• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /**
2  * \file ssl_cookie.h
3  *
4  * \brief DTLS cookie callbacks implementation
5  */
6 /*
7  *  Copyright The Mbed TLS Contributors
8  *  SPDX-License-Identifier: Apache-2.0
9  *
10  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
11  *  not use this file except in compliance with the License.
12  *  You may obtain a copy of the License at
13  *
14  *  http://www.apache.org/licenses/LICENSE-2.0
15  *
16  *  Unless required by applicable law or agreed to in writing, software
17  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
18  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19  *  See the License for the specific language governing permissions and
20  *  limitations under the License.
21  */
22 #ifndef MBEDTLS_SSL_COOKIE_H
23 #define MBEDTLS_SSL_COOKIE_H
24 #include "mbedtls/private_access.h"
25 
26 #include "mbedtls/build_info.h"
27 
28 #include "mbedtls/ssl.h"
29 
30 #if defined(MBEDTLS_THREADING_C)
31 #include "mbedtls/threading.h"
32 #endif
33 
34 /**
35  * \name SECTION: Module settings
36  *
37  * The configuration options you can set for this module are in this section.
38  * Either change them in mbedtls_config.h or define them on the compiler command line.
39  * \{
40  */
41 #ifndef MBEDTLS_SSL_COOKIE_TIMEOUT
42 #define MBEDTLS_SSL_COOKIE_TIMEOUT     60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
43 #endif
44 
45 /* \} name SECTION: Module settings */
46 
47 #ifdef __cplusplus
48 extern "C" {
49 #endif
50 
51 /**
52  * \brief          Context for the default cookie functions.
53  */
54 typedef struct mbedtls_ssl_cookie_ctx
55 {
56     mbedtls_md_context_t    MBEDTLS_PRIVATE(hmac_ctx);   /*!< context for the HMAC portion   */
57 #if !defined(MBEDTLS_HAVE_TIME)
58     unsigned long   MBEDTLS_PRIVATE(serial);     /*!< serial number for expiration   */
59 #endif
60     unsigned long   MBEDTLS_PRIVATE(timeout);    /*!< timeout delay, in seconds if HAVE_TIME,
61                                      or in number of tickets issued */
62 
63 #if defined(MBEDTLS_THREADING_C)
64     mbedtls_threading_mutex_t MBEDTLS_PRIVATE(mutex);
65 #endif
66 } mbedtls_ssl_cookie_ctx;
67 
68 /**
69  * \brief          Initialize cookie context
70  */
71 void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx );
72 
73 /**
74  * \brief          Setup cookie context (generate keys)
75  */
76 int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx,
77                       int (*f_rng)(void *, unsigned char *, size_t),
78                       void *p_rng );
79 
80 /**
81  * \brief          Set expiration delay for cookies
82  *                 (Default MBEDTLS_SSL_COOKIE_TIMEOUT)
83  *
84  * \param ctx      Cookie contex
85  * \param delay    Delay, in seconds if HAVE_TIME, or in number of cookies
86  *                 issued in the meantime.
87  *                 0 to disable expiration (NOT recommended)
88  */
89 void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay );
90 
91 /**
92  * \brief          Free cookie context
93  */
94 void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx );
95 
96 /**
97  * \brief          Generate cookie, see \c mbedtls_ssl_cookie_write_t
98  */
99 mbedtls_ssl_cookie_write_t mbedtls_ssl_cookie_write;
100 
101 /**
102  * \brief          Verify cookie, see \c mbedtls_ssl_cookie_write_t
103  */
104 mbedtls_ssl_cookie_check_t mbedtls_ssl_cookie_check;
105 
106 #ifdef __cplusplus
107 }
108 #endif
109 
110 #endif /* ssl_cookie.h */
111