missing replay protection for data packets

[hannesm]

in Engine.incoming_data, replay protection should be initiated (discussed in #37 (comment)). An implementation suggestion from @cfcs:

module Sliding_window : sig
  type t
  val make : int -> t
  val add : int -> t -> (t, string) result
  val mem : t -> int -> bool
  val pp : Format.formatter -> t -> unit
end = struct
  type t = { window: int; counter: int; }
  let make counter = { window = 1; counter }
  let add n {window; counter} =
    if n <= counter then begin
      let diff = counter -n in
      if diff >= Sys.int_size
      then Error "n not in sliding window"
      else Ok {window = window lor (1 lsl diff); counter}
    end else begin (* counter > n; always succeeds *)
      let diff = n - counter in
      if diff >= Sys.int_size
      then Ok (make n) (* new window *)
      else Ok {window = (window lsl diff) lor 1; counter = n}
    end

  let pp ppf {window;counter} =
    Fmt.pf ppf "{ window = %d; counter = %d }" window counter

  let mem {window;counter} n =
    let diff = counter - n in
    if counter < n || diff > Sys.int_size
    then false
    else 0 <> window land (1 lsl diff)
end

[hannesm]

related is that control frames are guarded with replay protection which potentially is bad (for udp, see #9) since it (a) rejects out-of-order packets and (b) doesn't do anything with the timestamp.

the data replay protection should be packet-id based, and in static key mode as well use the timestamp.

[hannesm]

since there's no replay protection or retransmission for data packets, I'll close this. The control packet replay protection and sliding window is tracked in #148.