
S2N_API int s2n_offered_psk_list_reread(struct s2n_offered_psk_list *psk_list)
S2N_API int s2n_connection_free_handshake(struct s2n_connection *conn)
S2N_API int s2n_config_set_psk_selection_callback(struct s2n_config *config, s2n_psk_selection_callback cb, void *context)
s2n_mode
Definition: s2n.h:1337
S2N_API int s2n_config_set_ticket_encrypt_decrypt_key_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs)
S2N_API int s2n_config_set_recv_multi_record(struct s2n_config *config, bool enabled)
Definition: s2n.h:152
S2N_API int s2n_cert_chain_and_key_set_ocsp_data(struct s2n_cert_chain_and_key *chain_and_key, const uint8_t *data, uint32_t length)
S2N_API int s2n_offered_early_data_accept(struct s2n_offered_early_data *early_data)
S2N_API int s2n_connection_get_tickets_sent(struct s2n_connection *conn, uint16_t *num)
S2N_API int s2n_cert_chain_and_key_load_pem(struct s2n_cert_chain_and_key *chain_and_key, const char *chain_pem, const char *private_key_pem)
s2n_max_frag_len
Definition: s2n.h:622
S2N_API int s2n_connection_is_session_resumed(struct s2n_connection *conn)
S2N_API ssize_t s2n_client_hello_get_extensions(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length)
S2N_API int s2n_cert_chain_and_key_load_public_pem_bytes(struct s2n_cert_chain_and_key *chain_and_key, uint8_t *chain_pem, uint32_t chain_pem_len)
int s2n_recv_fn(void *io_context, uint8_t *buf, uint32_t len)
Definition: s2n.h:1779
S2N_API int s2n_config_set_cache_delete_callback(struct s2n_config *config, s2n_cache_delete_callback cache_delete_callback, void *data)
Definition: s2n.h:144
S2N_API int s2n_client_hello_cb_done(struct s2n_connection *conn)
Definition: s2n.h:158
S2N_API int s2n_cert_get_utf8_string_from_extension_data(const uint8_t *extension_data, uint32_t extension_len, uint8_t *out_data, uint32_t *out_len)
S2N_API const char * s2n_strerror_name(int error)
S2N_API struct s2n_config * s2n_config_new_minimal(void)
s2n_async_pkey_validation_mode
Definition: s2n.h:3381
S2N_API int s2n_async_pkey_op_apply(struct s2n_async_pkey_op *op, struct s2n_connection *conn)
int(* s2n_cache_retrieve_callback)(struct s2n_connection *conn, void *, const void *key, uint64_t key_size, void *value, uint64_t *value_size)
Definition: s2n.h:349
S2N_API int s2n_connection_get_actual_protocol_version(struct s2n_connection *conn)
S2N_API int s2n_client_hello_get_compression_methods(struct s2n_client_hello *ch, uint8_t *list, uint32_t list_length, uint32_t *out_length)
S2N_API int * s2n_errno_location(void)
S2N_API int s2n_connection_prefer_throughput(struct s2n_connection *conn)
S2N_API int s2n_config_set_server_max_early_data_size(struct s2n_config *config, uint32_t max_early_data_size)
S2N_API int s2n_config_get_ctx(struct s2n_config *config, void **ctx)
S2N_API int s2n_offered_psk_list_choose_psk(struct s2n_offered_psk_list *psk_list, struct s2n_offered_psk *psk)
struct s2n_pkey s2n_cert_public_key
Definition: s2n.h:647
S2N_API int s2n_psk_set_hmac(struct s2n_psk *psk, s2n_psk_hmac hmac)
S2N_API int s2n_connection_get_selected_digest_algorithm(struct s2n_connection *conn, s2n_tls_hash_algorithm *chosen_alg)
S2N_API struct s2n_config * s2n_config_new(void)
int s2n_client_hello_fn(struct s2n_connection *conn, void *ctx)
Definition: s2n.h:1391
S2N_API int s2n_config_append_protocol_preference(struct s2n_config *config, const uint8_t *protocol, uint8_t protocol_len)
int(* s2n_psk_selection_callback)(struct s2n_connection *conn, void *context, struct s2n_offered_psk_list *psk_list)
Definition: s2n.h:3081
s2n_client_hello_cb_mode
Definition: s2n.h:1400
int(* s2n_rand_seed_callback)(void *data, uint32_t size)
Definition: s2n.h:579
S2N_API int s2n_async_pkey_op_get_input(struct s2n_async_pkey_op *op, uint8_t *data, uint32_t data_len)
S2N_API int s2n_connection_get_early_data_status(struct s2n_connection *conn, s2n_early_data_status_t *status)
S2N_API int s2n_connection_get_certificate_match(struct s2n_connection *conn, s2n_cert_sni_match *match_status)
int(* s2n_key_log_fn)(void *ctx, struct s2n_connection *conn, uint8_t *logline, size_t len)
Definition: s2n.h:3534
S2N_API int s2n_config_free(struct s2n_config *config)
S2N_API int s2n_connection_serialization_length(struct s2n_connection *conn, uint32_t *length)
S2N_API const char * s2n_strerror_debug(int error, const char *lang)
S2N_API int s2n_config_set_cache_store_callback(struct s2n_config *config, s2n_cache_store_callback cache_store_callback, void *data)
S2N_API int s2n_psk_set_application_protocol(struct s2n_psk *psk, const uint8_t *application_protocol, uint8_t size)
S2N_API int s2n_psk_set_secret(struct s2n_psk *psk, const uint8_t *secret, uint16_t secret_size)
S2N_API ssize_t s2n_client_hello_get_cipher_suites(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length)
struct s2n_pkey s2n_cert_private_key
Definition: s2n.h:652
S2N_API int s2n_connection_set_fd(struct s2n_connection *conn, int fd)
Definition: s2n.h:150
S2N_API int s2n_connection_server_name_extension_used(struct s2n_connection *conn)
int(* s2n_mem_cleanup_callback)(void)
Definition: s2n.h:534
S2N_API int s2n_connection_set_verify_host_callback(struct s2n_connection *conn, s2n_verify_host_fn host_fn, void *data)
S2N_API int s2n_config_set_async_pkey_validation_mode(struct s2n_config *config, s2n_async_pkey_validation_mode mode)
int s2n_send_fn(void *io_context, const uint8_t *buf, uint32_t len)
Definition: s2n.h:1784
Definition: s2n.h:156
S2N_API int s2n_config_add_pem_to_trust_store(struct s2n_config *config, const char *pem)
S2N_API int s2n_client_hello_get_session_id(struct s2n_client_hello *ch, uint8_t *out, uint32_t *out_length, uint32_t max_length)
S2N_API int s2n_config_add_ticket_crypto_key(struct s2n_config *config, const uint8_t *name, uint32_t name_len, uint8_t *key, uint32_t key_len, uint64_t intro_time_in_seconds_from_epoch)
S2N_API int s2n_print_stacktrace(FILE *fptr)
S2N_API struct s2n_cert_chain_and_key * s2n_cert_chain_and_key_new(void)
S2N_API int s2n_connection_serialize(struct s2n_connection *conn, uint8_t *buffer, uint32_t buffer_length)
S2N_API ssize_t s2n_sendv_with_offset(struct s2n_connection *conn, const struct iovec *bufs, ssize_t count, ssize_t offs, s2n_blocked_status *blocked)
S2N_API int s2n_config_set_wall_clock(struct s2n_config *config, s2n_clock_time_nanoseconds clock_fn, void *ctx)
S2N_API int s2n_config_require_ticket_forward_secrecy(struct s2n_config *config, bool enabled)
S2N_API int s2n_session_ticket_get_lifetime(struct s2n_session_ticket *ticket, uint32_t *session_lifetime)
S2N_API int s2n_config_set_session_state_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs)
s2n_blinding
Definition: s2n.h:1997
S2N_API const char * s2n_strerror_source(int error)
S2N_API int s2n_connection_set_send_ctx(struct s2n_connection *conn, void *ctx)
S2N_API int s2n_config_load_system_certs(struct s2n_config *config)
S2N_API int s2n_connection_is_valid_for_cipher_preferences(struct s2n_connection *conn, const char *version)
S2N_API struct s2n_psk * s2n_external_psk_new(void)
S2N_API int s2n_connection_get_session_id_length(struct s2n_connection *conn)
S2N_API int s2n_negotiate(struct s2n_connection *conn, s2n_blocked_status *blocked)
S2N_API const uint8_t * s2n_connection_get_ocsp_response(struct s2n_connection *conn, uint32_t *length)
S2N_API int s2n_client_hello_get_server_name_length(struct s2n_client_hello *ch, uint16_t *length)
S2N_API int s2n_config_disable_x509_verification(struct s2n_config *config)
S2N_API int s2n_connection_get_selected_signature_algorithm(struct s2n_connection *conn, s2n_tls_signature_algorithm *chosen_alg)
S2N_API int s2n_client_hello_get_compression_methods_length(struct s2n_client_hello *ch, uint32_t *out_length)
S2N_API int s2n_config_set_initial_ticket_count(struct s2n_config *config, uint8_t num)
Definition: s2n.h:146
S2N_API int s2n_cert_get_x509_extension_value(struct s2n_cert *cert, const uint8_t *oid, uint8_t *ext_value, uint32_t *ext_value_len, bool *critical)
S2N_API int s2n_cert_chain_get_cert(const struct s2n_cert_chain_and_key *chain_and_key, struct s2n_cert **out_cert, const uint32_t cert_idx)
S2N_API int s2n_client_hello_free(struct s2n_client_hello **ch)
S2N_API uint64_t s2n_connection_get_wire_bytes_in(struct s2n_connection *conn)
S2N_API int s2n_connection_set_write_fd(struct s2n_connection *conn, int writefd)
s2n_psk_hmac
Definition: s2n.h:2844
s2n_peer_key_update
Definition: s2n.h:2061
s2n_tls_hash_algorithm
Definition: s2n.h:2663
S2N_API int s2n_client_hello_get_supported_groups(struct s2n_client_hello *ch, uint16_t *groups, uint16_t groups_count_max, uint16_t *groups_count)
S2N_API struct s2n_client_hello * s2n_connection_get_client_hello(struct s2n_connection *conn)
S2N_API __thread int s2n_errno
S2N_API int s2n_connection_free(struct s2n_connection *conn)
S2N_API int s2n_connection_use_corked_io(struct s2n_connection *conn)
S2N_API int s2n_client_hello_get_legacy_protocol_version(struct s2n_client_hello *ch, uint8_t *out)
S2N_API int s2n_config_set_max_blinding_delay(struct s2n_config *config, uint32_t seconds)
s2n_status_request_type
Definition: s2n.h:1126
S2N_API int s2n_connection_request_key_update(struct s2n_connection *conn, s2n_peer_key_update peer_request)
int(* s2n_rand_init_callback)(void)
Definition: s2n.h:568
S2N_API int s2n_shutdown_send(struct s2n_connection *conn, s2n_blocked_status *blocked)
S2N_API int s2n_connection_get_session_id(struct s2n_connection *conn, uint8_t *session_id, size_t max_length)
S2N_API int s2n_connection_deserialize(struct s2n_connection *conn, uint8_t *buffer, uint32_t buffer_length)
S2N_API int s2n_config_set_session_ticket_cb(struct s2n_config *config, s2n_session_ticket_fn callback, void *ctx)
S2N_API bool s2n_stack_traces_enabled(void)
s2n_early_data_status_t
Definition: s2n.h:3657
S2N_API int s2n_connection_set_ctx(struct s2n_connection *conn, void *ctx)
S2N_API int s2n_calculate_stacktrace(void)
S2N_API uint32_t s2n_peek(struct s2n_connection *conn)
s2n_blocked_status
Definition: s2n.h:2167
S2N_API int s2n_psk_set_early_data_context(struct s2n_psk *psk, const uint8_t *context, uint16_t size)
S2N_API int s2n_cert_chain_and_key_set_sct_list(struct s2n_cert_chain_and_key *chain_and_key, const uint8_t *data, uint32_t length)
S2N_API int s2n_connection_tls_exporter(struct s2n_connection *conn, const uint8_t *label, uint32_t label_length, const uint8_t *context, uint32_t context_length, uint8_t *output, uint32_t output_length)
s2n_alert_behavior
Definition: s2n.h:1175
S2N_API int s2n_config_set_serialization_version(struct s2n_config *config, s2n_serialization_version version)
S2N_API int s2n_connection_set_read_fd(struct s2n_connection *conn, int readfd)
S2N_API bool s2n_offered_psk_list_has_next(struct s2n_offered_psk_list *psk_list)
S2N_API int s2n_config_send_max_fragment_length(struct s2n_config *config, s2n_max_frag_len mfl_code)
S2N_API int s2n_client_hello_get_server_name(struct s2n_client_hello *ch, uint8_t *server_name, uint16_t length, uint16_t *out_length)
S2N_API int s2n_psk_set_identity(struct s2n_psk *psk, const uint8_t *identity, uint16_t identity_size)
S2N_API int s2n_connection_set_recv_ctx(struct s2n_connection *conn, void *ctx)
S2N_API ssize_t s2n_client_hello_get_cipher_suites_length(struct s2n_client_hello *ch)
S2N_API int s2n_connection_set_recv_cb(struct s2n_connection *conn, s2n_recv_fn recv)
S2N_API int s2n_config_set_alert_behavior(struct s2n_config *config, s2n_alert_behavior alert_behavior)
S2N_API int s2n_connection_get_client_protocol_version(struct s2n_connection *conn)
S2N_API int s2n_client_hello_get_legacy_record_version(struct s2n_client_hello *ch, uint8_t *out)
int(* s2n_rand_cleanup_callback)(void)
Definition: s2n.h:573
S2N_API struct s2n_connection * s2n_connection_new(s2n_mode mode)
S2N_API int s2n_config_add_dhparams(struct s2n_config *config, const char *dhparams_pem)
S2N_API ssize_t s2n_client_hello_get_extensions_length(struct s2n_client_hello *ch)
S2N_API const char * s2n_strerror(int error, const char *lang)
int(* s2n_mem_init_callback)(void)
Definition: s2n.h:529
S2N_API int s2n_connection_get_max_early_data_size(struct s2n_connection *conn, uint32_t *max_early_data_size)
S2N_API int s2n_config_disable_x509_time_verification(struct s2n_config *config)
S2N_API int s2n_connection_get_selected_client_cert_digest_algorithm(struct s2n_connection *conn, s2n_tls_hash_algorithm *chosen_alg)
S2N_API int s2n_connection_set_blinding(struct s2n_connection *conn, s2n_blinding blinding)
S2N_API int s2n_connection_is_ocsp_stapled(struct s2n_connection *conn)
S2N_API int s2n_connection_append_protocol_preference(struct s2n_connection *conn, const uint8_t *protocol, uint8_t protocol_len)
S2N_API int s2n_connection_set_cipher_preferences(struct s2n_connection *conn, const char *version)
S2N_API int s2n_config_set_client_hello_cb_mode(struct s2n_config *config, s2n_client_hello_cb_mode cb_mode)
S2N_API int s2n_config_set_ctx(struct s2n_config *config, void *ctx)
S2N_API int s2n_cert_get_x509_extension_value_length(struct s2n_cert *cert, const uint8_t *oid, uint32_t *ext_value_len)
S2N_API int s2n_disable_atexit(void)
S2N_API int s2n_connection_set_config(struct s2n_connection *conn, struct s2n_config *config)
S2N_API int s2n_psk_configure_early_data(struct s2n_psk *psk, uint32_t max_early_data_size, uint8_t cipher_suite_first_byte, uint8_t cipher_suite_second_byte)
S2N_API int s2n_client_hello_has_extension(struct s2n_client_hello *ch, uint16_t extension_iana, bool *exists)
S2N_API int s2n_connection_prefer_low_latency(struct s2n_connection *conn)
S2N_API int s2n_connection_set_server_early_data_context(struct s2n_connection *conn, const uint8_t *context, uint16_t context_size)
int(* s2n_rand_mix_callback)(void *data, uint32_t size)
Definition: s2n.h:585
S2N_API int s2n_connection_set_dynamic_buffers(struct s2n_connection *conn, bool enabled)
s2n_cert_sni_match
Definition: s2n.h:3203
S2N_API ssize_t s2n_client_hello_get_extension_length(struct s2n_client_hello *ch, s2n_tls_extension_type extension_type)
S2N_API int s2n_connection_set_recv_buffering(struct s2n_connection *conn, bool enabled)
S2N_API int s2n_config_set_protocol_preferences(struct s2n_config *config, const char *const *protocols, int protocol_count)
S2N_API int s2n_offered_psk_get_identity(struct s2n_offered_psk *psk, uint8_t **identity, uint16_t *size)
S2N_API struct s2n_offered_psk * s2n_offered_psk_new(void)
S2N_API int s2n_connection_wipe(struct s2n_connection *conn)
S2N_API int s2n_session_ticket_get_data_len(struct s2n_session_ticket *ticket, size_t *data_len)
S2N_API int s2n_config_add_cert_chain_and_key(struct s2n_config *config, const char *cert_chain_pem, const char *private_key_pem)
S2N_API int s2n_async_pkey_op_get_input_size(struct s2n_async_pkey_op *op, uint32_t *data_len)
S2N_API int s2n_crypto_disable_init(void)
int(* s2n_early_data_cb)(struct s2n_connection *conn, struct s2n_offered_early_data *early_data)
Definition: s2n.h:3754
S2N_API int s2n_connection_set_dynamic_record_threshold(struct s2n_connection *conn, uint32_t resize_threshold, uint16_t timeout_threshold)
S2N_API const char * s2n_connection_get_kem_name(struct s2n_connection *conn)
S2N_API ssize_t s2n_client_hello_get_raw_message_length(struct s2n_client_hello *ch)
int(* s2n_mem_malloc_callback)(void **ptr, uint32_t requested, uint32_t *allocated)
Definition: s2n.h:544
S2N_API const char * s2n_connection_get_kem_group_name(struct s2n_connection *conn)
s2n_psk_mode
Definition: s2n.h:2934
S2N_API int s2n_connection_get_client_hello_version(struct s2n_connection *conn)
s2n_error_type
Definition: s2n.h:142
S2N_API int s2n_connection_set_session(struct s2n_connection *conn, const uint8_t *session, size_t length)
S2N_API int s2n_connection_get_master_secret(const struct s2n_connection *conn, uint8_t *secret_bytes, size_t max_size)
S2N_API int s2n_get_fips_mode(s2n_fips_mode *fips_mode)
S2N_API int s2n_connection_set_client_auth_type(struct s2n_connection *conn, s2n_cert_auth_type client_auth_type)
S2N_API int s2n_config_set_cache_retrieve_callback(struct s2n_config *config, s2n_cache_retrieve_callback cache_retrieve_callback, void *data)
S2N_API ssize_t s2n_client_hello_get_raw_message(struct s2n_client_hello *ch, uint8_t *out, uint32_t max_length)
S2N_API uint32_t s2n_peek_buffered(struct s2n_connection *conn)
S2N_API int s2n_connection_get_remaining_early_data_size(struct s2n_connection *conn, uint32_t *allowed_early_data_size)
S2N_API int s2n_offered_early_data_get_context(struct s2n_offered_early_data *early_data, uint8_t *context, uint16_t max_len)
S2N_API const char * s2n_connection_get_curve(struct s2n_connection *conn)
S2N_API int s2n_connection_release_buffers(struct s2n_connection *conn)
S2N_API int s2n_connection_get_client_auth_type(struct s2n_connection *conn, s2n_cert_auth_type *client_auth_type)
S2N_API int s2n_cert_get_der(const struct s2n_cert *cert, const uint8_t **out_cert_der, uint32_t *cert_length)
S2N_API int s2n_config_set_verify_host_callback(struct s2n_config *config, s2n_verify_host_fn, void *data)
S2N_API int s2n_config_set_check_stapled_ocsp_response(struct s2n_config *config, uint8_t check_ocsp)
S2N_API int s2n_psk_free(struct s2n_psk **psk)
uint8_t(* s2n_verify_host_fn)(const char *host_name, size_t host_name_len, void *data)
Definition: s2n.h:996
int(* s2n_async_pkey_fn)(struct s2n_connection *conn, struct s2n_async_pkey_op *op)
Definition: s2n.h:3406
S2N_API int s2n_cert_chain_get_length(const struct s2n_cert_chain_and_key *chain_and_key, uint32_t *cert_length)
S2N_API void * s2n_cert_chain_and_key_get_ctx(struct s2n_cert_chain_and_key *cert_and_key)
S2N_API int s2n_async_pkey_op_free(struct s2n_async_pkey_op *op)
S2N_API int s2n_config_set_verify_after_sign(struct s2n_config *config, s2n_verify_after_sign mode)
S2N_API int s2n_offered_psk_list_next(struct s2n_offered_psk_list *psk_list, struct s2n_offered_psk *psk)
S2N_API const char * s2n_get_server_name(struct s2n_connection *conn)
S2N_API uint64_t s2n_connection_get_delay(struct s2n_connection *conn)
S2N_API int s2n_connection_get_alert(struct s2n_connection *conn)
S2N_API int s2n_config_set_key_log_cb(struct s2n_config *config, s2n_key_log_fn callback, void *ctx)
S2N_API const uint8_t * s2n_connection_get_sct_list(struct s2n_connection *conn, uint32_t *length)
S2N_API int s2n_offered_psk_free(struct s2n_offered_psk **psk)
S2N_API int s2n_config_set_ct_support_level(struct s2n_config *config, s2n_ct_support_level level)
S2N_API int s2n_config_set_max_cert_chain_depth(struct s2n_config *config, uint16_t max_depth)
S2N_API int s2n_config_enable_cert_req_dss_legacy_compat(struct s2n_config *config)
S2N_API struct s2n_client_hello * s2n_client_hello_parse_message(const uint8_t *bytes, uint32_t size)
S2N_API int s2n_config_set_cert_tiebreak_callback(struct s2n_config *config, s2n_cert_tiebreak_callback cert_tiebreak_cb)
S2N_API unsigned long s2n_get_openssl_version(void)
S2N_API int s2n_connection_get_peer_cert_chain(const struct s2n_connection *conn, struct s2n_cert_chain_and_key *cert_chain)
S2N_API int s2n_connection_get_write_fd(struct s2n_connection *conn, int *writefd)
S2N_API int s2n_config_set_send_buffer_size(struct s2n_config *config, uint32_t size)
S2N_API int s2n_connection_set_send_cb(struct s2n_connection *conn, s2n_send_fn send)
S2N_API int s2n_connection_get_read_fd(struct s2n_connection *conn, int *readfd)
S2N_API int s2n_init(void)
Definition: s2n.h:154
int(* s2n_session_ticket_fn)(struct s2n_connection *conn, void *ctx, struct s2n_session_ticket *ticket)
Definition: s2n.h:2505
S2N_API int s2n_stack_traces_enabled_set(bool newval)
S2N_API int s2n_connection_add_new_tickets_to_send(struct s2n_connection *conn, uint8_t num)
S2N_API int s2n_cert_chain_and_key_load_pem_bytes(struct s2n_cert_chain_and_key *chain_and_key, uint8_t *chain_pem, uint32_t chain_pem_len, uint8_t *private_key_pem, uint32_t private_key_pem_len)
S2N_API int s2n_connection_set_server_max_early_data_size(struct s2n_connection *conn, uint32_t max_early_data_size)
S2N_API ssize_t s2n_recv(struct s2n_connection *conn, void *buf, ssize_t size, s2n_blocked_status *blocked)
S2N_API int s2n_connection_set_protocol_preferences(struct s2n_connection *conn, const char *const *protocols, int protocol_count)
S2N_API int s2n_cert_get_utf8_string_from_extension_data_length(const uint8_t *extension_data, uint32_t extension_len, uint32_t *utf8_str_len)
S2N_API int s2n_config_wipe_trust_store(struct s2n_config *config)
S2N_API int s2n_send_early_data(struct s2n_connection *conn, const uint8_t *data, ssize_t data_len, ssize_t *data_sent, s2n_blocked_status *blocked)
S2N_API int s2n_config_set_ticket_decrypt_key_lifetime(struct s2n_config *config, uint64_t lifetime_in_secs)
S2N_API int s2n_config_free_cert_chain_and_key(struct s2n_config *config)
S2N_API int s2n_cert_chain_and_key_set_ctx(struct s2n_cert_chain_and_key *cert_and_key, void *ctx)
S2N_API int s2n_connection_client_cert_used(struct s2n_connection *conn)
S2N_API int s2n_config_set_psk_mode(struct s2n_config *config, s2n_psk_mode mode)
S2N_API int s2n_cert_chain_and_key_free(struct s2n_cert_chain_and_key *cert_and_key)
S2N_API int s2n_config_get_client_auth_type(struct s2n_config *config, s2n_cert_auth_type *client_auth_type)
S2N_API const char * s2n_get_application_protocol(struct s2n_connection *conn)
S2N_API ssize_t s2n_client_hello_get_extension_by_id(struct s2n_client_hello *ch, s2n_tls_extension_type extension_type, uint8_t *out, uint32_t max_length)
S2N_API int s2n_free_stacktrace(void)
#define S2N_API
Definition: s2n.h:29
S2N_API void * s2n_connection_get_ctx(struct s2n_connection *conn)