feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

fixes for various wolfcrypt -Wconversions visible only on compilers that promote byte and word16 to signed int, then warn of a sign conflict when an intrinsically safe result is assigned back to the original type.

Browse Source
This commit is contained in:
Daniel Pouzzner
2023-05-09 23:55:08 -05:00
parent ec9beaab41
commit f2c97d5d35
6 changed files with 31 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
wolfcrypt/src/asn.c
View File

@@ -2159,7 +2159,7 @@ int GetLength_ex(const byte* input, word32* inOutIdx, int* len, word32 maxIdx,
/* Bottom 7 bits are the number of bytes to calculate length with. /* Bottom 7 bits are the number of bytes to calculate length with.
* Note: 0 indicates indefinite length encoding *not* 0 bytes of length. * Note: 0 indicates indefinite length encoding *not* 0 bytes of length.
*/ */
word32 bytes = b & 0x7F; word32 bytes = (word32)b & 0x7FU;
int minLen; int minLen;
/* Calculate minimum length to be encoded with bytes. */ /* Calculate minimum length to be encoded with bytes. */
@@ -2935,7 +2935,7 @@ static int SetASNIntMP(mp_int* n, int maxSz, byte* output)
length = mp_unsigned_bin_size(n); length = mp_unsigned_bin_size(n);
if (maxSz >= 0 && (1 + length + (leadingBit ? 1 : 0)) > maxSz) if (maxSz >= 0 && (1 + length + (leadingBit ? 1 : 0)) > maxSz)
return BUFFER_E; return BUFFER_E;
idx = SetASNInt(length, leadingBit ? 0x80 : 0x00, output); idx = SetASNInt(length, (byte)(leadingBit ? 0x80U : 0x00U), output);
if (maxSz >= 0 && (idx + length) > maxSz) if (maxSz >= 0 && (idx + length) > maxSz)
return BUFFER_E; return BUFFER_E;
@@ -14468,7 +14468,7 @@ word32 SetLength(word32 length, byte* output)
if (output) { if (output) {
/* Encode count byte. */ /* Encode count byte. */
output[i] = j | ASN_LONG_LENGTH; output[i] = (byte)(j | ASN_LONG_LENGTH);
} }
/* Skip over count byte. */ /* Skip over count byte. */
i++; i++;
@@ -14550,8 +14550,8 @@ word32 SetSet(word32 len, byte* output)
*/ */
word32 SetImplicit(byte tag, byte number, word32 len, byte* output) word32 SetImplicit(byte tag, byte number, word32 len, byte* output)
{ {
tag = ((tag == ASN_SEQUENCE || tag == ASN_SET) ? ASN_CONSTRUCTED : 0) tag = (byte)(((tag == ASN_SEQUENCE || tag == ASN_SET) ? ASN_CONSTRUCTED : 0)
| ASN_CONTEXT_SPECIFIC | number; | ASN_CONTEXT_SPECIFIC | number);
return SetHeader(tag, len, output); return SetHeader(tag, len, output);
} }
@@ -14566,8 +14566,8 @@ word32 SetImplicit(byte tag, byte number, word32 len, byte* output)
*/ */
word32 SetExplicit(byte number, word32 len, byte* output) word32 SetExplicit(byte number, word32 len, byte* output)
{ {
return SetHeader(ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | number, len, return SetHeader((byte)(ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | number),
output); len, output);
} }
#if defined(OPENSSL_EXTRA) #if defined(OPENSSL_EXTRA)
@@ -14754,8 +14754,7 @@ word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz)
tagSz = (type == oidHashType || tagSz = (type == oidHashType ||
(type == oidSigType && !IsSigAlgoECC((word32)algoOID)) || (type == oidSigType && !IsSigAlgoECC((word32)algoOID)) ||
(type == oidKeyType && algoOID == RSAk)) ? 2 : 0; (type == oidKeyType && algoOID == RSAk)) ? 2U : 0U;
algoName = OidFromId((word32)algoOID, (word32)type, &algoSz); algoName = OidFromId((word32)algoOID, (word32)type, &algoSz);
if (algoName == NULL) { if (algoName == NULL) {
WOLFSSL_MSG("Unknown Algorithm"); WOLFSSL_MSG("Unknown Algorithm");
@@ -18634,7 +18633,7 @@ static int DecodeSubtree(const byte* input, word32 sz, Base_entry** head,
} }
/* Get type, LSB 4-bits */ /* Get type, LSB 4-bits */
bType = (b & ASN_TYPE_MASK); bType = (byte)(b & ASN_TYPE_MASK);
if (bType == ASN_DNS_TYPE || bType == ASN_RFC822_TYPE || if (bType == ASN_DNS_TYPE || bType == ASN_RFC822_TYPE ||
bType == ASN_DIR_TYPE) { bType == ASN_DIR_TYPE) {
@@ -21988,7 +21987,7 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
if (decrementMaxPathLen && cert->ca->maxPathLen > 0) { if (decrementMaxPathLen && cert->ca->maxPathLen > 0) {
WOLFSSL_MSG("\tmaxPathLen status: reduce by 1"); WOLFSSL_MSG("\tmaxPathLen status: reduce by 1");
cert->maxPathLen = cert->ca->maxPathLen - 1; cert->maxPathLen = (byte)(cert->ca->maxPathLen - 1);
if (verify != NO_VERIFY && type != CA_TYPE && if (verify != NO_VERIFY && type != CA_TYPE &&
type != TRUSTED_PEER_TYPE) { type != TRUSTED_PEER_TYPE) {
WOLFSSL_MSG("\tmaxPathLen status: OK"); WOLFSSL_MSG("\tmaxPathLen status: OK");
@@ -22006,7 +22005,7 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
} else if (cert->ca && cert->isCA) { } else if (cert->ca && cert->isCA) {
/* case where cert->pathLength extension is not set */ /* case where cert->pathLength extension is not set */
if (cert->ca->maxPathLen > 0) { if (cert->ca->maxPathLen > 0) {
cert->maxPathLen = cert->ca->maxPathLen - 1; cert->maxPathLen = (byte)(cert->ca->maxPathLen - 1);
} else { } else {
cert->maxPathLen = 0; cert->maxPathLen = 0;
if (verify != NO_VERIFY && type != CA_TYPE && if (verify != NO_VERIFY && type != CA_TYPE &&
@@ -31240,7 +31239,7 @@ int StoreECC_DSA_Sig_Bin(byte* out, word32* outLen, const byte* r, word32 rLen,
idx = SetSequence(rLen+rAddLeadZero + sLen+sAddLeadZero + headerSz, out); idx = SetSequence(rLen+rAddLeadZero + sLen+sAddLeadZero + headerSz, out);
/* store r */ /* store r */
ret = SetASNInt((int)rLen, rAddLeadZero ? 0x80 : 0x00, &out[idx]); ret = SetASNInt((int)rLen, (byte)(rAddLeadZero ? 0x80U : 0x00U), &out[idx]);
if (ret < 0) if (ret < 0)
return ret; return ret;
idx += (word32)ret; idx += (word32)ret;
@@ -31248,7 +31247,7 @@ int StoreECC_DSA_Sig_Bin(byte* out, word32* outLen, const byte* r, word32 rLen,
idx += rLen; idx += rLen;
/* store s */ /* store s */
ret = SetASNInt((int)sLen, sAddLeadZero ? 0x80 : 0x00, &out[idx]); ret = SetASNInt((int)sLen, (byte)(sAddLeadZero ? 0x80U : 0x00U), &out[idx]);
if (ret < 0) if (ret < 0)
return ret; return ret;
idx += (word32)ret; idx += (word32)ret;

10
wolfcrypt/src/coding.c
View File

@@ -100,11 +100,11 @@ static WC_INLINE byte Base64_Char2Val(byte c)
byte mask; byte mask;
c -= BASE64_MIN; c -= BASE64_MIN;
mask = (((byte)(0x3f - c)) >> 7) - 1; mask = (byte)((((byte)(0x3f - c)) >> 7) - 1);
/* Load a value from the first cache line and use when mask set. */ /* Load a value from the first cache line and use when mask set. */
v = base64Decode[ c & 0x3f ] & mask ; v = (byte)(base64Decode[ c & 0x3f ] & mask);
/* Load a value from the second cache line and use when mask not set. */ /* Load a value from the second cache line and use when mask not set. */
v |= base64Decode[(c & 0x0f) | 0x40] & (~mask); v |= (byte)(base64Decode[(c & 0x0f) | 0x40] & (~mask));
return v; return v;
#else #else
@@ -236,8 +236,8 @@ int Base64_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
e1 = Base64_Char2Val(e1); e1 = Base64_Char2Val(e1);
e2 = Base64_Char2Val(e2); e2 = Base64_Char2Val(e2);
e3 = (e3 == PAD) ? 0 : Base64_Char2Val(e3); e3 = (byte)((e3 == PAD) ? 0 : Base64_Char2Val(e3));
e4 = (e4 == PAD) ? 0 : Base64_Char2Val(e4); e4 = (byte)((e4 == PAD) ? 0 : Base64_Char2Val(e4));
if (e1 == BAD || e2 == BAD || e3 == BAD || e4 == BAD) { if (e1 == BAD || e2 == BAD || e3 == BAD || e4 == BAD) {
WOLFSSL_MSG("Bad Base64 Decode bad character"); WOLFSSL_MSG("Bad Base64 Decode bad character");

6
wolfcrypt/src/ecc.c
View File

@@ -1633,7 +1633,7 @@ static int wc_ecc_curve_load(const ecc_set_type* dp, ecc_curve_spec** pCurve,
curve->dp = dp; /* set dp info */ curve->dp = dp; /* set dp info */
/* determine items to load */ /* determine items to load */
load_items = (((byte)~(word32)curve->load_mask) & load_mask); load_items = (byte)(((byte)~(word32)curve->load_mask) & load_mask);
curve->load_mask |= load_items; curve->load_mask |= load_items;
/* load items */ /* load items */
@@ -6928,7 +6928,7 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
/* may still need bit truncation too */ /* may still need bit truncation too */
if (err == MP_OKAY && (WOLFSSL_BIT_SIZE * inlen) > orderBits) if (err == MP_OKAY && (WOLFSSL_BIT_SIZE * inlen) > orderBits)
mp_rshb(e, WOLFSSL_BIT_SIZE - (orderBits & 0x7)); mp_rshb(e, (int)(WOLFSSL_BIT_SIZE - (orderBits & 0x7)));
} }
/* make up a key and export the public copy */ /* make up a key and export the public copy */
@@ -8389,7 +8389,7 @@ static int ecc_verify_hash(mp_int *r, mp_int *s, const byte* hash,
/* may still need bit truncation too */ /* may still need bit truncation too */
if (err == MP_OKAY && (WOLFSSL_BIT_SIZE * hashlen) > orderBits) if (err == MP_OKAY && (WOLFSSL_BIT_SIZE * hashlen) > orderBits)
mp_rshb(e, WOLFSSL_BIT_SIZE - (orderBits & 0x7)); mp_rshb(e, (int)(WOLFSSL_BIT_SIZE - (orderBits & 0x7)));
} }
/* check for async hardware acceleration */ /* check for async hardware acceleration */

2
wolfcrypt/src/hmac.c
View File

@@ -586,7 +586,7 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
XMEMSET(ip + length, 0, hmac_block_size - length); XMEMSET(ip + length, 0, hmac_block_size - length);
for(i = 0; i < hmac_block_size; i++) { for(i = 0; i < hmac_block_size; i++) {
op[i] = ip[i] ^ OPAD; op[i] = (byte)(ip[i] ^ OPAD);
ip[i] ^= IPAD; ip[i] ^= IPAD;
} }
} }

14
wolfcrypt/src/misc.c
View File

@@ -289,7 +289,7 @@ WC_MISC_STATIC WC_INLINE void xorbufout(void* out, const void* buf,
/* Move alignment so that it lines up with a /* Move alignment so that it lines up with a
* WOLFSSL_WORD_SIZE boundary */ * WOLFSSL_WORD_SIZE boundary */
while (((wc_ptr_t)b) % WOLFSSL_WORD_SIZE != 0 && count > 0) { while (((wc_ptr_t)b) % WOLFSSL_WORD_SIZE != 0 && count > 0) {
*(o++) = *(b++) ^ *(m++); *(o++) = (byte)(*(b++) ^ *(m++));
count--; count--;
} }
XorWordsOut( (wolfssl_word**)&o, (const wolfssl_word**)&b, XorWordsOut( (wolfssl_word**)&o, (const wolfssl_word**)&b,
@@ -298,7 +298,7 @@ WC_MISC_STATIC WC_INLINE void xorbufout(void* out, const void* buf,
} }
for (i = 0; i < count; i++) for (i = 0; i < count; i++)
o[i] = b[i] ^ m[i]; o[i] = (byte)(b[i] ^ m[i]);
} }
/* This routine performs a bitwise XOR operation of <*r> and <*a> for <n> number /* This routine performs a bitwise XOR operation of <*r> and <*a> for <n> number
@@ -505,8 +505,8 @@ WC_MISC_STATIC WC_INLINE int ByteToHexStr(byte in, char* out)
if (out == NULL) if (out == NULL)
return -1; return -1;
out[0] = ByteToHex(in >> 4); out[0] = ByteToHex((byte)(in >> 4));
out[1] = ByteToHex(in & 0xf); out[1] = ByteToHex((byte)(in & 0xf));
return 0; return 0;
} }
@@ -544,7 +544,7 @@ WC_MISC_STATIC WC_INLINE byte ctMaskLTE(int a, int b)
/* Constant time - mask set when a == b. */ /* Constant time - mask set when a == b. */
WC_MISC_STATIC WC_INLINE byte ctMaskEq(int a, int b) WC_MISC_STATIC WC_INLINE byte ctMaskEq(int a, int b)
{ {
return (byte)(~ctMaskGT(a, b)) & (byte)(~ctMaskLT(a, b)); return (byte)((byte)(~ctMaskGT(a, b)) & (byte)(~ctMaskLT(a, b)));
} }
/* Constant time - sets 16 bit integer mask when a > b */ /* Constant time - sets 16 bit integer mask when a > b */
@@ -574,13 +574,13 @@ WC_MISC_STATIC WC_INLINE word16 ctMask16LTE(int a, int b)
/* Constant time - sets 16 bit integer mask when a == b. */ /* Constant time - sets 16 bit integer mask when a == b. */
WC_MISC_STATIC WC_INLINE word16 ctMask16Eq(int a, int b) WC_MISC_STATIC WC_INLINE word16 ctMask16Eq(int a, int b)
{ {
return (word16)(~ctMask16GT(a, b)) & (word16)(~ctMask16LT(a, b)); return (word16)((word16)(~ctMask16GT(a, b)) & (word16)(~ctMask16LT(a, b)));
} }
/* Constant time - mask set when a != b. */ /* Constant time - mask set when a != b. */
WC_MISC_STATIC WC_INLINE byte ctMaskNotEq(int a, int b) WC_MISC_STATIC WC_INLINE byte ctMaskNotEq(int a, int b)
{ {
return (byte)ctMaskGT(a, b) | (byte)ctMaskLT(a, b); return (byte)((byte)ctMaskGT(a, b) | (byte)ctMaskLT(a, b));
} }
/* Constant time - select a when mask is set and b otherwise. */ /* Constant time - select a when mask is set and b otherwise. */

4
wolfcrypt/src/sp_int.c
View File

@@ -12576,7 +12576,7 @@ static int _sp_exptmod_ex(const sp_int* b, const sp_int* e, int bits,
if (err == MP_OKAY) { if (err == MP_OKAY) {
/* 4.2. y = e[i] */ /* 4.2. y = e[i] */
int y = (e->dp[i >> SP_WORD_SHIFT] >> (i & SP_WORD_MASK)) & 1; int y = (int)((e->dp[i >> SP_WORD_SHIFT] >> (i & SP_WORD_MASK)) & 1);
/* 4.3. j = y & s */ /* 4.3. j = y & s */
int j = y & s; int j = y & s;
/* 4.4 s = s | y */ /* 4.4 s = s | y */
@@ -12709,7 +12709,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
if (err == MP_OKAY) { if (err == MP_OKAY) {
/* 6.2. y = e[i] */ /* 6.2. y = e[i] */
int y = (e->dp[i >> SP_WORD_SHIFT] >> (i & SP_WORD_MASK)) & 1; int y = (int)((e->dp[i >> SP_WORD_SHIFT] >> (i & SP_WORD_MASK)) & 1);
/* 6.3 j = y & s */ /* 6.3 j = y & s */
int j = y & s; int j = y & s;
/* 6.4 s = s | y */ /* 6.4 s = s | y */