netwerk/srtp/src/crypto/kernel/key.c@6474c204b198 (annotated)
netwerk/srtp/src/crypto/kernel/key.c
Wed, 31 Dec 2014 06:09:35 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:09:35 +0100
- changeset 0
- 6474c204b198
- permissions
- -rw-r--r--
Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.
| michael@0 | 1 | /* |
| michael@0 | 2 | * key.c |
| michael@0 | 3 | * |
| michael@0 | 4 | * key usage limits enforcement |
| michael@0 | 5 | * |
| michael@0 | 6 | * David A. Mcgrew |
| michael@0 | 7 | * Cisco Systems, Inc. |
| michael@0 | 8 | */ |
| michael@0 | 9 | /* |
| michael@0 | 10 | * |
| michael@0 | 11 | * Copyright (c) 2001-2006 Cisco Systems, Inc. |
| michael@0 | 12 | * All rights reserved. |
| michael@0 | 13 | * |
| michael@0 | 14 | * Redistribution and use in source and binary forms, with or without |
| michael@0 | 15 | * modification, are permitted provided that the following conditions |
| michael@0 | 16 | * are met: |
| michael@0 | 17 | * |
| michael@0 | 18 | * Redistributions of source code must retain the above copyright |
| michael@0 | 19 | * notice, this list of conditions and the following disclaimer. |
| michael@0 | 20 | * |
| michael@0 | 21 | * Redistributions in binary form must reproduce the above |
| michael@0 | 22 | * copyright notice, this list of conditions and the following |
| michael@0 | 23 | * disclaimer in the documentation and/or other materials provided |
| michael@0 | 24 | * with the distribution. |
| michael@0 | 25 | * |
| michael@0 | 26 | * Neither the name of the Cisco Systems, Inc. nor the names of its |
| michael@0 | 27 | * contributors may be used to endorse or promote products derived |
| michael@0 | 28 | * from this software without specific prior written permission. |
| michael@0 | 29 | * |
| michael@0 | 30 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| michael@0 | 31 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| michael@0 | 32 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS |
| michael@0 | 33 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE |
| michael@0 | 34 | * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, |
| michael@0 | 35 | * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES |
| michael@0 | 36 | * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR |
| michael@0 | 37 | * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
| michael@0 | 38 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
| michael@0 | 39 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
| michael@0 | 40 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
| michael@0 | 41 | * OF THE POSSIBILITY OF SUCH DAMAGE. |
| michael@0 | 42 | * |
| michael@0 | 43 | */ |
| michael@0 | 44 | |
| michael@0 | 45 | #include "key.h" |
| michael@0 | 46 | |
| michael@0 | 47 | #define soft_limit 0x10000 |
| michael@0 | 48 | |
| michael@0 | 49 | err_status_t |
| michael@0 | 50 | key_limit_set(key_limit_t key, const xtd_seq_num_t s) { |
| michael@0 | 51 | #ifdef NO_64BIT_MATH |
| michael@0 | 52 | if (high32(s) == 0 && low32(s) < soft_limit) |
| michael@0 | 53 | return err_status_bad_param; |
| michael@0 | 54 | #else |
| michael@0 | 55 | if (s < soft_limit) |
| michael@0 | 56 | return err_status_bad_param; |
| michael@0 | 57 | #endif |
| michael@0 | 58 | key->num_left = s; |
| michael@0 | 59 | key->state = key_state_normal; |
| michael@0 | 60 | return err_status_ok; |
| michael@0 | 61 | } |
| michael@0 | 62 | |
| michael@0 | 63 | err_status_t |
| michael@0 | 64 | key_limit_clone(key_limit_t original, key_limit_t *new_key) { |
| michael@0 | 65 | if (original == NULL) |
| michael@0 | 66 | return err_status_bad_param; |
| michael@0 | 67 | *new_key = original; |
| michael@0 | 68 | return err_status_ok; |
| michael@0 | 69 | } |
| michael@0 | 70 | |
| michael@0 | 71 | err_status_t |
| michael@0 | 72 | key_limit_check(const key_limit_t key) { |
| michael@0 | 73 | if (key->state == key_state_expired) |
| michael@0 | 74 | return err_status_key_expired; |
| michael@0 | 75 | return err_status_ok; |
| michael@0 | 76 | } |
| michael@0 | 77 | |
| michael@0 | 78 | key_event_t |
| michael@0 | 79 | key_limit_update(key_limit_t key) { |
| michael@0 | 80 | #ifdef NO_64BIT_MATH |
| michael@0 | 81 | if (low32(key->num_left) == 0) |
| michael@0 | 82 | { |
| michael@0 | 83 | // carry |
| michael@0 | 84 | key->num_left = make64(high32(key->num_left)-1,low32(key->num_left) - 1); |
| michael@0 | 85 | } |
| michael@0 | 86 | else |
| michael@0 | 87 | { |
| michael@0 | 88 | // no carry |
| michael@0 | 89 | key->num_left = make64(high32(key->num_left),low32(key->num_left) - 1); |
| michael@0 | 90 | } |
| michael@0 | 91 | if (high32(key->num_left) != 0 || low32(key->num_left) >= soft_limit) { |
| michael@0 | 92 | return key_event_normal; /* we're above the soft limit */ |
| michael@0 | 93 | } |
| michael@0 | 94 | #else |
| michael@0 | 95 | key->num_left--; |
| michael@0 | 96 | if (key->num_left >= soft_limit) { |
| michael@0 | 97 | return key_event_normal; /* we're above the soft limit */ |
| michael@0 | 98 | } |
| michael@0 | 99 | #endif |
| michael@0 | 100 | if (key->state == key_state_normal) { |
| michael@0 | 101 | /* we just passed the soft limit, so change the state */ |
| michael@0 | 102 | key->state = key_state_past_soft_limit; |
| michael@0 | 103 | } |
| michael@0 | 104 | #ifdef NO_64BIT_MATH |
| michael@0 | 105 | if (low32(key->num_left) == 0 && high32(key->num_left == 0)) |
| michael@0 | 106 | #else |
| michael@0 | 107 | if (key->num_left < 1) |
| michael@0 | 108 | #endif |
| michael@0 | 109 | { /* we just hit the hard limit */ |
| michael@0 | 110 | key->state = key_state_expired; |
| michael@0 | 111 | return key_event_hard_limit; |
| michael@0 | 112 | } |
| michael@0 | 113 | return key_event_soft_limit; |
| michael@0 | 114 | } |
| michael@0 | 115 |
