xref: /optee_os/lib/libmbedtls/mbedtls/library/ssl_ticket.c

42 void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx )  in mbedtls_ssl_ticket_init()  argument
44     memset( ctx, 0, sizeof( mbedtls_ssl_ticket_context ) );  in mbedtls_ssl_ticket_init()
47     mbedtls_mutex_init( &ctx->mutex );  in mbedtls_ssl_ticket_init()
69 static int ssl_ticket_gen_key( mbedtls_ssl_ticket_context *ctx,  in ssl_ticket_gen_key()  argument
74     mbedtls_ssl_ticket_key *key = ctx->keys + index;  in ssl_ticket_gen_key()
80     if( ( ret = ctx->f_rng( ctx->p_rng, key->name, sizeof( key->name ) ) ) != 0 )  in ssl_ticket_gen_key()
83     if( ( ret = ctx->f_rng( ctx->p_rng, buf, sizeof( buf ) ) ) != 0 )  in ssl_ticket_gen_key()
87     ret = mbedtls_cipher_setkey( &key->ctx, buf,  in ssl_ticket_gen_key()
88                                  mbedtls_cipher_get_key_bitlen( &key->ctx ),  in ssl_ticket_gen_key()
99 static int ssl_ticket_update_keys( mbedtls_ssl_ticket_context *ctx )  in ssl_ticket_update_keys()  argument
102     ((void) ctx);  in ssl_ticket_update_keys()
104     if( ctx->ticket_lifetime != 0 )  in ssl_ticket_update_keys()
107         uint32_t key_time = ctx->keys[ctx->active].generation_time;  in ssl_ticket_update_keys()
110             current_time - key_time < ctx->ticket_lifetime )  in ssl_ticket_update_keys()
115         ctx->active = 1 - ctx->active;  in ssl_ticket_update_keys()
117         return( ssl_ticket_gen_key( ctx, ctx->active ) );  in ssl_ticket_update_keys()
127 int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,  in mbedtls_ssl_ticket_setup()  argument
135     ctx->f_rng = f_rng;  in mbedtls_ssl_ticket_setup()
136     ctx->p_rng = p_rng;  in mbedtls_ssl_ticket_setup()
138     ctx->ticket_lifetime = lifetime;  in mbedtls_ssl_ticket_setup()
154     ret = mbedtls_cipher_setup_psa( &ctx->keys[0].ctx,  in mbedtls_ssl_ticket_setup()
162     if( ( ret = mbedtls_cipher_setup( &ctx->keys[0].ctx, cipher_info ) ) != 0 )  in mbedtls_ssl_ticket_setup()
166     ret = mbedtls_cipher_setup_psa( &ctx->keys[1].ctx,  in mbedtls_ssl_ticket_setup()
172     if( ( ret = mbedtls_cipher_setup( &ctx->keys[1].ctx, cipher_info ) ) != 0 )  in mbedtls_ssl_ticket_setup()
175     if( ( ret = ssl_ticket_gen_key( ctx, 0 ) ) != 0 ||  in mbedtls_ssl_ticket_setup()
176         ( ret = ssl_ticket_gen_key( ctx, 1 ) ) != 0 )  in mbedtls_ssl_ticket_setup()
206     mbedtls_ssl_ticket_context *ctx = p_ticket;  in mbedtls_ssl_ticket_write()  local
216     if( ctx == NULL || ctx->f_rng == NULL )  in mbedtls_ssl_ticket_write()
224     if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )  in mbedtls_ssl_ticket_write()
228     if( ( ret = ssl_ticket_update_keys( ctx ) ) != 0 )  in mbedtls_ssl_ticket_write()
231     key = &ctx->keys[ctx->active];  in mbedtls_ssl_ticket_write()
233     *ticket_lifetime = ctx->ticket_lifetime;  in mbedtls_ssl_ticket_write()
237     if( ( ret = ctx->f_rng( ctx->p_rng, iv, TICKET_IV_BYTES ) ) != 0 )  in mbedtls_ssl_ticket_write()
252     if( ( ret = mbedtls_cipher_auth_encrypt_ext( &key->ctx,  in mbedtls_ssl_ticket_write()
272     if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )  in mbedtls_ssl_ticket_write()
283         mbedtls_ssl_ticket_context *ctx,  in ssl_ticket_select_key()  argument
288     for( i = 0; i < sizeof( ctx->keys ) / sizeof( *ctx->keys ); i++ )  in ssl_ticket_select_key()
289         if( memcmp( name, ctx->keys[i].name, 4 ) == 0 )  in ssl_ticket_select_key()
290             return( &ctx->keys[i] );  in ssl_ticket_select_key()
304     mbedtls_ssl_ticket_context *ctx = p_ticket;  in mbedtls_ssl_ticket_parse()  local
312     if( ctx == NULL || ctx->f_rng == NULL )  in mbedtls_ssl_ticket_parse()
319     if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )  in mbedtls_ssl_ticket_parse()
323     if( ( ret = ssl_ticket_update_keys( ctx ) ) != 0 )  in mbedtls_ssl_ticket_parse()
335     if( ( key = ssl_ticket_select_key( ctx, key_name ) ) == NULL )  in mbedtls_ssl_ticket_parse()
344     if( ( ret = mbedtls_cipher_auth_decrypt_ext( &key->ctx,  in mbedtls_ssl_ticket_parse()
373             (uint32_t)( current_time - session->start ) > ctx->ticket_lifetime )  in mbedtls_ssl_ticket_parse()
383     if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )  in mbedtls_ssl_ticket_parse()
393 void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx )  in mbedtls_ssl_ticket_free()  argument
395     mbedtls_cipher_free( &ctx->keys[0].ctx );  in mbedtls_ssl_ticket_free()
396     mbedtls_cipher_free( &ctx->keys[1].ctx );  in mbedtls_ssl_ticket_free()
399     mbedtls_mutex_free( &ctx->mutex );  in mbedtls_ssl_ticket_free()
402     mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ssl_ticket_context ) );  in mbedtls_ssl_ticket_free()

Last Index update Sat Jun 03 09:59:21 CST 2023