Skip to content

Commit

Permalink
Removed spaces
Browse files Browse the repository at this point in the history
  • Loading branch information
maddeleine committed Apr 12, 2024
1 parent c7eca24 commit 76bac0c
Showing 1 changed file with 10 additions and 10 deletions.
20 changes: 10 additions & 10 deletions api/s2n.h
Original file line number Diff line number Diff line change
Expand Up @@ -3687,7 +3687,7 @@ typedef enum {

/**
* Set what version to use when serializing connections
*
*
* A version is required to serialize connections. Versioning ensures that all features negotiated
* during the handshake will be available wherever the connection is deserialized. Applications may
* need to update this version to pick up new features, since versioning may disable newer TLS
Expand All @@ -3702,10 +3702,10 @@ S2N_API int s2n_config_set_serialized_connection_version(struct s2n_config *conf
/**
* Retrieves the length of the serialized connection from `s2n_connection_serialize()`. Should be
* used to allocate enough memory for the serialized connection buffer.
*
*
* @note The size of the serialized connection changes based on parameters negotiated in the TLS
* handshake. Do not expect the size to always remain the same.
*
*
* @param conn A pointer to the connection object.
* @param length Output parameter where the length will be written.
* @returns S2N_SUCCESS on success, S2N_FAILURE on error.
Expand All @@ -3714,23 +3714,23 @@ S2N_API int s2n_connection_serialization_length(struct s2n_connection *conn, uin

/**
* Serializes the s2n_connection into the provided buffer.
*
*
* This API takes an established s2n-tls connection object and "serializes" it
* into a transferable object to be sent off-box or to another process. This transferable object can
* then be "deserialized" using the `s2n_connection_deserialize` method to instantiate an s2n-tls
* then be "deserialized" using the `s2n_connection_deserialize` method to instantiate an s2n-tls
* connection object that can talk to the original peer with the same encryption keys.
*
* @warning This feature is dangerous because it provides cryptographic material from a TLS session
* in plaintext. Users MUST both encrypt and MAC the contents of the outputted material to provide
* secrecy and integrity if this material is transported off-box. DO NOT send this material off-box
* without encryption.
*
*
* @note You MUST have used `s2n_config_set_serialized_connection_version()` to set a version on the
* s2n_config object associated with this connection before this connection began its TLS handshake.
* @note Call `s2n_connection_serialization_length` to retrieve the amount of memory needed for the
* buffer parameter.
* @note This API will error if the handshake is not yet complete.
*
*
* @param conn A pointer to the connection object.
* @param buffer A pointer to the buffer where the serialized connection will be written.
* @param buffer_length Maximum amount of data that can be written to the buffer param.
Expand All @@ -3739,20 +3739,20 @@ S2N_API int s2n_connection_serialize(struct s2n_connection *conn, uint8_t *buffe

/**
* Deserializes the provided buffer into the `s2n_connection` parameter.
*
*
* @warning s2n-tls DOES NOT check the integrity of the provided buffer. s2n-tls may successfully
* deserialize a corrupted buffer which WILL cause a connection failure when attempting to resume
* sending/receiving encrypted data. To avoid this, it is recommended to MAC and encrypt the serialized
* connection before sending it off-box and deserializing it.
*
*
* @warning Only the minimal amount of information about the original TLS connection is serialized.
* Therefore, after deserialization, the connection will behave like a new `s2n_connection` from the
* `s2n_connection_new()` call, except that it can read/write encrypted data from a peer. None of the
* connection getters will return useful information about the original connection after deserialization.
* Any information about the original connection needs to be retrieved before serialization.
* For this same reason any config-level or connection-level configuration will need to be re-applied to the
* deserialized connection.
*
*
* @param conn A pointer to the connection object. Should be a new s2n_connection object.
* @param buffer A pointer to the buffer where the serialized connection will be read from.
* @param buffer_length Maximum amount of data that can be read from the buffer parameter.
Expand Down

0 comments on commit 76bac0c

Please sign in to comment.