lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Add functions for replay protection

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard
2014-09-24 10:52:58 +02:00
committed by Paul Bakker
parent ea22ce577e
commit 7a7e140d4e
3 changed files with 103 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
include/polarssl/ssl.h
View File

@ -822,6 +822,10 @@ struct _ssl_context
size_t next_record_offset; /*!< offset of the next record in datagram
(equal to in_left if none) */
#endif
#if defined(POLARSSL_SSL_DTLS_ANTI_REPLAY)
uint64_t in_window_top; /*!< last validated record seq_num */
uint64_t in_window; /*!< bitmask for replay detection */
#endif
size_t in_hslen; /*!< current handshake message length,
including the handshake header */
@ -2043,6 +2047,12 @@ void ssl_recv_flight_completed( ssl_context *ssl );
int ssl_resend( ssl_context *ssl );
#endif
/* Visible for testing purposes only */
#if defined(POLARSSL_SSL_DTLS_ANTI_REPLAY)
int ssl_dtls_replay_check( ssl_context *ssl );
void ssl_dtls_replay_update( ssl_context *ssl );
#endif
/* constant-time buffer comparison */
static inline int safer_memcmp( const void *a, const void *b, size_t n )
{