1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/netwerk/srtp/src/crypto/replay/rdb.c Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,137 @@
1.4 +/*
1.5 + * rdb.c
1.6 + *
1.7 + * Implements a replay database for packet security
1.8 + *
1.9 + * David A. McGrew
1.10 + * Cisco Systems, Inc.
1.11 + */
1.12 +
1.13 +/*
1.14 + *
1.15 + * Copyright (c) 2001-2006, Cisco Systems, Inc.
1.16 + * All rights reserved.
1.17 + *
1.18 + * Redistribution and use in source and binary forms, with or without
1.19 + * modification, are permitted provided that the following conditions
1.20 + * are met:
1.21 + *
1.22 + * Redistributions of source code must retain the above copyright
1.23 + * notice, this list of conditions and the following disclaimer.
1.24 + *
1.25 + * Redistributions in binary form must reproduce the above
1.26 + * copyright notice, this list of conditions and the following
1.27 + * disclaimer in the documentation and/or other materials provided
1.28 + * with the distribution.
1.29 + *
1.30 + * Neither the name of the Cisco Systems, Inc. nor the names of its
1.31 + * contributors may be used to endorse or promote products derived
1.32 + * from this software without specific prior written permission.
1.33 + *
1.34 + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
1.35 + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
1.36 + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
1.37 + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
1.38 + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
1.39 + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
1.40 + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
1.41 + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
1.42 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
1.43 + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
1.44 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
1.45 + * OF THE POSSIBILITY OF SUCH DAMAGE.
1.46 + *
1.47 + */
1.48 +
1.49 +
1.50 +#include "rdb.h"
1.51 +
1.52 +
1.53 +/*
1.54 + * this implementation of a replay database works as follows:
1.55 + *
1.56 + * window_start is the index of the first packet in the window
1.57 + * bitmask a bit-buffer, containing the most recently entered
1.58 + * index as the leftmost bit
1.59 + *
1.60 + */
1.61 +
1.62 +/* rdb_init initalizes rdb */
1.63 +
1.64 +err_status_t
1.65 +rdb_init(rdb_t *rdb) {
1.66 + v128_set_to_zero(&rdb->bitmask);
1.67 + rdb->window_start = 0;
1.68 + return err_status_ok;
1.69 +}
1.70 +
1.71 +/*
1.72 + * rdb_check checks to see if index appears in rdb
1.73 + */
1.74 +
1.75 +err_status_t
1.76 +rdb_check(const rdb_t *rdb, uint32_t p_index) {
1.77 +
1.78 + /* if the index appears after (or at very end of) the window, its good */
1.79 + if (p_index >= rdb->window_start + rdb_bits_in_bitmask)
1.80 + return err_status_ok;
1.81 +
1.82 + /* if the index appears before the window, its bad */
1.83 + if (p_index < rdb->window_start)
1.84 + return err_status_replay_old;
1.85 +
1.86 + /* otherwise, the index appears within the window, so check the bitmask */
1.87 + if (v128_get_bit(&rdb->bitmask, (p_index - rdb->window_start)) == 1)
1.88 + return err_status_replay_fail;
1.89 +
1.90 + /* otherwise, the index is okay */
1.91 + return err_status_ok;
1.92 +}
1.93 +
1.94 +/*
1.95 + * rdb_add_index adds index to rdb_t (and does *not* check if
1.96 + * index appears in db)
1.97 + *
1.98 + * this function should be called only after rdb_check has
1.99 + * indicated that the index does not appear in the rdb, e.g., a mutex
1.100 + * should protect the rdb between these calls
1.101 + */
1.102 +
1.103 +err_status_t
1.104 +rdb_add_index(rdb_t *rdb, uint32_t p_index) {
1.105 + int delta;
1.106 +
1.107 + /* here we *assume* that p_index > rdb->window_start */
1.108 +
1.109 + delta = (p_index - rdb->window_start);
1.110 + if (delta < (int)rdb_bits_in_bitmask) {
1.111 +
1.112 + /* if the p_index is within the window, set the appropriate bit */
1.113 + v128_set_bit(&rdb->bitmask, delta);
1.114 +
1.115 + } else {
1.116 +
1.117 + delta -= rdb_bits_in_bitmask - 1;
1.118 +
1.119 + /* shift the window forward by delta bits*/
1.120 + v128_left_shift(&rdb->bitmask, delta);
1.121 + v128_set_bit(&rdb->bitmask, rdb_bits_in_bitmask-1);
1.122 + rdb->window_start += delta;
1.123 +
1.124 + }
1.125 +
1.126 + return err_status_ok;
1.127 +}
1.128 +
1.129 +err_status_t
1.130 +rdb_increment(rdb_t *rdb) {
1.131 +
1.132 + if (rdb->window_start++ > 0x7fffffff)
1.133 + return err_status_key_expired;
1.134 + return err_status_ok;
1.135 +}
1.136 +
1.137 +uint32_t
1.138 +rdb_get_value(const rdb_t *rdb) {
1.139 + return rdb->window_start;
1.140 +}
