espressif/ESP8266_RTOS_SDK
1
0
Fork 0
mirror of https://github.com/espressif/ESP8266_RTOS_SDK.git synced 2025-05-21 17:16:29 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
ESP8266_RTOS_SDK/include/mbedtls/ssl_ticket.h
Espressif Systems 51ac0fe500 NEW VERSION: 1.5.0 
1.  add spi flash erase protect mechanism, boot and current runing user
bin can not been erased;
2.  add memleak debug feature;
3.  fix spi overlap issue;
4.  fix call wifi_station_disconnect, disconnect event enter twice
issue;
5.  fix crash when set opmode from station to softAP in scan done
callback;
6.  modify spi flash erase/write flow, clear protect status if needed;
7.  fix rf init data sector broken issue, add user_rf_cal_sector_set,
user application MUST have this function, refer to examples;
8.  fix system parameter sector broken issue when frequently power
on/off;
9.  fix the max value of os_timer_arm;
10. fix dns issue in some routers;
11. add sntp support;
12. update smartconfig to 2.5.4;
13. update open freedom to support send beacon packet;
14. fix seldom rf not work issue after external reset;
15. fix pwm issue;
16. fix status error got by wifi_station_get_connect_status;
17. fix assert in pp;
18. fix huawei X4 connect softAP issue;
19. optimize sleep strategy;
20. add vendor IE support;
21. update libphy.a to 1055;
22. add weak function wifi_set_backup_mac to let user set MAC;
23. fix bug of lwip and optimize socket mechanism;
24. update boot loader to v1.6;
25. update esp_init_data_default.bin
26. add mbedtls support;
27. fix other bugs;
2016-11-09 22:39:56 +08:00

136 lines
4.2 KiB
C
Raw Blame History

/**
* \file ssl_ticket.h
*
* \brief TLS server ticket callbacks implementation
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* This file is part of mbed TLS (https://tls.mbed.org)
*/
#ifndef MBEDTLS_SSL_TICKET_H
#define MBEDTLS_SSL_TICKET_H
/*
* This implementation of the session ticket callbacks includes key
* management, rotating the keys periodically in order to preserve forward
* secrecy, when MBEDTLS_HAVE_TIME is defined.
*/
#include "ssl.h"
#include "cipher.h"
#if defined(MBEDTLS_THREADING_C)
#include "threading.h"
#endif
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Information for session ticket protection
*/
typedef struct
{
unsigned char name[4]; /*!< random key identifier */
uint32_t generation_time; /*!< key generation timestamp (seconds) */
mbedtls_cipher_context_t ctx; /*!< context for auth enc/decryption */
}
mbedtls_ssl_ticket_key;
/**
* \brief Context for session ticket handling functions
*/
typedef struct
{
mbedtls_ssl_ticket_key keys[2]; /*!< ticket protection keys */
unsigned char active; /*!< index of the currently active key */
uint32_t ticket_lifetime; /*!< lifetime of tickets in seconds */
/** Callback for getting (pseudo-)random numbers */
int (*f_rng)(void *, unsigned char *, size_t);
void *p_rng; /*!< context for the RNG function */
#if defined(MBEDTLS_THREADING_C)
mbedtls_threading_mutex_t mutex;
#endif
}
mbedtls_ssl_ticket_context;
/**
* \brief Initialize a ticket context.
* (Just make it ready for mbedtls_ssl_ticket_setup()
* or mbedtls_ssl_ticket_free().)
*
* \param ctx Context to be initialized
*/
void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx );
/**
* \brief Prepare context to be actually used
*
* \param ctx Context to be set up
* \param f_rng RNG callback function
* \param p_rng RNG callback context
* \param cipher AEAD cipher to use for ticket protection.
* Recommended value: MBEDTLS_CIPHER_AES_256_GCM.
* \param lifetime Tickets lifetime in seconds
* Recommended value: 86400 (one day).
*
* \note It is highly recommended to select a cipher that is at
* least as strong as the the strongest ciphersuite
* supported. Usually that means a 256-bit key.
*
* \note The lifetime of the keys is twice the lifetime of tickets.
* It is recommended to pick a reasonnable lifetime so as not
* to negate the benefits of forward secrecy.
*
* \return 0 if successful,
* or a specific MBEDTLS_ERR_XXX error code
*/
int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
mbedtls_cipher_type_t cipher,
uint32_t lifetime );
/**
* \brief Implementation of the ticket write callback
*
* \note See \c mbedlts_ssl_ticket_write_t for description
*/
mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write;
/**
* \brief Implementation of the ticket parse callback
*
* \note See \c mbedlts_ssl_ticket_parse_t for description
*/
mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse;
/**
* \brief Free a context's content and zeroize it.
*
* \param ctx Context to be cleaned up
*/
void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx );
#ifdef __cplusplus
}
#endif
#endif /* ssl_ticket.h */
Reference in New Issue View Git Blame Copy Permalink