pub unsafe extern "C" fn s2n_config_set_verify_after_sign(
config: *mut s2n_config,
mode: u32
) -> i32Expand description
Toggle whether generated signatures are verified before being sent.
Although signatures produced by the underlying libcrypto should always be valid, hardware faults, bugs in the signing implementation, or other uncommon factors can cause unexpected mistakes in the final signatures. Because these mistakes can leak information about the private key, applications with low trust in their hardware or libcrypto may want to verify signatures before sending them.
However, this feature will significantly impact handshake latency. Additionally, most libcrypto implementations already check for common errors in signatures.