Mbed TLS v3.5.0
ssl_ticket.h
Go to the documentation of this file.
1
6/*
7 * Copyright The Mbed TLS Contributors
8 * SPDX-License-Identifier: Apache-2.0
9 *
10 * Licensed under the Apache License, Version 2.0 (the "License"); you may
11 * not use this file except in compliance with the License.
12 * You may obtain a copy of the License at
13 *
14 * http://www.apache.org/licenses/LICENSE-2.0
15 *
16 * Unless required by applicable law or agreed to in writing, software
17 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
18 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19 * See the License for the specific language governing permissions and
20 * limitations under the License.
21 */
22#ifndef MBEDTLS_SSL_TICKET_H
23#define MBEDTLS_SSL_TICKET_H
25
26#include "mbedtls/build_info.h"
27
28/*
29 * This implementation of the session ticket callbacks includes key
30 * management, rotating the keys periodically in order to preserve forward
31 * secrecy, when MBEDTLS_HAVE_TIME is defined.
32 */
33
34#include "mbedtls/ssl.h"
35#include "mbedtls/cipher.h"
36
37#if defined(MBEDTLS_HAVE_TIME)
39#endif
40
41#if defined(MBEDTLS_USE_PSA_CRYPTO)
42#include "psa/crypto.h"
43#endif
44
45#if defined(MBEDTLS_THREADING_C)
46#include "mbedtls/threading.h"
47#endif
48
49#ifdef __cplusplus
50extern "C" {
51#endif
52
53#define MBEDTLS_SSL_TICKET_MAX_KEY_BYTES 32
54#define MBEDTLS_SSL_TICKET_KEY_NAME_BYTES 4
59typedef struct mbedtls_ssl_ticket_key {
62#if defined(MBEDTLS_HAVE_TIME)
64#endif
65#if !defined(MBEDTLS_USE_PSA_CRYPTO)
67#else
71 size_t MBEDTLS_PRIVATE(key_bits);
72#endif
73}
75
81 unsigned char MBEDTLS_PRIVATE(active);
83 uint32_t MBEDTLS_PRIVATE(ticket_lifetime);
86 int(*MBEDTLS_PRIVATE(f_rng))(void *, unsigned char *, size_t);
87 void *MBEDTLS_PRIVATE(p_rng);
89#if defined(MBEDTLS_THREADING_C)
91#endif
92}
94
103
127 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
129 uint32_t lifetime);
130
164 const unsigned char *name, size_t nlength,
165 const unsigned char *k, size_t klength,
166 uint32_t lifetime);
167
174
181
188
189#ifdef __cplusplus
190}
191#endif
192
193#endif /* ssl_ticket.h */
This file contains an abstraction interface for use with the cipher primitives provided by the librar...
mbedtls_cipher_type_t
Supported {cipher type, cipher mode} pairs.
Definition: cipher.h:96
Platform Security Architecture cryptography module.
uint16_t psa_key_type_t
Encoding of a key type.
Definition: crypto_types.h:83
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition: crypto_types.h:139
psa_key_id_t mbedtls_svc_key_id_t
Definition: crypto_types.h:297
Build-time configuration info.
Mbed TLS Platform time abstraction.
time_t mbedtls_time_t
Definition: platform_time.h:39
Macro wrapper for struct's members.
#define MBEDTLS_PRIVATE(member)
SSL/TLS functions.
int mbedtls_ssl_ticket_write_t(void *p_ticket, const mbedtls_ssl_session *session, unsigned char *start, const unsigned char *end, size_t *tlen, uint32_t *lifetime)
Callback type: generate and write session ticket.
Definition: ssl.h:2516
int mbedtls_ssl_ticket_parse_t(void *p_ticket, mbedtls_ssl_session *session, unsigned char *buf, size_t len)
Callback type: parse and load session ticket.
Definition: ssl.h:2546
void mbedtls_ssl_ticket_init(mbedtls_ssl_ticket_context *ctx)
Initialize a ticket context. (Just make it ready for mbedtls_ssl_ticket_setup() or mbedtls_ssl_ticket...
void mbedtls_ssl_ticket_free(mbedtls_ssl_ticket_context *ctx)
Free a context's content and zeroize it.
#define MBEDTLS_SSL_TICKET_KEY_NAME_BYTES
Definition: ssl_ticket.h:54
int mbedtls_ssl_ticket_setup(mbedtls_ssl_ticket_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_cipher_type_t cipher, uint32_t lifetime)
Prepare context to be actually used.
struct mbedtls_ssl_ticket_key mbedtls_ssl_ticket_key
Information for session ticket protection.
int mbedtls_ssl_ticket_rotate(mbedtls_ssl_ticket_context *ctx, const unsigned char *name, size_t nlength, const unsigned char *k, size_t klength, uint32_t lifetime)
Rotate session ticket encryption key to new specified key. Provides for external control of session t...
struct mbedtls_ssl_ticket_context mbedtls_ssl_ticket_context
Context for session ticket handling functions.
mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write
Implementation of the ticket write callback.
Definition: ssl_ticket.h:173
mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse
Implementation of the ticket parse callback.
Definition: ssl_ticket.h:180
Context for session ticket handling functions.
Definition: ssl_ticket.h:79
Information for session ticket protection.
Definition: ssl_ticket.h:59
Threading abstraction layer.