feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Fix build errors and warnings for MSVC with DTLS 1.3

Browse Source
This commit is contained in:
Juliusz Sosinowicz
2022-09-07 18:30:54 +02:00
parent 38418b31f1
commit 112fc540bb
8 changed files with 57 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
IDE/WIN/user_settings.h
View File

@ -6,6 +6,15 @@
#error This user_settings.h header is only designed for Windows
#endif
#define USE_WOLFSSL_IO
#define WOLFSSL_TLS13
#define HAVE_HKDF
#define HAVE_FFDHE_4096
#define WC_RSA_PSS
#define WOLFSSL_DTLS
#define WOLFSSL_DTLS13
#define WOLFSSL_DTLS_CID
/* Configurations */
#if defined(HAVE_FIPS)
/* FIPS */

5
src/dtls.c
View File

@ -33,6 +33,11 @@
typedef struct ConnectionID {
byte length;
/* Ignore "nonstandard extension used : zero-sized array in struct/union"
* MSVC warning */
#ifdef _MSC_VER
#pragma warning(disable: 4200)
#endif
byte id[];
} ConnectionID;

24
src/dtls13.c
View File

@ -206,7 +206,7 @@ static int Dtls13HandshakeAddHeaderFrag(WOLFSSL* ssl, byte* output,
static byte Dtls13TypeIsEncrypted(enum HandShakeType hs_type)
{
int ret = 0;
byte ret = 0;
switch (hs_type) {
case hello_request:
@ -240,7 +240,6 @@ static int Dtls13GetRnMask(WOLFSSL* ssl, const byte* ciphertext, byte* mask,
enum rnDirection dir)
{
RecordNumberCiphers* c;
int ret;
if (dir == PROTECT)
c = &ssl->dtlsRecordNumberEncrypt;
@ -260,6 +259,7 @@ static int Dtls13GetRnMask(WOLFSSL* ssl, const byte* ciphertext, byte* mask,
#ifdef HAVE_CHACHA
if (ssl->specs.bulk_cipher_algorithm == wolfssl_chacha) {
word32 counter;
int ret;
if (c->chacha == NULL)
return BAD_STATE_E;
@ -886,7 +886,7 @@ static int Dtls13SendFragmentedInternal(WOLFSSL* ssl)
ret = Dtls13SendOneFragmentRtx(ssl,
(enum HandShakeType)ssl->dtls13FragHandshakeType,
recordLength + MAX_MSG_EXTRA, output, recordLength, 0);
(word16)recordLength + MAX_MSG_EXTRA, output, (word32)recordLength, 0);
if (ret == WANT_WRITE) {
ssl->dtls13FragOffset += fragLength;
return ret;
@ -930,7 +930,7 @@ static int Dtls13SendFragmented(WOLFSSL* ssl, byte* message, word16 length,
hash now pretending fragmentation will not happen */
if (hash_output) {
ret = Dtls13HashHandshake(ssl, message + rlHeaderLength,
length - rlHeaderLength);
length - (word16)rlHeaderLength);
if (ret != 0)
return ret;
}
@ -1022,7 +1022,7 @@ static int Dtls13UnifiedHeaderParseCID(WOLFSSL* ssl, byte flags,
if (ret != WOLFSSL_SUCCESS)
return ret;
*idx += _cidSz;
*idx += (word16)_cidSz;
return 0;
}
@ -1256,7 +1256,7 @@ int Dtls13ReconstructEpochNumber(WOLFSSL* ssl, byte epochBits,
{
w64wrapper _epoch;
Dtls13Epoch* e;
byte found;
byte found = 0;
int i;
if (Dtls13GetEpochBits(ssl->dtls13PeerEpoch) == epochBits) {
@ -1465,7 +1465,7 @@ static int Dtls13RtxSendBuffered(WOLFSSL* ssl)
seq = ssl->dtls13EncryptEpoch->nextSeqNumber;
ret = Dtls13SendFragment(ssl, output, sendSz, r->length + headerLength,
ret = Dtls13SendFragment(ssl, output, (word16)sendSz, r->length + headerLength,
(enum HandShakeType)r->handshakeType, 0,
isLast || !ssl->options.groupMessages);
if (ret != 0 && ret != WANT_WRITE)
@ -1590,7 +1590,7 @@ static int _Dtls13HandshakeRecv(WOLFSSL* ssl, byte* input, word32 size,
ssl->keys.dtls_expected_peer_handshake_number ||
usingAsyncCrypto) {
if (ssl->dtls_rx_msg_list_sz < DTLS_POOL_SZ) {
DtlsMsgStore(ssl, w64GetLow32(ssl->keys.curEpoch64),
DtlsMsgStore(ssl, (word16)w64GetLow32(ssl->keys.curEpoch64),
ssl->keys.dtls_peer_handshake_number,
input + DTLS_HANDSHAKE_HEADER_SZ, messageLength, handshakeType,
fragOff, fragLength, ssl->heap);
@ -1672,7 +1672,7 @@ int Dtls13AddHeaders(byte* output, word32 length, enum HandShakeType hsType,
WOLFSSL* ssl)
{
word16 handshakeOffset;
int isEncrypted;
byte isEncrypted;
isEncrypted = Dtls13TypeIsEncrypted(hsType);
handshakeOffset = Dtls13GetRlHeaderLength(ssl, isEncrypted);
@ -2004,7 +2004,7 @@ int Dtls13NewEpoch(WOLFSSL* ssl, w64wrapper epochNumber, int side)
/* fresh epoch, initialize fields */
e->epochNumber = epochNumber;
e->isValid = 1;
e->side = side;
e->side = (byte)side;
}
else if (e->side != side) {
/* epoch used for the other side already. update side */
@ -2212,7 +2212,7 @@ static int Dtls13GetAckListLength(Dtls13RecordNumber* list, word16* length)
numberElements++;
}
*length = DTLS13_RN_SIZE * numberElements;
*length = (word16)(DTLS13_RN_SIZE * numberElements);
return 0;
}
@ -2525,7 +2525,7 @@ int SendDtls13Ack(WOLFSSL* ssl)
output =
ssl->buffers.outputBuffer.buffer + ssl->buffers.outputBuffer.length;
ret = Dtls13RlAddPlaintextHeader(ssl, output, ack, length);
ret = Dtls13RlAddPlaintextHeader(ssl, output, ack, (word16)length);
if (ret != 0)
return ret;

16
src/internal.c
View File

@ -8376,16 +8376,15 @@ static void DtlsMsgAssembleCompleteMessage(DtlsMsg* msg)
/* frag->padding makes sure we can fit the entire DTLS handshake header
* before frag->buf */
dtls = (DtlsHandShakeHeader*)(void *)((char *)msg->fragBucketList
+ OFFSETOF(DtlsFragBucket,buf)
- DTLS_HANDSHAKE_HEADER_SZ);
dtls = (DtlsHandShakeHeader*)(msg->fragBucketList->buf -
DTLS_HANDSHAKE_HEADER_SZ);
msg->fragBucketList = NULL;
msg->fragBucketListCount = 0;
dtls->type = msg->type;
c32to24(msg->sz, dtls->length);
c16toa(msg->seq, dtls->message_seq);
c16toa((word16)msg->seq, dtls->message_seq);
c32to24(0, dtls->fragment_offset);
c32to24(msg->sz, dtls->fragment_length);
}
@ -9303,7 +9302,7 @@ int HashOutput(WOLFSSL* ssl, const byte* output, int sz, int ivSz)
if (IsAtLeastTLSv1_3(ssl->version)) {
#ifdef WOLFSSL_DTLS13
word16 dtls_record_extra;
dtls_record_extra = Dtls13GetRlHeaderLength(ssl, IsEncryptionOn(ssl, 1));
dtls_record_extra = Dtls13GetRlHeaderLength(ssl, (byte)IsEncryptionOn(ssl, 1));
dtls_record_extra -= RECORD_HEADER_SZ;
adj += dtls_record_extra;
@ -9339,7 +9338,7 @@ int HashInput(WOLFSSL* ssl, const byte* input, int sz)
#ifdef WOLFSSL_DTLS13
if (IsAtLeastTLSv1_3(ssl->version))
return Dtls13HashHandshake(ssl, adj, sz);
return Dtls13HashHandshake(ssl, adj, (word16)sz);
#endif /* WOLFSSL_DTLS13 */
}
@ -10161,7 +10160,7 @@ static int GetDtls13RecordHeader(WOLFSSL* ssl, const byte* input,
return ret;
}
ret = Dtls13ParseUnifiedRecordLayer(ssl, input + *inOutIdx, readSize,
ret = Dtls13ParseUnifiedRecordLayer(ssl, input + *inOutIdx, (word16)readSize,
&hdrInfo);
if (ret != 0)
@ -20681,6 +20680,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
if (sizeOnly)
goto exit_buildmsg;
{
#if defined(HAVE_SECURE_RENEGOTIATION) && defined(WOLFSSL_DTLS)
/* If we want the PREV_ORDER then modify CUR_ORDER sequence number
* for all encryption algos that use it for encryption parameters */
@ -20721,6 +20721,8 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
ssl->keys.dtls_sequence_number_lo = dtls_sequence_number_lo;
}
#endif
}
if (ret != 0)
goto exit_buildmsg;
ssl->options.buildMsgState = BUILD_MSG_ENCRYPTED_VERIFY_MAC;

2
src/ssl.c
View File

@ -1217,7 +1217,7 @@ void* wolfSSL_dtls_create_peer(int port, char* ip)
}
addr->sin_family = AF_INET;
addr->sin_port = htons(port);
addr->sin_port = XHTONS((word16)port);
if (XINET_PTON(AF_INET, ip, &addr->sin_addr) < 1) {
XFREE(addr, NULL, DYNAMIC_TYPE_SOCKADDR);
return NULL;

2
src/tls.c
View File

@ -5935,7 +5935,7 @@ static int TLSX_SupportedVersions_Parse(WOLFSSL* ssl, const byte* input,
ProtocolVersion pv = ssl->ctx->method->version;
int i;
int len;
int newMinor = 0;
byte newMinor = 0;
int set = 0;
int ret;
byte major, minor;

32
src/tls13.c
View File

@ -2994,7 +2994,7 @@ int BuildTls13Message(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
#ifdef WOLFSSL_DTLS13
if (ret == 0 && ssl->options.dtls) {
/* AAD points to the header. Reuse the variable */
ret = Dtls13EncryptRecordNumber(ssl, (byte*)aad, args->sz);
ret = Dtls13EncryptRecordNumber(ssl, (byte*)aad, (word16)args->sz);
}
#endif /* WOLFSSL_DTLS13 */
}
@ -3954,7 +3954,7 @@ int SendTls13ClientHello(WOLFSSL* ssl)
if (ssl->options.dtls)
ret = Dtls13HashHandshake(ssl,
args->output + Dtls13GetRlHeaderLength(ssl, 0),
args->idx - Dtls13GetRlHeaderLength(ssl, 0));
(word16)args->idx - Dtls13GetRlHeaderLength(ssl, 0));
else
#endif /* WOLFSSL_DTLS13 */
ret = HashOutput(ssl, args->output, args->idx, 0);
@ -3975,8 +3975,8 @@ int SendTls13ClientHello(WOLFSSL* ssl)
ssl->options.buildingMsg = 0;
#ifdef WOLFSSL_DTLS13
if (ssl->options.dtls) {
ret = Dtls13HandshakeSend(ssl, args->output, args->sendSz,
args->idx, client_hello, 0);
ret = Dtls13HandshakeSend(ssl, args->output, (word16)args->sendSz,
(word16)args->idx, client_hello, 0);
WOLFSSL_LEAVE("SendTls13ClientHello", ret);
WOLFSSL_END(WC_FUNC_CLIENT_HELLO_SEND);
@ -4035,7 +4035,7 @@ static int Dtls13DoDowngrade(WOLFSSL* ssl)
ssl->dtls13ClientHello = NULL;
ssl->dtls13ClientHelloSz = 0;
ssl->keys.dtls_sequence_number_hi =
w64GetHigh32(ssl->dtls13EncryptEpoch->nextSeqNumber);
(word16)w64GetHigh32(ssl->dtls13EncryptEpoch->nextSeqNumber);
ssl->keys.dtls_sequence_number_lo =
w64GetLow32(ssl->dtls13EncryptEpoch->nextSeqNumber);
return ret;
@ -6164,8 +6164,8 @@ int SendTls13ServerHello(WOLFSSL* ssl, byte extMsgType)
#ifdef WOLFSSL_DTLS13
if (ssl->options.dtls) {
ret = Dtls13HashHandshake(ssl,
output + Dtls13GetRlHeaderLength(ssl, 0) ,
sendSz - Dtls13GetRlHeaderLength(ssl, 0));
output + Dtls13GetRlHeaderLength(ssl, 0) ,
(word16)sendSz - Dtls13GetRlHeaderLength(ssl, 0));
}
else
#endif /* WOLFSSL_DTLS13 */
@ -6192,7 +6192,7 @@ int SendTls13ServerHello(WOLFSSL* ssl, byte extMsgType)
ssl->options.buildingMsg = 0;
#ifdef WOLFSSL_DTLS13
if (ssl->options.dtls) {
ret = Dtls13HandshakeSend(ssl, output, sendSz, sendSz,
ret = Dtls13HandshakeSend(ssl, output, (word16)sendSz, (word16)sendSz,
(enum HandShakeType)extMsgType, 0);
WOLFSSL_LEAVE("SendTls13ServerHello", ret);
@ -6333,7 +6333,7 @@ static int SendTls13EncryptedExtensions(WOLFSSL* ssl)
#ifdef WOLFSSL_DTLS13
if (ssl->options.dtls) {
ssl->options.buildingMsg = 0;
ret = Dtls13HandshakeSend(ssl, output, sendSz, idx,
ret = Dtls13HandshakeSend(ssl, output, (word16)sendSz, (word16)idx,
encrypted_extensions, 1);
if (ret == 0)
@ -6445,7 +6445,8 @@ static int SendTls13CertificateRequest(WOLFSSL* ssl, byte* reqCtx,
if (ssl->options.dtls) {
ssl->options.buildingMsg = 0;
ret =
Dtls13HandshakeSend(ssl, output, sendSz, i, certificate_request, 1);
Dtls13HandshakeSend(ssl, output, (word16)sendSz, (word16)i,
certificate_request, 1);
WOLFSSL_LEAVE("SendTls13CertificateRequest", ret);
WOLFSSL_END(WC_FUNC_CERTIFICATE_REQUEST_SEND);
@ -7255,7 +7256,8 @@ static int SendTls13Certificate(WOLFSSL* ssl)
/* DTLS1.3 uses a separate variable and logic for fragments */
ssl->options.buildingMsg = 0;
ssl->fragOffset = 0;
ret = Dtls13HandshakeSend(ssl, output, sendSz, i, certificate, 1);
ret = Dtls13HandshakeSend(ssl, output, (word16)sendSz, (word16)i,
certificate, 1);
}
else
#endif /* WOLFSSL_DTLS13 */
@ -7792,7 +7794,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
ssl->options.buildingMsg = 0;
ret = Dtls13HandshakeSend(ssl, args->output,
MAX_CERT_VERIFY_SZ + MAX_MSG_EXTRA + MAX_MSG_EXTRA,
args->sendSz, certificate_verify, 1);
(word16)args->sendSz, certificate_verify, 1);
if (ret != 0)
goto exit_scv;
@ -8719,8 +8721,8 @@ static int SendTls13Finished(WOLFSSL* ssl)
#ifdef WOLFSSL_DTLS13
if (isDtls) {
dtlsRet = Dtls13HandshakeSend(ssl, output, outputSz,
Dtls13GetRlHeaderLength(ssl, 1) + headerSz + finishedSz, finished,
dtlsRet = Dtls13HandshakeSend(ssl, output, (word16)outputSz,
(word16)(Dtls13GetRlHeaderLength(ssl, 1) + headerSz + finishedSz), finished,
1);
if (dtlsRet != 0 && dtlsRet != WANT_WRITE)
return ret;
@ -8931,7 +8933,7 @@ static int SendTls13KeyUpdate(WOLFSSL* ssl)
#ifdef WOLFSSL_DTLS13
if (ssl->options.dtls) {
ret = Dtls13HandshakeSend(ssl, output, outputSz,
ret = Dtls13HandshakeSend(ssl, output, (word16)outputSz,
OPAQUE8_LEN + Dtls13GetRlHeaderLength(ssl, 1) +
DTLS_HANDSHAKE_HEADER_SZ,
key_update, 0);

6
src/wolfio.c
View File

@ -374,9 +374,9 @@ static int sockAddrEqual(
static int isDGramSock(int sfd)
{
int type = 0;
char type = 0;
/* optvalue 'type' is of size int */
XSOCKLENT length = (XSOCKLENT)sizeof(int);
XSOCKLENT length = (XSOCKLENT)sizeof(char);
if (getsockopt(sfd, SOL_SOCKET, SO_TYPE, &type, &length) == 0 &&
type != SOCK_DGRAM) {
@ -399,7 +399,7 @@ int EmbedReceiveFrom(WOLFSSL *ssl, char *buf, int sz, void *ctx)
byte doDtlsTimeout;
SOCKADDR_S lclPeer;
SOCKADDR_S* peer;
XSOCKLENT peerSz;
XSOCKLENT peerSz = 0;
WOLFSSL_ENTER("EmbedReceiveFrom()");