598 wc_dtls_export func);
733 wolfSSL_method_func method,
734 unsigned char* buf,
unsigned int sz,
1013 const char*,
unsigned int flags);
2545 VerifyCallback verify_callback);
4539 unsigned long flag);
4572 WOLFSSL_BIGNUM *bn);
4911 int (*cb)(
const char *str,
size_t len,
void *u),
void *u);
4941 wc_psk_client_callback);
4972 wc_psk_client_callback);
5128 wc_psk_server_callback);
5163 wc_psk_server_callback);
5756 unsigned char* buf,
int inLen,
int* outLen);
6022 WOLFSSL_API
unsigned char*
6056 WOLFSSL_API
unsigned char*
6092 WOLFSSL_API
unsigned char*
6176 WC_PKCS12** pkcs12);
6300 const unsigned char* g,
int gSz);
6441 int pSz,
const unsigned char* g,
int gSz);
6486 long sz,
int format);
7011 const unsigned char*,
long,
int);
7064 const unsigned char*,
long,
int);
7118 const unsigned char*,
long,
int);
7166 const unsigned char*,
long,
int);
7216 const unsigned char*,
long,
int);
7265 const unsigned char*,
long);
7410 const unsigned char*,
long);
7548 WOLFSSL_API
int wolfSSL_DTLS_SetCookieSecret(
WOLFSSL*,
7549 const unsigned char*,
7809 CallbackDecryptVerify);
8733 const unsigned char* in,
long sz,
int format);
8898 const unsigned char* buff,
long sz,
int format);
8962 unsigned char*,
int sz);
9072 const char*,
int,
int);
9109 const unsigned char*,
long sz,
int);
9185 unsigned char*,
int sz);
9311 CbOCSPIO, CbOCSPRespFree,
void*);
9829 CbOCSPIO, CbOCSPRespFree,
void*);
9955 WOLFSSL_API
int wolfSSL_UseSNI(
WOLFSSL* ssl,
unsigned char type,
9956 const void* data,
unsigned short size);
9994 WOLFSSL_API
int wolfSSL_CTX_UseSNI(
WOLFSSL_CTX* ctx,
unsigned char type,
9995 const void* data,
unsigned short size);
10044 unsigned char options);
10089 unsigned char type,
unsigned char options);
10129 WOLFSSL_API
int wolfSSL_SNI_GetFromBuffer(
10130 const unsigned char* clientHello,
unsigned int helloSz,
10131 unsigned char type,
unsigned char* sni,
unsigned int* inOutSz);
10202 unsigned char type,
void** data);
10244 unsigned int protocol_name_listSz,
10245 unsigned char options);
10286 unsigned short *size);
10329 unsigned short *listSz);
10514 unsigned char status_type,
unsigned char options);
10555 unsigned char status_type,
unsigned char options);
10585 unsigned char status_type,
unsigned char options);
10620 unsigned char status_type,
unsigned char options);
10927 CallbackSessionTicket,
void*);
10980 SessionTicketEncCb);
11201 unsigned int* total,
11202 unsigned int* peak,
11203 unsigned int* maxSessions);
11250 const unsigned char* pms, word32 pmsLen,
11251 const unsigned char* cr,
const unsigned char* sr,
11252 int tls1_2,
int hash_type);
11297 const unsigned char* ms, word32 msLen,
11298 const unsigned char* sr,
const unsigned char* cr,
11299 int tls1_2,
int hash_type);
11475 int nid,
int lastPos);
11508 int nid,
int* c,
int* idx);
11537 const WOLFSSL_EVP_MD* digest,
unsigned char* buf,
unsigned int* len);
11654 unsigned char* der,
long derSz);
11746 unsigned char* out,
int outSz);
11915 unsigned char *out,
size_t outlen);
11949 unsigned char* out,
size_t outSz);
WOLFSSL_API int wolfSSL_dtls_get_using_nonblock(WOLFSSL *)
This function allows the application to determine if wolfSSL is using non-blocking I/O with UDP...
Definition: ssl.c:11068
WOLFSSL_API void wolfSSL_SetRsaVerifyCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Public Key RSA Verification Callback Context to ctx.
Definition: ssl.c:35998
WOLFSSL_API int wolfSSL_CTX_SetTmpDH_buffer(WOLFSSL_CTX *, const unsigned char *b, long sz, int format)
A wrapper function that calls wolfSSL_SetTmpDH_buffer_wrapper.
Definition: ssl.c:13809
WOLFSSL_API int wolfSSL_shutdown(WOLFSSL *)
This function shuts down an active SSL/TLS connection using the SSL session, ssl. This function will ...
Definition: ssl.c:2970
WOLFSSL_API int wolfSSL_CertManagerEnableOCSPStapling(WOLFSSL_CERT_MANAGER *cm)
This function turns on OCSP stapling if it is not turned on as well as set the options.
Definition: ssl.c:6180
WOLFSSL_API const char * wolfSSL_get_psk_identity(const WOLFSSL *)
The function returns a constant pointer to the client_identity member of the Arrays structure...
Definition: ssl.c:13529
WOLFSSL_API WOLFSSL_CIPHER * wolfSSL_get_current_cipher(WOLFSSL *)
This function returns a pointer to the current cipher in the ssl session.
Definition: ssl.c:19312
WOLFSSL_API int wolfSSL_SetCRL_Cb(WOLFSSL *, CbMissingCRL)
Sets the CRL callback in the WOLFSSL_CERT_MANAGER structure.
Definition: ssl.c:6958
WOLFSSL_API int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER *, const char *f, int format)
Specifies the certificate to verify with the Certificate Manager context. The format can be SSL_FILET...
Definition: ssl.c:6696
WOLFSSL_API WOLFSSL_METHOD * wolfSSLv3_client_method(void)
The wolfSSLv3_client_method() function is used to indicate that the application is a client and will ...
Definition: ssl.c:11347
WOLFSSL_API WOLFSSL_METHOD * wolfSSLv3_server_method(void)
The wolfSSLv3_server_method() function is used to indicate that the application is a server and will ...
Definition: ssl.c:11731
WOLFSSL_API const unsigned char * wolfSSL_GetMacSecret(WOLFSSL *, int)
Allows retrieval of the Hmac/Mac secret from the handshake process. The verify parameter specifies wh...
Definition: ssl.c:3231
WOLFSSL_API int wolfSSL_BIO_write_filename(WOLFSSL_BIO *bio, char *name)
This is used to set and write to a file. WIll overwrite any data currently in the file and is set to ...
Definition: bio.c:1362
WOLFSSL_API int wolfSSL_negotiate(WOLFSSL *ssl)
Performs the actual connect or accept based on the side of the SSL method. If called from the client ...
Definition: ssl.c:1381
WOLFSSL_API long wolfSSL_CTX_set_tlsext_status_arg(WOLFSSL_CTX *, void *arg)
This function sets the options argument to use with OCSP.
Definition: ssl.c:25697
WOLFSSL_API int wolfSSL_GetKeySize(WOLFSSL *)
Allows retrieval of the key size from the handshake process.
Definition: ssl.c:3414
WOLFSSL_API unsigned short wolfSSL_SNI_GetRequest(WOLFSSL *ssl, unsigned char type, void **data)
This function is called on the server side to retrieve the Server Name Indication provided by the cli...
Definition: ssl.c:2196
WOLFSSL_API void * wolfSSL_GetMacEncryptCtx(WOLFSSL *ssl)
Allows caller to retrieve the Atomic User Record Processing Mac/Encrypt Callback Context previously s...
Definition: ssl.c:3267
WOLFSSL_API int wolfSSL_SetTmpDH_buffer(WOLFSSL *, const unsigned char *b, long sz, int format)
The function calls the wolfSSL_SetTMpDH_buffer_wrapper, which is a wrapper for Diffie-Hellman paramet...
Definition: ssl.c:13798
WOLFSSL_API int wolfSSL_LoadCRL(WOLFSSL *, const char *, int, int)
A wrapper function that ends up calling LoadCRL to load the certificate for revocation checking...
Definition: ssl.c:6948
WOLFSSL_API int wolfSSL_CTX_load_verify_chain_buffer_format(WOLFSSL_CTX *, const unsigned char *, long, int)
This function loads a CA certificate chain buffer into the WOLFSSL Context. It behaves like the non-b...
Definition: ssl.c:13627
WOLFSSL_API void wolfSSL_load_error_strings(void)
This function is for OpenSSL compatibility (SSL_load_error_string) only and takes no action...
Definition: ssl.c:10397
WOLFSSL_API int wolfSSL_dtls_set_timeout_max(WOLFSSL *ssl, int)
This function sets the maximum dtls timeout.
Definition: ssl.c:11170
WOLFSSL_API WOLFSSL_DSA * wolfSSL_PEM_read_bio_DSAparams(WOLFSSL_BIO *bp, WOLFSSL_DSA **x, pem_password_cb *cb, void *u)
This function get the DSA parameters from a PEM buffer in bio.
Definition: ssl.c:39314
WOLFSSL_API WOLFSSL_METHOD * wolfSSLv23_server_method(void)
The wolfSSLv23_server_method() function is used to indicate that the application is a server and will...
Definition: ssl.c:11750
WOLFSSL_API int wolfSSL_CTX_get_read_ahead(WOLFSSL_CTX *)
This function returns the get read ahead flag from a WOLFSSL_CTX structure.
Definition: ssl.c:25743
WOLFSSL_API WOLFSSL_X509 * wolfSSL_X509_load_certificate_file(const char *fname, int format)
The function loads the x509 certificate into memory.
Definition: ssl.c:18650
WOLFSSL_API int wolfSSL_CTX_load_verify_locations_ex(WOLFSSL_CTX *, const char *, const char *, unsigned int flags)
This function loads PEM-formatted CA certificate files into the SSL context (WOLFSSL_CTX). These certificates will be treated as trusted root certificates and used to verify certs received from peers during the SSL handshake. The root certificate file, provided by the file argument, may be a single certificate or a file containing multiple certificates. If multiple CA certs are included in the same file, wolfSSL will load them in the same order they are presented in the file. The path argument is a pointer to the name of a directory that contains certificates of trusted root CAs. If the value of file is not NULL, path may be specified as NULL if not needed. If path is specified and NO_WOLFSSL_DIR was not defined when building the library, wolfSSL will load all CA certificates located in the given directory. This function will attempt to load all files in the directory based on flags specified. This function expects PEM formatted CERT_TYPE files with header “--—BEGIN CERTIFICATE--—”.
WOLFSSL_API long wolfSSL_CTX_set_session_cache_mode(WOLFSSL_CTX *, long)
This function enables or disables SSL session caching. Behavior depends on the value used for mode...
Definition: ssl.c:10435
WOLFSSL_API const char * wolfSSL_get_cipher(WOLFSSL *)
This function matches the cipher suite in the SSL object with the available suites.
Definition: ssl.c:19371
WOLFSSL_API int wolfSSL_GetSessionAtIndex(int index, WOLFSSL_SESSION *session)
This function gets the session at specified index of the session cache and copies it into memory...
Definition: ssl.c:12927
WOLFSSL_API int wolfSSL_use_PrivateKey_file(WOLFSSL *, const char *, int)
This function loads a private key file into the SSL session (WOLFSSL structure). The key file is prov...
Definition: ssl.c:9694
WOLFSSL_API int wolfSSL_CTX_DisableCRL(WOLFSSL_CTX *ctx)
This function disables CRL verification in the CTX structure.
Definition: ssl.c:6988
WOLFSSL_API void wolfSSL_CTX_SNI_SetOptions(WOLFSSL_CTX *ctx, unsigned char type, unsigned char options)
This function is called on the server side to configure the behavior of the SSL sessions using Server...
Definition: ssl.c:2183
WOLFSSL_API int wolfSSL_get_fd(const WOLFSSL *)
This function returns the file descriptor (fd) used as the input/output facility for the SSL connecti...
Definition: ssl.c:937
WOLFSSL_API void wolfSSL_CTX_SetRsaDecCb(WOLFSSL_CTX *, CallbackRsaDec)
Allows caller to set the Public Key Callback for RSA Private Decrypt. The callback should return the ...
Definition: ssl.c:36072
WOLFSSL_API int wolfSSL_UseMaxFragment(WOLFSSL *ssl, unsigned char mfl)
This function is called on the client side to enable the use of Maximum Fragment Length in the SSL ob...
Definition: ssl.c:2258
WOLFSSL_API long wolfSSL_CTX_add_extra_chain_cert(WOLFSSL_CTX *, WOLFSSL_X509 *)
This function adds the certificate to the internal chain being built in the WOLFSSL_CTX structure...
Definition: ssl.c:25608
WOLFSSL_API void wolfSSL_CTX_SetMacEncryptCb(WOLFSSL_CTX *, CallbackMacEncrypt)
Allows caller to set the Atomic User Record Processing Mac/Encrypt Callback. The callback should retu...
Definition: ssl.c:3253
WOLFSSL_API int wolfSSL_CTX_use_certificate_buffer(WOLFSSL_CTX *, const unsigned char *, long, int)
This function loads a certificate buffer into the WOLFSSL Context. It behaves like the non-buffered v...
Definition: ssl.c:13658
WOLFSSL_API int wolfSSL_CertManagerDisableOCSP(WOLFSSL_CERT_MANAGER *)
Disables OCSP certificate revocation.
Definition: ssl.c:6168
WOLFSSL_API const char * wolfSSL_lib_version(void)
This function returns the current library version.
Definition: ssl.c:19291
WOLFSSL_API void wolfSSL_ERR_print_errors_fp(FILE *, int err)
This function converts an error code returned by wolfSSL_get_error() into a more human-readable error...
WOLFSSL_API int wolfSSL_CTX_EnableCRL(WOLFSSL_CTX *ctx, int options)
Enables CRL certificate verification through the CTX.
Definition: ssl.c:6978
WOLFSSL_API int wolfSSL_CertManagerCheckCRL(WOLFSSL_CERT_MANAGER *, unsigned char *, int sz)
Check CRL if the option is enabled and compares the cert to the CRL list.
Definition: ssl.c:6848
WOLFSSL_API void * wolfSSL_GetRsaSignCtx(WOLFSSL *ssl)
Allows caller to retrieve the Public Key RSA Signing Callback Context previously stored with wolfSSL_...
Definition: ssl.c:35984
WOLFSSL_API void wolfSSL_CertManagerSetVerify(WOLFSSL_CERT_MANAGER *cm, VerifyCallback vc)
The function sets the verifyCallback function in the Certificate Manager. If present, it will be called for each cert loaded. If there is a verification error, the verify callback can be used to over-ride the error.
Definition: ssl.c:6005
WOLFSSL_API WOLFSSL * wolfSSL_new(WOLFSSL_CTX *)
This function creates a new SSL session, taking an already created SSL context as input...
Definition: ssl.c:533
WOLFSSL_API int wolfSSL_CTX_set_TicketEncCb(WOLFSSL_CTX *ctx, SessionTicketEncCb)
This function sets the session ticket key encrypt callback function for a server to support session t...
Definition: ssl.c:2774
WOLFSSL_API int wolfSSL_get_error(WOLFSSL *, int)
This function returns a unique error code describing why the previous API function call (wolfSSL_conn...
Definition: ssl.c:3053
WOLFSSL_API int wolfSSL_dtls_import(WOLFSSL *ssl, unsigned char *buf, unsigned int sz)
The wolfSSL_dtls_import() function is used to parse in a serialized session state. This allows for picking up the connection after the handshake has been completed.
Definition: ssl.c:192
WOLFSSL_API int wolfSSL_GetOutputSize(WOLFSSL *, int)
Returns the record layer size of the plaintext input. This is helpful when an application wants to kn...
Definition: ssl.c:1635
WOLFSSL_API WOLFSSL_SESSION * wolfSSL_get1_session(WOLFSSL *ssl)
This function returns the WOLFSSL_SESSION from the WOLFSSL structure.
Definition: ssl.c:21380
WOLFSSL_API int wolfSSL_SetServerID(WOLFSSL *, const unsigned char *, int, int)
This function associates the client session with the server id. If the newSession flag is on...
Definition: ssl.c:10081
WOLFSSL_API const unsigned char * wolfSSL_GetClientWriteKey(WOLFSSL *)
Allows retrieval of the client write key from the handshake process.
Definition: ssl.c:3379
WOLFSSL_API WOLFSSL_SESSION * wolfSSL_get_session(WOLFSSL *)
This function returns a pointer to the current session (WOLFSSL_SESSION) used in ssl. The WOLFSSL_SESSION pointed to contains all the necessary information required to perform a session resumption and reestablish the connection without a new handshake. For session resumption, before calling wolfSSL_shutdown() with your session object, an application should save the session ID from the object with a call to wolfSSL_get_session(), which returns a pointer to the session. Later, the application should create a new WOLFSSL object and assign the saved session with wolfSSL_set_session(). At this point, the application may call wolfSSL_connect() and wolfSSL will try to resume the session. The wolfSSL server code allows session resumption by default.
Definition: ssl.c:10055
WOLFSSL_API int wolfSSL_CTX_Unload_trust_peers(WOLFSSL_CTX *)
This function is used to unload all previously loaded trusted peer certificates. Feature is enabled b...
Definition: ssl.c:13936
WOLFSSL_API void * wolfSSL_GetRsaDecCtx(WOLFSSL *ssl)
Allows caller to retrieve the Public Key RSA Private Decrypt Callback Context previously stored with ...
Definition: ssl.c:36082
WOLFSSL_API WOLFSSL_METHOD * wolfTLSv1_server_method(void)
The wolfTLSv1_server_method() function is used to indicate that the application is a server and will ...
Definition: tls.c:11594
WOLFSSL_API int wolfSSL_CTX_use_certificate_file(WOLFSSL_CTX *, const char *, int)
This function loads a certificate file into the SSL context (WOLFSSL_CTX). The file is provided by th...
Definition: ssl.c:7056
WOLFSSL_API WOLFSSL_METHOD * wolfSSLv23_client_method(void)
The wolfSSLv23_client_method() function is used to indicate that the application is a client and will...
Definition: ssl.c:11365
WOLFSSL_API int wolfSSL_CTX_load_static_memory(WOLFSSL_CTX **ctx, wolfSSL_method_func method, unsigned char *buf, unsigned int sz, int flag, int max)
This function is used to set aside static memory for a CTX. Memory set aside is then used for the CTX...
Definition: ssl.c:1500
WOLFSSL_API int wolfSSL_use_certificate_buffer(WOLFSSL *, const unsigned char *, long, int)
This function loads a certificate buffer into the WOLFSSL object. It behaves like the non-buffered ve...
Definition: ssl.c:13818
WOLFSSL_API void wolfSSL_CTX_SetCACb(WOLFSSL_CTX *, CallbackCACache)
This function registers a callback with the SSL context (WOLFSSL_CTX) to be called when a new CA cert...
Definition: ssl.c:9976
WOLFSSL_API word32 wolfSSL_lib_version_hex(void)
This function returns the current library version in hexadecimal notation.
Definition: ssl.c:19298
WOLFSSL_API int wolfSSL_X509_NAME_get_text_by_NID(WOLFSSL_X509_NAME *, int, char *, int)
This function gets the text related to the passed in NID value.
Definition: ssl.c:19673
WOLFSSL_API int wolfSSL_X509_get_serial_number(WOLFSSL_X509 *, unsigned char *, int *)
Retrieves the peer’s certificate serial number. The serial number buffer (in) should be at least 32 ...
Definition: ssl.c:17423
WOLFSSL_API int wolfSSL_use_certificate(WOLFSSL *ssl, WOLFSSL_X509 *x509)
his is used to set the certificate for WOLFSSL structure to use during a handshake.
Definition: ssl.c:9634
WOLFSSL_API int wolfSSL_UseOCSPStaplingV2(WOLFSSL *ssl, unsigned char status_type, unsigned char options)
The function sets the status type and options for OCSP.
Definition: ssl.c:2347
WOLFSSL_API int wolfSSL_set_SessionTicket_cb(WOLFSSL *, CallbackSessionTicket, void *)
This function sets the session ticket callback. The type CallbackSessionTicket is a function pointer ...
Definition: ssl.c:2879
WOLFSSL_API int wolfSSL_get_chain_cert_pem(WOLFSSL_X509_CHAIN *, int idx, unsigned char *buf, int inLen, int *outLen)
Retrieves the peer’s PEM certificate at index (idx).
Definition: ssl.c:35642
WOLFSSL_API const unsigned char * wolfSSL_get_sessionID(const WOLFSSL_SESSION *s)
Retrieves the session’s ID. The session ID is always 32 bytes long.
Definition: ssl.c:35712
WOLFSSL_API void * wolfSSL_get_jobject(WOLFSSL *ssl)
This function returns the jObjectRef member of the WOLFSSL structure.
Definition: ssl.c:42724
WOLFSSL_API int wolfSSL_CTX_allow_anon_cipher(WOLFSSL_CTX *)
This function enables the havAnon member of the CTX structure if HAVE_ANON is defined during compilat...
Definition: ssl.c:13579
WOLFSSL_API WOLFSSL_BIGNUM * wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai, WOLFSSL_BIGNUM *bn)
This function is used to copy a WOLFSSL_ASN1_INTEGER value to a WOLFSSL_BIGNUM structure.
Definition: ssl.c:44324
WOLFSSL_API int wolfSSL_CTX_UseSupportedCurve(WOLFSSL_CTX *ctx, word16 name)
This function is called on the client side to enable the use of Supported Elliptic Curves Extension f...
Definition: ssl.c:2412
WOLFSSL_API int wolfSSL_CTX_save_cert_cache(WOLFSSL_CTX *, const char *)
This function writes the cert cache from memory to file.
Definition: ssl.c:9988
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509) *wolfSSL_get_peer_cert_chain(const WOLFSSL *)
This function gets the peer’s certificate chain.
Definition: ssl.c:16984
WOLFSSL_API int wolfSSL_use_certificate_ASN1(WOLFSSL *ssl, unsigned char *der, int derSz)
This is used to set the certificate for WOLFSSL structure to use during a handshake. A DER formatted buffer is expected.
WOLFSSL_API int wolfSSL_save_session_cache(const char *)
This function persists the session cache to file. It doesn’t use memsave because of additional memor...
Definition: ssl.c:10254
WOLFSSL_API int wolfSSL_CTX_trust_peer_cert(WOLFSSL_CTX *, const char *, int)
This function loads a certificate to use for verifying a peer when performing a TLS/SSL handshake...
Definition: ssl.c:6681
WOLFSSL_API int wolfSSL_UseOCSPStapling(WOLFSSL *ssl, unsigned char status_type, unsigned char options)
Stapling eliminates the need to contact the CA. Stapling lowers the cost of certificate revocation ch...
Definition: ssl.c:2323
WOLFSSL_API int wolfSSL_CTX_SetMinRsaKey_Sz(WOLFSSL_CTX *, short)
Sets the minimum RSA key size in both the WOLFSSL_CTX structure and the WOLFSSL_CERT_MANAGER structur...
Definition: ssl.c:1684
WOLFSSL_API int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX *, const char *, const char *)
This function loads PEM-formatted CA certificate files into the SSL context (WOLFSSL_CTX). These certificates will be treated as trusted root certificates and used to verify certs received from peers during the SSL handshake. The root certificate file, provided by the file argument, may be a single certificate or a file containing multiple certificates. If multiple CA certs are included in the same file, wolfSSL will load them in the same order they are presented in the file. The path argument is a pointer to the name of a directory that contains certificates of trusted root CAs. If the value of file is not NULL, path may be specified as NULL if not needed. If path is specified and NO_WOLFSSL_DIR was not defined when building the library, wolfSSL will load all CA certificates located in the given directory. This function will attempt to load all files in the directory. This function expects PEM formatted CERT_TYPE file with header “--—BEGIN CERTIFICATE--—”.
Definition: ssl.c:6667
WOLFSSL_API int wolfSSL_CTX_dtls_set_export(WOLFSSL_CTX *ctx, wc_dtls_export func)
The wolfSSL_CTX_dtls_set_export() function is used to set the callback function for exporting a sessi...
Definition: ssl.c:207
WOLFSSL_API int wolfSSL_CTX_SetMinDhKey_Sz(WOLFSSL_CTX *, word16)
This function sets the minimum size of the Diffie Hellman key size by accessing the minDhKeySz member...
Definition: ssl.c:1882
WOLFSSL_API int wolfSSL_dtls_set_peer(WOLFSSL *, void *, unsigned int)
This function sets the DTLS peer, peer (sockaddr_in) with size of peerSz.
Definition: ssl.c:1000
WOLFSSL_API int wolfSSL_dtls(WOLFSSL *ssl)
This function is used to determine if the SSL session has been configured to use DTLS.
Definition: ssl.c:949
WOLFSSL_API int wolfSSL_Rehandshake(WOLFSSL *ssl)
This function executes a secure renegotiation handshake; this is user forced as wolfSSL discourages t...
Definition: ssl.c:2715
WOLFSSL_API int wolfSSL_get_SessionTicket(WOLFSSL *, unsigned char *, word32 *)
This function copies the ticket member of the Session structure to the buffer.
Definition: ssl.c:2826
WOLFSSL_API int wolfSSL_get_session_stats(unsigned int *active, unsigned int *total, unsigned int *peak, unsigned int *maxSessions)
This function gets the statistics for the session.
WOLFSSL_API int wolfSSL_set_session(WOLFSSL *, WOLFSSL_SESSION *)
This function sets the session to be used when the SSL object, ssl, is used to establish a SSL/TLS co...
Definition: ssl.c:10066
WOLFSSL_API int wolfSSL_SESSION_get_master_key_length(const WOLFSSL_SESSION *ses)
This is used to get the master secret key length.
Definition: ssl.c:9849
WOLFSSL_API void * wolfSSL_GetDecryptVerifyCtx(WOLFSSL *ssl)
Allows caller to retrieve the Atomic User Record Processing Decrypt/Verify Callback Context previousl...
Definition: ssl.c:3290
WOLFSSL_API int wolfSSL_X509_get_signature(WOLFSSL_X509 *, unsigned char *, int *)
Gets the X509 signature and stores it in the buffer.
Definition: ssl.c:17320
WOLFSSL_API int wolfSSL_memsave_session_cache(void *, int)
This function persists session cache to memory.
Definition: ssl.c:10158
WOLFSSL_API int wolfSSL_CTX_SetCRL_Cb(WOLFSSL_CTX *, CbMissingCRL)
This function will set the callback argument to the cbMissingCRL member of the WOLFSSL_CERT_MANAGER s...
Definition: ssl.c:7009
WOLFSSL_API int wolfSSL_GetCipherBlockSize(WOLFSSL *)
Allows caller to determine the negotiated cipher block size from the handshake.
Definition: ssl.c:3459
WOLFSSL_API int wolfSSL_ALPN_GetPeerProtocol(WOLFSSL *ssl, char **list, unsigned short *listSz)
This function copies the alpn_client_list data from the SSL object to the buffer. ...
WOLFSSL_API void wolfSSL_flush_sessions(WOLFSSL_CTX *, long)
This function flushes session from the session cache which have expired. The time, tm, is used for the time comparison. Note that wolfSSL currently uses a static table for sessions, so no flushing is needed. As such, this function is currently just a stub. This function provides OpenSSL compatibility (SSL_flush_sessions) when wolfSSL is compiled with the OpenSSL compatibility layer.
Definition: ssl.c:12203
Definition: internal.h:3546
WOLFSSL_API unsigned char * wolfSSL_X509_get_hw_type(WOLFSSL_X509 *, unsigned char *, int *)
The function copies the hwType member of the WOLFSSL_X509 structure to the buffer.
Definition: ssl.c:17573
WOLFSSL_API int wolfSSL_CTX_set_read_ahead(WOLFSSL_CTX *, int v)
This function sets the read ahead flag in the WOLFSSL_CTX structure.
Definition: ssl.c:25753
WOLFSSL_API const char * wolfSSL_get_cipher_name(WOLFSSL *ssl)
This function gets the cipher name in the format DHE-RSA by passing through argument to wolfSSL_get_c...
Definition: ssl.c:19378
WOLFSSL_API int wolfSSL_write(WOLFSSL *, const void *, int)
This function writes sz bytes from the buffer, data, to the SSL connection, ssl. If necessary...
Definition: ssl.c:1934
WOLFSSL_API int wolfSSL_CTX_use_psk_identity_hint(WOLFSSL_CTX *, const char *)
This function stores the hint argument in the server_hint member of the WOLFSSL_CTX structure...
Definition: ssl.c:13540
WOLFSSL_API int wolfSSL_set_msg_callback_arg(WOLFSSL *ssl, void *arg)
This function sets associated callback context value in the ssl. The value is handed over to the call...
Definition: ssl.c:43851
WOLFSSL_API int wolfSSL_restore_session_cache(const char *)
This function restores the persistent session cache from file. It does not use memstore because of ad...
Definition: ssl.c:10321
WOLFSSL_API int wolfSSL_GetDhKey_Sz(WOLFSSL *)
Returns the value of dhKeySz that is a member of the options structure. This value represents the Dif...
Definition: ssl.c:1922
WOLFSSL_API WOLFSSL_METHOD * wolfTLSv1_2_server_method(void)
The wolfTLSv1_2_server_method() function is used to indicate that the application is a server and wil...
Definition: tls.c:11634
WOLFSSL_API int wolfSSL_use_PrivateKey(WOLFSSL *ssl, WOLFSSL_EVP_PKEY *pkey)
This is used to set the private key for the WOLFSSL structure.
Definition: ssl.c:9579
WOLFSSL_API WOLFSSL_METHOD * wolfTLSv1_1_client_method(void)
The wolfTLSv1_1_client_method() function is used to indicate that the application is a client and wil...
Definition: tls.c:11258
Definition: internal.h:2595
WOLFSSL_API int wolfSSL_CTX_UseMaxFragment(WOLFSSL_CTX *ctx, unsigned char mfl)
This function is called on the client side to enable the use of Maximum Fragment Length for SSL objec...
Definition: ssl.c:2287
WOLFSSL_API WOLFSSL_X509_NAME * wolfSSL_X509_get_issuer_name(WOLFSSL_X509 *)
This function returns the name of the certificate issuer.
Definition: ssl.c:19636
WOLFSSL_API int wolfSSL_GetCipherType(WOLFSSL *)
Allows caller to determine the negotiated cipher type from the handshake.
Definition: ssl.c:3441
WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_buffer(WOLFSSL_CTX *, const unsigned char *, long)
This function loads a certificate chain buffer into the WOLFSSL Context. It behaves like the non-buff...
Definition: ssl.c:13707
WOLFSSL_API int wolfSSL_use_PrivateKey_ASN1(int pri, WOLFSSL *ssl, unsigned char *der, long derSz)
This is used to set the private key for the WOLFSSL structure. A DER formatted key buffer is expected...
WOLFSSL_API int wolfSSL_MakeTlsMasterSecret(unsigned char *ms, word32 msLen, const unsigned char *pms, word32 pmsLen, const unsigned char *cr, const unsigned char *sr, int tls1_2, int hash_type)
This function copies the values of cr and sr then passes through to wc_PRF (pseudo random function) a...
Definition: tls.c:446
WOLFSSL_API int wolfSSL_peek(WOLFSSL *, void *, int)
This function copies sz bytes from the SSL session (ssl) internal read buffer into the buffer data...
Definition: ssl.c:2064
WOLFSSL_API int wolfSSL_CertManagerLoadCRLBuffer(WOLFSSL_CERT_MANAGER *, const unsigned char *, long sz, int)
The function loads the CRL file by calling BufferLoadCRL.
Definition: ssl.c:5897
WOLFSSL_API WOLFSSL_X509_STORE * wolfSSL_CTX_get_cert_store(WOLFSSL_CTX *ctx)
This is a getter function for the WOLFSSL_X509_STORE structure in ctx.
Definition: ssl.c:14617
WOLFSSL_API unsigned char wolfSSL_SNI_Status(WOLFSSL *ssl, unsigned char type)
This function gets the status of an SNI object.
Definition: ssl.c:2190
WOLFSSL_API int wolfSSL_UnloadCertsKeys(WOLFSSL *)
This function unloads any certificates or keys that SSL owns.
Definition: ssl.c:13888
WOLFSSL_API int wolfSSL_accept(WOLFSSL *)
This function is called on the server side and waits for an SSL client to initiate the SSL/TLS handsh...
Definition: ssl.c:11787
WOLFSSL_API int wolfSSL_get_chain_length(WOLFSSL_X509_CHAIN *, int idx)
Retrieves the peer’s ASN1.DER certificate length in bytes at index (idx).
Definition: ssl.c:35564
WOLFSSL_API WOLFSSL_X509 * wolfSSL_PEM_read_bio_X509_AUX(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, pem_password_cb *cb, void *u)
This function behaves the same as wolfSSL_PEM_read_bio_X509. AUX signifies containing extra informati...
Definition: ssl.c:37489
WOLFSSL_API int wolfSSL_CertManagerSetCRL_Cb(WOLFSSL_CERT_MANAGER *, CbMissingCRL)
This function sets the CRL Certificate Manager callback. If HAVE_CRL is defined and a matching CRL re...
Definition: ssl.c:6889
WOLFSSL_API WOLFSSL_METHOD * wolfTLSv1_client_method(void)
The wolfTLSv1_client_method() function is used to indicate that the application is a client and will ...
Definition: tls.c:11241
WOLFSSL_API int wolfSSL_CTX_EnableOCSP(WOLFSSL_CTX *, int options)
This function sets options to configure behavior of OCSP functionality in wolfSSL. The value of options if formed by or’ing one or more of the following options: WOLFSSL_OCSP_ENABLE - enable OCSP lookups WOLFSSL_OCSP_URL_OVERRIDE - use the override URL instead of the URL in certificates. The override URL is specified using the wolfSSL_CTX_SetOCSP_OverrideURL() function. This function only sets the OCSP options when wolfSSL has been compiled with OCSP support (–enable-ocsp, #define HAVE_OCSP).
Definition: ssl.c:6398
WOLFSSL_API int wolfSSL_UseSessionTicket(WOLFSSL *ssl)
Force provided WOLFSSL structure to use session ticket. The constant HAVE_SESSION_TICKET should be de...
Definition: ssl.c:2810
WOLFSSL_API void wolfSSL_ERR_print_errors_cb(int(*cb)(const char *str, size_t len, void *u), void *u)
This function uses the provided callback to handle error reporting. The callback function is executed...
Definition: ssl.c:3852
WOLFSSL_API long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX *, WOLFSSL_DH *)
Initializes the WOLFSSL_CTX structure’s dh member with the Diffie-Hellman parameters.
Definition: ssl.c:40177
WOLFSSL_API int wolfSSL_set_msg_callback(WOLFSSL *ssl, SSL_Msg_Cb cb)
This function sets a callback in the ssl. The callback is to observe handshake messages. NULL value of cb resets the callback.
Definition: ssl.c:43826
WOLFSSL_API int wolfSSL_GetSide(WOLFSSL *)
Allows retrieval of the side of this WOLFSSL connection.
Definition: ssl.c:3489
WOLFSSL_API char * wolfSSL_ERR_error_string(unsigned long, char *)
This function converts an error code returned by wolfSSL_get_error() into a more human-readable error...
Definition: ssl.c:3121
WOLFSSL_API int wolfSSL_SetVersion(WOLFSSL *ssl, int version)
This function sets the SSL/TLS protocol version for the specified SSL session (WOLFSSL object) using ...
Definition: ssl.c:4015
WOLFSSL_API int wolfSSL_BIO_nread(WOLFSSL_BIO *bio, char **buf, int num)
This is used to get a buffer pointer for reading from. The internal read index is advanced by the num...
Definition: bio.c:1147
WOLFSSL_API int wolfSSL_GetAeadMacSize(WOLFSSL *)
Allows caller to determine the negotiated aead mac size from the handshake. For cipher type WOLFSSL_A...
Definition: ssl.c:3468
WOLFSSL_API int wolfSSL_GetMaxOutputSize(WOLFSSL *)
Returns the maximum record layer size for plaintext data. This will correspond to either the maximum ...
Definition: ssl.c:1618
WOLFSSL_API int wolfSSL_SetOCSP_Cb(WOLFSSL *, CbOCSPIO, CbOCSPRespFree, void *)
This function sets the OCSP callback in the WOLFSSL_CERT_MANAGER structure.
Definition: ssl.c:6384
WOLFSSL_API int wolfSSL_dtls_get_current_timeout(WOLFSSL *ssl)
This function returns the current timeout value in seconds for the WOLFSSL object. When using non-blocking sockets, something in the user code needs to decide when to check for available recv data and how long it has been waiting. The value returned by this function indicates how long the application should wait.
Definition: ssl.c:11114
WOLFSSL_API int wolfSSL_DeriveTlsKeys(unsigned char *key_data, word32 keyLen, const unsigned char *ms, word32 msLen, const unsigned char *sr, const unsigned char *cr, int tls1_2, int hash_type)
An external facing wrapper to derive TLS Keys.
Definition: tls.c:349
WOLFSSL_API WOLFSSL_X509 * wolfSSL_get_peer_certificate(WOLFSSL *ssl)
This function gets the peer’s certificate.
Definition: ssl.c:16929
WOLFSSL_API void wolfSSL_free(WOLFSSL *)
This function frees an allocated wolfSSL object.
Definition: ssl.c:557
WOLFSSL_API int wolfSSL_CertManagerUnloadCAs(WOLFSSL_CERT_MANAGER *cm)
This function unloads the CA signer list.
Definition: ssl.c:3794
WOLFSSL_API int wolfSSL_ALPN_GetProtocol(WOLFSSL *ssl, char **protocol_name, unsigned short *size)
This function gets the protocol name set by the server.
WOLFSSL_API int wolfSSL_use_PrivateKey_buffer(WOLFSSL *, const unsigned char *, long, int)
This function loads a private key buffer into the WOLFSSL object. It behaves like the non-buffered ve...
Definition: ssl.c:13830
WOLFSSL_API long wolfSSL_BIO_set_mem_eof_return(WOLFSSL_BIO *bio, int v)
This is used to set the end of file value. Common value is -1 so as not to get confused with expected...
Definition: bio.c:1407
WOLFSSL_API long wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg(WOLFSSL_CTX *, void *arg)
This function sets the optional argument to be passed to the PRF callback.
Definition: ssl.c:25765
WOLFSSL_API void wolfSSL_set_verify(WOLFSSL *, int, VerifyCallback verify_callback)
This function sets the verification method for remote peers and also allows a verify callback to be r...
Definition: ssl.c:9924
WOLFSSL_API long wolfSSL_set_tlsext_debug_arg(WOLFSSL *s, void *arg)
This is used to set the debug argument passed around.
Definition: ssl.c:24742
WOLFSSL_API int wolfSSL_CertManagerDisableCRL(WOLFSSL_CERT_MANAGER *)
Turns off Certificate Revocation List checking when verifying certificates with the Certificate Manag...
Definition: ssl.c:5993
WOLFSSL_API int wolfSSL_Cleanup(void)
Un-initializes the wolfSSL library from further use. Doesn’t have to be called, though it will free ...
Definition: ssl.c:12129
WOLFSSL_API int wolfSSL_make_eap_keys(WOLFSSL *, void *key, unsigned int len, const char *label)
This function is used by EAP_TLS and EAP-TTLS to derive keying material from the master secret...
Definition: tls.c:600
WOLFSSL_API void wolfSSL_CTX_SetRsaVerifyCb(WOLFSSL_CTX *, CallbackRsaVerify)
Allows caller to set the Public Key Callback for RSA Verification. The callback should return the num...
Definition: ssl.c:35993
WOLFSSL_API int wolfSSL_dtls_export(WOLFSSL *ssl, unsigned char *buf, unsigned int *sz)
The wolfSSL_dtls_export() function is used to serialize a WOLFSSL session into the provided buffer...
Definition: ssl.c:251
WOLFSSL_API int wolfSSL_CTX_SetOCSP_Cb(WOLFSSL_CTX *, CbOCSPIO, CbOCSPRespFree, void *)
Sets the callback for the OCSP in the WOLFSSL_CTX structure.
Definition: ssl.c:6428
WOLFSSL_API void wolfSSL_set_psk_client_callback(WOLFSSL *, wc_psk_client_callback)
Sets the PSK client side callback.
Definition: ssl.c:13456
WOLFSSL_API void wolfSSL_SetFuzzerCb(WOLFSSL *ssl, CallbackFuzzer cbf, void *fCtx)
This function sets the fuzzer callback.
Definition: ssl.c:35725
WOLFSSL_API int wolfSSL_CTX_memrestore_cert_cache(WOLFSSL_CTX *, const void *, int)
This function restores the certificate cache from memory.
Definition: ssl.c:10026
WOLFSSL_API int wolfSSL_CTX_DisableOCSP(WOLFSSL_CTX *)
This function disables OCSP certificate revocation checking by affecting the ocspEnabled member of th...
Definition: ssl.c:6408
WOLFSSL_API int wolfSSL_CertManagerSetOCSP_Cb(WOLFSSL_CERT_MANAGER *, CbOCSPIO, CbOCSPRespFree, void *)
The function sets the OCSP callback in the WOLFSSL_CERT_MANAGER.
Definition: ssl.c:6322
WOLFSSL_API int wolfSSL_CTX_SetMinVersion(WOLFSSL_CTX *ctx, int version)
This function sets the minimum downgrade version allowed. Applicable only when the connection allows ...
Definition: ssl.c:3962
WOLFSSL_API int wolfSSL_BIO_set_close(WOLFSSL_BIO *b, long flag)
Sets the close flag, used to indicate that the i/o stream should be closed when the BIO is freed...
Definition: ssl.c:14842
WOLFSSL_API void wolfSSL_SetCertCbCtx(WOLFSSL *, void *)
This function stores user CTX object information for verify callback.
Definition: ssl.c:9967
WOLFSSL_API int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER *, const char *f, const char *d)
Specifies the locations for CA certificate loading into the manager context. The PEM certificate CAfi...
Definition: ssl.c:6750
WOLFSSL_API WOLFSSL_METHOD * wolfTLSv1_2_client_method(void)
The wolfTLSv1_2_client_method() function is used to indicate that the application is a client and wil...
Definition: tls.c:11277
WOLFSSL_API int wolfSSL_X509_digest(const WOLFSSL_X509 *x509, const WOLFSSL_EVP_MD *digest, unsigned char *buf, unsigned int *len)
This function returns the hash of the DER certificate.
Definition: ssl.c:9555
WOLFSSL_API char * wolfSSL_X509_get_subjectCN(WOLFSSL_X509 *)
Returns the common name of the subject from the certificate.
Definition: ssl.c:27289
WOLFSSL_API int wolfSSL_read(WOLFSSL *, void *, int)
This function reads sz bytes from the SSL session (ssl) internal read buffer into the buffer data...
Definition: ssl.c:2073
WOLFSSL_API WOLFSSL_METHOD * wolfTLSv1_1_server_method(void)
The wolfTLSv1_1_server_method() function is used to indicate that the application is a server and wil...
Definition: tls.c:11613
WOLFSSL_API int wolfSSL_set_timeout(WOLFSSL *, unsigned int)
This function sets the SSL session timeout value in seconds.
Definition: ssl.c:12213
WOLFSSL_API void wolfSSL_SetMacEncryptCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Atomic User Record Processing Mac/Encrypt Callback Context to ctx...
Definition: ssl.c:3260
WOLFSSL_API int wolfSSL_accept_ex(WOLFSSL *, HandShakeCallBack, TimeoutCallBack, WOLFSSL_TIMEVAL)
wolfSSL_accept_ex() is an extension that allows a HandShake Callback to be set. This can be useful in...
Definition: ssl.c:13429
WOLFSSL_API WC_PKCS12 * wolfSSL_d2i_PKCS12_bio(WOLFSSL_BIO *bio, WC_PKCS12 **pkcs12)
wolfSSL_d2i_PKCS12_bio (d2i_PKCS12_bio) copies in the PKCS12 information from WOLFSSL_BIO to the stru...
Definition: ssl.c:21899
WOLFSSL_API int wolfSSL_recv(WOLFSSL *, void *, int sz, int flags)
This function reads sz bytes from the SSL session (ssl) internal read buffer into the buffer data usi...
Definition: ssl.c:2945
WOLFSSL_API int wolfSSL_CTX_EnableOCSPStapling(WOLFSSL_CTX *)
This function enables OCSP stapling by calling wolfSSL_CertManagerEnableOCSPStapling().
Definition: ssl.c:6441
WOLFSSL_API unsigned char * wolfSSL_get_chain_cert(WOLFSSL_X509_CHAIN *, int idx)
Retrieves the peer’s ASN1.DER certificate at index (idx).
Definition: ssl.c:35575
WOLFSSL_API int wolfSSL_PrintSessionStats(void)
This function prints the statistics from the session.
Definition: ssl.c:13097
WOLFSSL_API int wolfSSL_CTX_set_TicketEncCtx(WOLFSSL_CTX *ctx, void *)
This function sets the session ticket encrypt user context for the callback. For server side use...
Definition: ssl.c:2796
WOLFSSL_API WOLFSSL_X509_CHAIN * wolfSSL_SESSION_get_peer_chain(WOLFSSL_SESSION *session)
Returns the peer certificate chain from the WOLFSSL_SESSION struct.
Definition: ssl.c:12958
WOLFSSL_API int wolfSSL_BIO_nread0(WOLFSSL_BIO *bio, char **buf)
This is used to get a buffer pointer for reading from. Unlike wolfSSL_BIO_nread the internal read ind...
Definition: bio.c:1119
WOLFSSL_API WOLFSSL_DH * wolfSSL_DSA_dup_DH(const WOLFSSL_DSA *r)
This function duplicates the parameters in dsa to a newly created WOLFSSL_DH structure.
Definition: ssl.c:44366
WOLFSSL_API int wolfSSL_dtls_get_peer(WOLFSSL *, void *, unsigned int *)
This function gets the sockaddr_in (of size peerSz) of the current DTLS peer. The function will compa...
Definition: ssl.c:1028
WOLFSSL_API void wolfSSL_SetRsaDecCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Public Key RSA Private Decrypt Callback Context to ctx.
Definition: ssl.c:36077
WOLFSSL_X509 * wolfSSL_d2i_X509_bio(WOLFSSL_BIO *bio, WOLFSSL_X509 **x509)
This function get the DER buffer from bio and converts it to a WOLFSSL_X509 structure.
Definition: ssl.c:21864
WOLFSSL_API void wolfSSL_CTX_set_verify(WOLFSSL_CTX *, int, VerifyCallback verify_callback)
This function sets the verification method for remote peers and also allows a verify callback to be r...
Definition: ssl.c:9882
Definition: internal.h:3598
WOLFSSL_API int wolfSSL_DisableOCSP(WOLFSSL *)
Disables the OCSP certificate revocation option.
Definition: ssl.c:6346
WOLFSSL_API int wolfSSL_BIO_nwrite(WOLFSSL_BIO *bio, char **buf, int num)
Gets a pointer to the buffer for writing as many bytes as returned by the function. Writing more bytes to the pointer returned then the value returned can result in writing out of bounds.
Definition: bio.c:1199
WOLFSSL_API int wolfSSL_SetTlsHmacInner(WOLFSSL *, unsigned char *, word32, int, int)
Allows caller to set the Hmac Inner vector for message sending/receiving. The result is written to in...
Definition: tls.c:757
WOLFSSL_API void wolfSSL_SetRsaEncCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Public Key RSA Public Encrypt Callback Context to ctx.
Definition: ssl.c:36059
WOLFSSL_API int wolfSSL_CTX_SetMinEccKey_Sz(WOLFSSL_CTX *, short)
Sets the minimum size in bytes for the ECC key in the WOLF_CTX structure and the WOLFSSL_CERT_MANAGER...
Definition: ssl.c:1655
WOLFSSL_API int wolfSSL_use_certificate_chain_file(WOLFSSL *, const char *file)
This function loads a chain of certificates into the SSL session (WOLFSSL structure). The file containing the certificate chain is provided by the file argument, and must contain PEM-formatted certificates. This function will process up to MAX_CHAIN_DEPTH (default = 9, defined in internal.h) certificates, plus the subject certificate.
Definition: ssl.c:9712
WOLFSSL_API int wolfSSL_PKCS12_parse(WC_PKCS12 *pkcs12, const char *psw, WOLFSSL_EVP_PKEY **pkey, WOLFSSL_X509 **cert, WOLF_STACK_OF(WOLFSSL_X509) **ca)
PKCS12 can be enabled with adding –enable-opensslextra to the configure command. It can use triple D...
Definition: ssl.c:22114
WOLFSSL_API int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER *, int options)
Turns on Certificate Revocation List checking when verifying certificates with the Certificate Manage...
Definition: ssl.c:5953
WOLFSSL_API int wolfSSL_is_init_finished(WOLFSSL *)
This function checks to see if the connection is established.
Definition: ssl.c:14520
WOLFSSL_API WOLFSSL_CERT_MANAGER * wolfSSL_CertManagerNew(void)
Allocates and initializes a new Certificate Manager context. This context may be used independent of ...
Definition: ssl.c:3558
Definition: callbacks.h:59
WOLFSSL_API WOLFSSL_X509 * wolfSSL_get_chain_X509(WOLFSSL_X509_CHAIN *, int idx)
This function gets the peer’s wolfSSL_X509_certificate at index (idx) from the chain of certificates...
Definition: ssl.c:35586
WOLFSSL_API int wolfSSL_set_fd(WOLFSSL *, int)
This function assigns a file descriptor (fd) as the input/output facility for the SSL connection...
Definition: ssl.c:753
Definition: internal.h:3102
WOLFSSL_API int wolfSSL_X509_STORE_add_cert(WOLFSSL_X509_STORE *, WOLFSSL_X509 *)
This function adds a certificate to the WOLFSSL_X509_STRE structure.
Definition: ssl.c:22566
WOLFSSL_API void * wolfSSL_GetRsaVerifyCtx(WOLFSSL *ssl)
Allows caller to retrieve the Public Key RSA Verification Callback Context previously stored with wol...
Definition: ssl.c:36003
WOLFSSL_API size_t wolfSSL_get_server_random(const WOLFSSL *ssl, unsigned char *out, size_t outlen)
This is used to get the random data sent by the server during the handshake.
Definition: ssl.c:15177
WOLFSSL_API int wolfSSL_CTX_SetTmpDH(WOLFSSL_CTX *, const unsigned char *p, int pSz, const unsigned char *g, int gSz)
Sets the parameters for the server CTX Diffie-Hellman.
Definition: ssl.c:1817
WOLFSSL_API void wolfSSL_CTX_set_psk_server_callback(WOLFSSL_CTX *, wc_psk_server_callback)
This function sets the psk callback for the server side in the WOLFSSL_CTX structure.
Definition: ssl.c:13482
WOLFSSL_API WOLFSSL_METHOD * wolfDTLSv1_client_method(void)
The wolfDTLSv1_client_method() function is used to indicate that the application is a client and will...
Definition: tls.c:11352
WOLFSSL_API int wolfSSL_connect_ex(WOLFSSL *, HandShakeCallBack, TimeoutCallBack, WOLFSSL_TIMEVAL)
wolfSSL_connect_ex() is an extension that allows a HandShake Callback to be set. This can be useful i...
Definition: ssl.c:13417
WOLFSSL_API int wolfSSL_CTX_trust_peer_buffer(WOLFSSL_CTX *, const unsigned char *, long, int)
This function loads a certificate to use for verifying a peer when performing a TLS/SSL handshake...
Definition: ssl.c:13637
WOLFSSL_API int wolfSSL_X509_STORE_set_flags(WOLFSSL_X509_STORE *store, unsigned long flag)
This function takes in a flag to change the behavior of the WOLFSSL_X509_STORE structure passed in...
Definition: ssl.c:22656
WOLFSSL_API int wolfSSL_want_read(WOLFSSL *)
This function is similar to calling wolfSSL_get_error() and getting SSL_ERROR_WANT_READ in return...
Definition: ssl.c:3100
WOLFSSL_API void wolfSSL_set_using_nonblock(WOLFSSL *, int)
This function informs the WOLFSSL object that the underlying I/O is non-blocking. After an applicatio...
WOLFSSL_API int wolfSSL_set_session_secret_cb(WOLFSSL *, SessionSecretCb, void *)
This function sets the session secret callback function. The SessionSecretCb type has the signature: ...
Definition: ssl.c:10413
WOLFSSL_API int wolfSSL_CTX_set_cipher_list(WOLFSSL_CTX *, const char *)
This function sets cipher suite list for a given WOLFSSL_CTX. This cipher suite list becomes the defa...
Definition: ssl.c:11019
WOLFSSL_API int wolfSSL_get_shutdown(const WOLFSSL *)
This function checks the shutdown conditions in closeNotify or connReset or sentNotify members of the...
Definition: ssl.c:19121
WOLFSSL_API WOLFSSL_METHOD * wolfSSLv23_method(void)
This function returns a WOLFSSL_METHOD similar to wolfSSLv23_client_method except that it is not dete...
Definition: ssl.c:11292
WOLFSSL_API const char * wolfSSL_CIPHER_get_name(const WOLFSSL_CIPHER *cipher)
This function matches the cipher suite in the SSL object with the available suites and returns the st...
Definition: ssl.c:19325
WOLFSSL_API WOLFSSL_METHOD * wolfDTLSv1_server_method(void)
The wolfDTLSv1_server_method() function is used to indicate that the application is a server and will...
Definition: tls.c:11711
WOLFSSL_API int wolfSSL_GetBulkCipher(WOLFSSL *)
Allows caller to determine the negotiated bulk cipher algorithm from the handshake.
Definition: ssl.c:3432
Definition: asn_public.h:178
WOLFSSL_API int wolfSSL_UseSecureRenegotiation(WOLFSSL *ssl)
This function forces secure renegotiation for the supplied WOLFSSL structure. This is not recommended...
Definition: ssl.c:2615
WOLFSSL_API int wolfSSL_GetIVSize(WOLFSSL *)
Returns the iv_size member of the specs structure held in the WOLFSSL struct.
Definition: ssl.c:3423
WOLFSSL_API int wolfSSL_CTX_use_NTRUPrivateKey_file(WOLFSSL_CTX *, const char *)
This function loads an NTRU private key file into the WOLFSSL Context. It behaves like the normal ver...
Definition: ssl.c:9860
WOLFSSL_API void * wolfSSL_GetRsaEncCtx(WOLFSSL *ssl)
Allows caller to retrieve the Public Key RSA Public Encrypt Callback Context previously stored with w...
Definition: ssl.c:36064
WOLFSSL_API long wolfSSL_set_options(WOLFSSL *s, long op)
This function sets the options mask in the ssl. Some valid options are, SSL_OP_ALL, SSL_OP_COOKIE_EXCHANGE, SSL_OP_NO_SSLv2, SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1, SSL_OP_NO_TLSv1_2, SSL_OP_NO_COMPRESSION.
Definition: ssl.c:24581
WOLFSSL_API int wolfSSL_BIO_reset(WOLFSSL_BIO *bio)
Resets bio to an initial state. As an example for type BIO_BIO this resets the read and write index...
Definition: bio.c:1270
WOLFSSL_API int wolfSSL_SetTmpDH_file(WOLFSSL *, const char *f, int format)
This function calls wolfSSL_SetTmpDH_file_wrapper to set server Diffie-Hellman parameters.
Definition: ssl.c:7223
WOLFSSL_API void wolfSSL_CTX_set_psk_client_callback(WOLFSSL_CTX *, wc_psk_client_callback)
The function sets the client_psk_cb member of the WOLFSSL_CTX structure.
Definition: ssl.c:13443
WOLFSSL_API void wolfSSL_CTX_SetRsaEncCb(WOLFSSL_CTX *, CallbackRsaEnc)
Allows caller to set the Public Key Callback for RSA Public Encrypt. The callback should return 0 for...
Definition: ssl.c:36054
WOLFSSL_API int wolfSSL_CTX_der_load_verify_locations(WOLFSSL_CTX *, const char *, int)
This function is similar to wolfSSL_CTX_load_verify_locations, but allows the loading of DER-formatte...
Definition: ssl.c:7036
WOLFSSL_API int wolfSSL_connect_TLSv13(WOLFSSL *)
This function is called on the client side and initiates an SSL/TLS handshake with a server...
Definition: tls13.c:7866
WOLFSSL_API int wolfSSL_set_cipher_list(WOLFSSL *, const char *)
This function sets cipher suite list for a given WOLFSSL object (SSL session). The ciphers in the lis...
Definition: ssl.c:11045
WOLFSSL_API int wolfSSL_CTX_set_timeout(WOLFSSL_CTX *, unsigned int)
This function sets the timeout value for SSL sessions, in seconds, for the specified SSL context...
Definition: ssl.c:12228
WOLFSSL_API int wolfSSL_set_compression(WOLFSSL *ssl)
Turns on the ability to use compression for the SSL connection. Both sides must have compression turn...
Definition: ssl.c:13199
WOLFSSL_API int wolfSSL_state(WOLFSSL *ssl)
This is used to get the internal error state of the WOLFSSL structure.
Definition: ssl.c:3042
WOLFSSL_API int wolfSSL_UseClientQSHKeys(WOLFSSL *ssl, unsigned char flag)
If the flag is 1 keys will be sent in hello. If flag is 0 then the keys will not be sent during hello...
Definition: ssl.c:2492
WOLFSSL_API int wolfSSL_BIO_ctrl_reset_read_request(WOLFSSL_BIO *b)
This is used to set the read request flag back to 0.
Definition: bio.c:1104
WOLFSSL_API int wolfSSL_CertManagerEnableOCSP(WOLFSSL_CERT_MANAGER *, int options)
Turns on OCSP if it’s turned off and if compiled with the set option available.
Definition: ssl.c:6122
WOLFSSL_API const unsigned char * wolfSSL_GetServerWriteKey(WOLFSSL *)
Allows retrieval of the server write key from the handshake process.
Definition: ssl.c:3397
WOLFSSL_API void wolfSSL_SNI_SetOptions(WOLFSSL *ssl, unsigned char type, unsigned char options)
This function is called on the server side to configure the behavior of the SSL session using Server ...
Definition: ssl.c:2176
WOLFSSL_API int wolfSSL_SetMinDhKey_Sz(WOLFSSL *, word16)
Sets the minimum size for a Diffie-Hellman key in the WOLFSSL structure in bytes. ...
Definition: ssl.c:1892
WOLFSSL_API int wolfSSL_SetMinEccKey_Sz(WOLFSSL *, short)
Sets the value of the minEccKeySz member of the options structure. The options struct is a member of ...
Definition: ssl.c:1670
WOLFSSL_API const unsigned char * wolfSSL_GetServerWriteIV(WOLFSSL *)
Allows retrieval of the server write IV (initialization vector) from the handshake process...
Definition: ssl.c:3406
WOLFSSL_API long wolfSSL_BIO_get_fp(WOLFSSL_BIO *bio, XFILE *fp)
This is used to get the internal file pointer for a BIO.
Definition: bio.c:1344
WOLFSSL_API void wolfSSL_CTX_free(WOLFSSL_CTX *)
This function frees an allocated WOLFSSL_CTX object. This function decrements the CTX reference count...
Definition: ssl.c:446
WOLFSSL_API void wolfSSL_SetDecryptVerifyCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Atomic User Record Processing Decrypt/Verify Callback Context to ctx...
Definition: ssl.c:3283
WOLFSSL_API int wolfSSL_EnableCRL(WOLFSSL *ssl, int options)
Enables CRL certificate revocation.
Definition: ssl.c:6929
int wolfSSL_connect(WOLFSSL *ssl)
This function is called on the client side and initiates an SSL/TLS handshake with a server...
Definition: ssl.c:11419
WOLFSSL_API void wolfSSL_dtls_set_using_nonblock(WOLFSSL *, int)
This function informs the WOLFSSL DTLS object that the underlying UDP I/O is non-blocking. After an application creates a WOLFSSL object, if it will be used with a non-blocking UDP socket, call wolfSSL_dtls_set_using_nonblock() on it. This lets the WOLFSSL object know that receiving EWOULDBLOCK means that the recvfrom call would block rather than that it timed out.
Definition: ssl.c:11091
WOLFSSL_API void wolfSSL_KeepArrays(WOLFSSL *)
Normally, at the end of the SSL handshake, wolfSSL frees temporary arrays. Calling this function befo...
Definition: ssl.c:3154
WOLFSSL_API int wolfSSL_X509_get_isCA(WOLFSSL_X509 *)
Checks the isCa member of the WOLFSSL_X509 structure and returns the value.
Definition: ssl.c:17306
WOLFSSL_API int wolfSSL_Init(void)
Initializes the wolfSSL library for use. Must be called once per application and before any other cal...
Definition: ssl.c:4736
WOLFSSL_API int wolfSSL_use_certificate_chain_buffer(WOLFSSL *, const unsigned char *, long)
This function loads a certificate chain buffer into the WOLFSSL object. It behaves like the non-buffe...
Definition: ssl.c:13878
WOLFSSL_API int wolfSSL_CTX_LoadCRL(WOLFSSL_CTX *, const char *, int, int)
This function loads CRL into the WOLFSSL_CTX structure through wolfSSL_CertManagerLoadCRL().
Definition: ssl.c:6998
Definition: internal.h:1833
WOLFSSL_API int wolfSSL_isQSH(WOLFSSL *ssl)
Checks if QSH is used in the supplied SSL session.
Definition: ssl.c:2455
WOLFSSL_API int wolfSSL_CTX_restore_cert_cache(WOLFSSL_CTX *, const char *)
This function persistes certificate cache from a file.
Definition: ssl.c:10000
WOLFSSL_API int wolfSSL_EnableOCSP(WOLFSSL *, int options)
This function enables OCSP certificate verification.
Definition: ssl.c:6337
WOLFSSL_API WOLFSSL_CERT_MANAGER * wolfSSL_CertManagerNew_ex(void *heap)
Allocates and initializes a new Certificate Manager context. This context may be used independent of ...
Definition: ssl.c:3519
WOLFSSL_API int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER *, const char *, int, int)
Error checks and passes through to LoadCRL() in order to load the cert into the CRL for revocation ch...
Definition: ssl.c:6912
WOLFSSL_API int wolfSSL_CTX_is_static_memory(WOLFSSL_CTX *ctx, WOLFSSL_MEM_STATS *mem_stats)
This function does not change any of the connections behavior and is used only for gathering informat...
Definition: ssl.c:1596
WOLFSSL_API void * wolfSSL_GetEccSignCtx(WOLFSSL *ssl)
Allows caller to retrieve the Public Key Ecc Signing Callback Context previously stored with wolfSSL_...
Definition: ssl.c:35767
WOLFSSL_API void wolfSSL_FreeArrays(WOLFSSL *)
Normally, at the end of the SSL handshake, wolfSSL frees temporary arrays. If wolfSSL_KeepArrays() ha...
Definition: ssl.c:3162
WOLFSSL_API int wolfSSL_CTX_SetMaxDhKey_Sz(WOLFSSL_CTX *, word16)
This function sets the maximum size of the Diffie Hellman key size by accessing the maxDhKeySz member...
Definition: ssl.c:1902
Definition: internal.h:1958
WOLFSSL_API long wolfSSL_get_verify_result(const WOLFSSL *ssl)
This is used to get the results after trying to verify the peer's certificate.
Definition: ssl.c:25460
WOLFSSL_API int wolfSSL_SESSION_get_master_key(const WOLFSSL_SESSION *ses, unsigned char *out, int outSz)
This is used to get the master key after completing a handshake.
Definition: ssl.c:9824
WOLFSSL_API int wolfSSL_CTX_UnloadCAs(WOLFSSL_CTX *)
This function unloads the CA signer list and frees the whole signer table.
Definition: ssl.c:13924
WOLFSSL_API unsigned char * wolfSSL_X509_get_device_type(WOLFSSL_X509 *, unsigned char *, int *)
This function copies the device type from the x509 structure to the buffer.
Definition: ssl.c:17545
Definition: internal.h:3572
WOLFSSL_API int wolfSSL_DisableCRL(WOLFSSL *ssl)
Disables CRL certificate revocation.
Definition: ssl.c:6939
WOLFSSL_API int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER *cm, const unsigned char *buff, long sz, int format)
Specifies the certificate buffer to verify with the Certificate Manager context. The format can be SS...
Definition: ssl.c:6116
WOLFSSL_API int wolfSSL_CertManagerLoadCABuffer(WOLFSSL_CERT_MANAGER *, const unsigned char *in, long sz, int format)
Loads the CA Buffer by calling wolfSSL_CTX_load_verify_buffer and returning that result using a tempo...
Definition: ssl.c:5863
WOLFSSL_API int wolfSSL_CertManagerSetOCSPOverrideURL(WOLFSSL_CERT_MANAGER *, const char *)
The function copies the url to the ocspOverrideURL member of the WOLFSSL_CERT_MANAGER structure...
Definition: ssl.c:6298
WOLFSSL_API void wolfSSL_CTX_SetDecryptVerifyCb(WOLFSSL_CTX *, CallbackDecryptVerify)
Allows caller to set the Atomic User Record Processing Decrypt/Verify Callback. The callback should r...
Definition: ssl.c:3276
WOLFSSL_API const unsigned char * wolfSSL_X509_get_der(WOLFSSL_X509 *, int *)
This function gets the DER encoded certificate in the WOLFSSL_X509 struct.
Definition: ssl.c:17438
WOLFSSL_API int wolfSSL_CertManagerUnload_trust_peers(WOLFSSL_CERT_MANAGER *cm)
The function will free the Trusted Peer linked list and unlocks the trusted peer list.
Definition: ssl.c:3814
WOLFSSL_API WOLFSSL_ASN1_TIME * wolfSSL_X509_get_notAfter(WOLFSSL_X509 *)
This function checks to see if x509 is NULL and if it’s not, it returns the notAfter member of the x...
WOLFSSL_API int wolfSSL_UseSupportedQSH(WOLFSSL *ssl, unsigned short name)
This function sets the ssl session to use supported QSH provided by name.
WOLFSSL_API int wolfSSL_GetHmacSize(WOLFSSL *)
Allows caller to determine the negotiated (h)mac size from the handshake. For cipher types except WOL...
Definition: ssl.c:3498
WOLFSSL_API WOLFSSL_METHOD * wolfDTLSv1_2_client_method_ex(void *heap)
This function initializes the DTLS v1.2 client method.
Definition: tls.c:11374
WOLFSSL_API size_t wolfSSL_BIO_ctrl_pending(WOLFSSL_BIO *b)
Gets the number of pending bytes to read. If BIO type is BIO_BIO then is the number to read from pair...
Definition: bio.c:938
WOLFSSL_API int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER *, unsigned char *, int sz)
The function enables the WOLFSSL_CERT_MANAGER’s member, ocspEnabled to signify that the OCSP check o...
Definition: ssl.c:6240
WOLFSSL_API void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX *ctx, WOLFSSL_X509_STORE *str)
This is a setter function for the WOLFSSL_X509_STORE structure in ctx.
Definition: ssl.c:14626
WOLFSSL_API void wolfSSL_SetEccSignCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Public Key Ecc Signing Callback Context to ctx.
Definition: ssl.c:35762
WOLFSSL_API int wolfSSL_CTX_set_group_messages(WOLFSSL_CTX *)
This function turns on grouping of handshake messages where possible.
Definition: ssl.c:3870
WOLFSSL_API int wolfSSL_get_ciphers(char *, int)
This function gets the ciphers enabled in wolfSSL.
Definition: ssl.c:860
WOLFSSL_API int wolfSSL_GetSessionIndex(WOLFSSL *ssl)
This function gets the session index of the WOLFSSL structure.
Definition: ssl.c:12919
WOLFSSL_API int wolfSSL_UseTruncatedHMAC(WOLFSSL *ssl)
This function is called on the client side to enable the use of Truncated HMAC in the SSL object pass...
Definition: ssl.c:2301
WOLFSSL_API int wolfSSL_send(WOLFSSL *, const void *, int sz, int flags)
This function writes sz bytes from the buffer, data, to the SSL connection, ssl, using the specified ...
Definition: ssl.c:2923
WOLFSSL_API void wolfSSL_CTX_SetEccVerifyCb(WOLFSSL_CTX *, CallbackEccVerify)
Allows caller to set the Public Key Callback for ECC Verification. The callback should return 0 for s...
Definition: ssl.c:35775
WOLFSSL_API int wolfSSL_set_jobject(WOLFSSL *ssl, void *objPtr)
This function sets the jObjectRef member of the WOLFSSL structure.
Definition: ssl.c:42713
WOLFSSL_API int wolfSSL_CTX_UseTruncatedHMAC(WOLFSSL_CTX *ctx)
This function is called on the client side to enable the use of Truncated HMAC for SSL objects create...
Definition: ssl.c:2310
WOLFSSL_API int wolfSSL_get_current_cipher_suite(WOLFSSL *ssl)
Returns the current cipher suit an ssl session is using.
Definition: ssl.c:19304
WOLFSSL_API int wolfSSL_get_using_nonblock(WOLFSSL *)
This function allows the application to determine if wolfSSL is using non-blocking I/O...
WOLFSSL_API int wolfSSL_SetHsDoneCb(WOLFSSL *, HandShakeDoneCb, void *)
This function sets the handshake done callback. The hsDoneCb and hsDoneCtx members of the WOLFSSL str...
Definition: ssl.c:12112
WOLFSSL_API void wolfSSL_SetEccVerifyCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Public Key Ecc Verification Callback Context to ctx.
Definition: ssl.c:35780
WOLFSSL_API int wolfSSL_check_private_key(const WOLFSSL *ssl)
This function checks that the private key is a match with the certificate being used.
Definition: ssl.c:7718
WOLFSSL_API int wolfSSL_pending(WOLFSSL *)
This function returns the number of bytes which are buffered and available in the SSL object to be re...
Definition: ssl.c:3861
WOLFSSL_API void wolfSSL_ERR_error_string_n(unsigned long e, char *buf, unsigned long sz)
This function is a version of wolfSSL_ERR_error_string() where len specifies the maximum number of ch...
Definition: ssl.c:3135
WOLFSSL_API int wolfSSL_get_alert_history(WOLFSSL *, WOLFSSL_ALERT_HISTORY *)
This function gets the alert history.
Definition: ssl.c:3076
WOLFSSL_API long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX *ctx)
This function gets the certificate chaining depth using the CTX structure.
Definition: ssl.c:7118
WOLFSSL_API WOLFSSL_BIO_METHOD * wolfSSL_BIO_s_socket(void)
This is used to get a BIO_SOCKET type WOLFSSL_BIO_METHOD.
Definition: ssl.c:14779
WOLFSSL_API int wolfSSL_dtls_set_timeout_init(WOLFSSL *ssl, int)
This function sets the dtls timeout.
Definition: ssl.c:11152
WOLFSSL_API size_t wolfSSL_get_client_random(const WOLFSSL *ssl, unsigned char *out, size_t outSz)
This is used to get the random data sent by the client during the handshake.
Definition: ssl.c:15335
WOLFSSL_API int wolfSSL_GetHmacType(WOLFSSL *)
Allows caller to determine the negotiated (h)mac type from the handshake. For cipher types except WOL...
Definition: tls.c:712
WOLFSSL_API char * wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME *, char *, int)
This function copies the name of the x509 into a buffer.
Definition: ssl.c:17076
WOLFSSL_API const char * wolfSSL_get_psk_identity_hint(const WOLFSSL *)
This function returns the psk identity hint.
Definition: ssl.c:13518
WOLFSSL_API int wolfSSL_BIO_seek(WOLFSSL_BIO *bio, int ofs)
This function adjusts the file pointer to the offset given. This is the offset from the head of the f...
Definition: bio.c:1388
WOLFSSL_API int wolfSSL_get_session_cache_memsize(void)
This function returns how large the session cache save buffer should be.
Definition: ssl.c:10145
Definition: internal.h:1628
WOLFSSL_API int wolfSSL_CTX_load_verify_buffer(WOLFSSL_CTX *, const unsigned char *, long, int)
This function loads a CA certificate buffer into the WOLFSSL Context. It behaves like the non-buffere...
Definition: ssl.c:13619
WOLFSSL_API void wolfSSL_set_psk_server_callback(WOLFSSL *, wc_psk_server_callback)
Sets the psk callback for the server side by setting the WOLFSSL structure options members...
Definition: ssl.c:13493
WOLFSSL_API int wolfSSL_set_SessionTicket(WOLFSSL *, const unsigned char *, word32)
This function sets the ticket member of the WOLFSSL_SESSION structure within the WOLFSSL struct...
Definition: ssl.c:2842
WOLFSSL_API pem_password_cb * wolfSSL_CTX_get_default_passwd_cb(WOLFSSL_CTX *ctx)
This is a getter function for the password callback set in ctx.
Definition: ssl.c:15053
WOLFSSL_API int wolfSSL_X509_get_signature_type(WOLFSSL_X509 *)
This function returns the value stored in the sigOID member of the WOLFSSL_X509 structure.
Definition: ssl.c:19645
WOLFSSL_API int wolfSSL_SetTmpDH(WOLFSSL *, const unsigned char *p, int pSz, const unsigned char *g, int gSz)
Server Diffie-Hellman Ephemeral parameters setting. This function sets up the group parameters to be ...
Definition: ssl.c:1711
WOLFSSL_API void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER *)
Frees all resources associated with the Certificate Manager context. Call this when you no longer nee...
Definition: ssl.c:3564
WOLFSSL_API WOLFSSL_X509 * wolfSSL_X509_d2i_fp(WOLFSSL_X509 **x509, FILE *file)
If NO_STDIO_FILESYSTEM is defined this function will allocate heap memory, initialize a WOLFSSL_X509 ...
WOLFSSL_API WOLFSSL_STACK * wolfSSL_X509_STORE_CTX_get_chain(WOLFSSL_X509_STORE_CTX *ctx)
This function is a getter function for chain variable in WOLFSSL_X509_STORE_CTX structure. Currently chain is not populated.
Definition: ssl.c:22405
WOLFSSL_API WOLFSSL_X509_NAME * wolfSSL_X509_get_subject_name(WOLFSSL_X509 *)
This function returns the subject member of the WOLFSSL_X509 structure.
Definition: ssl.c:19584
WOLFSSL_API WOLFSSL_CTX * wolfSSL_CTX_new(WOLFSSL_METHOD *)
This function creates a new SSL context, taking a desired SSL/TLS protocol method for input...
Definition: ssl.c:426
WOLFSSL_API int wolfSSL_CTX_UseOCSPStaplingV2(WOLFSSL_CTX *ctx, unsigned char status_type, unsigned char options)
Creates and initializes the certificate status request for OCSP Stapling.
Definition: ssl.c:2357
WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_buffer(WOLFSSL_CTX *, const unsigned char *, long, int)
This function loads a private key buffer into the SSL Context. It behaves like the non-buffered versi...
Definition: ssl.c:13667
WOLFSSL_API int wolfSSL_use_RSAPrivateKey_file(WOLFSSL *, const char *, int)
This function loads the private RSA key used in the SSL connection into the SSL session (WOLFSSL stru...
Definition: ssl.c:9806
WOLFSSL_API int wolfSSL_set_group_messages(WOLFSSL *)
This function turns on grouping of handshake messages where possible.
Definition: ssl.c:3902
WOLFSSL_API int wolfSSL_use_old_poly(WOLFSSL *, int)
Since there is some differences between the first release and newer versions of chacha-poly AEAD cons...
Definition: ssl.c:735
WOLFSSL_API long wolfSSL_BIO_get_mem_ptr(WOLFSSL_BIO *bio, WOLFSSL_BUF_MEM **m)
This is a getter function for WOLFSSL_BIO memory pointer.
Definition: bio.c:982
WOLFSSL_API int wolfSSL_writev(WOLFSSL *ssl, const struct iovec *iov, int iovcnt)
Simulates writev semantics but doesn’t actually do block at a time because of SSL_write() behavior a...
Definition: ssl.c:13217
WOLFSSL_API int wolfSSL_UseSupportedCurve(WOLFSSL *ssl, word16 name)
This function is called on the client side to enable the use of Supported Elliptic Curves Extension i...
Definition: ssl.c:2372
WOLFSSL_API long wolfSSL_BIO_set_fp(WOLFSSL_BIO *bio, XFILE fp, int c)
This is used to set the internal file pointer for a BIO.
Definition: bio.c:1324
WOLFSSL_API int wolfSSL_connect_cert(WOLFSSL *ssl)
This function is called on the client side and initiates an SSL/TLS handshake with a server only long...
Definition: ssl.c:3884
WOLFSSL_API int wolfSSL_dtls_got_timeout(WOLFSSL *ssl)
When using non-blocking sockets with DTLS, this function should be called on the WOLFSSL object when ...
Definition: ssl.c:11186
WOLFSSL_API int wolfSSL_check_domain_name(WOLFSSL *ssl, const char *dn)
wolfSSL by default checks the peer certificate for a valid date range and a verified signature...
Definition: ssl.c:13167
WOLFSSL_API unsigned long wolfSSL_ERR_peek_last_error(void)
This function returns the absolute value of the last error from WOLFSSL_ERROR encountered.
Definition: ssl.c:41793
WOLFSSL_API void wolfSSL_CTX_SetRsaSignCb(WOLFSSL_CTX *, CallbackRsaSign)
Allows caller to set the Public Key Callback for RSA Signing. The callback should return 0 for succes...
Definition: ssl.c:35969
WOLFSSL_API int wolfSSL_memrestore_session_cache(const void *, int)
This function restores the persistent session cache from memory.
Definition: ssl.c:10203
WOLFSSL_API char * wolfSSL_X509_get_next_altname(WOLFSSL_X509 *)
This function returns the next, if any, altname from the peer certificate.
Definition: ssl.c:17287
WOLFSSL_API int wolfSSL_CTX_UseOCSPStapling(WOLFSSL_CTX *ctx, unsigned char status_type, unsigned char options)
This function requests the certificate status during the handshake.
Definition: ssl.c:2333
WOLFSSL_API long wolfSSL_BIO_set_fd(WOLFSSL_BIO *b, int fd, int flag)
Sets the file descriptor for bio to use.
Definition: ssl.c:14828
Definition: internal.h:3109
WOLFSSL_API int wolfSSL_SetMinVersion(WOLFSSL *ssl, int version)
This function sets the minimum downgrade version allowed. Applicable only when the connection allows ...
Definition: ssl.c:3976
WOLFSSL_API int wolfSSL_CTX_get_cert_cache_memsize(WOLFSSL_CTX *)
Returns the size the certificate cache save buffer needs to be.
Definition: ssl.c:10038
WOLFSSL_API int wolfSSL_get_chain_count(WOLFSSL_X509_CHAIN *chain)
Retrieve's the peers certificate chain count.
Definition: ssl.c:35553
WOLFSSL_API int wolfSSL_X509_version(WOLFSSL_X509 *)
This function retrieves the version of the X509 certificate.
Definition: ssl.c:17530
WOLFSSL_API WOLFSSL_METHOD * wolfDTLSv1_2_server_method(void)
This function creates and initializes a WOLFSSL_METHOD for the server side.
Definition: tls.c:11731
WOLFSSL_API void * wolfSSL_CTX_get_default_passwd_cb_userdata(WOLFSSL_CTX *ctx)
This is a getter function for the password callback user data set in ctx.
Definition: ssl.c:15063
WOLFSSL_API const char * wolfSSL_get_version(WOLFSSL *)
Returns the SSL version being used as a string.
Definition: ssl.c:19279
WOLFSSL_API long wolfSSL_set_tlsext_status_type(WOLFSSL *s, int type)
This function is called when the client application request that a server send back an OCSP status re...
Definition: ssl.c:24773
WOLFSSL_API int wolfSSL_BIO_get_mem_data(WOLFSSL_BIO *bio, void *p)
This is used to set a byte pointer to the start of the internal memory buffer.
Definition: bio.c:1678
WOLFSSL_API int wolfSSL_library_init(void)
This function is called internally in wolfSSL_CTX_new(). This function is a wrapper around wolfSSL_In...
Definition: ssl.c:10401
WOLFSSL_API WOLFSSL_ASN1_TIME * wolfSSL_X509_get_notBefore(WOLFSSL_X509 *)
The function checks to see if x509 is NULL and if it’s not, it returns the notBefore member of the x...
WOLFSSL_API void wolfSSL_SetRsaSignCtx(WOLFSSL *ssl, void *ctx)
Allows caller to set the Public Key RSA Signing Callback Context to ctx.
Definition: ssl.c:35979
WOLFSSL_API long wolfSSL_get_verify_depth(WOLFSSL *ssl)
This function returns the maximum chain depth allowed, which is 9 by default, for a valid session i...
Definition: ssl.c:7104
WOLFSSL_API void * wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509 *x509, int nid, int *c, int *idx)
This function looks for and returns the extension matching the passed in NID value.
Definition: ssl.c:9054
WOLFSSL_API int wolfSSL_use_RSAPrivateKey_ASN1(WOLFSSL *ssl, unsigned char *der, long derSz)
This is used to set the private key for the WOLFSSL structure. A DER formatted RSA key buffer is expe...
Definition: ssl.c:9623
WOLFSSL_API int wolfSSL_use_certificate_file(WOLFSSL *, const char *, int)
This function loads a certificate file into the SSL session (WOLFSSL structure). The certificate file...
Definition: ssl.c:9676
WOLFSSL_API int wolfSSL_GetObjectSize(void)
This function returns the size of the WOLFSSL object and will be dependent on build options and setti...
Definition: ssl.c:1429
WOLFSSL_API unsigned char * wolfSSL_X509_get_hw_serial_number(WOLFSSL_X509 *, unsigned char *, int *)
This function returns the hwSerialNum member of the x509 object.
Definition: ssl.c:17601
WOLFSSL_API int wolfSSL_BIO_set_write_buf_size(WOLFSSL_BIO *b, long size)
This is used to set the size of write buffer for a WOLFSSL_BIO. If write buffer has been previously s...
Definition: bio.c:1025
WOLFSSL_API void * wolfSSL_GetEccVerifyCtx(WOLFSSL *ssl)
Allows caller to retrieve the Public Key Ecc Verification Callback Context previously stored with wol...
Definition: ssl.c:35785
WOLFSSL_API int wolfSSL_BIO_make_bio_pair(WOLFSSL_BIO *b1, WOLFSSL_BIO *b2)
This is used to pair two bios together. A pair of bios acts similar to a two way pipe writing to one ...
Definition: bio.c:1070
WOLFSSL_API int wolfSSL_X509_get_ext_by_NID(const WOLFSSL_X509 *x509, int nid, int lastPos)
This function looks for and returns the extension index matching the passed in NID value...
Definition: ssl.c:8903
WOLFSSL_API int wolfSSL_SetMinRsaKey_Sz(WOLFSSL *, short)
Sets the minimum allowable key size in bytes for RSA located in the WOLFSSL structure.
Definition: ssl.c:1697
WOLFSSL_API int wolfSSL_CTX_SetOCSP_OverrideURL(WOLFSSL_CTX *, const char *)
This function manually sets the URL for OCSP to use. By default, OCSP will use the URL found in the i...
Definition: ssl.c:6418
WOLFSSL_API char * wolfSSL_get_cipher_list(int priority)
Get the name of cipher at priority level passed in.
Definition: ssl.c:821
WOLFSSL_API const unsigned char * wolfSSL_GetClientWriteIV(WOLFSSL *)
Allows retrieval of the client write IV (initialization vector) from the handshake process...
Definition: ssl.c:3388
WOLFSSL_API int wolfSSL_dtls_set_export(WOLFSSL *ssl, wc_dtls_export func)
The wolfSSL_dtls_set_export() function is used to set the callback function for exporting a session...
Definition: ssl.c:225
WOLFSSL_API int wolfSSL_CTX_use_RSAPrivateKey_file(WOLFSSL_CTX *, const char *, int)
This function loads the private RSA key used in the SSL connection into the SSL context (WOLFSSL_CTX)...
Definition: ssl.c:9797
WOLFSSL_API int wolfSSL_want_write(WOLFSSL *)
This function is similar to calling wolfSSL_get_error() and getting SSL_ERROR_WANT_WRITE in return...
Definition: ssl.c:3111
WOLFSSL_ABI WOLFSSL_API void wolfSSL_CTX_SetEccSignCb(WOLFSSL_CTX *, CallbackEccSign)
Allows caller to set the Public Key Callback for ECC Signing. The callback should return 0 for succes...
Definition: ssl.c:35757
WOLFSSL_API int wolfSSL_CTX_UseSessionTicket(WOLFSSL_CTX *ctx)
This function sets wolfSSL context to use a session ticket.
Definition: ssl.c:2818
WOLFSSL_API int wolfSSL_IsTLSv1_1(WOLFSSL *)
Allows caller to determine if the negotiated protocol version is at least TLS version 1...
Definition: ssl.c:3477
WOLFSSL_API WOLFSSL_X509_CHAIN * wolfSSL_get_peer_chain(WOLFSSL *ssl)
Retrieves the peer’s certificate chain.
Definition: ssl.c:35542
WOLFSSL_API int wolfSSL_UseALPN(WOLFSSL *ssl, char *protocol_name_list, unsigned int protocol_name_listSz, unsigned char options)
Setup ALPN use for a wolfSSL session.
Definition: internal.h:3849
WOLFSSL_API long wolfSSL_get_options(const WOLFSSL *s)
This function returns the current options mask.
Definition: ssl.c:24643
WOLFSSL_API int wolfSSL_CTX_set_TicketHint(WOLFSSL_CTX *ctx, int)
This function sets the session ticket hint relayed to the client. For server side use...
Definition: ssl.c:2785
WOLFSSL_API long wolfSSL_CTX_clear_options(WOLFSSL_CTX *, long)
This function resets option bits of WOLFSSL_CTX object.
Definition: ssl.c:14585
WOLFSSL_API int wolfSSL_SetOCSP_OverrideURL(WOLFSSL *, const char *)
This function sets the ocspOverrideURL member in the WOLFSSL_CERT_MANAGER structure.
Definition: ssl.c:6374
WOLFSSL_API int wolfSSL_session_reused(WOLFSSL *)
This function returns the resuming member of the options struct. The flag indicates whether or not to...
Definition: ssl.c:19137
WOLFSSL_API int wolfSSL_CTX_SetTmpDH_file(WOLFSSL_CTX *, const char *f, int format)
The function calls wolfSSL_SetTmpDH_file_wrapper to set the server Diffie-Hellman parameters...
Definition: ssl.c:7233
WOLFSSL_API int wolfSSL_is_static_memory(WOLFSSL *ssl, WOLFSSL_MEM_CONN_STATS *mem_stats)
wolfSSL_is_static_memory is used to gather information about a SSL’s static memory usage...
Definition: ssl.c:1576
WOLFSSL_API int wolfSSL_use_psk_identity_hint(WOLFSSL *, const char *)
This function stores the hint argument in the server_hint member of the Arrays structure within the W...
Definition: ssl.c:13557
WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_file(WOLFSSL_CTX *, const char *file)
This function loads a chain of certificates into the SSL context (WOLFSSL_CTX). The file containing t...
Definition: ssl.c:7132
WOLFSSL_API int wolfSSL_SetMaxDhKey_Sz(WOLFSSL *, word16)
Sets the maximum size for a Diffie-Hellman key in the WOLFSSL structure in bytes. ...
Definition: ssl.c:1912
WOLFSSL_API int wolfSSL_CTX_memsave_cert_cache(WOLFSSL_CTX *, void *, int, int *)
This function persists the certificate cache to memory.
Definition: ssl.c:10013
WOLFSSL_API WC_PKCS12 * wolfSSL_i2d_PKCS12_bio(WOLFSSL_BIO *bio, WC_PKCS12 *pkcs12)
wolfSSL_i2d_PKCS12_bio (i2d_PKCS12_bio) copies in the cert information from the structure WC_PKCS12 t...
Definition: ssl.c:21954
WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX *, const char *, int)
This function loads a private key file into the SSL context (WOLFSSL_CTX). The file is provided by th...
Definition: ssl.c:7071
Definition: asn_public.h:213
1.8.14