• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /**
2  * \file ssl_cookie.h
3  *
4  * \brief DTLS cookie callbacks implementation
5  */
6 /*
7  *  Copyright The Mbed TLS Contributors
8  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
9  *
10  *  This file is provided under the Apache License 2.0, or the
11  *  GNU General Public License v2.0 or later.
12  *
13  *  **********
14  *  Apache License 2.0:
15  *
16  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
17  *  not use this file except in compliance with the License.
18  *  You may obtain a copy of the License at
19  *
20  *  http://www.apache.org/licenses/LICENSE-2.0
21  *
22  *  Unless required by applicable law or agreed to in writing, software
23  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
24  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
25  *  See the License for the specific language governing permissions and
26  *  limitations under the License.
27  *
28  *  **********
29  *
30  *  **********
31  *  GNU General Public License v2.0 or later:
32  *
33  *  This program is free software; you can redistribute it and/or modify
34  *  it under the terms of the GNU General Public License as published by
35  *  the Free Software Foundation; either version 2 of the License, or
36  *  (at your option) any later version.
37  *
38  *  This program is distributed in the hope that it will be useful,
39  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
40  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
41  *  GNU General Public License for more details.
42  *
43  *  You should have received a copy of the GNU General Public License along
44  *  with this program; if not, write to the Free Software Foundation, Inc.,
45  *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
46  *
47  *  **********
48  */
49 #ifndef MBEDTLS_SSL_COOKIE_H
50 #define MBEDTLS_SSL_COOKIE_H
51 
52 #if !defined(MBEDTLS_CONFIG_FILE)
53 #include "config.h"
54 #else
55 #include MBEDTLS_CONFIG_FILE
56 #endif
57 
58 #include "ssl.h"
59 
60 #if defined(MBEDTLS_THREADING_C)
61 #include "threading.h"
62 #endif
63 
64 /**
65  * \name SECTION: Module settings
66  *
67  * The configuration options you can set for this module are in this section.
68  * Either change them in config.h or define them on the compiler command line.
69  * \{
70  */
71 #ifndef MBEDTLS_SSL_COOKIE_TIMEOUT
72 #define MBEDTLS_SSL_COOKIE_TIMEOUT     60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
73 #endif
74 
75 /* \} name SECTION: Module settings */
76 
77 #ifdef __cplusplus
78 extern "C" {
79 #endif
80 
81 /**
82  * \brief          Context for the default cookie functions.
83  */
84 typedef struct mbedtls_ssl_cookie_ctx
85 {
86     mbedtls_md_context_t    hmac_ctx;   /*!< context for the HMAC portion   */
87 #if !defined(MBEDTLS_HAVE_TIME)
88     unsigned long   serial;     /*!< serial number for expiration   */
89 #endif
90     unsigned long   timeout;    /*!< timeout delay, in seconds if HAVE_TIME,
91                                      or in number of tickets issued */
92 
93 #if defined(MBEDTLS_THREADING_C)
94     mbedtls_threading_mutex_t mutex;
95 #endif
96 } mbedtls_ssl_cookie_ctx;
97 
98 /**
99  * \brief          Initialize cookie context
100  */
101 void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx );
102 
103 /**
104  * \brief          Setup cookie context (generate keys)
105  */
106 int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx,
107                       int (*f_rng)(void *, unsigned char *, size_t),
108                       void *p_rng );
109 
110 /**
111  * \brief          Set expiration delay for cookies
112  *                 (Default MBEDTLS_SSL_COOKIE_TIMEOUT)
113  *
114  * \param ctx      Cookie contex
115  * \param delay    Delay, in seconds if HAVE_TIME, or in number of cookies
116  *                 issued in the meantime.
117  *                 0 to disable expiration (NOT recommended)
118  */
119 void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay );
120 
121 /**
122  * \brief          Free cookie context
123  */
124 void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx );
125 
126 /**
127  * \brief          Generate cookie, see \c mbedtls_ssl_cookie_write_t
128  */
129 mbedtls_ssl_cookie_write_t mbedtls_ssl_cookie_write;
130 
131 /**
132  * \brief          Verify cookie, see \c mbedtls_ssl_cookie_write_t
133  */
134 mbedtls_ssl_cookie_check_t mbedtls_ssl_cookie_check;
135 
136 #ifdef __cplusplus
137 }
138 #endif
139 
140 #endif /* ssl_cookie.h */
141