quic.h
Functions
Name | |
---|---|
int | wolfSSL_CTX_set_quic_method(WOLFSSL_CTX * ctx, const WOLFSSL_QUIC_METHOD * quic_method) Activate QUIC protocol for a WOLFSSL_CTX and all derived WOLFSSL instances by providing the four callbacks required. The CTX needs to be a TLSv1.3 one. |
int | wolfSSL_set_quic_method(WOLFSSL * ssl, const WOLFSSL_QUIC_METHOD * quic_method) Activate QUIC protocol for a WOLFSSL instance by providing the four callbacks required. The WOLFSSL needs to be a TLSv1.3 one. |
int | wolfSSL_is_quic(WOLFSSL * ssl) Check if QUIC has been activated in a WOLFSSL instance. |
WOLFSSL_ENCRYPTION_LEVEL | wolfSSL_quic_read_level(const WOLFSSL * ssl) Determine the encryption level for reads currently in use. Meaningful only when the WOLFSSL instance is using QUIC. |
WOLFSSL_ENCRYPTION_LEVEL | wolfSSL_quic_write_level(const WOLFSSL * ssl) Determine the encryption level for writes currently in use. Meaningful only when the WOLFSSL instance is using QUIC. |
void | wolfSSL_set_quic_use_legacy_codepoint(WOLFSSL * ssl, int use_legacy) Configure which QUIC version shall be used. Without calling this, the WOLFSSL will offer both (draft_27 and v1) to a server, resp. accept both from a client and negotiate the most recent one. |
void | wolfSSL_set_quic_transport_version(WOLFSSL * ssl, int version) Configure which QUIC version shall be used. |
int | wolfSSL_get_quic_transport_version(const WOLFSSL * ssl) Get the configured QUIC version. |
int | wolfSSL_set_quic_transport_params(WOLFSSL * ssl, const uint8_t * params, size_t params_len) Set the QUIC transport parameters to use. |
int | wolfSSL_get_peer_quic_transport_version(const WOLFSSL * ssl) Get the negotiated QUIC transport version. This will only give meaningful results when called after the respective TLS extensions have been seen from the peer. |
void | wolfSSL_get_peer_quic_transport_params(const WOLFSSL * ssl, const uint8_t ** out_params, size_t * out_params_len) Get the negotiated QUIC transport parameters. This will only give meaningful results when called after the respective TLS extensions have been seen from the peer. |
void | wolfSSL_set_quic_early_data_enabled(WOLFSSL * ssl, int enabled) Configure if Early Data is enabled. Intended for servers to signal this to clients. |
size_t | wolfSSL_quic_max_handshake_flight_len(const WOLFSSL * ssl, WOLFSSL_ENCRYPTION_LEVEL level) Get advice on the amount of data that shall be "in flight", e.g. unacknowledged at the given encryption level. This is the amount of data the WOLFSSL instance is prepared to buffer. |
int | wolfSSL_provide_quic_data(WOLFSSL * ssl, WOLFSSL_ENCRYPTION_LEVEL level, const uint8_t * data, size_t len) Pass decrypted CRYPTO data to the WOLFSSL instance for further processing. The encryption level between calls is only every allowed to increase and it is also checked that data records are complete before a change in encryption level is accepted. |
WOLFSSL_API int | wolfSSL_process_quic_post_handshake(WOLFSSL * ssl) Process any CRYPTO records that have been provided after the handshake has completed. Will fail if called before that. |
int | wolfSSL_quic_read_write(WOLFSSL * ssl) Process any CRYPTO records that have been provided during or after the handshake. Will progress the handshake if not already complete and otherwise work like wolfSSL_process_quic_post_handshake(). |
const WOLFSSL_EVP_CIPHER * | wolfSSL_quic_get_aead(WOLFSSL * ssl) Get the AEAD cipher negotiated in the TLS handshake. |
int | wolfSSL_quic_aead_is_gcm(const WOLFSSL_EVP_CIPHER * aead_cipher) Check if the AEAD cipher is GCM. |
int | wolfSSL_quic_aead_is_ccm(const WOLFSSL_EVP_CIPHER * aead_cipher) Check if the AEAD cipher is CCM. |
int | wolfSSL_quic_aead_is_chacha20(const WOLFSSL_EVP_CIPHER * aead_cipher) Check if the AEAD cipher is CHACHA20. |
WOLFSSL_API size_t | wolfSSL_quic_get_aead_tag_len(const WOLFSSL_EVP_CIPHER * aead_cipher) Determine the tag length for the AEAD cipher. |
WOLFSSL_API const WOLFSSL_EVP_MD * | wolfSSL_quic_get_md(WOLFSSL * ssl) Determine the message digest negotiated in the TLS handshake. |
const WOLFSSL_EVP_CIPHER * | wolfSSL_quic_get_hp(WOLFSSL * ssl) Determine the header protection cipher negotiated in the TLS handshake. |
WOLFSSL_EVP_CIPHER_CTX * | wolfSSL_quic_crypt_new(const WOLFSSL_EVP_CIPHER * cipher, const uint8_t * key, const uint8_t * iv, int encrypt) Create a cipher context for en-/decryption. |
int | wolfSSL_quic_aead_encrypt(uint8_t * dest, WOLFSSL_EVP_CIPHER_CTX * aead_ctx, const uint8_t * plain, size_t plainlen, const uint8_t * iv, const uint8_t * aad, size_t aadlen) Encrypt the plain text in the given context. |
int | wolfSSL_quic_aead_decrypt(uint8_t * dest, WOLFSSL_EVP_CIPHER_CTX * ctx, const uint8_t * enc, size_t enclen, const uint8_t * iv, const uint8_t * aad, size_t aadlen) Decrypt the cipher text in the given context. |
int | wolfSSL_quic_hkdf_extract(uint8_t * dest, const WOLFSSL_EVP_MD * md, const uint8_t * secret, size_t secretlen, const uint8_t * salt, size_t saltlen) Extract a pseudo random key. |
int | wolfSSL_quic_hkdf_expand(uint8_t * dest, size_t destlen, const WOLFSSL_EVP_MD * md, const uint8_t * secret, size_t secretlen, const uint8_t * info, size_t infolen) Expand a pseudo random key into a new key. |
int | wolfSSL_quic_hkdf(uint8_t * dest, size_t destlen, const WOLFSSL_EVP_MD * md, const uint8_t * secret, size_t secretlen, const uint8_t * salt, size_t saltlen, const uint8_t * info, size_t infolen) Expand and Extract a pseudo random key. |
Attributes
Name | |
---|---|
int()(WOLFSSL ssl, WOLFSSL_ENCRYPTION_LEVEL level, const uint8_t read_secret, const uint8_t write_secret, size_t secret_len) | set_encryption_secrets Callback invoked when secrets are generated during a handshake. Since QUIC protocol handlers perform the en-/decryption of packets, they need the negotiated secrets for the levels early_data/handshake/application. |
int()(WOLFSSL ssl, WOLFSSL_ENCRYPTION_LEVEL level, const uint8_t *data, size_t len) | add_handshake_data Callback invoked for forwarding handshake CRYPTO data to peer. The data forwarded this way is not encrypted. It is the job of the QUIC protocol implementation to do this. Which secrets are to be used is determined by the encryption level specified. |
int()(WOLFSSL ssl) | flush_flight Callback invoked for advisory flushing of the data to send. |
int()(WOLFSSL ssl, WOLFSSL_ENCRYPTION_LEVEL level, uint8_t alert) | send_alert Callback invoked when an SSL alert happened during processing. |
Functions Documentation
function wolfSSL_CTX_set_quic_method
int wolfSSL_CTX_set_quic_method(
WOLFSSL_CTX * ctx,
const WOLFSSL_QUIC_METHOD * quic_method
)
Activate QUIC protocol for a WOLFSSL_CTX and all derived WOLFSSL instances by providing the four callbacks required. The CTX needs to be a TLSv1.3 one.
Parameters:
- ctx - a pointer to a WOLFSSL_CTX structure, created using wolfSSL_CTX_new().
- quic_method - the callback structure
See:
Return: WOLFSSL_SUCCESS If successful.
The passed quic_method needs to have a lifetime outlasting the SSL instances. It is not copied. All callbacks need to be provided.
function wolfSSL_set_quic_method
int wolfSSL_set_quic_method(
WOLFSSL * ssl,
const WOLFSSL_QUIC_METHOD * quic_method
)
Activate QUIC protocol for a WOLFSSL instance by providing the four callbacks required. The WOLFSSL needs to be a TLSv1.3 one.
Parameters:
- ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
- quic_method - the callback structure
See:
Return: WOLFSSL_SUCCESS If successful.
The passed quic_method needs to have a lifetime outlasting the SSL instance. It is not copied. All callbacks need to be provided.
function wolfSSL_is_quic
int wolfSSL_is_quic(
WOLFSSL * ssl
)
Check if QUIC has been activated in a WOLFSSL instance.
Parameters:
- ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
See:
- wolfSSL_CTX_quic_method
- wolfSSL_CTX_set_quic_method
Return: 1 if WOLFSSL is using QUIC.
function wolfSSL_quic_read_level
WOLFSSL_ENCRYPTION_LEVEL wolfSSL_quic_read_level(
const WOLFSSL * ssl
)
Determine the encryption level for reads currently in use. Meaningful only when the WOLFSSL instance is using QUIC.
Parameters:
- ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
Return: encryption level.
Note that the effective level is always a parameter when passing data back and forth. Data from a peer might arrive at other levels than reported via this function.
function wolfSSL_quic_write_level
WOLFSSL_ENCRYPTION_LEVEL wolfSSL_quic_write_level(
const WOLFSSL * ssl
)
Determine the encryption level for writes currently in use. Meaningful only when the WOLFSSL instance is using QUIC.
Parameters:
- ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
Return: encryption level.
Note that the effective level is always a parameter when passing data back and forth. Data from a peer might arrive at other levels than reported via this function.
function wolfSSL_set_quic_use_legacy_codepoint
void wolfSSL_set_quic_use_legacy_codepoint(
WOLFSSL * ssl,
int use_legacy
)
Configure which QUIC version shall be used. Without calling this, the WOLFSSL will offer both (draft-27 and v1) to a server, resp. accept both from a client and negotiate the most recent one.
Parameters:
- ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
- use_legacy - true if draft-27 shall be used, 0 if only QUICv1 is used.
See: wolfSSL_set_quic_transport_version
Return: WOLFSSL_SUCCESS If successful.
function wolfSSL_set_quic_transport_version
void wolfSSL_set_quic_transport_version(
WOLFSSL * ssl,
int version
)
Configure which QUIC version shall be used.
Parameters:
- ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
- version - the TLS Extension defined for the QUIC version.
See: wolfSSL_set_quic_use_legacy_codepoint
Return: WOLFSSL_SUCCESS If successful.
function wolfSSL_get_quic_transport_version
int wolfSSL_get_quic_transport_version(
const WOLFSSL * ssl
)
Get the configured QUIC version.
Parameters:
- ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
See:
Return: TLS Extension of configured version.
function wolfSSL_set_quic_transport_params
int wolfSSL_set_quic_transport_params(
WOLFSSL * ssl,
const uint8_t * params,
size_t params_len
)
Set the QUIC transport parameters to use.
Parameters:
- ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
- params - the parameter bytes to use ·param params_len - the length of the parameters
See:
Return: WOLFSSL_SUCCESS If successful.
function wolfSSL_get_peer_quic_transport_version
int wolfSSL_get_peer_quic_transport_version(
const WOLFSSL * ssl
)
Get the negotiated QUIC transport version. This will only give meaningful results when called after the respective TLS extensions have been seen from the peer.
Parameters:
- ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
See:
Return: the negotiated version or -1.
function wolfSSL_get_peer_quic_transport_params
void wolfSSL_get_peer_quic_transport_params(
const WOLFSSL * ssl,
const uint8_t ** out_params,
size_t * out_params_len
)
Get the negotiated QUIC transport parameters. This will only give meaningful results when called after the respective TLS extensions have been seen from the peer.
Parameters:
- ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
- out_params - the parameters sent be the peer, set to NULL if not available.
- out_params_len - the length of the parameters sent be the peer, set to 0 if not available
See: wolfSSL_get_peer_quic_transport_version
function wolfSSL_set_quic_early_data_enabled
void wolfSSL_set_quic_early_data_enabled(
WOLFSSL * ssl,
int enabled
)
Configure if Early Data is enabled. Intended for servers to signal this to clients.
Parameters:
- ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
- enabled - != 0 iff early data is enabled
function wolfSSL_quic_max_handshake_flight_len
size_t wolfSSL_quic_max_handshake_flight_len(
const WOLFSSL * ssl,
WOLFSSL_ENCRYPTION_LEVEL level
)
Get advice on the amount of data that shall be "in flight", e.g. unacknowledged at the given encryption level. This is the amount of data the WOLFSSL instance is prepared to buffer.
Parameters:
- ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
- level - the encryption level to inquire about
Return: the recommend max data in flight
function wolfSSL_provide_quic_data
int wolfSSL_provide_quic_data(
WOLFSSL * ssl,
WOLFSSL_ENCRYPTION_LEVEL level,
const uint8_t * data,
size_t len
)
Pass decrypted CRYPTO data to the WOLFSSL instance for further processing. The encryption level between calls is only every allowed to increase and it is also checked that data records are complete before a change in encryption level is accepted.
Parameters:
- ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
- level - the level the data was encrypted at
- data - the data itself
- len - the length of the data
See:
Return: WOLFSSL_SUCCESS If successful.
function wolfSSL_process_quic_post_handshake
WOLFSSL_API int wolfSSL_process_quic_post_handshake(
WOLFSSL * ssl
)
Process any CRYPTO records that have been provided after the handshake has completed. Will fail if called before that.
Parameters:
- ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
See:
Return: WOLFSSL_SUCCESS If successful.
function wolfSSL_quic_read_write
int wolfSSL_quic_read_write(
WOLFSSL * ssl
)
Process any CRYPTO records that have been provided during or after the handshake. Will progress the handshake if not already complete and otherwise work like wolfSSL_process_quic_post_handshake().
Parameters:
- ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
See:
Return: WOLFSSL_SUCCESS If successful.
function wolfSSL_quic_get_aead
const WOLFSSL_EVP_CIPHER * wolfSSL_quic_get_aead(
WOLFSSL * ssl
)
Get the AEAD cipher negotiated in the TLS handshake.
Parameters:
- ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
See:
- wolfSSL_quic_aead_is_gcm
- wolfSSL_quic_aead_is_ccm
- wolfSSL_quic_aead_is_chacha20
- wolfSSL_quic_get_aead_tag_len
- wolfSSL_quic_get_md
- wolfSSL_quic_get_hp
- wolfSSL_quic_crypt_new
- wolfSSL_quic_aead_encrypt
- wolfSSL_quic_aead_decrypt
Return: negotiated cipher or NULL if not determined.
function wolfSSL_quic_aead_is_gcm
int wolfSSL_quic_aead_is_gcm(
const WOLFSSL_EVP_CIPHER * aead_cipher
)
Check if the AEAD cipher is GCM.
Parameters:
- cipher - the cipher
See:
- wolfSSL_quic_get_aead
- wolfSSL_quic_aead_is_ccm
- wolfSSL_quic_aead_is_chacha20
- wolfSSL_quic_get_aead_tag_len
- wolfSSL_quic_get_md
- wolfSSL_quic_get_hp
- wolfSSL_quic_crypt_new
- wolfSSL_quic_aead_encrypt
- wolfSSL_quic_aead_decrypt
Return: != 0 iff the AEAD cipher is GCM.
function wolfSSL_quic_aead_is_ccm
int wolfSSL_quic_aead_is_ccm(
const WOLFSSL_EVP_CIPHER * aead_cipher
)
Check if the AEAD cipher is CCM.
Parameters:
- cipher - the cipher
See:
- wolfSSL_quic_get_aead
- wolfSSL_quic_aead_is_gcm
- wolfSSL_quic_aead_is_chacha20
- wolfSSL_quic_get_aead_tag_len
- wolfSSL_quic_get_md
- wolfSSL_quic_get_hp
- wolfSSL_quic_crypt_new
- wolfSSL_quic_aead_encrypt
- wolfSSL_quic_aead_decrypt
Return: != 0 iff the AEAD cipher is CCM.
function wolfSSL_quic_aead_is_chacha20
int wolfSSL_quic_aead_is_chacha20(
const WOLFSSL_EVP_CIPHER * aead_cipher
)
Check if the AEAD cipher is CHACHA20.
Parameters:
- cipher - the cipher
See:
- wolfSSL_quic_get_aead
- wolfSSL_quic_aead_is_ccm
- wolfSSL_quic_aead_is_gcm
- wolfSSL_quic_get_aead_tag_len
- wolfSSL_quic_get_md
- wolfSSL_quic_get_hp
- wolfSSL_quic_crypt_new
- wolfSSL_quic_aead_encrypt
- wolfSSL_quic_aead_decrypt
Return: != 0 iff the AEAD cipher is CHACHA20.
function wolfSSL_quic_get_aead_tag_len
WOLFSSL_API size_t wolfSSL_quic_get_aead_tag_len(
const WOLFSSL_EVP_CIPHER * aead_cipher
)
Determine the tag length for the AEAD cipher.
Parameters:
- cipher - the cipher
Return: tag length of AEAD cipher.
function wolfSSL_quic_get_md
WOLFSSL_API const WOLFSSL_EVP_MD * wolfSSL_quic_get_md(
WOLFSSL * ssl
)
Determine the message digest negotiated in the TLS handshake.
Parameters:
- ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
See:
Return: the message digest negotiated in the TLS handshake
function wolfSSL_quic_get_hp
const WOLFSSL_EVP_CIPHER * wolfSSL_quic_get_hp(
WOLFSSL * ssl
)
Determine the header protection cipher negotiated in the TLS handshake.
Parameters:
- ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
See:
Return: the header protection cipher negotiated in the TLS handshake
function wolfSSL_quic_crypt_new
WOLFSSL_EVP_CIPHER_CTX * wolfSSL_quic_crypt_new(
const WOLFSSL_EVP_CIPHER * cipher,
const uint8_t * key,
const uint8_t * iv,
int encrypt
)
Create a cipher context for en-/decryption.
Parameters:
- cipher - the cipher to use in the context.
- key - the key to use in the context.
- iv - the iv to use in the context.
- encrypt - != 0 if for encryption, otherwise decryption
See:
Return: the created context or NULL in case of errors.
function wolfSSL_quic_aead_encrypt
int wolfSSL_quic_aead_encrypt(
uint8_t * dest,
WOLFSSL_EVP_CIPHER_CTX * aead_ctx,
const uint8_t * plain,
size_t plainlen,
const uint8_t * iv,
const uint8_t * aad,
size_t aadlen
)
Encrypt the plain text in the given context.
Parameters:
- dest - destination where encrypted data is to be written
- aead_ctx - the cipher context to use
- plain - the plain data to encrypt
- plainlen - the length of the plain data
- iv - the iv to use
- aad - the add to use
- aadlen - the length of the aad
See:
Return: WOLFSSL_SUCCESS If successful.
function wolfSSL_quic_aead_decrypt
int wolfSSL_quic_aead_decrypt(
uint8_t * dest,
WOLFSSL_EVP_CIPHER_CTX * ctx,
const uint8_t * enc,
size_t enclen,
const uint8_t * iv,
const uint8_t * aad,
size_t aadlen
)
Decrypt the cipher text in the given context.
Parameters:
- dest - destination where plain text is to be written
- ctx - the cipher context to use
- enc - the encrypted data to decrypt
- envlen - the length of the encrypted data
- iv - the iv to use
- aad - the add to use
- aadlen - the length of the aad
See:
Return: WOLFSSL_SUCCESS If successful.
function wolfSSL_quic_hkdf_extract
int wolfSSL_quic_hkdf_extract(
uint8_t * dest,
const WOLFSSL_EVP_MD * md,
const uint8_t * secret,
size_t secretlen,
const uint8_t * salt,
size_t saltlen
)
Extract a pseudo random key.
Parameters:
- dest - destination where key is to be written
- md - message digest to use
- secret - the secret to use
- secretlen - the length of the secret
- salt - the salt to use
- saltlen - the length of the salt
See:
Return: WOLFSSL_SUCCESS If successful.
function wolfSSL_quic_hkdf_expand
int wolfSSL_quic_hkdf_expand(
uint8_t * dest,
size_t destlen,
const WOLFSSL_EVP_MD * md,
const uint8_t * secret,
size_t secretlen,
const uint8_t * info,
size_t infolen
)
Expand a pseudo random key into a new key.
Parameters:
- dest - destination where key is to be written
- destlen - length of the key to expand
- md - message digest to use
- secret - the secret to use
- secretlen - the length of the secret
- info - the info to use
- infolen - the length of the info
See:
Return: WOLFSSL_SUCCESS If successful.
function wolfSSL_quic_hkdf
int wolfSSL_quic_hkdf(
uint8_t * dest,
size_t destlen,
const WOLFSSL_EVP_MD * md,
const uint8_t * secret,
size_t secretlen,
const uint8_t * salt,
size_t saltlen,
const uint8_t * info,
size_t infolen
)
Expand and Extract a pseudo random key.
Parameters:
- dest - destination where key is to be written
- destlen - length of the key
- md - message digest to use
- secret - the secret to use
- secretlen - the length of the secret
- salt - the salt to use
- saltlen - the length of the salt
- info - the info to use
- infolen - the length of the info
See:
Return: WOLFSSL_SUCCESS If successful.
Attributes Documentation
variable set_encryption_secrets
int(*)(WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level, const uint8_t *read_secret, const uint8_t *write_secret, size_t secret_len) set_encryption_secrets;
Callback invoked when secrets are generated during a handshake. Since QUIC protocol handlers perform the en-/decryption of packets, they need the negotiated secrets for the levels early_data/handshake/application.
Parameters:
- ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
- level - the encryption level the secrets are for
- read_secret - the secret used in decryption at the given level, may be NULL.
- write_secret - the secret used in encryption at the given level, may be NULL.
- secret_len - the length of the secret
Return: 1 on success, 0 on failure.
The callback will be invoked several times during a handshake. Either both or only the read or write secret might be provided. This does not mean the given encryption level is already in effect.
variable add_handshake_data
int(*)(WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level, const uint8_t *data, size_t len) add_handshake_data;
Callback invoked for forwarding handshake CRYPTO data to peer. The data forwarded this way is not encrypted. It is the job of the QUIC protocol implementation to do this. Which secrets are to be used is determined by the encryption level specified.
Parameters:
- ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
- level - the encryption level to use for encrypting the data
- data - the data itself
- len - the length of the data
Return: 1 on success, 0 on failure.
This callback may be invoked several times during handshake or post handshake processing. The data may cover a complete CRYPTO record, but may also be partial. However, the callback will have received all records data before using another encryption level.
variable flush_flight
int(*)(WOLFSSL *ssl) flush_flight;
Callback invoked for advisory flushing of the data to send.
Parameters:
- ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
Return: 1 on success, 0 on failure.
variable send_alert
int(*)(WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level, uint8_t alert) send_alert;
Callback invoked when an SSL alert happened during processing.
Parameters:
- ssl - a pointer to a WOLFSSL structure, created using wolfSSL_new().
- level - the encryption level in effect when the alert happened
- alert - the error
Return: 1 on success, 0 on failure.
Source code
int (*set_encryption_secrets)(WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level,
const uint8_t *read_secret,
const uint8_t *write_secret, size_t secret_len);
int (*add_handshake_data)(WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level,
const uint8_t *data, size_t len);
int (*flush_flight)(WOLFSSL *ssl);
int (*send_alert)(WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level, uint8_t alert);
int wolfSSL_CTX_set_quic_method(WOLFSSL_CTX *ctx, const WOLFSSL_QUIC_METHOD *quic_method);
int wolfSSL_set_quic_method(WOLFSSL *ssl, const WOLFSSL_QUIC_METHOD *quic_method);
int wolfSSL_is_quic(WOLFSSL *ssl);
WOLFSSL_ENCRYPTION_LEVEL wolfSSL_quic_read_level(const WOLFSSL *ssl);
WOLFSSL_ENCRYPTION_LEVEL wolfSSL_quic_write_level(const WOLFSSL *ssl);
void wolfSSL_set_quic_use_legacy_codepoint(WOLFSSL *ssl, int use_legacy);
void wolfSSL_set_quic_transport_version(WOLFSSL *ssl, int version);
int wolfSSL_get_quic_transport_version(const WOLFSSL *ssl);
int wolfSSL_set_quic_transport_params(WOLFSSL *ssl, const uint8_t *params, size_t params_len);
int wolfSSL_get_peer_quic_transport_version(const WOLFSSL *ssl);
void wolfSSL_get_peer_quic_transport_params(const WOLFSSL *ssl, const uint8_t **out_params, size_t *out_params_len);
void wolfSSL_set_quic_early_data_enabled(WOLFSSL *ssl, int enabled);
size_t wolfSSL_quic_max_handshake_flight_len(const WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level);
int wolfSSL_provide_quic_data(WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level, const uint8_t *data, size_t len);
WOLFSSL_API int wolfSSL_process_quic_post_handshake(WOLFSSL *ssl);
int wolfSSL_quic_read_write(WOLFSSL *ssl);
const WOLFSSL_EVP_CIPHER *wolfSSL_quic_get_aead(WOLFSSL *ssl);
int wolfSSL_quic_aead_is_gcm(const WOLFSSL_EVP_CIPHER *aead_cipher);
int wolfSSL_quic_aead_is_ccm(const WOLFSSL_EVP_CIPHER *aead_cipher);
int wolfSSL_quic_aead_is_chacha20(const WOLFSSL_EVP_CIPHER *aead_cipher);
WOLFSSL_API size_t wolfSSL_quic_get_aead_tag_len(const WOLFSSL_EVP_CIPHER *aead_cipher);
WOLFSSL_API const WOLFSSL_EVP_MD *wolfSSL_quic_get_md(WOLFSSL *ssl);
const WOLFSSL_EVP_CIPHER *wolfSSL_quic_get_hp(WOLFSSL *ssl);
WOLFSSL_EVP_CIPHER_CTX *wolfSSL_quic_crypt_new(const WOLFSSL_EVP_CIPHER *cipher,
const uint8_t *key, const uint8_t *iv, int encrypt);
int wolfSSL_quic_aead_encrypt(uint8_t *dest, WOLFSSL_EVP_CIPHER_CTX *aead_ctx,
const uint8_t *plain, size_t plainlen,
const uint8_t *iv, const uint8_t *aad, size_t aadlen);
int wolfSSL_quic_aead_decrypt(uint8_t *dest, WOLFSSL_EVP_CIPHER_CTX *ctx,
const uint8_t *enc, size_t enclen,
const uint8_t *iv, const uint8_t *aad, size_t aadlen);
int wolfSSL_quic_hkdf_extract(uint8_t *dest, const WOLFSSL_EVP_MD *md,
const uint8_t *secret, size_t secretlen,
const uint8_t *salt, size_t saltlen);
int wolfSSL_quic_hkdf_expand(uint8_t *dest, size_t destlen,
const WOLFSSL_EVP_MD *md,
const uint8_t *secret, size_t secretlen,
const uint8_t *info, size_t infolen);
int wolfSSL_quic_hkdf(uint8_t *dest, size_t destlen,
const WOLFSSL_EVP_MD *md,
const uint8_t *secret, size_t secretlen,
const uint8_t *salt, size_t saltlen,
const uint8_t *info, size_t infolen);
Updated on 2024-12-30 at 01:17:00 +0000