aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls/tls_session.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/tls/tls_session.h')
-rw-r--r--src/tls/tls_session.h26
1 files changed, 24 insertions, 2 deletions
diff --git a/src/tls/tls_session.h b/src/tls/tls_session.h
index 96b6d6daf..ab11154c9 100644
--- a/src/tls/tls_session.h
+++ b/src/tls/tls_session.h
@@ -1,6 +1,6 @@
/*
* TLS Session
-* (C) 2011 Jack Lloyd
+* (C) 2011-2012 Jack Lloyd
*
* Released under the terms of the Botan license
*/
@@ -13,6 +13,7 @@
#include <botan/tls_ciphersuite.h>
#include <botan/tls_magic.h>
#include <botan/secmem.h>
+#include <botan/symkey.h>
namespace Botan {
@@ -50,6 +51,7 @@ class BOTAN_DLL Session
bool secure_renegotiation_supported,
size_t fragment_size,
const std::vector<X509_Certificate>& peer_certs,
+ const MemoryRegion<byte>& session_ticket,
const std::string& sni_hostname = "",
const std::string& srp_identifier = "");
@@ -71,6 +73,20 @@ class BOTAN_DLL Session
SecureVector<byte> DER_encode() const;
/**
+ * Encrypt a session (useful for serialization or session tickets)
+ */
+ MemoryVector<byte> encrypt(const SymmetricKey& key,
+ RandomNumberGenerator& rng);
+
+ /**
+ * Decrypt a session created by encrypt
+ * @param ctext the ciphertext returned by encrypt
+ * @param key the same key used by the encrypting side
+ */
+ static Session decrypt(const MemoryRegion<byte>& ctext,
+ const SymmetricKey& key);
+
+ /**
* Encode this session data for storage
* @warning if the master secret is compromised so is the
* session traffic
@@ -146,12 +162,18 @@ class BOTAN_DLL Session
*/
u64bit start_time() const { return m_start_time; }
+ /**
+ * Return the session ticket the server gave us
+ */
+ const MemoryVector<byte>& session_ticket() const { return m_session_ticket; }
+
private:
- enum { TLS_SESSION_PARAM_STRUCT_VERSION = 1 };
+ enum { TLS_SESSION_PARAM_STRUCT_VERSION = 0x2994e300 };
u64bit m_start_time;
MemoryVector<byte> m_identifier;
+ MemoryVector<byte> m_session_ticket; // only used by client side
SecureVector<byte> m_master_secret;
Protocol_Version m_version;