Create public macros for ssl_ticket key,name sizes
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
This commit is contained in:
parent
e328245618
commit
a941b62985
3 changed files with 9 additions and 6 deletions
|
@ -42,12 +42,16 @@
|
||||||
extern "C" {
|
extern "C" {
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#define MBEDTLS_SSL_TICKET_MAX_KEY_BYTES 32 /*!< Max supported key length in bytes */
|
||||||
|
#define MBEDTLS_SSL_TICKET_KEY_NAME_BYTES 4 /*!< key name length in bytes */
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Information for session ticket protection
|
* \brief Information for session ticket protection
|
||||||
*/
|
*/
|
||||||
typedef struct mbedtls_ssl_ticket_key
|
typedef struct mbedtls_ssl_ticket_key
|
||||||
{
|
{
|
||||||
unsigned char MBEDTLS_PRIVATE(name)[4]; /*!< random key identifier */
|
unsigned char MBEDTLS_PRIVATE(name)[MBEDTLS_SSL_TICKET_KEY_NAME_BYTES];
|
||||||
|
/*!< random key identifier */
|
||||||
uint32_t MBEDTLS_PRIVATE(generation_time); /*!< key generation timestamp (seconds) */
|
uint32_t MBEDTLS_PRIVATE(generation_time); /*!< key generation timestamp (seconds) */
|
||||||
mbedtls_cipher_context_t MBEDTLS_PRIVATE(ctx); /*!< context for auth enc/decryption */
|
mbedtls_cipher_context_t MBEDTLS_PRIVATE(ctx); /*!< context for auth enc/decryption */
|
||||||
}
|
}
|
||||||
|
|
|
@ -48,9 +48,9 @@ void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx )
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
#define MAX_KEY_BYTES 32 /* 256 bits */
|
#define MAX_KEY_BYTES MBEDTLS_SSL_TICKET_MAX_KEY_BYTES
|
||||||
|
|
||||||
#define TICKET_KEY_NAME_BYTES 4
|
#define TICKET_KEY_NAME_BYTES MBEDTLS_SSL_TICKET_KEY_NAME_BYTES
|
||||||
#define TICKET_IV_BYTES 12
|
#define TICKET_IV_BYTES 12
|
||||||
#define TICKET_CRYPT_LEN_BYTES 2
|
#define TICKET_CRYPT_LEN_BYTES 2
|
||||||
#define TICKET_AUTH_TAG_BYTES 16
|
#define TICKET_AUTH_TAG_BYTES 16
|
||||||
|
|
|
@ -2752,9 +2752,8 @@ int main( int argc, char *argv[] )
|
||||||
* (used for external synchronization of session ticket encryption keys)
|
* (used for external synchronization of session ticket encryption keys)
|
||||||
*/
|
*/
|
||||||
if( opt.ticket_rotate ) {
|
if( opt.ticket_rotate ) {
|
||||||
#define MAX_KEY_BYTES 32 /* 256 bits *//* library/ssl_ticket.c */
|
unsigned char kbuf[MBEDTLS_SSL_TICKET_MAX_KEY_BYTES];
|
||||||
unsigned char kbuf[MAX_KEY_BYTES];
|
unsigned char name[MBEDTLS_SSL_TICKET_KEY_NAME_BYTES];
|
||||||
unsigned char name[4]; /* match mbedtls_ssl_ticket_key name[4] */
|
|
||||||
if( ( ret = rng_get( &rng, name, sizeof( name ) ) ) != 0 ||
|
if( ( ret = rng_get( &rng, name, sizeof( name ) ) ) != 0 ||
|
||||||
( ret = rng_get( &rng, kbuf, sizeof( kbuf ) ) ) != 0 ||
|
( ret = rng_get( &rng, kbuf, sizeof( kbuf ) ) ) != 0 ||
|
||||||
( ret = mbedtls_ssl_ticket_rotate( &ticket_ctx,
|
( ret = mbedtls_ssl_ticket_rotate( &ticket_ctx,
|
||||||
|
|
Loading…
Reference in a new issue