DTLS: Guard against epoch wrapping

author: Peter Dettman <peter.dettman@bouncycastle.org> 2019-03-09 20:27:57 +0700
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2019-03-09 20:27:57 +0700
commit: b0ec464bfa2c8c81e3a2ee2db952f8bda67505b9 (patch)
tree: 641cddb8a6407e63685562074c35a64dbc238f45 /crypto/src
parent: Update comment in line with Java version (diff)
download: BouncyCastle.NET-ed25519-b0ec464bfa2c8c81e3a2ee2db952f8bda67505b9.tar.xz
1 files changed, 8 insertions, 3 deletions
diff --git a/crypto/src/crypto/tls/DtlsEpoch.cs b/crypto/src/crypto/tls/DtlsEpoch.cs
index 91fffa5e1..af14035ce 100644
--- a/crypto/src/crypto/tls/DtlsEpoch.cs
+++ b/crypto/src/crypto/tls/DtlsEpoch.cs
@@ -24,8 +24,13 @@ namespace Org.BouncyCastle.Crypto.Tls
 
         internal long AllocateSequenceNumber()
         {
-            // TODO Check for overflow
-            return mSequenceNumber++;
+            lock (this)
+            {
+                if (mSequenceNumber >= (1L << 48))
+                    throw new TlsFatalAlert(AlertDescription.internal_error);
+
+                return mSequenceNumber++;
+            }
         }
 
         internal TlsCipher Cipher
@@ -45,7 +50,7 @@ namespace Org.BouncyCastle.Crypto.Tls
 
         internal long SequenceNumber
         {
-            get { return mSequenceNumber; }
+            get { lock(this) return mSequenceNumber; }
         }
     }
 }
author	Peter Dettman <peter.dettman@bouncycastle.org>	2019-03-09 20:27:57 +0700
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2019-03-09 20:27:57 +0700
commit	b0ec464bfa2c8c81e3a2ee2db952f8bda67505b9 (patch)
tree	641cddb8a6407e63685562074c35a64dbc238f45 /crypto/src
parent	Update comment in line with Java version (diff)
download	BouncyCastle.NET-ed25519-b0ec464bfa2c8c81e3a2ee2db952f8bda67505b9.tar.xz