Mbed OS Reference
Loading...
Searching...
No Matches
ssl_cache.h
Go to the documentation of this file.
1/**
2 * \file ssl_cache.h
3 *
4 * \brief SSL session cache implementation
5 */
6/*
7 * Copyright The Mbed TLS Contributors
8 * SPDX-License-Identifier: Apache-2.0
9 *
10 * Licensed under the Apache License, Version 2.0 (the "License"); you may
11 * not use this file except in compliance with the License.
12 * You may obtain a copy of the License at
13 *
14 * http://www.apache.org/licenses/LICENSE-2.0
15 *
16 * Unless required by applicable law or agreed to in writing, software
17 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
18 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19 * See the License for the specific language governing permissions and
20 * limitations under the License.
21 */
22#ifndef MBEDTLS_SSL_CACHE_H
23#define MBEDTLS_SSL_CACHE_H
24
25#if !defined(MBEDTLS_CONFIG_FILE)
26#include "mbedtls/config.h"
27#else
28#include MBEDTLS_CONFIG_FILE
29#endif
30
31#include "mbedtls/ssl.h"
32
33#if defined(MBEDTLS_THREADING_C)
34#include "mbedtls/threading.h"
35#endif
36
37/**
38 * \ingroup mbedtls_ssl_module
39 * \{
40 */
41
42/**
43 * \name SECTION: Module settings
44 *
45 * The configuration options you can set for this module are in this section.
46 * Either change them in config.h or define them on the compiler command line.
47 * \{
48 */
49
50#if !defined(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT)
51#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /*!< 1 day */
52#endif
53
54#if !defined(MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES)
55#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /*!< Maximum entries in cache */
56#endif
57
58/** \} name SECTION: Module settings */
59
60#ifdef __cplusplus
61extern "C" {
62#endif
63
64typedef struct mbedtls_ssl_cache_context mbedtls_ssl_cache_context;
65typedef struct mbedtls_ssl_cache_entry mbedtls_ssl_cache_entry;
66
67/**
68 * \brief This structure is used for storing cache entries
69 */
70struct mbedtls_ssl_cache_entry
71{
72#if defined(MBEDTLS_HAVE_TIME)
73 mbedtls_time_t timestamp; /*!< entry timestamp */
74#endif
75 mbedtls_ssl_session session; /*!< entry session */
76#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
77 defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
78 mbedtls_x509_buf peer_cert; /*!< entry peer_cert */
79#endif
80 mbedtls_ssl_cache_entry *next; /*!< chain pointer */
81};
82
83/**
84 * \brief Cache context
85 */
86struct mbedtls_ssl_cache_context
87{
88 mbedtls_ssl_cache_entry *chain; /*!< start of the chain */
89 int timeout; /*!< cache entry timeout */
90 int max_entries; /*!< maximum entries */
91#if defined(MBEDTLS_THREADING_C)
92 mbedtls_threading_mutex_t mutex; /*!< mutex */
93#endif
94};
95
96/**
97 * \brief Initialize an SSL cache context
98 *
99 * \param cache SSL cache context
100 */
101void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache );
102
103/**
104 * \brief Cache get callback implementation
105 * (Thread-safe if MBEDTLS_THREADING_C is enabled)
106 *
107 * \param data SSL cache context
108 * \param session session to retrieve entry for
109 */
110int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session );
111
112/**
113 * \brief Cache set callback implementation
114 * (Thread-safe if MBEDTLS_THREADING_C is enabled)
115 *
116 * \param data SSL cache context
117 * \param session session to store entry for
118 */
119int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session );
120
121#if defined(MBEDTLS_HAVE_TIME)
122/**
123 * \brief Set the cache timeout
124 * (Default: MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT (1 day))
125 *
126 * A timeout of 0 indicates no timeout.
127 *
128 * \param cache SSL cache context
129 * \param timeout cache entry timeout in seconds
130 */
131void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout );
132#endif /* MBEDTLS_HAVE_TIME */
133
134/**
135 * \brief Set the maximum number of cache entries
136 * (Default: MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES (50))
137 *
138 * \param cache SSL cache context
139 * \param max cache entry maximum
140 */
141void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max );
142
143/**
144 * \brief Free referenced items in a cache context and clear memory
145 *
146 * \param cache SSL cache context
147 */
148void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache );
149
150#ifdef __cplusplus
151}
152#endif
153
154/// \}
155
156#endif /* ssl_cache.h */
config.h
Configuration options (set of defines)
ssl.h
SSL/TLS functions.
mbedtls_ssl_cache_set
int mbedtls_ssl_cache_set(void *data, const mbedtls_ssl_session *session)
Cache set callback implementation (Thread-safe if MBEDTLS_THREADING_C is enabled)
mbedtls_ssl_cache_init
void mbedtls_ssl_cache_init(mbedtls_ssl_cache_context *cache)
Initialize an SSL cache context.
mbedtls_ssl_cache_free
void mbedtls_ssl_cache_free(mbedtls_ssl_cache_context *cache)
Free referenced items in a cache context and clear memory.
mbedtls_ssl_cache_set_max_entries
void mbedtls_ssl_cache_set_max_entries(mbedtls_ssl_cache_context *cache, int max)
Set the maximum number of cache entries (Default: MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES (50))
mbedtls_ssl_cache_get
int mbedtls_ssl_cache_get(void *data, mbedtls_ssl_session *session)
Cache get callback implementation (Thread-safe if MBEDTLS_THREADING_C is enabled)
mbedtls_asn1_buf
Type-length-value structure that allows for ASN1 using DER.
Definition: asn1.h:146
mbedtls_ssl_cache_context
Cache context.
Definition: ssl_cache.h:87
mbedtls_ssl_cache_context::timeout
int timeout
Definition: ssl_cache.h:89
mbedtls_ssl_cache_context::chain
mbedtls_ssl_cache_entry * chain
Definition: ssl_cache.h:88
mbedtls_ssl_cache_context::max_entries
int max_entries
Definition: ssl_cache.h:90
mbedtls_ssl_cache_entry
This structure is used for storing cache entries.
Definition: ssl_cache.h:71
mbedtls_ssl_cache_entry::next
mbedtls_ssl_cache_entry * next
Definition: ssl_cache.h:80
mbedtls_ssl_cache_entry::session
mbedtls_ssl_session session
Definition: ssl_cache.h:75
mbedtls_ssl_session
Definition: ssl.h:918
threading.h
Threading abstraction layer.