common/mbedtls/ssl_cookie.h

   1 /**
   2  * \file ssl_cookie.h
   3  *
   4  * \brief DTLS cookie callbacks implementation
   5  */
   6 /*
   7  *  Copyright The Mbed TLS Contributors
   8  *  SPDX-License-Identifier: Apache-2.0
   9  *
  10  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
  11  *  not use this file except in compliance with the License.
  12  *  You may obtain a copy of the License at
  13  *
  14  *  http://www.apache.org/licenses/LICENSE-2.0
  15  *
  16  *  Unless required by applicable law or agreed to in writing, software
  17  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
  18  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  19  *  See the License for the specific language governing permissions and
  20  *  limitations under the License.
  21  */
  22 #ifndef MBEDTLS_SSL_COOKIE_H
  23 #define MBEDTLS_SSL_COOKIE_H
  24
  25 #if !defined(MBEDTLS_CONFIG_FILE)
  26 #include "mbedtls/config.h"
  27 #else
  28 #include MBEDTLS_CONFIG_FILE
  29 #endif
  30
  31 #include "mbedtls/ssl.h"
  32
  33 #if defined(MBEDTLS_THREADING_C)
  34 #include "mbedtls/threading.h"
  35 #endif
  36
  37 /**
  38  * \name SECTION: Module settings
  39  *
  40  * The configuration options you can set for this module are in this section.
  41  * Either change them in config.h or define them on the compiler command line.
  42  * \{
  43  */
  44 #ifndef MBEDTLS_SSL_COOKIE_TIMEOUT
  45 #define MBEDTLS_SSL_COOKIE_TIMEOUT     60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
  46 #endif
  47
  48 /* \} name SECTION: Module settings */
  49
  50 #ifdef __cplusplus
  51 extern "C" {
  52 #endif
  53
  54 /**
  55  * \brief          Context for the default cookie functions.
  56  */
  57 typedef struct mbedtls_ssl_cookie_ctx {
  58     mbedtls_md_context_t    hmac_ctx;   /*!< context for the HMAC portion   */
  59 #if !defined(MBEDTLS_HAVE_TIME)
  60     unsigned long   serial;     /*!< serial number for expiration   */
  61 #endif
  62     unsigned long   timeout;    /*!< timeout delay, in seconds if HAVE_TIME,
  63                                      or in number of tickets issued */
  64
  65 #if defined(MBEDTLS_THREADING_C)
  66     mbedtls_threading_mutex_t mutex;
  67 #endif
  68 } mbedtls_ssl_cookie_ctx;
  69
  70 /**
  71  * \brief          Initialize cookie context
  72  */
  73 void mbedtls_ssl_cookie_init(mbedtls_ssl_cookie_ctx *ctx);
  74
  75 /**
  76  * \brief          Setup cookie context (generate keys)
  77  */
  78 int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx,
  79                              int (*f_rng)(void *, unsigned char *, size_t),
  80                              void *p_rng);
  81
  82 /**
  83  * \brief          Set expiration delay for cookies
  84  *                 (Default MBEDTLS_SSL_COOKIE_TIMEOUT)
  85  *
  86  * \param ctx      Cookie contex
  87  * \param delay    Delay, in seconds if HAVE_TIME, or in number of cookies
  88  *                 issued in the meantime.
  89  *                 0 to disable expiration (NOT recommended)
  90  */
  91 void mbedtls_ssl_cookie_set_timeout(mbedtls_ssl_cookie_ctx *ctx, unsigned long delay);
  92
  93 /**
  94  * \brief          Free cookie context
  95  */
  96 void mbedtls_ssl_cookie_free(mbedtls_ssl_cookie_ctx *ctx);
  97
  98 /**
  99  * \brief          Generate cookie, see \c mbedtls_ssl_cookie_write_t
 100  */
 101 mbedtls_ssl_cookie_write_t mbedtls_ssl_cookie_write;
 102
 103 /**
 104  * \brief          Verify cookie, see \c mbedtls_ssl_cookie_write_t
 105  */
 106 mbedtls_ssl_cookie_check_t mbedtls_ssl_cookie_check;
 107
 108 #ifdef __cplusplus
 109 }
 110 #endif
 111
 112 #endif /* ssl_cookie.h */