1 /**
2  * \file ssl_ticket.h
3  *
4  * \brief TLS server ticket callbacks implementation
5  */
6 /*
7  *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
8  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
9  *
10  *  This file is provided under the Apache License 2.0, or the
11  *  GNU General Public License v2.0 or later.
12  *
13  *  **********
14  *  Apache License 2.0:
15  *
16  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
17  *  not use this file except in compliance with the License.
18  *  You may obtain a copy of the License at
19  *
20  *  http://www.apache.org/licenses/LICENSE-2.0
21  *
22  *  Unless required by applicable law or agreed to in writing, software
23  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
24  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
25  *  See the License for the specific language governing permissions and
26  *  limitations under the License.
27  *
28  *  **********
29  *
30  *  **********
31  *  GNU General Public License v2.0 or later:
32  *
33  *  This program is free software; you can redistribute it and/or modify
34  *  it under the terms of the GNU General Public License as published by
35  *  the Free Software Foundation; either version 2 of the License, or
36  *  (at your option) any later version.
37  *
38  *  This program is distributed in the hope that it will be useful,
39  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
40  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
41  *  GNU General Public License for more details.
42  *
43  *  You should have received a copy of the GNU General Public License along
44  *  with this program; if not, write to the Free Software Foundation, Inc.,
45  *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
46  *
47  *  **********
48  *
49  *  This file is part of mbed TLS (https://tls.mbed.org)
50  */
51 #ifndef MBEDTLS_SSL_TICKET_H
52 #define MBEDTLS_SSL_TICKET_H
53 
54 #if !defined(MBEDTLS_CONFIG_FILE)
55 #include "config.h"
56 #else
57 #include MBEDTLS_CONFIG_FILE
58 #endif
59 
60 /*
61  * This implementation of the session ticket callbacks includes key
62  * management, rotating the keys periodically in order to preserve forward
63  * secrecy, when MBEDTLS_HAVE_TIME is defined.
64  */
65 
66 #include "ssl.h"
67 #include "cipher.h"
68 
69 #if defined(MBEDTLS_THREADING_C)
70 #include "threading.h"
71 #endif
72 
73 #ifdef __cplusplus
74 extern "C" {
75 #endif
76 
77 /**
78  * \brief   Information for session ticket protection
79  */
80 typedef struct
81 {
82     unsigned char name[4];          /*!< random key identifier              */
83     uint32_t generation_time;       /*!< key generation timestamp (seconds) */
84     mbedtls_cipher_context_t ctx;   /*!< context for auth enc/decryption    */
85 }
86 mbedtls_ssl_ticket_key;
87 
88 /**
89  * \brief   Context for session ticket handling functions
90  */
91 typedef struct
92 {
93     mbedtls_ssl_ticket_key keys[2]; /*!< ticket protection keys             */
94     unsigned char active;           /*!< index of the currently active key  */
95 
96     uint32_t ticket_lifetime;       /*!< lifetime of tickets in seconds     */
97 
98     /** Callback for getting (pseudo-)random numbers                        */
99     int  (*f_rng)(void *, unsigned char *, size_t);
100     void *p_rng;                    /*!< context for the RNG function       */
101 
102 #if defined(MBEDTLS_THREADING_C)
103     mbedtls_threading_mutex_t mutex;
104 #endif
105 }
106 mbedtls_ssl_ticket_context;
107 
108 /**
109  * \brief           Initialize a ticket context.
110  *                  (Just make it ready for mbedtls_ssl_ticket_setup()
111  *                  or mbedtls_ssl_ticket_free().)
112  *
113  * \param ctx       Context to be initialized
114  */
115 void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx );
116 
117 /**
118  * \brief           Prepare context to be actually used
119  *
120  * \param ctx       Context to be set up
121  * \param f_rng     RNG callback function
122  * \param p_rng     RNG callback context
123  * \param cipher    AEAD cipher to use for ticket protection.
124  *                  Recommended value: MBEDTLS_CIPHER_AES_256_GCM.
125  * \param lifetime  Tickets lifetime in seconds
126  *                  Recommended value: 86400 (one day).
127  *
128  * \note            It is highly recommended to select a cipher that is at
129  *                  least as strong as the the strongest ciphersuite
130  *                  supported. Usually that means a 256-bit key.
131  *
132  * \note            The lifetime of the keys is twice the lifetime of tickets.
133  *                  It is recommended to pick a reasonnable lifetime so as not
134  *                  to negate the benefits of forward secrecy.
135  *
136  * \return          0 if successful,
137  *                  or a specific MBEDTLS_ERR_XXX error code
138  */
139 int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
140     int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
141     mbedtls_cipher_type_t cipher,
142     uint32_t lifetime );
143 
144 /**
145  * \brief           Implementation of the ticket write callback
146  *
147  * \note            See \c mbedtls_ssl_ticket_write_t for description
148  */
149 mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write;
150 
151 /**
152  * \brief           Implementation of the ticket parse callback
153  *
154  * \note            See \c mbedtls_ssl_ticket_parse_t for description
155  */
156 mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse;
157 
158 /**
159  * \brief           Free a context's content and zeroize it.
160  *
161  * \param ctx       Context to be cleaned up
162  */
163 void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx );
164 
165 #ifdef __cplusplus
166 }
167 #endif
168 
169 #endif /* ssl_ticket.h */
170