ssl_cookie.h

00001 /**
00002  * \file ssl_cookie.h
00003  *
00004  * \brief DTLS cookie callbacks implementation
00005  */
00006 /*
00007  *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
00008  *  SPDX-License-Identifier: Apache-2.0
00009  *
00010  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
00011  *  not use this file except in compliance with the License.
00012  *  You may obtain a copy of the License at
00013  *
00014  *  http://www.apache.org/licenses/LICENSE-2.0
00015  *
00016  *  Unless required by applicable law or agreed to in writing, software
00017  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
00018  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
00019  *  See the License for the specific language governing permissions and
00020  *  limitations under the License.
00021  *
00022  *  This file is part of mbed TLS (https://tls.mbed.org)
00023  */
00024 #ifndef MBEDTLS_SSL_COOKIE_H
00025 #define MBEDTLS_SSL_COOKIE_H
00026 
00027 #if !defined(MBEDTLS_CONFIG_FILE)
00028 #include "mbedtls/config.h"
00029 #else
00030 #include MBEDTLS_CONFIG_FILE
00031 #endif
00032 
00033 #include "mbedtls/ssl.h"
00034 
00035 #if defined(MBEDTLS_THREADING_C)
00036 #include "mbedtls/threading.h"
00037 #endif
00038 
00039 /**
00040  * \name SECTION: Module settings
00041  *
00042  * The configuration options you can set for this module are in this section.
00043  * Either change them in config.h or define them on the compiler command line.
00044  * \{
00045  */
00046 #ifndef MBEDTLS_SSL_COOKIE_TIMEOUT
00047 #define MBEDTLS_SSL_COOKIE_TIMEOUT     60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
00048 #endif
00049 
00050 /* \} name SECTION: Module settings */
00051 
00052 #ifdef __cplusplus
00053 extern "C" {
00054 #endif
00055 
00056 /**
00057  * \brief          Context for the default cookie functions.
00058  */
00059 typedef struct mbedtls_ssl_cookie_ctx
00060 {
00061     mbedtls_md_context_t    hmac_ctx ;   /*!< context for the HMAC portion   */
00062 #if !defined(MBEDTLS_HAVE_TIME)
00063     unsigned long   serial ;     /*!< serial number for expiration   */
00064 #endif
00065     unsigned long   timeout ;    /*!< timeout delay, in seconds if HAVE_TIME,
00066                                      or in number of tickets issued */
00067 
00068 #if defined(MBEDTLS_THREADING_C)
00069     mbedtls_threading_mutex_t mutex;
00070 #endif
00071 } mbedtls_ssl_cookie_ctx;
00072 
00073 /**
00074  * \brief          Initialize cookie context
00075  */
00076 void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx );
00077 
00078 /**
00079  * \brief          Setup cookie context (generate keys)
00080  */
00081 int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx,
00082                       int (*f_rng)(void *, unsigned char *, size_t),
00083                       void *p_rng );
00084 
00085 /**
00086  * \brief          Set expiration delay for cookies
00087  *                 (Default MBEDTLS_SSL_COOKIE_TIMEOUT)
00088  *
00089  * \param ctx      Cookie contex
00090  * \param delay    Delay, in seconds if HAVE_TIME, or in number of cookies
00091  *                 issued in the meantime.
00092  *                 0 to disable expiration (NOT recommended)
00093  */
00094 void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay );
00095 
00096 /**
00097  * \brief          Free cookie context
00098  */
00099 void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx );
00100 
00101 /**
00102  * \brief          Generate cookie, see \c mbedtls_ssl_cookie_write_t
00103  */
00104 mbedtls_ssl_cookie_write_t mbedtls_ssl_cookie_write;
00105 
00106 /**
00107  * \brief          Verify cookie, see \c mbedtls_ssl_cookie_write_t
00108  */
00109 mbedtls_ssl_cookie_check_t mbedtls_ssl_cookie_check;
00110 
00111 #ifdef __cplusplus
00112 }
00113 #endif
00114 
00115 #endif /* ssl_cookie.h */