mbed TLS  Version 2.6.0
SSL/TLS Library for the Embedded Space
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
ssl_ticket.h File Reference

Data Structures

struct  mbedtls_ssl_ticket_key
 Information for session ticket protection. More...
 
struct  mbedtls_ssl_ticket_context
 Context for session ticket handling functions. More...
 

Functions

void mbedtls_ssl_ticket_init (mbedtls_ssl_ticket_context *ctx)
 Initialize a ticket context. More...
 
int mbedtls_ssl_ticket_setup (mbedtls_ssl_ticket_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_cipher_type_t cipher, uint32_t lifetime)
 Prepare context to be actually used. More...
 
void mbedtls_ssl_ticket_free (mbedtls_ssl_ticket_context *ctx)
 Free a context's content and zeroize it. More...
 

Variables

mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write
 Implementation of the ticket write callback. More...
 
mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse
 Implementation of the ticket parse callback. More...
 

Description

Internal functions shared by the SSL modules.

TLS server ticket callbacks implementation.

Copyright (C) 2006-2015, ARM Limited, All Rights Reserved SPDX-License-Identifier: Apache-2.0

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

This file is part of mbed TLS (https://tls.mbed.org)


Data Structure Documentation

struct mbedtls_ssl_ticket_key

Information for session ticket protection.

Data Fields
mbedtls_cipher_context_t ctx

context for auth enc/decryption

uint32_t generation_time

key generation timestamp (seconds)

unsigned char name[4]

random key identifier

Function Documentation

void mbedtls_ssl_ticket_free ( mbedtls_ssl_ticket_context ctx)

Free a context's content and zeroize it.

Parameters
ctxContext to be cleaned up
void mbedtls_ssl_ticket_init ( mbedtls_ssl_ticket_context ctx)

Initialize a ticket context.

(Just make it ready for mbedtls_ssl_ticket_setup() or mbedtls_ssl_ticket_free().)

Parameters
ctxContext to be initialized
int mbedtls_ssl_ticket_setup ( mbedtls_ssl_ticket_context ctx,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng,
mbedtls_cipher_type_t  cipher,
uint32_t  lifetime 
)

Prepare context to be actually used.

Parameters
ctxContext to be set up
f_rngRNG callback function
p_rngRNG callback context
cipherAEAD cipher to use for ticket protection. Recommended value: MBEDTLS_CIPHER_AES_256_GCM.
lifetimeTickets lifetime in seconds Recommended value: 86400 (one day).
Note
It is highly recommended to select a cipher that is at least as strong as the the strongest ciphersuite supported. Usually that means a 256-bit key.
The lifetime of the keys is twice the lifetime of tickets. It is recommended to pick a reasonnable lifetime so as not to negate the benefits of forward secrecy.
Returns
0 if successful, or a specific MBEDTLS_ERR_XXX error code

Variable Documentation

mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse

Implementation of the ticket parse callback.

Note
See mbedlts_ssl_ticket_parse_t for description
mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write

Implementation of the ticket write callback.

Note
See mbedlts_ssl_ticket_write_t for description