1386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari/* 2386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * key.c 3386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * 4386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * key usage limits enforcement 5386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * 6386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * David A. Mcgrew 7386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * Cisco Systems, Inc. 8386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari */ 9386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari/* 10386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * 11386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * Copyright (c) 2001-2006 Cisco Systems, Inc. 12386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * All rights reserved. 13386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * 14386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * Redistribution and use in source and binary forms, with or without 15386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * modification, are permitted provided that the following conditions 16386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * are met: 17386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * 18386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * Redistributions of source code must retain the above copyright 19386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * notice, this list of conditions and the following disclaimer. 20386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * 21386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * Redistributions in binary form must reproduce the above 22386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * copyright notice, this list of conditions and the following 23386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * disclaimer in the documentation and/or other materials provided 24386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * with the distribution. 25386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * 26386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * Neither the name of the Cisco Systems, Inc. nor the names of its 27386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * contributors may be used to endorse or promote products derived 28386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * from this software without specific prior written permission. 29386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * 30386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 31386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 32386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 33386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 34386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, 35386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 36386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 37386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 38386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 39386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 40386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 41386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * OF THE POSSIBILITY OF SUCH DAMAGE. 42386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * 43386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari */ 44386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari 45386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#include "key.h" 46386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari 47386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#define soft_limit 0x10000 48386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari 49386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagarierr_status_t 50386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagarikey_limit_set(key_limit_t key, const xtd_seq_num_t s) { 51386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#ifdef NO_64BIT_MATH 52386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari if (high32(s) == 0 && low32(s) < soft_limit) 53386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari return err_status_bad_param; 54386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#else 55386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari if (s < soft_limit) 56386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari return err_status_bad_param; 57386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#endif 58386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari key->num_left = s; 59386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari key->state = key_state_normal; 60386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari return err_status_ok; 61386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari} 62386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari 63386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagarierr_status_t 64386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagarikey_limit_clone(key_limit_t original, key_limit_t *new_key) { 65386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari if (original == NULL) 66386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari return err_status_bad_param; 67386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *new_key = original; 68386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari return err_status_ok; 69386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari} 70386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari 71386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagarierr_status_t 72386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagarikey_limit_check(const key_limit_t key) { 73386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari if (key->state == key_state_expired) 74386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari return err_status_key_expired; 75386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari return err_status_ok; 76386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari} 77386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari 78386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagarikey_event_t 79386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagarikey_limit_update(key_limit_t key) { 80386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#ifdef NO_64BIT_MATH 81386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari if (low32(key->num_left) == 0) 82386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari { 83386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari // carry 84386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari key->num_left = make64(high32(key->num_left)-1,low32(key->num_left) - 1); 85386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari } 86386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari else 87386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari { 88386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari // no carry 89386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari key->num_left = make64(high32(key->num_left),low32(key->num_left) - 1); 90386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari } 91386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari if (high32(key->num_left) != 0 || low32(key->num_left) >= soft_limit) { 92386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari return key_event_normal; /* we're above the soft limit */ 93386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari } 94386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#else 95386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari key->num_left--; 96386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari if (key->num_left >= soft_limit) { 97386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari return key_event_normal; /* we're above the soft limit */ 98386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari } 99386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#endif 100386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari if (key->state == key_state_normal) { 101386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari /* we just passed the soft limit, so change the state */ 102386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari key->state = key_state_past_soft_limit; 103386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari } 104386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#ifdef NO_64BIT_MATH 105386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari if (low32(key->num_left) == 0 && high32(key->num_left == 0)) 106386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#else 107386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari if (key->num_left < 1) 108386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#endif 109386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari { /* we just hit the hard limit */ 110386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari key->state = key_state_expired; 111386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari return key_event_hard_limit; 112386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari } 113386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari return key_event_soft_limit; 114386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari} 115386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari 116