doxygen/tls__seq__numbers_8h_source.html

/*

* TLS Sequence Number Handling

* (C) 2012 Jack Lloyd

*

* Botan is released under the Simplified BSD License (see license.txt)

*/


#ifndef BOTAN_TLS_SEQ_NUMBERS_H_

#define BOTAN_TLS_SEQ_NUMBERS_H_


#include <botan/types.h>

#include <map>


namespace Botan {


namespace TLS {


class Connection_Sequence_Numbers

   {

   public:

      virtual ~Connection_Sequence_Numbers() = default;


      virtual void new_read_cipher_state() = 0;

      virtual void new_write_cipher_state() = 0;


      virtual uint16_t current_read_epoch() const = 0;

      virtual uint16_t current_write_epoch() const = 0;


      virtual uint64_t next_write_sequence(uint16_t) = 0;

      virtual uint64_t next_read_sequence() = 0;


      virtual bool already_seen(uint64_t seq) const = 0;

      virtual void read_accept(uint64_t seq) = 0;


      virtual void reset() = 0;

   };


class Stream_Sequence_Numbers final : public Connection_Sequence_Numbers

   {

   public:

      Stream_Sequence_Numbers() { Stream_Sequence_Numbers::reset(); }


      void reset() override

         {

         m_write_seq_no = 0;

         m_read_seq_no = 0;

         m_read_epoch = 0;

         m_write_epoch = 0;

         }


      void new_read_cipher_state() override { m_read_seq_no = 0; m_read_epoch++; }

      void new_write_cipher_state() override { m_write_seq_no = 0; m_write_epoch++; }


      uint16_t current_read_epoch() const override { return m_read_epoch; }

      uint16_t current_write_epoch() const override { return m_write_epoch; }


      uint64_t next_write_sequence(uint16_t) override { return m_write_seq_no++; }

      uint64_t next_read_sequence() override { return m_read_seq_no; }


      bool already_seen(uint64_t) const override { return false; }

      void read_accept(uint64_t) override { m_read_seq_no++; }


   private:

      uint64_t m_write_seq_no;

      uint64_t m_read_seq_no;

      uint16_t m_read_epoch;

      uint16_t m_write_epoch;

   };


class Datagram_Sequence_Numbers final : public Connection_Sequence_Numbers

   {

   public:

      Datagram_Sequence_Numbers() { Datagram_Sequence_Numbers::reset(); }


      void reset() override

         {

         m_write_seqs.clear();

         m_write_seqs[0] = 0;

         m_write_epoch = 0;

         m_read_epoch = 0;

         m_window_highest = 0;

         m_window_bits = 0;

         }


      void new_read_cipher_state() override { m_read_epoch++; }


      void new_write_cipher_state() override

         {

         m_write_epoch++;

         m_write_seqs[m_write_epoch] = 0;

         }


      uint16_t current_read_epoch() const override { return m_read_epoch; }

      uint16_t current_write_epoch() const override { return m_write_epoch; }


      uint64_t next_write_sequence(uint16_t epoch) override

         {

         auto i = m_write_seqs.find(epoch);

         BOTAN_ASSERT(i != m_write_seqs.end(), "Found epoch");

         return (static_cast<uint64_t>(epoch) << 48) | i->second++;

         }


      uint64_t next_read_sequence() override

         {

         throw Invalid_State("DTLS uses explicit sequence numbers");

         }


      bool already_seen(uint64_t sequence) const override

         {

         const size_t window_size = sizeof(m_window_bits) * 8;


         if(sequence > m_window_highest)

            {

            return false;

            }


         const uint64_t offset = m_window_highest - sequence;


         if(offset >= window_size)

            {

            return true; // really old?

            }


         return (((m_window_bits >> offset) & 1) == 1);

         }


      void read_accept(uint64_t sequence) override

         {

         const size_t window_size = sizeof(m_window_bits) * 8;


         if(sequence > m_window_highest)

            {

            // We've received a later sequence which advances our window

            const uint64_t offset = sequence - m_window_highest;

            m_window_highest += offset;


            if(offset >= window_size)

               m_window_bits = 0;

            else

               m_window_bits <<= offset;


            m_window_bits |= 0x01;

            }

         else

            {

            const uint64_t offset = m_window_highest - sequence;


            if(offset < window_size)

               {

               // We've received an old sequence but still within our window

               m_window_bits |= (static_cast<uint64_t>(1) << offset);

               }

            else

               {

               // This occurs only if we have reset state (DTLS reconnection case)

               m_window_highest = sequence;

               m_window_bits = 0;

               }

            }

         }


   private:

      std::map<uint16_t, uint64_t> m_write_seqs;

      uint16_t m_write_epoch = 0;

      uint16_t m_read_epoch = 0;

      uint64_t m_window_highest = 0;

      uint64_t m_window_bits = 0;

   };


}


}


#endif

BOTAN_ASSERT
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:54

Botan::Invalid_State
Definition: exceptn.h:204

Botan::TLS::Connection_Sequence_Numbers
Definition: tls_seq_numbers.h:19

Botan::TLS::Connection_Sequence_Numbers::current_read_epoch
virtual uint16_t current_read_epoch() const =0

Botan::TLS::Connection_Sequence_Numbers::next_read_sequence
virtual uint64_t next_read_sequence()=0

Botan::TLS::Connection_Sequence_Numbers::~Connection_Sequence_Numbers
virtual ~Connection_Sequence_Numbers()=default

Botan::TLS::Connection_Sequence_Numbers::read_accept
virtual void read_accept(uint64_t seq)=0

Botan::TLS::Connection_Sequence_Numbers::current_write_epoch
virtual uint16_t current_write_epoch() const =0

Botan::TLS::Connection_Sequence_Numbers::reset
virtual void reset()=0

Botan::TLS::Connection_Sequence_Numbers::new_read_cipher_state
virtual void new_read_cipher_state()=0

Botan::TLS::Connection_Sequence_Numbers::already_seen
virtual bool already_seen(uint64_t seq) const =0

Botan::TLS::Connection_Sequence_Numbers::new_write_cipher_state
virtual void new_write_cipher_state()=0

Botan::TLS::Connection_Sequence_Numbers::next_write_sequence
virtual uint64_t next_write_sequence(uint16_t)=0

Botan::TLS::Datagram_Sequence_Numbers
Definition: tls_seq_numbers.h:71

Botan::TLS::Datagram_Sequence_Numbers::next_read_sequence
uint64_t next_read_sequence() override
Definition: tls_seq_numbers.h:103

Botan::TLS::Datagram_Sequence_Numbers::read_accept
void read_accept(uint64_t sequence) override
Definition: tls_seq_numbers.h:127

Botan::TLS::Datagram_Sequence_Numbers::current_read_epoch
uint16_t current_read_epoch() const override
Definition: tls_seq_numbers.h:93

Botan::TLS::Datagram_Sequence_Numbers::new_read_cipher_state
void new_read_cipher_state() override
Definition: tls_seq_numbers.h:85

Botan::TLS::Datagram_Sequence_Numbers::current_write_epoch
uint16_t current_write_epoch() const override
Definition: tls_seq_numbers.h:94

Botan::TLS::Datagram_Sequence_Numbers::next_write_sequence
uint64_t next_write_sequence(uint16_t epoch) override
Definition: tls_seq_numbers.h:96

Botan::TLS::Datagram_Sequence_Numbers::already_seen
bool already_seen(uint64_t sequence) const override
Definition: tls_seq_numbers.h:108

Botan::TLS::Datagram_Sequence_Numbers::new_write_cipher_state
void new_write_cipher_state() override
Definition: tls_seq_numbers.h:87

Botan::TLS::Datagram_Sequence_Numbers::Datagram_Sequence_Numbers
Datagram_Sequence_Numbers()
Definition: tls_seq_numbers.h:73

Botan::TLS::Datagram_Sequence_Numbers::reset
void reset() override
Definition: tls_seq_numbers.h:75

Botan::TLS::Stream_Sequence_Numbers
Definition: tls_seq_numbers.h:39

Botan::TLS::Stream_Sequence_Numbers::next_write_sequence
uint64_t next_write_sequence(uint16_t) override
Definition: tls_seq_numbers.h:57

Botan::TLS::Stream_Sequence_Numbers::next_read_sequence
uint64_t next_read_sequence() override
Definition: tls_seq_numbers.h:58

Botan::TLS::Stream_Sequence_Numbers::read_accept
void read_accept(uint64_t) override
Definition: tls_seq_numbers.h:61

Botan::TLS::Stream_Sequence_Numbers::Stream_Sequence_Numbers
Stream_Sequence_Numbers()
Definition: tls_seq_numbers.h:41

Botan::TLS::Stream_Sequence_Numbers::new_read_cipher_state
void new_read_cipher_state() override
Definition: tls_seq_numbers.h:51

Botan::TLS::Stream_Sequence_Numbers::new_write_cipher_state
void new_write_cipher_state() override
Definition: tls_seq_numbers.h:52

Botan::TLS::Stream_Sequence_Numbers::current_read_epoch
uint16_t current_read_epoch() const override
Definition: tls_seq_numbers.h:54

Botan::TLS::Stream_Sequence_Numbers::already_seen
bool already_seen(uint64_t) const override
Definition: tls_seq_numbers.h:60

Botan::TLS::Stream_Sequence_Numbers::reset
void reset() override
Definition: tls_seq_numbers.h:43

Botan::TLS::Stream_Sequence_Numbers::current_write_epoch
uint16_t current_write_epoch() const override
Definition: tls_seq_numbers.h:55

final
int(* final)(unsigned char *, CTX *)
Definition: commoncrypto_hash.cpp:29

Botan
Definition: alg_id.cpp:13