1 /** 2 * \file ssl_cookie.h 3 * 4 * \brief DTLS cookie callbacks implementation 5 */ 6 /* 7 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved 8 * SPDX-License-Identifier: Apache-2.0 9 * 10 * Licensed under the Apache License, Version 2.0 (the "License"); you may 11 * not use this file except in compliance with the License. 12 * You may obtain a copy of the License at 13 * 14 * http://www.apache.org/licenses/LICENSE-2.0 15 * 16 * Unless required by applicable law or agreed to in writing, software 17 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 18 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 19 * See the License for the specific language governing permissions and 20 * limitations under the License. 21 * 22 * This file is part of mbed TLS (https://tls.mbed.org) 23 */ 24 #ifndef MBEDTLS_SSL_COOKIE_H 25 #define MBEDTLS_SSL_COOKIE_H 26 27 #if !defined(MBEDTLS_CONFIG_FILE) 28 #include "config.h" 29 #else 30 #include MBEDTLS_CONFIG_FILE 31 #endif 32 33 #include "ssl.h" 34 35 #if defined(MBEDTLS_THREADING_C) 36 #include "threading.h" 37 #endif 38 39 /** 40 * \name SECTION: Module settings 41 * 42 * The configuration options you can set for this module are in this section. 43 * Either change them in config.h or define them on the compiler command line. 44 * \{ 45 */ 46 #ifndef MBEDTLS_SSL_COOKIE_TIMEOUT 47 #define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ 48 #endif 49 50 /* \} name SECTION: Module settings */ 51 52 #ifdef __cplusplus 53 extern "C" { 54 #endif 55 56 /** 57 * \brief Context for the default cookie functions. 58 */ 59 typedef struct mbedtls_ssl_cookie_ctx 60 { 61 mbedtls_md_context_t hmac_ctx; /*!< context for the HMAC portion */ 62 #if !defined(MBEDTLS_HAVE_TIME) 63 unsigned long serial; /*!< serial number for expiration */ 64 #endif 65 unsigned long timeout; /*!< timeout delay, in seconds if HAVE_TIME, 66 or in number of tickets issued */ 67 68 #if defined(MBEDTLS_THREADING_C) 69 mbedtls_threading_mutex_t mutex; 70 #endif 71 } mbedtls_ssl_cookie_ctx; 72 73 /** 74 * \brief Initialize cookie context 75 */ 76 void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx ); 77 78 /** 79 * \brief Setup cookie context (generate keys) 80 */ 81 int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx, 82 int (*f_rng)(void *, unsigned char *, size_t), 83 void *p_rng ); 84 85 /** 86 * \brief Set expiration delay for cookies 87 * (Default MBEDTLS_SSL_COOKIE_TIMEOUT) 88 * 89 * \param ctx Cookie contex 90 * \param delay Delay, in seconds if HAVE_TIME, or in number of cookies 91 * issued in the meantime. 92 * 0 to disable expiration (NOT recommended) 93 */ 94 void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay ); 95 96 /** 97 * \brief Free cookie context 98 */ 99 void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx ); 100 101 /** 102 * \brief Generate cookie, see \c mbedtls_ssl_cookie_write_t 103 */ 104 mbedtls_ssl_cookie_write_t mbedtls_ssl_cookie_write; 105 106 /** 107 * \brief Verify cookie, see \c mbedtls_ssl_cookie_write_t 108 */ 109 mbedtls_ssl_cookie_check_t mbedtls_ssl_cookie_check; 110 111 #ifdef __cplusplus 112 } 113 #endif 114 115 #endif /* ssl_cookie.h */ 116