Coverage Report

Created: 2026-04-09 06:56

next uncovered line (L), next uncovered region (R), next uncovered branch (B)
/src/connectedhomeip/src/transport/MessageCounter.h
Line
Count
Source
1
/*
2
 *    Copyright (c) 2021 Project CHIP Authors
3
 *
4
 *    Licensed under the Apache License, Version 2.0 (the "License");
5
 *    you may not use this file except in compliance with the License.
6
 *    You may obtain a copy of the License at
7
 *
8
 *        http://www.apache.org/licenses/LICENSE-2.0
9
 *
10
 *    Unless required by applicable law or agreed to in writing, software
11
 *    distributed under the License is distributed on an "AS IS" BASIS,
12
 *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
 *    See the License for the specific language governing permissions and
14
 *    limitations under the License.
15
 */
16
17
/**
18
 *    @file
19
 *      This file defines the CHIP message counters.
20
 *
21
 */
22
#pragma once
23
24
#include <crypto/RandUtils.h>
25
#include <lib/core/CHIPError.h>
26
27
#include <stdint.h>
28
29
namespace chip {
30
31
/**
32
 * MessageCounter represents a local message counter. There are 2 types of message counter
33
 *
34
 * 1. Global unencrypted message counter
35
 * 2. Secure session message counter
36
 *
37
 * There will be separate implementations for each type
38
 */
39
class MessageCounter
40
{
41
public:
42
    static constexpr uint32_t kMessageCounterRandomInitMask = 0x0FFFFFFF; ///< 28-bit mask
43
44
    enum Type : uint8_t
45
    {
46
        GlobalUnencrypted,
47
        GlobalEncrypted,
48
        Session,
49
    };
50
51
0
    virtual ~MessageCounter() = default;
52
53
    virtual Type GetType() const                           = 0;
54
    virtual CHIP_ERROR AdvanceAndConsume(uint32_t & fetch) = 0; /** Advance the counter, and feed the new counter to fetch */
55
56
    // Note: this function must be called after Crypto is initialized. It can not be called from global variable constructor.
57
0
    static uint32_t GetDefaultInitialValuePredecessor() { return Crypto::GetRandU32() & kMessageCounterRandomInitMask; }
58
};
59
60
class GlobalUnencryptedMessageCounter : public MessageCounter
61
{
62
public:
63
0
    GlobalUnencryptedMessageCounter() : mLastUsedValue(0) {}
64
65
0
    void Init() { mLastUsedValue = GetDefaultInitialValuePredecessor(); }
66
67
0
    Type GetType() const override { return GlobalUnencrypted; }
68
    CHIP_ERROR AdvanceAndConsume(uint32_t & fetch) override
69
0
    {
70
0
        fetch = ++mLastUsedValue;
71
0
        return CHIP_NO_ERROR;
72
0
    }
73
74
private:
75
    uint32_t mLastUsedValue;
76
};
77
78
class LocalSessionMessageCounter : public MessageCounter
79
{
80
public:
81
    static constexpr uint32_t kMessageCounterMax = 0xFFFFFFFF;
82
83
    /**
84
     * Initialize a local message counter with random value between [1, 2^28]. This increases the difficulty of traffic analysis
85
     * attacks by making it harder to determine how long a particular session has been open. The initial counter is always 1 or
86
     * higher to guarantee first message is always greater than initial peer counter set to 0.
87
     *
88
     * The mLastUsedValue is the predecessor of the initial value, it will be advanced before using, so don't need to add 1 here.
89
     */
90
0
    LocalSessionMessageCounter() { mLastUsedValue = GetDefaultInitialValuePredecessor(); }
91
92
0
    Type GetType() const override { return Session; }
93
    CHIP_ERROR AdvanceAndConsume(uint32_t & fetch) override
94
0
    {
95
0
        if (mLastUsedValue == kMessageCounterMax)
96
0
        {
97
0
            return CHIP_ERROR_MESSAGE_COUNTER_EXHAUSTED;
98
0
        }
99
100
0
        fetch = ++mLastUsedValue;
101
0
        return CHIP_NO_ERROR;
102
0
    }
103
104
    // Test-only function to set the counter value
105
0
    void TestSetCounter(uint32_t value) { mLastUsedValue = value; }
106
107
private:
108
    uint32_t mLastUsedValue;
109
};
110
111
} // namespace chip