29 SSL_CTX_set_tlsext_ticket_key_evp_cb() sets a callback function I<cb> for handling
30 session tickets for the ssl context I<sslctx>. Session tickets, defined in
35 The callback function I<cb> will be called for every client instigated TLS
51 Before the callback function is started I<ctx> and I<hctx> have been
57 the callback function will be called with I<enc> equal to 1. The OpenSSL
58 library expects that the function will set an arbitrary I<name>, initialize
59 I<iv>, and set the cipher context I<ctx> and the hash context I<hctx>.
61 The I<name> is 16 characters long and is used as a key identifier.
63 The I<iv> length is the length of the IV of the corresponding cipher. The
66 The initialization vector I<iv> should be a random value. The cipher context
67 I<ctx> should use the initialisation vector I<iv>. The cipher context can be
73 with I<enc> set to 0 indicating that the I<cb> function should retrieve a set
74 of parameters. In this case I<name> and I<iv> have already been parsed out of
75 the session ticket. The OpenSSL library expects that the I<name> will be used
77 I<ctx> will be set with the retrieved parameters and the initialization vector
78 I<iv>. using a function like L<EVP_DecryptInit_ex(3)>. The key material and
79 digest for I<hctx> need to be set using L<EVP_MAC_CTX_set_params(3)> with the
82 If the I<name> is still valid but a renewal of the ticket is required the
86 The return value of the I<cb> function is used by OpenSSL to determine what
93 This indicates that the I<ctx> and I<hctx> have been set and the session can
96 call I<cb> again with an enc argument of 1 to set the new ticket (see RFC5077
101 This indicates that the I<ctx> and I<hctx> have been set and the session can
110 If called with enc equal to 0 the library will call the I<cb> again to get
122 Before this callback function is started I<hctx> will have been
125 The I<hctx> key material can be set using L<HMAC_Init_ex(3)>.

Last Index update Thu Oct 03 06:04:22 UTC 2024

Dedicated to & Maintained by Room-11