commit 7446a3b77f4fecee2902af95302f65abf480fc8c
author David Benjamin <davidben@chromium.org> Sat Jul 25 17:53:57 2015 -0400
committer Adam Langley <agl@google.com> Wed Aug 05 21:23:05 2015 +0000
tree 9459ee1e8e8b504936f5ad5702621f1df6a2e5ed
parent c8d5122538002c03abf21cb846de47375439f863

Clean up DTLS1_BITMAP code.

Take the sequence number as a parameter. Also replace satsub64be with
the boring thing: convert to uint64_t and subtract normally.

BUG=468889

Change-Id: Icab75f872b5e55cf4e9d68b66934ec91afeb198b
Reviewed-on: https://boringssl-review.googlesource.com/5558
Reviewed-by: Adam Langley <agl@google.com>

ssl/internal.h

diff --git a/ssl/internal.h b/ssl/internal.h
index a1600f8..ec425b0 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -344,6 +344,20 @@
                       size_t in_len);
 
 
+/* DTLS replay bitmap. */
+
+/* DTLS1_BITMAP maintains a sliding window of 64 sequence numbers to detect
+ * replayed packets. It should be initialized by zeroing every field. */
+typedef struct dtls1_bitmap_st {
+  /* map is a bit mask of the last 64 sequence numbers. Bit
+   * |1<<i| corresponds to |max_seq_num - i|. */
+  uint64_t map;
+  /* max_seq_num is the largest sequence number seen so far as a 64-bit
+   * integer. */
+  uint64_t max_seq_num;
+} DTLS1_BITMAP;
+
+
 /* Private key operations. */
 
 /* ssl_has_private_key returns one if |ssl| has a private key
@@ -724,15 +738,6 @@
 
 #define DTLS1_AL_HEADER_LENGTH 2
 
-typedef struct dtls1_bitmap_st {
-  /* map is a bit mask of the last 64 sequence numbers. Bit
-   * |1<<i| corresponds to |max_seq_num - i|. */
-  uint64_t map;
-  /* max_seq_num is the largest sequence number seen so far. It
-   * is a 64-bit value in big-endian encoding. */
-  uint8_t max_seq_num[8];
-} DTLS1_BITMAP;
-
 /* TODO(davidben): This structure is used for both incoming messages and
  * outgoing messages. |is_ccs| and |epoch| are only used in the latter and
  * should be moved elsewhere. */