TLS server ticket callbacks implementation. More...
Include dependency graph for ssl_ticket.h:
Go to the source code of this file.
Classes | |
| struct | mbedtls_ssl_ticket_key |
| Information for session ticket protection. More... | |
| struct | mbedtls_ssl_ticket_context |
| Context for session ticket handling functions. More... | |
Typedefs | |
| typedef struct mbedtls_ssl_ticket_key | mbedtls_ssl_ticket_key |
| Information for session ticket protection. | |
| typedef struct mbedtls_ssl_ticket_context | mbedtls_ssl_ticket_context |
| Context for session ticket handling functions. | |
Functions | |
| void | mbedtls_ssl_ticket_init (mbedtls_ssl_ticket_context *ctx) |
| Initialize a ticket context. (Just make it ready for mbedtls_ssl_ticket_setup() or mbedtls_ssl_ticket_free().) | |
| int | mbedtls_ssl_ticket_setup (mbedtls_ssl_ticket_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_cipher_type_t cipher, uint32_t lifetime) |
| Prepare context to be actually used. | |
| void | mbedtls_ssl_ticket_free (mbedtls_ssl_ticket_context *ctx) |
| Free a context's content and zeroize it. | |
Variables | |
| mbedtls_ssl_ticket_write_t | mbedtls_ssl_ticket_write |
| Implementation of the ticket write callback. | |
| mbedtls_ssl_ticket_parse_t | mbedtls_ssl_ticket_parse |
| Implementation of the ticket parse callback. | |
Detailed Description
TLS server ticket callbacks implementation.
Definition in file ssl_ticket.h.
Typedef Documentation
◆ mbedtls_ssl_ticket_context
Context for session ticket handling functions.
◆ mbedtls_ssl_ticket_key
Information for session ticket protection.
Function Documentation
◆ mbedtls_ssl_ticket_free()
| void mbedtls_ssl_ticket_free | ( | mbedtls_ssl_ticket_context * | ctx | ) |
Free a context's content and zeroize it.
- Parameters
-
ctx Context to be cleaned up
◆ mbedtls_ssl_ticket_init()
| void mbedtls_ssl_ticket_init | ( | mbedtls_ssl_ticket_context * | ctx | ) |
Initialize a ticket context. (Just make it ready for mbedtls_ssl_ticket_setup() or mbedtls_ssl_ticket_free().)
- Parameters
-
ctx Context to be initialized
◆ mbedtls_ssl_ticket_setup()
| int mbedtls_ssl_ticket_setup | ( | mbedtls_ssl_ticket_context * | ctx, |
| int(*)(void *, unsigned char *, size_t) | f_rng, | ||
| void * | p_rng, | ||
| mbedtls_cipher_type_t | cipher, | ||
| uint32_t | lifetime | ||
| ) |
Prepare context to be actually used.
- Parameters
-
ctx Context to be set up f_rng RNG callback function p_rng RNG callback context cipher AEAD cipher to use for ticket protection. Recommended value: MBEDTLS_CIPHER_AES_256_GCM. lifetime Tickets lifetime in seconds Recommended value: 86400 (one day).
- Note
- It is highly recommended to select a cipher that is at least as strong as the strongest ciphersuite supported. Usually that means a 256-bit key.
- The lifetime of the keys is twice the lifetime of tickets. It is recommended to pick a reasonnable lifetime so as not to negate the benefits of forward secrecy.
- Returns
- 0 if successful, or a specific MBEDTLS_ERR_XXX error code
Variable Documentation
◆ mbedtls_ssl_ticket_parse
| mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse |
Implementation of the ticket parse callback.
- Note
- See
mbedtls_ssl_ticket_parse_tfor description
Definition at line 154 of file ssl_ticket.h.
◆ mbedtls_ssl_ticket_write
| mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write |
Implementation of the ticket write callback.
- Note
- See
mbedtls_ssl_ticket_write_tfor description
Definition at line 147 of file ssl_ticket.h.
