785 wc_dtls_export func);
942 wolfSSL_method_func method,
943 unsigned char* buf,
unsigned int sz,
980 WOLFSSL_MEM_STATS* mem_stats);
1013 WOLFSSL_MEM_CONN_STATS* mem_stats);
1232 const char* path,
unsigned int flags);
1730 const char* file,
int format);
2722 int len,
int newSession);
2855 VerifyCallback verify_callback);
4890 char* buf,
int len);
5033 WOLFSSL_X509_STORE_CTX* ctx);
5063 unsigned long flag);
5157 WOLFSSL_BIGNUM *bn);
5292 WOLFSSL_CTX* ctx,
void* arg);
5497 int (*cb)(
const char *str,
size_t len,
void *u),
void *u);
5537 wc_psk_client_callback cb);
5576 wc_psk_client_callback);
5739 wc_psk_server_callback cb);
5783 wc_psk_server_callback cb);
6437 unsigned char* buf,
int inLen,
int* outLen);
6778 unsigned char* in,
int* inOutSz);
6861 WC_PKCS12** pkcs12);
6953 WOLFSSL_EVP_PKEY** pkey, WOLFSSL_X509** cert,
WOLF_STACK_OF(WOLFSSL_X509)** ca);
6985 const unsigned char* g,
int gSz);
7126 int pSz,
const unsigned char* g,
int gSz);
7171 long sz,
int format);
7728 long sz,
int format);
7780 long sz,
int format);
7840 const unsigned char* in,
long sz,
7841 int format,
int userChain, word32 flags);
7894 const unsigned char* in,
7895 long sz,
int format);
7942 const unsigned char* in,
long sz,
7992 const unsigned char* in,
long sz,
8041 const unsigned char* in,
long sz);
8088 long sz,
int format);
8137 long sz,
int format);
8183 const unsigned char* in,
long sz);
8321 const unsigned char* secret,
8322 unsigned int secretSz);
8602 CallbackDecryptVerify cb);
8968 word32 sz,
int content,
int verify);
9567 const unsigned char* in,
long sz,
int format);
9759 const unsigned char* buff,
long sz,
int format);
9823 unsigned char* der,
int sz);
9935 const char* path,
int type,
int monitor);
9972 const unsigned char* buff,
long sz,
10092 const byte* buff,
long sz,
int type)
10122 int wolfSSL_CertManagerFreeCRL(WOLFSSL_CERT_MANAGER* cm);
10158 unsigned char* der,
int sz);
10284 CbOCSPIO ioCb, CbOCSPRespFree respFreeCb,
10316 WOLFSSL_CERT_MANAGER* cm);
10818 CbOCSPIO ioCb, CbOCSPRespFree respFreeCb,
10946 const void* data,
unsigned short size);
10985 const void* data,
unsigned short size);
11034 unsigned char options);
11079 unsigned char type,
unsigned char options);
11120 const unsigned char* clientHello,
unsigned int helloSz,
11121 unsigned char type,
unsigned char* sni,
unsigned int* inOutSz);
11192 unsigned char type,
void** data);
11234 unsigned int protocol_name_listSz,
11235 unsigned char options);
11276 unsigned short *size);
11319 unsigned short *listSz);
11504 unsigned char status_type,
unsigned char options);
11545 unsigned char status_type,
unsigned char options);
11575 unsigned char status_type,
unsigned char options);
11610 unsigned char status_type,
unsigned char options);
11918 CallbackSessionTicket cb,
void* ctx);
12002 SessionTicketEncCb);
12150 unsigned int* total,
12151 unsigned int* peak,
12152 unsigned int* maxSessions);
12199 const unsigned char* pms, word32 pmsLen,
12200 const unsigned char* cr,
const unsigned char* sr,
12201 int tls1_2,
int hash_type);
12246 const unsigned char* ms, word32 msLen,
12247 const unsigned char* sr,
const unsigned char* cr,
12248 int tls1_2,
int hash_type);
12282 TimeoutCallBack toCb, WOLFSSL_TIMEVAL timeout);
12314 TimeoutCallBack toCb, WOLFSSL_TIMEVAL timeout);
12424 int nid,
int lastPos);
12457 int nid,
int* c,
int* idx);
12486 const WOLFSSL_EVP_MD* digest,
unsigned char* buf,
unsigned int* len);
12603 unsigned char* der,
long derSz);
12695 unsigned char* out,
int outSz);
12748 WOLFSSL_X509_STORE* str);
12864 unsigned char *out,
size_t outlen);
12898 unsigned char* out,
size_t outSz);
12978 (WOLFSSL_BIO *bp, WOLFSSL_X509 **x, wc_pem_password_cb *cb,
void *u);
13036 WOLFSSL_DSA **x, wc_pem_password_cb *cb,
void *u);
13359 const unsigned char* secret,
unsigned int secretSz);
14088 int sz,
int* outSz);
14167 wc_psk_client_tls13_callback cb);
14194 wc_psk_client_tls13_callback cb);
14222 wc_psk_server_tls13_callback cb);
14249 wc_psk_server_tls13_callback cb);
14578 const unsigned char** key,
unsigned int* keySz);
14591 const unsigned char** key,
unsigned int* keySz);
14614 unsigned int mLen,
unsigned char* sigRet,
14615 unsigned int* sigLen, WOLFSSL_RSA* rsa,
14616 int flag,
int padding);
14921 unsigned int size);
14943 unsigned int* size);
14966 unsigned int bufferSz);
15009 unsigned int bufferSz);
15053 const byte** suites, word16* suiteSz,
15054 const byte** hashSigAlgo, word16* hashSigAlgoSz);
15117 int* hashAlgo,
int* sigAlgo);
int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER *cm, const char *f, int format)
Specifies the certificate to verify with the Certificate Manager context. The format can be SSL_FILET...
int wolfSSL_CertManagerEnableOCSP(WOLFSSL_CERT_MANAGER *cm, int options)
Turns on OCSP if it’s turned off and if compiled with the set option available.
WOLFSSL_CERT_MANAGER * wolfSSL_CertManagerNew_ex(void *heap)
Allocates and initializes a new Certificate Manager context. This context may be used independent of ...
int wolfSSL_CertManagerLoadCRLBuffer(WOLFSSL_CERT_MANAGER *cm, const unsigned char *buff, long sz, int type)
The function loads the CRL file by calling BufferLoadCRL.
int wolfSSL_CertManagerDisableOCSP(WOLFSSL_CERT_MANAGER *)
Disables OCSP certificate revocation.
int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER *cm, const unsigned char *buff, long sz, int format)
Specifies the certificate buffer to verify with the Certificate Manager context. The format can be SS...
int wolfSSL_CertManagerSetOCSP_Cb(WOLFSSL_CERT_MANAGER *cm, CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void *ioCbCtx)
The function sets the OCSP callback in the WOLFSSL_CERT_MANAGER.
int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER *cm, const char *path, int type, int monitor)
Error checks and passes through to LoadCRL() in order to load the cert into the CRL for revocation ch...
int wolfSSL_CertManagerGetCRLInfo(WOLFSSL_CERT_MANAGER *cm, CrlInfo *info, const byte *buff, long sz, int type) int wolfSSL_CertManagerFreeCRL(WOLFSSL_CERT_MANAGER *cm)
This function yields a structure with parsed CRL information from an encoded CRL buffer.
int wolfSSL_CertManagerSetCRL_Cb(WOLFSSL_CERT_MANAGER *cm, CbMissingCRL cb)
This function sets the CRL Certificate Manager callback. If HAVE_CRL is defined and a matching CRL re...
int wolfSSL_CertManagerUnload_trust_peers(WOLFSSL_CERT_MANAGER *cm)
The function will free the Trusted Peer linked list and unlocks the trusted peer list.
int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER *cm, unsigned char *der, int sz)
The function enables the WOLFSSL_CERT_MANAGER’s member, ocspEnabled to signify that the OCSP check op...
int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER *cm, const char *f, const char *d)
Specifies the locations for CA certificate loading into the manager context. The PEM certificate CAfi...
void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER *)
Frees all resources associated with the Certificate Manager context. Call this when you no longer nee...
int wolfSSL_CertManagerUnloadCAs(WOLFSSL_CERT_MANAGER *cm)
This function unloads the CA signer list.
int wolfSSL_CertManagerUnloadIntermediateCerts(WOLFSSL_CERT_MANAGER *cm)
This function unloads intermediate certificates add to the CA signer list.
int wolfSSL_CertManagerDisableCRL(WOLFSSL_CERT_MANAGER *)
Turns off Certificate Revocation List checking when verifying certificates with the Certificate Manag...
int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER *cm, int options)
Turns on Certificate Revocation List checking when verifying certificates with the Certificate Manage...
int wolfSSL_CertManagerSetOCSPOverrideURL(WOLFSSL_CERT_MANAGER *cm, const char *url)
The function copies the url to the ocspOverrideURL member of the WOLFSSL_CERT_MANAGER structure.
int wolfSSL_CertManagerSetCRLUpdate_Cb(WOLFSSL_CERT_MANAGER *cm, CbUpdateCRL cb)
This function sets the CRL Update callback. If HAVE_CRL and HAVE_CRL_UPDATE_CB is defined ,...
int wolfSSL_CertManagerEnableOCSPStapling(WOLFSSL_CERT_MANAGER *cm)
This function turns on OCSP stapling if it is not turned on as well as set the options.
void wolfSSL_CertManagerSetVerify(WOLFSSL_CERT_MANAGER *cm, VerifyCallback vc)
The function sets the verifyCallback function in the Certificate Manager. If present,...
int wolfSSL_CertManagerLoadCABuffer(WOLFSSL_CERT_MANAGER *cm, const unsigned char *in, long sz, int format)
Loads the CA Buffer by calling wolfSSL_CTX_load_verify_buffer and returning that result using a tempo...
WOLFSSL_CERT_MANAGER * wolfSSL_CertManagerNew(void)
Allocates and initializes a new Certificate Manager context. This context may be used independent of ...
int wolfSSL_use_certificate_buffer(WOLFSSL *ssl, const unsigned char *in, long sz, int format)
This function loads a certificate buffer into the WOLFSSL object. It behaves like the non-buffered ve...
int wolfSSL_CTX_memsave_cert_cache(WOLFSSL_CTX *ctx, void *mem, int sz, int *used)
This function persists the certificate cache to memory.
int wolfSSL_X509_version(WOLFSSL_X509 *)
This function retrieves the version of the X509 certificate.
int wolfSSL_X509_STORE_add_cert(WOLFSSL_X509_STORE *store, WOLFSSL_X509 *x509)
This function adds a certificate to the WOLFSSL_X509_STRE structure.
int wolfSSL_X509_get_signature(WOLFSSL_X509 *x509, unsigned char *buf, int *bufSz)
Gets the X509 signature and stores it in the buffer.
int wolfSSL_X509_NAME_get_text_by_NID(WOLFSSL_X509_NAME *name, int nid, char *buf, int len)
This function gets the text related to the passed in NID value.
WOLFSSL_X509 * wolfSSL_d2i_X509_bio(WOLFSSL_BIO *bio, WOLFSSL_X509 **x509)
This function get the DER buffer from bio and converts it to a WOLFSSL_X509 structure.
int wolfSSL_use_RSAPrivateKey_ASN1(WOLFSSL *ssl, unsigned char *der, long derSz)
This is used to set the private key for the WOLFSSL structure. A DER formatted RSA key buffer is expe...
int wolfSSL_CTX_load_verify_locations_ex(WOLFSSL_CTX *ctx, const char *file, const char *path, unsigned int flags)
This function loads PEM-formatted CA certificate files into the SSL context (WOLFSSL_CTX)....
WOLFSSL_ASN1_TIME * wolfSSL_X509_get_notBefore(WOLFSSL_X509 *)
The function checks to see if x509 is NULL and if it’s not, it returns the notBefore member of the x5...
int wolfSSL_SetTmpDH_buffer(WOLFSSL *ssl, const unsigned char *b, long sz, int format)
The function calls the wolfSSL_SetTMpDH_buffer_wrapper, which is a wrapper for Diffie-Hellman paramet...
int wolfSSL_UnloadCertsKeys(WOLFSSL *)
This function unloads any certificates or keys that SSL owns.
int wolfSSL_SetTmpDH(WOLFSSL *ssl, const unsigned char *p, int pSz, const unsigned char *g, int gSz)
Server Diffie-Hellman Ephemeral parameters setting. This function sets up the group parameters to be ...
const char ** wolfSSL_get_system_CA_dirs(word32 *num)
This function returns a pointer to an array of strings representing directories wolfSSL will search f...
unsigned char * wolfSSL_X509_get_hw_serial_number(WOLFSSL_X509 *x509, unsigned char *in, int *inOutSz)
This function returns the hwSerialNum member of the x509 object.
int wolfSSL_CTX_SetMinRsaKey_Sz(WOLFSSL_CTX *ctx, short keySz)
Sets the minimum RSA key size in both the WOLFSSL_CTX structure and the WOLFSSL_CERT_MANAGER structur...
int wolfSSL_X509_digest(const WOLFSSL_X509 *x509, const WOLFSSL_EVP_MD *digest, unsigned char *buf, unsigned int *len)
This function returns the hash of the DER certificate.
char * wolfSSL_X509_get_subjectCN(WOLFSSL_X509 *)
Returns the common name of the subject from the certificate.
WOLFSSL_X509 * wolfSSL_PEM_read_bio_X509_AUX(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, wc_pem_password_cb *cb, void *u)
This function behaves the same as wolfSSL_PEM_read_bio_X509. AUX signifies containing extra informati...
int wolfSSL_make_eap_keys(WOLFSSL *ssl, void *key, unsigned int len, const char *label)
This function is used by EAP_TLS and EAP-TTLS to derive keying material from the master secret.
int wolfSSL_use_PrivateKey_buffer(WOLFSSL *ssl, const unsigned char *in, long sz, int format)
This function loads a private key buffer into the WOLFSSL object. It behaves like the non-buffered ve...
int wolfSSL_use_PrivateKey_ASN1(int pri, WOLFSSL *ssl, unsigned char *der, long derSz)
This is used to set the private key for the WOLFSSL structure. A DER formatted key buffer is expected...
WOLFSSL_STACK * wolfSSL_X509_STORE_CTX_get_chain(WOLFSSL_X509_STORE_CTX *ctx)
This function is a getter function for chain variable in WOLFSSL_X509_STORE_CTX structure....
int wolfSSL_use_psk_identity_hint(WOLFSSL *ssl, const char *hint)
This function stores the hint argument in the server_hint member of the Arrays structure within the W...
int wolfSSL_SetMinRsaKey_Sz(WOLFSSL *ssl, short keySz)
Sets the minimum allowable key size in bits for RSA located in the WOLFSSL structure.
void wolfSSL_CTX_SetCertCbCtx(WOLFSSL_CTX *ctx, void *userCtx)
This function stores user CTX object information for verify callback.
int wolfSSL_X509_get_isCA(WOLFSSL_X509 *cert)
Checks the isCa member of the WOLFSSL_X509 structure and returns the value.
int wolfSSL_GetDhKey_Sz(WOLFSSL *)
Returns the value of dhKeySz (in bits) that is a member of the options structure. This value represen...
WOLFSSL_X509 * wolfSSL_X509_load_certificate_file(const char *fname, int format)
The function loads the x509 certificate into memory.
int wolfSSL_SetTmpDH_file(WOLFSSL *ssl, const char *f, int format)
This function calls wolfSSL_SetTmpDH_file_wrapper to set server Diffie-Hellman parameters.
int wolfSSL_CTX_use_certificate_file(WOLFSSL_CTX *ctx, const char *file, int format)
This function loads a certificate file into the SSL context (WOLFSSL_CTX). The file is provided by th...
unsigned char * wolfSSL_X509_get_device_type(WOLFSSL_X509 *x509, unsigned char *in, int *inOutSz)
This function copies the device type from the x509 structure to the buffer.
int wolfSSL_use_certificate_chain_buffer(WOLFSSL *ssl, const unsigned char *in, long sz)
This function loads a certificate chain buffer into the WOLFSSL object. It behaves like the non-buffe...
int wolfSSL_CTX_get_cert_cache_memsize(WOLFSSL_CTX *ctx)
Returns the size the certificate cache save buffer needs to be.
int wolfSSL_CTX_SetMinEccKey_Sz(WOLFSSL_CTX *ssl, short keySz)
Sets the minimum size in bits for the ECC key in the WOLF_CTX structure and the WOLFSSL_CERT_MANAGER ...
WOLFSSL_X509_NAME * wolfSSL_X509_get_subject_name(WOLFSSL_X509 *cert)
This function returns the subject member of the WOLFSSL_X509 structure.
WOLFSSL_DSA * wolfSSL_PEM_read_bio_DSAparams(WOLFSSL_BIO *bp, WOLFSSL_DSA **x, wc_pem_password_cb *cb, void *u)
This function get the DSA parameters from a PEM buffer in bio.
WOLFSSL_X509 * wolfSSL_get_peer_certificate(WOLFSSL *ssl)
This function gets the peer’s certificate.
int wolfSSL_CTX_load_verify_chain_buffer_format(WOLFSSL_CTX *ctx, const unsigned char *in, long sz, int format)
This function loads a CA certificate chain buffer into the WOLFSSL Context. It behaves like the non-b...
int wolfSSL_CTX_use_certificate_chain_file(WOLFSSL_CTX *ctx, const char *file)
This function loads a chain of certificates into the SSL context (WOLFSSL_CTX). The file containing t...
int wolfSSL_CTX_SetMinDhKey_Sz(WOLFSSL_CTX *ctx, word16)
This function sets the minimum size (in bits) of the Diffie Hellman key size by accessing the minDhKe...
int wolfSSL_CTX_SetTmpDH(WOLFSSL_CTX *ctx, const unsigned char *p, int pSz, const unsigned char *g, int gSz)
Sets the parameters for the server CTX Diffie-Hellman.
int wolfSSL_CTX_load_verify_buffer_ex(WOLFSSL_CTX *ctx, const unsigned char *in, long sz, int format, int userChain, word32 flags)
This function loads a CA certificate buffer into the WOLFSSL Context. It behaves like the non-buffere...
WOLFSSL_X509 * wolfSSL_X509_d2i_fp(WOLFSSL_X509 **x509, FILE *file)
If NO_STDIO_FILESYSTEM is defined this function will allocate heap memory, initialize a WOLFSSL_X509 ...
const byte * wolfSSL_X509_notBefore(WOLFSSL_X509 *x509)
This function the certificate "not before" validity encoded as a byte array.
WOLF_STACK_OF(WOLFSSL_X509) *wolfSSL_get_peer_cert_chain(const WOLFSSL *)
This function gets the peer’s certificate chain.
char * wolfSSL_X509_get_next_altname(WOLFSSL_X509 *)
This function returns the next, if any, altname from the peer certificate.
int wolfSSL_CTX_SetTmpDH_file(WOLFSSL_CTX *ctx, const char *f, int format)
The function calls wolfSSL_SetTmpDH_file_wrapper to set the server Diffie-Hellman parameters.
int wolfSSL_CTX_save_cert_cache(WOLFSSL_CTX *ctx, const char *fname)
This function writes the cert cache from memory to file.
char * wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME *name, char *in, int sz)
This function copies the name of the x509 into a buffer.
WOLFSSL_X509_NAME * wolfSSL_X509_get_issuer_name(WOLFSSL_X509 *cert)
This function returns the name of the certificate issuer.
int wolfSSL_CTX_load_verify_buffer(WOLFSSL_CTX *ctx, const unsigned char *in, long sz, int format)
This function loads a CA certificate buffer into the WOLFSSL Context. It behaves like the non-buffere...
int wolfSSL_CTX_load_system_CA_certs(WOLFSSL_CTX *ctx)
On most platforms (including Linux and Windows), this function attempts to load CA certificates into ...
void wolfSSL_FreeArrays(WOLFSSL *)
Normally, at the end of the SSL handshake, wolfSSL frees temporary arrays. If wolfSSL_KeepArrays() ha...
WOLFSSL_DH * wolfSSL_DSA_dup_DH(const WOLFSSL_DSA *r)
This function duplicates the parameters in dsa to a newly created WOLFSSL_DH structure.
int wolfSSL_use_PrivateKey(WOLFSSL *ssl, WOLFSSL_EVP_PKEY *pkey)
This is used to set the private key for the WOLFSSL structure.
int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX *ctx, const char *file, int format)
This function loads a private key file into the SSL context (WOLFSSL_CTX). The file is provided by th...
const char * wolfSSL_get_psk_identity(const WOLFSSL *)
The function returns a constant pointer to the client_identity member of the Arrays structure.
int wolfSSL_X509_get_ext_by_NID(const WOLFSSL_X509 *x509, int nid, int lastPos)
This function looks for and returns the extension index matching the passed in NID value.
const byte * wolfSSL_X509_notAfter(WOLFSSL_X509 *x509)
This function the certificate "not after" validity encoded as a byte array.
WOLFSSL_X509 * wolfSSL_get_chain_X509(WOLFSSL_X509_CHAIN *chain, int idx)
This function gets the peer’s wolfSSL_X509_certificate at index (idx) from the chain of certificates.
const char * wolfSSL_get_psk_identity_hint(const WOLFSSL *)
This function returns the psk identity hint.
int wolfSSL_SetMaxDhKey_Sz(WOLFSSL *ssl, word16 keySz_bits)
Sets the maximum size (in bits) for a Diffie-Hellman key in the WOLFSSL structure.
int wolfSSL_CTX_SetTmpDH_buffer(WOLFSSL_CTX *ctx, const unsigned char *b, long sz, int format)
A wrapper function that calls wolfSSL_SetTmpDH_buffer_wrapper.
int wolfSSL_CTX_der_load_verify_locations(WOLFSSL_CTX *ctx, const char *file, int format)
This function is similar to wolfSSL_CTX_load_verify_locations, but allows the loading of DER-formatte...
int wolfSSL_DeriveTlsKeys(unsigned char *key_data, word32 keyLen, const unsigned char *ms, word32 msLen, const unsigned char *sr, const unsigned char *cr, int tls1_2, int hash_type)
An external facing wrapper to derive TLS Keys.
void wolfSSL_KeepArrays(WOLFSSL *)
Normally, at the end of the SSL handshake, wolfSSL frees temporary arrays. Calling this function befo...
int wolfSSL_X509_STORE_set_flags(WOLFSSL_X509_STORE *store, unsigned long flag)
This function takes in a flag to change the behavior of the WOLFSSL_X509_STORE structure passed in....
int wolfSSL_SetMinDhKey_Sz(WOLFSSL *ssl, word16 keySz_bits)
Sets the minimum size (in bits) for a Diffie-Hellman key in the WOLFSSL structure.
int wolfSSL_CTX_use_psk_identity_hint(WOLFSSL_CTX *ctx, const char *hint)
This function stores the hint argument in the server_hint member of the WOLFSSL_CTX structure.
int wolfSSL_X509_get_signature_type(WOLFSSL_X509 *cert)
This function returns the value stored in the sigOID member of the WOLFSSL_X509 structure.
int wolfSSL_CTX_use_certificate_chain_buffer(WOLFSSL_CTX *ctx, const unsigned char *in, long sz)
This function loads a certificate chain buffer into the WOLFSSL Context. It behaves like the non-buff...
int wolfSSL_CTX_use_certificate_buffer(WOLFSSL_CTX *ctx, const unsigned char *in, long sz, int format)
This function loads a certificate buffer into the WOLFSSL Context. It behaves like the non-buffered v...
WOLFSSL_ASN1_TIME * wolfSSL_X509_get_notAfter(WOLFSSL_X509 *)
This function checks to see if x509 is NULL and if it’s not, it returns the notAfter member of the x5...
const unsigned char * wolfSSL_X509_get_der(WOLFSSL_X509 *x509, int *outSz)
This function gets the DER encoded certificate in the WOLFSSL_X509 struct.
int wolfSSL_CTX_restore_cert_cache(WOLFSSL_CTX *ctx, const char *fname)
This function persistes certificate cache from a file.
int wolfSSL_SetMinEccKey_Sz(WOLFSSL *ssl, short keySz)
Sets the value of the minEccKeySz member of the options structure. The options struct is a member of ...
int wolfSSL_GetIVSize(WOLFSSL *)
Returns the iv_size member of the specs structure held in the WOLFSSL struct.
void wolfSSL_SetCertCbCtx(WOLFSSL *ssl, void *ctx)
This function stores user CTX object information for verify callback.
int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX *ctx, const char *file, const char *path)
This function loads PEM-formatted CA certificate files into the SSL context (WOLFSSL_CTX)....
long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX *ctx, WOLFSSL_DH *dh)
Initializes the WOLFSSL_CTX structure’s dh member with the Diffie-Hellman parameters.
int wolfSSL_CTX_use_PrivateKey_buffer(WOLFSSL_CTX *ctx, const unsigned char *in, long sz, int format)
This function loads a private key buffer into the SSL Context. It behaves like the non-buffered versi...
void * wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509 *x509, int nid, int *c, int *idx)
This function looks for and returns the extension matching the passed in NID value.
int wolfSSL_CTX_SetMaxDhKey_Sz(WOLFSSL_CTX *ctx, word16 keySz_bits)
This function sets the maximum size (in bits) of the Diffie Hellman key size by accessing the maxDhKe...
unsigned char * wolfSSL_X509_get_hw_type(WOLFSSL_X509 *x509, unsigned char *in, int *inOutSz)
The function copies the hwType member of the WOLFSSL_X509 structure to the buffer.
void wolfSSL_ERR_print_errors_fp(XFILE fp, int err)
This function converts an error code returned by wolfSSL_get_error() into a more human-readable error...
void wolfSSL_ERR_print_errors_cb(int(*cb)(const char *str, size_t len, void *u), void *u)
This function uses the provided callback to handle error reporting. The callback function is executed...
void wolfSSL_ERR_error_string_n(unsigned long e, char *buf, unsigned long sz)
This function is a version of wolfSSL_ERR_error_string() where len specifies the maximum number of ch...
int wolfSSL_want_write(WOLFSSL *)
This function is similar to calling wolfSSL_get_error() and getting SSL_ERROR_WANT_WRITE in return....
unsigned long wolfSSL_ERR_peek_last_error(void)
This function returns the absolute value of the last error from WOLFSSL_ERROR encountered.
void wolfSSL_load_error_strings(void)
This function is for OpenSSL compatibility (SSL_load_error_string) only and takes no action.
char * wolfSSL_ERR_error_string(unsigned long errNumber, char *data)
This function converts an error code returned by wolfSSL_get_error() into a more human-readable error...
int wolfSSL_want_read(WOLFSSL *)
This function is similar to calling wolfSSL_get_error() and getting SSL_ERROR_WANT_READ in return....
int wolfSSL_get_error(WOLFSSL *ssl, int ret)
This function returns a unique error code describing why the previous API function call (wolfSSL_conn...
int wolfSSL_PrintSessionStats(void)
This function prints the statistics from the session.
WOLFSSL_CIPHER * wolfSSL_get_current_cipher(WOLFSSL *ssl)
This function returns a pointer to the current cipher in the ssl session.
int wolfSSL_writev(WOLFSSL *ssl, const struct iovec *iov, int iovcnt)
Simulates writev semantics but doesn’t actually do block at a time because of SSL_write() behavior an...
int wolfSSL_restore_session_cache(const char *fname)
This function restores the persistent session cache from file. It does not use memstore because of ad...
int wolfSSL_memsave_session_cache(void *mem, int sz)
This function persists session cache to memory.
word32 wolfSSL_lib_version_hex(void)
This function returns the current library version in hexadecimal notation.
int wolfSSL_get_using_nonblock(WOLFSSL *)
This function allows the application to determine if wolfSSL is using non-blocking I/O....
const char * wolfSSL_get_version(WOLFSSL *ssl)
Returns the SSL version being used as a string.
long wolfSSL_BIO_set_mem_eof_return(WOLFSSL_BIO *bio, int v)
This is used to set the end of file value. Common value is -1 so as not to get confused with expected...
int wolfSSL_memrestore_session_cache(const void *mem, int sz)
This function restores the persistent session cache from memory.
const char * wolfSSL_CIPHER_get_name(const WOLFSSL_CIPHER *cipher)
This function matches the cipher suite in the SSL object with the available suites and returns the st...
int wolfSSL_send(WOLFSSL *ssl, const void *data, int sz, int flags)
This function writes sz bytes from the buffer, data, to the SSL connection, ssl, using the specified ...
int wolfSSL_save_session_cache(const char *fname)
This function persists the session cache to file. It doesn’t use memsave because of additional memory...
const char * wolfSSL_get_cipher_name(WOLFSSL *ssl)
This function gets the cipher name in the format DHE-RSA by passing through argument to wolfSSL_get_c...
int wolfSSL_read_early_data(WOLFSSL *ssl, void *data, int sz, int *outSz)
This function reads any early data from a client on resumption. Call this function instead of wolfSSL...
int wolfSSL_BIO_ctrl_reset_read_request(WOLFSSL_BIO *bio)
This is used to set the read request flag back to 0.
int wolfSSL_get_alert_history(WOLFSSL *ssl, WOLFSSL_ALERT_HISTORY *h)
This function gets the alert history.
int wolfSSL_BIO_nread0(WOLFSSL_BIO *bio, char **buf)
This is used to get a buffer pointer for reading from. Unlike wolfSSL_BIO_nread the internal read ind...
int wolfSSL_connect_TLSv13(WOLFSSL *)
This function is called on the client side and initiates a TLS v1.3 handshake with a server....
int wolfSSL_key_update_response(WOLFSSL *ssl, int *required)
This function is called on a TLS v1.3 client or server wolfSSL to determine whether a rollover of key...
size_t wolfSSL_BIO_ctrl_pending(WOLFSSL_BIO *b)
Gets the number of pending bytes to read. If BIO type is BIO_BIO then is the number to read from pair...
long wolfSSL_BIO_get_mem_ptr(WOLFSSL_BIO *bio, WOLFSSL_BUF_MEM **m)
This is a getter function for WOLFSSL_BIO memory pointer.
int wolfSSL_update_keys(WOLFSSL *ssl)
This function is called on a TLS v1.3 client or server wolfSSL to force the rollover of keys....
int wolfSSL_pending(WOLFSSL *)
This function returns the number of bytes which are buffered and available in the SSL object to be re...
int wolfSSL_BIO_set_write_buf_size(WOLFSSL_BIO *b, long size)
This is used to set the size of write buffer for a WOLFSSL_BIO. If write buffer has been previously s...
unsigned char wolfSSL_SNI_Status(WOLFSSL *ssl, unsigned char type)
This function gets the status of an SNI object.
int wolfSSL_BIO_get_mem_data(WOLFSSL_BIO *bio, void *p)
This is used to set a byte pointer to the start of the internal memory buffer.
int wolfSSL_set_SessionTicket(WOLFSSL *ssl, const unsigned char *buf, word32 bufSz)
This function sets the ticket member of the WOLFSSL_SESSION structure within the WOLFSSL struct....
const char * wolfSSL_lib_version(void)
This function returns the current library version.
void wolfSSL_flush_sessions(WOLFSSL_CTX *ctx, long tm)
This function flushes session from the session cache which have expired. The time,...
int wolfSSL_BIO_make_bio_pair(WOLFSSL_BIO *b1, WOLFSSL_BIO *b2)
This is used to pair two bios together. A pair of bios acts similar to a two way pipe writing to one ...
int wolfSSL_GetSessionIndex(WOLFSSL *ssl)
This function gets the session index of the WOLFSSL structure.
int wolfSSL_connect(WOLFSSL *ssl)
This function is called on the client side and initiates an SSL/TLS handshake with a server....
int wolfSSL_request_certificate(WOLFSSL *ssl)
This function requests a client certificate from the TLS v1.3 client. This is useful when a web serve...
int wolfSSL_connect_cert(WOLFSSL *ssl)
This function is called on the client side and initiates an SSL/TLS handshake with a server only long...
int wolfSSL_BIO_write_filename(WOLFSSL_BIO *bio, char *name)
This is used to set and write to a file. WIll overwrite any data currently in the file and is set to ...
WOLFSSL_BIO_METHOD * wolfSSL_BIO_s_socket(void)
This is used to get a BIO_SOCKET type WOLFSSL_BIO_METHOD.
int wolfSSL_get_current_cipher_suite(WOLFSSL *ssl)
Returns the current cipher suit an ssl session is using.
WOLFSSL_X509_CHAIN * wolfSSL_SESSION_get_peer_chain(WOLFSSL_SESSION *session)
Returns the peer certificate chain from the WOLFSSL_SESSION struct.
void * wolfSSL_get_jobject(WOLFSSL *ssl)
This function returns the jObjectRef member of the WOLFSSL structure.
long wolfSSL_get_verify_depth(WOLFSSL *ssl)
This function returns the maximum chain depth allowed, which is 9 by default, for a valid session i....
int wolfSSL_get_session_cache_memsize(void)
This function returns how large the session cache save buffer should be.
const char * wolfSSL_get_cipher(WOLFSSL *)
This function matches the cipher suite in the SSL object with the available suites.
int wolfSSL_Rehandshake(WOLFSSL *ssl)
This function executes a secure renegotiation handshake; this is user forced as wolfSSL discourages t...
int wolfSSL_read(WOLFSSL *ssl, void *data, int sz)
This function reads sz bytes from the SSL session (ssl) internal read buffer into the buffer data....
wolfSSL_accept_TLSv13(WOLFSSL *ssl)
This function is called on the server side and waits for a SSL/TLS client to initiate the SSL/TLS han...
int wolfSSL_BIO_reset(WOLFSSL_BIO *bio)
Resets bio to an initial state. As an example for type BIO_BIO this resets the read and write index.
int wolfSSL_BIO_seek(WOLFSSL_BIO *bio, int ofs)
This function adjusts the file pointer to the offset given. This is the offset from the head of the f...
int wolfSSL_UseSecureRenegotiation(WOLFSSL *ssl)
This function forces secure renegotiation for the supplied WOLFSSL structure. This is not recommended...
int wolfSSL_BIO_nwrite(WOLFSSL_BIO *bio, char **buf, int num)
Gets a pointer to the buffer for writing as many bytes as returned by the function....
int wolfSSL_session_reused(WOLFSSL *ssl)
This function returns the resuming member of the options struct. The flag indicates whether or not to...
int wolfSSL_recv(WOLFSSL *ssl, void *data, int sz, int flags)
This function reads sz bytes from the SSL session (ssl) internal read buffer into the buffer data usi...
int wolfSSL_GetSessionAtIndex(int index, WOLFSSL_SESSION *session)
This function gets the session at specified index of the session cache and copies it into memory....
int wolfSSL_get_session_stats(unsigned int *active, unsigned int *total, unsigned int *peak, unsigned int *maxSessions)
This function gets the statistics for the session.
WOLFSSL_SESSION * wolfSSL_get_session(WOLFSSL *ssl)
When NO_SESSION_CACHE_REF is defined this function returns a pointer to the current session (WOLFSSL_...
long wolfSSL_BIO_set_fd(WOLFSSL_BIO *b, int fd, int flag)
Sets the file descriptor for bio to use.
int wolfSSL_get_SessionTicket(WOLFSSL *ssl, unsigned char *buf, word32 *bufSz)
This function copies the ticket member of the Session structure to the buffer.
long wolfSSL_BIO_get_fp(WOLFSSL_BIO *bio, XFILE *fp)
This is used to get the internal file pointer for a BIO.
int wolfSSL_BIO_nread(WOLFSSL_BIO *bio, char **buf, int num)
This is used to get a buffer pointer for reading from. The internal read index is advanced by the num...
int wolfSSL_get_fd(const WOLFSSL *)
This function returns the file descriptor (fd) used as the input/output facility for the SSL connecti...
int wolfSSL_write(WOLFSSL *ssl, const void *data, int sz)
This function writes sz bytes from the buffer, data, to the SSL connection, ssl. If necessary,...
int wolfSSL_get_ciphers(char *buf, int len)
This function gets the ciphers enabled in wolfSSL.
char * wolfSSL_get_cipher_list(int priority)
Get the name of cipher at priority level passed in.
int wolfSSL_write_early_data(WOLFSSL *ssl, const void *data, int sz, int *outSz)
This function writes early data to the server on resumption. Call this function instead of wolfSSL_co...
int wolfSSL_set_jobject(WOLFSSL *ssl, void *objPtr)
This function sets the jObjectRef member of the WOLFSSL structure.
int wolfSSL_UseSessionTicket(WOLFSSL *ssl)
Force provided WOLFSSL structure to use session ticket. The constant HAVE_SESSION_TICKET should be de...
int wolfSSL_BIO_set_close(WOLFSSL_BIO *b, long flag)
Sets the close flag, used to indicate that the i/o stream should be closed when the BIO is freed.
long wolfSSL_BIO_set_fp(WOLFSSL_BIO *bio, XFILE fp, int c)
This is used to set the internal file pointer for a BIO.
int wolfSSL_accept(WOLFSSL *)
This function is called on the server side and waits for an SSL client to initiate the SSL/TLS handsh...
int wolfSSL_negotiate(WOLFSSL *ssl)
Performs the actual connect or accept based on the side of the SSL method. If called from the client ...
int wolfSSL_peek(WOLFSSL *ssl, void *data, int sz)
This function copies sz bytes from the SSL session (ssl) internal read buffer into the buffer data....
WOLFSSL_METHOD * wolfDTLS_server_method(void)
The wolfDTLS_server_method() function is used to indicate that the application is a server and will s...
void wolfSSL_set_psk_client_tls13_callback(WOLFSSL *ssl, wc_psk_client_tls13_callback cb)
This function sets the Pre-Shared Key (PSK) client side callback for TLS v1.3 connections....
WOLFSSL_METHOD * wolfDTLSv1_server_method(void)
The wolfDTLSv1_server_method() function is used to indicate that the application is a server and will...
int wolfSSL_CTX_allow_anon_cipher(WOLFSSL_CTX *)
This function enables the havAnon member of the CTX structure if HAVE_ANON is defined during compilat...
int wolfSSL_set_server_cert_type(WOLFSSL *ssl, const char *buf, int len)
In case this function is called in a server side, set certificate types that can be sent to its peer....
WOLFSSL_METHOD * wolfDTLSv1_client_method(void)
The wolfDTLSv1_client_method() function is used to indicate that the application is a client and will...
int wolfSSL_CTX_set_read_ahead(WOLFSSL_CTX *ctx, int v)
This function sets the read ahead flag in the WOLFSSL_CTX structure.
void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX *ctx, WOLFSSL_X509_STORE *str)
This is a setter function for the WOLFSSL_X509_STORE structure in ctx.
WOLFSSL_METHOD * wolfDTLS_client_method(void)
The wolfDTLS_client_method() function is used to indicate that the application is a client and will s...
int wolfSSL_dtls_set_timeout_init(WOLFSSL *ssl, int)
This function sets the dtls timeout.
long wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg(WOLFSSL_CTX *ctx, void *arg)
This function sets the optional argument to be passed to the PRF callback.
int wolfSSL_CTX_no_ticket_TLSv13(WOLFSSL_CTX *ctx)
This function is called on the server to stop it from sending a resumption session ticket once the ha...
int wolfSSL_use_certificate(WOLFSSL *ssl, WOLFSSL_X509 *x509)
his is used to set the certificate for WOLFSSL structure to use during a handshake.
void wolfSSL_CTX_set_verify(WOLFSSL_CTX *ctx, int mode, VerifyCallback verify_callback)
This function sets the verification method for remote peers and also allows a verify callback to be r...
WOLFSSL_METHOD * wolfDTLSv1_3_client_method(void)
The wolfDTLSv1_3_client_method() function is used to indicate that the application is a client and wi...
int wolfSSL_set_compression(WOLFSSL *ssl)
Turns on the ability to use compression for the SSL connection. Both sides must have compression turn...
long wolfSSL_CTX_set_session_cache_mode(WOLFSSL_CTX *ctx, long mode)
This function enables or disables SSL session caching. Behavior depends on the value used for mode....
WOLFSSL_METHOD * wolfSSLv23_server_method(void)
The wolfSSLv23_server_method() function is used to indicate that the application is a server and will...
int wolfSSL_use_old_poly(WOLFSSL *ssl, int value)
Since there is some differences between the first release and newer versions of chacha-poly AEAD cons...
int wolfSSL_CTX_UnloadCAs(WOLFSSL_CTX *)
This function unloads the CA signer list and frees the whole signer table.
int wolfSSL_UseALPN(WOLFSSL *ssl, char *protocol_name_list, unsigned int protocol_name_listSz, unsigned char options)
Setup ALPN use for a wolfSSL session.
int wolfSSL_set_group_messages(WOLFSSL *)
This function turns on grouping of handshake messages where possible.
int wolfSSL_CTX_get_read_ahead(WOLFSSL_CTX *ctx)
This function returns the get read ahead flag from a WOLFSSL_CTX structure.
WOLFSSL_SESSION * wolfSSL_get1_session(WOLFSSL *ssl)
This function returns the WOLFSSL_SESSION from the WOLFSSL structure as a reference type....
int wolfSSL_CTX_SetMinVersion(WOLFSSL_CTX *ctx, int version)
This function sets the minimum downgrade version allowed. Applicable only when the connection allows ...
int wolfSSL_set_fd(WOLFSSL *ssl, int fd)
This function assigns a file descriptor (fd) as the input/output facility for the SSL connection....
int wolfSSL_set_client_cert_type(WOLFSSL *ssl, const char *buf, int len)
In case this function is called in a client side, set certificate types that can be sent to its peer....
int wolfSSL_CTX_trust_peer_cert(WOLFSSL_CTX *ctx, const char *file, int type)
This function loads a certificate to use for verifying a peer when performing a TLS/SSL handshake....
WOLFSSL_METHOD * wolfTLSv1_3_method(void)
This function returns a WOLFSSL_METHOD similar to wolfTLSv1_3_client_method except that it is not det...
int wolfSSL_set_groups(WOLFSSL *ssl, int *groups, int count)
This function sets the list of elliptic curve groups to allow on a wolfSSL. The list is an array of g...
WOLFSSL_BIGNUM * wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai, WOLFSSL_BIGNUM *bn)
This function is used to copy a WOLFSSL_ASN1_INTEGER value to a WOLFSSL_BIGNUM structure.
long wolfSSL_CTX_add_extra_chain_cert(WOLFSSL_CTX *ctx, WOLFSSL_X509 *x509)
This function adds the certificate to the internal chain being built in the WOLFSSL_CTX structure.
int wolfSSL_set_timeout(WOLFSSL *ssl, unsigned int to)
This function sets the SSL session timeout value in seconds.
WOLFSSL_METHOD * wolfTLSv1_client_method(void)
The wolfTLSv1_client_method() function is used to indicate that the application is a client and will ...
size_t wolfSSL_get_server_random(const WOLFSSL *ssl, unsigned char *out, size_t outlen)
This is used to get the random data sent by the server during the handshake.
long wolfSSL_get_verify_result(const WOLFSSL *ssl)
This is used to get the results after trying to verify the peer's certificate.
int wolfSSL_CTX_allow_post_handshake_auth(WOLFSSL_CTX *ctx)
This function is called on a TLS v1.3 client wolfSSL context to allow a client certificate to be sent...
int wolfSSL_CTX_set_client_cert_type(WOLFSSL_CTX *ctx, const char *buf, int len)
In case this function is called in a client side, set certificate types that can be sent to its peer....
int wolfSSL_set_msg_callback(WOLFSSL *ssl, SSL_Msg_Cb cb)
This function sets a callback in the ssl. The callback is to observe handshake messages....
int wolfSSL_state(WOLFSSL *ssl)
This is used to get the internal error state of the WOLFSSL structure.
WOLFSSL_METHOD * wolfTLSv1_1_client_method(void)
The wolfTLSv1_1_client_method() function is used to indicate that the application is a client and wil...
int wolfSSL_CTX_no_dhe_psk(WOLFSSL_CTX *ctx)
This function is called on a TLS v1.3 wolfSSL context to disallow Diffie-Hellman (DH) style key excha...
WOLFSSL_METHOD * wolfSSLv23_method(void)
This function returns a WOLFSSL_METHOD similar to wolfSSLv23_client_method except that it is not dete...
int wolfSSL_CTX_set_groups(WOLFSSL_CTX *ctx, int *groups, int count)
This function sets the list of elliptic curve groups to allow on a wolfSSL context in order of prefer...
long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX *ctx)
This function gets the certificate chaining depth using the CTX structure.
long wolfSSL_get_options(const WOLFSSL *ssl)
This function returns the current options mask.
void wolfSSL_set_using_nonblock(WOLFSSL *ssl, int nonblock)
This function informs the WOLFSSL object that the underlying I/O is non-blocking. After an applicatio...
void wolfSSL_free(WOLFSSL *)
This function frees an allocated wolfSSL object.
int wolfSSL_use_certificate_ASN1(WOLFSSL *ssl, unsigned char *der, int derSz)
This is used to set the certificate for WOLFSSL structure to use during a handshake....
WOLFSSL_METHOD * wolfTLSv1_3_client_method(void)
This function is used to indicate that the application is a client and will only support the TLS 1....
int wolfSSL_set1_groups_list(WOLFSSL *ssl, char *list)
This function sets the list of elliptic curve groups to allow on a wolfSSL in order of preference....
int wolfSSL_send_hrr_cookie(WOLFSSL *ssl, const unsigned char *secret, unsigned int secretSz)
This function is called on the server side to indicate that a HelloRetryRequest message must contain ...
void wolfSSL_CTX_set_psk_server_tls13_callback(WOLFSSL_CTX *ctx, wc_psk_server_tls13_callback cb)
This function sets the Pre-Shared Key (PSK) server side callback for TLS v1.3 connections....
WOLFSSL_METHOD * wolfTLSv1_server_method(void)
The wolfTLSv1_server_method() function is used to indicate that the application is a server and will ...
int wolfSSL_CTX_set1_groups_list(WOLFSSL_CTX *ctx, char *list)
This function sets the list of elliptic curve groups to allow on a wolfSSL context in order of prefer...
int wolfSSL_set_session(WOLFSSL *ssl, WOLFSSL_SESSION *session)
This function sets the session to be used when the SSL object, ssl, is used to establish a SSL/TLS co...
int wolfSSL_no_dhe_psk(WOLFSSL *ssl)
This function is called on a TLS v1.3 client or server wolfSSL to disallow Diffie-Hellman (DH) style ...
int wolfSSL_disable_hrr_cookie(WOLFSSL *ssl)
This function is called on the server side to indicate that a HelloRetryRequest message must NOT cont...
WOLFSSL_METHOD * wolfDTLSv1_3_server_method(void)
The wolfDTLSv1_3_server_method() function is used to indicate that the application is a server and wi...
int wolfSSL_allow_post_handshake_auth(WOLFSSL *ssl)
This function is called on a TLS v1.3 client wolfSSL to allow a client certificate to be sent post ha...
int wolfSSL_SESSION_get_master_key_length(const WOLFSSL_SESSION *ses)
This is used to get the master secret key length.
size_t wolfSSL_get_client_random(const WOLFSSL *ssl, unsigned char *out, size_t outSz)
This is used to get the random data sent by the client during the handshake.
int wolfSSL_set_cipher_list(WOLFSSL *ssl, const char *list)
This function sets cipher suite list for a given WOLFSSL object (SSL session). The ciphers in the lis...
int wolfSSL_CTX_UnloadIntermediateCerts(WOLFSSL_CTX *ctx)
This function unloads intermediate certificates added to the CA signer list and frees them.
int wolfSSL_set_max_early_data(WOLFSSL *ssl, unsigned int sz)
This function sets the maximum amount of early data that a TLS v1.3 client or server is willing to ex...
WOLFSSL_METHOD * wolfTLSv1_2_client_method(void)
The wolfTLSv1_2_client_method() function is used to indicate that the application is a client and wil...
int wolfSSL_no_ticket_TLSv13(WOLFSSL *ssl)
This function is called on the server to stop it from sending a resumption session ticket once the ha...
WOLFSSL_METHOD * wolfSSLv3_server_method(void)
The wolfSSLv3_server_method() function is used to indicate that the application is a server and will ...
void wolfSSL_CTX_set_psk_client_tls13_callback(WOLFSSL_CTX *ctx, wc_psk_client_tls13_callback cb)
This function sets the Pre-Shared Key (PSK) client side callback for TLS v1.3 connections....
WOLFSSL_METHOD * wolfTLSv1_3_client_method_ex(void *heap)
This function is used to indicate that the application is a client and will only support the TLS 1....
WOLFSSL_METHOD * wolfTLSv1_3_method_ex(void *heap)
This function returns a WOLFSSL_METHOD similar to wolfTLSv1_3_client_method except that it is not det...
int wolfSSL_SESSION_get_master_key(const WOLFSSL_SESSION *ses, unsigned char *out, int outSz)
This is used to get the master key after completing a handshake.
int wolfSSL_CTX_set_max_early_data(WOLFSSL_CTX *ctx, unsigned int sz)
This function sets the maximum amount of early data that a TLS v1.3 client or server is willing to ex...
WOLFSSL_METHOD * wolfTLSv1_2_server_method(void)
The wolfTLSv1_2_server_method() function is used to indicate that the application is a server and wil...
WOLFSSL * wolfSSL_new(WOLFSSL_CTX *)
This function creates a new SSL session, taking an already created SSL context as input.
long wolfSSL_CTX_clear_options(WOLFSSL_CTX *ctx, long opt)
This function resets option bits of WOLFSSL_CTX object.
int wolfSSL_CTX_set_group_messages(WOLFSSL_CTX *)
This function turns on grouping of handshake messages where possible.
int wolfSSL_set_msg_callback_arg(WOLFSSL *ssl, void *arg)
This function sets associated callback context value in the ssl. The value is handed over to the call...
void * wolfSSL_CTX_get_default_passwd_cb_userdata(WOLFSSL_CTX *ctx)
This is a getter function for the password callback user data set in ctx.
void wolfSSL_dtls13_set_send_more_acks(WOLFSSL *ssl, int value)
This function sets whether the library should send ACKs to the other peer immediately when detecting ...
int wolfSSL_check_domain_name(WOLFSSL *ssl, const char *dn)
wolfSSL by default checks the peer certificate for a valid date range and a verified signature....
void wolfSSL_CTX_free(WOLFSSL_CTX *)
This function frees an allocated WOLFSSL_CTX object. This function decrements the CTX reference count...
int wolfSSL_CTX_trust_peer_buffer(WOLFSSL_CTX *ctx, const unsigned char *in, long sz, int format)
This function loads a certificate to use for verifying a peer when performing a TLS/SSL handshake....
void wolfSSL_set_psk_server_tls13_callback(WOLFSSL *ssl, wc_psk_server_tls13_callback cb)
This function sets the Pre-Shared Key (PSK) server side callback for TLS v1.3 connections....
int wolfSSL_UseKeyShare(WOLFSSL *ssl, word16 group)
This function creates a key share entry from the group including generating a key pair....
long wolfSSL_CTX_set_tlsext_status_arg(WOLFSSL_CTX *ctx, void *arg)
This function sets the options argument to use with OCSP.
long wolfSSL_set_tlsext_debug_arg(WOLFSSL *ssl, void *arg)
This is used to set the debug argument passed around.
int wolfSSL_check_private_key(const WOLFSSL *ssl)
This function checks that the private key is a match with the certificate being used.
int wolfSSL_NoKeyShares(WOLFSSL *ssl)
This function is called to ensure no key shares are sent in the ClientHello. This will force the serv...
int wolfSSL_CTX_set_server_cert_type(WOLFSSL_CTX *ctx, const char *buf, int len)
In case this function is called in a server side, set certificate types that can be sent to its peer....
WOLFSSL_CTX * wolfSSL_CTX_new(WOLFSSL_METHOD *)
This function creates a new SSL context, taking a desired SSL/TLS protocol method for input.
int wolfSSL_CTX_UseSessionTicket(WOLFSSL_CTX *ctx)
This function sets wolfSSL context to use a session ticket.
int wolfSSL_set_dtls_fd_connected(WOLFSSL *ssl, int fd)
This function assigns a file descriptor (fd) as the input/output facility for the SSL connection....
WOLFSSL_METHOD * wolfSSLv23_client_method(void)
The wolfSSLv23_client_method() function is used to indicate that the application is a client and will...
WOLFSSL_METHOD * wolfSSLv3_client_method(void)
The wolfSSLv3_client_method() function is used to indicate that the application is a client and will ...
WOLFSSL_X509_STORE * wolfSSL_CTX_get_cert_store(WOLFSSL_CTX *ctx)
This is a getter function for the WOLFSSL_X509_STORE structure in ctx.
int wolfSSL_SetVersion(WOLFSSL *ssl, int version)
This function sets the SSL/TLS protocol version for the specified SSL session (WOLFSSL object) using ...
int wolfSSL_CTX_memrestore_cert_cache(WOLFSSL_CTX *ctx, const void *mem, int sz)
This function restores the certificate cache from memory.
WOLFSSL_METHOD * wolfTLSv1_3_server_method_ex(void *heap)
This function is used to indicate that the application is a server and will only support the TLS 1....
int wolfSSL_CTX_set_timeout(WOLFSSL_CTX *ctx, unsigned int to)
This function sets the timeout value for SSL sessions, in seconds, for the specified SSL context.
long wolfSSL_set_options(WOLFSSL *s, long op)
This function sets the options mask in the ssl. Some valid options are, SSL_OP_ALL,...
WOLFSSL_METHOD * wolfTLSv1_1_server_method(void)
The wolfTLSv1_1_server_method() function is used to indicate that the application is a server and wil...
int wolfSSL_CTX_Unload_trust_peers(WOLFSSL_CTX *)
This function is used to unload all previously loaded trusted peer certificates. Feature is enabled b...
int wolfDTLS_SetChGoodCb(WOLFSSL *ssl, ClientHelloGoodCb cb, void *user_ctx)
Allows setting a callback for a correctly processed and verified DTLS client hello....
wc_pem_password_cb * wolfSSL_CTX_get_default_passwd_cb(WOLFSSL_CTX *ctx)
This is a getter function for the password callback set in ctx.
void wolfSSL_set_verify(WOLFSSL *ssl, int mode, VerifyCallback verify_callback)
This function sets the verification method for remote peers and also allows a verify callback to be r...
int wolfSSL_CTX_set_cipher_list(WOLFSSL_CTX *ctx, const char *list)
This function sets cipher suite list for a given WOLFSSL_CTX. This cipher suite list becomes the defa...
WOLFSSL_METHOD * wolfTLSv1_3_server_method(void)
This function is used to indicate that the application is a server and will only support the TLS 1....
int wolfSSL_SetMinVersion(WOLFSSL *ssl, int version)
This function sets the minimum downgrade version allowed. Applicable only when the connection allows ...
int wolfSSL_ALPN_GetPeerProtocol(WOLFSSL *ssl, char **list, unsigned short *listSz)
This function copies the alpn_client_list data from the SSL object to the buffer.
int wolfSSL_get_client_suites_sigalgs(const WOLFSSL *ssl, const byte **suites, word16 *suiteSz, const byte **hashSigAlgo, word16 *hashSigAlgoSz)
This function returns the raw list of ciphersuites and signature algorithms offered by the client....
int wolfSSL_shutdown(WOLFSSL *)
This function shuts down an active SSL/TLS connection using the SSL session, ssl. This function will ...
int wolfSSL_library_init(void)
This function is called internally in wolfSSL_CTX_new(). This function is a wrapper around wolfSSL_In...
int wolfSSL_MakeTlsMasterSecret(unsigned char *ms, word32 msLen, const unsigned char *pms, word32 pmsLen, const unsigned char *cr, const unsigned char *sr, int tls1_2, int hash_type)
This function copies the values of cr and sr then passes through to wc_PRF (pseudo random function) a...
int wolfSSL_Init(void)
Initializes the wolfSSL library for use. Must be called once per application and before any other cal...
int wolfSSL_get_sigalg_info(byte first, byte second, int *hashAlgo, int *sigAlgo)
This returns information about the hash and signature algorithm directly from the raw ciphersuite byt...
int wolfSSL_ALPN_GetProtocol(WOLFSSL *ssl, char **protocol_name, unsigned short *size)
This function gets the protocol name set by the server.
WOLFSSL_CIPHERSUITE_INFO wolfSSL_get_ciphersuite_info(byte first, byte second)
This returns information about the ciphersuite directly from the raw ciphersuite bytes.
int wolfSSL_SetServerID(WOLFSSL *ssl, const unsigned char *id, int len, int newSession)
This function associates the client session with the server id. If the newSession flag is on,...
int wolfSSL_is_init_finished(WOLFSSL *ssl)
This function checks to see if the connection is established.
int wolfSSL_Cleanup(void)
Un-initializes the wolfSSL library from further use. Doesn’t have to be called, though it will free a...
int wolfSSL_get_shutdown(const WOLFSSL *ssl)
This function checks the shutdown conditions in closeNotify or connReset or sentNotify members of the...
int wolfSSL_preferred_group(WOLFSSL *ssl)
This function returns the key exchange group the client prefers to use in the TLS v1....
WC_PKCS12 * wolfSSL_i2d_PKCS12_bio(WOLFSSL_BIO *bio, WC_PKCS12 *pkcs12)
wolfSSL_i2d_PKCS12_bio (i2d_PKCS12_bio) copies in the cert information from the structure WC_PKCS12 t...
int wolfSSL_use_RSAPrivateKey_file(WOLFSSL *ssl, const char *file, int format)
This function loads the private RSA key used in the SSL connection into the SSL session (WOLFSSL stru...
WOLFSSL_X509_CHAIN * wolfSSL_get_peer_chain(WOLFSSL *ssl)
Retrieves the peer’s certificate chain.
int wolfSSL_CTX_use_RSAPrivateKey_file(WOLFSSL_CTX *ctx, const char *file, int format)
This function loads the private RSA key used in the SSL connection into the SSL context (WOLFSSL_CTX)...
int wolfSSL_use_certificate_chain_file(WOLFSSL *ssl, const char *file)
This function loads a chain of certificates into the SSL session (WOLFSSL structure)....
int wolfSSL_use_PrivateKey_file(WOLFSSL *ssl, const char *file, int format)
This function loads a private key file into the SSL session (WOLFSSL structure). The key file is prov...
int wolfSSL_PKCS12_parse(WC_PKCS12 *pkcs12, const char *psw, WOLFSSL_EVP_PKEY **pkey, WOLFSSL_X509 **cert, WOLF_STACK_OF(WOLFSSL_X509) **ca)
PKCS12 can be enabled with adding –enable-opensslextra to the configure command. It can use triple DE...
int wolfSSL_get_chain_count(WOLFSSL_X509_CHAIN *chain)
Retrieve's the peers certificate chain count.
int wolfSSL_get_chain_cert_pem(WOLFSSL_X509_CHAIN *chain, int idx, unsigned char *buf, int inLen, int *outLen)
Retrieves the peer’s PEM certificate at index (idx).
int wolfSSL_use_certificate_file(WOLFSSL *ssl, const char *file, int format)
This function loads a certificate file into the SSL session (WOLFSSL structure). The certificate file...
int wolfSSL_get_chain_length(WOLFSSL_X509_CHAIN *chain, int idx)
Retrieves the peer’s ASN1.DER certificate length in bytes at index (idx).
const unsigned char * wolfSSL_get_sessionID(const WOLFSSL_SESSION *s)
Retrieves the session’s ID. The session ID is always 32 bytes long.
WC_PKCS12 * wolfSSL_d2i_PKCS12_bio(WOLFSSL_BIO *bio, WC_PKCS12 **pkcs12)
wolfSSL_d2i_PKCS12_bio (d2i_PKCS12_bio) copies in the PKCS12 information from WOLFSSL_BIO to the stru...
unsigned char * wolfSSL_get_chain_cert(WOLFSSL_X509_CHAIN *chain, int idx)
Retrieves the peer’s ASN1.DER certificate at index (idx).
long wolfSSL_set_tlsext_status_type(WOLFSSL *s, int type)
This function is called when the client application request that a server send back an OCSP status re...
int wolfSSL_X509_get_serial_number(WOLFSSL_X509 *x509, unsigned char *in, int *inOutSz)
Retrieves the peer’s certificate serial number. The serial number buffer (in) should be at least 32 b...
WC_RNG byte * b
Definition: random.h:210
unsigned int wolfSSL_SESSION_get_max_early_data(const WOLFSSL_SESSION *s)
Get the maximum size of Early Data from a session.
int wolfSSL_GetAeadMacSize(WOLFSSL *)
Allows caller to determine the negotiated aead mac size from the handshake. For cipher type WOLFSSL_A...
int wolfSSL_dtls_get_current_timeout(WOLFSSL *ssl)
This function returns the current timeout value in seconds for the WOLFSSL object....
int wolfSSL_GetHmacType(WOLFSSL *)
Allows caller to determine the negotiated (h)mac type from the handshake. For cipher types except WOL...
int wolfSSL_CTX_SetOCSP_Cb(WOLFSSL_CTX *ctx, CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void *ioCbCtx)
Sets the callback for the OCSP in the WOLFSSL_CTX structure.
int wolfSSL_CTX_GetDevId(WOLFSSL_CTX *ctx, WOLFSSL *ssl)
This function retrieves the Device Id.
int wolfSSL_IsTLSv1_1(WOLFSSL *)
Allows caller to determine if the negotiated protocol version is at least TLS version 1....
int wolfSSL_dtls_set_timeout_max(WOLFSSL *ssl, int)
This function sets the maximum dtls timeout.
int wolfSSL_CTX_set_TicketEncCtx(WOLFSSL_CTX *ctx, void *)
This function sets the session ticket encrypt user context for the callback. For server side use.
int wolfSSL_CTX_set_TicketEncCb(WOLFSSL_CTX *ctx, SessionTicketEncCb)
This function sets the session ticket key encrypt callback function for a server to support session t...
void wolfSSL_SetFuzzerCb(WOLFSSL *ssl, CallbackFuzzer cbf, void *fCtx)
This function sets the fuzzer callback.
WOLFSSL_METHOD * wolfDTLSv1_2_client_method_ex(void *heap)
This function initializes the DTLS v1.2 client method.
int wolfSSL_set_session_secret_cb(WOLFSSL *ssl, SessionSecretCb cb, void *ctx)
This function sets the session secret callback function. The SessionSecretCb type has the signature: ...
int wolfSSL_EnableOCSP(WOLFSSL *ssl, int options)
This function enables OCSP certificate verification. The value of options if formed by or’ing one or ...
void wolfSSL_SetEccVerifyCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Public Key Ecc Verification Callback Context to ctx.
int wolfSSL_send_SessionTicket(WOLFSSL *ssl)
This function sends a session ticket to the client after a TLS v1.3 handhsake has been established.
void wolfSSL_SetRsaEncCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Public Key RSA Public Encrypt Callback Context to ctx.
int wolfSSL_CTX_set_TicketHint(WOLFSSL_CTX *ctx, int)
This function sets the session ticket hint relayed to the client. For server side use.
void * wolfSSL_GetEccSignCtx(WOLFSSL *ssl)
Allows caller to retrieve the Public Key Ecc Signing Callback Context previously stored with wolfSSL_...
int wolfSSL_CTX_SetCRL_Cb(WOLFSSL_CTX *ctx, CbMissingCRL cb)
This function will set the callback argument to the cbMissingCRL member of the WOLFSSL_CERT_MANAGER s...
int wolfSSL_set_psk_callback_ctx(WOLFSSL *ssl, void *psk_ctx)
Sets a PSK user context in the WOLFSSL structure options member.
int wolfSSL_CTX_EnableOCSPStapling(WOLFSSL_CTX *)
This function enables OCSP stapling by calling wolfSSL_CertManagerEnableOCSPStapling().
int wolfSSL_dtls(WOLFSSL *ssl)
This function is used to determine if the SSL session has been configured to use DTLS.
int wolfSSL_dtls_cid_use(WOLFSSL *ssl)
Enable use of ConnectionID extensions for the SSL object. See RFC 9146 and RFC 9147.
int wolfSSL_get_negotiated_server_cert_type(WOLFSSL *ssl, int *tp)
This function returns the result of the server certificate type negotiation done in ClientHello and S...
int wolfSSL_CTX_UseOCSPStaplingV2(WOLFSSL_CTX *ctx, unsigned char status_type, unsigned char options)
Creates and initializes the certificate status request for OCSP Stapling.
void * wolfSSL_GetDecryptVerifyCtx(WOLFSSL *ssl)
Allows caller to retrieve the Atomic User Record Processing Decrypt/Verify Callback Context previousl...
int wolfSSL_GetSide(WOLFSSL *)
Allows retrieval of the side of this WOLFSSL connection.
void wolfSSL_set_psk_server_callback(WOLFSSL *ssl, wc_psk_server_callback cb)
Sets the psk callback for the server side by setting the WOLFSSL structure options members.
int wolfSSL_set_SessionTicket_cb(WOLFSSL *ssl, CallbackSessionTicket cb, void *ctx)
This function sets the session ticket callback. The type CallbackSessionTicket is a function pointer ...
int wolfSSL_dtls_get_using_nonblock(WOLFSSL *ssl)
This function allows the application to determine if wolfSSL is using non-blocking I/O with UDP....
const unsigned char * wolfSSL_GetServerWriteKey(WOLFSSL *)
Allows retrieval of the server write key from the handshake process.
int wolfSSL_GetBulkCipher(WOLFSSL *)
Allows caller to determine the negotiated bulk cipher algorithm from the handshake.
int wolfSSL_UseOCSPStaplingV2(WOLFSSL *ssl, unsigned char status_type, unsigned char options)
The function sets the status type and options for OCSP.
int wolfSSL_CTX_EnableOCSP(WOLFSSL_CTX *ctx, int options)
This function sets options to configure behavior of OCSP functionality in wolfSSL....
void wolfSSL_SetEccSignCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Public Key Ecc Signing Callback Context to ctx.
int wolfSSL_dtls_import(WOLFSSL *ssl, unsigned char *buf, unsigned int sz)
The wolfSSL_dtls_import() function is used to parse in a serialized session state....
void wolfSSL_CTX_SetRsaSignCb(WOLFSSL_CTX *ctx, CallbackRsaSign cb)
Allows caller to set the Public Key Callback for RSA Signing. The callback should return 0 for succes...
int wolfSSL_CRYPTO_get_ex_new_index(int, void *, void *, void *, void *)
Get a new index for external data. This entry applies also for the following API:
int wolfSSL_dtls_retransmit(WOLFSSL *ssl)
When using non-blocking sockets with DTLS, this function retransmits the last handshake flight ignori...
int wolfSSL_get_ephemeral_key(WOLFSSL *ssl, int keyAlgo, const unsigned char **key, unsigned int *keySz)
This function returns pointer to loaded key as ASN.1/DER.
int wolfSSL_CTX_UseSupportedCurve(WOLFSSL_CTX *ctx, word16 name)
This function is called on the client side to enable the use of Supported Elliptic Curves Extension f...
int wolfSSL_dtls_cid_set(WOLFSSL *ssl, unsigned char *cid, unsigned int size)
Set the ConnectionID used by the other peer to send records in this connection. See RFC 9146 and RFC ...
void * wolfSSL_get_psk_callback_ctx(WOLFSSL *ssl)
Get a PSK user context in the WOLFSSL structure options member.
int wolfSSL_CTX_SetDevId(WOLFSSL_CTX *ctx, int devId)
This function sets the Device Id at the WOLFSSL_CTX context level.
int wolfSSL_CTX_DisableCRL(WOLFSSL_CTX *ctx)
This function disables CRL verification in the CTX structure.
void wolfSSL_CTX_SetRsaVerifyCb(WOLFSSL_CTX *ctx, CallbackRsaVerify cb)
Allows caller to set the Public Key Callback for RSA Verification. The callback should return the num...
int wolfSSL_dtls_set_export(WOLFSSL *ssl, wc_dtls_export func)
The wolfSSL_dtls_set_export() function is used to set the callback function for exporting a session....
int wolfSSL_SNI_GetFromBuffer(const unsigned char *clientHello, unsigned int helloSz, unsigned char type, unsigned char *sni, unsigned int *inOutSz)
This function is called on the server side to retrieve the Server Name Indication provided by the cli...
void wolfSSL_dtls_set_using_nonblock(WOLFSSL *ssl, int nonblock)
This function informs the WOLFSSL DTLS object that the underlying UDP I/O is non-blocking....
int wolfSSL_dtls13_has_pending_msg(WOLFSSL *ssl)
checks if DTLSv1.3 stack has some messages sent but not yet acknowledged by the other peer
int wolfSSL_CTX_UseOCSPStapling(WOLFSSL_CTX *ctx, unsigned char status_type, unsigned char options)
This function requests the certificate status during the handshake.
int wolfSSL_DTLS_SetCookieSecret(WOLFSSL *ssl, const unsigned char *secret, unsigned int secretSz)
This function sets a new dtls cookie secret.
void wolfSSL_SetRsaDecCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Public Key RSA Private Decrypt Callback Context to ctx.
void * wolfSSL_CTX_GetEccSignCtx(WOLFSSL_CTX *ctx)
Allows caller to retrieve the Public Key Ecc Signing Callback Context previously stored with wolfSSL_...
void wolfSSL_CTX_SetDecryptVerifyCb(WOLFSSL_CTX *ctx, CallbackDecryptVerify cb)
Allows caller to set the Atomic User Record Processing Decrypt/Verify Callback. The callback should r...
int wolfSSL_RSA_sign_generic_padding(int type, const unsigned char *m, unsigned int mLen, unsigned char *sigRet, unsigned int *sigLen, WOLFSSL_RSA *rsa, int flag, int padding)
Sign a message with the chosen message digest, padding, and RSA key.
int wolfSSL_dtls13_use_quick_timeout(WOLFSSL *ssl)
This function returns true if the application should setup a quicker timeout. When using non-blocking...
void * wolfSSL_GetRsaVerifyCtx(WOLFSSL *ssl)
Allows caller to retrieve the Public Key RSA Verification Callback Context previously stored with wol...
const unsigned char * wolfSSL_GetClientWriteKey(WOLFSSL *)
Allows retrieval of the client write key from the handshake process.
int wolfSSL_CTX_dtls_set_export(WOLFSSL_CTX *ctx, wc_dtls_export func)
The wolfSSL_CTX_dtls_set_export() function is used to set the callback function for exporting a sessi...
const unsigned char * wolfSSL_GetServerWriteIV(WOLFSSL *)
Allows retrieval of the server write IV (initialization vector) from the handshake process.
int wolfSSL_GetKeySize(WOLFSSL *)
Allows retrieval of the key size from the handshake process.
int wolfSSL_CTX_LoadCRL(WOLFSSL_CTX *ctx, const char *path, int type, int monitor)
This function loads CRL into the WOLFSSL_CTX structure through wolfSSL_CertManagerLoadCRL().
int wolfSSL_CTX_DisableOCSP(WOLFSSL_CTX *)
This function disables OCSP certificate revocation checking by affecting the ocspEnabled member of th...
void * wolfSSL_GetRsaEncCtx(WOLFSSL *ssl)
Allows caller to retrieve the Public Key RSA Public Encrypt Callback Context previously stored with w...
int wolfSSL_SetOCSP_Cb(WOLFSSL *ssl, CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void *ioCbCtx)
This function sets the OCSP callback in the WOLFSSL_CERT_MANAGER structure.
int wolfSSL_SetDevId(WOLFSSL *ssl, int devId)
This function sets the Device Id at the WOLFSSL session level.
int wolfSSL_dtls_cid_get_tx(WOLFSSL *ssl, unsigned char *buffer, unsigned int bufferSz)
Copy the ConnectionID used when sending records in this connection into the buffer pointer by the par...
int wolfSSL_CTX_load_static_memory(WOLFSSL_CTX **ctx, wolfSSL_method_func method, unsigned char *buf, unsigned int sz, int flag, int max)
This function is used to set aside static memory for a CTX. Memory set aside is then used for the CTX...
int wolfSSL_SetCRL_Cb(WOLFSSL *ssl, CbMissingCRL cb)
Sets the CRL callback in the WOLFSSL_CERT_MANAGER structure.
WC_RNG * wolfSSL_GetRNG(WOLFSSL *ssl)
This function retrieves the random number.
WOLFSSL_METHOD * wolfDTLSv1_2_server_method(void)
This function creates and initializes a WOLFSSL_METHOD for the server side.
int wolfSSL_dtls_set_peer(WOLFSSL *ssl, void *peer, unsigned int peerSz)
This function sets the DTLS peer, peer (sockaddr_in) with size of peerSz.
int wolfSSL_CTX_UseSNI(WOLFSSL_CTX *ctx, unsigned char type, const void *data, unsigned short size)
This function enables the use of Server Name Indication for SSL objects created from the SSL context ...
int wolfSSL_dtls_cid_is_enabled(WOLFSSL *ssl)
If invoked after the handshake is complete it checks if ConnectionID was successfully negotiated for ...
int wolfSSL_accept_ex(WOLFSSL *ssl, HandShakeCallBacki hsCb, TimeoutCallBack toCb, WOLFSSL_TIMEVAL timeout)
wolfSSL_accept_ex() is an extension that allows a HandShake Callback to be set. This can be useful in...
void wolfSSL_set_psk_client_callback(WOLFSSL *ssl, wc_psk_client_callback)
Sets the PSK client side callback.
int wolfSSL_is_static_memory(WOLFSSL *ssl, WOLFSSL_MEM_CONN_STATS *mem_stats)
wolfSSL_is_static_memory is used to gather information about a SSL’s static memory usage....
int wolfSSL_SetHsDoneCb(WOLFSSL *ssl, HandShakeDoneCb cb, void *user_ctx)
This function sets the handshake done callback. The hsDoneCb and hsDoneCtx members of the WOLFSSL str...
int wolfSSL_UseTruncatedHMAC(WOLFSSL *ssl)
This function is called on the client side to enable the use of Truncated HMAC in the SSL object pass...
void wolfSSL_CTX_SetRsaEncCb(WOLFSSL_CTX *ctx, CallbackRsaEnc cb)
Allows caller to set the Public Key Callback for RSA Public Encrypt. The callback should return 0 for...
int wolfSSL_dtls_got_timeout(WOLFSSL *ssl)
When using non-blocking sockets with DTLS, this function should be called on the WOLFSSL object when ...
int wolfSSL_UseSNI(WOLFSSL *ssl, unsigned char type, const void *data, unsigned short size)
This function enables the use of Server Name Indication in the SSL object passed in the 'ssl' paramet...
int wolfSSL_GetCipherType(WOLFSSL *)
Allows caller to determine the negotiated cipher type from the handshake.
int wolfSSL_connect_ex(WOLFSSL *ssl, HandShakeCallBack hsCb, TimeoutCallBack toCb, WOLFSSL_TIMEVAL timeout)
wolfSSL_connect_ex() is an extension that allows a HandShake Callback to be set. This can be useful i...
void wolfSSL_SetDecryptVerifyCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Atomic User Record Processing Decrypt/Verify Callback Context to ctx.
void wolfSSL_CTX_SetEccSignCtx(WOLFSSL_CTX *ctx, void *userCtx)
Allows caller to set the Public Key Ecc Signing Callback Context to ctx.
int wolfSSL_get_negotiated_client_cert_type(WOLFSSL *ssl, int *tp)
This function returns the result of the client certificate type negotiation done in ClientHello and S...
int wolfSSL_CTX_get_ephemeral_key(WOLFSSL_CTX *ctx, int keyAlgo, const unsigned char **key, unsigned int *keySz)
This function returns pointer to loaded key as ASN.1/DER.
int wolfSSL_GetCipherBlockSize(WOLFSSL *)
Allows caller to determine the negotiated cipher block size from the handshake.
int wolfSSL_dtls_get_peer(WOLFSSL *ssl, void *peer, unsigned int *peerSz)
This function gets the sockaddr_in (of size peerSz) of the current DTLS peer. The function will compa...
int wolfSSL_dtls_cid_get_rx_size(WOLFSSL *ssl, unsigned int *size)
Get the size of the ConnectionID used by the other peer to send records in this connection....
int wolfSSL_UseSupportedCurve(WOLFSSL *ssl, word16 name)
This function is called on the client side to enable the use of Supported Elliptic Curves Extension i...
void * wolfSSL_GetMacEncryptCtx(WOLFSSL *ssl)
Allows caller to retrieve the Atomic User Record Processing Mac/Encrypt Callback Context previously s...
int wolfSSL_GetObjectSize(void)
This function returns the size of the WOLFSSL object and will be dependent on build options and setti...
unsigned short wolfSSL_SNI_GetRequest(WOLFSSL *ssl, unsigned char type, void **data)
This function is called on the server side to retrieve the Server Name Indication provided by the cli...
int wolfSSL_dtls_cid_get_rx(WOLFSSL *ssl, unsigned char *buffer, unsigned int bufferSz)
Copy the ConnectionID used by the other peer to send records in this connection into the buffer point...
int wolfSSL_GetMaxOutputSize(WOLFSSL *)
Returns the maximum record layer size for plaintext data. This will correspond to either the maximum ...
void wolfSSL_CTX_set_psk_server_callback(WOLFSSL_CTX *ctx, wc_psk_server_callback cb)
This function sets the psk callback for the server side in the WOLFSSL_CTX structure.
int wolfSSL_CertManagerCheckCRL(WOLFSSL_CERT_MANAGER *cm, unsigned char *der, int sz)
Check CRL if the option is enabled and compares the cert to the CRL list.
int wolfSSL_GetHmacSize(WOLFSSL *)
Allows caller to determine the negotiated (h)mac size from the handshake. For cipher types except WOL...
const unsigned char * wolfSSL_GetClientWriteIV(WOLFSSL *)
Allows retrieval of the client write IV (initialization vector) from the handshake process.
void wolfSSL_CTX_SetEccVerifyCb(WOLFSSL_CTX *ctx, CallbackEccVerify cb)
Allows caller to set the Public Key Callback for ECC Verification. The callback should return 0 for s...
int wolfSSL_tls_import(WOLFSSL *ssl, const unsigned char *buf, unsigned int sz)
Used to import a serialized TLS session. This function is for importing the state of the connection....
void wolfSSL_CTX_SetCACb(WOLFSSL_CTX *ctx, CallbackCACache cb)
This function registers a callback with the SSL context (WOLFSSL_CTX) to be called when a new CA cert...
int wolfSSL_DisableOCSP(WOLFSSL *)
Disables the OCSP certificate revocation option.
void wolfSSL_SetMacEncryptCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Atomic User Record Processing Mac/Encrypt Callback Context to ctx.
int wolfSSL_CTX_is_static_memory(WOLFSSL_CTX *ctx, WOLFSSL_MEM_STATS *mem_stats)
This function does not change any of the connections behavior and is used only for gathering informat...
void * wolfSSL_CTX_get_psk_callback_ctx(WOLFSSL_CTX *ctx)
Get a PSK user context in the WOLFSSL_CTX structure.
void * wolfSSL_CTX_get_TicketEncCtx(WOLFSSL_CTX *ctx)
This function gets the session ticket encrypt user context for the callback. For server side use.
void wolfSSL_CTX_SetMacEncryptCb(WOLFSSL_CTX *ctx, CallbackMacEncrypti cb)
Allows caller to set the Atomic User Record Processing Mac/Encrypt Callback. The callback should retu...
int wolfSSL_DisableCRL(WOLFSSL *ssl)
Disables CRL certificate revocation.
int wolfSSL_GetOutputSize(WOLFSSL *ssl, int inSz)
Returns the record layer size of the plaintext input. This is helpful when an application wants to kn...
int wolfSSL_CTX_set_psk_callback_ctx(WOLFSSL_CTX *ctx, void *psk_ctx)
Sets a PSK user context in the WOLFSSL_CTX structure.
void wolfSSL_X509_free(WOLFSSL_X509 *x509)
This function frees a WOLFSSL_X509 structure.
void * wolfSSL_GetRsaDecCtx(WOLFSSL *ssl)
Allows caller to retrieve the Public Key RSA Private Decrypt Callback Context previously stored with ...
int wolfSSL_UseOCSPStapling(WOLFSSL *ssl, unsigned char status_type, unsigned char options)
Stapling eliminates the need to contact the CA. Stapling lowers the cost of certificate revocation ch...
int wolfSSL_SetTlsHmacInner(WOLFSSL *ssl, byte *inner, word32 sz, int content, int verify)
Allows caller to set the Hmac Inner vector for message sending/receiving. The result is written to in...
void * wolfSSL_GetEccVerifyCtx(WOLFSSL *ssl)
Allows caller to retrieve the Public Key Ecc Verification Callback Context previously stored with wol...
int wolfSSL_set_ephemeral_key(WOLFSSL *ssl, int keyAlgo, const char *key, unsigned int keySz, int format)
This function sets a fixed / static ephemeral key for testing only.
int wolfSSL_CTX_SetOCSP_OverrideURL(WOLFSSL_CTX *ctx, const char *url)
This function manually sets the URL for OCSP to use. By default, OCSP will use the URL found in the i...
int wolfSSL_SetOCSP_OverrideURL(WOLFSSL *ssl, const char *url)
This function sets the ocspOverrideURL member in the WOLFSSL_CERT_MANAGER structure.
int wolfSSL_EnableCRL(WOLFSSL *ssl, int options)
Enables CRL certificate revocation.
int wolfSSL_CTX_set_ephemeral_key(WOLFSSL_CTX *ctx, int keyAlgo, const char *key, unsigned int keySz, int format)
This function sets a fixed / static ephemeral key for testing only.
int wolfSSL_UseMaxFragment(WOLFSSL *ssl, unsigned char mfl)
This function is called on the client side to enable the use of Maximum Fragment Length in the SSL ob...
int wolfSSL_CTX_EnableCRL(WOLFSSL_CTX *ctx, int options)
Enables CRL certificate verification through the CTX.
int wolfSSL_LoadCRL(WOLFSSL *ssl, const char *path, int type, int monitor)
A wrapper function that ends up calling LoadCRL to load the certificate for revocation checking.
void wolfSSL_SetRsaVerifyCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Public Key RSA Verification Callback Context to ctx.
void * wolfSSL_GetRsaSignCtx(WOLFSSL *ssl)
Allows caller to retrieve the Public Key RSA Signing Callback Context previously stored with wolfSSL_...
void wolfSSL_SNI_SetOptions(WOLFSSL *ssl, unsigned char type, unsigned char options)
This function is called on the server side to configure the behavior of the SSL session using Server ...
void wolfSSL_CTX_SetEccSignCb(WOLFSSL_CTX *ctx, CallbackEccSign cb)
Allows caller to set the Public Key Callback for ECC Signing. The callback should return 0 for succes...
int wolfSSL_dtls_cid_get_tx_size(WOLFSSL *ssl, unsigned int *size)
Get the size of the ConnectionID used to send records in this connection. See RFC 9146 and RFC 9147....
int wolfSSL_dtls_export(WOLFSSL *ssl, unsigned char *buf, unsigned int *sz)
The wolfSSL_dtls_export() function is used to serialize a WOLFSSL session into the provided buffer....
const unsigned char * wolfSSL_GetMacSecret(WOLFSSL *ssl, int verify)
Allows retrieval of the Hmac/Mac secret from the handshake process. The verify parameter specifies wh...
void wolfSSL_CTX_SetRsaDecCb(WOLFSSL_CTX *ctx, CallbackRsaDec cb)
Allows caller to set the Public Key Callback for RSA Private Decrypt. The callback should return the ...
int wolfSSL_CTX_UseTruncatedHMAC(WOLFSSL_CTX *ctx)
This function is called on the client side to enable the use of Truncated HMAC for SSL objects create...
void wolfSSL_CTX_SNI_SetOptions(WOLFSSL_CTX *ctx, unsigned char type, unsigned char options)
This function is called on the server side to configure the behavior of the SSL sessions using Server...
int wolfSSL_tls_export(WOLFSSL *ssl, unsigned char *buf, unsigned int *sz)
Used to export a serialized TLS session. This function is for exporting a serialized state of the con...
void wolfSSL_CTX_set_psk_client_callback(WOLFSSL_CTX *ctx, wc_psk_client_callback cb)
The function sets the client_psk_cb member of the WOLFSSL_CTX structure.
int wolfSSL_CTX_UseMaxFragment(WOLFSSL_CTX *ctx, unsigned char mfl)
This function is called on the client side to enable the use of Maximum Fragment Length for SSL objec...
void wolfSSL_SetRsaSignCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Public Key RSA Signing Callback Context to ctx.