1 /**
2  * \file ssl_cookie.h
3  *
4  * \brief DTLS cookie callbacks implementation
5  *
6  *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
7  *  SPDX-License-Identifier: Apache-2.0
8  *
9  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
10  *  not use this file except in compliance with the License.
11  *  You may obtain a copy of the License at
12  *
13  *  http://www.apache.org/licenses/LICENSE-2.0
14  *
15  *  Unless required by applicable law or agreed to in writing, software
16  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18  *  See the License for the specific language governing permissions and
19  *  limitations under the License.
20  *
21  *  This file is part of mbed TLS (https://tls.mbed.org)
22  */
23 #ifndef MBEDTLS_SSL_COOKIE_H
24 #define MBEDTLS_SSL_COOKIE_H
25 
26 #include "ssl.h"
27 
28 #if defined(MBEDTLS_THREADING_C)
29 #include "threading.h"
30 #endif
31 
32 /**
33  * \name SECTION: Module settings
34  *
35  * The configuration options you can set for this module are in this section.
36  * Either change them in config.h or define them on the compiler command line.
37  * \{
38  */
39 #ifndef MBEDTLS_SSL_COOKIE_TIMEOUT
40 #define MBEDTLS_SSL_COOKIE_TIMEOUT     60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
41 #endif
42 
43 /* \} name SECTION: Module settings */
44 
45 #ifdef __cplusplus
46 extern "C" {
47 #endif
48 
49 /**
50  * \brief          Context for the default cookie functions.
51  */
52 typedef struct
53 {
54     mbedtls_md_context_t    hmac_ctx;   /*!< context for the HMAC portion   */
55 #if !defined(MBEDTLS_HAVE_TIME)
56     unsigned long   serial;     /*!< serial number for expiration   */
57 #endif
58     unsigned long   timeout;    /*!< timeout delay, in seconds if HAVE_TIME,
59                                      or in number of tickets issued */
60 
61 #if defined(MBEDTLS_THREADING_C)
62     mbedtls_threading_mutex_t mutex;
63 #endif
64 } mbedtls_ssl_cookie_ctx;
65 
66 /**
67  * \brief          Initialize cookie context
68  */
69 void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx );
70 
71 /**
72  * \brief          Setup cookie context (generate keys)
73  */
74 int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx,
75                       int (*f_rng)(void *, unsigned char *, size_t),
76                       void *p_rng );
77 
78 /**
79  * \brief          Set expiration delay for cookies
80  *                 (Default MBEDTLS_SSL_COOKIE_TIMEOUT)
81  *
82  * \param ctx      Cookie contex
83  * \param delay    Delay, in seconds if HAVE_TIME, or in number of cookies
84  *                 issued in the meantime.
85  *                 0 to disable expiration (NOT recommended)
86  */
87 void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay );
88 
89 /**
90  * \brief          Free cookie context
91  */
92 void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx );
93 
94 /**
95  * \brief          Generate cookie, see \c mbedtls_ssl_cookie_write_t
96  */
97 mbedtls_ssl_cookie_write_t mbedtls_ssl_cookie_write;
98 
99 /**
100  * \brief          Verify cookie, see \c mbedtls_ssl_cookie_write_t
101  */
102 mbedtls_ssl_cookie_check_t mbedtls_ssl_cookie_check;
103 
104 #ifdef __cplusplus
105 }
106 #endif
107 
108 #endif /* ssl_cookie.h */
109