Internal changes in preparation for key rotation - two sets of keys - separate function for key generation/update

commit: 887674a33bd104becee732d5d1b9591e85acd3fa [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon May 25 11:00:19 2015 +0200
committer: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon May 25 12:19:00 2015 +0200
tree: 7e873e3a7e5d52171f5c34e4fc9ca5f43cccb689
parent: a0adc1bbe473644c9a2b5c149a193843d7bbff80 [diff] [blame]
diff --git a/include/mbedtls/ssl_ticket.h b/include/mbedtls/ssl_ticket.h
index 3612a92..201849e 100644
--- a/include/mbedtls/ssl_ticket.h
+++ b/include/mbedtls/ssl_ticket.h

@@ -36,12 +36,22 @@
 #endif
 
 /**
+ * \brief   Information for session ticket protection
+ */
+typedef struct
+{
+    unsigned char name[4];          /*!< random key identifier              */
+    uint32_t generation_time;       /*!< key generation timestamp (seconds) */
+    mbedtls_cipher_context_t ctx;   /*!< context for auth enc/decryption    */
+}
+mbedtls_ssl_ticket_key;
+
+/**
  * \brief   Context for session ticket handling functions
  */
 typedef struct
 {
-    unsigned char key_name[4];      /*!< name to quickly reject bad tickets */
-    mbedtls_cipher_context_t cipher;/*!< cipher context                     */
+    mbedtls_ssl_ticket_key keys[2]; /*!< ticket protection keys             */
 
     uint32_t ticket_lifetime;       /*!< lifetime of tickets in seconds     */
commit	887674a33bd104becee732d5d1b9591e85acd3fa	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Mon May 25 11:00:19 2015 +0200
committer	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Mon May 25 12:19:00 2015 +0200
tree	7e873e3a7e5d52171f5c34e4fc9ca5f43cccb689
parent	a0adc1bbe473644c9a2b5c149a193843d7bbff80 [diff] [blame]