ssl_ticket.h File Reference

TLS server ticket callbacks implementation. More...

#include "config.h"
#include "ssl.h"
#include "cipher.h"
#include "threading.h"
Include dependency graph for ssl_ticket.h:

Go to the source code of this file.

Data Structures

struct  mbedtls_ssl_ticket_key
 Information for session ticket protection. More...
struct  mbedtls_ssl_ticket_context
 Context for session ticket handling functions. More...

Functions

void mbedtls_ssl_ticket_init (mbedtls_ssl_ticket_context *ctx)
 Initialize a ticket context. (Just make it ready for mbedtls_ssl_ticket_setup() or mbedtls_ssl_ticket_free().).
int mbedtls_ssl_ticket_setup (mbedtls_ssl_ticket_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_cipher_type_t cipher, uint32_t lifetime)
 Prepare context to be actually used.
void mbedtls_ssl_ticket_free (mbedtls_ssl_ticket_context *ctx)
 Free a context's content and zeroize it.

Variables

mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write
 Implementation of the ticket write callback.
mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse
 Implementation of the ticket parse callback.

Detailed Description

TLS server ticket callbacks implementation.

Definition in file ssl_ticket.h.


Function Documentation

void mbedtls_ssl_ticket_free ( mbedtls_ssl_ticket_context ctx  ) 

Free a context's content and zeroize it.

Parameters:
ctx Context to be cleaned up
void mbedtls_ssl_ticket_init ( mbedtls_ssl_ticket_context ctx  ) 

Initialize a ticket context. (Just make it ready for mbedtls_ssl_ticket_setup() or mbedtls_ssl_ticket_free().).

Parameters:
ctx Context to be initialized
int mbedtls_ssl_ticket_setup ( mbedtls_ssl_ticket_context ctx,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng,
mbedtls_cipher_type_t  cipher,
uint32_t  lifetime 
)

Prepare context to be actually used.

Parameters:
ctx Context to be set up
f_rng RNG callback function
p_rng RNG callback context
cipher AEAD cipher to use for ticket protection. Recommended value: MBEDTLS_CIPHER_AES_256_GCM.
lifetime Tickets lifetime in seconds Recommended value: 86400 (one day).
Note:
It is highly recommended to select a cipher that is at least as strong as the the strongest ciphersuite supported. Usually that means a 256-bit key.
The lifetime of the keys is twice the lifetime of tickets. It is recommended to pick a reasonnable lifetime so as not to negate the benefits of forward secrecy.
Returns:
0 if successful, or a specific MBEDTLS_ERR_XXX error code

Variable Documentation

Implementation of the ticket parse callback.

Note:
See mbedtls_ssl_ticket_parse_t for description

Definition at line 156 of file ssl_ticket.h.

Implementation of the ticket write callback.

Note:
See mbedtls_ssl_ticket_write_t for description

Definition at line 149 of file ssl_ticket.h.


Generated on 10 Aug 2020 for mbed TLS v2.7.16 by  doxygen 1.6.1