Detailed Description
Internal functions shared by the SSL modules.
TLS server ticket callbacks implementation.
Copyright (C) 2006-2015, ARM Limited, All Rights Reserved SPDX-License-Identifier: Apache-2.0
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
This file is part of mbed TLS (https://tls.mbed.org)
Definition in file ssl_ticket.h.
Go to the source code of this file.
Data Structures | |
| struct | mbedtls_ssl_ticket_key |
| Information for session ticket protection. More... | |
| struct | mbedtls_ssl_ticket_context |
| Context for session ticket handling functions. More... | |
Functions | |
| void | mbedtls_ssl_ticket_init (mbedtls_ssl_ticket_context *ctx) |
| Initialize a ticket context. More... | |
| int | mbedtls_ssl_ticket_setup (mbedtls_ssl_ticket_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_cipher_type_t cipher, uint32_t lifetime) |
| Prepare context to be actually used. More... | |
| void | mbedtls_ssl_ticket_free (mbedtls_ssl_ticket_context *ctx) |
| Free a context's content and zeroize it. More... | |
Variables | |
| mbedtls_ssl_ticket_write_t | mbedtls_ssl_ticket_write |
| Implementation of the ticket write callback. More... | |
| mbedtls_ssl_ticket_parse_t | mbedtls_ssl_ticket_parse |
| Implementation of the ticket parse callback. More... | |
Function Documentation
| void mbedtls_ssl_ticket_free | ( | mbedtls_ssl_ticket_context * | ctx | ) |
Free a context's content and zeroize it.
- Parameters
-
ctx Context to be cleaned up
| void mbedtls_ssl_ticket_init | ( | mbedtls_ssl_ticket_context * | ctx | ) |
Initialize a ticket context.
(Just make it ready for mbedtls_ssl_ticket_setup() or mbedtls_ssl_ticket_free().)
- Parameters
-
ctx Context to be initialized
| int mbedtls_ssl_ticket_setup | ( | mbedtls_ssl_ticket_context * | ctx, |
| int(*)(void *, unsigned char *, size_t) | f_rng, | ||
| void * | p_rng, | ||
| mbedtls_cipher_type_t | cipher, | ||
| uint32_t | lifetime | ||
| ) |
Prepare context to be actually used.
- Parameters
-
ctx Context to be set up f_rng RNG callback function p_rng RNG callback context cipher AEAD cipher to use for ticket protection. Recommended value: MBEDTLS_CIPHER_AES_256_GCM. lifetime Tickets lifetime in seconds Recommended value: 86400 (one day).
- Note
- It is highly recommended to select a cipher that is at least as strong as the the strongest ciphersuite supported. Usually that means a 256-bit key.
- The lifetime of the keys is twice the lifetime of tickets. It is recommended to pick a reasonnable lifetime so as not to negate the benefits of forward secrecy.
- Returns
- 0 if successful, or a specific MBEDTLS_ERR_XXX error code
Variable Documentation
| mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse |
Implementation of the ticket parse callback.
- Note
- See
mbedlts_ssl_ticket_parse_tfor description
Definition at line 122 of file ssl_ticket.h.
| mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write |
Implementation of the ticket write callback.
- Note
- See
mbedlts_ssl_ticket_write_tfor description
Definition at line 115 of file ssl_ticket.h.
