32 #define TRACE_LEVEL TLS_TRACE_LEVEL
42 #if (TLS_SUPPORT == ENABLED && TLS_MAX_VERSION >= TLS_VERSION_1_3)
59 if(context->ticketPskLen > 0)
65 if(context->ticket != NULL && context->ticketLen > 0)
99 if(context->ticket == NULL || context->ticketLen == 0)
103 if(context->cipherSuite.identifier == 0 ||
104 context->cipherSuite.prfHashAlgo == NULL)
110 hashAlgo = context->cipherSuite.prfHashAlgo;
115 if(session->
ticket == NULL)
122 session->
version = context->version;
123 session->
cipherSuite = context->cipherSuite.identifier;
155 #if (TLS_ALPN_SUPPORT == ENABLED)
157 if(context->selectedProtocol != NULL)
215 context->version = session->
version;
222 context->sessionIdLen = 0;
225 if(context->ticket != NULL)
227 osMemset(context->ticket, 0, context->ticketLen);
229 context->ticket = NULL;
230 context->ticketLen = 0;
236 if(context->ticket == NULL)
247 context->ticketPskLen = 32;
251 context->ticketPskLen = 48;
255 context->ticketPskLen = 32;
259 context->ticketPskLen = 0;
263 osMemcpy(context->ticketPsk, session->
secret, context->ticketPskLen);
265 #if (TLS_ALPN_SUPPORT == ENABLED)
267 if(context->ticketAlpn != NULL)
270 context->ticketAlpn = NULL;
284 if(context->ticketAlpn == NULL)
309 #if (TLS_TICKET_SUPPORT == ENABLED)
319 state->version = context->version;
320 state->cipherSuite = context->cipherSuite.identifier;
328 hashAlgo = context->cipherSuite.prfHashAlgo;
335 context->resumptionMasterSecret, hashAlgo->
digestSize,
"resumption",
349 if(context->ticketEncryptCallback == NULL)
353 error = context->ticketEncryptCallback(context, (uint8_t *) state,
n,
378 size_t length, uint32_t obfuscatedTicketAge)
380 #if (TLS_TICKET_SUPPORT == ENABLED)
385 #if (TLS13_EARLY_DATA_SUPPORT == ENABLED)
391 if(context->ticketDecryptCallback == NULL)
408 error = context->ticketDecryptCallback(context,
ticket,
length,
409 (uint8_t *) state, &
length, context->ticketParam);
434 if(serverTicketAge >= (state->ticketLifetime * 1000))
441 #if (TLS13_EARLY_DATA_SUPPORT == ENABLED)
444 clientTicketAge = obfuscatedTicketAge - state->ticketAgeAdd;
448 if(clientTicketAge < serverTicketAge)
450 delta = serverTicketAge - clientTicketAge;
454 delta = clientTicketAge - serverTicketAge;
465 context->earlyDataRejected =
TRUE;
477 hashAlgo = context->cipherSuite.prfHashAlgo;
487 if(state->ticketPskLen != hashAlgo->
digestSize)
495 osMemcpy(context->ticketPsk, state->ticketPsk, state->ticketPskLen);
496 context->ticketPskLen = state->ticketPskLen;
@ ERROR_DECRYPTION_FAILED
@ ERROR_FAILURE
Generic error code.
#define osMemset(p, value, length)
#define osMemcpy(dest, src, length)
systime_t osGetSystemTime(void)
Retrieve system time.
uint32_t systime_t
System time.
Common interface for hash algorithms.
systime_t ticketTimestamp
Timestamp to manage ticket lifetime.
systime_t timestamp
Time stamp to manage entry lifetime.
uint8_t secret[TLS_MASTER_SECRET_SIZE]
Master secret (TLS 1.2) or ticket PSK (TLS 1.3)
size_t ticketLen
Length of the session ticket.
uint32_t maxEarlyDataSize
Maximum amount of 0-RTT data that the client is allowed to send.
uint16_t version
TLS protocol version.
uint8_t * ticket
Session ticket.
uint16_t cipherSuite
Cipher suite identifier.
uint32_t ticketAgeAdd
Random value used to obscure the age of the ticket.
char_t * ticketAlpn
ALPN protocol associated with the ticket.
TlsHashAlgo ticketHashAlgo
Hash algorithm associated with the ticket.
uint32_t ticketLifetime
Lifetime of the ticket.
error_t tls13HkdfExpandLabel(TlsTransportProtocol transportProtocol, const HashAlgo *hash, const uint8_t *secret, size_t secretLen, const char_t *label, const uint8_t *context, size_t contextLen, uint8_t *output, size_t outputLen)
HKDF-Expand-Label function.
#define TLS13_MAX_TICKET_SIZE
Tls13PlaintextSessionState
#define TLS13_TICKET_AGE_TOLERANCE
error_t tls13SaveSessionTicket(const TlsContext *context, TlsSessionState *session)
Save session ticket.
error_t tls13RestoreSessionTicket(TlsContext *context, const TlsSessionState *session)
Restore a TLS session using session ticket.
bool_t tls13IsTicketValid(TlsContext *context)
Check whether a session ticket is valid.
error_t tls13VerifyTicket(TlsContext *context, const uint8_t *ticket, size_t length, uint32_t obfuscatedTicketAge)
Session ticket verification.
error_t tls13GenerateTicket(TlsContext *context, const Tls13NewSessionTicket *message, uint8_t *ticket, size_t *length)
Session ticket generation.
TLS (Transport Layer Security)
#define tlsAllocMem(size)
#define TLS_MAX_HKDF_DIGEST_SIZE
@ TLS_CONNECTION_END_CLIENT
error_t tlsSelectCipherSuite(TlsContext *context, uint16_t identifier)
Set cipher suite.
const HashAlgo * tlsGetHashAlgo(TlsHashAlgo hashAlgoId)
Get the hash algorithm that matches the specified identifier.