mbed TLS  Version 2.9.0
SSL/TLS Library for the Embedded Space
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
ssl_ticket.h File Reference

Data Structures

struct  mbedtls_ssl_ticket_key
 Information for session ticket protection. More...
 
struct  mbedtls_ssl_ticket_context
 Context for session ticket handling functions. More...
 

Functions

void mbedtls_ssl_ticket_init (mbedtls_ssl_ticket_context *ctx)
 Initialize a ticket context. More...
 
int mbedtls_ssl_ticket_setup (mbedtls_ssl_ticket_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_cipher_type_t cipher, uint32_t lifetime)
 Prepare context to be actually used. More...
 
void mbedtls_ssl_ticket_free (mbedtls_ssl_ticket_context *ctx)
 Free a context's content and zeroize it. More...
 

Variables

mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write
 Implementation of the ticket write callback. More...
 
mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse
 Implementation of the ticket parse callback. More...
 

Description

TLS server ticket callbacks implementation.


Data Structure Documentation

struct mbedtls_ssl_ticket_key

Information for session ticket protection.

Data Fields
mbedtls_cipher_context_t ctx

context for auth enc/decryption

uint32_t generation_time

key generation timestamp (seconds)

unsigned char name[4]

random key identifier

Function Documentation

void mbedtls_ssl_ticket_free ( mbedtls_ssl_ticket_context ctx)

Free a context's content and zeroize it.

Parameters
ctxContext to be cleaned up
void mbedtls_ssl_ticket_init ( mbedtls_ssl_ticket_context ctx)

Initialize a ticket context.

(Just make it ready for mbedtls_ssl_ticket_setup() or mbedtls_ssl_ticket_free().)

Parameters
ctxContext to be initialized
int mbedtls_ssl_ticket_setup ( mbedtls_ssl_ticket_context ctx,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng,
mbedtls_cipher_type_t  cipher,
uint32_t  lifetime 
)

Prepare context to be actually used.

Parameters
ctxContext to be set up
f_rngRNG callback function
p_rngRNG callback context
cipherAEAD cipher to use for ticket protection. Recommended value: MBEDTLS_CIPHER_AES_256_GCM.
lifetimeTickets lifetime in seconds Recommended value: 86400 (one day).
Note
It is highly recommended to select a cipher that is at least as strong as the the strongest ciphersuite supported. Usually that means a 256-bit key.
The lifetime of the keys is twice the lifetime of tickets. It is recommended to pick a reasonnable lifetime so as not to negate the benefits of forward secrecy.
Returns
0 if successful, or a specific MBEDTLS_ERR_XXX error code

Variable Documentation

mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse

Implementation of the ticket parse callback.

Note
See mbedlts_ssl_ticket_parse_t for description
mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write

Implementation of the ticket write callback.

Note
See mbedlts_ssl_ticket_write_t for description