4 * \brief TLS server ticket callbacks implementation
\r
7 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
\r
8 * SPDX-License-Identifier: Apache-2.0
\r
10 * Licensed under the Apache License, Version 2.0 (the "License"); you may
\r
11 * not use this file except in compliance with the License.
\r
12 * You may obtain a copy of the License at
\r
14 * http://www.apache.org/licenses/LICENSE-2.0
\r
16 * Unless required by applicable law or agreed to in writing, software
\r
17 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
\r
18 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
19 * See the License for the specific language governing permissions and
\r
20 * limitations under the License.
\r
22 * This file is part of mbed TLS (https://tls.mbed.org)
\r
24 #ifndef MBEDTLS_SSL_TICKET_H
\r
25 #define MBEDTLS_SSL_TICKET_H
\r
27 #if !defined(MBEDTLS_CONFIG_FILE)
\r
30 #include MBEDTLS_CONFIG_FILE
\r
34 * This implementation of the session ticket callbacks includes key
\r
35 * management, rotating the keys periodically in order to preserve forward
\r
36 * secrecy, when MBEDTLS_HAVE_TIME is defined.
\r
42 #if defined(MBEDTLS_THREADING_C)
\r
43 #include "threading.h"
\r
51 * \brief Information for session ticket protection
\r
53 typedef struct mbedtls_ssl_ticket_key
\r
55 unsigned char name[4]; /*!< random key identifier */
\r
56 uint32_t generation_time; /*!< key generation timestamp (seconds) */
\r
57 mbedtls_cipher_context_t ctx; /*!< context for auth enc/decryption */
\r
59 mbedtls_ssl_ticket_key;
\r
62 * \brief Context for session ticket handling functions
\r
64 typedef struct mbedtls_ssl_ticket_context
\r
66 mbedtls_ssl_ticket_key keys[2]; /*!< ticket protection keys */
\r
67 unsigned char active; /*!< index of the currently active key */
\r
69 uint32_t ticket_lifetime; /*!< lifetime of tickets in seconds */
\r
71 /** Callback for getting (pseudo-)random numbers */
\r
72 int (*f_rng)(void *, unsigned char *, size_t);
\r
73 void *p_rng; /*!< context for the RNG function */
\r
75 #if defined(MBEDTLS_THREADING_C)
\r
76 mbedtls_threading_mutex_t mutex;
\r
79 mbedtls_ssl_ticket_context;
\r
82 * \brief Initialize a ticket context.
\r
83 * (Just make it ready for mbedtls_ssl_ticket_setup()
\r
84 * or mbedtls_ssl_ticket_free().)
\r
86 * \param ctx Context to be initialized
\r
88 void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx );
\r
91 * \brief Prepare context to be actually used
\r
93 * \param ctx Context to be set up
\r
94 * \param f_rng RNG callback function
\r
95 * \param p_rng RNG callback context
\r
96 * \param cipher AEAD cipher to use for ticket protection.
\r
97 * Recommended value: MBEDTLS_CIPHER_AES_256_GCM.
\r
98 * \param lifetime Tickets lifetime in seconds
\r
99 * Recommended value: 86400 (one day).
\r
101 * \note It is highly recommended to select a cipher that is at
\r
102 * least as strong as the the strongest ciphersuite
\r
103 * supported. Usually that means a 256-bit key.
\r
105 * \note The lifetime of the keys is twice the lifetime of tickets.
\r
106 * It is recommended to pick a reasonnable lifetime so as not
\r
107 * to negate the benefits of forward secrecy.
\r
109 * \return 0 if successful,
\r
110 * or a specific MBEDTLS_ERR_XXX error code
\r
112 int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
\r
113 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
\r
114 mbedtls_cipher_type_t cipher,
\r
115 uint32_t lifetime );
\r
118 * \brief Implementation of the ticket write callback
\r
120 * \note See \c mbedtls_ssl_ticket_write_t for description
\r
122 mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write;
\r
125 * \brief Implementation of the ticket parse callback
\r
127 * \note See \c mbedtls_ssl_ticket_parse_t for description
\r
129 mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse;
\r
132 * \brief Free a context's content and zeroize it.
\r
134 * \param ctx Context to be cleaned up
\r
136 void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx );
\r
142 #endif /* ssl_ticket.h */
\r