mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-08-07 06:42:56 +03:00
Create public macros for ssl_ticket key,name sizes
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
This commit is contained in:
Glenn Strauss
@@ -42,12 +42,16 @@
|
|||||||
extern "C" {
|
extern "C" {
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#define MBEDTLS_SSL_TICKET_MAX_KEY_BYTES 32 /*!< Max supported key length in bytes */
|
||||||
|
#define MBEDTLS_SSL_TICKET_KEY_NAME_BYTES 4 /*!< key name length in bytes */
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Information for session ticket protection
|
* \brief Information for session ticket protection
|
||||||
*/
|
*/
|
||||||
typedef struct mbedtls_ssl_ticket_key
|
typedef struct mbedtls_ssl_ticket_key
|
||||||
{
|
{
|
||||||
unsigned char MBEDTLS_PRIVATE(name)[4]; /*!< random key identifier */
|
unsigned char MBEDTLS_PRIVATE(name)[MBEDTLS_SSL_TICKET_KEY_NAME_BYTES];
|
||||||
|
/*!< random key identifier */
|
||||||
uint32_t MBEDTLS_PRIVATE(generation_time); /*!< key generation timestamp (seconds) */
|
uint32_t MBEDTLS_PRIVATE(generation_time); /*!< key generation timestamp (seconds) */
|
||||||
mbedtls_cipher_context_t MBEDTLS_PRIVATE(ctx); /*!< context for auth enc/decryption */
|
mbedtls_cipher_context_t MBEDTLS_PRIVATE(ctx); /*!< context for auth enc/decryption */
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -48,9 +48,9 @@ void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx )
|
|||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
#define MAX_KEY_BYTES 32 /* 256 bits */
|
#define MAX_KEY_BYTES MBEDTLS_SSL_TICKET_MAX_KEY_BYTES
|
||||||
|
|
||||||
#define TICKET_KEY_NAME_BYTES 4
|
#define TICKET_KEY_NAME_BYTES MBEDTLS_SSL_TICKET_KEY_NAME_BYTES
|
||||||
#define TICKET_IV_BYTES 12
|
#define TICKET_IV_BYTES 12
|
||||||
#define TICKET_CRYPT_LEN_BYTES 2
|
#define TICKET_CRYPT_LEN_BYTES 2
|
||||||
#define TICKET_AUTH_TAG_BYTES 16
|
#define TICKET_AUTH_TAG_BYTES 16
|
||||||
|
|||||||
@@ -2752,9 +2752,8 @@ int main( int argc, char *argv[] )
|
|||||||
* (used for external synchronization of session ticket encryption keys)
|
* (used for external synchronization of session ticket encryption keys)
|
||||||
*/
|
*/
|
||||||
if( opt.ticket_rotate ) {
|
if( opt.ticket_rotate ) {
|
||||||
#define MAX_KEY_BYTES 32 /* 256 bits *//* library/ssl_ticket.c */
|
unsigned char kbuf[MBEDTLS_SSL_TICKET_MAX_KEY_BYTES];
|
||||||
unsigned char kbuf[MAX_KEY_BYTES];
|
unsigned char name[MBEDTLS_SSL_TICKET_KEY_NAME_BYTES];
|
||||||
unsigned char name[4]; /* match mbedtls_ssl_ticket_key name[4] */
|
|
||||||
if( ( ret = rng_get( &rng, name, sizeof( name ) ) ) != 0 ||
|
if( ( ret = rng_get( &rng, name, sizeof( name ) ) ) != 0 ||
|
||||||
( ret = rng_get( &rng, kbuf, sizeof( kbuf ) ) ) != 0 ||
|
( ret = rng_get( &rng, kbuf, sizeof( kbuf ) ) ) != 0 ||
|
||||||
( ret = mbedtls_ssl_ticket_rotate( &ticket_ctx,
|
( ret = mbedtls_ssl_ticket_rotate( &ticket_ctx,
|
||||||
|
|||||||
Reference in New Issue
Block a user