Expose Sequence Numbers so that Linux TLS (kTLS) can be configured

src/ssl.c

@@ -4053,6 +4053,20 @@ int wolfSSL_GetHmacSize(WOLFSSL* ssl)
     return BAD_FUNC_ARG;
 }
 
+#ifdef WORD64_AVAILABLE
+int wolfSSL_GetPeerSequenceNumber(WOLFSSL* ssl, word64 *seq)
+{
+    return ssl ? !(*seq = (word64)ssl->keys.peer_sequence_number_hi << 32 |
+                ssl->keys.peer_sequence_number_lo) : BAD_FUNC_ARG;
+}
+
+int wolfSSL_GetSequenceNumber(WOLFSSL* ssl, word64 *seq)
+{
+    return ssl ? !(*seq = (word64)ssl->keys.sequence_number_hi << 32 |
+            ssl->keys.sequence_number_lo) : BAD_FUNC_ARG;
+}
+#endif
+
 #endif /* ATOMIC_USER */
 
 #ifndef NO_CERTS

wolfssl/ssl.h

@@ -3013,6 +3013,10 @@ WOLFSSL_API int                  wolfSSL_GetCipherBlockSize(WOLFSSL* ssl);
 WOLFSSL_API int                  wolfSSL_GetAeadMacSize(WOLFSSL* ssl);
 WOLFSSL_API int                  wolfSSL_GetHmacSize(WOLFSSL* ssl);
 WOLFSSL_API int                  wolfSSL_GetHmacType(WOLFSSL* ssl);
+#ifdef WORD64_AVAILABLE
+WOLFSSL_API int                  wolfSSL_GetPeerSequenceNumber(WOLFSSL* ssl, word64* seq);
+WOLFSSL_API int                  wolfSSL_GetSequenceNumber(WOLFSSL* ssl, word64* seq);
+#endif
 WOLFSSL_API int                  wolfSSL_GetCipherType(WOLFSSL* ssl);
 WOLFSSL_API int                  wolfSSL_SetTlsHmacInner(WOLFSSL* ssl,
                                byte* inner, word32 sz, int content, int verify);