Mbed TLS v3.6.2
Loading...
Searching...
No Matches
ssl_ticket.h
Go to the documentation of this file.
1
6/*
7 * Copyright The Mbed TLS Contributors
8 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
9 */
10#ifndef MBEDTLS_SSL_TICKET_H
11#define MBEDTLS_SSL_TICKET_H
13
14#include "mbedtls/build_info.h"
15
16/*
17 * This implementation of the session ticket callbacks includes key
18 * management, rotating the keys periodically in order to preserve forward
19 * secrecy, when MBEDTLS_HAVE_TIME is defined.
20 */
21
22#include "mbedtls/ssl.h"
23#include "mbedtls/cipher.h"
24
25#if defined(MBEDTLS_HAVE_TIME)
27#endif
28
29#if defined(MBEDTLS_USE_PSA_CRYPTO)
30#include "psa/crypto.h"
31#endif
32
33#if defined(MBEDTLS_THREADING_C)
34#include "mbedtls/threading.h"
35#endif
36
37#ifdef __cplusplus
38extern "C" {
39#endif
40
41#define MBEDTLS_SSL_TICKET_MAX_KEY_BYTES 32
42#define MBEDTLS_SSL_TICKET_KEY_NAME_BYTES 4
47typedef struct mbedtls_ssl_ticket_key {
50#if defined(MBEDTLS_HAVE_TIME)
52#endif
56 uint32_t MBEDTLS_PRIVATE(lifetime);
57#if !defined(MBEDTLS_USE_PSA_CRYPTO)
59#else
63 size_t MBEDTLS_PRIVATE(key_bits);
64#endif
65}
67
73 unsigned char MBEDTLS_PRIVATE(active);
75 uint32_t MBEDTLS_PRIVATE(ticket_lifetime);
78 int(*MBEDTLS_PRIVATE(f_rng))(void *, unsigned char *, size_t);
79 void *MBEDTLS_PRIVATE(p_rng);
81#if defined(MBEDTLS_THREADING_C)
83#endif
84}
86
95
125 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
127 uint32_t lifetime);
128
168 const unsigned char *name, size_t nlength,
169 const unsigned char *k, size_t klength,
170 uint32_t lifetime);
171
178
185
192
193#ifdef __cplusplus
194}
195#endif
196
197#endif /* ssl_ticket.h */
This file contains an abstraction interface for use with the cipher primitives provided by the librar...
mbedtls_cipher_type_t
Supported {cipher type, cipher mode} pairs.
Definition cipher.h:84
Platform Security Architecture cryptography module.
uint16_t psa_key_type_t
Encoding of a key type.
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
psa_key_id_t mbedtls_svc_key_id_t
Build-time configuration info.
Mbed TLS Platform time abstraction.
time_t mbedtls_time_t
Macro wrapper for struct's members.
#define MBEDTLS_PRIVATE(member)
SSL/TLS functions.
int mbedtls_ssl_ticket_write_t(void *p_ticket, const mbedtls_ssl_session *session, unsigned char *start, const unsigned char *end, size_t *tlen, uint32_t *lifetime)
Callback type: generate and write session ticket.
Definition ssl.h:2614
int mbedtls_ssl_ticket_parse_t(void *p_ticket, mbedtls_ssl_session *session, unsigned char *buf, size_t len)
Callback type: parse and load session ticket.
Definition ssl.h:2644
void mbedtls_ssl_ticket_init(mbedtls_ssl_ticket_context *ctx)
Initialize a ticket context. (Just make it ready for mbedtls_ssl_ticket_setup() or mbedtls_ssl_ticket...
void mbedtls_ssl_ticket_free(mbedtls_ssl_ticket_context *ctx)
Free a context's content and zeroize it.
#define MBEDTLS_SSL_TICKET_KEY_NAME_BYTES
Definition ssl_ticket.h:42
int mbedtls_ssl_ticket_setup(mbedtls_ssl_ticket_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_cipher_type_t cipher, uint32_t lifetime)
Prepare context to be actually used.
struct mbedtls_ssl_ticket_key mbedtls_ssl_ticket_key
Information for session ticket protection.
int mbedtls_ssl_ticket_rotate(mbedtls_ssl_ticket_context *ctx, const unsigned char *name, size_t nlength, const unsigned char *k, size_t klength, uint32_t lifetime)
Rotate session ticket encryption key to new specified key. Provides for external control of session t...
struct mbedtls_ssl_ticket_context mbedtls_ssl_ticket_context
Context for session ticket handling functions.
mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write
Implementation of the ticket write callback.
Definition ssl_ticket.h:177
mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse
Implementation of the ticket parse callback.
Definition ssl_ticket.h:184
Context for session ticket handling functions.
Definition ssl_ticket.h:71
Information for session ticket protection.
Definition ssl_ticket.h:47
Threading abstraction layer.