1/* 2 * replay-database.h 3 * 4 * interface for a replay database for packet security 5 * 6 * David A. McGrew 7 * Cisco Systems, Inc. 8 */ 9 10 11#ifndef REPLAY_DB_H 12#define REPLAY_DB_H 13 14#include "integers.h" /* for uint32_t */ 15#include "datatypes.h" /* for v128_t */ 16#include "err.h" /* for err_status_t */ 17 18/* 19 * if the ith least significant bit is one, then the packet index 20 * window_end-i is in the database 21 */ 22 23typedef struct { 24 uint32_t window_start; /* packet index of the first bit in bitmask */ 25 v128_t bitmask; 26} rdb_t; 27 28#define rdb_bits_in_bitmask (8*sizeof(v128_t)) 29 30/* 31 * rdb init 32 * 33 * initalizes rdb 34 * 35 * returns err_status_ok on success, err_status_t_fail otherwise 36 */ 37 38err_status_t 39rdb_init(rdb_t *rdb); 40 41 42/* 43 * rdb_check 44 * 45 * checks to see if index appears in rdb 46 * 47 * returns err_status_fail if the index already appears in rdb, 48 * returns err_status_ok otherwise 49 */ 50 51err_status_t 52rdb_check(const rdb_t *rdb, uint32_t index); 53 54/* 55 * rdb_add_index 56 * 57 * adds index to rdb_t (and does *not* check if index appears in db) 58 * 59 * returns err_status_ok on success, err_status_fail otherwise 60 * 61 */ 62 63err_status_t 64rdb_add_index(rdb_t *rdb, uint32_t index); 65 66/* 67 * the functions rdb_increment() and rdb_get_value() are for use by 68 * senders, not receivers - DO NOT use these functions on the same 69 * rdb_t upon which rdb_add_index is used! 70 */ 71 72 73/* 74 * rdb_increment(db) increments the sequence number in db, if it is 75 * not too high 76 * 77 * return values: 78 * 79 * err_status_ok no problem 80 * err_status_key_expired sequence number too high 81 * 82 */ 83err_status_t 84rdb_increment(rdb_t *rdb); 85 86/* 87 * rdb_get_value(db) returns the current sequence number of db 88 */ 89 90uint32_t 91rdb_get_value(const rdb_t *rdb); 92 93 94#endif /* REPLAY_DB_H */ 95