Maintain the sequence number as a uint64_t.
We spend a lot of effort implementing a big-endian sequence number
update, etc., when the sequence number is just a 64-bit counter. (Or
48-bit counter in DTLS because we currently retain the epoch
separately. We can probably tidy that a bit too, but I'll leave that
for later. Right now the DTLS record layer state is a bit entwined
with the TLS one.)
Just store it as uint64_t. This should also simplify
https://boringssl-review.googlesource.com/c/boringssl/+/54325 a little.
Change-Id: I95233f924a660bc523b21496fdc9211055b75073
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/54505
Reviewed-by: Bob Beck <bbe@google.com>
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
diff --git a/ssl/tls_method.cc b/ssl/tls_method.cc
index 326cbe7..5fcf684 100644
--- a/ssl/tls_method.cc
+++ b/ssl/tls_method.cc
@@ -108,7 +108,7 @@
}
}
- OPENSSL_memset(ssl->s3->read_sequence, 0, sizeof(ssl->s3->read_sequence));
+ ssl->s3->read_sequence = 0;
ssl->s3->aead_read_ctx = std::move(aead_ctx);
ssl->s3->read_level = level;
return true;
@@ -137,7 +137,7 @@
}
}
- OPENSSL_memset(ssl->s3->write_sequence, 0, sizeof(ssl->s3->write_sequence));
+ ssl->s3->write_sequence = 0;
ssl->s3->aead_write_ctx = std::move(aead_ctx);
ssl->s3->write_level = level;
return true;
