ssl.h
Go to the documentation of this file.
1 
21 WOLFSSL_METHOD *wolfDTLSv1_2_client_method_ex(void* heap);
22 
46 WOLFSSL_METHOD *wolfSSLv23_method(void);
47 
90 WOLFSSL_METHOD *wolfSSLv3_server_method(void);
91 
133 WOLFSSL_METHOD *wolfSSLv3_client_method(void);
134 
176 WOLFSSL_METHOD *wolfTLSv1_server_method(void);
177 
219 WOLFSSL_METHOD *wolfTLSv1_client_method(void);
220 
262 WOLFSSL_METHOD *wolfTLSv1_1_server_method(void);
263 
305 WOLFSSL_METHOD *wolfTLSv1_1_client_method(void);
306 
348 WOLFSSL_METHOD *wolfTLSv1_2_server_method(void);
349 
391 WOLFSSL_METHOD *wolfTLSv1_2_client_method(void);
392 
434 WOLFSSL_METHOD *wolfDTLSv1_client_method(void);
435 
477 WOLFSSL_METHOD *wolfDTLSv1_server_method(void);
515 WOLFSSL_METHOD *wolfDTLSv1_3_server_method(void);
552 WOLFSSL_METHOD* wolfDTLSv1_3_client_method(void);
593 WOLFSSL_METHOD *wolfDTLS_server_method(void);
634 WOLFSSL_METHOD *wolfDTLS_client_method(void);
652 WOLFSSL_METHOD *wolfDTLSv1_2_server_method(void);
653 
684 int wolfSSL_use_old_poly(WOLFSSL* ssl, int value);
685 
724 int wolfSSL_dtls_import(WOLFSSL* ssl, unsigned char* buf,
725  unsigned int sz);
726 
727 
745 int wolfSSL_tls_import(WOLFSSL* ssl, const unsigned char* buf,
746  unsigned int sz);
747 
784 int wolfSSL_CTX_dtls_set_export(WOLFSSL_CTX* ctx,
785  wc_dtls_export func);
786 
820 int wolfSSL_dtls_set_export(WOLFSSL* ssl, wc_dtls_export func);
821 
857 int wolfSSL_dtls_export(WOLFSSL* ssl, unsigned char* buf,
858  unsigned int* sz);
859 
879 int wolfSSL_tls_export(WOLFSSL* ssl, unsigned char* buf,
880  unsigned int* sz);
881 
941 int wolfSSL_CTX_load_static_memory(WOLFSSL_CTX** ctx,
942  wolfSSL_method_func method,
943  unsigned char* buf, unsigned int sz,
944  int flag, int max);
945 
979 int wolfSSL_CTX_is_static_memory(WOLFSSL_CTX* ctx,
980  WOLFSSL_MEM_STATS* mem_stats);
981 
1012 int wolfSSL_is_static_memory(WOLFSSL* ssl,
1013  WOLFSSL_MEM_CONN_STATS* mem_stats);
1014 
1055 int wolfSSL_CTX_use_certificate_file(WOLFSSL_CTX* ctx, const char* file,
1056  int format);
1057 
1102 int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX* ctx, const char* file, int format);
1103 
1166 int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX* ctx, const char* file,
1167  const char* format);
1168 
1231 int wolfSSL_CTX_load_verify_locations_ex(WOLFSSL_CTX* ctx, const char* file,
1232  const char* path, unsigned int flags);
1233 
1264 const char** wolfSSL_get_system_CA_dirs(word32* num);
1265 
1296 int wolfSSL_CTX_load_system_CA_certs(WOLFSSL_CTX* ctx);
1297 
1346 int wolfSSL_CTX_trust_peer_cert(WOLFSSL_CTX* ctx, const char* file, int type);
1347 
1386 int wolfSSL_CTX_use_certificate_chain_file(WOLFSSL_CTX *ctx,
1387  const char *file);
1388 
1433 int wolfSSL_CTX_use_RSAPrivateKey_file(WOLFSSL_CTX* ctx, const char* file, int format);
1434 
1463 long wolfSSL_get_verify_depth(WOLFSSL* ssl);
1464 
1495 long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX* ctx);
1496 
1535 int wolfSSL_use_certificate_file(WOLFSSL* ssl, const char* file, int format);
1536 
1585 int wolfSSL_use_PrivateKey_file(WOLFSSL* ssl, const char* file, int format);
1586 
1624 int wolfSSL_use_certificate_chain_file(WOLFSSL* ssl, const char *file);
1625 
1670 int wolfSSL_use_RSAPrivateKey_file(WOLFSSL* ssl, const char* file, int format);
1671 
1717 int wolfSSL_CTX_der_load_verify_locations(WOLFSSL_CTX* ctx,
1718  const char* file, int format);
1719 
1752 WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD*);
1753 
1786 WOLFSSL* wolfSSL_new(WOLFSSL_CTX*);
1787 
1818 int wolfSSL_set_fd(WOLFSSL* ssl, int fd);
1819 
1856 int wolfSSL_set_dtls_fd_connected(WOLFSSL* ssl, int fd);
1857 
1898 int wolfDTLS_SetChGoodCb(WOLFSSL* ssl, ClientHelloGoodCb cb, void* user_ctx);
1899 
1918 char* wolfSSL_get_cipher_list(int priority);
1919 
1950 int wolfSSL_get_ciphers(char* buf, int len);
1951 
1983 const char* wolfSSL_get_cipher_name(WOLFSSL* ssl);
1984 
2008 int wolfSSL_get_fd(const WOLFSSL*);
2009 
2037 void wolfSSL_set_using_nonblock(WOLFSSL* ssl, int nonblock);
2038 
2069 int wolfSSL_get_using_nonblock(WOLFSSL*);
2070 
2119 int wolfSSL_write(WOLFSSL* ssl, const void* data, int sz);
2120 
2177 int wolfSSL_read(WOLFSSL* ssl, void* data, int sz);
2178 
2231 int wolfSSL_peek(WOLFSSL* ssl, void* data, int sz);
2232 
2275 int wolfSSL_accept(WOLFSSL*);
2276 
2299 void wolfSSL_CTX_free(WOLFSSL_CTX*);
2300 
2323 void wolfSSL_free(WOLFSSL*);
2324 
2369 int wolfSSL_shutdown(WOLFSSL*);
2370 
2420 int wolfSSL_send(WOLFSSL* ssl, const void* data, int sz, int flags);
2421 
2480 int wolfSSL_recv(WOLFSSL* ssl, void* data, int sz, int flags);
2481 
2524 int wolfSSL_get_error(WOLFSSL* ssl, int ret);
2525 
2551 int wolfSSL_get_alert_history(WOLFSSL* ssl, WOLFSSL_ALERT_HISTORY *h);
2552 
2600 int wolfSSL_set_session(WOLFSSL* ssl, WOLFSSL_SESSION* session);
2601 
2642 WOLFSSL_SESSION* wolfSSL_get_session(WOLFSSL* ssl);
2643 
2670 void wolfSSL_flush_sessions(WOLFSSL_CTX* ctx, long tm);
2671 
2706 int wolfSSL_SetServerID(WOLFSSL* ssl, const unsigned char* id,
2707  int len, int newSession);
2708 
2733 int wolfSSL_GetSessionIndex(WOLFSSL* ssl);
2734 
2764 int wolfSSL_GetSessionAtIndex(int index, WOLFSSL_SESSION* session);
2765 
2792  WOLFSSL_X509_CHAIN* wolfSSL_SESSION_get_peer_chain(WOLFSSL_SESSION* session);
2793 
2839 void wolfSSL_CTX_set_verify(WOLFSSL_CTX* ctx, int mode,
2840  VerifyCallback verify_callback);
2841 
2886 void wolfSSL_set_verify(WOLFSSL* ssl, int mode, VerifyCallback verify_callback);
2887 
2916 void wolfSSL_SetCertCbCtx(WOLFSSL* ssl, void* ctx);
2917 
2945 void wolfSSL_CTX_SetCertCbCtx(WOLFSSL_CTX* ctx, void* userCtx);
2946 
2971 int wolfSSL_pending(WOLFSSL*);
2972 
2994 void wolfSSL_load_error_strings(void);
2995 
3023 int wolfSSL_library_init(void);
3024 
3046 int wolfSSL_SetDevId(WOLFSSL* ssl, int devId);
3047 
3069 int wolfSSL_CTX_SetDevId(WOLFSSL_CTX* ctx, int devId);
3070 
3092 int wolfSSL_CTX_GetDevId(WOLFSSL_CTX* ctx, WOLFSSL* ssl);
3093 
3125 long wolfSSL_CTX_set_session_cache_mode(WOLFSSL_CTX* ctx, long mode);
3126 
3156 int wolfSSL_set_session_secret_cb(WOLFSSL* ssl, SessionSecretCb cb, void* ctx);
3157 
3186 int wolfSSL_save_session_cache(const char*);
3187 
3216 int wolfSSL_restore_session_cache(const char*);
3217 
3245 int wolfSSL_memsave_session_cache(void* mem, int sz);
3246 
3274 int wolfSSL_memrestore_session_cache(const void* mem, int sz);
3275 
3299 
3329 int wolfSSL_CTX_save_cert_cache(WOLFSSL_CTX* ctx, const char* fname);
3330 
3362 int wolfSSL_CTX_restore_cert_cache(WOLFSSL_CTX* ctx, const char* fname);
3363 
3400 int wolfSSL_CTX_memsave_cert_cache(WOLFSSL_CTX* ctx, void* mem, int sz, int* used);
3401 
3436 int wolfSSL_CTX_memrestore_cert_cache(WOLFSSL_CTX* ctx, const void* mem, int sz);
3437 
3464 int wolfSSL_CTX_get_cert_cache_memsize(WOLFSSL_CTX*);
3465 
3503 int wolfSSL_CTX_set_cipher_list(WOLFSSL_CTX* ctx, const char* list);
3504 
3542 int wolfSSL_set_cipher_list(WOLFSSL* ssl, const char* list);
3543 
3569 void wolfSSL_dtls_set_using_nonblock(WOLFSSL* ssl, int nonblock);
3601 int wolfSSL_dtls_get_using_nonblock(WOLFSSL*);
3628 int wolfSSL_dtls_get_current_timeout(WOLFSSL* ssl);
3649 int wolfSSL_dtls13_use_quick_timeout(WOLFSSL *ssl);
3669 void wolfSSL_dtls13_set_send_more_acks(WOLFSSL *ssl, int value);
3670 
3702 int wolfSSL_dtls_set_timeout_init(WOLFSSL* ssl, int);
3703 
3730 int wolfSSL_dtls_set_timeout_max(WOLFSSL* ssl, int);
3731 
3759 int wolfSSL_dtls_got_timeout(WOLFSSL* ssl);
3760 
3785 int wolfSSL_dtls_retransmit(WOLFSSL* ssl);
3786 
3813 int wolfSSL_dtls(WOLFSSL* ssl);
3814 
3847 int wolfSSL_dtls_set_peer(WOLFSSL* ssl, void* peer, unsigned int peerSz);
3848 
3884 int wolfSSL_dtls_get_peer(WOLFSSL* ssl, void* peer, unsigned int* peerSz);
3885 
3921 char* wolfSSL_ERR_error_string(unsigned long,char*);
3922 
3954 void wolfSSL_ERR_error_string_n(unsigned long e, char* buf,
3955  unsigned long sz);
3956 
3991 int wolfSSL_get_shutdown(const WOLFSSL*);
3992 
4018 int wolfSSL_session_reused(WOLFSSL*);
4019 
4048 int wolfSSL_is_init_finished(WOLFSSL*);
4049 
4080 const char* wolfSSL_get_version(WOLFSSL*);
4081 
4112 int wolfSSL_get_current_cipher_suite(WOLFSSL* ssl);
4113 
4144 WOLFSSL_CIPHER* wolfSSL_get_current_cipher(WOLFSSL*);
4145 
4178 const char* wolfSSL_CIPHER_get_name(const WOLFSSL_CIPHER* cipher);
4179 
4207 const char* wolfSSL_get_cipher(WOLFSSL*);
4208 
4252 WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl);
4253 
4300 WOLFSSL_METHOD* wolfSSLv23_client_method(void);
4301 
4329 int wolfSSL_BIO_get_mem_data(WOLFSSL_BIO* bio,void* p);
4330 
4353 long wolfSSL_BIO_set_fd(WOLFSSL_BIO* b, int fd, int flag);
4354 
4376 int wolfSSL_BIO_set_close(WOLFSSL_BIO *b, long flag);
4377 
4397 WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_socket(void);
4398 
4426 int wolfSSL_BIO_set_write_buf_size(WOLFSSL_BIO *b, long size);
4427 
4460 int wolfSSL_BIO_make_bio_pair(WOLFSSL_BIO *b1, WOLFSSL_BIO *b2);
4461 
4484 int wolfSSL_BIO_ctrl_reset_read_request(WOLFSSL_BIO *b);
4485 
4513 int wolfSSL_BIO_nread0(WOLFSSL_BIO *bio, char **buf);
4514 
4547 int wolfSSL_BIO_nread(WOLFSSL_BIO *bio, char **buf, int num);
4548 
4581 int wolfSSL_BIO_nwrite(WOLFSSL_BIO *bio, char **buf, int num);
4582 
4605 int wolfSSL_BIO_reset(WOLFSSL_BIO *bio);
4606 
4636 int wolfSSL_BIO_seek(WOLFSSL_BIO *bio, int ofs);
4637 
4664 int wolfSSL_BIO_write_filename(WOLFSSL_BIO *bio, char *name);
4665 
4691 long wolfSSL_BIO_set_mem_eof_return(WOLFSSL_BIO *bio, int v);
4692 
4719 long wolfSSL_BIO_get_mem_ptr(WOLFSSL_BIO *bio, WOLFSSL_BUF_MEM **m);
4720 
4752 char* wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME* name, char* in, int sz);
4753 
4784 WOLFSSL_X509_NAME* wolfSSL_X509_get_issuer_name(WOLFSSL_X509*);
4785 
4813 WOLFSSL_X509_NAME* wolfSSL_X509_get_subject_name(WOLFSSL_X509*);
4814 
4844 int wolfSSL_X509_get_isCA(WOLFSSL_X509*);
4845 
4873 int wolfSSL_X509_NAME_get_text_by_NID(WOLFSSL_X509_NAME* name, int nid,
4874  char* buf, int len);
4875 
4908 int wolfSSL_X509_get_signature_type(WOLFSSL_X509*);
4909 
4933 void wolfSSL_X509_free(WOLFSSL_X509* x509);
4934 
4968 int wolfSSL_X509_get_signature(WOLFSSL_X509* x509, unsigned char* buf, int* bufSz);
4969 
4992 int wolfSSL_X509_STORE_add_cert(WOLFSSL_X509_STORE* store, WOLFSSL_X509* x509);
4993 
5016 WOLFSSL_STACK* wolfSSL_X509_STORE_CTX_get_chain(
5017  WOLFSSL_X509_STORE_CTX* ctx);
5018 
5046 int wolfSSL_X509_STORE_set_flags(WOLFSSL_X509_STORE* store,
5047  unsigned long flag);
5048 
5078 const byte* wolfSSL_X509_notBefore(WOLFSSL_X509* x509);
5079 
5108 const byte* wolfSSL_X509_notAfter(WOLFSSL_X509* x509);
5109 
5140 WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai,
5141  WOLFSSL_BIGNUM *bn);
5142 
5168 long wolfSSL_CTX_add_extra_chain_cert(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509);
5169 
5194 int wolfSSL_CTX_get_read_ahead(WOLFSSL_CTX*);
5195 
5220 int wolfSSL_CTX_set_read_ahead(WOLFSSL_CTX* ctx, int v);
5221 
5247 long wolfSSL_CTX_set_tlsext_status_arg(WOLFSSL_CTX* ctx, void* arg);
5248 
5275  WOLFSSL_CTX* ctx, void* arg);
5276 
5312 long wolfSSL_set_options(WOLFSSL *s, long op);
5313 
5335 long wolfSSL_get_options(const WOLFSSL *s);
5336 
5361 long wolfSSL_set_tlsext_debug_arg(WOLFSSL *s, void *arg);
5362 
5395 long wolfSSL_set_tlsext_status_type(WOLFSSL *s, int type);
5396 
5420 long wolfSSL_get_verify_result(const WOLFSSL *ssl);
5421 
5451 void wolfSSL_ERR_print_errors_fp(XFILE fp, int err);
5452 
5480  int (*cb)(const char *str, size_t len, void *u), void *u);
5481 
5519 void wolfSSL_CTX_set_psk_client_callback(WOLFSSL_CTX* ctx,
5520  wc_psk_client_callback);
5521 
5558 void wolfSSL_set_psk_client_callback(WOLFSSL* ssl,
5559  wc_psk_client_callback);
5560 
5588 const char* wolfSSL_get_psk_identity_hint(const WOLFSSL*);
5589 
5619 const char* wolfSSL_get_psk_identity(const WOLFSSL*);
5620 
5651 int wolfSSL_CTX_use_psk_identity_hint(WOLFSSL_CTX* ctx, const char* hint);
5652 
5679 int wolfSSL_use_psk_identity_hint(WOLFSSL* ssl, const char* hint);
5680 
5721 void wolfSSL_CTX_set_psk_server_callback(WOLFSSL_CTX* ctx,
5722  wc_psk_server_callback cb);
5723 
5765 void wolfSSL_set_psk_server_callback(WOLFSSL* ssl,
5766  wc_psk_server_callback cb);
5767 
5768 
5781 int wolfSSL_set_psk_callback_ctx(WOLFSSL* ssl, void* psk_ctx);
5782 
5795 int wolfSSL_CTX_set_psk_callback_ctx(WOLFSSL_CTX* ctx, void* psk_ctx);
5796 
5808 void* wolfSSL_get_psk_callback_ctx(WOLFSSL* ssl);
5809 
5821 void* wolfSSL_CTX_get_psk_callback_ctx(WOLFSSL_CTX* ctx);
5822 
5853 int wolfSSL_CTX_allow_anon_cipher(WOLFSSL_CTX*);
5854 
5894 WOLFSSL_METHOD *wolfSSLv23_server_method(void);
5895 
5918 int wolfSSL_state(WOLFSSL* ssl);
5919 
5947 WOLFSSL_X509* wolfSSL_get_peer_certificate(WOLFSSL* ssl);
5948 
5977 int wolfSSL_want_read(WOLFSSL*);
5978 
6007 int wolfSSL_want_write(WOLFSSL*);
6008 
6039 int wolfSSL_check_domain_name(WOLFSSL* ssl, const char* dn);
6040 
6063 int wolfSSL_Init(void);
6064 
6081 int wolfSSL_Cleanup(void);
6082 
6105 const char* wolfSSL_lib_version(void);
6106 
6132 word32 wolfSSL_lib_version_hex(void);
6133 
6165 int wolfSSL_negotiate(WOLFSSL* ssl);
6166 
6198 int wolfSSL_set_compression(WOLFSSL* ssl);
6199 
6227 int wolfSSL_set_timeout(WOLFSSL* ssl, unsigned int to);
6228 
6258 int wolfSSL_CTX_set_timeout(WOLFSSL_CTX* ctx, unsigned int to);
6259 
6282 WOLFSSL_X509_CHAIN* wolfSSL_get_peer_chain(WOLFSSL* ssl);
6283 
6306 int wolfSSL_get_chain_count(WOLFSSL_X509_CHAIN* chain);
6307 
6332 int wolfSSL_get_chain_length(WOLFSSL_X509_CHAIN* chain, int idx);
6333 
6357 unsigned char* wolfSSL_get_chain_cert(WOLFSSL_X509_CHAIN* chain, int idx);
6358 
6394 WOLFSSL_X509* wolfSSL_get_chain_X509(WOLFSSL_X509_CHAIN* chain, int idx);
6395 
6419 int wolfSSL_get_chain_cert_pem(WOLFSSL_X509_CHAIN* chain, int idx,
6420  unsigned char* buf, int inLen, int* outLen);
6421 
6438 const unsigned char* wolfSSL_get_sessionID(const WOLFSSL_SESSION* s);
6439 
6463 int wolfSSL_X509_get_serial_number(WOLFSSL_X509* x509, unsigned char* in,
6464  int* inOutSz);
6465 
6497 char* wolfSSL_X509_get_subjectCN(WOLFSSL_X509*);
6498 
6531 const unsigned char* wolfSSL_X509_get_der(WOLFSSL_X509* x509, int* outSz);
6532 
6558 WOLFSSL_ASN1_TIME* wolfSSL_X509_get_notAfter(WOLFSSL_X509*);
6559 
6586 int wolfSSL_X509_version(WOLFSSL_X509*);
6587 
6619 WOLFSSL_X509*
6620  wolfSSL_X509_d2i_fp(WOLFSSL_X509** x509, FILE* file);
6621 
6649 WOLFSSL_X509*
6650  wolfSSL_X509_load_certificate_file(const char* fname, int format);
6651 
6687 unsigned char*
6688  wolfSSL_X509_get_device_type(WOLFSSL_X509* x509, unsigned char* in,
6689  int* inOutSz);
6690 
6722 unsigned char*
6723  wolfSSL_X509_get_hw_type(WOLFSSL_X509* x509, unsigned char* in,
6724  int* inOutSz);
6725 
6759 unsigned char*
6760  wolfSSL_X509_get_hw_serial_number(WOLFSSL_X509* x509,
6761  unsigned char* in, int* inOutSz);
6762 
6807 int wolfSSL_connect_cert(WOLFSSL* ssl);
6808 
6843 WC_PKCS12* wolfSSL_d2i_PKCS12_bio(WOLFSSL_BIO* bio,
6844  WC_PKCS12** pkcs12);
6845 
6882 WC_PKCS12* wolfSSL_i2d_PKCS12_bio(WOLFSSL_BIO* bio,
6883  WC_PKCS12* pkcs12);
6884 
6935 int wolfSSL_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw,
6936  WOLFSSL_EVP_PKEY** pkey, WOLFSSL_X509** cert, WOLF_STACK_OF(WOLFSSL_X509)** ca);
6937 
6967 int wolfSSL_SetTmpDH(WOLFSSL* ssl, const unsigned char* p, int pSz,
6968  const unsigned char* g, int gSz);
6969 
7018 int wolfSSL_SetTmpDH_buffer(WOLFSSL* ssl, const unsigned char* b, long sz,
7019  int format);
7020 
7062 int wolfSSL_SetTmpDH_file(WOLFSSL* ssl, const char* f, int format);
7063 
7108 int wolfSSL_CTX_SetTmpDH(WOLFSSL_CTX* ctx, const unsigned char* p,
7109  int pSz, const unsigned char* g, int gSz);
7110 
7153 int wolfSSL_CTX_SetTmpDH_buffer(WOLFSSL_CTX* ctx, const unsigned char* b,
7154  long sz, int format);
7155 
7211 int wolfSSL_CTX_SetTmpDH_file(WOLFSSL_CTX* ctx, const char* f,
7212  int format);
7213 
7241 int wolfSSL_CTX_SetMinDhKey_Sz(WOLFSSL_CTX* ctx, word16);
7242 
7270 int wolfSSL_SetMinDhKey_Sz(WOLFSSL* ssl, word16 keySz_bits);
7271 
7299 int wolfSSL_CTX_SetMaxDhKey_Sz(WOLFSSL_CTX* ctx, word16 keySz_bits);
7300 
7327 int wolfSSL_SetMaxDhKey_Sz(WOLFSSL* ssl, word16 keySz_bits);
7328 
7363 int wolfSSL_GetDhKey_Sz(WOLFSSL*);
7364 
7394 int wolfSSL_CTX_SetMinRsaKey_Sz(WOLFSSL_CTX* ctx, short keySz);
7395 
7423 int wolfSSL_SetMinRsaKey_Sz(WOLFSSL* ssl, short keySz);
7424 
7453 int wolfSSL_CTX_SetMinEccKey_Sz(WOLFSSL_CTX* ssl, short keySz);
7454 
7485 int wolfSSL_SetMinEccKey_Sz(WOLFSSL* ssl, short keySz);
7486 
7518 int wolfSSL_make_eap_keys(WOLFSSL* ssl, void* key, unsigned int len,
7519  const char* label);
7520 
7562 int wolfSSL_writev(WOLFSSL* ssl, const struct iovec* iov,
7563  int iovcnt);
7564 
7595 int wolfSSL_CTX_UnloadCAs(WOLFSSL_CTX*);
7596 
7627 int wolfSSL_CTX_Unload_trust_peers(WOLFSSL_CTX*);
7628 
7679 int wolfSSL_CTX_trust_peer_buffer(WOLFSSL_CTX* ctx, const unsigned char* in,
7680  long sz, int format);
7681 
7731 int wolfSSL_CTX_load_verify_buffer(WOLFSSL_CTX* ctx, const unsigned char* in,
7732  long sz, int format);
7733 
7734 
7791 int wolfSSL_CTX_load_verify_buffer_ex(WOLFSSL_CTX* ctx,
7792  const unsigned char* in, long sz,
7793  int format, int userChain, word32 flags);
7794 
7845 int wolfSSL_CTX_load_verify_chain_buffer_format(WOLFSSL_CTX* ctx,
7846  const unsigned char* in,
7847  long sz, int format);
7848 
7893 int wolfSSL_CTX_use_certificate_buffer(WOLFSSL_CTX* ctx,
7894  const unsigned char* in, long sz,
7895  int format);
7896 
7943 int wolfSSL_CTX_use_PrivateKey_buffer(WOLFSSL_CTX* ctx,
7944  const unsigned char* in, long sz,
7945  int format);
7946 
7992 int wolfSSL_CTX_use_certificate_chain_buffer(WOLFSSL_CTX* ctx,
7993  const unsigned char* in, long sz);
7994 
8039 int wolfSSL_use_certificate_buffer(WOLFSSL* ssl, const unsigned char* in,
8040  long sz, int format);
8041 
8088 int wolfSSL_use_PrivateKey_buffer(WOLFSSL* ssl, const unsigned char* in,
8089  long sz, int format);
8090 
8134 int wolfSSL_use_certificate_chain_buffer(WOLFSSL* ssl,
8135  const unsigned char* in, long sz);
8136 
8159 int wolfSSL_UnloadCertsKeys(WOLFSSL*);
8160 
8184 int wolfSSL_CTX_set_group_messages(WOLFSSL_CTX*);
8185 
8209 int wolfSSL_set_group_messages(WOLFSSL*);
8210 
8239 void wolfSSL_SetFuzzerCb(WOLFSSL* ssl, CallbackFuzzer cbf, void* fCtx);
8240 
8272 int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
8273  const unsigned char* secret,
8274  unsigned int secretSz);
8275 
8295 WC_RNG* wolfSSL_GetRNG(WOLFSSL* ssl);
8296 
8328 int wolfSSL_CTX_SetMinVersion(WOLFSSL_CTX* ctx, int version);
8329 
8360 int wolfSSL_SetMinVersion(WOLFSSL* ssl, int version);
8361 
8381 int wolfSSL_GetObjectSize(void); /* object size based on build */
8404 int wolfSSL_GetOutputSize(WOLFSSL* ssl, int inSz);
8405 
8428 int wolfSSL_GetMaxOutputSize(WOLFSSL*);
8429 
8461 int wolfSSL_SetVersion(WOLFSSL* ssl, int version);
8462 
8488 void wolfSSL_CTX_SetMacEncryptCb(WOLFSSL_CTX* ctx, CallbackMacEncrypti cb);
8489 
8506 void wolfSSL_SetMacEncryptCtx(WOLFSSL* ssl, void *ctx);
8507 
8527 void* wolfSSL_GetMacEncryptCtx(WOLFSSL* ssl);
8528 
8553 void wolfSSL_CTX_SetDecryptVerifyCb(WOLFSSL_CTX* ctx,
8554  CallbackDecryptVerify cb);
8555 
8572 void wolfSSL_SetDecryptVerifyCtx(WOLFSSL* ssl, void *ctx);
8573 
8593 void* wolfSSL_GetDecryptVerifyCtx(WOLFSSL* ssl);
8594 
8614 const unsigned char* wolfSSL_GetMacSecret(WOLFSSL* ssl, int verify);
8615 
8633 const unsigned char* wolfSSL_GetClientWriteKey(WOLFSSL*);
8634 
8653 const unsigned char* wolfSSL_GetClientWriteIV(WOLFSSL*);
8654 
8672 const unsigned char* wolfSSL_GetServerWriteKey(WOLFSSL*);
8673 
8687 const unsigned char* wolfSSL_GetServerWriteIV(WOLFSSL*);
8688 
8705 int wolfSSL_GetKeySize(WOLFSSL*);
8706 
8735 int wolfSSL_GetIVSize(WOLFSSL*);
8736 
8755 int wolfSSL_GetSide(WOLFSSL*);
8756 
8774 int wolfSSL_IsTLSv1_1(WOLFSSL*);
8775 
8795 int wolfSSL_GetBulkCipher(WOLFSSL*);
8796 
8815 int wolfSSL_GetCipherBlockSize(WOLFSSL*);
8816 
8835 int wolfSSL_GetAeadMacSize(WOLFSSL*);
8836 
8855 int wolfSSL_GetHmacSize(WOLFSSL*);
8856 
8876 int wolfSSL_GetHmacType(WOLFSSL*);
8877 
8896 int wolfSSL_GetCipherType(WOLFSSL*);
8897 
8919 int wolfSSL_SetTlsHmacInner(WOLFSSL* ssl, byte* inner,
8920  word32 sz, int content, int verify);
8921 
8946 void wolfSSL_CTX_SetEccSignCb(WOLFSSL_CTX* ctx, CallbackEccSign cb);
8947 
8965 void wolfSSL_SetEccSignCtx(WOLFSSL* ssl, void *ctx);
8966 
8985 void* wolfSSL_GetEccSignCtx(WOLFSSL* ssl);
8986 
9005 void wolfSSL_CTX_SetEccSignCtx(WOLFSSL_CTX* ctx, void *userCtx);
9006 
9026 void* wolfSSL_CTX_GetEccSignCtx(WOLFSSL_CTX* ctx);
9027 
9052 void wolfSSL_CTX_SetEccVerifyCb(WOLFSSL_CTX* ctx, CallbackEccVerify cb);
9053 
9070 void wolfSSL_SetEccVerifyCtx(WOLFSSL* ssl, void *ctx);
9071 
9090 void* wolfSSL_GetEccVerifyCtx(WOLFSSL* ssl);
9091 
9116 void wolfSSL_CTX_SetRsaSignCb(WOLFSSL_CTX* ctx, CallbackRsaSign cb);
9117 
9134 void wolfSSL_SetRsaSignCtx(WOLFSSL* ssl, void *ctx);
9135 
9155 void* wolfSSL_GetRsaSignCtx(WOLFSSL* ssl);
9156 
9174 void wolfSSL_CTX_SetRsaVerifyCb(WOLFSSL_CTX* ctx, CallbackRsaVerify cb);
9175 
9192 void wolfSSL_SetRsaVerifyCtx(WOLFSSL* ssl, void *ctx);
9193 
9212 void* wolfSSL_GetRsaVerifyCtx(WOLFSSL* ssl);
9213 
9238 void wolfSSL_CTX_SetRsaEncCb(WOLFSSL_CTX* ctx, CallbackRsaEnc cb);
9239 
9256 void wolfSSL_SetRsaEncCtx(WOLFSSL* ssl, void *ctx);
9257 
9276 void* wolfSSL_GetRsaEncCtx(WOLFSSL* ssl);
9277 
9301 void wolfSSL_CTX_SetRsaDecCb(WOLFSSL_CTX* ctx, CallbackRsaDec cb);
9302 
9319 void wolfSSL_SetRsaDecCtx(WOLFSSL* ssl, void *ctx);
9320 
9339 void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl);
9340 
9373 void wolfSSL_CTX_SetCACb(WOLFSSL_CTX* ctx, CallbackCACache cb);
9374 
9389 WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew_ex(void* heap);
9390 
9416 WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew(void);
9417 
9439 void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER*);
9440 
9481 int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER* cm, const char* f,
9482  const char* d);
9483 
9518 int wolfSSL_CertManagerLoadCABuffer(WOLFSSL_CERT_MANAGER* cm,
9519  const unsigned char* in, long sz, int format);
9520 
9547 int wolfSSL_CertManagerUnloadCAs(WOLFSSL_CERT_MANAGER* cm);
9548 
9576 int wolfSSL_CertManagerUnload_trust_peers(WOLFSSL_CERT_MANAGER* cm);
9577 
9627 int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER* cm, const char* f,
9628  int format);
9629 
9683 int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER* cm,
9684  const unsigned char* buff, long sz, int format);
9685 
9715 void wolfSSL_CertManagerSetVerify(WOLFSSL_CERT_MANAGER* cm,
9716  VerifyCallback vc);
9717 
9747 int wolfSSL_CertManagerCheckCRL(WOLFSSL_CERT_MANAGER* cm,
9748  unsigned char* der, int sz);
9749 
9789 int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER* cm,
9790  int options);
9791 
9823 int wolfSSL_CertManagerDisableCRL(WOLFSSL_CERT_MANAGER*);
9824 
9859 int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER* cm,
9860  const char* path, int type, int monitor);
9861 
9896 int wolfSSL_CertManagerLoadCRLBuffer(WOLFSSL_CERT_MANAGER* cm,
9897  const unsigned char* buff, long sz,
9898  int type);
9899 
9937 int wolfSSL_CertManagerSetCRL_Cb(WOLFSSL_CERT_MANAGER* cm,
9938  CbMissingCRL cb);
9939 
9968 int wolfSSL_CertManagerFreeCRL(WOLFSSL_CERT_MANAGER* cm);
9969 
10003 int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER* cm,
10004  unsigned char* der, int sz);
10005 
10038 int wolfSSL_CertManagerEnableOCSP(WOLFSSL_CERT_MANAGER* cm,
10039  int options);
10040 
10065 int wolfSSL_CertManagerDisableOCSP(WOLFSSL_CERT_MANAGER*);
10066 
10095 int wolfSSL_CertManagerSetOCSPOverrideURL(WOLFSSL_CERT_MANAGER* cm,
10096  const char* url);
10097 
10129 int wolfSSL_CertManagerSetOCSP_Cb(WOLFSSL_CERT_MANAGER* cm,
10130  CbOCSPIO ioCb, CbOCSPRespFree respFreeCb,
10131  void* ioCbCtx);
10132 
10162  WOLFSSL_CERT_MANAGER* cm);
10163 
10191 int wolfSSL_EnableCRL(WOLFSSL* ssl, int options);
10192 
10215 int wolfSSL_DisableCRL(WOLFSSL* ssl);
10216 
10249 int wolfSSL_LoadCRL(WOLFSSL* ssl, const char* path, int type, int monitor);
10250 
10281 int wolfSSL_SetCRL_Cb(WOLFSSL* ssl, CbMissingCRL cb);
10282 
10313 int wolfSSL_EnableOCSP(WOLFSSL* ssl, int options);
10314 
10336 int wolfSSL_DisableOCSP(WOLFSSL*);
10337 
10365 int wolfSSL_SetOCSP_OverrideURL(WOLFSSL* ssl, const char* url);
10366 
10409 int wolfSSL_SetOCSP_Cb(WOLFSSL* ssl, CbOCSPIO ioCb, CbOCSPRespFree respFreeCb,
10410  void* ioCbCtx);
10411 
10441 int wolfSSL_CTX_EnableCRL(WOLFSSL_CTX* ctx, int options);
10442 
10466 int wolfSSL_CTX_DisableCRL(WOLFSSL_CTX* ctx);
10467 
10497 int wolfSSL_CTX_LoadCRL(WOLFSSL_CTX* ctx, const char* path, int type, int monitor);
10498 
10533 int wolfSSL_CTX_SetCRL_Cb(WOLFSSL_CTX* ctx, CbMissingCRL cb);
10534 
10562 int wolfSSL_CTX_EnableOCSP(WOLFSSL_CTX* ctx, int options);
10563 
10588 int wolfSSL_CTX_DisableOCSP(WOLFSSL_CTX*);
10589 
10612 int wolfSSL_CTX_SetOCSP_OverrideURL(WOLFSSL_CTX* ctx, const char* url);
10613 
10649 int wolfSSL_CTX_SetOCSP_Cb(WOLFSSL_CTX* ctx,
10650  CbOCSPIO ioCb, CbOCSPRespFree respFreeCb,
10651  void* ioCbCtx);
10652 
10683 int wolfSSL_CTX_EnableOCSPStapling(WOLFSSL_CTX*);
10684 
10709 void wolfSSL_KeepArrays(WOLFSSL*);
10710 
10734 void wolfSSL_FreeArrays(WOLFSSL*);
10735 
10777 int wolfSSL_UseSNI(WOLFSSL* ssl, unsigned char type,
10778  const void* data, unsigned short size);
10779 
10816 int wolfSSL_CTX_UseSNI(WOLFSSL_CTX* ctx, unsigned char type,
10817  const void* data, unsigned short size);
10818 
10865 void wolfSSL_SNI_SetOptions(WOLFSSL* ssl, unsigned char type,
10866  unsigned char options);
10867 
10910 void wolfSSL_CTX_SNI_SetOptions(WOLFSSL_CTX* ctx,
10911  unsigned char type, unsigned char options);
10912 
10952  const unsigned char* clientHello, unsigned int helloSz,
10953  unsigned char type, unsigned char* sni, unsigned int* inOutSz);
10954 
10984 unsigned char wolfSSL_SNI_Status(WOLFSSL* ssl, unsigned char type);
10985 
11023 unsigned short wolfSSL_SNI_GetRequest(WOLFSSL *ssl,
11024  unsigned char type, void** data);
11025 
11065 int wolfSSL_UseALPN(WOLFSSL* ssl, char *protocol_name_list,
11066  unsigned int protocol_name_listSz,
11067  unsigned char options);
11068 
11107 int wolfSSL_ALPN_GetProtocol(WOLFSSL* ssl, char **protocol_name,
11108  unsigned short *size);
11109 
11150 int wolfSSL_ALPN_GetPeerProtocol(WOLFSSL* ssl, char **list,
11151  unsigned short *listSz);
11152 
11193 int wolfSSL_UseMaxFragment(WOLFSSL* ssl, unsigned char mfl);
11194 
11232 int wolfSSL_CTX_UseMaxFragment(WOLFSSL_CTX* ctx, unsigned char mfl);
11233 
11269 int wolfSSL_UseTruncatedHMAC(WOLFSSL* ssl);
11270 
11301 int wolfSSL_CTX_UseTruncatedHMAC(WOLFSSL_CTX* ctx);
11302 
11335 int wolfSSL_UseOCSPStapling(WOLFSSL* ssl,
11336  unsigned char status_type, unsigned char options);
11337 
11376 int wolfSSL_CTX_UseOCSPStapling(WOLFSSL_CTX* ctx,
11377  unsigned char status_type, unsigned char options);
11378 
11406 int wolfSSL_UseOCSPStaplingV2(WOLFSSL* ssl,
11407  unsigned char status_type, unsigned char options);
11408 
11441 int wolfSSL_CTX_UseOCSPStaplingV2(WOLFSSL_CTX* ctx,
11442  unsigned char status_type, unsigned char options);
11443 
11485 int wolfSSL_UseSupportedCurve(WOLFSSL* ssl, word16 name);
11486 
11523 int wolfSSL_CTX_UseSupportedCurve(WOLFSSL_CTX* ctx,
11524  word16 name);
11525 
11557 int wolfSSL_UseSecureRenegotiation(WOLFSSL* ssl);
11558 
11592 int wolfSSL_Rehandshake(WOLFSSL* ssl);
11593 
11624 int wolfSSL_UseSessionTicket(WOLFSSL* ssl);
11625 
11652 int wolfSSL_CTX_UseSessionTicket(WOLFSSL_CTX* ctx);
11653 
11685 int wolfSSL_get_SessionTicket(WOLFSSL* ssl, unsigned char* buf, word32* bufSz);
11686 
11719 int wolfSSL_set_SessionTicket(WOLFSSL* ssl, const unsigned char* buf,
11720  word32 bufSz);
11721 
11749 int wolfSSL_set_SessionTicket_cb(WOLFSSL* ssl,
11750  CallbackSessionTicket cb, void* ctx);
11751 
11781 int wolfSSL_send_SessionTicket(WOLFSSL* ssl);
11782 
11833 int wolfSSL_CTX_set_TicketEncCb(WOLFSSL_CTX* ctx,
11834  SessionTicketEncCb);
11835 
11854 int wolfSSL_CTX_set_TicketHint(WOLFSSL_CTX* ctx, int);
11855 
11875 int wolfSSL_CTX_set_TicketEncCtx(WOLFSSL_CTX* ctx, void*);
11876 
11896 void* wolfSSL_CTX_get_TicketEncCtx(WOLFSSL_CTX* ctx);
11897 
11925 int wolfSSL_SetHsDoneCb(WOLFSSL* ssl, HandShakeDoneCb cb, void* user_ctx);
11926 
11951 int wolfSSL_PrintSessionStats(void);
11952 
11981 int wolfSSL_get_session_stats(unsigned int* active,
11982  unsigned int* total,
11983  unsigned int* peak,
11984  unsigned int* maxSessions);
11985 
12030 int wolfSSL_MakeTlsMasterSecret(unsigned char* ms, word32 msLen,
12031  const unsigned char* pms, word32 pmsLen,
12032  const unsigned char* cr, const unsigned char* sr,
12033  int tls1_2, int hash_type);
12034 
12077 int wolfSSL_DeriveTlsKeys(unsigned char* key_data, word32 keyLen,
12078  const unsigned char* ms, word32 msLen,
12079  const unsigned char* sr, const unsigned char* cr,
12080  int tls1_2, int hash_type);
12081 
12113 int wolfSSL_connect_ex(WOLFSSL* ssl, HandShakeCallBack hsCb,
12114  TimeoutCallBack toCb, WOLFSSL_TIMEVAL timeout);
12115 
12145 int wolfSSL_accept_ex(WOLFSSL* ssl, HandShakeCallBacki hsCb,
12146  TimeoutCallBack toCb, WOLFSSL_TIMEVAL timeout);
12147 
12175 long wolfSSL_BIO_set_fp(WOLFSSL_BIO *bio, XFILE fp, int c);
12176 
12203 long wolfSSL_BIO_get_fp(WOLFSSL_BIO *bio, XFILE* fp);
12204 
12229 int wolfSSL_check_private_key(const WOLFSSL* ssl);
12230 
12255 int wolfSSL_X509_get_ext_by_NID(const WOLFSSL_X509* x509,
12256  int nid, int lastPos);
12257 
12288 void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509,
12289  int nid, int* c, int* idx);
12290 
12317 int wolfSSL_X509_digest(const WOLFSSL_X509* x509,
12318  const WOLFSSL_EVP_MD* digest, unsigned char* buf, unsigned int* len);
12319 
12344 int wolfSSL_use_certificate(WOLFSSL* ssl, WOLFSSL_X509* x509);
12345 
12373 int wolfSSL_use_certificate_ASN1(WOLFSSL* ssl, unsigned char* der,
12374  int derSz);
12375 
12401 int wolfSSL_use_PrivateKey(WOLFSSL* ssl, WOLFSSL_EVP_PKEY* pkey);
12402 
12434 int wolfSSL_use_PrivateKey_ASN1(int pri, WOLFSSL* ssl,
12435  unsigned char* der, long derSz);
12436 
12467 int wolfSSL_use_RSAPrivateKey_ASN1(WOLFSSL* ssl, unsigned char* der,
12468  long derSz);
12469 
12493 WOLFSSL_DH *wolfSSL_DSA_dup_DH(const WOLFSSL_DSA *r);
12494 
12526 int wolfSSL_SESSION_get_master_key(const WOLFSSL_SESSION* ses,
12527  unsigned char* out, int outSz);
12528 
12553 int wolfSSL_SESSION_get_master_key_length(const WOLFSSL_SESSION* ses);
12554 
12579 void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX* ctx,
12580  WOLFSSL_X509_STORE* str);
12581 
12608 WOLFSSL_X509* wolfSSL_d2i_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509** x509);
12609 
12635 WOLFSSL_X509_STORE* wolfSSL_CTX_get_cert_store(WOLFSSL_CTX* ctx);
12636 
12662 size_t wolfSSL_BIO_ctrl_pending(WOLFSSL_BIO *b);
12663 
12695 size_t wolfSSL_get_server_random(const WOLFSSL *ssl,
12696  unsigned char *out, size_t outlen);
12697 
12729 size_t wolfSSL_get_client_random(const WOLFSSL* ssl,
12730  unsigned char* out, size_t outSz);
12731 
12754 wc_pem_password_cb* wolfSSL_CTX_get_default_passwd_cb(WOLFSSL_CTX*
12755  ctx);
12756 
12780 void *wolfSSL_CTX_get_default_passwd_cb_userdata(WOLFSSL_CTX *ctx);
12781 
12809 WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509_AUX
12810  (WOLFSSL_BIO *bp, WOLFSSL_X509 **x, wc_pem_password_cb *cb, void *u);
12811 
12838 long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX* ctx, WOLFSSL_DH* dh);
12839 
12867 WOLFSSL_DSA *wolfSSL_PEM_read_bio_DSAparams(WOLFSSL_BIO *bp,
12868  WOLFSSL_DSA **x, wc_pem_password_cb *cb, void *u);
12869 
12890 unsigned long wolfSSL_ERR_peek_last_error(void);
12891 
12918 WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL*);
12919 
12940 long wolfSSL_CTX_clear_options(WOLFSSL_CTX* ctx, long opt);
12941 
12967 int wolfSSL_set_jobject(WOLFSSL* ssl, void* objPtr);
12968 
12994 void* wolfSSL_get_jobject(WOLFSSL* ssl);
12995 
13019 int wolfSSL_set_msg_callback(WOLFSSL *ssl, SSL_Msg_Cb cb);
13020 
13044 int wolfSSL_set_msg_callback_arg(WOLFSSL *ssl, void* arg);
13045 
13071 char* wolfSSL_X509_get_next_altname(WOLFSSL_X509*);
13072 
13098 WOLFSSL_ASN1_TIME* wolfSSL_X509_get_notBefore(WOLFSSL_X509*);
13099 
13149 int wolfSSL_connect(WOLFSSL* ssl);
13150 
13190 int wolfSSL_send_hrr_cookie(WOLFSSL* ssl,
13191  const unsigned char* secret, unsigned int secretSz);
13192 
13211 int wolfSSL_disable_hrr_cookie(WOLFSSL* ssl);
13212 
13239 int wolfSSL_CTX_no_ticket_TLSv13(WOLFSSL_CTX* ctx);
13240 
13266 int wolfSSL_no_ticket_TLSv13(WOLFSSL* ssl);
13267 
13294 int wolfSSL_CTX_no_dhe_psk(WOLFSSL_CTX* ctx);
13295 
13321 int wolfSSL_no_dhe_psk(WOLFSSL* ssl);
13322 
13354 int wolfSSL_update_keys(WOLFSSL* ssl);
13355 
13388 int wolfSSL_key_update_response(WOLFSSL* ssl, int* required);
13389 
13419 int wolfSSL_CTX_allow_post_handshake_auth(WOLFSSL_CTX* ctx);
13420 
13450 int wolfSSL_allow_post_handshake_auth(WOLFSSL* ssl);
13451 
13487 int wolfSSL_request_certificate(WOLFSSL* ssl);
13488 
13526 int wolfSSL_CTX_set1_groups_list(WOLFSSL_CTX *ctx, char *list);
13527 
13564 int wolfSSL_set1_groups_list(WOLFSSL *ssl, char *list);
13565 
13601 int wolfSSL_preferred_group(WOLFSSL* ssl);
13602 
13643 int wolfSSL_CTX_set_groups(WOLFSSL_CTX* ctx, int* groups,
13644  int count);
13645 
13686 int wolfSSL_set_groups(WOLFSSL* ssl, int* groups, int count);
13687 
13739 int wolfSSL_connect_TLSv13(WOLFSSL*);
13740 
13788 wolfSSL_accept_TLSv13(WOLFSSL* ssl);
13789 
13828 int wolfSSL_CTX_set_max_early_data(WOLFSSL_CTX* ctx,
13829  unsigned int sz);
13830 
13868 int wolfSSL_set_max_early_data(WOLFSSL* ssl, unsigned int sz);
13869 
13919 int wolfSSL_write_early_data(OLFSSL* ssl, const void* data,
13920  int sz, int* outSz);
13921 
13971 int wolfSSL_read_early_data(WOLFSSL* ssl, void* data, int sz,
13972  int* outSz);
13973 
13999 void wolfSSL_CTX_set_psk_client_tls13_callback(WOLFSSL_CTX* ctx,
14000  wc_psk_client_tls13_callback cb);
14001 
14026 void wolfSSL_set_psk_client_tls13_callback(WOLFSSL* ssl,
14027  wc_psk_client_tls13_callback cb);
14028 
14054 void wolfSSL_CTX_set_psk_server_tls13_callback(WOLFSSL_CTX* ctx,
14055  wc_psk_server_tls13_callback cb);
14056 
14081 void wolfSSL_set_psk_server_tls13_callback(WOLFSSL* ssl,
14082  wc_psk_server_tls13_callback cb);
14083 
14120 int wolfSSL_UseKeyShare(WOLFSSL* ssl, word16 group);
14121 
14152 int wolfSSL_NoKeyShares(WOLFSSL* ssl);
14153 
14196 WOLFSSL_METHOD *wolfTLSv1_3_server_method_ex(void* heap);
14197 
14240 WOLFSSL_METHOD *wolfTLSv1_3_client_method_ex(void* heap);
14241 
14282 WOLFSSL_METHOD *wolfTLSv1_3_server_method(void);
14283 
14324 WOLFSSL_METHOD *wolfTLSv1_3_client_method(void);
14325 
14349 WOLFSSL_METHOD *wolfTLSv1_3_method_ex(void* heap);
14350 
14372 WOLFSSL_METHOD *wolfTLSv1_3_method(void);
14373 
14385 int wolfSSL_CTX_set_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo, const char* key, unsigned int keySz, int format);
14386 
14398 int wolfSSL_set_ephemeral_key(WOLFSSL* ssl, int keyAlgo, const char* key, unsigned int keySz, int format);
14399 
14410 int wolfSSL_CTX_get_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo,
14411  const unsigned char** key, unsigned int* keySz);
14412 
14423 int wolfSSL_get_ephemeral_key(WOLFSSL* ssl, int keyAlgo,
14424  const unsigned char** key, unsigned int* keySz);
14425 
14446 int wolfSSL_RSA_sign_generic_padding(int type, const unsigned char* m,
14447  unsigned int mLen, unsigned char* sigRet,
14448  unsigned int* sigLen, WOLFSSL_RSA* rsa,
14449  int flag, int padding);
14458 int wolfSSL_dtls13_has_pending_msg(WOLFSSL *ssl);
14459 
14473 unsigned int wolfSSL_SESSION_get_max_early_data(const WOLFSSL_SESSION *s);
14474 
14490 int wolfSSL_CRYPTO_get_ex_new_index(int, void*, void*, void*, void*);
14491 
14508 int wolfSSL_dtls_cid_use(WOLFSSL* ssl);
14509 
14526 int wolfSSL_dtls_cid_is_enabled(WOLFSSL* ssl);
14527 
14548 int wolfSSL_dtls_cid_set(WOLFSSL* ssl, unsigned char* cid,
14549  unsigned int size);
14550 
14570 int wolfSSL_dtls_cid_get_rx_size(WOLFSSL* ssl,
14571  unsigned int* size);
14572 
14593 int wolfSSL_dtls_cid_get_rx(WOLFSSL* ssl, unsigned char* buffer,
14594  unsigned int bufferSz);
14595 
14614 int wolfSSL_dtls_cid_get_tx_size(WOLFSSL* ssl, unsigned int* size);
14615 
14636 int wolfSSL_dtls_cid_get_tx(WOLFSSL* ssl, unsigned char* buffer,
14637  unsigned int bufferSz);
int wolfSSL_use_RSAPrivateKey_ASN1(WOLFSSL *ssl, unsigned char *der, long derSz)
This is used to set the private key for the WOLFSSL structure. A DER formatted RSA key buffer is expe...
int wolfSSL_CertManagerEnableOCSPStapling(WOLFSSL_CERT_MANAGER *cm)
This function turns on OCSP stapling if it is not turned on as well as set the options.
int wolfSSL_UseSupportedCurve(WOLFSSL *ssl, word16 name)
This function is called on the client side to enable the use of Supported Elliptic Curves Extension i...
int wolfSSL_CTX_SetMinVersion(WOLFSSL_CTX *ctx, int version)
This function sets the minimum downgrade version allowed. Applicable only when the connection allows ...
int wolfSSL_GetBulkCipher(WOLFSSL *)
Allows caller to determine the negotiated bulk cipher algorithm from the handshake.
WOLFSSL_METHOD * wolfTLSv1_3_method(void)
This function returns a WOLFSSL_METHOD similar to wolfTLSv1_3_client_method except that it is not det...
WOLFSSL_METHOD * wolfTLSv1_3_server_method(void)
This function is used to indicate that the application is a server and will only support the TLS 1...
int wolfSSL_X509_NAME_get_text_by_NID(WOLFSSL_X509_NAME *name, int nid, char *buf, int len)
This function gets the text related to the passed in NID value.
void wolfSSL_set_using_nonblock(WOLFSSL *ssl, int nonblock)
This function informs the WOLFSSL object that the underlying I/O is non-blocking. After an applicatio...
void wolfSSL_CTX_SetDecryptVerifyCb(WOLFSSL_CTX *ctx, CallbackDecryptVerify cb)
Allows caller to set the Atomic User Record Processing Decrypt/Verify Callback. The callback should r...
int wolfSSL_peek(WOLFSSL *ssl, void *data, int sz)
This function copies sz bytes from the SSL session (ssl) internal read buffer into the buffer data...
WOLFSSL_CTX * wolfSSL_CTX_new(WOLFSSL_METHOD *)
This function creates a new SSL context, taking a desired SSL/TLS protocol method for input...
WOLFSSL_METHOD * wolfSSLv23_client_method(void)
The wolfSSLv23_client_method() function is used to indicate that the application is a client and will...
const char * wolfSSL_get_version(WOLFSSL *)
Returns the SSL version being used as a string.
const unsigned char * wolfSSL_GetMacSecret(WOLFSSL *ssl, int verify)
Allows retrieval of the Hmac/Mac secret from the handshake process. The verify parameter specifies wh...
long wolfSSL_CTX_clear_options(WOLFSSL_CTX *ctx, long opt)
This function resets option bits of WOLFSSL_CTX object.
int wolfSSL_set_compression(WOLFSSL *ssl)
Turns on the ability to use compression for the SSL connection. Both sides must have compression turn...
void wolfSSL_CTX_SNI_SetOptions(WOLFSSL_CTX *ctx, unsigned char type, unsigned char options)
This function is called on the server side to configure the behavior of the SSL sessions using Server...
int wolfSSL_get_fd(const WOLFSSL *)
This function returns the file descriptor (fd) used as the input/output facility for the SSL connecti...
void wolfSSL_FreeArrays(WOLFSSL *)
Normally, at the end of the SSL handshake, wolfSSL frees temporary arrays. If wolfSSL_KeepArrays() ha...
int wolfSSL_CTX_set_groups(WOLFSSL_CTX *ctx, int *groups, int count)
This function sets the list of elliptic curve groups to allow on a wolfSSL context in order of prefer...
int wolfSSL_dtls_cid_get_rx(WOLFSSL *ssl, unsigned char *buffer, unsigned int bufferSz)
Copy the ConnectionID used by the other peer to send records in this connection into the buffer point...
int wolfSSL_SetMinRsaKey_Sz(WOLFSSL *ssl, short keySz)
Sets the minimum allowable key size in bits for RSA located in the WOLFSSL structure.
int wolfSSL_CTX_allow_anon_cipher(WOLFSSL_CTX *)
This function enables the havAnon member of the CTX structure if HAVE_ANON is defined during compilat...
int wolfSSL_SetMaxDhKey_Sz(WOLFSSL *ssl, word16 keySz_bits)
Sets the maximum size (in bits) for a Diffie-Hellman key in the WOLFSSL structure.
int wolfSSL_GetSessionIndex(WOLFSSL *ssl)
This function gets the session index of the WOLFSSL structure.
int wolfSSL_CTX_save_cert_cache(WOLFSSL_CTX *ctx, const char *fname)
This function writes the cert cache from memory to file.
WOLFSSL_METHOD * wolfTLSv1_3_client_method_ex(void *heap)
This function is used to indicate that the application is a client and will only support the TLS 1...
unsigned char * wolfSSL_X509_get_device_type(WOLFSSL_X509 *x509, unsigned char *in, int *inOutSz)
This function copies the device type from the x509 structure to the buffer.
int wolfSSL_CTX_UseSupportedCurve(WOLFSSL_CTX *ctx, word16 name)
This function is called on the client side to enable the use of Supported Elliptic Curves Extension f...
int wolfSSL_get_session_cache_memsize(void)
This function returns how large the session cache save buffer should be.
const unsigned char * wolfSSL_X509_get_der(WOLFSSL_X509 *x509, int *outSz)
This function gets the DER encoded certificate in the WOLFSSL_X509 struct.
int wolfSSL_set_psk_callback_ctx(WOLFSSL *ssl, void *psk_ctx)
Sets a PSK user context in the WOLFSSL structure options member.
int wolfSSL_set_cipher_list(WOLFSSL *ssl, const char *list)
This function sets cipher suite list for a given WOLFSSL object (SSL session). The ciphers in the lis...
long wolfSSL_get_verify_depth(WOLFSSL *ssl)
This function returns the maximum chain depth allowed, which is 9 by default, for a valid session i...
void * wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509 *x509, int nid, int *c, int *idx)
This function looks for and returns the extension matching the passed in NID value.
wolfSSL_accept_TLSv13(WOLFSSL *ssl)
This function is called on the server side and waits for a SSL/TLS client to initiate the SSL/TLS han...
int wolfSSL_dtls(WOLFSSL *ssl)
This function is used to determine if the SSL session has been configured to use DTLS.
unsigned char * wolfSSL_X509_get_hw_type(WOLFSSL_X509 *x509, unsigned char *in, int *inOutSz)
The function copies the hwType member of the WOLFSSL_X509 structure to the buffer.
int wolfSSL_CTX_load_verify_buffer_ex(WOLFSSL_CTX *ctx, const unsigned char *in, long sz, int format, int userChain, word32 flags)
This function loads a CA certificate buffer into the WOLFSSL Context. It behaves like the non-buffere...
const char * wolfSSL_get_psk_identity(const WOLFSSL *)
The function returns a constant pointer to the client_identity member of the Arrays structure...
int wolfSSL_CRYPTO_get_ex_new_index(int, void *, void *, void *, void *)
Get a new index for external data. This entry applies also for the following API: ...
int wolfSSL_X509_version(WOLFSSL_X509 *)
This function retrieves the version of the X509 certificate.
int wolfSSL_X509_get_signature(WOLFSSL_X509 *x509, unsigned char *buf, int *bufSz)
Gets the X509 signature and stores it in the buffer.
int wolfSSL_CTX_set_timeout(WOLFSSL_CTX *ctx, unsigned int to)
This function sets the timeout value for SSL sessions, in seconds, for the specified SSL context...
void wolfSSL_CTX_SetMacEncryptCb(WOLFSSL_CTX *ctx, CallbackMacEncrypti cb)
Allows caller to set the Atomic User Record Processing Mac/Encrypt Callback. The callback should retu...
int wolfSSL_CertManagerSetOCSP_Cb(WOLFSSL_CERT_MANAGER *cm, CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void *ioCbCtx)
The function sets the OCSP callback in the WOLFSSL_CERT_MANAGER.
WOLFSSL_METHOD * wolfDTLSv1_server_method(void)
The wolfDTLSv1_server_method() function is used to indicate that the application is a server and will...
WOLFSSL_METHOD * wolfTLSv1_3_method_ex(void *heap)
This function returns a WOLFSSL_METHOD similar to wolfTLSv1_3_client_method except that it is not det...
void wolfSSL_CTX_set_psk_server_callback(WOLFSSL_CTX *ctx, wc_psk_server_callback cb)
This function sets the psk callback for the server side in the WOLFSSL_CTX structure.
const unsigned char * wolfSSL_GetClientWriteKey(WOLFSSL *)
Allows retrieval of the client write key from the handshake process.
void wolfSSL_CTX_SetCACb(WOLFSSL_CTX *ctx, CallbackCACache cb)
This function registers a callback with the SSL context (WOLFSSL_CTX) to be called when a new CA cert...
void wolfSSL_SetFuzzerCb(WOLFSSL *ssl, CallbackFuzzer cbf, void *fCtx)
This function sets the fuzzer callback.
WOLFSSL_METHOD * wolfDTLSv1_client_method(void)
The wolfDTLSv1_client_method() function is used to indicate that the application is a client and will...
int wolfSSL_get_ephemeral_key(WOLFSSL *ssl, int keyAlgo, const unsigned char **key, unsigned int *keySz)
This function returns pointer to loaded key as ASN.1/DER.
WOLFSSL_BIGNUM * wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai, WOLFSSL_BIGNUM *bn)
This function is used to copy a WOLFSSL_ASN1_INTEGER value to a WOLFSSL_BIGNUM structure.
WOLFSSL_METHOD * wolfDTLS_client_method(void)
The wolfDTLS_client_method() function is used to indicate that the application is a client and will s...
void wolfSSL_CTX_free(WOLFSSL_CTX *)
This function frees an allocated WOLFSSL_CTX object. This function decrements the CTX reference count...
int wolfSSL_CTX_GetDevId(WOLFSSL_CTX *ctx, WOLFSSL *ssl)
This function retrieves the Device Id.
int wolfSSL_CTX_SetDevId(WOLFSSL_CTX *ctx, int devId)
This function sets the Device Id at the WOLFSSL_CTX context level.
void * wolfSSL_GetMacEncryptCtx(WOLFSSL *ssl)
Allows caller to retrieve the Atomic User Record Processing Mac/Encrypt Callback Context previously s...
unsigned long wolfSSL_ERR_peek_last_error(void)
This function returns the absolute value of the last error from WOLFSSL_ERROR encountered.
int wolfSSL_get_chain_length(WOLFSSL_X509_CHAIN *chain, int idx)
Retrieves the peer’s ASN1.DER certificate length in bytes at index (idx).
int wolfSSL_get_error(WOLFSSL *ssl, int ret)
This function returns a unique error code describing why the previous API function call (wolfSSL_conn...
int wolfSSL_update_keys(WOLFSSL *ssl)
This function is called on a TLS v1.3 client or server wolfSSL to force the rollover of keys...
int wolfSSL_CTX_load_static_memory(WOLFSSL_CTX **ctx, wolfSSL_method_func method, unsigned char *buf, unsigned int sz, int flag, int max)
This function is used to set aside static memory for a CTX. Memory set aside is then used for the CTX...
int wolfSSL_CTX_set_max_early_data(WOLFSSL_CTX *ctx, unsigned int sz)
This function sets the maximum amount of early data that a TLS v1.3 client or server is willing to ex...
int wolfSSL_CTX_DisableCRL(WOLFSSL_CTX *ctx)
This function disables CRL verification in the CTX structure.
int wolfSSL_UseOCSPStapling(WOLFSSL *ssl, unsigned char status_type, unsigned char options)
Stapling eliminates the need to contact the CA. Stapling lowers the cost of certificate revocation ch...
WOLFSSL_METHOD * wolfTLSv1_2_client_method(void)
The wolfTLSv1_2_client_method() function is used to indicate that the application is a client and wil...
int wolfSSL_GetSessionAtIndex(int index, WOLFSSL_SESSION *session)
This function gets the session at specified index of the session cache and copies it into memory...
int wolfSSL_dtls_cid_is_enabled(WOLFSSL *ssl)
If invoked after the handshake is complete it checks if ConnectionID was successfully negotiated for ...
void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER *)
Frees all resources associated with the Certificate Manager context. Call this when you no longer nee...
int wolfSSL_write(WOLFSSL *ssl, const void *data, int sz)
This function writes sz bytes from the buffer, data, to the SSL connection, ssl. If necessary...
WOLFSSL_X509_NAME * wolfSSL_X509_get_issuer_name(WOLFSSL_X509 *)
This function returns the name of the certificate issuer.
int wolfSSL_SetMinVersion(WOLFSSL *ssl, int version)
This function sets the minimum downgrade version allowed. Applicable only when the connection allows ...
int wolfSSL_CTX_use_RSAPrivateKey_file(WOLFSSL_CTX *ctx, const char *file, int format)
This function loads the private RSA key used in the SSL connection into the SSL context (WOLFSSL_CTX)...
void * wolfSSL_CTX_GetEccSignCtx(WOLFSSL_CTX *ctx)
Allows caller to retrieve the Public Key Ecc Signing Callback Context previously stored with wolfSSL_...
void * wolfSSL_CTX_get_default_passwd_cb_userdata(WOLFSSL_CTX *ctx)
This is a getter function for the password callback user data set in ctx.
int wolfSSL_is_static_memory(WOLFSSL *ssl, WOLFSSL_MEM_CONN_STATS *mem_stats)
wolfSSL_is_static_memory is used to gather information about a SSL’s static memory usage...
void wolfSSL_SNI_SetOptions(WOLFSSL *ssl, unsigned char type, unsigned char options)
This function is called on the server side to configure the behavior of the SSL session using Server ...
int wolfSSL_GetOutputSize(WOLFSSL *ssl, int inSz)
Returns the record layer size of the plaintext input. This is helpful when an application wants to kn...
int wolfSSL_GetHmacType(WOLFSSL *)
Allows caller to determine the negotiated (h)mac type from the handshake. For cipher types except WOL...
void wolfSSL_set_psk_server_tls13_callback(WOLFSSL *ssl, wc_psk_server_tls13_callback cb)
This function sets the Pre-Shared Key (PSK) server side callback for TLS v1.3 connections. The callback is used to find a PSK identity and return its key and the name of the cipher to use for the handshake. The function sets the server_psk_tls13_cb member of the options field in WOLFSSL structure.
int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER *cm, const char *path, int type, int monitor)
Error checks and passes through to LoadCRL() in order to load the cert into the CRL for revocation ch...
int wolfSSL_GetObjectSize(void)
This function returns the size of the WOLFSSL object and will be dependent on build options and setti...
int wolfSSL_SNI_GetFromBuffer(const unsigned char *clientHello, unsigned int helloSz, unsigned char type, unsigned char *sni, unsigned int *inOutSz)
This function is called on the server side to retrieve the Server Name Indication provided by the cli...
int wolfSSL_CTX_SetOCSP_OverrideURL(WOLFSSL_CTX *ctx, const char *url)
This function manually sets the URL for OCSP to use. By default, OCSP will use the URL found in the i...
void * wolfSSL_get_psk_callback_ctx(WOLFSSL *ssl)
Get a PSK user context in the WOLFSSL structure options member.
void wolfSSL_CTX_set_psk_client_callback(WOLFSSL_CTX *ctx, wc_psk_client_callback)
The function sets the client_psk_cb member of the WOLFSSL_CTX structure.
int wolfSSL_SetMinDhKey_Sz(WOLFSSL *ssl, word16 keySz_bits)
Sets the minimum size (in bits) for a Diffie-Hellman key in the WOLFSSL structure.
int wolfSSL_UseALPN(WOLFSSL *ssl, char *protocol_name_list, unsigned int protocol_name_listSz, unsigned char options)
Setup ALPN use for a wolfSSL session.
int wolfSSL_set_groups(WOLFSSL *ssl, int *groups, int count)
This function sets the list of elliptic curve groups to allow on a wolfSSL. The list is an array of g...
int wolfSSL_want_read(WOLFSSL *)
This function is similar to calling wolfSSL_get_error() and getting SSL_ERROR_WANT_READ in return...
int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX *ctx, const char *file, const char *format)
This function loads PEM-formatted CA certificate files into the SSL context (WOLFSSL_CTX). These certificates will be treated as trusted root certificates and used to verify certs received from peers during the SSL handshake. The root certificate file, provided by the file argument, may be a single certificate or a file containing multiple certificates. If multiple CA certs are included in the same file, wolfSSL will load them in the same order they are presented in the file. The path argument is a pointer to the name of a directory that contains certificates of trusted root CAs. If the value of file is not NULL, path may be specified as NULL if not needed. If path is specified and NO_WOLFSSL_DIR was not defined when building the library, wolfSSL will load all CA certificates located in the given directory. This function will attempt to load all files in the directory. This function expects PEM formatted CERT_TYPE file with header “--—BEGIN CERTIFICATE--—”.
int wolfSSL_CTX_UseOCSPStaplingV2(WOLFSSL_CTX *ctx, unsigned char status_type, unsigned char options)
Creates and initializes the certificate status request for OCSP Stapling.
int wolfSSL_BIO_seek(WOLFSSL_BIO *bio, int ofs)
This function adjusts the file pointer to the offset given. This is the offset from the head of the f...
const char * wolfSSL_get_psk_identity_hint(const WOLFSSL *)
This function returns the psk identity hint.
WOLFSSL_METHOD * wolfDTLSv1_3_server_method(void)
The wolfDTLSv1_3_server_method() function is used to indicate that the application is a server and wi...
long wolfSSL_get_verify_result(const WOLFSSL *ssl)
This is used to get the results after trying to verify the peer's certificate.
void wolfSSL_CTX_SetCertCbCtx(WOLFSSL_CTX *ctx, void *userCtx)
This function stores user CTX object information for verify callback.
int wolfSSL_BIO_set_close(WOLFSSL_BIO *b, long flag)
Sets the close flag, used to indicate that the i/o stream should be closed when the BIO is freed...
int wolfSSL_set_timeout(WOLFSSL *ssl, unsigned int to)
This function sets the SSL session timeout value in seconds.
int wolfSSL_EnableOCSP(WOLFSSL *ssl, int options)
This function enables OCSP certificate verification.
int wolfSSL_check_private_key(const WOLFSSL *ssl)
This function checks that the private key is a match with the certificate being used.
int wolfSSL_SetCRL_Cb(WOLFSSL *ssl, CbMissingCRL cb)
Sets the CRL callback in the WOLFSSL_CERT_MANAGER structure.
int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER *cm, unsigned char *der, int sz)
The function enables the WOLFSSL_CERT_MANAGER’s member, ocspEnabled to signify that the OCSP check o...
int wolfSSL_read_early_data(WOLFSSL *ssl, void *data, int sz, int *outSz)
This function reads any early data from a client on resumption. Call this function instead of wolfSSL...
WOLFSSL_X509 * wolfSSL_PEM_read_bio_X509_AUX(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, wc_pem_password_cb *cb, void *u)
This function behaves the same as wolfSSL_PEM_read_bio_X509. AUX signifies containing extra informati...
int wolfSSL_SetMinEccKey_Sz(WOLFSSL *ssl, short keySz)
Sets the value of the minEccKeySz member of the options structure. The options struct is a member of ...
int wolfSSL_BIO_get_mem_data(WOLFSSL_BIO *bio, void *p)
This is used to set a byte pointer to the start of the internal memory buffer.
void wolfSSL_X509_free(WOLFSSL_X509 *x509)
This function frees a WOLFSSL_X509 structure.
long wolfSSL_CTX_set_tlsext_status_arg(WOLFSSL_CTX *ctx, void *arg)
This function sets the options argument to use with OCSP.
void wolfSSL_set_psk_client_callback(WOLFSSL *ssl, wc_psk_client_callback)
Sets the PSK client side callback.
void wolfSSL_set_psk_client_tls13_callback(WOLFSSL *ssl, wc_psk_client_tls13_callback cb)
This function sets the Pre-Shared Key (PSK) client side callback for TLS v1.3 connections. The callback is used to find a PSK identity and return its key and the name of the cipher to use for the handshake. The function sets the client_psk_tls13_cb member of the options field in WOLFSSL structure.
int wolfSSL_CTX_trust_peer_cert(WOLFSSL_CTX *ctx, const char *file, int type)
This function loads a certificate to use for verifying a peer when performing a TLS/SSL handshake...
void * wolfSSL_GetRsaEncCtx(WOLFSSL *ssl)
Allows caller to retrieve the Public Key RSA Public Encrypt Callback Context previously stored with w...
int wolfSSL_set_msg_callback_arg(WOLFSSL *ssl, void *arg)
This function sets associated callback context value in the ssl. The value is handed over to the call...
void wolfSSL_KeepArrays(WOLFSSL *)
Normally, at the end of the SSL handshake, wolfSSL frees temporary arrays. Calling this function befo...
WOLFSSL_X509_STORE * wolfSSL_CTX_get_cert_store(WOLFSSL_CTX *ctx)
This is a getter function for the WOLFSSL_X509_STORE structure in ctx.
long wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg(WOLFSSL_CTX *ctx, void *arg)
This function sets the optional argument to be passed to the PRF callback.
WOLFSSL_BIO_METHOD * wolfSSL_BIO_s_socket(void)
This is used to get a BIO_SOCKET type WOLFSSL_BIO_METHOD.
int wolfSSL_preferred_group(WOLFSSL *ssl)
This function returns the key exchange group the client prefers to use in the TLS v1...
int wolfSSL_set_jobject(WOLFSSL *ssl, void *objPtr)
This function sets the jObjectRef member of the WOLFSSL structure.
int wolfSSL_CTX_SetMinRsaKey_Sz(WOLFSSL_CTX *ctx, short keySz)
Sets the minimum RSA key size in both the WOLFSSL_CTX structure and the WOLFSSL_CERT_MANAGER structur...
long wolfSSL_BIO_get_fp(WOLFSSL_BIO *bio, XFILE *fp)
This is used to get the internal file pointer for a BIO.
int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER *cm, const unsigned char *buff, long sz, int format)
Specifies the certificate buffer to verify with the Certificate Manager context. The format can be SS...
int wolfSSL_CertManagerFreeCRL(WOLFSSL_CERT_MANAGER *cm)
This function frees the CRL stored in the Cert Manager. An application can update the CRL by calling ...
void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX *ctx, WOLFSSL_X509_STORE *str)
This is a setter function for the WOLFSSL_X509_STORE structure in ctx.
int wolfSSL_use_psk_identity_hint(WOLFSSL *ssl, const char *hint)
This function stores the hint argument in the server_hint member of the Arrays structure within the W...
int wolfSSL_accept(WOLFSSL *)
This function is called on the server side and waits for an SSL client to initiate the SSL/TLS handsh...
int wolfSSL_CTX_DisableOCSP(WOLFSSL_CTX *)
This function disables OCSP certificate revocation checking by affecting the ocspEnabled member of th...
long wolfSSL_CTX_set_session_cache_mode(WOLFSSL_CTX *ctx, long mode)
This function enables or disables SSL session caching. Behavior depends on the value used for mode...
int wolfSSL_restore_session_cache(const char *)
This function restores the persistent session cache from file. It does not use memstore because of ad...
int wolfSSL_BIO_write_filename(WOLFSSL_BIO *bio, char *name)
This is used to set and write to a file. WIll overwrite any data currently in the file and is set to ...
int wolfSSL_CTX_dtls_set_export(WOLFSSL_CTX *ctx, wc_dtls_export func)
The wolfSSL_CTX_dtls_set_export() function is used to set the callback function for exporting a sessi...
int wolfSSL_CTX_no_dhe_psk(WOLFSSL_CTX *ctx)
This function is called on a TLS v1.3 wolfSSL context to disallow Diffie-Hellman (DH) style key excha...
int wolfSSL_use_PrivateKey_file(WOLFSSL *ssl, const char *file, int format)
This function loads a private key file into the SSL session (WOLFSSL structure). The key file is prov...
int wolfSSL_get_SessionTicket(WOLFSSL *ssl, unsigned char *buf, word32 *bufSz)
This function copies the ticket member of the Session structure to the buffer.
int wolfSSL_check_domain_name(WOLFSSL *ssl, const char *dn)
wolfSSL by default checks the peer certificate for a valid date range and a verified signature...
const char * wolfSSL_get_cipher(WOLFSSL *)
This function matches the cipher suite in the SSL object with the available suites.
int wolfSSL_write_early_data(OLFSSL *ssl, const void *data, int sz, int *outSz)
This function writes early data to the server on resumption. Call this function instead of wolfSSL_co...
WOLFSSL_X509_CHAIN * wolfSSL_get_peer_chain(WOLFSSL *ssl)
Retrieves the peer’s certificate chain.
int wolfSSL_Cleanup(void)
Un-initializes the wolfSSL library from further use. Doesn’t have to be called, though it will free ...
void wolfSSL_CTX_SetRsaDecCb(WOLFSSL_CTX *ctx, CallbackRsaDec cb)
Allows caller to set the Public Key Callback for RSA Private Decrypt. The callback should return the ...
int wolfSSL_SetTmpDH(WOLFSSL *ssl, const unsigned char *p, int pSz, const unsigned char *g, int gSz)
Server Diffie-Hellman Ephemeral parameters setting. This function sets up the group parameters to be ...
WOLFSSL_METHOD * wolfSSLv23_server_method(void)
The wolfSSLv23_server_method() function is used to indicate that the application is a server and will...
WOLFSSL_METHOD * wolfTLSv1_server_method(void)
The wolfTLSv1_server_method() function is used to indicate that the application is a server and will ...
char * wolfSSL_X509_get_next_altname(WOLFSSL_X509 *)
This function returns the next, if any, altname from the peer certificate.
void wolfSSL_CTX_SetEccSignCb(WOLFSSL_CTX *ctx, CallbackEccSign cb)
Allows caller to set the Public Key Callback for ECC Signing. The callback should return 0 for succes...
int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX *ctx, const char *file, int format)
This function loads a private key file into the SSL context (WOLFSSL_CTX). The file is provided by th...
int wolfSSL_SetOCSP_Cb(WOLFSSL *ssl, CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void *ioCbCtx)
This function sets the OCSP callback in the WOLFSSL_CERT_MANAGER structure.
WOLFSSL_ASN1_TIME * wolfSSL_X509_get_notAfter(WOLFSSL_X509 *)
This function checks to see if x509 is NULL and if it’s not, it returns the notAfter member of the x...
int wolfSSL_LoadCRL(WOLFSSL *ssl, const char *path, int type, int monitor)
A wrapper function that ends up calling LoadCRL to load the certificate for revocation checking...
void wolfSSL_CTX_SetRsaEncCb(WOLFSSL_CTX *ctx, CallbackRsaEnc cb)
Allows caller to set the Public Key Callback for RSA Public Encrypt. The callback should return 0 for...
int wolfSSL_DisableOCSP(WOLFSSL *)
Disables the OCSP certificate revocation option.
int wolfSSL_GetMaxOutputSize(WOLFSSL *)
Returns the maximum record layer size for plaintext data. This will correspond to either the maximum ...
int wolfSSL_CTX_SetMinEccKey_Sz(WOLFSSL_CTX *ssl, short keySz)
Sets the minimum size in bits for the ECC key in the WOLF_CTX structure and the WOLFSSL_CERT_MANAGER ...
int wolfSSL_X509_get_isCA(WOLFSSL_X509 *)
Checks the isCa member of the WOLFSSL_X509 structure and returns the value.
long wolfSSL_get_options(const WOLFSSL *s)
This function returns the current options mask.
int wolfSSL_save_session_cache(const char *)
This function persists the session cache to file. It doesn’t use memsave because of additional memor...
WOLFSSL_SESSION * wolfSSL_get_session(WOLFSSL *ssl)
When NO_SESSION_CACHE_REF is defined this function returns a pointer to the current session (WOLFSSL_...
int wolfSSL_GetCipherType(WOLFSSL *)
Allows caller to determine the negotiated cipher type from the handshake.
size_t wolfSSL_get_server_random(const WOLFSSL *ssl, unsigned char *out, size_t outlen)
This is used to get the random data sent by the server during the handshake.
int wolfSSL_SetVersion(WOLFSSL *ssl, int version)
This function sets the SSL/TLS protocol version for the specified SSL session (WOLFSSL object) using ...
int wolfSSL_UnloadCertsKeys(WOLFSSL *)
This function unloads any certificates or keys that SSL owns.
WC_RNG byte * b
Definition: random.h:210
int wolfSSL_GetDhKey_Sz(WOLFSSL *)
Returns the value of dhKeySz (in bits) that is a member of the options structure. This value represen...
int wolfSSL_dtls_got_timeout(WOLFSSL *ssl)
When using non-blocking sockets with DTLS, this function should be called on the WOLFSSL object when ...
void wolfSSL_CTX_SetRsaSignCb(WOLFSSL_CTX *ctx, CallbackRsaSign cb)
Allows caller to set the Public Key Callback for RSA Signing. The callback should return 0 for succes...
int wolfSSL_X509_STORE_set_flags(WOLFSSL_X509_STORE *store, unsigned long flag)
This function takes in a flag to change the behavior of the WOLFSSL_X509_STORE structure passed in...
void wolfSSL_ERR_error_string_n(unsigned long e, char *buf, unsigned long sz)
This function is a version of wolfSSL_ERR_error_string() where len specifies the maximum number of ch...
char * wolfSSL_X509_get_subjectCN(WOLFSSL_X509 *)
Returns the common name of the subject from the certificate.
void wolfSSL_SetEccSignCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Public Key Ecc Signing Callback Context to ctx.
int wolfSSL_CTX_no_ticket_TLSv13(WOLFSSL_CTX *ctx)
This function is called on the server to stop it from sending a resumption session ticket once the ha...
int wolfSSL_CTX_allow_post_handshake_auth(WOLFSSL_CTX *ctx)
This function is called on a TLS v1.3 client wolfSSL context to allow a client certifcate to be sent ...
int wolfSSL_send(WOLFSSL *ssl, const void *data, int sz, int flags)
This function writes sz bytes from the buffer, data, to the SSL connection, ssl, using the specified ...
int wolfSSL_GetKeySize(WOLFSSL *)
Allows retrieval of the key size from the handshake process.
int wolfSSL_SetServerID(WOLFSSL *ssl, const unsigned char *id, int len, int newSession)
This function associates the client session with the server id. If the newSession flag is on...
int wolfSSL_library_init(void)
This function is called internally in wolfSSL_CTX_new(). This function is a wrapper around wolfSSL_In...
WOLFSSL_CIPHER * wolfSSL_get_current_cipher(WOLFSSL *)
This function returns a pointer to the current cipher in the ssl session.
int wolfSSL_get_chain_count(WOLFSSL_X509_CHAIN *chain)
Retrieve's the peers certificate chain count.
WOLFSSL_METHOD * wolfSSLv23_method(void)
This function returns a WOLFSSL_METHOD similar to wolfSSLv23_client_method except that it is not dete...
int wolfSSL_CTX_load_verify_buffer(WOLFSSL_CTX *ctx, const unsigned char *in, long sz, int format)
This function loads a CA certificate buffer into the WOLFSSL Context. It behaves like the non-buffere...
int wolfSSL_CTX_SetCRL_Cb(WOLFSSL_CTX *ctx, CbMissingCRL cb)
This function will set the callback argument to the cbMissingCRL member of the WOLFSSL_CERT_MANAGER s...
void * wolfSSL_GetEccSignCtx(WOLFSSL *ssl)
Allows caller to retrieve the Public Key Ecc Signing Callback Context previously stored with wolfSSL_...
void wolfSSL_CTX_SetEccVerifyCb(WOLFSSL_CTX *ctx, CallbackEccVerify cb)
Allows caller to set the Public Key Callback for ECC Verification. The callback should return 0 for s...
int wolfSSL_CTX_load_system_CA_certs(WOLFSSL_CTX *ctx)
This function attempts to load CA certificates into a WOLFSSL_CTX from an OS-dependent CA certificate...
int wolfSSL_CertManagerUnloadCAs(WOLFSSL_CERT_MANAGER *cm)
This function unloads the CA signer list.
int wolfSSL_dtls_export(WOLFSSL *ssl, unsigned char *buf, unsigned int *sz)
The wolfSSL_dtls_export() function is used to serialize a WOLFSSL session into the provided buffer...
int wolfSSL_PrintSessionStats(void)
This function prints the statistics from the session.
const char * wolfSSL_CIPHER_get_name(const WOLFSSL_CIPHER *cipher)
This function matches the cipher suite in the SSL object with the available suites and returns the st...
void wolfSSL_set_psk_server_callback(WOLFSSL *ssl, wc_psk_server_callback cb)
Sets the psk callback for the server side by setting the WOLFSSL structure options members...
int wolfSSL_CTX_use_certificate_chain_file(WOLFSSL_CTX *ctx, const char *file)
This function loads a chain of certificates into the SSL context (WOLFSSL_CTX). The file containing t...
WC_PKCS12 * wolfSSL_d2i_PKCS12_bio(WOLFSSL_BIO *bio, WC_PKCS12 **pkcs12)
wolfSSL_d2i_PKCS12_bio (d2i_PKCS12_bio) copies in the PKCS12 information from WOLFSSL_BIO to the stru...
void wolfSSL_dtls_set_using_nonblock(WOLFSSL *ssl, int nonblock)
This function informs the WOLFSSL DTLS object that the underlying UDP I/O is non-blocking. After an application creates a WOLFSSL object, if it will be used with a non-blocking UDP socket, call wolfSSL_dtls_set_using_nonblock() on it. This lets the WOLFSSL object know that receiving EWOULDBLOCK means that the recvfrom call would block rather than that it timed out.
int wolfSSL_CTX_Unload_trust_peers(WOLFSSL_CTX *)
This function is used to unload all previously loaded trusted peer certificates. Feature is enabled b...
void * wolfSSL_GetRsaVerifyCtx(WOLFSSL *ssl)
Allows caller to retrieve the Public Key RSA Verification Callback Context previously stored with wol...
int wolfSSL_GetCipherBlockSize(WOLFSSL *)
Allows caller to determine the negotiated cipher block size from the handshake.
int wolfSSL_BIO_set_write_buf_size(WOLFSSL_BIO *b, long size)
This is used to set the size of write buffer for a WOLFSSL_BIO. If write buffer has been previously s...
int wolfSSL_dtls_cid_get_rx_size(WOLFSSL *ssl, unsigned int *size)
Get the size of the ConnectionID used by the other peer to send records in this connection. See RFC 9146 and RFC 9147. The size is stored in the parameter size.
int wolfSSL_read(WOLFSSL *ssl, void *data, int sz)
This function reads sz bytes from the SSL session (ssl) internal read buffer into the buffer data...
int wolfSSL_set_SessionTicket(WOLFSSL *ssl, const unsigned char *buf, word32 bufSz)
This function sets the ticket member of the WOLFSSL_SESSION structure within the WOLFSSL struct...
WOLFSSL_STACK * wolfSSL_X509_STORE_CTX_get_chain(WOLFSSL_X509_STORE_CTX *ctx)
This function is a getter function for chain variable in WOLFSSL_X509_STORE_CTX structure. Currently chain is not populated.
const byte * wolfSSL_X509_notBefore(WOLFSSL_X509 *x509)
This function the certificate "not before" validity encoded as a byte array.
WOLFSSL_METHOD * wolfSSLv3_client_method(void)
The wolfSSLv3_client_method() function is used to indicate that the application is a client and will ...
int wolfSSL_key_update_response(WOLFSSL *ssl, int *required)
This function is called on a TLS v1.3 client or server wolfSSL to determine whether a rollover of key...
int wolfSSL_CertManagerDisableCRL(WOLFSSL_CERT_MANAGER *)
Turns off Certificate Revocation List checking when verifying certificates with the Certificate Manag...
int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER *cm, const char *f, const char *d)
Specifies the locations for CA certificate loading into the manager context. The PEM certificate CAfi...
WOLFSSL_METHOD * wolfDTLSv1_3_client_method(void)
The wolfDTLSv1_3_client_method() function is used to indicate that the application is a client and wi...
int wolfSSL_CTX_SetTmpDH_file(WOLFSSL_CTX *ctx, const char *f, int format)
The function calls wolfSSL_SetTmpDH_file_wrapper to set the server Diffie-Hellman parameters...
int wolfSSL_PKCS12_parse(WC_PKCS12 *pkcs12, const char *psw, WOLFSSL_EVP_PKEY **pkey, WOLFSSL_X509 **cert, WOLF_STACK_OF(WOLFSSL_X509)**ca)
PKCS12 can be enabled with adding –enable-opensslextra to the configure command. It can use triple D...
int wolfSSL_BIO_nread(WOLFSSL_BIO *bio, char **buf, int num)
This is used to get a buffer pointer for reading from. The internal read index is advanced by the num...
int wolfSSL_state(WOLFSSL *ssl)
This is used to get the internal error state of the WOLFSSL structure.
int wolfSSL_X509_get_ext_by_NID(const WOLFSSL_X509 *x509, int nid, int lastPos)
This function looks for and returns the extension index matching the passed in NID value...
int wolfSSL_is_init_finished(WOLFSSL *)
This function checks to see if the connection is established.
word32 wolfSSL_lib_version_hex(void)
This function returns the current library version in hexadecimal notation.
int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER *cm, int options)
Turns on Certificate Revocation List checking when verifying certificates with the Certificate Manage...
WOLFSSL_DSA * wolfSSL_PEM_read_bio_DSAparams(WOLFSSL_BIO *bp, WOLFSSL_DSA **x, wc_pem_password_cb *cb, void *u)
This function get the DSA parameters from a PEM buffer in bio.
int wolfSSL_BIO_make_bio_pair(WOLFSSL_BIO *b1, WOLFSSL_BIO *b2)
This is used to pair two bios together. A pair of bios acts similar to a two way pipe writing to one ...
int wolfSSL_pending(WOLFSSL *)
This function returns the number of bytes which are buffered and available in the SSL object to be re...
int wolfSSL_SetTlsHmacInner(WOLFSSL *ssl, byte *inner, word32 sz, int content, int verify)
Allows caller to set the Hmac Inner vector for message sending/receiving. The result is written to in...
int wolfSSL_DTLS_SetCookieSecret(WOLFSSL *ssl, const unsigned char *secret, unsigned int secretSz)
This function sets a new dtls cookie secret.
unsigned char * wolfSSL_X509_get_hw_serial_number(WOLFSSL_X509 *x509, unsigned char *in, int *inOutSz)
This function returns the hwSerialNum member of the x509 object.
int wolfSSL_use_certificate(WOLFSSL *ssl, WOLFSSL_X509 *x509)
his is used to set the certificate for WOLFSSL structure to use during a handshake.
int wolfSSL_CertManagerUnload_trust_peers(WOLFSSL_CERT_MANAGER *cm)
The function will free the Trusted Peer linked list and unlocks the trusted peer list.
int wolfSSL_dtls_cid_get_tx(WOLFSSL *ssl, unsigned char *buffer, unsigned int bufferSz)
Copy the ConnectionID used when sending records in this connection into the buffer pointer by the par...
int wolfSSL_MakeTlsMasterSecret(unsigned char *ms, word32 msLen, const unsigned char *pms, word32 pmsLen, const unsigned char *cr, const unsigned char *sr, int tls1_2, int hash_type)
This function copies the values of cr and sr then passes through to wc_PRF (pseudo random function) a...
int wolfSSL_DeriveTlsKeys(unsigned char *key_data, word32 keyLen, const unsigned char *ms, word32 msLen, const unsigned char *sr, const unsigned char *cr, int tls1_2, int hash_type)
An external facing wrapper to derive TLS Keys.
int wolfSSL_CTX_trust_peer_buffer(WOLFSSL_CTX *ctx, const unsigned char *in, long sz, int format)
This function loads a certificate to use for verifying a peer when performing a TLS/SSL handshake...
void wolfSSL_SetEccVerifyCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Public Key Ecc Verification Callback Context to ctx.
void * wolfSSL_GetRsaSignCtx(WOLFSSL *ssl)
Allows caller to retrieve the Public Key RSA Signing Callback Context previously stored with wolfSSL_...
WOLFSSL_X509 * wolfSSL_d2i_X509_bio(WOLFSSL_BIO *bio, WOLFSSL_X509 **x509)
This function get the DER buffer from bio and converts it to a WOLFSSL_X509 structure.
void wolfSSL_SetRsaDecCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Public Key RSA Private Decrypt Callback Context to ctx.
int wolfSSL_CTX_get_read_ahead(WOLFSSL_CTX *)
This function returns the get read ahead flag from a WOLFSSL_CTX structure.
int wolfSSL_GetIVSize(WOLFSSL *)
Returns the iv_size member of the specs structure held in the WOLFSSL struct.
int wolfSSL_negotiate(WOLFSSL *ssl)
Performs the actual connect or accept based on the side of the SSL method. If called from the client ...
int wolfSSL_want_write(WOLFSSL *)
This function is similar to calling wolfSSL_get_error() and getting SSL_ERROR_WANT_WRITE in return...
int wolfSSL_UseSessionTicket(WOLFSSL *ssl)
Force provided WOLFSSL structure to use session ticket. The constant HAVE_SESSION_TICKET should be de...
int wolfSSL_memsave_session_cache(void *mem, int sz)
This function persists session cache to memory.
int wolfSSL_CertManagerEnableOCSP(WOLFSSL_CERT_MANAGER *cm, int options)
Turns on OCSP if it’s turned off and if compiled with the set option available.
int wolfSSL_send_SessionTicket(WOLFSSL *ssl)
This function sends a session ticket to the client after a TLS v1.3 handhsake has been established...
int wolfSSL_dtls_cid_set(WOLFSSL *ssl, unsigned char *cid, unsigned int size)
Set the ConnectionID used by the other peer to send records in this connection. See RFC 9146 and RFC ...
void wolfSSL_CertManagerSetVerify(WOLFSSL_CERT_MANAGER *cm, VerifyCallback vc)
The function sets the verifyCallback function in the Certificate Manager. If present, it will be called for each cert loaded. If there is a verification error, the verify callback can be used to over-ride the error.
long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX *ctx)
This function gets the certificate chaining depth using the CTX structure.
long wolfSSL_BIO_set_mem_eof_return(WOLFSSL_BIO *bio, int v)
This is used to set the end of file value. Common value is -1 so as not to get confused with expected...
int wolfSSL_X509_get_serial_number(WOLFSSL_X509 *x509, unsigned char *in, int *inOutSz)
Retrieves the peer’s certificate serial number. The serial number buffer (in) should be at least 32 ...
int wolfSSL_SESSION_get_master_key(const WOLFSSL_SESSION *ses, unsigned char *out, int outSz)
This is used to get the master key after completing a handshake.
char * wolfSSL_ERR_error_string(unsigned long, char *)
This function converts an error code returned by wolfSSL_get_error() into a more human-readable error...
int wolfSSL_UseTruncatedHMAC(WOLFSSL *ssl)
This function is called on the client side to enable the use of Truncated HMAC in the SSL object pass...
WOLFSSL_METHOD * wolfDTLSv1_2_client_method_ex(void *heap)
This function initializes the DTLS v1.2 client method.
int wolfSSL_CTX_SetOCSP_Cb(WOLFSSL_CTX *ctx, CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void *ioCbCtx)
Sets the callback for the OCSP in the WOLFSSL_CTX structure.
int wolfSSL_dtls_cid_get_tx_size(WOLFSSL *ssl, unsigned int *size)
Get the size of the ConnectionID used to send records in this connection. See RFC 9146 and RFC 9147...
int wolfSSL_get_chain_cert_pem(WOLFSSL_X509_CHAIN *chain, int idx, unsigned char *buf, int inLen, int *outLen)
Retrieves the peer’s PEM certificate at index (idx).
int wolfSSL_CertManagerCheckCRL(WOLFSSL_CERT_MANAGER *cm, unsigned char *der, int sz)
Check CRL if the option is enabled and compares the cert to the CRL list.
int wolfSSL_use_certificate_chain_file(WOLFSSL *ssl, const char *file)
This function loads a chain of certificates into the SSL session (WOLFSSL structure). The file containing the certificate chain is provided by the file argument, and must contain PEM-formatted certificates. This function will process up to MAX_CHAIN_DEPTH (default = 9, defined in internal.h) certificates, plus the subject certificate.
int wolfSSL_get_session_stats(unsigned int *active, unsigned int *total, unsigned int *peak, unsigned int *maxSessions)
This function gets the statistics for the session.
int wolfSSL_CTX_set_ephemeral_key(WOLFSSL_CTX *ctx, int keyAlgo, const char *key, unsigned int keySz, int format)
This function sets a fixed / static ephemeral key for testing only.
void * wolfSSL_GetRsaDecCtx(WOLFSSL *ssl)
Allows caller to retrieve the Public Key RSA Private Decrypt Callback Context previously stored with ...
int wolfSSL_CTX_SetTmpDH_buffer(WOLFSSL_CTX *ctx, const unsigned char *b, long sz, int format)
A wrapper function that calls wolfSSL_SetTmpDH_buffer_wrapper.
const byte * wolfSSL_X509_notAfter(WOLFSSL_X509 *x509)
This function the certificate "not after" validity encoded as a byte array.
int wolfSSL_no_ticket_TLSv13(WOLFSSL *ssl)
This function is called on the server to stop it from sending a resumption session ticket once the ha...
size_t wolfSSL_get_client_random(const WOLFSSL *ssl, unsigned char *out, size_t outSz)
This is used to get the random data sent by the client during the handshake.
int wolfSSL_BIO_reset(WOLFSSL_BIO *bio)
Resets bio to an initial state. As an example for type BIO_BIO this resets the read and write index...
int wolfSSL_IsTLSv1_1(WOLFSSL *)
Allows caller to determine if the negotiated protocol version is at least TLS version 1...
int wolfSSL_CertManagerSetCRL_Cb(WOLFSSL_CERT_MANAGER *cm, CbMissingCRL cb)
This function sets the CRL Certificate Manager callback. If HAVE_CRL is defined and a matching CRL re...
int wolfSSL_dtls_get_peer(WOLFSSL *ssl, void *peer, unsigned int *peerSz)
This function gets the sockaddr_in (of size peerSz) of the current DTLS peer. The function will compa...
void wolfSSL_ERR_print_errors_fp(XFILE fp, int err)
This function converts an error code returned by wolfSSL_get_error() into a more human-readable error...
WOLFSSL_METHOD * wolfDTLSv1_2_server_method(void)
This function creates and initializes a WOLFSSL_METHOD for the server side.
int wolfSSL_SESSION_get_master_key_length(const WOLFSSL_SESSION *ses)
This is used to get the master secret key length.
int wolfSSL_get_ciphers(char *buf, int len)
This function gets the ciphers enabled in wolfSSL.
WOLFSSL_METHOD * wolfTLSv1_1_client_method(void)
The wolfTLSv1_1_client_method() function is used to indicate that the application is a client and wil...
char * wolfSSL_get_cipher_list(int priority)
Get the name of cipher at priority level passed in.
WC_RNG * wolfSSL_GetRNG(WOLFSSL *ssl)
This function retrieves the random number.
int wolfSSL_set_group_messages(WOLFSSL *)
This function turns on grouping of handshake messages where possible.
int wolfSSL_CTX_set_read_ahead(WOLFSSL_CTX *ctx, int v)
This function sets the read ahead flag in the WOLFSSL_CTX structure.
int wolfSSL_set_max_early_data(WOLFSSL *ssl, unsigned int sz)
This function sets the maximum amount of early data that a TLS v1.3 client or server is willing to ex...
int wolfSSL_CTX_memrestore_cert_cache(WOLFSSL_CTX *ctx, const void *mem, int sz)
This function restores the certificate cache from memory.
int wolfSSL_CertManagerLoadCRLBuffer(WOLFSSL_CERT_MANAGER *cm, const unsigned char *buff, long sz, int type)
The function loads the CRL file by calling BufferLoadCRL.
int wolfSSL_BIO_ctrl_reset_read_request(WOLFSSL_BIO *b)
This is used to set the read request flag back to 0.
int wolfSSL_CTX_EnableOCSP(WOLFSSL_CTX *ctx, int options)
This function sets options to configure behavior of OCSP functionality in wolfSSL. The value of options if formed by or’ing one or more of the following options: WOLFSSL_OCSP_ENABLE - enable OCSP lookups WOLFSSL_OCSP_URL_OVERRIDE - use the override URL instead of the URL in certificates. The override URL is specified using the wolfSSL_CTX_SetOCSP_OverrideURL() function. This function only sets the OCSP options when wolfSSL has been compiled with OCSP support (–enable-ocsp, #define HAVE_OCSP).
WOLF_STACK_OF(WOLFSSL_X509)*wolfSSL_get_peer_cert_chain(const WOLFSSL *)
This function gets the peer’s certificate chain.
int wolfSSL_recv(WOLFSSL *ssl, void *data, int sz, int flags)
This function reads sz bytes from the SSL session (ssl) internal read buffer into the buffer data usi...
int wolfSSL_BIO_nwrite(WOLFSSL_BIO *bio, char **buf, int num)
Gets a pointer to the buffer for writing as many bytes as returned by the function. Writing more bytes to the pointer returned then the value returned can result in writing out of bounds.
int wolfSSL_Rehandshake(WOLFSSL *ssl)
This function executes a secure renegotiation handshake; this is user forced as wolfSSL discourages t...
int wolfSSL_shutdown(WOLFSSL *)
This function shuts down an active SSL/TLS connection using the SSL session, ssl. This function will ...
WOLFSSL_X509 * wolfSSL_get_chain_X509(WOLFSSL_X509_CHAIN *chain, int idx)
This function gets the peer’s wolfSSL_X509_certificate at index (idx) from the chain of certificates...
WOLFSSL_CERT_MANAGER * wolfSSL_CertManagerNew(void)
Allocates and initializes a new Certificate Manager context. This context may be used independent of ...
int wolfSSL_ALPN_GetProtocol(WOLFSSL *ssl, char **protocol_name, unsigned short *size)
This function gets the protocol name set by the server.
int wolfSSL_BIO_nread0(WOLFSSL_BIO *bio, char **buf)
This is used to get a buffer pointer for reading from. Unlike wolfSSL_BIO_nread the internal read ind...
unsigned char * wolfSSL_get_chain_cert(WOLFSSL_X509_CHAIN *chain, int idx)
Retrieves the peer’s ASN1.DER certificate at index (idx).
void wolfSSL_free(WOLFSSL *)
This function frees an allocated wolfSSL object.
WOLFSSL_METHOD * wolfTLSv1_2_server_method(void)
The wolfTLSv1_2_server_method() function is used to indicate that the application is a server and wil...
int wolfSSL_dtls_cid_use(WOLFSSL *ssl)
Enable use of ConnectionID extensions for the SSL object. See RFC 9146 and RFC 9147.
int wolfSSL_CertManagerLoadCABuffer(WOLFSSL_CERT_MANAGER *cm, const unsigned char *in, long sz, int format)
Loads the CA Buffer by calling wolfSSL_CTX_load_verify_buffer and returning that result using a tempo...
int wolfSSL_UseMaxFragment(WOLFSSL *ssl, unsigned char mfl)
This function is called on the client side to enable the use of Maximum Fragment Length in the SSL ob...
void wolfSSL_load_error_strings(void)
This function is for OpenSSL compatibility (SSL_load_error_string) only and takes no action...
void wolfSSL_SetRsaEncCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Public Key RSA Public Encrypt Callback Context to ctx.
WOLFSSL_METHOD * wolfTLSv1_3_client_method(void)
This function is used to indicate that the application is a client and will only support the TLS 1...
unsigned char wolfSSL_SNI_Status(WOLFSSL *ssl, unsigned char type)
This function gets the status of an SNI object.
WOLFSSL_ASN1_TIME * wolfSSL_X509_get_notBefore(WOLFSSL_X509 *)
The function checks to see if x509 is NULL and if it’s not, it returns the notBefore member of the x...
void wolfSSL_CTX_SetEccSignCtx(WOLFSSL_CTX *ctx, void *userCtx)
Allows caller to set the Public Key Ecc Signing Callback Context to ctx.
int wolfSSL_connect(WOLFSSL *ssl)
This function is called on the client side and initiates an SSL/TLS handshake with a server...
int wolfSSL_make_eap_keys(WOLFSSL *ssl, void *key, unsigned int len, const char *label)
This function is used by EAP_TLS and EAP-TTLS to derive keying material from the master secret...
int wolfSSL_CTX_UseSessionTicket(WOLFSSL_CTX *ctx)
This function sets wolfSSL context to use a session ticket.
void wolfSSL_SetCertCbCtx(WOLFSSL *ssl, void *ctx)
This function stores user CTX object information for verify callback.
int wolfSSL_dtls13_use_quick_timeout(WOLFSSL *ssl)
This function returns true if the application should setup a quicker timeout. When using non-blocking...
int wolfSSL_SetTmpDH_buffer(WOLFSSL *ssl, const unsigned char *b, long sz, int format)
The function calls the wolfSSL_SetTMpDH_buffer_wrapper, which is a wrapper for Diffie-Hellman paramet...
int wolfSSL_CTX_UseTruncatedHMAC(WOLFSSL_CTX *ctx)
This function is called on the client side to enable the use of Truncated HMAC for SSL objects create...
int wolfSSL_set_msg_callback(WOLFSSL *ssl, SSL_Msg_Cb cb)
This function sets a callback in the ssl. The callback is to observe handshake messages. NULL value of cb resets the callback.
WOLFSSL_METHOD * wolfSSLv3_server_method(void)
The wolfSSLv3_server_method() function is used to indicate that the application is a server and will ...
const char * wolfSSL_get_cipher_name(WOLFSSL *ssl)
This function gets the cipher name in the format DHE-RSA by passing through argument to wolfSSL_get_c...
int wolfSSL_set_SessionTicket_cb(WOLFSSL *ssl, CallbackSessionTicket cb, void *ctx)
This function sets the session ticket callback. The type CallbackSessionTicket is a function pointer ...
int wolfSSL_CTX_use_PrivateKey_buffer(WOLFSSL_CTX *ctx, const unsigned char *in, long sz, int format)
This function loads a private key buffer into the SSL Context. It behaves like the non-buffered versi...
int wolfSSL_CTX_UseMaxFragment(WOLFSSL_CTX *ctx, unsigned char mfl)
This function is called on the client side to enable the use of Maximum Fragment Length for SSL objec...
int wolfSSL_use_PrivateKey(WOLFSSL *ssl, WOLFSSL_EVP_PKEY *pkey)
This is used to set the private key for the WOLFSSL structure.
void * wolfSSL_get_jobject(WOLFSSL *ssl)
This function returns the jObjectRef member of the WOLFSSL structure.
int wolfSSL_set_session(WOLFSSL *ssl, WOLFSSL_SESSION *session)
This function sets the session to be used when the SSL object, ssl, is used to establish a SSL/TLS co...
int wolfSSL_dtls_set_timeout_init(WOLFSSL *ssl, int)
This function sets the dtls timeout.
int wolfSSL_CTX_SetMaxDhKey_Sz(WOLFSSL_CTX *ctx, word16 keySz_bits)
This function sets the maximum size (in bits) of the Diffie Hellman key size by accessing the maxDhKe...
int wolfSSL_CTX_load_verify_locations_ex(WOLFSSL_CTX *ctx, const char *file, const char *path, unsigned int flags)
This function loads PEM-formatted CA certificate files into the SSL context (WOLFSSL_CTX). These certificates will be treated as trusted root certificates and used to verify certs received from peers during the SSL handshake. The root certificate file, provided by the file argument, may be a single certificate or a file containing multiple certificates. If multiple CA certs are included in the same file, wolfSSL will load them in the same order they are presented in the file. The path argument is a pointer to the name of a directory that contains certificates of trusted root CAs. If the value of file is not NULL, path may be specified as NULL if not needed. If path is specified and NO_WOLFSSL_DIR was not defined when building the library, wolfSSL will load all CA certificates located in the given directory. This function will attempt to load all files in the directory based on flags specified. This function expects PEM formatted CERT_TYPE files with header “--—BEGIN CERTIFICATE--—”.
int wolfSSL_CTX_LoadCRL(WOLFSSL_CTX *ctx, const char *path, int type, int monitor)
This function loads CRL into the WOLFSSL_CTX structure through wolfSSL_CertManagerLoadCRL().
int wolfSSL_UseOCSPStaplingV2(WOLFSSL *ssl, unsigned char status_type, unsigned char options)
The function sets the status type and options for OCSP.
const unsigned char * wolfSSL_get_sessionID(const WOLFSSL_SESSION *s)
Retrieves the session’s ID. The session ID is always 32 bytes long.
int wolfSSL_CTX_set1_groups_list(WOLFSSL_CTX *ctx, char *list)
This function sets the list of elliptic curve groups to allow on a wolfSSL context in order of prefer...
int wolfSSL_get_shutdown(const WOLFSSL *)
This function checks the shutdown conditions in closeNotify or connReset or sentNotify members of the...
int wolfSSL_CTX_set_TicketEncCtx(WOLFSSL_CTX *ctx, void *)
This function sets the session ticket encrypt user context for the callback. For server side use...
int wolfSSL_UseSNI(WOLFSSL *ssl, unsigned char type, const void *data, unsigned short size)
This function enables the use of Server Name Indication in the SSL object passed in the 'ssl' paramet...
int wolfSSL_get_using_nonblock(WOLFSSL *)
This function allows the application to determine if wolfSSL is using non-blocking I/O...
int wolfSSL_use_certificate_chain_buffer(WOLFSSL *ssl, const unsigned char *in, long sz)
This function loads a certificate chain buffer into the WOLFSSL object. It behaves like the non-buffe...
int wolfSSL_CTX_UseSNI(WOLFSSL_CTX *ctx, unsigned char type, const void *data, unsigned short size)
This function enables the use of Server Name Indication for SSL objects created from the SSL context ...
int wolfSSL_CTX_set_group_messages(WOLFSSL_CTX *)
This function turns on grouping of handshake messages where possible.
int wolfSSL_UseSecureRenegotiation(WOLFSSL *ssl)
This function forces secure renegotiation for the supplied WOLFSSL structure. This is not recommended...
const char * wolfSSL_lib_version(void)
This function returns the current library version.
int wolfSSL_Init(void)
Initializes the wolfSSL library for use. Must be called once per application and before any other cal...
void wolfSSL_dtls13_set_send_more_acks(WOLFSSL *ssl, int value)
This function sets whether the library should send ACKs to the other peer immediately when detecting ...
int wolfSSL_GetSide(WOLFSSL *)
Allows retrieval of the side of this WOLFSSL connection.
int wolfSSL_get_alert_history(WOLFSSL *ssl, WOLFSSL_ALERT_HISTORY *h)
This function gets the alert history.
int wolfSSL_use_certificate_ASN1(WOLFSSL *ssl, unsigned char *der, int derSz)
This is used to set the certificate for WOLFSSL structure to use during a handshake. A DER formatted buffer is expected.
int wolfSSL_CTX_use_certificate_file(WOLFSSL_CTX *ctx, const char *file, int format)
This function loads a certificate file into the SSL context (WOLFSSL_CTX). The file is provided by th...
int wolfSSL_CTX_EnableOCSPStapling(WOLFSSL_CTX *)
This function enables OCSP stapling by calling wolfSSL_CertManagerEnableOCSPStapling().
int wolfSSL_dtls_retransmit(WOLFSSL *ssl)
When using non-blocking sockets with DTLS, this function retransmits the last handshake flight ignori...
int wolfSSL_RSA_sign_generic_padding(int type, const unsigned char *m, unsigned int mLen, unsigned char *sigRet, unsigned int *sigLen, WOLFSSL_RSA *rsa, int flag, int padding)
Sign a message with the chosen message digest, padding, and RSA key.
void wolfSSL_set_verify(WOLFSSL *ssl, int mode, VerifyCallback verify_callback)
This function sets the verification method for remote peers and also allows a verify callback to be r...
int wolfSSL_session_reused(WOLFSSL *)
This function returns the resuming member of the options struct. The flag indicates whether or not to...
int wolfSSL_CTX_set_TicketEncCb(WOLFSSL_CTX *ctx, SessionTicketEncCb)
This function sets the session ticket key encrypt callback function for a server to support session t...
int wolfSSL_CTX_get_cert_cache_memsize(WOLFSSL_CTX *)
Returns the size the certificate cache save buffer needs to be.
int wolfSSL_CTX_set_cipher_list(WOLFSSL_CTX *ctx, const char *list)
This function sets cipher suite list for a given WOLFSSL_CTX. This cipher suite list becomes the defa...
long wolfSSL_set_tlsext_debug_arg(WOLFSSL *s, void *arg)
This is used to set the debug argument passed around.
int wolfSSL_CTX_set_TicketHint(WOLFSSL_CTX *ctx, int)
This function sets the session ticket hint relayed to the client. For server side use...
int wolfSSL_CTX_UnloadCAs(WOLFSSL_CTX *)
This function unloads the CA signer list and frees the whole signer table.
long wolfSSL_BIO_get_mem_ptr(WOLFSSL_BIO *bio, WOLFSSL_BUF_MEM **m)
This is a getter function for WOLFSSL_BIO memory pointer.
int wolfSSL_EnableCRL(WOLFSSL *ssl, int options)
Enables CRL certificate revocation.
int wolfSSL_dtls13_has_pending_msg(WOLFSSL *ssl)
checks if DTLSv1.3 stack has some messages sent but not yet acknowledged by the other peer ...
int wolfSSL_CTX_SetMinDhKey_Sz(WOLFSSL_CTX *ctx, word16)
This function sets the minimum size (in bits) of the Diffie Hellman key size by accessing the minDhKe...
int wolfSSL_UseKeyShare(WOLFSSL *ssl, word16 group)
This function creates a key share entry from the group including generating a key pair...
int wolfSSL_SetDevId(WOLFSSL *ssl, int devId)
This function sets the Device Id at the WOLFSSL session level.
WOLFSSL_X509 * wolfSSL_X509_load_certificate_file(const char *fname, int format)
The function loads the x509 certificate into memory.
int wolfDTLS_SetChGoodCb(WOLFSSL *ssl, ClientHelloGoodCb cb, void *user_ctx)
Allows setting a callback for a correctly processed and verified DTLS client hello. When using a cookie exchange mechanism (either the HelloVerifyRequest in DTLS 1.2 or the HelloRetryRequest with a cookie extension in DTLS 1.3) this callback is called after the cookie exchange has succeeded. This is useful to use one WOLFSSL object as the listener for new connections and being able to isolate the WOLFSSL object once the ClientHello is verified (either through a cookie exchange or just checking if the ClientHello had the correct format). DTLS 1.2: https://datatracker.ietf.org/doc/html/rfc6347#section-4.2.1 DTLS 1.3: https://www.rfc-editor.org/rfc/rfc8446#section-4.2.2.
WOLFSSL_METHOD * wolfTLSv1_3_server_method_ex(void *heap)
This function is used to indicate that the application is a server and will only support the TLS 1...
size_t wolfSSL_BIO_ctrl_pending(WOLFSSL_BIO *b)
Gets the number of pending bytes to read. If BIO type is BIO_BIO then is the number to read from pair...
int wolfSSL_use_old_poly(WOLFSSL *ssl, int value)
Since there is some differences between the first release and newer versions of chacha-poly AEAD cons...
int wolfSSL_CTX_UseOCSPStapling(WOLFSSL_CTX *ctx, unsigned char status_type, unsigned char options)
This function requests the certificate status during the handshake.
int wolfSSL_send_hrr_cookie(WOLFSSL *ssl, const unsigned char *secret, unsigned int secretSz)
This function is called on the server side to indicate that a HelloRetryRequest message must contain ...
void * wolfSSL_GetEccVerifyCtx(WOLFSSL *ssl)
Allows caller to retrieve the Public Key Ecc Verification Callback Context previously stored with wol...
int wolfSSL_set_session_secret_cb(WOLFSSL *ssl, SessionSecretCb cb, void *ctx)
This function sets the session secret callback function. The SessionSecretCb type has the signature: ...
int wolfSSL_CTX_is_static_memory(WOLFSSL_CTX *ctx, WOLFSSL_MEM_STATS *mem_stats)
This function does not change any of the connections behavior and is used only for gathering informat...
int wolfSSL_writev(WOLFSSL *ssl, const struct iovec *iov, int iovcnt)
Simulates writev semantics but doesn’t actually do block at a time because of SSL_write() behavior a...
WOLFSSL_X509 * wolfSSL_X509_d2i_fp(WOLFSSL_X509 **x509, FILE *file)
If NO_STDIO_FILESYSTEM is defined this function will allocate heap memory, initialize a WOLFSSL_X509 ...
void wolfSSL_flush_sessions(WOLFSSL_CTX *ctx, long tm)
This function flushes session from the session cache which have expired. The time, tm, is used for the time comparison. Note that wolfSSL currently uses a static table for sessions, so no flushing is needed. As such, this function is currently just a stub. This function provides OpenSSL compatibility (SSL_flush_sessions) when wolfSSL is compiled with the OpenSSL compatibility layer.
int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER *cm, const char *f, int format)
Specifies the certificate to verify with the Certificate Manager context. The format can be SSL_FILET...
void wolfSSL_ERR_print_errors_cb(int(*cb)(const char *str, size_t len, void *u), void *u)
This function uses the provided callback to handle error reporting. The callback function is executed...
int wolfSSL_X509_get_signature_type(WOLFSSL_X509 *)
This function returns the value stored in the sigOID member of the WOLFSSL_X509 structure.
long wolfSSL_set_tlsext_status_type(WOLFSSL *s, int type)
This function is called when the client application request that a server send back an OCSP status re...
int wolfSSL_GetHmacSize(WOLFSSL *)
Allows caller to determine the negotiated (h)mac size from the handshake. For cipher types except WOL...
void * wolfSSL_CTX_get_psk_callback_ctx(WOLFSSL_CTX *ctx)
Get a PSK user context in the WOLFSSL_CTX structure.
WOLFSSL_METHOD * wolfTLSv1_client_method(void)
The wolfTLSv1_client_method() function is used to indicate that the application is a client and will ...
int wolfSSL_SetTmpDH_file(WOLFSSL *ssl, const char *f, int format)
This function calls wolfSSL_SetTmpDH_file_wrapper to set server Diffie-Hellman parameters.
int wolfSSL_use_PrivateKey_buffer(WOLFSSL *ssl, const unsigned char *in, long sz, int format)
This function loads a private key buffer into the WOLFSSL object. It behaves like the non-buffered ve...
int wolfSSL_request_certificate(WOLFSSL *ssl)
This function requests a client certificate from the TLS v1.3 client. This is useful when a web serve...
int wolfSSL_set_dtls_fd_connected(WOLFSSL *ssl, int fd)
This function assigns a file descriptor (fd) as the input/output facility for the SSL connection...
int wolfSSL_CTX_use_certificate_buffer(WOLFSSL_CTX *ctx, const unsigned char *in, long sz, int format)
This function loads a certificate buffer into the WOLFSSL Context. It behaves like the non-buffered v...
long wolfSSL_CTX_add_extra_chain_cert(WOLFSSL_CTX *ctx, WOLFSSL_X509 *x509)
This function adds the certificate to the internal chain being built in the WOLFSSL_CTX structure...
int wolfSSL_set1_groups_list(WOLFSSL *ssl, char *list)
This function sets the list of elliptic curve groups to allow on a wolfSSL in order of preference...
int wolfSSL_dtls_set_export(WOLFSSL *ssl, wc_dtls_export func)
The wolfSSL_dtls_set_export() function is used to set the callback function for exporting a session...
int wolfSSL_get_current_cipher_suite(WOLFSSL *ssl)
Returns the current cipher suit an ssl session is using.
void wolfSSL_SetRsaSignCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Public Key RSA Signing Callback Context to ctx.
int wolfSSL_SetHsDoneCb(WOLFSSL *ssl, HandShakeDoneCb cb, void *user_ctx)
This function sets the handshake done callback. The hsDoneCb and hsDoneCtx members of the WOLFSSL str...
int wolfSSL_GetAeadMacSize(WOLFSSL *)
Allows caller to determine the negotiated aead mac size from the handshake. For cipher type WOLFSSL_A...
char * wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME *name, char *in, int sz)
This function copies the name of the x509 into a buffer.
unsigned int wolfSSL_SESSION_get_max_early_data(const WOLFSSL_SESSION *s)
Get the maximum size of Early Data from a session.
const unsigned char * wolfSSL_GetServerWriteIV(WOLFSSL *)
Allows retrieval of the server write IV (initialization vector) from the handshake process...
int wolfSSL_CTX_SetTmpDH(WOLFSSL_CTX *ctx, const unsigned char *p, int pSz, const unsigned char *g, int gSz)
Sets the parameters for the server CTX Diffie-Hellman.
unsigned short wolfSSL_SNI_GetRequest(WOLFSSL *ssl, unsigned char type, void **data)
This function is called on the server side to retrieve the Server Name Indication provided by the cli...
long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX *ctx, WOLFSSL_DH *dh)
Initializes the WOLFSSL_CTX structure’s dh member with the Diffie-Hellman parameters.
int wolfSSL_CTX_use_psk_identity_hint(WOLFSSL_CTX *ctx, const char *hint)
This function stores the hint argument in the server_hint member of the WOLFSSL_CTX structure...
int wolfSSL_use_certificate_buffer(WOLFSSL *ssl, const unsigned char *in, long sz, int format)
This function loads a certificate buffer into the WOLFSSL object. It behaves like the non-buffered ve...
WOLFSSL_X509_CHAIN * wolfSSL_SESSION_get_peer_chain(WOLFSSL_SESSION *session)
Returns the peer certificate chain from the WOLFSSL_SESSION struct.
int wolfSSL_set_ephemeral_key(WOLFSSL *ssl, int keyAlgo, const char *key, unsigned int keySz, int format)
This function sets a fixed / static ephemeral key for testing only.
int wolfSSL_tls_export(WOLFSSL *ssl, unsigned char *buf, unsigned int *sz)
Used to export a serialized TLS session. This function is for importing a serialized state of the con...
void wolfSSL_CTX_set_psk_client_tls13_callback(WOLFSSL_CTX *ctx, wc_psk_client_tls13_callback cb)
This function sets the Pre-Shared Key (PSK) client side callback for TLS v1.3 connections. The callback is used to find a PSK identity and return its key and the name of the cipher to use for the handshake. The function sets the client_psk_tls13_cb member of the WOLFSSL_CTX structure.
int wolfSSL_CertManagerSetOCSPOverrideURL(WOLFSSL_CERT_MANAGER *cm, const char *url)
The function copies the url to the ocspOverrideURL member of the WOLFSSL_CERT_MANAGER structure...
WOLFSSL_METHOD * wolfTLSv1_1_server_method(void)
The wolfTLSv1_1_server_method() function is used to indicate that the application is a server and wil...
long wolfSSL_set_options(WOLFSSL *s, long op)
This function sets the options mask in the ssl. Some valid options are, SSL_OP_ALL, SSL_OP_COOKIE_EXCHANGE, SSL_OP_NO_SSLv2, SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1, SSL_OP_NO_TLSv1_2, SSL_OP_NO_COMPRESSION.
int wolfSSL_CertManagerDisableOCSP(WOLFSSL_CERT_MANAGER *)
Disables OCSP certificate revocation.
int wolfSSL_CTX_load_verify_chain_buffer_format(WOLFSSL_CTX *ctx, const unsigned char *in, long sz, int format)
This function loads a CA certificate chain buffer into the WOLFSSL Context. It behaves like the non-b...
void wolfSSL_CTX_SetRsaVerifyCb(WOLFSSL_CTX *ctx, CallbackRsaVerify cb)
Allows caller to set the Public Key Callback for RSA Verification. The callback should return the num...
int wolfSSL_CTX_set_psk_callback_ctx(WOLFSSL_CTX *ctx, void *psk_ctx)
Sets a PSK user context in the WOLFSSL_CTX structure.
WOLFSSL_X509_NAME * wolfSSL_X509_get_subject_name(WOLFSSL_X509 *)
This function returns the subject member of the WOLFSSL_X509 structure.
int wolfSSL_connect_cert(WOLFSSL *ssl)
This function is called on the client side and initiates an SSL/TLS handshake with a server only long...
int wolfSSL_accept_ex(WOLFSSL *ssl, HandShakeCallBacki hsCb, TimeoutCallBack toCb, WOLFSSL_TIMEVAL timeout)
wolfSSL_accept_ex() is an extension that allows a HandShake Callback to be set. This can be useful in...
int wolfSSL_dtls_import(WOLFSSL *ssl, unsigned char *buf, unsigned int sz)
The wolfSSL_dtls_import() function is used to parse in a serialized session state. This allows for picking up the connection after the handshake has been completed.
void wolfSSL_SetRsaVerifyCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Public Key RSA Verification Callback Context to ctx.
int wolfSSL_X509_digest(const WOLFSSL_X509 *x509, const WOLFSSL_EVP_MD *digest, unsigned char *buf, unsigned int *len)
This function returns the hash of the DER certificate.
void wolfSSL_CTX_set_psk_server_tls13_callback(WOLFSSL_CTX *ctx, wc_psk_server_tls13_callback cb)
This function sets the Pre-Shared Key (PSK) server side callback for TLS v1.3 connections. The callback is used to find a PSK identity and return its key and the name of the cipher to use for the handshake. The function sets the server_psk_tls13_cb member of the WOLFSSL_CTX structure.
int wolfSSL_use_RSAPrivateKey_file(WOLFSSL *ssl, const char *file, int format)
This function loads the private RSA key used in the SSL connection into the SSL session (WOLFSSL stru...
int wolfSSL_dtls_get_current_timeout(WOLFSSL *ssl)
This function returns the current timeout value in seconds for the WOLFSSL object. When using non-blocking sockets, something in the user code needs to decide when to check for available recv data and how long it has been waiting. The value returned by this function indicates how long the application should wait.
WOLFSSL * wolfSSL_new(WOLFSSL_CTX *)
This function creates a new SSL session, taking an already created SSL context as input...
int wolfSSL_set_fd(WOLFSSL *ssl, int fd)
This function assigns a file descriptor (fd) as the input/output facility for the SSL connection...
int wolfSSL_dtls_set_timeout_max(WOLFSSL *ssl, int)
This function sets the maximum dtls timeout.
int wolfSSL_CTX_der_load_verify_locations(WOLFSSL_CTX *ctx, const char *file, int format)
This function is similar to wolfSSL_CTX_load_verify_locations, but allows the loading of DER-formatte...
WOLFSSL_X509 * wolfSSL_get_peer_certificate(WOLFSSL *ssl)
This function gets the peer’s certificate.
const unsigned char * wolfSSL_GetServerWriteKey(WOLFSSL *)
Allows retrieval of the server write key from the handshake process.
int wolfSSL_disable_hrr_cookie(WOLFSSL *ssl)
This function is called on the server side to indicate that a HelloRetryRequest message must NOT cont...
int wolfSSL_DisableCRL(WOLFSSL *ssl)
Disables CRL certificate revocation.
void * wolfSSL_CTX_get_TicketEncCtx(WOLFSSL_CTX *ctx)
This function gets the session ticket encrypt user context for the callback. For server side use...
const unsigned char * wolfSSL_GetClientWriteIV(WOLFSSL *)
Allows retrieval of the client write IV (initialization vector) from the handshake process...
WOLFSSL_SESSION * wolfSSL_get1_session(WOLFSSL *ssl)
This function returns the WOLFSSL_SESSION from the WOLFSSL structure as a reference type...
int wolfSSL_CTX_restore_cert_cache(WOLFSSL_CTX *ctx, const char *fname)
This function persistes certificate cache from a file.
int wolfSSL_use_PrivateKey_ASN1(int pri, WOLFSSL *ssl, unsigned char *der, long derSz)
This is used to set the private key for the WOLFSSL structure. A DER formatted key buffer is expected...
WC_PKCS12 * wolfSSL_i2d_PKCS12_bio(WOLFSSL_BIO *bio, WC_PKCS12 *pkcs12)
wolfSSL_i2d_PKCS12_bio (i2d_PKCS12_bio) copies in the cert information from the structure WC_PKCS12 t...
const char ** wolfSSL_get_system_CA_dirs(word32 *num)
This function returns a pointer to an array of strings representing directories wolfSSL will search f...
int wolfSSL_allow_post_handshake_auth(WOLFSSL *ssl)
This function is called on a TLS v1.3 client wolfSSL to allow a client certifcate to be sent post han...
WOLFSSL_CERT_MANAGER * wolfSSL_CertManagerNew_ex(void *heap)
Allocates and initializes a new Certificate Manager context. This context may be used independent of ...
int wolfSSL_use_certificate_file(WOLFSSL *ssl, const char *file, int format)
This function loads a certificate file into the SSL session (WOLFSSL structure). The certificate file...
int wolfSSL_memrestore_session_cache(const void *mem, int sz)
This function restores the persistent session cache from memory.
int wolfSSL_ALPN_GetPeerProtocol(WOLFSSL *ssl, char **list, unsigned short *listSz)
This function copies the alpn_client_list data from the SSL object to the buffer. ...
WOLFSSL_DH * wolfSSL_DSA_dup_DH(const WOLFSSL_DSA *r)
This function duplicates the parameters in dsa to a newly created WOLFSSL_DH structure.
void wolfSSL_SetDecryptVerifyCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Atomic User Record Processing Decrypt/Verify Callback Context to ctx...
void wolfSSL_SetMacEncryptCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Atomic User Record Processing Mac/Encrypt Callback Context to ctx...
int wolfSSL_CTX_get_ephemeral_key(WOLFSSL_CTX *ctx, int keyAlgo, const unsigned char **key, unsigned int *keySz)
This function returns pointer to loaded key as ASN.1/DER.
int wolfSSL_connect_ex(WOLFSSL *ssl, HandShakeCallBack hsCb, TimeoutCallBack toCb, WOLFSSL_TIMEVAL timeout)
wolfSSL_connect_ex() is an extension that allows a HandShake Callback to be set. This can be useful i...
int wolfSSL_connect_TLSv13(WOLFSSL *)
This function is called on the client side and initiates a TLS v1.3 handshake with a server...
int wolfSSL_CTX_use_certificate_chain_buffer(WOLFSSL_CTX *ctx, const unsigned char *in, long sz)
This function loads a certificate chain buffer into the WOLFSSL Context. It behaves like the non-buff...
int wolfSSL_CTX_EnableCRL(WOLFSSL_CTX *ctx, int options)
Enables CRL certificate verification through the CTX.
long wolfSSL_BIO_set_fd(WOLFSSL_BIO *b, int fd, int flag)
Sets the file descriptor for bio to use.
int wolfSSL_X509_STORE_add_cert(WOLFSSL_X509_STORE *store, WOLFSSL_X509 *x509)
This function adds a certificate to the WOLFSSL_X509_STRE structure.
int wolfSSL_tls_import(WOLFSSL *ssl, const unsigned char *buf, unsigned int sz)
Used to import a serialized TLS session. This function is for importing the state of the connection...
wc_pem_password_cb * wolfSSL_CTX_get_default_passwd_cb(WOLFSSL_CTX *ctx)
This is a getter function for the password callback set in ctx.
void * wolfSSL_GetDecryptVerifyCtx(WOLFSSL *ssl)
Allows caller to retrieve the Atomic User Record Processing Decrypt/Verify Callback Context previousl...
int wolfSSL_NoKeyShares(WOLFSSL *ssl)
This function is called to ensure no key shares are sent in the ClientHello. This will force the serv...
int wolfSSL_SetOCSP_OverrideURL(WOLFSSL *ssl, const char *url)
This function sets the ocspOverrideURL member in the WOLFSSL_CERT_MANAGER structure.
int wolfSSL_no_dhe_psk(WOLFSSL *ssl)
This function is called on a TLS v1.3 client or server wolfSSL to disallow Diffie-Hellman (DH) style ...
WOLFSSL_METHOD * wolfDTLS_server_method(void)
The wolfDTLS_server_method() function is used to indicate that the application is a server and will s...
void wolfSSL_CTX_set_verify(WOLFSSL_CTX *ctx, int mode, VerifyCallback verify_callback)
This function sets the verification method for remote peers and also allows a verify callback to be r...
int wolfSSL_CTX_memsave_cert_cache(WOLFSSL_CTX *ctx, void *mem, int sz, int *used)
This function persists the certificate cache to memory.
int wolfSSL_dtls_get_using_nonblock(WOLFSSL *)
This function allows the application to determine if wolfSSL is using non-blocking I/O with UDP...
int wolfSSL_dtls_set_peer(WOLFSSL *ssl, void *peer, unsigned int peerSz)
This function sets the DTLS peer, peer (sockaddr_in) with size of peerSz.
long wolfSSL_BIO_set_fp(WOLFSSL_BIO *bio, XFILE fp, int c)
This is used to set the internal file pointer for a BIO.