mbed TLS v3.3.0
Loading...
Searching...
No Matches
ssl_ticket.h
Go to the documentation of this file.
1
6/*
7 * Copyright The Mbed TLS Contributors
8 * SPDX-License-Identifier: Apache-2.0
9 *
10 * Licensed under the Apache License, Version 2.0 (the "License"); you may
11 * not use this file except in compliance with the License.
12 * You may obtain a copy of the License at
13 *
14 * http://www.apache.org/licenses/LICENSE-2.0
15 *
16 * Unless required by applicable law or agreed to in writing, software
17 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
18 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19 * See the License for the specific language governing permissions and
20 * limitations under the License.
21 */
22#ifndef MBEDTLS_SSL_TICKET_H
23#define MBEDTLS_SSL_TICKET_H
25
26#include "mbedtls/build_info.h"
27
28/*
29 * This implementation of the session ticket callbacks includes key
30 * management, rotating the keys periodically in order to preserve forward
31 * secrecy, when MBEDTLS_HAVE_TIME is defined.
32 */
33
34#include "mbedtls/ssl.h"
35#include "mbedtls/cipher.h"
36
37#if defined(MBEDTLS_HAVE_TIME)
39#endif
40
41#if defined(MBEDTLS_USE_PSA_CRYPTO)
42#include "psa/crypto.h"
43#endif
44
45#if defined(MBEDTLS_THREADING_C)
46#include "mbedtls/threading.h"
47#endif
48
49#ifdef __cplusplus
50extern "C" {
51#endif
52
53#define MBEDTLS_SSL_TICKET_MAX_KEY_BYTES 32
54#define MBEDTLS_SSL_TICKET_KEY_NAME_BYTES 4
60{
63#if defined(MBEDTLS_HAVE_TIME)
65#endif
66#if !defined(MBEDTLS_USE_PSA_CRYPTO)
68#else
72 size_t MBEDTLS_PRIVATE(key_bits);
73#endif
74}
76
81{
83 unsigned char MBEDTLS_PRIVATE(active);
85 uint32_t MBEDTLS_PRIVATE(ticket_lifetime);
88 int (*MBEDTLS_PRIVATE(f_rng))(void *, unsigned char *, size_t);
89 void *MBEDTLS_PRIVATE(p_rng);
91#if defined(MBEDTLS_THREADING_C)
92 mbedtls_threading_mutex_t MBEDTLS_PRIVATE(mutex);
93#endif
94}
96
105
129 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
131 uint32_t lifetime );
132
166 const unsigned char *name, size_t nlength,
167 const unsigned char *k, size_t klength,
168 uint32_t lifetime );
169
176
183
190
191#ifdef __cplusplus
192}
193#endif
194
195#endif /* ssl_ticket.h */
Build-time configuration info.
This file contains an abstraction interface for use with the cipher primitives provided by the librar...
mbedtls_cipher_type_t
Supported {cipher type, cipher mode} pairs.
Definition: cipher.h:96
Platform Security Architecture cryptography module.
uint16_t psa_key_type_t
Encoding of a key type.
Definition: crypto_types.h:82
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition: crypto_types.h:138
psa_key_id_t mbedtls_svc_key_id_t
Definition: crypto_types.h:296
mbed TLS Platform time abstraction
time_t mbedtls_time_t
Definition: platform_time.h:39
Macro wrapper for struct's members.
#define MBEDTLS_PRIVATE(member)
SSL/TLS functions.
int mbedtls_ssl_ticket_write_t(void *p_ticket, const mbedtls_ssl_session *session, unsigned char *start, const unsigned char *end, size_t *tlen, uint32_t *lifetime)
Callback type: generate and write session ticket.
Definition: ssl.h:2472
int mbedtls_ssl_ticket_parse_t(void *p_ticket, mbedtls_ssl_session *session, unsigned char *buf, size_t len)
Callback type: parse and load session ticket.
Definition: ssl.h:2502
void mbedtls_ssl_ticket_init(mbedtls_ssl_ticket_context *ctx)
Initialize a ticket context. (Just make it ready for mbedtls_ssl_ticket_setup() or mbedtls_ssl_ticket...
void mbedtls_ssl_ticket_free(mbedtls_ssl_ticket_context *ctx)
Free a context's content and zeroize it.
#define MBEDTLS_SSL_TICKET_KEY_NAME_BYTES
Definition: ssl_ticket.h:54
int mbedtls_ssl_ticket_setup(mbedtls_ssl_ticket_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_cipher_type_t cipher, uint32_t lifetime)
Prepare context to be actually used.
int mbedtls_ssl_ticket_rotate(mbedtls_ssl_ticket_context *ctx, const unsigned char *name, size_t nlength, const unsigned char *k, size_t klength, uint32_t lifetime)
Rotate session ticket encryption key to new specified key. Provides for external control of session t...
mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write
Implementation of the ticket write callback.
Definition: ssl_ticket.h:175
mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse
Implementation of the ticket parse callback.
Definition: ssl_ticket.h:182
Context for session ticket handling functions.
Definition: ssl_ticket.h:81
Information for session ticket protection.
Definition: ssl_ticket.h:60
Threading abstraction layer.