1 /**
2  * \file ssl_ticket.h
3  *
4  * \brief TLS server ticket callbacks implementation
5  */
6 /*
7  *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
8  *  SPDX-License-Identifier: Apache-2.0
9  *
10  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
11  *  not use this file except in compliance with the License.
12  *  You may obtain a copy of the License at
13  *
14  *  http://www.apache.org/licenses/LICENSE-2.0
15  *
16  *  Unless required by applicable law or agreed to in writing, software
17  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
18  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19  *  See the License for the specific language governing permissions and
20  *  limitations under the License.
21  *
22  *  This file is part of mbed TLS (https://tls.mbed.org)
23  */
24 #ifndef MBEDTLS_SSL_TICKET_H
25 #define MBEDTLS_SSL_TICKET_H
26 
27 /*
28  * This implementation of the session ticket callbacks includes key
29  * management, rotating the keys periodically in order to preserve forward
30  * secrecy, when MBEDTLS_HAVE_TIME is defined.
31  */
32 
33 #include "ssl.h"
34 #include "cipher.h"
35 
36 #if defined(MBEDTLS_THREADING_C)
37 #include "threading.h"
38 #endif
39 
40 #ifdef __cplusplus
41 extern "C" {
42 #endif
43 
44 /**
45  * \brief   Information for session ticket protection
46  */
47 typedef struct mbedtls_ssl_ticket_key
48 {
49     unsigned char name[4];          /*!< random key identifier              */
50     uint32_t generation_time;       /*!< key generation timestamp (seconds) */
51     mbedtls_cipher_context_t ctx;   /*!< context for auth enc/decryption    */
52 }
53 mbedtls_ssl_ticket_key;
54 
55 /**
56  * \brief   Context for session ticket handling functions
57  */
58 typedef struct mbedtls_ssl_ticket_context
59 {
60     mbedtls_ssl_ticket_key keys[2]; /*!< ticket protection keys             */
61     unsigned char active;           /*!< index of the currently active key  */
62 
63     uint32_t ticket_lifetime;       /*!< lifetime of tickets in seconds     */
64 
65     /** Callback for getting (pseudo-)random numbers                        */
66     int  (*f_rng)(void *, unsigned char *, size_t);
67     void *p_rng;                    /*!< context for the RNG function       */
68 
69 #if defined(MBEDTLS_THREADING_C)
70     mbedtls_threading_mutex_t mutex;
71 #endif
72 }
73 mbedtls_ssl_ticket_context;
74 
75 /**
76  * \brief           Initialize a ticket context.
77  *                  (Just make it ready for mbedtls_ssl_ticket_setup()
78  *                  or mbedtls_ssl_ticket_free().)
79  *
80  * \param ctx       Context to be initialized
81  */
82 void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx );
83 
84 /**
85  * \brief           Prepare context to be actually used
86  *
87  * \param ctx       Context to be set up
88  * \param f_rng     RNG callback function
89  * \param p_rng     RNG callback context
90  * \param cipher    AEAD cipher to use for ticket protection.
91  *                  Recommended value: MBEDTLS_CIPHER_AES_256_GCM.
92  * \param lifetime  Tickets lifetime in seconds
93  *                  Recommended value: 86400 (one day).
94  *
95  * \note            It is highly recommended to select a cipher that is at
96  *                  least as strong as the the strongest ciphersuite
97  *                  supported. Usually that means a 256-bit key.
98  *
99  * \note            The lifetime of the keys is twice the lifetime of tickets.
100  *                  It is recommended to pick a reasonnable lifetime so as not
101  *                  to negate the benefits of forward secrecy.
102  *
103  * \return          0 if successful,
104  *                  or a specific MBEDTLS_ERR_XXX error code
105  */
106 int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
107     int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
108     mbedtls_cipher_type_t cipher,
109     uint32_t lifetime );
110 
111 /**
112  * \brief           Implementation of the ticket write callback
113  *
114  * \note            See \c mbedlts_ssl_ticket_write_t for description
115  */
116 mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write;
117 
118 /**
119  * \brief           Implementation of the ticket parse callback
120  *
121  * \note            See \c mbedlts_ssl_ticket_parse_t for description
122  */
123 mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse;
124 
125 /**
126  * \brief           Free a context's content and zeroize it.
127  *
128  * \param ctx       Context to be cleaned up
129  */
130 void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx );
131 
132 #ifdef __cplusplus
133 }
134 #endif
135 
136 #endif /* ssl_ticket.h */
137