69     mbedtls_ssl_ticket_key *key = ctx->keys + index;  in ssl_ticket_gen_key()  local
76     key->generation_time = mbedtls_time(NULL);  in ssl_ticket_gen_key()
81     key->lifetime = ctx->ticket_lifetime;  in ssl_ticket_gen_key()
83     if ((ret = ctx->f_rng(ctx->p_rng, key->name, sizeof(key->name))) != 0) {  in ssl_ticket_gen_key()
94     psa_set_key_algorithm(&attributes, key->alg);  in ssl_ticket_gen_key()
95     psa_set_key_type(&attributes, key->key_type);  in ssl_ticket_gen_key()
96     psa_set_key_bits(&attributes, key->key_bits);  in ssl_ticket_gen_key()
100                        PSA_BITS_TO_BYTES(key->key_bits),  in ssl_ticket_gen_key()
101                        &key->key));  in ssl_ticket_gen_key()
104     ret = mbedtls_cipher_setkey(&key->ctx, buf,  in ssl_ticket_gen_key()
105                                 mbedtls_cipher_get_key_bitlen(&key->ctx),  in ssl_ticket_gen_key()
123     mbedtls_ssl_ticket_key * const key = ctx->keys + ctx->active;  in ssl_ticket_update_keys()
124     if (key->lifetime != 0) {  in ssl_ticket_update_keys()
126         mbedtls_time_t key_time = key->generation_time;  in ssl_ticket_update_keys()
133             (uint64_t) (current_time - key_time) < key->lifetime) {  in ssl_ticket_update_keys()
140         if ((status = psa_destroy_key(ctx->keys[ctx->active].key)) != PSA_SUCCESS) {  in ssl_ticket_update_keys()
160     mbedtls_ssl_ticket_key * const key = ctx->keys + idx;  in mbedtls_ssl_ticket_rotate()  local
166     const size_t bitlen = key->key_bits;  in mbedtls_ssl_ticket_rotate()
168     const int bitlen = mbedtls_cipher_get_key_bitlen(&key->ctx);  in mbedtls_ssl_ticket_rotate()
176     if ((status = psa_destroy_key(key->key)) != PSA_SUCCESS) {  in mbedtls_ssl_ticket_rotate()
183     psa_set_key_algorithm(&attributes, key->alg);  in mbedtls_ssl_ticket_rotate()
184     psa_set_key_type(&attributes, key->key_type);  in mbedtls_ssl_ticket_rotate()
185     psa_set_key_bits(&attributes, key->key_bits);  in mbedtls_ssl_ticket_rotate()
188                                  PSA_BITS_TO_BYTES(key->key_bits),  in mbedtls_ssl_ticket_rotate()
189                                  &key->key)) != PSA_SUCCESS) {  in mbedtls_ssl_ticket_rotate()
194     ret = mbedtls_cipher_setkey(&key->ctx, k, bitlen, MBEDTLS_ENCRYPT);  in mbedtls_ssl_ticket_rotate()
202     memcpy(key->name, name, TICKET_KEY_NAME_BYTES);  in mbedtls_ssl_ticket_rotate()
204     key->generation_time = mbedtls_time(NULL);  in mbedtls_ssl_ticket_rotate()
206     key->lifetime = lifetime;  in mbedtls_ssl_ticket_rotate()
308     mbedtls_ssl_ticket_key *key;  in mbedtls_ssl_ticket_write()  local
339     key = &ctx->keys[ctx->active];  in mbedtls_ssl_ticket_write()
341     *ticket_lifetime = key->lifetime;  in mbedtls_ssl_ticket_write()
343     memcpy(key_name, key->name, TICKET_KEY_NAME_BYTES);  in mbedtls_ssl_ticket_write()
360     if ((status = psa_aead_encrypt(key->key, key->alg, iv, TICKET_IV_BYTES,  in mbedtls_ssl_ticket_write()
369     if ((ret = mbedtls_cipher_auth_encrypt_ext(&key->ctx,  in mbedtls_ssl_ticket_write()
425     mbedtls_ssl_ticket_key *key;  in mbedtls_ssl_ticket_parse()  local
462     if ((key = ssl_ticket_select_key(ctx, key_name)) == NULL) {  in mbedtls_ssl_ticket_parse()
471     if ((status = psa_aead_decrypt(key->key, key->alg, iv, TICKET_IV_BYTES,  in mbedtls_ssl_ticket_parse()
479     if ((ret = mbedtls_cipher_auth_decrypt_ext(&key->ctx,  in mbedtls_ssl_ticket_parse()
507         (mbedtls_ms_time_t) key->lifetime * 1000;  in mbedtls_ssl_ticket_parse()
538     psa_destroy_key(ctx->keys[0].key);  in mbedtls_ssl_ticket_free()
539     psa_destroy_key(ctx->keys[1].key);  in mbedtls_ssl_ticket_free()