• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /**
2  * \file ssl_cookie.h
3  *
4  * \brief DTLS cookie callbacks implementation
5  */
6 /*
7  *  Copyright The Mbed TLS Contributors
8  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
9  */
10 #ifndef MBEDTLS_SSL_COOKIE_H
11 #define MBEDTLS_SSL_COOKIE_H
12 
13 #if !defined(MBEDTLS_CONFIG_FILE)
14 #include "mbedtls/config.h"
15 #else
16 #include MBEDTLS_CONFIG_FILE
17 #endif
18 
19 #include "mbedtls/ssl.h"
20 
21 #if defined(MBEDTLS_THREADING_C)
22 #include "mbedtls/threading.h"
23 #endif
24 
25 /**
26  * \name SECTION: Module settings
27  *
28  * The configuration options you can set for this module are in this section.
29  * Either change them in config.h or define them on the compiler command line.
30  * \{
31  */
32 #ifndef MBEDTLS_SSL_COOKIE_TIMEOUT
33 #define MBEDTLS_SSL_COOKIE_TIMEOUT     60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
34 #endif
35 
36 /** \} name SECTION: Module settings */
37 
38 #ifdef __cplusplus
39 extern "C" {
40 #endif
41 
42 /**
43  * \brief          Context for the default cookie functions.
44  */
45 typedef struct mbedtls_ssl_cookie_ctx {
46     mbedtls_md_context_t    hmac_ctx;   /*!< context for the HMAC portion   */
47 #if !defined(MBEDTLS_HAVE_TIME)
48     unsigned long   serial;     /*!< serial number for expiration   */
49 #endif
50     unsigned long   timeout;    /*!< timeout delay, in seconds if HAVE_TIME,
51                                      or in number of tickets issued */
52 
53 #if defined(MBEDTLS_THREADING_C)
54     mbedtls_threading_mutex_t mutex;
55 #endif
56 } mbedtls_ssl_cookie_ctx;
57 
58 /**
59  * \brief          Initialize cookie context
60  */
61 void mbedtls_ssl_cookie_init(mbedtls_ssl_cookie_ctx *ctx);
62 
63 /**
64  * \brief          Setup cookie context (generate keys)
65  */
66 int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx,
67                              int (*f_rng)(void *, unsigned char *, size_t),
68                              void *p_rng);
69 
70 /**
71  * \brief          Set expiration delay for cookies
72  *                 (Default MBEDTLS_SSL_COOKIE_TIMEOUT)
73  *
74  * \param ctx      Cookie context
75  * \param delay    Delay, in seconds if HAVE_TIME, or in number of cookies
76  *                 issued in the meantime.
77  *                 0 to disable expiration (NOT recommended)
78  */
79 void mbedtls_ssl_cookie_set_timeout(mbedtls_ssl_cookie_ctx *ctx, unsigned long delay);
80 
81 /**
82  * \brief          Free cookie context
83  */
84 void mbedtls_ssl_cookie_free(mbedtls_ssl_cookie_ctx *ctx);
85 
86 /**
87  * \brief          Generate cookie, see \c mbedtls_ssl_cookie_write_t
88  */
89 mbedtls_ssl_cookie_write_t mbedtls_ssl_cookie_write;
90 
91 /**
92  * \brief          Verify cookie, see \c mbedtls_ssl_cookie_write_t
93  */
94 mbedtls_ssl_cookie_check_t mbedtls_ssl_cookie_check;
95 
96 #ifdef __cplusplus
97 }
98 #endif
99 
100 #endif /* ssl_cookie.h */
101