mbed TLS v2.2.0
Data Structures | Functions | Variables
ssl_ticket.h File Reference

Detailed Description

Internal functions shared by the SSL modules.

TLS server ticket callbacks implementation.

Copyright (C) 2006-2015, ARM Limited, All Rights Reserved SPDX-License-Identifier: Apache-2.0

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

This file is part of mbed TLS (https://tls.mbed.org)

Definition in file ssl_ticket.h.

#include "ssl.h"
#include "cipher.h"
Include dependency graph for ssl_ticket.h:

Go to the source code of this file.

Data Structures

struct  mbedtls_ssl_ticket_key
 Information for session ticket protection. More...
 
struct  mbedtls_ssl_ticket_context
 Context for session ticket handling functions. More...
 

Functions

void mbedtls_ssl_ticket_init (mbedtls_ssl_ticket_context *ctx)
 Initialize a ticket context. More...
 
int mbedtls_ssl_ticket_setup (mbedtls_ssl_ticket_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_cipher_type_t cipher, uint32_t lifetime)
 Prepare context to be actually used. More...
 
void mbedtls_ssl_ticket_free (mbedtls_ssl_ticket_context *ctx)
 Free a context's content and zeroize it. More...
 

Variables

mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write
 Implementation of the ticket write callback. More...
 
mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse
 Implementation of the ticket parse callback. More...
 

Function Documentation

void mbedtls_ssl_ticket_free ( mbedtls_ssl_ticket_context ctx)

Free a context's content and zeroize it.

Parameters
ctxContext to be cleaned up
void mbedtls_ssl_ticket_init ( mbedtls_ssl_ticket_context ctx)

Initialize a ticket context.

(Just make it ready for mbedtls_ssl_ticket_setup() or mbedtls_ssl_ticket_free().)

Parameters
ctxContext to be initialized
int mbedtls_ssl_ticket_setup ( mbedtls_ssl_ticket_context ctx,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng,
mbedtls_cipher_type_t  cipher,
uint32_t  lifetime 
)

Prepare context to be actually used.

Parameters
ctxContext to be set up
f_rngRNG callback function
p_rngRNG callback context
cipherAEAD cipher to use for ticket protection. Recommended value: MBEDTLS_CIPHER_AES_256_GCM.
lifetimeTickets lifetime in seconds Recommended value: 86400 (one day).
Note
It is highly recommended to select a cipher that is at least as strong as the the strongest ciphersuite supported. Usually that means a 256-bit key.
The lifetime of the keys is twice the lifetime of tickets. It is recommended to pick a reasonnable lifetime so as not to negate the benefits of forward secrecy.
Returns
0 if successful, or a specific MBEDTLS_ERR_XXX error code

Variable Documentation

mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse

Implementation of the ticket parse callback.

Note
See mbedlts_ssl_ticket_parse_t for description

Definition at line 122 of file ssl_ticket.h.

mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write

Implementation of the ticket write callback.

Note
See mbedlts_ssl_ticket_write_t for description

Definition at line 115 of file ssl_ticket.h.