1 /**
2  * \file ssl_cookie.h
3  *
4  * \brief DTLS cookie callbacks implementation
5  */
6 /*
7  *  Copyright The Mbed TLS Contributors
8  *  SPDX-License-Identifier: Apache-2.0
9  *
10  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
11  *  not use this file except in compliance with the License.
12  *  You may obtain a copy of the License at
13  *
14  *  http://www.apache.org/licenses/LICENSE-2.0
15  *
16  *  Unless required by applicable law or agreed to in writing, software
17  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
18  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19  *  See the License for the specific language governing permissions and
20  *  limitations under the License.
21  */
22 #ifndef MBEDTLS_SSL_COOKIE_H
23 #define MBEDTLS_SSL_COOKIE_H
24 
25 #if !defined(MBEDTLS_CONFIG_FILE)
26 #include "mbedtls/config.h"
27 #else
28 #include MBEDTLS_CONFIG_FILE
29 #endif
30 
31 #include "mbedtls/ssl.h"
32 
33 #if defined(MBEDTLS_THREADING_C)
34 #include "mbedtls/threading.h"
35 #endif
36 
37 /**
38  * \name SECTION: Module settings
39  *
40  * The configuration options you can set for this module are in this section.
41  * Either change them in config.h or define them on the compiler command line.
42  * \{
43  */
44 #ifndef MBEDTLS_SSL_COOKIE_TIMEOUT
45 #define MBEDTLS_SSL_COOKIE_TIMEOUT     60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
46 #endif
47 
48 /* \} name SECTION: Module settings */
49 
50 #ifdef __cplusplus
51 extern "C" {
52 #endif
53 
54 /**
55  * \brief          Context for the default cookie functions.
56  */
57 typedef struct mbedtls_ssl_cookie_ctx
58 {
59     mbedtls_md_context_t    hmac_ctx;   /*!< context for the HMAC portion   */
60 #if !defined(MBEDTLS_HAVE_TIME)
61     unsigned long   serial;     /*!< serial number for expiration   */
62 #endif
63     unsigned long   timeout;    /*!< timeout delay, in seconds if HAVE_TIME,
64                                      or in number of tickets issued */
65 
66 #if defined(MBEDTLS_THREADING_C)
67     mbedtls_threading_mutex_t mutex;
68 #endif
69 } mbedtls_ssl_cookie_ctx;
70 
71 /**
72  * \brief          Initialize cookie context
73  */
74 void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx );
75 
76 /**
77  * \brief          Setup cookie context (generate keys)
78  */
79 int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx,
80                       int (*f_rng)(void *, unsigned char *, size_t),
81                       void *p_rng );
82 
83 /**
84  * \brief          Set expiration delay for cookies
85  *                 (Default MBEDTLS_SSL_COOKIE_TIMEOUT)
86  *
87  * \param ctx      Cookie contex
88  * \param delay    Delay, in seconds if HAVE_TIME, or in number of cookies
89  *                 issued in the meantime.
90  *                 0 to disable expiration (NOT recommended)
91  */
92 void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay );
93 
94 /**
95  * \brief          Free cookie context
96  */
97 void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx );
98 
99 /**
100  * \brief          Generate cookie, see \c mbedtls_ssl_cookie_write_t
101  */
102 mbedtls_ssl_cookie_write_t mbedtls_ssl_cookie_write;
103 
104 /**
105  * \brief          Verify cookie, see \c mbedtls_ssl_cookie_write_t
106  */
107 mbedtls_ssl_cookie_check_t mbedtls_ssl_cookie_check;
108 
109 #ifdef __cplusplus
110 }
111 #endif
112 
113 #endif /* ssl_cookie.h */
114