prevented minor attack

2025-06-07 13:03:45 +02:00 · 2022-12-28 05:53:18 -05:00 · 2022-12-28 05:53:18 -05:00 · c90faab4c0
commit c90faab4c0
parent 87b40cd1a0
2 changed files with 8 additions and 1 deletions
--- a/zssp/src/counter.rs
+++ b/zssp/src/counter.rs
@ -64,6 +64,11 @@ impl CounterWindow {
            self.0[i].store(0, Ordering::SeqCst)
        }
    }
+    pub fn invalidate(&self) {
+        for i in 0..COUNTER_MAX_ALLOWED_OOO {
+            self.0[i].store(u32::MAX, Ordering::SeqCst)
+        }
+    }

    #[inline(always)]
    pub fn message_received(&self, received_counter_value: u32) -> bool {
--- a/zssp/src/zssp.rs
+++ b/zssp/src/zssp.rs
@ -416,6 +416,8 @@ impl<Application: ApplicationLayer> Session<Application> {
                .map_or(true, |o| (current_time - o.creation_time) > Application::REKEY_RATE_LIMIT_MS)
        {
            if let Some(remote_s_public) = P384PublicKey::from_bytes(&self.remote_s_public_p384_bytes) {
+                //mark the previous key as no longer being supported because it is about to be overwritten
+                self.receive_windows[(!current_key_id) as usize].invalidate();
                let mut offer = None;
                if send_ephemeral_offer(
                    &mut send,