From 1408012f0b1c5a34b0512c3ad12da83a6910d6f5 Mon Sep 17 00:00:00 2001 From: Martin Turon Date: Tue, 14 Dec 2021 05:36:05 -0800 Subject: [PATCH] [msg] Fix counter init. (#12948) --- src/transport/MessageCounter.cpp | 2 +- src/transport/MessageCounter.h | 31 ++++++++++++++++--------------- src/transport/PairingSession.h | 2 +- 3 files changed, 18 insertions(+), 17 deletions(-) diff --git a/src/transport/MessageCounter.cpp b/src/transport/MessageCounter.cpp index 9def18cd64464a..c4aaef16f2d89a 100644 --- a/src/transport/MessageCounter.cpp +++ b/src/transport/MessageCounter.cpp @@ -29,7 +29,7 @@ namespace chip { void GlobalUnencryptedMessageCounter::Init() { - value = Crypto::GetRandU32(); + mValue = Crypto::GetRandU32(); } CHIP_ERROR GlobalEncryptedMessageCounter::Init() diff --git a/src/transport/MessageCounter.h b/src/transport/MessageCounter.h index 7cb99f69216556..dd23c6572b4f1c 100644 --- a/src/transport/MessageCounter.h +++ b/src/transport/MessageCounter.h @@ -56,20 +56,20 @@ class MessageCounter class GlobalUnencryptedMessageCounter : public MessageCounter { public: - GlobalUnencryptedMessageCounter() : value(0) {} + GlobalUnencryptedMessageCounter() : mValue(0) {} void Init(); Type GetType() override { return GlobalUnencrypted; } - uint32_t Value() override { return value; } + uint32_t Value() override { return mValue; } CHIP_ERROR Advance() override { - ++value; + ++mValue; return CHIP_NO_ERROR; } private: - uint32_t value; + uint32_t mValue; }; class GlobalEncryptedMessageCounter : public MessageCounter @@ -88,18 +88,18 @@ class GlobalEncryptedMessageCounter : public MessageCounter #else struct FakePersistedCounter { - FakePersistedCounter() : value(0) {} + FakePersistedCounter() : mValue(0) {} CHIP_ERROR Init(chip::Platform::PersistedStorage::Key aId, uint32_t aEpoch) { return CHIP_NO_ERROR; } - uint32_t GetValue() { return value; } + uint32_t GetValue() { return mValue; } CHIP_ERROR Advance() { - ++value; + ++mValue; return CHIP_NO_ERROR; } private: - uint32_t value; + uint32_t mValue; } persisted; #endif }; @@ -107,25 +107,26 @@ class GlobalEncryptedMessageCounter : public MessageCounter class LocalSessionMessageCounter : public MessageCounter { public: - static constexpr uint32_t kInitialValue = 1; ///< Used for initializing peer counter + static constexpr uint32_t kInitialSyncValue = 0; ///< Used for initializing peer counter static constexpr uint32_t kMessageCounterRandomInitMask = 0x0FFFFFF; ///< 28-bit mask /** - * Initialize a local message counter with random value between [0, 2^28-1]. This increases the difficulty of traffic analysis - * attacks by making it harder to determine how long a particular session has been open. + * Initialize a local message counter with random value between [1, 2^28]. This increases the difficulty of traffic analysis + * attacks by making it harder to determine how long a particular session has been open. The initial counter is always 1 or + * higher to guarantee first message is always greater than initial peer counter set to 0. */ - LocalSessionMessageCounter() { value = Crypto::GetRandU32() & kMessageCounterRandomInitMask; } + LocalSessionMessageCounter() { mValue = (Crypto::GetRandU32() & kMessageCounterRandomInitMask) + 1; } Type GetType() override { return Session; } - uint32_t Value() override { return value; } + uint32_t Value() override { return mValue; } CHIP_ERROR Advance() override { - ++value; + ++mValue; return CHIP_NO_ERROR; } private: - uint32_t value; + uint32_t mValue; }; } // namespace chip diff --git a/src/transport/PairingSession.h b/src/transport/PairingSession.h index d86b388e71b204..889cbb7607d3d8 100644 --- a/src/transport/PairingSession.h +++ b/src/transport/PairingSession.h @@ -86,7 +86,7 @@ class DLL_EXPORT PairingSession virtual uint32_t GetPeerCounter() { // TODO(#6652): This is a stub implementation, should be replaced by the real one when CASE and PASE is completed - return LocalSessionMessageCounter::kInitialValue; + return LocalSessionMessageCounter::kInitialSyncValue; } /**