1 /**
2  * \file ssl_cookie.h
3  *
4  * \brief DTLS cookie callbacks implementation
5  */
6 /*
7  *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
8  *  SPDX-License-Identifier: Apache-2.0
9  *
10  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
11  *  not use this file except in compliance with the License.
12  *  You may obtain a copy of the License at
13  *
14  *  http://www.apache.org/licenses/LICENSE-2.0
15  *
16  *  Unless required by applicable law or agreed to in writing, software
17  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
18  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19  *  See the License for the specific language governing permissions and
20  *  limitations under the License.
21  *
22  *  This file is part of mbed TLS (https://tls.mbed.org)
23  */
24 #ifndef MBEDTLS_SSL_COOKIE_H
25 #define MBEDTLS_SSL_COOKIE_H
26 
27 #include "ssl.h"
28 
29 #if defined(MBEDTLS_THREADING_C)
30 #include "threading.h"
31 #endif
32 
33 /**
34  * \name SECTION: Module settings
35  *
36  * The configuration options you can set for this module are in this section.
37  * Either change them in config.h or define them on the compiler command line.
38  * \{
39  */
40 #ifndef MBEDTLS_SSL_COOKIE_TIMEOUT
41 #define MBEDTLS_SSL_COOKIE_TIMEOUT     60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
42 #endif
43 
44 /* \} name SECTION: Module settings */
45 
46 #ifdef __cplusplus
47 extern "C" {
48 #endif
49 
50 /**
51  * \brief          Context for the default cookie functions.
52  */
53 typedef struct mbedtls_ssl_cookie_ctx
54 {
55     mbedtls_md_context_t    hmac_ctx;   /*!< context for the HMAC portion   */
56 #if !defined(MBEDTLS_HAVE_TIME)
57     unsigned long   serial;     /*!< serial number for expiration   */
58 #endif
59     unsigned long   timeout;    /*!< timeout delay, in seconds if HAVE_TIME,
60                                      or in number of tickets issued */
61 
62 #if defined(MBEDTLS_THREADING_C)
63     mbedtls_threading_mutex_t mutex;
64 #endif
65 } mbedtls_ssl_cookie_ctx;
66 
67 /**
68  * \brief          Initialize cookie context
69  */
70 void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx );
71 
72 /**
73  * \brief          Setup cookie context (generate keys)
74  */
75 int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx,
76                       int (*f_rng)(void *, unsigned char *, size_t),
77                       void *p_rng );
78 
79 /**
80  * \brief          Set expiration delay for cookies
81  *                 (Default MBEDTLS_SSL_COOKIE_TIMEOUT)
82  *
83  * \param ctx      Cookie contex
84  * \param delay    Delay, in seconds if HAVE_TIME, or in number of cookies
85  *                 issued in the meantime.
86  *                 0 to disable expiration (NOT recommended)
87  */
88 void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay );
89 
90 /**
91  * \brief          Free cookie context
92  */
93 void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx );
94 
95 /**
96  * \brief          Generate cookie, see \c mbedtls_ssl_cookie_write_t
97  */
98 mbedtls_ssl_cookie_write_t mbedtls_ssl_cookie_write;
99 
100 /**
101  * \brief          Verify cookie, see \c mbedtls_ssl_cookie_write_t
102  */
103 mbedtls_ssl_cookie_check_t mbedtls_ssl_cookie_check;
104 
105 #ifdef __cplusplus
106 }
107 #endif
108 
109 #endif /* ssl_cookie.h */
110