50 void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx )  in mbedtls_ssl_ticket_init()  argument
52     memset( ctx, 0, sizeof( mbedtls_ssl_ticket_context ) );  in mbedtls_ssl_ticket_init()
55     mbedtls_mutex_init( &ctx->mutex );  in mbedtls_ssl_ticket_init()
64 static int ssl_ticket_gen_key( mbedtls_ssl_ticket_context *ctx,  in ssl_ticket_gen_key()  argument
69     mbedtls_ssl_ticket_key *key = ctx->keys + index;  in ssl_ticket_gen_key()
75     if( ( ret = ctx->f_rng( ctx->p_rng, key->name, sizeof( key->name ) ) ) != 0 )  in ssl_ticket_gen_key()
78     if( ( ret = ctx->f_rng( ctx->p_rng, buf, sizeof( buf ) ) ) != 0 )  in ssl_ticket_gen_key()
82     ret = mbedtls_cipher_setkey( &key->ctx, buf,  in ssl_ticket_gen_key()
83                                  mbedtls_cipher_get_key_bitlen( &key->ctx ),  in ssl_ticket_gen_key()
94 static int ssl_ticket_update_keys( mbedtls_ssl_ticket_context *ctx )  in ssl_ticket_update_keys()  argument
97     ((void) ctx);  in ssl_ticket_update_keys()
99     if( ctx->ticket_lifetime != 0 )  in ssl_ticket_update_keys()
102         uint32_t key_time = ctx->keys[ctx->active].generation_time;  in ssl_ticket_update_keys()
105             current_time - key_time < ctx->ticket_lifetime )  in ssl_ticket_update_keys()
110         ctx->active = 1 - ctx->active;  in ssl_ticket_update_keys()
112         return( ssl_ticket_gen_key( ctx, ctx->active ) );  in ssl_ticket_update_keys()
122 int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,  in mbedtls_ssl_ticket_setup()  argument
130     ctx->f_rng = f_rng;  in mbedtls_ssl_ticket_setup()
131     ctx->p_rng = p_rng;  in mbedtls_ssl_ticket_setup()
133     ctx->ticket_lifetime = lifetime;  in mbedtls_ssl_ticket_setup()
148     if( ( ret = mbedtls_cipher_setup( &ctx->keys[0].ctx, cipher_info ) ) != 0 ||  in mbedtls_ssl_ticket_setup()
149         ( ret = mbedtls_cipher_setup( &ctx->keys[1].ctx, cipher_info ) ) != 0 )  in mbedtls_ssl_ticket_setup()
154     if( ( ret = ssl_ticket_gen_key( ctx, 0 ) ) != 0 ||  in mbedtls_ssl_ticket_setup()
155         ( ret = ssl_ticket_gen_key( ctx, 1 ) ) != 0 )  in mbedtls_ssl_ticket_setup()
293     mbedtls_ssl_ticket_context *ctx = p_ticket;  in mbedtls_ssl_ticket_write()  local
304     if( ctx == NULL || ctx->f_rng == NULL )  in mbedtls_ssl_ticket_write()
313     if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )  in mbedtls_ssl_ticket_write()
317     if( ( ret = ssl_ticket_update_keys( ctx ) ) != 0 )  in mbedtls_ssl_ticket_write()
320     key = &ctx->keys[ctx->active];  in mbedtls_ssl_ticket_write()
322     *ticket_lifetime = ctx->ticket_lifetime;  in mbedtls_ssl_ticket_write()
326     if( ( ret = ctx->f_rng( ctx->p_rng, iv, 12 ) ) != 0 )  in mbedtls_ssl_ticket_write()
341     if( ( ret = mbedtls_cipher_auth_encrypt( &key->ctx,  in mbedtls_ssl_ticket_write()
357     if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )  in mbedtls_ssl_ticket_write()
368         mbedtls_ssl_ticket_context *ctx,  in ssl_ticket_select_key()  argument
373     for( i = 0; i < sizeof( ctx->keys ) / sizeof( *ctx->keys ); i++ )  in ssl_ticket_select_key()
374         if( memcmp( name, ctx->keys[i].name, 4 ) == 0 )  in ssl_ticket_select_key()
375             return( &ctx->keys[i] );  in ssl_ticket_select_key()
389     mbedtls_ssl_ticket_context *ctx = p_ticket;  in mbedtls_ssl_ticket_parse()  local
398     if( ctx == NULL || ctx->f_rng == NULL )  in mbedtls_ssl_ticket_parse()
406     if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )  in mbedtls_ssl_ticket_parse()
410     if( ( ret = ssl_ticket_update_keys( ctx ) ) != 0 )  in mbedtls_ssl_ticket_parse()
423     if( ( key = ssl_ticket_select_key( ctx, key_name ) ) == NULL )  in mbedtls_ssl_ticket_parse()
432     if( ( ret = mbedtls_cipher_auth_decrypt( &key->ctx, iv, 12,  in mbedtls_ssl_ticket_parse()
457             (uint32_t)( current_time - session->start ) > ctx->ticket_lifetime )  in mbedtls_ssl_ticket_parse()
467     if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )  in mbedtls_ssl_ticket_parse()
477 void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx )  in mbedtls_ssl_ticket_free()  argument
479     mbedtls_cipher_free( &ctx->keys[0].ctx );  in mbedtls_ssl_ticket_free()
480     mbedtls_cipher_free( &ctx->keys[1].ctx );  in mbedtls_ssl_ticket_free()
483     mbedtls_mutex_free( &ctx->mutex );  in mbedtls_ssl_ticket_free()
486     mbedtls_zeroize( ctx, sizeof( mbedtls_ssl_ticket_context ) );  in mbedtls_ssl_ticket_free()