Outline ![]()
Files ![]()
loading...
SourceVu![]()
STM32 Libraries and Samples![]()
netxduo![]()
nx_secure/src/nx_secure_dtls_session_sliding_window_update.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
/**************************************************************************/
/* */
/* Copyright (c) Microsoft Corporation. All rights reserved. */
/* */
/* This software is licensed under the Microsoft Software License */
/* Terms for Microsoft Azure RTOS. Full text of the license can be */
/* found in the LICENSE file at https://aka.ms/AzureRTOS_EULA */
/* and in the root directory of this software. */
/* */
/**************************************************************************/
/**************************************************************************/
/**************************************************************************/
/** */
/** NetX Secure Component */
/** */
/** Datagram Transport Layer Security (DTLS) */
/** */
/**************************************************************************/
/**************************************************************************/
#define NX_SECURE_SOURCE_CODE
#include "nx_secure_dtls.h"
#ifdef NX_SECURE_ENABLE_DTLS
/**************************************************************************/
/* */
/* FUNCTION RELEASE */
/* */
/* _nx_secure_dtls_session_sliding_window_update PORTABLE C */
/* 6.1.10 */
/* AUTHOR */
/* */
/* Timothy Stapko, Microsoft Corporation */
/* */
/* DESCRIPTION */
/* */
/* This function updates the DTLS sliding window used to validate */
/* incoming DTLS application records. If the sequence number of a */
/* received DTLS record is less than the "right" side of the window but*/
/* greater than the "left" side and not a repeat of another record, the*/
/* record is accepted (RFC 6347 Section 4.1.2.6). */
/* */
/* INPUT */
/* */
/* dtls_session Pointer to DTLS control block */
/* sequence_number New "right" side of window */
/* */
/* OUTPUT */
/* */
/* status Completion status */
/* */
/* CALLS */
/* */
/* */
/* CALLED BY */
/* */
/* */
/* RELEASE HISTORY */
/* */
/* DATE NAME DESCRIPTION */
/* */
/* 01-31-2022 Timothy Stapko Initial Version 6.1.10 */
/* */
/**************************************************************************/
UINT _nx_secure_dtls_session_sliding_window_update(NX_SECURE_DTLS_SESSION *dtls_session, ULONG *sequence_number)
{
ULONG delta;
ULONG mask;
NX_SECURE_TLS_SESSION *tls_session;
/* Extract TLS session for sequence numbers from DTLS session. */
tls_session = &dtls_session -> nx_secure_dtls_tls_session;
/* The incoming sequence number is assumed to be OK, so update window accordingly. */
/* Double check new sequence number. */
if (sequence_number[0] == tls_session -> nx_secure_tls_remote_sequence_number[0] &&
sequence_number[1] == tls_session -> nx_secure_tls_remote_sequence_number[1])
{
/* Equal to our current - this is a repeat. */
return(NX_SECURE_TLS_OUT_OF_ORDER_MESSAGE);
}
/* See if the incoming number is smaller than the last one we saw. */
if (sequence_number[0] < tls_session -> nx_secure_tls_remote_sequence_number[0] ||
(sequence_number[0] == tls_session -> nx_secure_tls_remote_sequence_number[0] &&
sequence_number[1] < tls_session -> nx_secure_tls_remote_sequence_number[1]))
{
delta = 0;
if(sequence_number[0] == tls_session -> nx_secure_tls_remote_sequence_number[0])
{
/* Upper halves match so just subtract. */
delta = tls_session -> nx_secure_tls_remote_sequence_number[1] - sequence_number[1];
}
else
{
/* Top halves don't match, adjust before subtract. */
delta = (0xFFFFFFFFul - sequence_number[1]) + tls_session -> nx_secure_tls_remote_sequence_number[1];
}
/* Incoming sequence number is smaller than last seen. Update the bitfield without shifting. */
mask = 0x1ul << delta;
dtls_session -> nx_secure_dtls_sliding_window = dtls_session -> nx_secure_dtls_sliding_window | mask;
}
else
{
/* Compare sequence numbers. At this point, the incoming number is greater than the last seen
so we can update the window. */
if(sequence_number[0] > tls_session -> nx_secure_tls_remote_sequence_number[0])
{
/* Upper halves don't match so adjust delta accordingly. */
delta = (0xFFFFFFFFul - tls_session -> nx_secure_tls_remote_sequence_number[1]) + sequence_number[1];
}
else
{
/* Top halves match, just subtract. */
delta = sequence_number[1] - tls_session -> nx_secure_tls_remote_sequence_number[1];
}
/* Now we can update the window. (delta represents a *bit* position in the window). */
if(delta > (sizeof(dtls_session -> nx_secure_dtls_sliding_window) * 8))
{
/* Delta is larger than window size - just clear it out. */
dtls_session -> nx_secure_dtls_sliding_window = 1;
}
else
{
/* Delta is within the window size, just left-shift to new position. */
dtls_session -> nx_secure_dtls_sliding_window <<= delta;
dtls_session -> nx_secure_dtls_sliding_window |= 0x1;
}
/* Update the sequence number to reflect the window change. */
tls_session -> nx_secure_tls_remote_sequence_number[1] = sequence_number[1];
tls_session -> nx_secure_tls_remote_sequence_number[0] = sequence_number[0];
}
return(NX_SUCCESS);
}
#endif
Details ![]()
Show: from Types: Columns: ![]( "Show Project Names")
![]( "Show Locations")
![]( "Show Referring Symbols")
![]( "Show Scope")
This file uses the notable symbols shown below. Click anywhere in the file to view more details.