cleanup build warnings

1. Change `CyaSSL_OCSP_set_options()` to return `SSL_SUCCESS` or `SSL_FAILURE` as `int` like rest of API. 2. Fix data narrowing warning in file io.c function `process_http_response()`. 3. Fix global variable shadowed warning in file ssl.c function `CyaSSL_GetSessionAtIndex()` 4. Fix data narrowing warning in file internal.c functions `Encrypt()` and `Decrypt()`. Passed in a word32 size parameter that was provided a word16 and used as a word16. 5. Removed unreachable code from file tls.c function `CyaSSL_GetHmacType()`. 6. Fix data narrowing warnings in file aes.c functions `AesCcmEncrypt()` and `AesCcmDecrypt()`.
2013-08-23 10:09:35 -07:00
parent 64ba0587a3
commit d734c86c72
6 changed files with 28 additions and 22 deletions
--- a/ctaocrypt/src/aes.c
+++ b/ctaocrypt/src/aes.c
@@ -2733,12 +2733,13 @@ void AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
 {
    byte A[AES_BLOCK_SIZE];
    byte B[AES_BLOCK_SIZE];
-    word32 i, lenSz;
+    byte lenSz;
    word32 i;
    XMEMCPY(B+1, nonce, nonceSz);
-    lenSz = AES_BLOCK_SIZE - 1 - nonceSz;
+    lenSz = AES_BLOCK_SIZE - 1 - (byte)nonceSz;
    B[0] = (authInSz > 0 ? 64 : 0)
-         + (8 * ((authTagSz - 2) / 2))
+         + (8 * (((byte)authTagSz - 2) / 2))
         + (lenSz - 1);
    for (i = 0; i < lenSz; i++)
        B[AES_BLOCK_SIZE - 1 - i] = (inSz >> (8 * i)) & 0xFF;
@@ -2750,7 +2751,7 @@ void AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
        roll_x(aes, in, inSz, A);
    XMEMCPY(authTag, A, authTagSz);
-    B[0] = (lenSz - 1);
+    B[0] = lenSz - 1;
    for (i = 0; i < lenSz; i++)
        B[AES_BLOCK_SIZE - 1 - i] = 0;
    AesEncrypt(aes, B, A);
@@ -2786,14 +2787,16 @@ int  AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
    byte A[AES_BLOCK_SIZE];
    byte B[AES_BLOCK_SIZE];
    byte* o;
-    word32 i, lenSz, oSz; int result = 0;
+    byte lenSz;
    word32 i, oSz;
    int result = 0;
    o = out;
    oSz = inSz;
    XMEMCPY(B+1, nonce, nonceSz);
-    lenSz = AES_BLOCK_SIZE - 1 - nonceSz;
+    lenSz = AES_BLOCK_SIZE - 1 - (byte)nonceSz;
-    B[0] = (lenSz - 1);
+    B[0] = lenSz - 1;
    for (i = 0; i < lenSz; i++)
        B[AES_BLOCK_SIZE - 1 - i] = 0;
    B[15] = 1;
@@ -2822,7 +2825,7 @@ int  AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
    oSz = inSz;
    B[0] = (authInSz > 0 ? 64 : 0)
-         + (8 * ((authTagSz - 2) / 2))
+         + (8 * (((byte)authTagSz - 2) / 2))
         + (lenSz - 1);
    for (i = 0; i < lenSz; i++)
        B[AES_BLOCK_SIZE - 1 - i] = (inSz >> (8 * i)) & 0xFF;
@@ -2833,7 +2836,7 @@ int  AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
    if (inSz > 0)
        roll_x(aes, o, oSz, A);
-    B[0] = (lenSz - 1);
+    B[0] = lenSz - 1;
    for (i = 0; i < lenSz; i++)
        B[AES_BLOCK_SIZE - 1 - i] = 0;
    AesEncrypt(aes, B, B);
--- a/cyassl/ssl.h
+++ b/cyassl/ssl.h
@@ -1140,7 +1140,7 @@ CYASSL_API int CyaSSL_accept_ex(CYASSL*, HandShakeCallBack, TimeoutCallBack,
 #endif /* CYASSL_CALLBACKS */
-CYASSL_API long CyaSSL_CTX_OCSP_set_options(CYASSL_CTX*, long);
+CYASSL_API int  CyaSSL_CTX_OCSP_set_options(CYASSL_CTX*, int);
 CYASSL_API int  CyaSSL_CTX_OCSP_set_override_url(CYASSL_CTX*, const char*);
 /* OCSP Options */
--- a/src/internal.c
+++ b/src/internal.c
@@ -3683,7 +3683,7 @@ static INLINE void AeadIncrementExpIV(CYASSL* ssl)
 #endif
-static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word32 sz)
+static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word16 sz)
 {
    (void)out;
    (void)input;
@@ -3834,7 +3834,7 @@ static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word32 sz)
 static INLINE int Decrypt(CYASSL* ssl, byte* plain, const byte* input,
-                           word32 sz)
+                           word16 sz)
 {
    (void)plain;
    (void)input;
--- a/src/io.c
+++ b/src/io.c
@@ -679,7 +679,8 @@ static int process_http_response(int sfd, byte** respBuf,
        }
        else {
            *end = 0;
-            len -= end - start + 2;
+            len -= (int)(end - start) + 2;
                /* adjust len to remove the first line including the /r/n */
            if (XSTRNCASECMP(start, "HTTP/1", 6) == 0) {
                start += 9;
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -4797,14 +4797,14 @@ int CyaSSL_GetSessionIndex(CYASSL* ssl)
 }
-int CyaSSL_GetSessionAtIndex(int index, CYASSL_SESSION* session)
+int CyaSSL_GetSessionAtIndex(int idx, CYASSL_SESSION* session)
 {
    int row, col, result = SSL_FAILURE;
    CYASSL_ENTER("CyaSSL_GetSessionAtIndex");
-    row = index >> SESSIDX_ROW_SHIFT;
+    row = idx >> SESSIDX_ROW_SHIFT;
-    col = index & SESSIDX_IDX_MASK;
+    col = idx & SESSIDX_IDX_MASK;
    if (LockMutex(&session_mutex) != 0) {
        return BAD_MUTEX_ERROR;
@@ -10353,7 +10353,7 @@ const byte* CyaSSL_get_sessionID(const CYASSL_SESSION* session)
 #endif /* SESSION_CERTS */
-long CyaSSL_CTX_OCSP_set_options(CYASSL_CTX* ctx, long options)
+int CyaSSL_CTX_OCSP_set_options(CYASSL_CTX* ctx, int options)
 {
    CYASSL_ENTER("CyaSSL_CTX_OCSP_set_options");
 #ifdef HAVE_OCSP
@@ -10361,9 +10361,9 @@ long CyaSSL_CTX_OCSP_set_options(CYASSL_CTX* ctx, long options)
        ctx->ocsp.enabled = (options & CYASSL_OCSP_ENABLE) != 0;
        ctx->ocsp.useOverrideUrl = (options & CYASSL_OCSP_URL_OVERRIDE) != 0;
        ctx->ocsp.useNonce = (options & CYASSL_OCSP_NO_NONCE) == 0;
-        return 1;
+        return SSL_SUCCESS;
    }
-    return 0;
+    return SSL_FAILURE;
 #else
    (void)ctx;
    (void)options;
--- a/src/tls.c
+++ b/src/tls.c
@@ -450,15 +450,17 @@ int CyaSSL_GetHmacType(CYASSL* ssl)
        #endif
        #ifndef NO_SHA
        case sha_mac:
        default:
        {
            return SHA;
        }
        break;
        #endif
        default:
        {
            return SSL_FATAL_ERROR;
        }
        break;
    }
    return -1;
 }