
ngtcp2_crypto_verify_retry_token2
=================================

Synopsis
--------

*#include <ngtcp2/ngtcp2_crypto.h>*

.. function:: int ngtcp2_crypto_verify_retry_token2( ngtcp2_cid *odcid, const uint8_t *token, size_t tokenlen, const uint8_t *secret, size_t secretlen, uint32_t version, const ngtcp2_sockaddr *remote_addr, ngtcp2_socklen remote_addrlen, const ngtcp2_cid *dcid, ngtcp2_duration timeout, ngtcp2_tstamp ts)

    
    `ngtcp2_crypto_verify_retry_token2` verifies Retry token stored in
    the buffer pointed by *token* of length *tokenlen*.  *secret* of
    length *secretlen* is a keying material to generate keys to decrypt
    the token.  *version* is QUIC version of the Initial packet that
    contains this token.  *remote_addr* of length *remote_addrlen* is
    an address of client.  *dcid* is a Destination Connection ID in
    Initial packet sent by client.  *timeout* is the period during
    which the token is valid.  *ts* is the current timestamp.  When
    validation succeeds, the extracted Destination Connection ID (which
    is the Destination Connection ID in Initial packet sent by client
    that triggered Retry packet) is stored in the buffer pointed by
    *odcid*.
    
    The token must be generated by
    `ngtcp2_crypto_generate_retry_token2`.
    
    This function returns 0 if it succeeds, or one of the following
    negative error codes:
    
    :macro:`NGTCP2_CRYPTO_ERR_UNREADABLE_TOKEN`
        A token is badly formatted; or verifying the integrity
        protection failed.
    :macro:`NGTCP2_CRYPTO_ERR_VERIFY_TOKEN`
        A token does not probe the client address; or the token
        validity has expired; or it contains invalid Connection ID.
    :macro:`NGTCP2_CRYPTO_ERR_INTERNAL`
        Internal error occurred.
