High-level blocking and concurrent socket integration layer for QSC TLS 1.3 and X.509.
More...
|
| QSC_EXPORT_API void | qsc_tls_socket_result_clear (qsc_tls_socket_result *result) |
| | Clear a TLS socket structured result.
|
| QSC_EXPORT_API const char * | qsc_tls_socket_status_string (qsc_tls_socket_status status) |
| | Return a constant string for a TLS socket wrapper status value.
|
| QSC_EXPORT_API void | qsc_tls_socket_options_initialize_default (qsc_tls_socket_options *options) |
| | Initialize socket options to the wrapper default values.
|
| QSC_EXPORT_API void | qsc_tls_socket_ticket_policy_initialize_default (qsc_tls_socket_ticket_policy *policy) |
| | Initialize a session ticket policy to the wrapper default values.
|
| QSC_EXPORT_API void | qsc_tls_socket_context_initialize (qsc_tls_socket_context *context) |
| | Initialize a reusable TLS socket context.
|
| QSC_EXPORT_API void | qsc_tls_socket_context_dispose (qsc_tls_socket_context *context) |
| | Dispose of a TLS socket context and clear owned sensitive state.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_context_set_default_client_policy (qsc_tls_socket_context *context) |
| | Configure the context with the default TLS 1.3 client interoperability policy.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_context_set_default_server_policy (qsc_tls_socket_context *context) |
| | Configure the context with the default TLS 1.3 server interoperability policy.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_context_set_mlkem_hybrid_policy (qsc_tls_socket_context *context) |
| | Configure the context with an explicit ML-KEM hybrid interoperability policy.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_context_set_experimental_pqc_policy (qsc_tls_socket_context *context) |
| | Configure the context with the experimental ML-KEM and ML-DSA policy.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_context_set_strict_policy (qsc_tls_socket_context *context) |
| | Configure the context with the strict TLS policy.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_context_set_development_policy (qsc_tls_socket_context *context) |
| | Configure the context with the development TLS policy.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_context_set_cipher_suites (qsc_tls_socket_context *context, const qsc_tls_cipher_suite *suites, size_t suitecount) |
| | Set the ordered cipher suite preference list for the context.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_context_set_named_groups (qsc_tls_socket_context *context, const qsc_tls_named_group *groups, size_t groupcount) |
| | Set the ordered named group preference list for the context.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_context_set_signature_schemes (qsc_tls_socket_context *context, const qsc_tls_signature_scheme *schemes, size_t schemecount) |
| | Set the ordered signature scheme preference list for the context.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_context_load_trust_anchor_file (qsc_tls_socket_context *context, const char *path, bool selfsigned) |
| | Load a trust anchor certificate file into the context trust store.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_context_load_trust_anchor_bundle_file (qsc_tls_socket_context *context, const char *path, bool selfsigned) |
| | Load a trust anchor bundle file into the context trust store.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_context_load_crl_file (qsc_tls_socket_context *context, const char *path) |
| | Load a certificate revocation list file into the context trust store.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_context_load_server_identity_files (qsc_tls_socket_context *context, const char *certificatechainpath, const char *privatekeypath, qsc_tls_signature_scheme verifyscheme) |
| | Load a server certificate chain and private key into the context.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_context_add_server_identity_files (qsc_tls_socket_context *context, const char *hostname, const char *certificatechainpath, const char *privatekeypath, qsc_tls_signature_scheme verifyscheme) |
| | Load an additional SNI-selectable server identity from certificate-chain and private-key files.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_context_set_sni_required (qsc_tls_socket_context *context, bool required) |
| | Configure whether server handshakes require a recognized SNI hostname.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_context_set_client_auth (qsc_tls_socket_context *context, bool requestclientauth, bool requireclientauth) |
| | Configure server-side client certificate authentication policy.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_context_set_client_authorization (qsc_tls_socket_context *context, qsc_tls_client_authorization_callback callback, void *state, bool required) |
| | Configure the server-side mTLS application authorization callback.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_context_set_socket_options (qsc_tls_socket_context *context, const qsc_tls_socket_options *options) |
| | Set the default socket options for the context.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_context_set_alpn_protocols (qsc_tls_socket_context *context, const char *const *protocols, size_t protocolcount, bool required) |
| | Set the ordered ALPN protocol list for the context.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_context_clear_alpn_protocols (qsc_tls_socket_context *context) |
| | Clear the ordered ALPN protocol list from the context.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_context_set_log_callback (qsc_tls_socket_context *context, qsc_tls_socket_log_callback callback, void *state) |
| | Set the context-level structured logging callback.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_context_set_session_ticket_policy (qsc_tls_socket_context *context, const qsc_tls_socket_ticket_policy *policy) |
| | Set the context-level session ticket policy.
|
| QSC_EXPORT_API bool | qsc_tls_socket_session_ticket_is_valid (const qsc_tls_session_ticket *ticket) |
| | Test whether a session ticket is structurally acceptable for resumption.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_context_set_session_ticket (qsc_tls_socket_context *context, const qsc_tls_session_ticket *ticket) |
| | Set the client session ticket used for resumption attempts.
|
| QSC_EXPORT_API void | qsc_tls_socket_context_clear_session_ticket (qsc_tls_socket_context *context) |
| | Clear the client session ticket stored in the context.
|
| QSC_EXPORT_API void | qsc_tls_socket_connection_initialize (qsc_tls_socket_connection *connection) |
| | Initialize a TLS socket connection structure.
|
| QSC_EXPORT_API void | qsc_tls_socket_connection_dispose (qsc_tls_socket_connection *connection) |
| | Dispose of a TLS socket connection and clear owned sensitive state.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_client_connect_host (qsc_tls_socket_connection *connection, const qsc_tls_socket_context *context, const char *hostname, const char *service) |
| | Connect to a remote host and complete a TLS client handshake.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_client_connect_host_ex (qsc_tls_socket_connection *connection, const qsc_tls_socket_context *context, const char *hostname, const char *service, const qsc_tls_session_ticket *ticket, bool enableearlydata) |
| | Connect to a remote host with an explicit session ticket and early-data preference.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_client_connect_ipv4 (qsc_tls_socket_connection *connection, const qsc_tls_socket_context *context, const qsc_ipinfo_ipv4_address *address, uint16_t port, const char *hostname) |
| | Connect to an IPv4 address and complete a TLS client handshake.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_client_connect_ipv6 (qsc_tls_socket_connection *connection, const qsc_tls_socket_context *context, const qsc_ipinfo_ipv6_address *address, uint16_t port, const char *hostname) |
| | Connect to an IPv6 address and complete a TLS client handshake.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_send (qsc_tls_socket_connection *connection, const uint8_t *input, size_t inlen, size_t *written) |
| | Send application data over a completed TLS socket connection.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_receive (qsc_tls_socket_connection *connection, uint8_t *output, size_t outlen, size_t *read) |
| | Receive application data from a completed TLS socket connection.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_shutdown (qsc_tls_socket_connection *connection) |
| | Send a TLS close_notify alert and close the TLS socket connection.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_key_update (qsc_tls_socket_connection *connection, bool requestpeerupdate) |
| | Request a TLS 1.3 KeyUpdate operation on a completed connection.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_server_send_session_ticket (qsc_tls_socket_connection *connection, uint32_t lifetime_seconds, qsc_tls_session_ticket *ticketout) |
| | Send a TLS server session ticket over a completed server connection.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_connection_set_socket_options (qsc_tls_socket_connection *connection, const qsc_tls_socket_options *options) |
| | Apply socket options to an initialized or connected TLS socket connection.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_connection_set_log_callback (qsc_tls_socket_connection *connection, qsc_tls_socket_log_callback callback, void *state) |
| | Set the connection-level structured logging callback.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_connection_cancel (qsc_tls_socket_connection *connection) |
| | Request cancellation of a TLS socket connection.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_get_peer_info (const qsc_tls_socket_connection *connection, qsc_tls_socket_peer_info *peerinfo) |
| | Retrieve the peer information summary for a TLS socket connection.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_get_selected_alpn (const qsc_tls_socket_connection *connection, char *protocol, size_t protocolcap, size_t *protocollen) |
| | Retrieve the selected ALPN protocol for a TLS socket connection.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_connection_get_session_ticket (const qsc_tls_socket_connection *connection, qsc_tls_session_ticket *ticketout) |
| | Retrieve the most recent session ticket associated with a connection.
|
| QSC_EXPORT_API void | qsc_tls_socket_connection_clear_session_ticket (qsc_tls_socket_connection *connection) |
| | Clear the most recent session ticket retained by a connection.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_send_frame (qsc_tls_socket_connection *connection, const uint8_t *input, size_t inlen) |
| | Send a length-prefixed framed application message.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_receive_frame (qsc_tls_socket_connection *connection, uint8_t *output, size_t outlen, size_t *read) |
| | Receive a length-prefixed framed application message.
|
| QSC_EXPORT_API bool | qsc_tls_socket_is_connected (const qsc_tls_socket_connection *connection) |
| | Test whether a TLS socket connection owns a connected socket.
|
| QSC_EXPORT_API bool | qsc_tls_socket_is_handshake_complete (const qsc_tls_socket_connection *connection) |
| | Test whether the TLS handshake has completed.
|
| QSC_EXPORT_API qsc_tls_cipher_suite | qsc_tls_socket_negotiated_cipher_suite (const qsc_tls_socket_connection *connection) |
| | Get the negotiated TLS cipher suite.
|
| QSC_EXPORT_API qsc_tls_named_group | qsc_tls_socket_negotiated_group (const qsc_tls_socket_connection *connection) |
| | Get the negotiated TLS named group.
|
| QSC_EXPORT_API qsc_tls_signature_scheme | qsc_tls_socket_negotiated_signature_scheme (const qsc_tls_socket_connection *connection) |
| | Get the negotiated TLS signature scheme.
|
| QSC_EXPORT_API void | qsc_tls_socket_listener_initialize (qsc_tls_socket_listener *listener) |
| | Initialize a TLS socket listener structure.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_listener_set_options (qsc_tls_socket_listener *listener, bool reuseaddress, bool nodelay, uint32_t recvtimeoutms, uint32_t sendtimeoutms) |
| | Set basic listener socket options.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_listener_set_socket_options (qsc_tls_socket_listener *listener, const qsc_tls_socket_options *options) |
| | Set the full listener socket option structure.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_listener_bind (qsc_tls_socket_listener *listener, const qsc_tls_socket_context *context, const char *address, uint16_t port, qsc_socket_address_families family) |
| | Bind a TLS listener to a local address and port.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_listener_accept (qsc_tls_socket_listener *listener, qsc_tls_socket_connection *connection) |
| | Accept an inbound socket and complete a TLS server handshake.
|
| QSC_EXPORT_API void | qsc_tls_socket_listener_close (qsc_tls_socket_listener *listener) |
| | Close a TLS socket listener.
|
| QSC_EXPORT_API void | qsc_tls_socket_server_initialize (qsc_tls_socket_server *server) |
| | Initialize a TLS socket server structure.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_server_configure (qsc_tls_socket_server *server, const qsc_tls_socket_context *context, const char *address, uint16_t port, qsc_socket_address_families family) |
| | Configure a TLS socket server listener and context.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_server_set_callbacks (qsc_tls_socket_server *server, qsc_tls_socket_server_connect_callback onconnect, qsc_tls_socket_server_receive_callback onreceive, qsc_tls_socket_server_disconnect_callback ondisconnect, qsc_tls_socket_server_error_callback onerror, void *state) |
| | Set the application callbacks for a TLS socket server.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_server_set_log_callback (qsc_tls_socket_server *server, qsc_tls_socket_log_callback callback, void *state) |
| | Set the server-level structured logging callback.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_server_set_max_clients (qsc_tls_socket_server *server, size_t maxclients) |
| | Set the maximum number of concurrent client connections accepted by the server.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_server_start (qsc_tls_socket_server *server) |
| | Start the server in blocking sequential mode.
|
| QSC_EXPORT_API qsc_tls_socket_status | qsc_tls_socket_server_start_concurrent (qsc_tls_socket_server *server) |
| | Start the server in bounded concurrent mode.
|
| QSC_EXPORT_API void | qsc_tls_socket_server_stop (qsc_tls_socket_server *server) |
| | Stop a running TLS socket server.
|
| QSC_EXPORT_API void | qsc_tls_socket_server_dispose (qsc_tls_socket_server *server) |
| | Dispose of a TLS socket server and clear owned connection state.
|
High-level blocking and concurrent socket integration layer for QSC TLS 1.3 and X.509.
This header defines the public API for the QSC TLS socket wrapper. The wrapper composes the QSC dual-stack socket layer, the TLS 1.3 engine, the record-framed TLS I/O adapter, and the X.509 wrapper into deployment-oriented client, listener, accepted-connection, and server APIs.
The wrapper does not implement an independent TLS or X.509 stack. It owns the application-facing lifecycle around the existing TLS and X.509 components. It provides context-based policy selection, trust-store loading, server identity loading, socket option control, blocking client connections, blocking listener accept, a bounded concurrent server mode, framed application messages, session ticket policy helpers, structured result reporting, and optional structured logging callbacks.
The default client and server policies are intended for conservative TLS 1.3 interoperability. The ML-KEM hybrid and experimental PQC profiles are explicit opt-in profiles and require compatible peers. The wrapper stores TLS, socket, and X.509 status values separately in qsc_tls_socket_result so that callers can distinguish transport failures from TLS protocol and certificate validation errors.
Ownership model:
- qsc_tls_socket_context owns reusable policy, trust-store, X.509 bridge, server identity, and session ticket policy state.
- qsc_tls_socket_connection owns a connected or accepted socket, a TLS engine instance, and a TLS I/O adapter bound to that engine and socket.
- qsc_tls_socket_listener owns the listening socket and references a context supplied by the caller.
- qsc_tls_socket_server owns a listener and, in concurrent mode, a fixed pool of connection slots.
uint8_t buf[4096U];
size_t rlen = 0U;
{
const uint8_t req[] = "GET / HTTP/1.1\r\nHost: example.com\r\nConnection: close\r\n\r\n";
}
qsc_tls_socket_connection_dispose(&conn);
qsc_tls_socket_context_dispose(&ctx);
A live TLS socket connection containing the socket, TLS engine, I/O adapter, and connection state.
Definition tlssocket.h:353
A reusable TLS socket policy, trust, identity, and logging context.
Definition tlssocket.h:314
@ qsc_tls_socket_status_success
Definition tlssocket.h:232
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_default_client_policy(qsc_tls_socket_context *context)
Configure the context with the default TLS 1.3 client interoperability policy.
Definition tlssocket.c:1361
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_send(qsc_tls_socket_connection *connection, const uint8_t *input, size_t inlen, size_t *written)
Send application data over a completed TLS socket connection.
Definition tlssocket.c:2011
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_shutdown(qsc_tls_socket_connection *connection)
Send a TLS close_notify alert and close the TLS socket connection.
Definition tlssocket.c:2093
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_receive(qsc_tls_socket_connection *connection, uint8_t *output, size_t outlen, size_t *read)
Receive application data from a completed TLS socket connection.
Definition tlssocket.c:2052
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_client_connect_host(qsc_tls_socket_connection *connection, const qsc_tls_socket_context *context, const char *hostname, const char *service)
Connect to a remote host and complete a TLS client handshake.
Definition tlssocket.c:1991
QSC_EXPORT_API void qsc_tls_socket_context_initialize(qsc_tls_socket_context *context)
Initialize a reusable TLS socket context.
Definition tlssocket.c:1265
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_load_trust_anchor_bundle_file(qsc_tls_socket_context *context, const char *path, bool selfsigned)
Load a trust anchor bundle file into the context trust store.
Definition tlssocket.c:1547
QSC_EXPORT_API void qsc_tls_socket_connection_initialize(qsc_tls_socket_connection *connection)
Initialize a TLS socket connection structure.
Definition tlssocket.c:1957
Reference Links:
1.14.0