1 /* 2 * replay-database.h 3 * 4 * interface for a replay database for packet security 5 * 6 * David A. McGrew 7 * Cisco Systems, Inc. 8 */ 9 10 11 #ifndef REPLAY_DB_H 12 #define REPLAY_DB_H 13 14 #include "integers.h" /* for uint32_t */ 15 #include "datatypes.h" /* for v128_t */ 16 #include "err.h" /* for err_status_t */ 17 18 /* 19 * if the ith least significant bit is one, then the packet index 20 * window_end-i is in the database 21 */ 22 23 typedef struct { 24 uint32_t window_start; /* packet index of the first bit in bitmask */ 25 v128_t bitmask; 26 } rdb_t; 27 28 #define rdb_bits_in_bitmask (8*sizeof(v128_t)) 29 30 /* 31 * rdb init 32 * 33 * initalizes rdb 34 * 35 * returns err_status_ok on success, err_status_t_fail otherwise 36 */ 37 38 err_status_t 39 rdb_init(rdb_t *rdb); 40 41 42 /* 43 * rdb_check 44 * 45 * checks to see if index appears in rdb 46 * 47 * returns err_status_fail if the index already appears in rdb, 48 * returns err_status_ok otherwise 49 */ 50 51 err_status_t 52 rdb_check(const rdb_t *rdb, uint32_t index); 53 54 /* 55 * rdb_add_index 56 * 57 * adds index to rdb_t (and does *not* check if index appears in db) 58 * 59 * returns err_status_ok on success, err_status_fail otherwise 60 * 61 */ 62 63 err_status_t 64 rdb_add_index(rdb_t *rdb, uint32_t index); 65 66 /* 67 * the functions rdb_increment() and rdb_get_value() are for use by 68 * senders, not receivers - DO NOT use these functions on the same 69 * rdb_t upon which rdb_add_index is used! 70 */ 71 72 73 /* 74 * rdb_increment(db) increments the sequence number in db, if it is 75 * not too high 76 * 77 * return values: 78 * 79 * err_status_ok no problem 80 * err_status_key_expired sequence number too high 81 * 82 */ 83 err_status_t 84 rdb_increment(rdb_t *rdb); 85 86 /* 87 * rdb_get_value(db) returns the current sequence number of db 88 */ 89 90 uint32_t 91 rdb_get_value(const rdb_t *rdb); 92 93 94 #endif /* REPLAY_DB_H */ 95