tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

rdb.c (4278B)

      1 /*
      2 * rdb.c
      3 *
      4 * Implements a replay database for packet security
      5 *
      6 * David A. McGrew
      7 * Cisco Systems, Inc.
      8 */
      9 
     10 /*
     11 *
     12 * Copyright (c) 2001-2017, Cisco Systems, Inc.
     13 * All rights reserved.
     14 *
     15 * Redistribution and use in source and binary forms, with or without
     16 * modification, are permitted provided that the following conditions
     17 * are met:
     18 *
     19 *   Redistributions of source code must retain the above copyright
     20 *   notice, this list of conditions and the following disclaimer.
     21 *
     22 *   Redistributions in binary form must reproduce the above
     23 *   copyright notice, this list of conditions and the following
     24 *   disclaimer in the documentation and/or other materials provided
     25 *   with the distribution.
     26 *
     27 *   Neither the name of the Cisco Systems, Inc. nor the names of its
     28 *   contributors may be used to endorse or promote products derived
     29 *   from this software without specific prior written permission.
     30 *
     31 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
     32 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
     33 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
     34 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
     35 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
     36 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
     37 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
     38 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     39 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
     40 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
     41 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
     42 * OF THE POSSIBILITY OF SUCH DAMAGE.
     43 *
     44 */
     45 
     46 #ifdef HAVE_CONFIG_H
     47 #include <config.h>
     48 #endif
     49 
     50 #include "rdb.h"
     51 
     52 #define rdb_bits_in_bitmask (8 * sizeof(v128_t))
     53 
     54 /*
     55 * this implementation of a replay database works as follows:
     56 *
     57 * window_start is the index of the first packet in the window
     58 * bitmask      a bit-buffer, containing the most recently entered
     59 *              index as the leftmost bit
     60 *
     61 */
     62 
     63 /* srtp_rdb_init initalizes rdb */
     64 srtp_err_status_t srtp_rdb_init(srtp_rdb_t *rdb)
     65 {
     66    v128_set_to_zero(&rdb->bitmask);
     67    rdb->window_start = 0;
     68    return srtp_err_status_ok;
     69 }
     70 
     71 /*
     72 * srtp_rdb_check checks to see if index appears in rdb
     73 */
     74 srtp_err_status_t srtp_rdb_check(const srtp_rdb_t *rdb, uint32_t p_index)
     75 {
     76    /* if the index appears after (or at very end of) the window, its good */
     77    if (p_index >= rdb->window_start + rdb_bits_in_bitmask) {
     78        return srtp_err_status_ok;
     79    }
     80 
     81    /* if the index appears before the window, its bad */
     82    if (p_index < rdb->window_start) {
     83        return srtp_err_status_replay_old;
     84    }
     85 
     86    /* otherwise, the index appears within the window, so check the bitmask */
     87    if (v128_get_bit(&rdb->bitmask, (p_index - rdb->window_start)) == 1) {
     88        return srtp_err_status_replay_fail;
     89    }
     90 
     91    /* otherwise, the index is okay */
     92    return srtp_err_status_ok;
     93 }
     94 
     95 /*
     96 * srtp_rdb_add_index adds index to srtp_rdb_t (and does *not* check if
     97 * index appears in db)
     98 *
     99 * this function should be called only after srtp_rdb_check has
    100 * indicated that the index does not appear in the rdb, e.g., a mutex
    101 * should protect the rdb between these calls
    102 */
    103 srtp_err_status_t srtp_rdb_add_index(srtp_rdb_t *rdb, uint32_t p_index)
    104 {
    105    unsigned int delta;
    106 
    107    if (p_index < rdb->window_start)
    108        return srtp_err_status_replay_fail;
    109 
    110    delta = (p_index - rdb->window_start);
    111    if (delta < rdb_bits_in_bitmask) {
    112        /* if the p_index is within the window, set the appropriate bit */
    113        v128_set_bit(&rdb->bitmask, delta);
    114 
    115    } else {
    116        delta -= rdb_bits_in_bitmask - 1;
    117 
    118        /* shift the window forward by delta bits*/
    119        v128_left_shift(&rdb->bitmask, delta);
    120        v128_set_bit(&rdb->bitmask, rdb_bits_in_bitmask - 1);
    121        rdb->window_start += delta;
    122    }
    123 
    124    return srtp_err_status_ok;
    125 }
    126 
    127 srtp_err_status_t srtp_rdb_increment(srtp_rdb_t *rdb)
    128 {
    129    if (rdb->window_start >= 0x7fffffff) {
    130        return srtp_err_status_key_expired;
    131    }
    132    ++rdb->window_start;
    133    return srtp_err_status_ok;
    134 }
    135 
    136 uint32_t srtp_rdb_get_value(const srtp_rdb_t *rdb)
    137 {
    138    return rdb->window_start;
    139 }