QSC/tlssocket_8h_source.html

/* 2020-2026 Quantum Resistant Cryptographic Solutions Corporation

 * All Rights Reserved.

 *

 * Written by: John G. Underhill

 * Contact: contact@qrcscorp.ca

 */


#ifndef QSC_TLS_SOCKET_H

#define QSC_TLS_SOCKET_H


#include "qsccommon.h"

#include "async.h"

#include "tlsengine.h"

#include "tlssignerdefault.h"

#include "tlsio.h"

#include "socketbase.h"

#include "socketclient.h"

#include "socketserver.h"

#include "x509wrap.h"

#include "x509types.h"


QSC_CPLUSPLUS_ENABLED_START


#define QSC_TLS_SOCKET_CIPHER_SUITE_MAX 8U


#define QSC_TLS_SOCKET_GROUP_MAX 16U


#define QSC_TLS_SOCKET_SIGNATURE_SCHEME_MAX 16U


#define QSC_TLS_SOCKET_SERVER_IDENTITY_MAX QSC_TLS_MAX_SERVER_IDENTITIES


#define QSC_TLS_SOCKET_ALPN_PROTOCOL_MAX QSC_TLS_MAX_ALPN_PROTOCOLS


#define QSC_TLS_SOCKET_ALPN_SIZE_MAX QSC_TLS_MAX_ALPN_SIZE


#define QSC_TLS_SOCKET_SERVER_BUFFER_SIZE 16384U


#define QSC_TLS_SOCKET_SERVER_CONNECTIONS_MAX 64U


#define QSC_TLS_SOCKET_FRAME_HEADER_SIZE 4U


#define QSC_TLS_SOCKET_FRAME_SIZE_MAX 16777216U


#define QSC_TLS_SOCKET_TICKET_LIFETIME_MAX 604800U


typedef enum qsc_tls_socket_log_level

{

    qsc_tls_socket_log_level_none = 0,

    qsc_tls_socket_log_level_error = 1,

    qsc_tls_socket_log_level_warning = 2,

    qsc_tls_socket_log_level_info = 3,

    qsc_tls_socket_log_level_debug = 4

} qsc_tls_socket_log_level;


typedef enum qsc_tls_socket_event

{

    qsc_tls_socket_event_none = 0,

    qsc_tls_socket_event_context_configured = 1,

    qsc_tls_socket_event_socket_options = 2,

    qsc_tls_socket_event_connect = 3,

    qsc_tls_socket_event_accept = 4,

    qsc_tls_socket_event_handshake_start = 5,

    qsc_tls_socket_event_handshake_complete = 6,

    qsc_tls_socket_event_send = 7,

    qsc_tls_socket_event_receive = 8,

    qsc_tls_socket_event_frame_send = 9,

    qsc_tls_socket_event_frame_receive = 10,

    qsc_tls_socket_event_ticket = 11,

    qsc_tls_socket_event_key_update = 12,

    qsc_tls_socket_event_shutdown = 13,

    qsc_tls_socket_event_worker_start = 14,

    qsc_tls_socket_event_worker_stop = 15,

    qsc_tls_socket_event_error = 16

} qsc_tls_socket_event;


typedef struct qsc_tls_socket_options

{

    uint32_t connect_timeout_ms;

    uint32_t handshake_timeout_ms;

    uint32_t receive_timeout_ms;

    uint32_t send_timeout_ms;

    uint32_t idle_timeout_ms;

    size_t receive_buffer_size;

    size_t send_buffer_size;

    bool reuse_address;

    bool no_delay;

    bool keep_alive;

    bool dual_stack;

    bool blocking;

} qsc_tls_socket_options;


typedef struct qsc_tls_socket_ticket_policy

{

    bool enabled;

    bool allow_early_data;

    bool auto_send_server_ticket;

    uint32_t lifetime_seconds;

    uint32_t renewal_interval_seconds;

} qsc_tls_socket_ticket_policy;


typedef enum qsc_tls_socket_status

{

    qsc_tls_socket_status_success = 0,

    qsc_tls_socket_status_invalid_input = 1,

    qsc_tls_socket_status_not_initialized = 2,

    qsc_tls_socket_status_socket_start_failed = 3,

    qsc_tls_socket_status_socket_connect_failed = 4,

    qsc_tls_socket_status_socket_bind_failed = 5,

    qsc_tls_socket_status_socket_listen_failed = 6,

    qsc_tls_socket_status_socket_accept_failed = 7,

    qsc_tls_socket_status_tls_initialize_failed = 8,

    qsc_tls_socket_status_tls_handshake_failed = 9,

    qsc_tls_socket_status_certificate_load_failed = 10,

    qsc_tls_socket_status_certificate_verify_failed = 11,

    qsc_tls_socket_status_private_key_invalid = 12,

    qsc_tls_socket_status_policy_rejected = 13,

    qsc_tls_socket_status_io_failed = 14,

    qsc_tls_socket_status_closed = 15,

    qsc_tls_socket_status_internal_error = 16

} qsc_tls_socket_status;


typedef struct qsc_tls_socket_result

{

    qsc_tls_socket_status status;

    qsc_tls_status tlsstatus;

    qsc_socket_exceptions socketstatus;

    qsc_x509w_status x509status;

    qsc_x509_verify_status verifystatus;

    qsc_tls_alert_description alert;

} qsc_tls_socket_result;


typedef void (*qsc_tls_socket_log_callback)(qsc_tls_socket_log_level level, qsc_tls_socket_event event, const qsc_tls_socket_result* result, const char* message, void* state);


typedef struct qsc_tls_socket_peer_info

{

    char subject[QSC_X509_NAME_ATTRIBUTE_STRING_MAX];

    char issuer[QSC_X509_NAME_ATTRIBUTE_STRING_MAX];

    char common_name[QSC_X509_NAME_ATTRIBUTE_STRING_MAX];

    char dns_name[QSC_X509_NAME_ATTRIBUTE_STRING_MAX];

    qsc_tls_socket_result result;

    qsc_tls_cipher_suite cipher_suite;

    qsc_tls_named_group named_group;

    qsc_tls_signature_scheme signature_scheme;

    qsc_x509w_status x509_status;

    qsc_x509_verify_status verify_status;

    bool authenticated;

    bool hostname_matched;

    bool hostname_checked;

    bool chain_valid;

    bool psk_accepted;

    bool early_data_accepted;

    bool alpn_selected;

    char selected_alpn[QSC_TLS_SOCKET_ALPN_SIZE_MAX + 1U];

} qsc_tls_socket_peer_info;


typedef struct qsc_tls_socket_context

{

    qsc_x509w_trust_store truststore;

    qsc_x509w_server_identity identity;

    qsc_x509w_tls_bridge bridge;

    qsc_x509w_tls_local_certificate localcert;

    qsc_x509w_tls_local_certificate snilocalcerts[QSC_TLS_SOCKET_SERVER_IDENTITY_MAX];

    char snihostnames[QSC_TLS_SOCKET_SERVER_IDENTITY_MAX][QSC_TLS_MAX_HOSTNAME_SIZE + 1U];

    size_t sniidentitycount;

    bool requiresni;

    qsc_x509w_profile certificateprofile;

    qsc_tls_socket_options socketoptions;

    qsc_tls_socket_ticket_policy ticketpolicy;

    qsc_tls_alpn_protocols alpn;

    qsc_tls_session_ticket sessionticket;

    qsc_tls_socket_log_callback logcallback;

    void* logstate;

    qsc_tls_cipher_suite ciphersuites[QSC_TLS_SOCKET_CIPHER_SUITE_MAX];

    qsc_tls_named_group groups[QSC_TLS_SOCKET_GROUP_MAX];

    qsc_tls_signature_scheme sigschemes[QSC_TLS_SOCKET_SIGNATURE_SCHEME_MAX];

    size_t ciphersuitecount;

    size_t groupcount;

    size_t sigschemecount;

    bool hasidentity;

    bool hastruststore;

    qsc_tls_client_authorization_callback clientauthcallback;

    void* clientauthstate;

    bool requireclientauthorization;

    bool requireclientauth;

    bool requestclientauth;

    bool allowunverified;

    bool hassessionticket;

    bool initialized;

} qsc_tls_socket_context;


typedef struct qsc_tls_socket_connection

{

    qsc_socket socket;

    qsc_tls_connection engine;

    qsc_tls_io_connection io;

    qsc_tls_role role;

    qsc_socket_address_families family;

    qsc_tls_socket_result lastresult;

    qsc_tls_socket_peer_info peerinfo;

    qsc_tls_socket_options socketoptions;

    qsc_tls_socket_ticket_policy ticketpolicy;

    qsc_tls_session_ticket lastticket;

    qsc_tls_signer_default_context signcontext;

    qsc_tls_socket_log_callback logcallback;

    void* logstate;

    char peername[QSC_SOCKET_ADDRESS_MAX_SIZE];

    uint16_t peerport;

    bool connected;

    bool handshaked;

    bool owns_socket;

    bool haslastticket;

    bool cancelrequested;

} qsc_tls_socket_connection;


typedef struct qsc_tls_socket_listener

{

    qsc_socket socket;

    const qsc_tls_socket_context* context;

    qsc_socket_address_families family;

    uint16_t port;

    int32_t backlog;

    qsc_tls_socket_options socketoptions;

    bool initialized;

    bool listening;

} qsc_tls_socket_listener;


struct qsc_tls_socket_server;


typedef struct qsc_tls_socket_server_worker_state

{

    struct qsc_tls_socket_server* server;

    size_t index;

} qsc_tls_socket_server_worker_state;


typedef void (*qsc_tls_socket_server_connect_callback)(qsc_tls_socket_connection* connection, void* state);


typedef void (*qsc_tls_socket_server_receive_callback)(qsc_tls_socket_connection* connection, const uint8_t* message, size_t msglen, void* state);


typedef void (*qsc_tls_socket_server_disconnect_callback)(qsc_tls_socket_connection* connection, void* state);


typedef void (*qsc_tls_socket_server_error_callback)(qsc_tls_socket_connection* connection, qsc_tls_socket_status status, void* state);


typedef struct qsc_tls_socket_server

{

    qsc_tls_socket_listener listener;

    qsc_tls_socket_server_connect_callback onconnect;

    qsc_tls_socket_server_receive_callback onreceive;

    qsc_tls_socket_server_disconnect_callback ondisconnect;

    qsc_tls_socket_server_error_callback onerror;

    qsc_tls_socket_log_callback onlog;

    void* callbackstate;

    void* logstate;

    qsc_tls_socket_connection connections[QSC_TLS_SOCKET_SERVER_CONNECTIONS_MAX];

    qsc_tls_socket_server_worker_state workerstates[QSC_TLS_SOCKET_SERVER_CONNECTIONS_MAX];

    qsc_thread workerthreads[QSC_TLS_SOCKET_SERVER_CONNECTIONS_MAX];

    volatile bool active[QSC_TLS_SOCKET_SERVER_CONNECTIONS_MAX];

    volatile bool started[QSC_TLS_SOCKET_SERVER_CONNECTIONS_MAX];

    qsc_mutex poolmutex;

    size_t maxclients;

    volatile bool running;

    bool concurrent;

    bool initialized;

} qsc_tls_socket_server;


QSC_EXPORT_API void qsc_tls_socket_result_clear(qsc_tls_socket_result* result);


QSC_EXPORT_API const char* qsc_tls_socket_status_string(qsc_tls_socket_status status);


QSC_EXPORT_API void qsc_tls_socket_options_initialize_default(qsc_tls_socket_options* options);


QSC_EXPORT_API void qsc_tls_socket_ticket_policy_initialize_default(qsc_tls_socket_ticket_policy* policy);


QSC_EXPORT_API void qsc_tls_socket_context_initialize(qsc_tls_socket_context* context);


QSC_EXPORT_API void qsc_tls_socket_context_dispose(qsc_tls_socket_context* context);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_default_client_policy(qsc_tls_socket_context* context);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_default_server_policy(qsc_tls_socket_context* context);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_mlkem_hybrid_policy(qsc_tls_socket_context* context);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_experimental_pqc_policy(qsc_tls_socket_context* context);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_strict_policy(qsc_tls_socket_context* context);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_development_policy(qsc_tls_socket_context* context);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_cipher_suites(qsc_tls_socket_context* context, const qsc_tls_cipher_suite* suites, size_t suitecount);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_named_groups(qsc_tls_socket_context* context, const qsc_tls_named_group* groups, size_t groupcount);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_signature_schemes(qsc_tls_socket_context* context, const qsc_tls_signature_scheme* schemes, size_t schemecount);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_load_trust_anchor_file(qsc_tls_socket_context* context, const char* path, bool selfsigned);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_load_trust_anchor_bundle_file(qsc_tls_socket_context* context, const char* path, bool selfsigned);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_load_crl_file(qsc_tls_socket_context* context, const char* path);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_load_server_identity_files(qsc_tls_socket_context* context, const char* certificatechainpath, const char* privatekeypath, qsc_tls_signature_scheme verifyscheme);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_add_server_identity_files(qsc_tls_socket_context* context, const char* hostname,

    const char* certificatechainpath, const char* privatekeypath, qsc_tls_signature_scheme verifyscheme);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_sni_required(qsc_tls_socket_context* context, bool required);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_client_auth(qsc_tls_socket_context* context, bool requestclientauth, bool requireclientauth);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_client_authorization(qsc_tls_socket_context* context,

    qsc_tls_client_authorization_callback callback, void* state, bool required);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_socket_options(qsc_tls_socket_context* context, const qsc_tls_socket_options* options);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_alpn_protocols(qsc_tls_socket_context* context, const char* const* protocols, size_t protocolcount, bool required);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_clear_alpn_protocols(qsc_tls_socket_context* context);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_log_callback(qsc_tls_socket_context* context, qsc_tls_socket_log_callback callback, void* state);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_session_ticket_policy(qsc_tls_socket_context* context, const qsc_tls_socket_ticket_policy* policy);


QSC_EXPORT_API bool qsc_tls_socket_session_ticket_is_valid(const qsc_tls_session_ticket* ticket);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_session_ticket(qsc_tls_socket_context* context, const qsc_tls_session_ticket* ticket);


QSC_EXPORT_API void qsc_tls_socket_context_clear_session_ticket(qsc_tls_socket_context* context);


QSC_EXPORT_API void qsc_tls_socket_connection_initialize(qsc_tls_socket_connection* connection);


QSC_EXPORT_API void qsc_tls_socket_connection_dispose(qsc_tls_socket_connection* connection);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_client_connect_host(qsc_tls_socket_connection* connection, const qsc_tls_socket_context* context, const char* hostname, const char* service);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_client_connect_host_ex(qsc_tls_socket_connection* connection, const qsc_tls_socket_context* context, const char* hostname, const char* service, const qsc_tls_session_ticket* ticket, bool enableearlydata);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_client_connect_ipv4(qsc_tls_socket_connection* connection, const qsc_tls_socket_context* context, const qsc_ipinfo_ipv4_address* address, uint16_t port, const char* hostname);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_client_connect_ipv6(qsc_tls_socket_connection* connection, const qsc_tls_socket_context* context, const qsc_ipinfo_ipv6_address* address, uint16_t port, const char* hostname);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_send(qsc_tls_socket_connection* connection, const uint8_t* input, size_t inlen, size_t* written);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_receive(qsc_tls_socket_connection* connection, uint8_t* output, size_t outlen, size_t* read);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_shutdown(qsc_tls_socket_connection* connection);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_key_update(qsc_tls_socket_connection* connection, bool requestpeerupdate);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_server_send_session_ticket(qsc_tls_socket_connection* connection, uint32_t lifetime_seconds, qsc_tls_session_ticket* ticketout);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_connection_set_socket_options(qsc_tls_socket_connection* connection, const qsc_tls_socket_options* options);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_connection_set_log_callback(qsc_tls_socket_connection* connection, qsc_tls_socket_log_callback callback, void* state);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_connection_cancel(qsc_tls_socket_connection* connection);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_get_peer_info(const qsc_tls_socket_connection* connection, qsc_tls_socket_peer_info* peerinfo);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_get_selected_alpn(const qsc_tls_socket_connection* connection, char* protocol, size_t protocolcap, size_t* protocollen);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_connection_get_session_ticket(const qsc_tls_socket_connection* connection, qsc_tls_session_ticket* ticketout);


QSC_EXPORT_API void qsc_tls_socket_connection_clear_session_ticket(qsc_tls_socket_connection* connection);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_send_frame(qsc_tls_socket_connection* connection, const uint8_t* input, size_t inlen);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_receive_frame(qsc_tls_socket_connection* connection, uint8_t* output, size_t outlen, size_t* read);


QSC_EXPORT_API bool qsc_tls_socket_is_connected(const qsc_tls_socket_connection* connection);


QSC_EXPORT_API bool qsc_tls_socket_is_handshake_complete(const qsc_tls_socket_connection* connection);


QSC_EXPORT_API qsc_tls_cipher_suite qsc_tls_socket_negotiated_cipher_suite(const qsc_tls_socket_connection* connection);


QSC_EXPORT_API qsc_tls_named_group qsc_tls_socket_negotiated_group(const qsc_tls_socket_connection* connection);


QSC_EXPORT_API qsc_tls_signature_scheme qsc_tls_socket_negotiated_signature_scheme(const qsc_tls_socket_connection* connection);


QSC_EXPORT_API void qsc_tls_socket_listener_initialize(qsc_tls_socket_listener* listener);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_listener_set_options(qsc_tls_socket_listener* listener, bool reuseaddress, bool nodelay, uint32_t recvtimeoutms, uint32_t sendtimeoutms);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_listener_set_socket_options(qsc_tls_socket_listener* listener, const qsc_tls_socket_options* options);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_listener_bind(qsc_tls_socket_listener* listener, const qsc_tls_socket_context* context, const char* address, uint16_t port, qsc_socket_address_families family);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_listener_accept(qsc_tls_socket_listener* listener, qsc_tls_socket_connection* connection);


QSC_EXPORT_API void qsc_tls_socket_listener_close(qsc_tls_socket_listener* listener);


QSC_EXPORT_API void qsc_tls_socket_server_initialize(qsc_tls_socket_server* server);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_server_configure(qsc_tls_socket_server* server, const qsc_tls_socket_context* context, const char* address, uint16_t port, qsc_socket_address_families family);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_server_set_callbacks(qsc_tls_socket_server* server, qsc_tls_socket_server_connect_callback onconnect, qsc_tls_socket_server_receive_callback onreceive, qsc_tls_socket_server_disconnect_callback ondisconnect, qsc_tls_socket_server_error_callback onerror, void* state);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_server_set_log_callback(qsc_tls_socket_server* server, qsc_tls_socket_log_callback callback, void* state);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_server_set_max_clients(qsc_tls_socket_server* server, size_t maxclients);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_server_start(qsc_tls_socket_server* server);


QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_server_start_concurrent(qsc_tls_socket_server* server);


QSC_EXPORT_API void qsc_tls_socket_server_stop(qsc_tls_socket_server* server);


QSC_EXPORT_API void qsc_tls_socket_server_dispose(qsc_tls_socket_server* server);


QSC_CPLUSPLUS_ENABLED_END


#endif

async.h
Asynchronous Thread and Mutex Management Functions.

qsccommon.h
Contains common definitions for the Quantum Secure Cryptographic (QSC) library.

QSC_EXPORT_API
#define QSC_EXPORT_API
API export macro for Microsoft compilers when importing from a DLL.
Definition qsccommon.h:645

QSC_SOCKET_ADDRESS_MAX_SIZE
#define QSC_SOCKET_ADDRESS_MAX_SIZE
Definition socket.h:69

socketbase.h
Socket function definitions.

qsc_socket_exceptions
qsc_socket_exceptions
Socket code enumeration names.
Definition socketbase.h:115

socketclient.h
The socket client function definitions.

qsc_socket_address_families
qsc_socket_address_families
The socket address family type.
Definition socketflags.h:80

socketserver.h
The socket server function definitions.

qsc_ipinfo_ipv4_address
The IPv4 address structure.
Definition ipinfo.h:161

qsc_ipinfo_ipv6_address
The IPv6 address structure.
Definition ipinfo.h:330

qsc_socket
The socket instance structure.
Definition socket.h:133

qsc_tls_alpn_protocols
Stores a bounded ordered ALPN protocol list and its negotiation policy.
Definition tlsstate.h:102

qsc_tls_connection
Unified TLS engine connection context.
Definition tlsengine.h:120

qsc_tls_io_connection
Stores the non-owning association between a TLS engine and a socket.
Definition tlsio.h:97

qsc_tls_session_ticket
Definition tlssession.h:85

qsc_tls_signer_default_context
State bound to qsc_tls_certificate_sign_callback when using the default signer.
Definition tlssignerdefault.h:96

qsc_tls_socket_connection
A live TLS socket connection containing the socket, TLS engine, I/O adapter, and connection state.
Definition tlssocket.h:353

qsc_tls_socket_connection::logcallback
qsc_tls_socket_log_callback logcallback
Definition tlssocket.h:365

qsc_tls_socket_connection::peername
char peername[QSC_SOCKET_ADDRESS_MAX_SIZE]
Definition tlssocket.h:367

qsc_tls_socket_connection::owns_socket
bool owns_socket
Definition tlssocket.h:371

qsc_tls_socket_connection::role
qsc_tls_role role
Definition tlssocket.h:357

qsc_tls_socket_connection::haslastticket
bool haslastticket
Definition tlssocket.h:372

qsc_tls_socket_connection::signcontext
qsc_tls_signer_default_context signcontext
Definition tlssocket.h:364

qsc_tls_socket_connection::lastticket
qsc_tls_session_ticket lastticket
Definition tlssocket.h:363

qsc_tls_socket_connection::engine
qsc_tls_connection engine
Definition tlssocket.h:355

qsc_tls_socket_connection::peerinfo
qsc_tls_socket_peer_info peerinfo
Definition tlssocket.h:360

qsc_tls_socket_connection::logstate
void * logstate
Definition tlssocket.h:366

qsc_tls_socket_connection::socketoptions
qsc_tls_socket_options socketoptions
Definition tlssocket.h:361

qsc_tls_socket_connection::lastresult
qsc_tls_socket_result lastresult
Definition tlssocket.h:359

qsc_tls_socket_connection::socket
qsc_socket socket
Definition tlssocket.h:354

qsc_tls_socket_connection::peerport
uint16_t peerport
Definition tlssocket.h:368

qsc_tls_socket_connection::connected
bool connected
Definition tlssocket.h:369

qsc_tls_socket_connection::io
qsc_tls_io_connection io
Definition tlssocket.h:356

qsc_tls_socket_connection::cancelrequested
bool cancelrequested
Definition tlssocket.h:373

qsc_tls_socket_connection::ticketpolicy
qsc_tls_socket_ticket_policy ticketpolicy
Definition tlssocket.h:362

qsc_tls_socket_connection::handshaked
bool handshaked
Definition tlssocket.h:370

qsc_tls_socket_connection::family
qsc_socket_address_families family
Definition tlssocket.h:358

qsc_tls_socket_context
A reusable TLS socket policy, trust, identity, and logging context.
Definition tlssocket.h:314

qsc_tls_socket_context::logcallback
qsc_tls_socket_log_callback logcallback
Definition tlssocket.h:328

qsc_tls_socket_context::sigschemes
qsc_tls_signature_scheme sigschemes[QSC_TLS_SOCKET_SIGNATURE_SCHEME_MAX]
Definition tlssocket.h:332

qsc_tls_socket_context::groups
qsc_tls_named_group groups[QSC_TLS_SOCKET_GROUP_MAX]
Definition tlssocket.h:331

qsc_tls_socket_context::clientauthcallback
qsc_tls_client_authorization_callback clientauthcallback
Definition tlssocket.h:338

qsc_tls_socket_context::snihostnames
char snihostnames[QSC_TLS_SOCKET_SERVER_IDENTITY_MAX][QSC_TLS_MAX_HOSTNAME_SIZE+1U]
Definition tlssocket.h:320

qsc_tls_socket_context::hasidentity
bool hasidentity
Definition tlssocket.h:336

qsc_tls_socket_context::requiresni
bool requiresni
Definition tlssocket.h:322

qsc_tls_socket_context::alpn
qsc_tls_alpn_protocols alpn
Definition tlssocket.h:326

qsc_tls_socket_context::clientauthstate
void * clientauthstate
Definition tlssocket.h:339

qsc_tls_socket_context::certificateprofile
qsc_x509w_profile certificateprofile
Definition tlssocket.h:323

qsc_tls_socket_context::ciphersuites
qsc_tls_cipher_suite ciphersuites[QSC_TLS_SOCKET_CIPHER_SUITE_MAX]
Definition tlssocket.h:330

qsc_tls_socket_context::hassessionticket
bool hassessionticket
Definition tlssocket.h:344

qsc_tls_socket_context::snilocalcerts
qsc_x509w_tls_local_certificate snilocalcerts[QSC_TLS_SOCKET_SERVER_IDENTITY_MAX]
Definition tlssocket.h:319

qsc_tls_socket_context::logstate
void * logstate
Definition tlssocket.h:329

qsc_tls_socket_context::requestclientauth
bool requestclientauth
Definition tlssocket.h:342

qsc_tls_socket_context::socketoptions
qsc_tls_socket_options socketoptions
Definition tlssocket.h:324

qsc_tls_socket_context::ciphersuitecount
size_t ciphersuitecount
Definition tlssocket.h:333

qsc_tls_socket_context::hastruststore
bool hastruststore
Definition tlssocket.h:337

qsc_tls_socket_context::requireclientauthorization
bool requireclientauthorization
Definition tlssocket.h:340

qsc_tls_socket_context::allowunverified
bool allowunverified
Definition tlssocket.h:343

qsc_tls_socket_context::sessionticket
qsc_tls_session_ticket sessionticket
Definition tlssocket.h:327

qsc_tls_socket_context::requireclientauth
bool requireclientauth
Definition tlssocket.h:341

qsc_tls_socket_context::sigschemecount
size_t sigschemecount
Definition tlssocket.h:335

qsc_tls_socket_context::truststore
qsc_x509w_trust_store truststore
Definition tlssocket.h:315

qsc_tls_socket_context::ticketpolicy
qsc_tls_socket_ticket_policy ticketpolicy
Definition tlssocket.h:325

qsc_tls_socket_context::sniidentitycount
size_t sniidentitycount
Definition tlssocket.h:321

qsc_tls_socket_context::identity
qsc_x509w_server_identity identity
Definition tlssocket.h:316

qsc_tls_socket_context::bridge
qsc_x509w_tls_bridge bridge
Definition tlssocket.h:317

qsc_tls_socket_context::localcert
qsc_x509w_tls_local_certificate localcert
Definition tlssocket.h:318

qsc_tls_socket_context::initialized
bool initialized
Definition tlssocket.h:345

qsc_tls_socket_context::groupcount
size_t groupcount
Definition tlssocket.h:334

qsc_tls_socket_listener
A TLS socket listener that owns a listening socket and references a TLS socket context.
Definition tlssocket.h:381

qsc_tls_socket_listener::context
const qsc_tls_socket_context * context
Definition tlssocket.h:383

qsc_tls_socket_listener::listening
bool listening
Definition tlssocket.h:389

qsc_tls_socket_listener::backlog
int32_t backlog
Definition tlssocket.h:386

qsc_tls_socket_listener::port
uint16_t port
Definition tlssocket.h:385

qsc_tls_socket_listener::socketoptions
qsc_tls_socket_options socketoptions
Definition tlssocket.h:387

qsc_tls_socket_listener::socket
qsc_socket socket
Definition tlssocket.h:382

qsc_tls_socket_listener::initialized
bool initialized
Definition tlssocket.h:388

qsc_tls_socket_listener::family
qsc_socket_address_families family
Definition tlssocket.h:384

qsc_tls_socket_options
The socket and timeout configuration used by TLS socket contexts, listeners, and connections.
Definition tlssocket.h:193

qsc_tls_socket_options::send_buffer_size
size_t send_buffer_size
Definition tlssocket.h:200

qsc_tls_socket_options::dual_stack
bool dual_stack
Definition tlssocket.h:204

qsc_tls_socket_options::no_delay
bool no_delay
Definition tlssocket.h:202

qsc_tls_socket_options::reuse_address
bool reuse_address
Definition tlssocket.h:201

qsc_tls_socket_options::receive_timeout_ms
uint32_t receive_timeout_ms
Definition tlssocket.h:196

qsc_tls_socket_options::connect_timeout_ms
uint32_t connect_timeout_ms
Definition tlssocket.h:194

qsc_tls_socket_options::handshake_timeout_ms
uint32_t handshake_timeout_ms
Definition tlssocket.h:195

qsc_tls_socket_options::receive_buffer_size
size_t receive_buffer_size
Definition tlssocket.h:199

qsc_tls_socket_options::keep_alive
bool keep_alive
Definition tlssocket.h:203

qsc_tls_socket_options::blocking
bool blocking
Definition tlssocket.h:205

qsc_tls_socket_options::send_timeout_ms
uint32_t send_timeout_ms
Definition tlssocket.h:197

qsc_tls_socket_options::idle_timeout_ms
uint32_t idle_timeout_ms
Definition tlssocket.h:198

qsc_tls_socket_peer_info
The peer identity and negotiated-parameter summary exposed by the TLS socket wrapper.
Definition tlssocket.h:288

qsc_tls_socket_peer_info::named_group
qsc_tls_named_group named_group
Definition tlssocket.h:295

qsc_tls_socket_peer_info::psk_accepted
bool psk_accepted
Definition tlssocket.h:303

qsc_tls_socket_peer_info::hostname_checked
bool hostname_checked
Definition tlssocket.h:301

qsc_tls_socket_peer_info::common_name
char common_name[QSC_X509_NAME_ATTRIBUTE_STRING_MAX]
Definition tlssocket.h:291

qsc_tls_socket_peer_info::authenticated
bool authenticated
Definition tlssocket.h:299

qsc_tls_socket_peer_info::x509_status
qsc_x509w_status x509_status
Definition tlssocket.h:297

qsc_tls_socket_peer_info::hostname_matched
bool hostname_matched
Definition tlssocket.h:300

qsc_tls_socket_peer_info::chain_valid
bool chain_valid
Definition tlssocket.h:302

qsc_tls_socket_peer_info::cipher_suite
qsc_tls_cipher_suite cipher_suite
Definition tlssocket.h:294

qsc_tls_socket_peer_info::verify_status
qsc_x509_verify_status verify_status
Definition tlssocket.h:298

qsc_tls_socket_peer_info::early_data_accepted
bool early_data_accepted
Definition tlssocket.h:304

qsc_tls_socket_peer_info::alpn_selected
bool alpn_selected
Definition tlssocket.h:305

qsc_tls_socket_peer_info::result
qsc_tls_socket_result result
Definition tlssocket.h:293

qsc_tls_socket_peer_info::selected_alpn
char selected_alpn[QSC_TLS_SOCKET_ALPN_SIZE_MAX+1U]
Definition tlssocket.h:306

qsc_tls_socket_peer_info::subject
char subject[QSC_X509_NAME_ATTRIBUTE_STRING_MAX]
Definition tlssocket.h:289

qsc_tls_socket_peer_info::dns_name
char dns_name[QSC_X509_NAME_ATTRIBUTE_STRING_MAX]
Definition tlssocket.h:292

qsc_tls_socket_peer_info::issuer
char issuer[QSC_X509_NAME_ATTRIBUTE_STRING_MAX]
Definition tlssocket.h:290

qsc_tls_socket_peer_info::signature_scheme
qsc_tls_signature_scheme signature_scheme
Definition tlssocket.h:296

qsc_tls_socket_result
A structured result containing wrapper, TLS, socket, X.509, verification, and alert status values.
Definition tlssocket.h:256

qsc_tls_socket_result::x509status
qsc_x509w_status x509status
Definition tlssocket.h:260

qsc_tls_socket_result::alert
qsc_tls_alert_description alert
Definition tlssocket.h:262

qsc_tls_socket_result::tlsstatus
qsc_tls_status tlsstatus
Definition tlssocket.h:258

qsc_tls_socket_result::verifystatus
qsc_x509_verify_status verifystatus
Definition tlssocket.h:261

qsc_tls_socket_result::status
qsc_tls_socket_status status
Definition tlssocket.h:257

qsc_tls_socket_result::socketstatus
qsc_socket_exceptions socketstatus
Definition tlssocket.h:259

qsc_tls_socket_server_worker_state
The fixed-pool worker state used by the concurrent TLS socket server.
Definition tlssocket.h:399

qsc_tls_socket_server_worker_state::index
size_t index
Definition tlssocket.h:401

qsc_tls_socket_server_worker_state::server
struct qsc_tls_socket_server * server
Definition tlssocket.h:400

qsc_tls_socket_server
A blocking or concurrent TLS socket server using a fixed connection pool.
Definition tlssocket.h:444

qsc_tls_socket_server::workerthreads
qsc_thread workerthreads[QSC_TLS_SOCKET_SERVER_CONNECTIONS_MAX]
Definition tlssocket.h:455

qsc_tls_socket_server::concurrent
bool concurrent
Definition tlssocket.h:461

qsc_tls_socket_server::poolmutex
qsc_mutex poolmutex
Definition tlssocket.h:458

qsc_tls_socket_server::connections
qsc_tls_socket_connection connections[QSC_TLS_SOCKET_SERVER_CONNECTIONS_MAX]
Definition tlssocket.h:453

qsc_tls_socket_server::ondisconnect
qsc_tls_socket_server_disconnect_callback ondisconnect
Definition tlssocket.h:448

qsc_tls_socket_server::started
volatile bool started[QSC_TLS_SOCKET_SERVER_CONNECTIONS_MAX]
Definition tlssocket.h:457

qsc_tls_socket_server::running
volatile bool running
Definition tlssocket.h:460

qsc_tls_socket_server::listener
qsc_tls_socket_listener listener
Definition tlssocket.h:445

qsc_tls_socket_server::logstate
void * logstate
Definition tlssocket.h:452

qsc_tls_socket_server::onlog
qsc_tls_socket_log_callback onlog
Definition tlssocket.h:450

qsc_tls_socket_server::onconnect
qsc_tls_socket_server_connect_callback onconnect
Definition tlssocket.h:446

qsc_tls_socket_server::callbackstate
void * callbackstate
Definition tlssocket.h:451

qsc_tls_socket_server::onerror
qsc_tls_socket_server_error_callback onerror
Definition tlssocket.h:449

qsc_tls_socket_server::workerstates
qsc_tls_socket_server_worker_state workerstates[QSC_TLS_SOCKET_SERVER_CONNECTIONS_MAX]
Definition tlssocket.h:454

qsc_tls_socket_server::active
volatile bool active[QSC_TLS_SOCKET_SERVER_CONNECTIONS_MAX]
Definition tlssocket.h:456

qsc_tls_socket_server::maxclients
size_t maxclients
Definition tlssocket.h:459

qsc_tls_socket_server::onreceive
qsc_tls_socket_server_receive_callback onreceive
Definition tlssocket.h:447

qsc_tls_socket_server::initialized
bool initialized
Definition tlssocket.h:462

qsc_tls_socket_ticket_policy
The session ticket policy used by TLS socket client and server operations.
Definition tlssocket.h:218

qsc_tls_socket_ticket_policy::renewal_interval_seconds
uint32_t renewal_interval_seconds
Definition tlssocket.h:223

qsc_tls_socket_ticket_policy::lifetime_seconds
uint32_t lifetime_seconds
Definition tlssocket.h:222

qsc_tls_socket_ticket_policy::enabled
bool enabled
Definition tlssocket.h:219

qsc_tls_socket_ticket_policy::auto_send_server_ticket
bool auto_send_server_ticket
Definition tlssocket.h:221

qsc_tls_socket_ticket_policy::allow_early_data
bool allow_early_data
Definition tlssocket.h:220

qsc_tls_client_authorization_callback
bool(* qsc_tls_client_authorization_callback)(const qsc_tls_client_authorization_info *info, void *state)
Authorize a cryptographically valid mTLS client certificate.
Definition tlscert.h:203

tlsengine.h
TLS 1.3 record engine, connection wrapper, handshake driver, application data transport,...

qsc_tls_role
qsc_tls_role
TLS engine endpoint role.
Definition tlsengine.h:100

qsc_tls_status
qsc_tls_status
Definition tlserrors.h:65

tlsio.h
Blocking socket adapter around qsc_tls_connection.

QSC_TLS_MAX_HOSTNAME_SIZE
#define QSC_TLS_MAX_HOSTNAME_SIZE
Maximum hostname length accepted by the TLS layer.
Definition tlslimits.h:121

tlssignerdefault.h
Default TLS CertificateVerify signer/verifier backed by QSC signature primitives.

qsc_tls_socket_client_connect_host_ex
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_client_connect_host_ex(qsc_tls_socket_connection *connection, const qsc_tls_socket_context *context, const char *hostname, const char *service, const qsc_tls_session_ticket *ticket, bool enableearlydata)
Connect to a remote host with an explicit session ticket and early-data preference.
Definition tlssocket.c:1996

qsc_tls_socket_context_set_default_server_policy
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_default_server_policy(qsc_tls_socket_context *context)
Configure the context with the default TLS 1.3 server interoperability policy.
Definition tlssocket.c:1393

qsc_tls_socket_server_set_callbacks
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_server_set_callbacks(qsc_tls_socket_server *server, qsc_tls_socket_server_connect_callback onconnect, qsc_tls_socket_server_receive_callback onreceive, qsc_tls_socket_server_disconnect_callback ondisconnect, qsc_tls_socket_server_error_callback onerror, void *state)
Set the application callbacks for a TLS socket server.
Definition tlssocket.c:2814

qsc_tls_socket_listener_set_options
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_listener_set_options(qsc_tls_socket_listener *listener, bool reuseaddress, bool nodelay, uint32_t recvtimeoutms, uint32_t sendtimeoutms)
Set basic listener socket options.
Definition tlssocket.c:2580

qsc_tls_socket_negotiated_cipher_suite
QSC_EXPORT_API qsc_tls_cipher_suite qsc_tls_socket_negotiated_cipher_suite(const qsc_tls_socket_connection *connection)
Get the negotiated TLS cipher suite.
Definition tlssocket.c:2496

qsc_tls_socket_server_stop
QSC_EXPORT_API void qsc_tls_socket_server_stop(qsc_tls_socket_server *server)
Stop a running TLS socket server.
Definition tlssocket.c:3040

qsc_tls_socket_status
qsc_tls_socket_status
The TLS socket wrapper status codes.
Definition tlssocket.h:231

qsc_tls_socket_status_tls_initialize_failed
@ qsc_tls_socket_status_tls_initialize_failed
Definition tlssocket.h:240

qsc_tls_socket_status_socket_start_failed
@ qsc_tls_socket_status_socket_start_failed
Definition tlssocket.h:235

qsc_tls_socket_status_socket_accept_failed
@ qsc_tls_socket_status_socket_accept_failed
Definition tlssocket.h:239

qsc_tls_socket_status_not_initialized
@ qsc_tls_socket_status_not_initialized
Definition tlssocket.h:234

qsc_tls_socket_status_policy_rejected
@ qsc_tls_socket_status_policy_rejected
Definition tlssocket.h:245

qsc_tls_socket_status_private_key_invalid
@ qsc_tls_socket_status_private_key_invalid
Definition tlssocket.h:244

qsc_tls_socket_status_certificate_verify_failed
@ qsc_tls_socket_status_certificate_verify_failed
Definition tlssocket.h:243

qsc_tls_socket_status_closed
@ qsc_tls_socket_status_closed
Definition tlssocket.h:247

qsc_tls_socket_status_io_failed
@ qsc_tls_socket_status_io_failed
Definition tlssocket.h:246

qsc_tls_socket_status_tls_handshake_failed
@ qsc_tls_socket_status_tls_handshake_failed
Definition tlssocket.h:241

qsc_tls_socket_status_socket_bind_failed
@ qsc_tls_socket_status_socket_bind_failed
Definition tlssocket.h:237

qsc_tls_socket_status_invalid_input
@ qsc_tls_socket_status_invalid_input
Definition tlssocket.h:233

qsc_tls_socket_status_socket_connect_failed
@ qsc_tls_socket_status_socket_connect_failed
Definition tlssocket.h:236

qsc_tls_socket_status_internal_error
@ qsc_tls_socket_status_internal_error
Definition tlssocket.h:248

qsc_tls_socket_status_certificate_load_failed
@ qsc_tls_socket_status_certificate_load_failed
Definition tlssocket.h:242

qsc_tls_socket_status_socket_listen_failed
@ qsc_tls_socket_status_socket_listen_failed
Definition tlssocket.h:238

qsc_tls_socket_status_success
@ qsc_tls_socket_status_success
Definition tlssocket.h:232

qsc_tls_socket_listener_set_socket_options
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_listener_set_socket_options(qsc_tls_socket_listener *listener, const qsc_tls_socket_options *options)
Set the full listener socket option structure.
Definition tlssocket.c:2603

qsc_tls_socket_context_set_default_client_policy
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_default_client_policy(qsc_tls_socket_context *context)
Configure the context with the default TLS 1.3 client interoperability policy.
Definition tlssocket.c:1361

qsc_tls_socket_server_start
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_server_start(qsc_tls_socket_server *server)
Start the server in blocking sequential mode.
Definition tlssocket.c:2877

qsc_tls_socket_context_clear_session_ticket
QSC_EXPORT_API void qsc_tls_socket_context_clear_session_ticket(qsc_tls_socket_context *context)
Clear the client session ticket stored in the context.
Definition tlssocket.c:1946

qsc_tls_socket_is_connected
QSC_EXPORT_API bool qsc_tls_socket_is_connected(const qsc_tls_socket_connection *connection)
Test whether a TLS socket connection owns a connected socket.
Definition tlssocket.c:2464

qsc_tls_socket_result_clear
QSC_EXPORT_API void qsc_tls_socket_result_clear(qsc_tls_socket_result *result)
Clear a TLS socket structured result.
Definition tlssocket.c:1118

qsc_tls_socket_send
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_send(qsc_tls_socket_connection *connection, const uint8_t *input, size_t inlen, size_t *written)
Send application data over a completed TLS socket connection.
Definition tlssocket.c:2011

qsc_tls_socket_context_set_client_auth
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_client_auth(qsc_tls_socket_context *context, bool requestclientauth, bool requireclientauth)
Configure server-side client certificate authentication policy.
Definition tlssocket.c:1692

qsc_tls_socket_connection_set_log_callback
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_connection_set_log_callback(qsc_tls_socket_connection *connection, qsc_tls_socket_log_callback callback, void *state)
Set the connection-level structured logging callback.
Definition tlssocket.c:2251

qsc_tls_socket_context_set_mlkem_hybrid_policy
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_mlkem_hybrid_policy(qsc_tls_socket_context *context)
Configure the context with an explicit ML-KEM hybrid interoperability policy.
Definition tlssocket.c:1425

qsc_tls_socket_connection_get_session_ticket
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_connection_get_session_ticket(const qsc_tls_socket_connection *connection, qsc_tls_session_ticket *ticketout)
Retrieve the most recent session ticket associated with a connection.
Definition tlssocket.c:2344

qsc_tls_socket_context_set_session_ticket_policy
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_session_ticket_policy(qsc_tls_socket_context *context, const qsc_tls_socket_ticket_policy *policy)
Set the context-level session ticket policy.
Definition tlssocket.c:1867

qsc_tls_socket_listener_accept
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_listener_accept(qsc_tls_socket_listener *listener, qsc_tls_socket_connection *connection)
Accept an inbound socket and complete a TLS server handshake.
Definition tlssocket.c:2696

qsc_tls_socket_context_set_cipher_suites
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_cipher_suites(qsc_tls_socket_context *context, const qsc_tls_cipher_suite *suites, size_t suitecount)
Set the ordered cipher suite preference list for the context.
Definition tlssocket.c:1302

qsc_tls_socket_context_add_server_identity_files
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_add_server_identity_files(qsc_tls_socket_context *context, const char *hostname, const char *certificatechainpath, const char *privatekeypath, qsc_tls_signature_scheme verifyscheme)
Load an additional SNI-selectable server identity from certificate-chain and private-key files.
Definition tlssocket.c:1626

qsc_tls_socket_server_initialize
QSC_EXPORT_API void qsc_tls_socket_server_initialize(qsc_tls_socket_server *server)
Initialize a TLS socket server structure.
Definition tlssocket.c:2779

qsc_tls_socket_receive_frame
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_receive_frame(qsc_tls_socket_connection *connection, uint8_t *output, size_t outlen, size_t *read)
Receive a length-prefixed framed application message.
Definition tlssocket.c:2413

qsc_tls_socket_listener_initialize
QSC_EXPORT_API void qsc_tls_socket_listener_initialize(qsc_tls_socket_listener *listener)
Initialize a TLS socket listener structure.
Definition tlssocket.c:2565

qsc_tls_socket_listener_bind
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_listener_bind(qsc_tls_socket_listener *listener, const qsc_tls_socket_context *context, const char *address, uint16_t port, qsc_socket_address_families family)
Bind a TLS listener to a local address and port.
Definition tlssocket.c:2633

qsc_tls_socket_context_load_server_identity_files
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_load_server_identity_files(qsc_tls_socket_context *context, const char *certificatechainpath, const char *privatekeypath, qsc_tls_signature_scheme verifyscheme)
Load a server certificate chain and private key into the context.
Definition tlssocket.c:1595

qsc_tls_socket_context_set_session_ticket
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_session_ticket(qsc_tls_socket_context *context, const qsc_tls_session_ticket *ticket)
Set the client session ticket used for resumption attempts.
Definition tlssocket.c:1905

qsc_tls_socket_context_set_signature_schemes
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_signature_schemes(qsc_tls_socket_context *context, const qsc_tls_signature_scheme *schemes, size_t schemecount)
Set the ordered signature scheme preference list for the context.
Definition tlssocket.c:1341

qsc_tls_socket_server_set_max_clients
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_server_set_max_clients(qsc_tls_socket_server *server, size_t maxclients)
Set the maximum number of concurrent client connections accepted by the server.
Definition tlssocket.c:2853

qsc_tls_socket_server_dispose
QSC_EXPORT_API void qsc_tls_socket_server_dispose(qsc_tls_socket_server *server)
Dispose of a TLS socket server and clear owned connection state.
Definition tlssocket.c:3106

qsc_tls_socket_client_connect_ipv4
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_client_connect_ipv4(qsc_tls_socket_connection *connection, const qsc_tls_socket_context *context, const qsc_ipinfo_ipv4_address *address, uint16_t port, const char *hostname)
Connect to an IPv4 address and complete a TLS client handshake.
Definition tlssocket.c:2001

qsc_tls_socket_key_update
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_key_update(qsc_tls_socket_connection *connection, bool requestpeerupdate)
Request a TLS 1.3 KeyUpdate operation on a completed connection.
Definition tlssocket.c:2116

qsc_tls_socket_status_string
QSC_EXPORT_API const char * qsc_tls_socket_status_string(qsc_tls_socket_status status)
Return a constant string for a TLS socket wrapper status value.
Definition tlssocket.c:1134

qsc_tls_socket_connection_set_socket_options
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_connection_set_socket_options(qsc_tls_socket_connection *connection, const qsc_tls_socket_options *options)
Apply socket options to an initialized or connected TLS socket connection.
Definition tlssocket.c:2221

qsc_tls_socket_context_set_named_groups
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_named_groups(qsc_tls_socket_context *context, const qsc_tls_named_group *groups, size_t groupcount)
Set the ordered named group preference list for the context.
Definition tlssocket.c:1322

qsc_tls_socket_server_receive_callback
void(* qsc_tls_socket_server_receive_callback)(qsc_tls_socket_connection *connection, const uint8_t *message, size_t msglen, void *state)
The TLS socket server receive callback prototype.
Definition tlssocket.h:420

qsc_tls_socket_server_send_session_ticket
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_server_send_session_ticket(qsc_tls_socket_connection *connection, uint32_t lifetime_seconds, qsc_tls_session_ticket *ticketout)
Send a TLS server session ticket over a completed server connection.
Definition tlssocket.c:2160

qsc_tls_socket_log_level
qsc_tls_socket_log_level
The TLS socket wrapper structured logging severity levels.
Definition tlssocket.h:155

qsc_tls_socket_log_level_error
@ qsc_tls_socket_log_level_error
Definition tlssocket.h:157

qsc_tls_socket_log_level_none
@ qsc_tls_socket_log_level_none
Definition tlssocket.h:156

qsc_tls_socket_log_level_info
@ qsc_tls_socket_log_level_info
Definition tlssocket.h:159

qsc_tls_socket_log_level_warning
@ qsc_tls_socket_log_level_warning
Definition tlssocket.h:158

qsc_tls_socket_log_level_debug
@ qsc_tls_socket_log_level_debug
Definition tlssocket.h:160

qsc_tls_socket_server_configure
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_server_configure(qsc_tls_socket_server *server, const qsc_tls_socket_context *context, const char *address, uint16_t port, qsc_socket_address_families family)
Configure a TLS socket server listener and context.
Definition tlssocket.c:2793

qsc_tls_socket_options_initialize_default
QSC_EXPORT_API void qsc_tls_socket_options_initialize_default(qsc_tls_socket_options *options)
Initialize socket options to the wrapper default values.
Definition tlssocket.c:1230

qsc_tls_socket_send_frame
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_send_frame(qsc_tls_socket_connection *connection, const uint8_t *input, size_t inlen)
Send a length-prefixed framed application message.
Definition tlssocket.c:2386

qsc_tls_socket_connection_dispose
QSC_EXPORT_API void qsc_tls_socket_connection_dispose(qsc_tls_socket_connection *connection)
Dispose of a TLS socket connection and clear owned sensitive state.
Definition tlssocket.c:1972

qsc_tls_socket_context_set_strict_policy
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_strict_policy(qsc_tls_socket_context *context)
Configure the context with the strict TLS policy.
Definition tlssocket.c:1487

qsc_tls_socket_listener_close
QSC_EXPORT_API void qsc_tls_socket_listener_close(qsc_tls_socket_listener *listener)
Close a TLS socket listener.
Definition tlssocket.c:2767

qsc_tls_socket_shutdown
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_shutdown(qsc_tls_socket_connection *connection)
Send a TLS close_notify alert and close the TLS socket connection.
Definition tlssocket.c:2093

qsc_tls_socket_ticket_policy_initialize_default
QSC_EXPORT_API void qsc_tls_socket_ticket_policy_initialize_default(qsc_tls_socket_ticket_policy *policy)
Initialize a session ticket policy to the wrapper default values.
Definition tlssocket.c:1250

qsc_tls_socket_log_callback
void(* qsc_tls_socket_log_callback)(qsc_tls_socket_log_level level, qsc_tls_socket_event event, const qsc_tls_socket_result *result, const char *message, void *state)
The TLS socket structured logging callback prototype.
Definition tlssocket.h:274

qsc_tls_socket_receive
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_receive(qsc_tls_socket_connection *connection, uint8_t *output, size_t outlen, size_t *read)
Receive application data from a completed TLS socket connection.
Definition tlssocket.c:2052

qsc_tls_socket_client_connect_host
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_client_connect_host(qsc_tls_socket_connection *connection, const qsc_tls_socket_context *context, const char *hostname, const char *service)
Connect to a remote host and complete a TLS client handshake.
Definition tlssocket.c:1991

qsc_tls_socket_context_initialize
QSC_EXPORT_API void qsc_tls_socket_context_initialize(qsc_tls_socket_context *context)
Initialize a reusable TLS socket context.
Definition tlssocket.c:1265

qsc_tls_socket_context_set_socket_options
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_socket_options(qsc_tls_socket_context *context, const qsc_tls_socket_options *options)
Set the default socket options for the context.
Definition tlssocket.c:1729

qsc_tls_socket_context_clear_alpn_protocols
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_clear_alpn_protocols(qsc_tls_socket_context *context)
Clear the ordered ALPN protocol list from the context.
Definition tlssocket.c:1832

QSC_TLS_SOCKET_SERVER_IDENTITY_MAX
#define QSC_TLS_SOCKET_SERVER_IDENTITY_MAX
The maximum number of SNI-selectable server identities stored in a TLS socket context.
Definition tlssocket.h:106

qsc_tls_socket_get_selected_alpn
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_get_selected_alpn(const qsc_tls_socket_connection *connection, char *protocol, size_t protocolcap, size_t *protocollen)
Retrieve the selected ALPN protocol for a TLS socket connection.
Definition tlssocket.c:2305

qsc_tls_socket_context_set_development_policy
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_development_policy(qsc_tls_socket_context *context)
Configure the context with the development TLS policy.
Definition tlssocket.c:1505

QSC_TLS_SOCKET_SERVER_CONNECTIONS_MAX
#define QSC_TLS_SOCKET_SERVER_CONNECTIONS_MAX
The maximum number of fixed connection slots available to the concurrent server mode.
Definition tlssocket.h:130

qsc_tls_socket_context_set_client_authorization
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_client_authorization(qsc_tls_socket_context *context, qsc_tls_client_authorization_callback callback, void *state, bool required)
Configure the server-side mTLS application authorization callback.
Definition tlssocket.c:1710

qsc_tls_socket_context_set_alpn_protocols
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_alpn_protocols(qsc_tls_socket_context *context, const char *const *protocols, size_t protocolcount, bool required)
Set the ordered ALPN protocol list for the context.
Definition tlssocket.c:1815

qsc_tls_socket_context_load_trust_anchor_bundle_file
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_load_trust_anchor_bundle_file(qsc_tls_socket_context *context, const char *path, bool selfsigned)
Load a trust anchor bundle file into the context trust store.
Definition tlssocket.c:1547

qsc_tls_socket_connection_cancel
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_connection_cancel(qsc_tls_socket_connection *connection)
Request cancellation of a TLS socket connection.
Definition tlssocket.c:2269

qsc_tls_socket_session_ticket_is_valid
QSC_EXPORT_API bool qsc_tls_socket_session_ticket_is_valid(const qsc_tls_session_ticket *ticket)
Test whether a session ticket is structurally acceptable for resumption.
Definition tlssocket.c:1898

QSC_TLS_SOCKET_GROUP_MAX
#define QSC_TLS_SOCKET_GROUP_MAX
The maximum number of named groups stored in a TLS socket context preference list.
Definition tlssocket.h:94

qsc_tls_socket_server_error_callback
void(* qsc_tls_socket_server_error_callback)(qsc_tls_socket_connection *connection, qsc_tls_socket_status status, void *state)
The TLS socket server error callback prototype.
Definition tlssocket.h:437

QSC_TLS_SOCKET_SIGNATURE_SCHEME_MAX
#define QSC_TLS_SOCKET_SIGNATURE_SCHEME_MAX
The maximum number of signature schemes stored in a TLS socket context preference list.
Definition tlssocket.h:100

qsc_tls_socket_event
qsc_tls_socket_event
The TLS socket wrapper structured logging event identifiers.
Definition tlssocket.h:168

qsc_tls_socket_event_send
@ qsc_tls_socket_event_send
Definition tlssocket.h:176

qsc_tls_socket_event_error
@ qsc_tls_socket_event_error
Definition tlssocket.h:185

qsc_tls_socket_event_accept
@ qsc_tls_socket_event_accept
Definition tlssocket.h:173

qsc_tls_socket_event_key_update
@ qsc_tls_socket_event_key_update
Definition tlssocket.h:181

qsc_tls_socket_event_none
@ qsc_tls_socket_event_none
Definition tlssocket.h:169

qsc_tls_socket_event_connect
@ qsc_tls_socket_event_connect
Definition tlssocket.h:172

qsc_tls_socket_event_worker_stop
@ qsc_tls_socket_event_worker_stop
Definition tlssocket.h:184

qsc_tls_socket_event_socket_options
@ qsc_tls_socket_event_socket_options
Definition tlssocket.h:171

qsc_tls_socket_event_receive
@ qsc_tls_socket_event_receive
Definition tlssocket.h:177

qsc_tls_socket_event_ticket
@ qsc_tls_socket_event_ticket
Definition tlssocket.h:180

qsc_tls_socket_event_handshake_complete
@ qsc_tls_socket_event_handshake_complete
Definition tlssocket.h:175

qsc_tls_socket_event_frame_send
@ qsc_tls_socket_event_frame_send
Definition tlssocket.h:178

qsc_tls_socket_event_frame_receive
@ qsc_tls_socket_event_frame_receive
Definition tlssocket.h:179

qsc_tls_socket_event_context_configured
@ qsc_tls_socket_event_context_configured
Definition tlssocket.h:170

qsc_tls_socket_event_worker_start
@ qsc_tls_socket_event_worker_start
Definition tlssocket.h:183

qsc_tls_socket_event_shutdown
@ qsc_tls_socket_event_shutdown
Definition tlssocket.h:182

qsc_tls_socket_event_handshake_start
@ qsc_tls_socket_event_handshake_start
Definition tlssocket.h:174

qsc_tls_socket_connection_initialize
QSC_EXPORT_API void qsc_tls_socket_connection_initialize(qsc_tls_socket_connection *connection)
Initialize a TLS socket connection structure.
Definition tlssocket.c:1957

qsc_tls_socket_context_load_crl_file
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_load_crl_file(qsc_tls_socket_context *context, const char *path)
Load a certificate revocation list file into the context trust store.
Definition tlssocket.c:1571

qsc_tls_socket_get_peer_info
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_get_peer_info(const qsc_tls_socket_connection *connection, qsc_tls_socket_peer_info *peerinfo)
Retrieve the peer information summary for a TLS socket connection.
Definition tlssocket.c:2287

qsc_tls_socket_server_disconnect_callback
void(* qsc_tls_socket_server_disconnect_callback)(qsc_tls_socket_connection *connection, void *state)
The TLS socket server disconnect callback prototype.
Definition tlssocket.h:428

qsc_tls_socket_negotiated_signature_scheme
QSC_EXPORT_API qsc_tls_signature_scheme qsc_tls_socket_negotiated_signature_scheme(const qsc_tls_socket_connection *connection)
Get the negotiated TLS signature scheme.
Definition tlssocket.c:2542

qsc_tls_socket_context_load_trust_anchor_file
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_load_trust_anchor_file(qsc_tls_socket_context *context, const char *path, bool selfsigned)
Load a trust anchor certificate file into the context trust store.
Definition tlssocket.c:1523

qsc_tls_socket_context_set_log_callback
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_log_callback(qsc_tls_socket_context *context, qsc_tls_socket_log_callback callback, void *state)
Set the context-level structured logging callback.
Definition tlssocket.c:1849

qsc_tls_socket_negotiated_group
QSC_EXPORT_API qsc_tls_named_group qsc_tls_socket_negotiated_group(const qsc_tls_socket_connection *connection)
Get the negotiated TLS named group.
Definition tlssocket.c:2519

qsc_tls_socket_server_set_log_callback
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_server_set_log_callback(qsc_tls_socket_server *server, qsc_tls_socket_log_callback callback, void *state)
Set the server-level structured logging callback.
Definition tlssocket.c:2835

qsc_tls_socket_client_connect_ipv6
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_client_connect_ipv6(qsc_tls_socket_connection *connection, const qsc_tls_socket_context *context, const qsc_ipinfo_ipv6_address *address, uint16_t port, const char *hostname)
Connect to an IPv6 address and complete a TLS client handshake.
Definition tlssocket.c:2006

qsc_tls_socket_context_set_sni_required
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_sni_required(qsc_tls_socket_context *context, bool required)
Configure whether server handshakes require a recognized SNI hostname.
Definition tlssocket.c:1675

qsc_tls_socket_connection_clear_session_ticket
QSC_EXPORT_API void qsc_tls_socket_connection_clear_session_ticket(qsc_tls_socket_connection *connection)
Clear the most recent session ticket retained by a connection.
Definition tlssocket.c:2375

qsc_tls_socket_is_handshake_complete
QSC_EXPORT_API bool qsc_tls_socket_is_handshake_complete(const qsc_tls_socket_connection *connection)
Test whether the TLS handshake has completed.
Definition tlssocket.c:2480

QSC_TLS_SOCKET_ALPN_SIZE_MAX
#define QSC_TLS_SOCKET_ALPN_SIZE_MAX
The maximum ALPN protocol identifier length stored in a TLS socket context.
Definition tlssocket.h:118

qsc_tls_socket_server_start_concurrent
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_server_start_concurrent(qsc_tls_socket_server *server)
Start the server in bounded concurrent mode.
Definition tlssocket.c:2964

qsc_tls_socket_context_dispose
QSC_EXPORT_API void qsc_tls_socket_context_dispose(qsc_tls_socket_context *context)
Dispose of a TLS socket context and clear owned sensitive state.
Definition tlssocket.c:1289

QSC_TLS_SOCKET_CIPHER_SUITE_MAX
#define QSC_TLS_SOCKET_CIPHER_SUITE_MAX
The maximum number of cipher suites stored in a TLS socket context preference list.
Definition tlssocket.h:88

qsc_tls_socket_context_set_experimental_pqc_policy
QSC_EXPORT_API qsc_tls_socket_status qsc_tls_socket_context_set_experimental_pqc_policy(qsc_tls_socket_context *context)
Configure the context with the experimental ML-KEM and ML-DSA policy.
Definition tlssocket.c:1456

qsc_tls_socket_server_connect_callback
void(* qsc_tls_socket_server_connect_callback)(qsc_tls_socket_connection *connection, void *state)
The TLS socket server connect callback prototype.
Definition tlssocket.h:410

qsc_tls_cipher_suite
qsc_tls_cipher_suite
TLS 1.3 cipher-suite identifiers.
Definition tlstypes.h:129

qsc_tls_named_group
qsc_tls_named_group
TLS named-group identifiers for classical, ML-KEM, and hybrid key exchange groups.
Definition tlstypes.h:159

qsc_tls_alert_description
qsc_tls_alert_description
TLS alert description codes carried in Alert protocol messages.
Definition tlstypes.h:94

qsc_tls_signature_scheme
qsc_tls_signature_scheme
TLS signature-scheme identifiers.
Definition tlstypes.h:179

x509wrap.h
High-level offline X.509 wrapper for certificate loading, validation, deployment configuration,...