ngtcp2_crypto_generate_regular_token2

Synopsis

#include <ngtcp2/ngtcp2_crypto.h>

ngtcp2_ssize ngtcp2_crypto_generate_regular_token2(uint8_t *token, const uint8_t *secret, size_t secretlen, const ngtcp2_sockaddr *remote_addr, ngtcp2_socklen remote_addrlen, const void *data, size_t datalen, ngtcp2_tstamp ts)

ngtcp2_crypto_generate_regular_token2() generates a token in the buffer pointed by token that is sent with NEW_TOKEN frame. The buffer pointed by token must have at least NGTCP2_CRYPTO_MAX_REGULAR_TOKENLEN + datalen bytes long. The successfully generated token starts with NGTCP2_CRYPTO_TOKEN_MAGIC_REGULAR. secret of length secretlen is a keying material to generate keys to encrypt the token. remote_addr of length remote_addrlen is an address of client. ts is the timestamp when the token is generated. data of length datalen is an opaque data embedded in the token. datalen must be less than or equal to 256.

Calling this function with datalen = 0 is equivalent to calling ngtcp2_crypto_generate_regular_token().

To get the opaque data after successful verification, use ngtcp2_crypto_verify_regular_token2(). ngtcp2_crypto_verify_regular_token() can verify the token with datalen > 0, but it discards the opaque data.

This function returns the length of generated token if it succeeds, or -1.