ssl_cookie.h

00001 /**
00002  * \file ssl_cookie.h
00003  *
00004  * \brief DTLS cookie callbacks implementation
00005  */
00006 /*
00007  *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
00008  *  SPDX-License-Identifier: Apache-2.0
00009  *
00010  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
00011  *  not use this file except in compliance with the License.
00012  *  You may obtain a copy of the License at
00013  *
00014  *  http://www.apache.org/licenses/LICENSE-2.0
00015  *
00016  *  Unless required by applicable law or agreed to in writing, software
00017  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
00018  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
00019  *  See the License for the specific language governing permissions and
00020  *  limitations under the License.
00021  *
00022  *  This file is part of mbed TLS (https://tls.mbed.org)
00023  */
00024 #ifndef MBEDTLS_SSL_COOKIE_H
00025 #define MBEDTLS_SSL_COOKIE_H
00026 
00027 #include "ssl.h"
00028 
00029 #if defined(MBEDTLS_THREADING_C)
00030 #include "threading.h"
00031 #endif
00032 
00033 /**
00034  * \name SECTION: Module settings
00035  *
00036  * The configuration options you can set for this module are in this section.
00037  * Either change them in config.h or define them on the compiler command line.
00038  * \{
00039  */
00040 #ifndef MBEDTLS_SSL_COOKIE_TIMEOUT
00041 #define MBEDTLS_SSL_COOKIE_TIMEOUT     60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
00042 #endif
00043 
00044 /* \} name SECTION: Module settings */
00045 
00046 #ifdef __cplusplus
00047 extern "C" {
00048 #endif
00049 
00050 /**
00051  * \brief          Context for the default cookie functions.
00052  */
00053 typedef struct
00054 {
00055     mbedtls_md_context_t    hmac_ctx ;   /*!< context for the HMAC portion   */
00056 #if !defined(MBEDTLS_HAVE_TIME)
00057     unsigned long   serial ;     /*!< serial number for expiration   */
00058 #endif
00059     unsigned long   timeout;    /*!< timeout delay, in seconds if HAVE_TIME,
00060                                      or in number of tickets issued */
00061 
00062 #if defined(MBEDTLS_THREADING_C)
00063     mbedtls_threading_mutex_t mutex;
00064 #endif
00065 } mbedtls_ssl_cookie_ctx;
00066 
00067 /**
00068  * \brief          Initialize cookie context
00069  */
00070 void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx );
00071 
00072 /**
00073  * \brief          Setup cookie context (generate keys)
00074  */
00075 int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx,
00076                       int (*f_rng)(void *, unsigned char *, size_t),
00077                       void *p_rng );
00078 
00079 /**
00080  * \brief          Set expiration delay for cookies
00081  *                 (Default MBEDTLS_SSL_COOKIE_TIMEOUT)
00082  *
00083  * \param ctx      Cookie contex
00084  * \param delay    Delay, in seconds if HAVE_TIME, or in number of cookies
00085  *                 issued in the meantime.
00086  *                 0 to disable expiration (NOT recommended)
00087  */
00088 void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay );
00089 
00090 /**
00091  * \brief          Free cookie context
00092  */
00093 void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx );
00094 
00095 /**
00096  * \brief          Generate cookie, see \c mbedtls_ssl_cookie_write_t
00097  */
00098 mbedtls_ssl_cookie_write_t mbedtls_ssl_cookie_write;
00099 
00100 /**
00101  * \brief          Verify cookie, see \c mbedtls_ssl_cookie_write_t
00102  */
00103 mbedtls_ssl_cookie_check_t mbedtls_ssl_cookie_check;
00104 
00105 #ifdef __cplusplus
00106 }
00107 #endif
00108 
00109 #endif /* ssl_cookie.h */