/* * DTLS cookie callbacks implementation * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * These session callbacks use a simple chained list * to store and retrieve the session information. */ #include "common.h" #if defined(MBEDTLS_SSL_COOKIE_C) #include "mbedtls/platform.h" #include "mbedtls/ssl_cookie.h" #include "ssl_misc.h" #include "mbedtls/error.h" #include "mbedtls/platform_util.h" #include "mbedtls/constant_time.h" #include <string.h> #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "mbedtls/psa_util.h" /* Define a local translating function to save code size by not using too many * arguments in each translating place. */ static int local_err_translation(psa_status_t status) { return psa_status_to_mbedtls(status, psa_to_ssl_errors, ARRAY_LENGTH(psa_to_ssl_errors), psa_generic_status_to_mbedtls); } #define PSA_TO_MBEDTLS_ERR … #endif /* * If DTLS is in use, then at least one of SHA-256 or SHA-384 is * available. Try SHA-256 first as 384 wastes resources */ #if defined(MBEDTLS_MD_CAN_SHA256) #define COOKIE_MD … #define COOKIE_MD_OUTLEN … #define COOKIE_HMAC_LEN … #elif defined(MBEDTLS_MD_CAN_SHA384) #define COOKIE_MD … #define COOKIE_MD_OUTLEN … #define COOKIE_HMAC_LEN … #else #error "DTLS hello verify needs SHA-256 or SHA-384" #endif /* * Cookies are formed of a 4-bytes timestamp (or serial number) and * an HMAC of timestamp and client ID. */ #define COOKIE_LEN … void mbedtls_ssl_cookie_init(mbedtls_ssl_cookie_ctx *ctx) { … } void mbedtls_ssl_cookie_set_timeout(mbedtls_ssl_cookie_ctx *ctx, unsigned long delay) { … } void mbedtls_ssl_cookie_free(mbedtls_ssl_cookie_ctx *ctx) { … } int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { … } #if !defined(MBEDTLS_USE_PSA_CRYPTO) /* * Generate the HMAC part of a cookie */ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_cookie_hmac(mbedtls_md_context_t *hmac_ctx, const unsigned char time[4], unsigned char **p, unsigned char *end, const unsigned char *cli_id, size_t cli_id_len) { … } #endif /* !MBEDTLS_USE_PSA_CRYPTO */ /* * Generate cookie for DTLS ClientHello verification */ int mbedtls_ssl_cookie_write(void *p_ctx, unsigned char **p, unsigned char *end, const unsigned char *cli_id, size_t cli_id_len) { … } /* * Check a cookie */ int mbedtls_ssl_cookie_check(void *p_ctx, const unsigned char *cookie, size_t cookie_len, const unsigned char *cli_id, size_t cli_id_len) { … } #endif /* MBEDTLS_SSL_COOKIE_C */
Codebase Browser
godot