]>
git.ipfire.org Git - thirdparty/openssl.git/blob - ssl/record/dtls1_bitmap.c
4733a62a96633fafab092bbc009f1ba48823667b
2 * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include "../ssl_local.h"
11 #include "record_local.h"
13 /* mod 128 saturating subtract of two 64-bit values in big-endian order */
14 static int satsub64be(const unsigned char *v1
, const unsigned char *v2
)
24 /* We do not permit wrap-around */
25 if (l1
> l2
&& ret
< 0)
27 else if (l2
> l1
&& ret
> 0)
38 int dtls1_record_replay_check(SSL
*s
, DTLS1_BITMAP
*bitmap
)
42 const unsigned char *seq
= s
->rlayer
.read_sequence
;
44 cmp
= satsub64be(seq
, bitmap
->max_seq_num
);
46 SSL3_RECORD_set_seq_num(RECORD_LAYER_get_rrec(&s
->rlayer
), seq
);
47 return 1; /* this record in new */
50 if (shift
>= sizeof(bitmap
->map
) * 8)
51 return 0; /* stale, outside the window */
52 else if (bitmap
->map
& (1UL << shift
))
53 return 0; /* record previously received */
55 SSL3_RECORD_set_seq_num(RECORD_LAYER_get_rrec(&s
->rlayer
), seq
);
59 void dtls1_record_bitmap_update(SSL
*s
, DTLS1_BITMAP
*bitmap
)
63 const unsigned char *seq
= RECORD_LAYER_get_read_sequence(&s
->rlayer
);
65 cmp
= satsub64be(seq
, bitmap
->max_seq_num
);
68 if (shift
< sizeof(bitmap
->map
) * 8)
69 bitmap
->map
<<= shift
, bitmap
->map
|= 1UL;
72 memcpy(bitmap
->max_seq_num
, seq
, SEQ_NUM_SIZE
);
75 if (shift
< sizeof(bitmap
->map
) * 8)
76 bitmap
->map
|= 1UL << shift
;