My Project
Functions | Variables
quic.h File Reference

Go to the source code of this file.

Functions

int wolfSSL_CTX_set_quic_method (WOLFSSL_CTX *ctx, const WOLFSSL_QUIC_METHOD *quic_method)
 Activate QUIC protocol for a WOLFSSL_CTX and all derived WOLFSSL instances by providing the four callbacks required. The CTX needs to be a TLSv1.3 one. More...
 
int wolfSSL_set_quic_method (WOLFSSL *ssl, const WOLFSSL_QUIC_METHOD *quic_method)
 Activate QUIC protocol for a WOLFSSL instance by providing the four callbacks required. The WOLFSSL needs to be a TLSv1.3 one. More...
 
int wolfSSL_is_quic (WOLFSSL *ssl)
 Check if QUIC has been activated in a WOLFSSL instance. More...
 
WOLFSSL_ENCRYPTION_LEVEL wolfSSL_quic_read_level (const WOLFSSL *ssl)
 Determine the encryption level for reads currently in use. Meaningful only when the WOLFSSL instance is using QUIC. More...
 
WOLFSSL_ENCRYPTION_LEVEL wolfSSL_quic_write_level (const WOLFSSL *ssl)
 Determine the encryption level for writes currently in use. Meaningful only when the WOLFSSL instance is using QUIC. More...
 
void wolfSSL_set_quic_use_legacy_codepoint (WOLFSSL *ssl, int use_legacy)
 Configure which QUIC version shall be used. Without calling this, the WOLFSSL will offer both (draft-27 and v1) to a server, resp. accept both from a client and negotiate the most recent one. More...
 
void wolfSSL_set_quic_transport_version (WOLFSSL *ssl, int version)
 Configure which QUIC version shall be used. More...
 
int wolfSSL_get_quic_transport_version (const WOLFSSL *ssl)
 Get the configured QUIC version. More...
 
int wolfSSL_set_quic_transport_params (WOLFSSL *ssl, const uint8_t *params, size_t params_len)
 Set the QUIC transport parameters to use. More...
 
int wolfSSL_get_peer_quic_transport_version (const WOLFSSL *ssl)
 Get the negotiated QUIC transport version. This will only give meaningful results when called after the respective TLS extensions have been seen from the peer. More...
 
void wolfSSL_get_peer_quic_transport_params (const WOLFSSL *ssl, const uint8_t **out_params, size_t *out_params_len)
 Get the negotiated QUIC transport parameters. This will only give meaningful results when called after the respective TLS extensions have been seen from the peer. More...
 
void wolfSSL_set_quic_early_data_enabled (WOLFSSL *ssl, int enabled)
 Configure if Early Data is enabled. Intended for servers to signal this to clients. More...
 
size_t wolfSSL_quic_max_handshake_flight_len (const WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level)
 Get advice on the amount of data that shall be "in flight", e.g. unacknowledged at the given encryption level. This is the amount of data the WOLFSSL instance is prepared to buffer. More...
 
int wolfSSL_provide_quic_data (WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level, const uint8_t *data, size_t len)
 Pass decrypted CRYPTO data to the WOLFSSL instance for further processing. The encryption level between calls is only every allowed to increase and it is also checked that data records are complete before a change in encryption level is accepted. More...
 
WOLFSSL_API int wolfSSL_process_quic_post_handshake (WOLFSSL *ssl)
 Process any CRYPTO records that have been provided after the handshake has completed. Will fail if called before that. More...
 
int wolfSSL_quic_read_write (WOLFSSL *ssl)
 Process any CRYPTO records that have been provided during or after the handshake. Will progress the handshake if not already complete and otherwise work like wolfSSL_process_quic_post_handshake(). More...
 
const WOLFSSL_EVP_CIPHER * wolfSSL_quic_get_aead (WOLFSSL *ssl)
 Get the AEAD cipher negotiated in the TLS handshake. More...
 
int wolfSSL_quic_aead_is_gcm (const WOLFSSL_EVP_CIPHER *aead_cipher)
 Check if the AEAD cipher is GCM. More...
 
int wolfSSL_quic_aead_is_ccm (const WOLFSSL_EVP_CIPHER *aead_cipher)
 Check if the AEAD cipher is CCM. More...
 
int wolfSSL_quic_aead_is_chacha20 (const WOLFSSL_EVP_CIPHER *aead_cipher)
 Check if the AEAD cipher is CHACHA20. More...
 
WOLFSSL_API size_t wolfSSL_quic_get_aead_tag_len (const WOLFSSL_EVP_CIPHER *aead_cipher)
 Determine the tag length for the AEAD cipher. More...
 
WOLFSSL_API const WOLFSSL_EVP_MD * wolfSSL_quic_get_md (WOLFSSL *ssl)
 Determine the message digest negotiated in the TLS handshake. More...
 
const WOLFSSL_EVP_CIPHER * wolfSSL_quic_get_hp (WOLFSSL *ssl)
 Determine the header protection cipher negotiated in the TLS handshake. More...
 
WOLFSSL_EVP_CIPHER_CTX * wolfSSL_quic_crypt_new (const WOLFSSL_EVP_CIPHER *cipher, const uint8_t *key, const uint8_t *iv, int encrypt)
 Create a cipher context for en-/decryption. More...
 
int wolfSSL_quic_aead_encrypt (uint8_t *dest, WOLFSSL_EVP_CIPHER_CTX *aead_ctx, const uint8_t *plain, size_t plainlen, const uint8_t *iv, const uint8_t *aad, size_t aadlen)
 Encrypt the plain text in the given context. More...
 
int wolfSSL_quic_aead_decrypt (uint8_t *dest, WOLFSSL_EVP_CIPHER_CTX *ctx, const uint8_t *enc, size_t enclen, const uint8_t *iv, const uint8_t *aad, size_t aadlen)
 Decrypt the cipher text in the given context. More...
 
int wolfSSL_quic_hkdf_extract (uint8_t *dest, const WOLFSSL_EVP_MD *md, const uint8_t *secret, size_t secretlen, const uint8_t *salt, size_t saltlen)
 Extract a pseudo random key. More...
 
int wolfSSL_quic_hkdf_expand (uint8_t *dest, size_t destlen, const WOLFSSL_EVP_MD *md, const uint8_t *secret, size_t secretlen, const uint8_t *info, size_t infolen)
 Expand a pseudo random key into a new key. More...
 
int wolfSSL_quic_hkdf (uint8_t *dest, size_t destlen, const WOLFSSL_EVP_MD *md, const uint8_t *secret, size_t secretlen, const uint8_t *salt, size_t saltlen, const uint8_t *info, size_t infolen)
 Expand and Extract a pseudo random key. More...
 

Variables

int(* set_encryption_secrets )(WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level, const uint8_t *read_secret, const uint8_t *write_secret, size_t secret_len)
 Callback invoked when secrets are generated during a handshake. Since QUIC protocol handlers perform the en-/decryption of packets, they need the negotiated secrets for the levels early_data/handshake/application. More...
 
int(* add_handshake_data )(WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level, const uint8_t *data, size_t len)
 Callback invoked for forwarding handshake CRYPTO data to peer. The data forwarded this way is not encrypted. It is the job of the QUIC protocol implementation to do this. Which secrets are to be used is determined by the encryption level specified. More...
 
int(* flush_flight )(WOLFSSL *ssl)
 Callback invoked for advisory flushing of the data to send. More...
 
int(* send_alert )(WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level, uint8_t alert)
 Callback invoked when an SSL alert happened during processing. More...
 

Function Documentation

◆ wolfSSL_CTX_set_quic_method()

int wolfSSL_CTX_set_quic_method ( WOLFSSL_CTX *  ctx,
const WOLFSSL_QUIC_METHOD *  quic_method 
)

Activate QUIC protocol for a WOLFSSL_CTX and all derived WOLFSSL instances by providing the four callbacks required. The CTX needs to be a TLSv1.3 one.

The passed quic_method needs to have a lifetime outlasting the SSL instances. It is not copied. All callbacks need to be provided.

Returns
WOLFSSL_SUCCESS If successful.
Parameters
ctx- a pointer to a WOLFSSL_CTX structure, created using wolfSSL_CTX_new().
quic_method- the callback structure
See also
wolfSSL_is_quic
wolfSSL_set_quic_method

◆ wolfSSL_get_peer_quic_transport_params()

void wolfSSL_get_peer_quic_transport_params ( const WOLFSSL *  ssl,
const uint8_t **  out_params,
size_t *  out_params_len 
)

Get the negotiated QUIC transport parameters. This will only give meaningful results when called after the respective TLS extensions have been seen from the peer.

Parameters
ssl- a pointer to a WOLFSSL structure, created using wolfSSL_new().
out_params- the parameters sent be the peer, set to NULL if not available.
out_params_len- the length of the parameters sent be the peer, set to 0 if not available
See also
wolfSSL_get_peer_quic_transport_version

◆ wolfSSL_get_peer_quic_transport_version()

int wolfSSL_get_peer_quic_transport_version ( const WOLFSSL *  ssl)

Get the negotiated QUIC transport version. This will only give meaningful results when called after the respective TLS extensions have been seen from the peer.

Returns
the negotiated version or -1.
Parameters
ssl- a pointer to a WOLFSSL structure, created using wolfSSL_new().
See also
wolfSSL_set_quic_use_legacy_codepoint
wolfSSL_set_quic_transport_version

◆ wolfSSL_get_quic_transport_version()

int wolfSSL_get_quic_transport_version ( const WOLFSSL *  ssl)

Get the configured QUIC version.

Returns
TLS Extension of configured version.
Parameters
ssl- a pointer to a WOLFSSL structure, created using wolfSSL_new().
See also
wolfSSL_set_quic_use_legacy_codepoint
wolfSSL_set_quic_transport_version

◆ wolfSSL_is_quic()

int wolfSSL_is_quic ( WOLFSSL *  ssl)

Check if QUIC has been activated in a WOLFSSL instance.

Returns
1 if WOLFSSL is using QUIC.
Parameters
ssl- a pointer to a WOLFSSL structure, created using wolfSSL_new().
See also
wolfSSL_CTX_quic_method
wolfSSL_CTX_set_quic_method

◆ wolfSSL_process_quic_post_handshake()

WOLFSSL_API int wolfSSL_process_quic_post_handshake ( WOLFSSL *  ssl)

Process any CRYPTO records that have been provided after the handshake has completed. Will fail if called before that.

Returns
WOLFSSL_SUCCESS If successful.
Parameters
ssl- a pointer to a WOLFSSL structure, created using wolfSSL_new().
See also
wolfSSL_provide_quic_data
wolfSSL_quic_read_write
wolfSSL_accept
wolfSSL_connect

◆ wolfSSL_provide_quic_data()

int wolfSSL_provide_quic_data ( WOLFSSL *  ssl,
WOLFSSL_ENCRYPTION_LEVEL  level,
const uint8_t *  data,
size_t  len 
)

Pass decrypted CRYPTO data to the WOLFSSL instance for further processing. The encryption level between calls is only every allowed to increase and it is also checked that data records are complete before a change in encryption level is accepted.

Returns
WOLFSSL_SUCCESS If successful.
Parameters
ssl- a pointer to a WOLFSSL structure, created using wolfSSL_new().
level- the level the data was encrypted at
data- the data itself
len- the length of the data
See also
wolfSSL_process_quic_post_handshake
wolfSSL_quic_read_write
wolfSSL_accept
wolfSSL_connect

◆ wolfSSL_quic_aead_decrypt()

int wolfSSL_quic_aead_decrypt ( uint8_t *  dest,
WOLFSSL_EVP_CIPHER_CTX *  ctx,
const uint8_t *  enc,
size_t  enclen,
const uint8_t *  iv,
const uint8_t *  aad,
size_t  aadlen 
)

Decrypt the cipher text in the given context.

Returns
WOLFSSL_SUCCESS If successful.
Parameters
dest- destination where plain text is to be written
ctx- the cipher context to use
enc- the encrypted data to decrypt
envlen- the length of the encrypted data
iv- the iv to use
aad- the add to use
aadlen- the length of the aad
See also
wolfSSL_quic_get_aead
wolfSSL_quic_get_hp
wolfSSL_quic_crypt_new
wolfSSL_quic_aead_encrypt

◆ wolfSSL_quic_aead_encrypt()

int wolfSSL_quic_aead_encrypt ( uint8_t *  dest,
WOLFSSL_EVP_CIPHER_CTX *  aead_ctx,
const uint8_t *  plain,
size_t  plainlen,
const uint8_t *  iv,
const uint8_t *  aad,
size_t  aadlen 
)

Encrypt the plain text in the given context.

Returns
WOLFSSL_SUCCESS If successful.
Parameters
dest- destination where encrypted data is to be written
aead_ctx- the cipher context to use
plain- the plain data to encrypt
plainlen- the length of the plain data
iv- the iv to use
aad- the add to use
aadlen- the length of the aad
See also
wolfSSL_quic_get_aead
wolfSSL_quic_get_hp
wolfSSL_quic_crypt_new
wolfSSL_quic_aead_decrypt

◆ wolfSSL_quic_aead_is_ccm()

int wolfSSL_quic_aead_is_ccm ( const WOLFSSL_EVP_CIPHER *  aead_cipher)

◆ wolfSSL_quic_aead_is_chacha20()

int wolfSSL_quic_aead_is_chacha20 ( const WOLFSSL_EVP_CIPHER *  aead_cipher)

◆ wolfSSL_quic_aead_is_gcm()

int wolfSSL_quic_aead_is_gcm ( const WOLFSSL_EVP_CIPHER *  aead_cipher)

◆ wolfSSL_quic_crypt_new()

WOLFSSL_EVP_CIPHER_CTX* wolfSSL_quic_crypt_new ( const WOLFSSL_EVP_CIPHER *  cipher,
const uint8_t *  key,
const uint8_t *  iv,
int  encrypt 
)

Create a cipher context for en-/decryption.

Returns
the created context or NULL in case of errors.
Parameters
cipher- the cipher to use in the context.
key- the key to use in the context.
iv- the iv to use in the context.
encrypt- != 0 if for encryption, otherwise decryption
See also
wolfSSL_quic_get_aead
wolfSSL_quic_get_hp
wolfSSL_quic_aead_encrypt
wolfSSL_quic_aead_decrypt

◆ wolfSSL_quic_get_aead()

const WOLFSSL_EVP_CIPHER* wolfSSL_quic_get_aead ( WOLFSSL *  ssl)

Get the AEAD cipher negotiated in the TLS handshake.

Returns
negotiated cipher or NULL if not determined.
Parameters
ssl- a pointer to a WOLFSSL structure, created using wolfSSL_new().
See also
wolfSSL_quic_aead_is_gcm
wolfSSL_quic_aead_is_ccm
wolfSSL_quic_aead_is_chacha20
wolfSSL_quic_get_aead_tag_len
wolfSSL_quic_get_md
wolfSSL_quic_get_hp
wolfSSL_quic_crypt_new
wolfSSL_quic_aead_encrypt
wolfSSL_quic_aead_decrypt

◆ wolfSSL_quic_get_aead_tag_len()

WOLFSSL_API size_t wolfSSL_quic_get_aead_tag_len ( const WOLFSSL_EVP_CIPHER *  aead_cipher)

Determine the tag length for the AEAD cipher.

Returns
tag length of AEAD cipher.
Parameters
cipher- the cipher
See also
wolfSSL_quic_get_aead

◆ wolfSSL_quic_get_hp()

const WOLFSSL_EVP_CIPHER* wolfSSL_quic_get_hp ( WOLFSSL *  ssl)

Determine the header protection cipher negotiated in the TLS handshake.

Returns
the header protection cipher negotiated in the TLS handshake
Parameters
ssl- a pointer to a WOLFSSL structure, created using wolfSSL_new().
See also
wolfSSL_quic_get_aead
wolfSSL_quic_get_md

◆ wolfSSL_quic_get_md()

WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_quic_get_md ( WOLFSSL *  ssl)

Determine the message digest negotiated in the TLS handshake.

Returns
the message digest negotiated in the TLS handshake
Parameters
ssl- a pointer to a WOLFSSL structure, created using wolfSSL_new().
See also
wolfSSL_quic_get_aead
wolfSSL_quic_get_hp

◆ wolfSSL_quic_hkdf()

int wolfSSL_quic_hkdf ( uint8_t *  dest,
size_t  destlen,
const WOLFSSL_EVP_MD *  md,
const uint8_t *  secret,
size_t  secretlen,
const uint8_t *  salt,
size_t  saltlen,
const uint8_t *  info,
size_t  infolen 
)

Expand and Extract a pseudo random key.

Returns
WOLFSSL_SUCCESS If successful.
Parameters
dest- destination where key is to be written
destlen- length of the key
md- message digest to use
secret- the secret to use
secretlen- the length of the secret
salt- the salt to use
saltlen- the length of the salt
info- the info to use
infolen- the length of the info
See also
wolfSSL_quic_hkdf_extract
wolfSSL_quic_hkdf_expand

◆ wolfSSL_quic_hkdf_expand()

int wolfSSL_quic_hkdf_expand ( uint8_t *  dest,
size_t  destlen,
const WOLFSSL_EVP_MD *  md,
const uint8_t *  secret,
size_t  secretlen,
const uint8_t *  info,
size_t  infolen 
)

Expand a pseudo random key into a new key.

Returns
WOLFSSL_SUCCESS If successful.
Parameters
dest- destination where key is to be written
destlen- length of the key to expand
md- message digest to use
secret- the secret to use
secretlen- the length of the secret
info- the info to use
infolen- the length of the info
See also
wolfSSL_quic_hkdf_extract
wolfSSL_quic_hkdf

◆ wolfSSL_quic_hkdf_extract()

int wolfSSL_quic_hkdf_extract ( uint8_t *  dest,
const WOLFSSL_EVP_MD *  md,
const uint8_t *  secret,
size_t  secretlen,
const uint8_t *  salt,
size_t  saltlen 
)

Extract a pseudo random key.

Returns
WOLFSSL_SUCCESS If successful.
Parameters
dest- destination where key is to be written
md- message digest to use
secret- the secret to use
secretlen- the length of the secret
salt- the salt to use
saltlen- the length of the salt
See also
wolfSSL_quic_hkdf_expand
wolfSSL_quic_hkdf

◆ wolfSSL_quic_max_handshake_flight_len()

size_t wolfSSL_quic_max_handshake_flight_len ( const WOLFSSL *  ssl,
WOLFSSL_ENCRYPTION_LEVEL  level 
)

Get advice on the amount of data that shall be "in flight", e.g. unacknowledged at the given encryption level. This is the amount of data the WOLFSSL instance is prepared to buffer.

Returns
the recommend max data in flight
Parameters
ssl- a pointer to a WOLFSSL structure, created using wolfSSL_new().
level- the encryption level to inquire about

◆ wolfSSL_quic_read_level()

WOLFSSL_ENCRYPTION_LEVEL wolfSSL_quic_read_level ( const WOLFSSL *  ssl)

Determine the encryption level for reads currently in use. Meaningful only when the WOLFSSL instance is using QUIC.

Note that the effective level is always a parameter when passing data back and forth. Data from a peer might arrive at other levels than reported via this function.

Returns
encryption level.
Parameters
ssl- a pointer to a WOLFSSL structure, created using wolfSSL_new().
See also
wolfSSL_quic_write_level

◆ wolfSSL_quic_read_write()

int wolfSSL_quic_read_write ( WOLFSSL *  ssl)

Process any CRYPTO records that have been provided during or after the handshake. Will progress the handshake if not already complete and otherwise work like wolfSSL_process_quic_post_handshake().

Returns
WOLFSSL_SUCCESS If successful.
Parameters
ssl- a pointer to a WOLFSSL structure, created using wolfSSL_new().
See also
wolfSSL_provide_quic_data
wolfSSL_quic_read_write
wolfSSL_accept
wolfSSL_connect

◆ wolfSSL_quic_write_level()

WOLFSSL_ENCRYPTION_LEVEL wolfSSL_quic_write_level ( const WOLFSSL *  ssl)

Determine the encryption level for writes currently in use. Meaningful only when the WOLFSSL instance is using QUIC.

Note that the effective level is always a parameter when passing data back and forth. Data from a peer might arrive at other levels than reported via this function.

Returns
encryption level.
Parameters
ssl- a pointer to a WOLFSSL structure, created using wolfSSL_new().
See also
wolfSSL_quic_read_level

◆ wolfSSL_set_quic_early_data_enabled()

void wolfSSL_set_quic_early_data_enabled ( WOLFSSL *  ssl,
int  enabled 
)

Configure if Early Data is enabled. Intended for servers to signal this to clients.

Parameters
ssl- a pointer to a WOLFSSL structure, created using wolfSSL_new().
enabled- != 0 iff early data is enabled

◆ wolfSSL_set_quic_method()

int wolfSSL_set_quic_method ( WOLFSSL *  ssl,
const WOLFSSL_QUIC_METHOD *  quic_method 
)

Activate QUIC protocol for a WOLFSSL instance by providing the four callbacks required. The WOLFSSL needs to be a TLSv1.3 one.

The passed quic_method needs to have a lifetime outlasting the SSL instance. It is not copied. All callbacks need to be provided.

Returns
WOLFSSL_SUCCESS If successful.
Parameters
ssl- a pointer to a WOLFSSL structure, created using wolfSSL_new().
quic_method- the callback structure
See also
wolfSSL_is_quic
wolfSSL_CTX_set_quic_method

◆ wolfSSL_set_quic_transport_params()

int wolfSSL_set_quic_transport_params ( WOLFSSL *  ssl,
const uint8_t *  params,
size_t  params_len 
)

Set the QUIC transport parameters to use.

Returns
WOLFSSL_SUCCESS If successful.
Parameters
ssl- a pointer to a WOLFSSL structure, created using wolfSSL_new().
params- the parameter bytes to use ┬Ěparam params_len - the length of the parameters
See also
wolfSSL_set_quic_use_legacy_codepoint
wolfSSL_set_quic_transport_version

◆ wolfSSL_set_quic_transport_version()

void wolfSSL_set_quic_transport_version ( WOLFSSL *  ssl,
int  version 
)

Configure which QUIC version shall be used.

Returns
WOLFSSL_SUCCESS If successful.
Parameters
ssl- a pointer to a WOLFSSL structure, created using wolfSSL_new().
version- the TLS Extension defined for the QUIC version.
See also
wolfSSL_set_quic_use_legacy_codepoint

◆ wolfSSL_set_quic_use_legacy_codepoint()

void wolfSSL_set_quic_use_legacy_codepoint ( WOLFSSL *  ssl,
int  use_legacy 
)

Configure which QUIC version shall be used. Without calling this, the WOLFSSL will offer both (draft-27 and v1) to a server, resp. accept both from a client and negotiate the most recent one.

Returns
WOLFSSL_SUCCESS If successful.
Parameters
ssl- a pointer to a WOLFSSL structure, created using wolfSSL_new().
use_legacy- true if draft-27 shall be used, 0 if only QUICv1 is used.
See also
wolfSSL_set_quic_transport_version

Variable Documentation

◆ add_handshake_data

int(* add_handshake_data) (WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level, const uint8_t *data, size_t len) ( WOLFSSL *  ssl,
WOLFSSL_ENCRYPTION_LEVEL  level,
const uint8_t *  data,
size_t  len 
)

Callback invoked for forwarding handshake CRYPTO data to peer. The data forwarded this way is not encrypted. It is the job of the QUIC protocol implementation to do this. Which secrets are to be used is determined by the encryption level specified.

This callback may be invoked several times during handshake or post handshake processing. The data may cover a complete CRYPTO record, but may also be partial. However, the callback will have received all records data before using another encryption level.

Returns
1 on success, 0 on failure.
Parameters
ssl- a pointer to a WOLFSSL structure, created using wolfSSL_new().
level- the encryption level to use for encrypting the data
data- the data itself
len- the length of the data
See also
wolfSSL_set_quic_method

◆ flush_flight

int(* flush_flight) (WOLFSSL *ssl) ( WOLFSSL *  ssl)

Callback invoked for advisory flushing of the data to send.

Returns
1 on success, 0 on failure.
Parameters
ssl- a pointer to a WOLFSSL structure, created using wolfSSL_new().
See also
wolfSSL_set_quic_method

◆ send_alert

int(* send_alert) (WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level, uint8_t alert) ( WOLFSSL *  ssl,
WOLFSSL_ENCRYPTION_LEVEL  level,
uint8_t  alert 
)

Callback invoked when an SSL alert happened during processing.

Returns
1 on success, 0 on failure.
Parameters
ssl- a pointer to a WOLFSSL structure, created using wolfSSL_new().
level- the encryption level in effect when the alert happened
alert- the error
See also
wolfSSL_set_quic_method

◆ set_encryption_secrets

int(* set_encryption_secrets) (WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level, const uint8_t *read_secret, const uint8_t *write_secret, size_t secret_len) ( WOLFSSL *  ssl,
WOLFSSL_ENCRYPTION_LEVEL  level,
const uint8_t *  read_secret,
const uint8_t *  write_secret,
size_t  secret_len 
)

Callback invoked when secrets are generated during a handshake. Since QUIC protocol handlers perform the en-/decryption of packets, they need the negotiated secrets for the levels early_data/handshake/application.

The callback will be invoked several times during a handshake. Either both or only the read or write secret might be provided. This does not mean the given encryption level is already in effect.

Returns
1 on success, 0 on failure.
Parameters
ssl- a pointer to a WOLFSSL structure, created using wolfSSL_new().
level- the encryption level the secrets are for
read_secret- the secret used in decryption at the given level, may be NULL.
write_secret- the secret used in encryption at the given level, may be NULL.
secret_len- the length of the secret
See also
wolfSSL_set_quic_method