1 /* 2 * key.c 3 * 4 * key usage limits enforcement 5 * 6 * David A. Mcgrew 7 * Cisco Systems, Inc. 8 */ 9 /* 10 * 11 * Copyright (c) 2001-2006 Cisco Systems, Inc. 12 * All rights reserved. 13 * 14 * Redistribution and use in source and binary forms, with or without 15 * modification, are permitted provided that the following conditions 16 * are met: 17 * 18 * Redistributions of source code must retain the above copyright 19 * notice, this list of conditions and the following disclaimer. 20 * 21 * Redistributions in binary form must reproduce the above 22 * copyright notice, this list of conditions and the following 23 * disclaimer in the documentation and/or other materials provided 24 * with the distribution. 25 * 26 * Neither the name of the Cisco Systems, Inc. nor the names of its 27 * contributors may be used to endorse or promote products derived 28 * from this software without specific prior written permission. 29 * 30 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 31 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 32 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 33 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 34 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, 35 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 36 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 37 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 38 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 39 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 40 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 41 * OF THE POSSIBILITY OF SUCH DAMAGE. 42 * 43 */ 44 45 #include "key.h" 46 47 #define soft_limit 0x10000 48 49 err_status_t 50 key_limit_set(key_limit_t key, const xtd_seq_num_t s) { 51 #ifdef NO_64BIT_MATH 52 if (high32(s) == 0 && low32(s) < soft_limit) 53 return err_status_bad_param; 54 #else 55 if (s < soft_limit) 56 return err_status_bad_param; 57 #endif 58 key->num_left = s; 59 key->state = key_state_normal; 60 return err_status_ok; 61 } 62 63 err_status_t 64 key_limit_clone(key_limit_t original, key_limit_t *new_key) { 65 if (original == NULL) 66 return err_status_bad_param; 67 *new_key = original; 68 return err_status_ok; 69 } 70 71 err_status_t 72 key_limit_check(const key_limit_t key) { 73 if (key->state == key_state_expired) 74 return err_status_key_expired; 75 return err_status_ok; 76 } 77 78 key_event_t 79 key_limit_update(key_limit_t key) { 80 #ifdef NO_64BIT_MATH 81 if (low32(key->num_left) == 0) 82 { 83 // carry 84 key->num_left = make64(high32(key->num_left)-1,low32(key->num_left) - 1); 85 } 86 else 87 { 88 // no carry 89 key->num_left = make64(high32(key->num_left),low32(key->num_left) - 1); 90 } 91 if (high32(key->num_left) != 0 || low32(key->num_left) >= soft_limit) { 92 return key_event_normal; /* we're above the soft limit */ 93 } 94 #else 95 key->num_left--; 96 if (key->num_left >= soft_limit) { 97 return key_event_normal; /* we're above the soft limit */ 98 } 99 #endif 100 if (key->state == key_state_normal) { 101 /* we just passed the soft limit, so change the state */ 102 key->state = key_state_past_soft_limit; 103 } 104 #ifdef NO_64BIT_MATH 105 if (low32(key->num_left) == 0 && high32(key->num_left == 0)) 106 #else 107 if (key->num_left < 1) 108 #endif 109 { /* we just hit the hard limit */ 110 key->state = key_state_expired; 111 return key_event_hard_limit; 112 } 113 return key_event_soft_limit; 114 } 115 116
