diff --git a/src/pk.c b/src/pk.c index f46658185..4b4d99671 100644 --- a/src/pk.c +++ b/src/pk.c @@ -242,20 +242,20 @@ static int der_to_pem_alloc(const unsigned char* der, int derSz, int type, (void)heap; - pemSz = wc_DerToPem(der, derSz, NULL, 0, type); + pemSz = wc_DerToPem(der, (word32)derSz, NULL, 0, type); if (pemSz < 0) { ret = WOLFSSL_FAILURE; } if (ret == WOLFSSL_SUCCESS) { - pem = (byte*)XMALLOC(pemSz, heap, DYNAMIC_TYPE_TMP_BUFFER); + pem = (byte*)XMALLOC((size_t)pemSz, heap, DYNAMIC_TYPE_TMP_BUFFER); if (pem == NULL) { ret = WOLFSSL_FAILURE; } } - if ((ret == WOLFSSL_SUCCESS) && (wc_DerToPem(der, derSz, pem, pemSz, - type) < 0)) { + if ((ret == WOLFSSL_SUCCESS) && (wc_DerToPem(der, (word32)derSz, pem, + (word32)pemSz, type) < 0)) { ret = WOLFSSL_FAILURE; XFREE(pem, heap, DYNAMIC_TYPE_TMP_BUFFER); pem = NULL; @@ -322,7 +322,7 @@ static int der_write_to_file_as_pem(const unsigned char* der, int derSz, ret = der_to_pem_alloc(der, derSz, type, heap, &pem, &pemSz); if (ret == WOLFSSL_SUCCESS) { - int len = (int)XFWRITE(pem, 1, pemSz, fp); + int len = (int)XFWRITE(pem, 1, (size_t)pemSz, fp); if (len != pemSz) { WOLFSSL_ERROR_MSG("Unable to write full PEM to BIO"); ret = WOLFSSL_FAILURE; @@ -356,7 +356,7 @@ static int der_to_enc_pem_alloc(unsigned char* der, int derSz, byte *tmpBuf; /* Add space for padding. */ - tmpBuf = (byte*)XREALLOC(der, derSz + blockSz, heap, + tmpBuf = (byte*)XREALLOC(der, (size_t)(derSz + blockSz), heap, DYNAMIC_TYPE_TMP_BUFFER); if (tmpBuf == NULL) { WOLFSSL_ERROR_MSG("Extending DER buffer failed"); @@ -377,7 +377,7 @@ static int der_to_enc_pem_alloc(unsigned char* der, int derSz, if (ret == 1) { /* Calculate PEM encoding size. */ - pemSz = wc_DerToPemEx(der, derSz, NULL, 0, cipherInfo, type); + pemSz = wc_DerToPemEx(der, (word32)derSz, NULL, 0, cipherInfo, type); if (pemSz <= 0) { WOLFSSL_ERROR_MSG("wc_DerToPemEx failed"); ret = 0; @@ -385,7 +385,7 @@ static int der_to_enc_pem_alloc(unsigned char* der, int derSz, } if (ret == 1) { /* Allocate space for PEM encoding plus a NUL terminator. */ - tmp = (byte*)XMALLOC(pemSz + 1, NULL, DYNAMIC_TYPE_KEY); + tmp = (byte*)XMALLOC((size_t)(pemSz + 1), NULL, DYNAMIC_TYPE_KEY); if (tmp == NULL) { WOLFSSL_ERROR_MSG("malloc failed"); ret = 0; @@ -393,7 +393,8 @@ static int der_to_enc_pem_alloc(unsigned char* der, int derSz, } if (ret == 1) { /* DER to PEM */ - pemSz = wc_DerToPemEx(der, derSz, tmp, pemSz, cipherInfo, type); + pemSz = wc_DerToPemEx(der, (word32)derSz, tmp, (word32)pemSz, + cipherInfo, type); if (pemSz <= 0) { WOLFSSL_ERROR_MSG("wc_DerToPemEx failed"); ret = 0; @@ -562,7 +563,7 @@ static int wolfssl_print_indent(WOLFSSL_BIO* bio, char* line, int lineLen, if (indent > 0) { /* Print indent spaces. */ - int len_wanted = XSNPRINTF(line, lineLen, "%*s", indent, " "); + int len_wanted = XSNPRINTF(line, (size_t)lineLen, "%*s", indent, " "); if (len_wanted >= lineLen) { WOLFSSL_ERROR_MSG("Buffer overflow formatting indentation"); ret = 0; @@ -651,7 +652,7 @@ static int wolfssl_print_number(WOLFSSL_BIO* bio, mp_int* num, const char* name, ret = 0; } if (ret == 1) { - rawKey = (byte*)XMALLOC(rawLen, NULL, DYNAMIC_TYPE_TMP_BUFFER); + rawKey = (byte*)XMALLOC((size_t)rawLen, NULL, DYNAMIC_TYPE_TMP_BUFFER); if (rawKey == NULL) { WOLFSSL_ERROR_MSG("Memory allocation error"); ret = 0; @@ -697,8 +698,8 @@ static int wolfssl_print_number(WOLFSSL_BIO* bio, mp_int* num, const char* name, /* Put out each line of numbers. */ for (i = 0; (ret == 1) && (i < rawLen); i++) { /* Encode another byte as 2 hex digits and append colon. */ - int len_wanted = XSNPRINTF(line + li, sizeof(line) - li, "%02x:", - rawKey[i]); + int len_wanted = XSNPRINTF(line + li, sizeof(line) - (size_t)li, + "%02x:", rawKey[i]); /* Check if there was room -- if not, print the current line, not * including the newest octet. */ @@ -760,7 +761,7 @@ static int wolfssl_der_length(const unsigned char* seq, int len) /* Check it is a SEQUENCE and get the length of the underlying data. * i is updated to be after SEQUENCE header bytes. */ - if (GetSequence_ex(seq, &i, &ret, len, 0) >= 0) { + if (GetSequence_ex(seq, &i, &ret, (word32)len, 0) >= 0) { /* Add SEQUENCE header length to underlying data length. */ ret += (int)i; } @@ -814,11 +815,12 @@ WOLFSSL_RSA_METHOD *wolfSSL_RSA_meth_new(const char *name, int flags) meth->dynamic = 1; name_len = (int)XSTRLEN(name); - meth->name = (char*)XMALLOC(name_len + 1, NULL, DYNAMIC_TYPE_OPENSSL); + meth->name = (char*)XMALLOC((size_t)(name_len + 1), NULL, + DYNAMIC_TYPE_OPENSSL); err = (meth->name == NULL); } if (!err) { - XMEMCPY(meth->name, name, name_len+1); + XMEMCPY(meth->name, name, (size_t)(name_len + 1)); } if (err) { @@ -1388,14 +1390,14 @@ static int wolfssl_read_der_bio(WOLFSSL_BIO* bio, unsigned char** out) err = 1; } /* Allocate a buffer to read DER data into. */ - if ((!err) && ((der = (unsigned char*)XMALLOC(derLen, bio->heap, + if ((!err) && ((der = (unsigned char*)XMALLOC((size_t)derLen, bio->heap, DYNAMIC_TYPE_TMP_BUFFER)) == NULL)) { WOLFSSL_ERROR_MSG("Malloc failure"); err = 1; } if (!err) { /* Calculate the unread amount. */ - int len = derLen - sizeof(seq); + int len = derLen - (int)sizeof(seq); /* Copy the previously read data into the buffer. */ XMEMCPY(der, seq, sizeof(seq)); /* Read rest of DER data from BIO. */ @@ -1512,6 +1514,7 @@ int wolfSSL_RSA_To_Der(WOLFSSL_RSA* rsa, byte** outBuf, int publicKey, * On out, newly allocated buffer or pointer to byte * after encoding in passed in buffer. * @param [in] publicKey Whether to encode as public key. + * @param [in] heap Heap hint. * @return Encoding size on success. * @return Negative on failure. */ @@ -1565,7 +1568,8 @@ static int wolfSSL_RSA_To_Der_ex(WOLFSSL_RSA* rsa, byte** outBuf, int publicKey, derBuf = *outBuf; if (derBuf == NULL) { /* Allocate buffer to hold DER encoded RSA key. */ - derBuf = (byte*)XMALLOC(derSz, heap, DYNAMIC_TYPE_TMP_BUFFER); + derBuf = (byte*)XMALLOC((size_t)derSz, heap, + DYNAMIC_TYPE_TMP_BUFFER); if (derBuf == NULL) { WOLFSSL_ERROR_MSG("Memory allocation failed"); ret = MEMORY_ERROR; @@ -1573,13 +1577,15 @@ static int wolfSSL_RSA_To_Der_ex(WOLFSSL_RSA* rsa, byte** outBuf, int publicKey, } } if ((ret == 1) && (outBuf != NULL)) { - if (publicKey) { + if (publicKey > 0) { /* RSA public key to DER. */ - derSz = wc_RsaKeyToPublicDer((RsaKey*)rsa->internal, derBuf, derSz); + derSz = wc_RsaKeyToPublicDer((RsaKey*)rsa->internal, derBuf, + (word32)derSz); } else { /* RSA private key to DER. */ - derSz = wc_RsaKeyToDer((RsaKey*)rsa->internal, derBuf, derSz); + derSz = wc_RsaKeyToDer((RsaKey*)rsa->internal, derBuf, + (word32)derSz); } if (derSz < 0) { WOLFSSL_ERROR_MSG("RSA key encoding failed"); @@ -1680,11 +1686,11 @@ int wolfSSL_RSA_LoadDer_ex(WOLFSSL_RSA* rsa, const unsigned char* derBuf, /* Decode private or public key data. */ if (opt == WOLFSSL_RSA_LOAD_PRIVATE) { res = wc_RsaPrivateKeyDecode(derBuf, &idx, (RsaKey*)rsa->internal, - derSz); + (word32)derSz); } else { res = wc_RsaPublicKeyDecode(derBuf, &idx, (RsaKey*)rsa->internal, - derSz); + (word32)derSz); } /* Check for error. */ if (res < 0) { @@ -2126,7 +2132,7 @@ int wolfSSL_PEM_write_RSAPrivateKey(XFILE fp, WOLFSSL_RSA *rsa, } } /* Write PEM to file pointer. */ - if ((ret == 1) && ((int)XFWRITE(pem, pLen, 1, fp) != 1)) { + if ((ret == 1) && ((int)XFWRITE(pem, 1, (size_t)pLen, fp) != pLen)) { WOLFSSL_ERROR_MSG("RSA private key file write failed"); ret = 0; } @@ -3449,9 +3455,9 @@ int wolfSSL_RSA_padding_add_PKCS1_PSS(WOLFSSL_RSA *rsa, unsigned char *em, if (ret == 1) { /* Generate RSA PKCS#1 PSS padding for hash using wolfCrypt. */ - if (wc_RsaPad_ex(mHash, hashLen, em, emLen, RSA_BLOCK_TYPE_1, rng, - WC_RSA_PSS_PAD, hashType, mgf, NULL, 0, saltLen, - wolfSSL_BN_num_bits(rsa->n), NULL) != MP_OKAY) { + if (wc_RsaPad_ex(mHash, (word32)hashLen, em, (word32)emLen, + RSA_BLOCK_TYPE_1, rng, WC_RSA_PSS_PAD, hashType, mgf, NULL, 0, + saltLen, wolfSSL_BN_num_bits(rsa->n), NULL) != MP_OKAY) { WOLFSSL_ERROR_MSG("wc_RsaPad_ex error"); ret = 0; } @@ -3568,7 +3574,7 @@ int wolfSSL_RSA_verify_PKCS1_PSS(WOLFSSL_RSA *rsa, const unsigned char *mHash, if (ret == 1) { /* Allocate buffer to unpad inline with. */ - buf = (byte*)XMALLOC(emLen, NULL, DYNAMIC_TYPE_TMP_BUFFER); + buf = (byte*)XMALLOC((size_t)emLen, NULL, DYNAMIC_TYPE_TMP_BUFFER); if (buf == NULL) { WOLFSSL_ERROR_MSG("malloc error"); ret = 0; @@ -3577,11 +3583,11 @@ int wolfSSL_RSA_verify_PKCS1_PSS(WOLFSSL_RSA *rsa, const unsigned char *mHash, if (ret == 1) { /* Copy encrypted message to temp for inline unpadding. */ - XMEMCPY(buf, em, emLen); + XMEMCPY(buf, em, (size_t)emLen); /* Remove and verify the PSS padding. */ - mPrimeLen = wc_RsaUnPad_ex(buf, emLen, &mPrime, RSA_BLOCK_TYPE_1, - WC_RSA_PSS_PAD, hashType, mgf, NULL, 0, saltLen, + mPrimeLen = wc_RsaUnPad_ex(buf, (word32)emLen, &mPrime, + RSA_BLOCK_TYPE_1, WC_RSA_PSS_PAD, hashType, mgf, NULL, 0, saltLen, wolfSSL_BN_num_bits(rsa->n), NULL); if (mPrimeLen < 0) { WOLFSSL_ERROR_MSG("wc_RsaPad_ex error"); @@ -3591,8 +3597,9 @@ int wolfSSL_RSA_verify_PKCS1_PSS(WOLFSSL_RSA *rsa, const unsigned char *mHash, if (ret == 1) { /* Verify the hash is correct. */ - if (wc_RsaPSS_CheckPadding_ex(mHash, hashLen, mPrime, mPrimeLen, - hashType, saltLen, wolfSSL_BN_num_bits(rsa->n)) != MP_OKAY) { + if (wc_RsaPSS_CheckPadding_ex(mHash, (word32)hashLen, mPrime, + (word32)mPrimeLen, hashType, saltLen, + wolfSSL_BN_num_bits(rsa->n)) != MP_OKAY) { WOLFSSL_ERROR_MSG("wc_RsaPSS_CheckPadding_ex error"); ret = 0; } @@ -3647,7 +3654,7 @@ static int wolfssl_rsa_sig_encode(int hashAlg, const unsigned char* hash, if ((ret == 1) && (hashAlg != NID_undef) && (padding == RSA_PKCS1_PADDING)) { /* Convert hash algorithm to hash type for PKCS#1.5 padding. */ - hType = nid2oid(hashAlg, oidHashType); + hType = (int)nid2oid(hashAlg, oidHashType); if (hType == -1) { ret = 0; } @@ -3846,7 +3853,7 @@ int wolfSSL_RSA_sign_generic_padding(int hashAlg, const unsigned char* hash, case RSA_PKCS1_PSS_PADDING: { enum wc_HashType hType = - wc_OidGetHash(nid2oid(hashAlg, oidHashType)); + wc_OidGetHash((int)nid2oid(hashAlg, oidHashType)); #ifndef WOLFSSL_PSS_SALT_LEN_DISCOVER WOLFSSL_MSG("Using RSA-PSS with hash length salt. " "OpenSSL uses max length by default."); @@ -3999,7 +4006,7 @@ int wolfSSL_RSA_verify_ex(int hashAlg, const unsigned char* hash, /* Decrypt signature */ #if (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 1)) && \ !defined(HAVE_SELFTEST) - hType = wc_OidGetHash(nid2oid(hashAlg, oidHashType)); + hType = wc_OidGetHash((int)nid2oid(hashAlg, oidHashType)); if ((verLen = wc_RsaSSL_Verify_ex2(sig, sigLen, (unsigned char *)sigDec, sigLen, (RsaKey*)rsa->internal, padding, hType)) <= 0) { WOLFSSL_ERROR_MSG("RSA Decrypt error"); @@ -4018,7 +4025,7 @@ int wolfSSL_RSA_verify_ex(int hashAlg, const unsigned char* hash, (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 1)) if (padding == RSA_PKCS1_PSS_PADDING) { /* Check PSS padding is valid. */ - if (wc_RsaPSS_CheckPadding_ex(hash, hLen, sigDec, verLen, + if (wc_RsaPSS_CheckPadding_ex(hash, hLen, sigDec, (word32)verLen, hType, DEF_PSS_SALT_LEN, mp_count_bits(&((RsaKey*)rsa->internal)->n)) != 0) { WOLFSSL_ERROR_MSG("wc_RsaPSS_CheckPadding_ex error"); @@ -4029,7 +4036,8 @@ int wolfSSL_RSA_verify_ex(int hashAlg, const unsigned char* hash, #endif /* WC_RSA_PSS && !HAVE_SELFTEST && (!HAVE_FIPS || * FIPS_VERSION >= 5.1) */ /* Compare decrypted signature to encoded signature. */ - if ((int)len != verLen || XMEMCMP(encodedSig, sigDec, verLen) != 0) { + if (((int)len != verLen) || + (XMEMCMP(encodedSig, sigDec, (size_t)verLen) != 0)) { WOLFSSL_ERROR_MSG("wolfSSL_RSA_verify_ex failed"); ret = 0; } @@ -4145,11 +4153,11 @@ int wolfSSL_RSA_public_encrypt(int len, const unsigned char* from, if (ret == 0) { /* Use wolfCrypt to public-encrypt with RSA key. */ #if !defined(HAVE_FIPS) - ret = wc_RsaPublicEncrypt_ex(from, len, to, outLen, + ret = wc_RsaPublicEncrypt_ex(from, (word32)len, to, (word32)outLen, (RsaKey*)rsa->internal, rng, pad_type, hash, mgf, NULL, 0); #else - ret = wc_RsaPublicEncrypt(from, len, to, outLen, (RsaKey*)rsa->internal, - rng); + ret = wc_RsaPublicEncrypt(from, (word32)len, to, (word32)outLen, + (RsaKey*)rsa->internal, rng); #endif } @@ -4249,10 +4257,10 @@ int wolfSSL_RSA_private_decrypt(int len, const unsigned char* from, /* Use wolfCrypt to private-decrypt with RSA key. * Size of 'to' buffer must be size of RSA key */ #if !defined(HAVE_FIPS) - ret = wc_RsaPrivateDecrypt_ex(from, len, to, outLen, + ret = wc_RsaPrivateDecrypt_ex(from, (word32)len, to, (word32)outLen, (RsaKey*)rsa->internal, pad_type, hash, mgf, NULL, 0); #else - ret = wc_RsaPrivateDecrypt(from, len, to, outLen, + ret = wc_RsaPrivateDecrypt(from, (word32)len, to, (word32)outLen, (RsaKey*)rsa->internal); #endif } @@ -4334,11 +4342,12 @@ int wolfSSL_RSA_public_decrypt(int len, const unsigned char* from, /* Use wolfCrypt to public-decrypt with RSA key. */ #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0)) /* Size of 'to' buffer must be size of RSA key. */ - ret = wc_RsaSSL_Verify_ex(from, len, to, outLen, + ret = wc_RsaSSL_Verify_ex(from, (word32)len, to, (word32)outLen, (RsaKey*)rsa->internal, pad_type); #else /* For FIPS v1/v2 only PKCSV15 padding is supported */ - ret = wc_RsaSSL_Verify(from, len, to, outLen, (RsaKey*)rsa->internal); + ret = wc_RsaSSL_Verify(from, (word32)len, to, (word32)outLen, + (RsaKey*)rsa->internal); #endif } @@ -4415,12 +4424,12 @@ int wolfSSL_RSA_private_encrypt(int len, const unsigned char* from, /* Use wolfCrypt to private-encrypt with RSA key. * Size of output buffer must be size of RSA key. */ if (padding == RSA_PKCS1_PADDING) { - ret = wc_RsaSSL_Sign(from, (word32)len, to, wolfSSL_RSA_size(rsa), - (RsaKey*)rsa->internal, rng); + ret = wc_RsaSSL_Sign(from, (word32)len, to, + (word32)wolfSSL_RSA_size(rsa), (RsaKey*)rsa->internal, rng); } #ifdef WC_RSA_NO_PADDING else if (padding == RSA_NO_PADDING) { - word32 outLen = wolfSSL_RSA_size(rsa); + word32 outLen = (word32)wolfSSL_RSA_size(rsa); ret = wc_RsaFunction(from, (word32)len, to, &outLen, RSA_PRIVATE_ENCRYPT, (RsaKey*)rsa->internal, rng); if (ret == 0) @@ -5203,13 +5212,14 @@ WOLFSSL_DSA_SIG* wolfSSL_d2i_DSA_SIG(WOLFSSL_DSA_SIG **sig, if (DecodeECC_DSA_Sig(*pp, (word32)length, r, s) != 0) { if (length == DSA_160_SIG_SIZE || length == DSA_256_SIG_SIZE) { /* Two raw numbers of length/2 size each */ - if (mp_read_unsigned_bin(r, *pp, (int)length/2) != 0) { + if (mp_read_unsigned_bin(r, *pp, (word32)length/2) != 0) { WOLFSSL_MSG("r mp_read_unsigned_bin error"); wolfSSL_DSA_SIG_free(ret); return NULL; } - if (mp_read_unsigned_bin(s, *pp + (length/2), (int)length/2) != 0) { + if (mp_read_unsigned_bin(s, *pp + (length/2), (word32)length/2) != + 0) { WOLFSSL_MSG("s mp_read_unsigned_bin error"); wolfSSL_DSA_SIG_free(ret); return NULL; @@ -5597,7 +5607,8 @@ int wolfSSL_PEM_write_bio_DSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_DSA* dsa, /* 4 > size of pub, priv, p, q, g + ASN.1 additional information */ der_max_len = MAX_DSA_PRIVKEY_SZ; - derBuf = (byte*)XMALLOC(der_max_len, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); + derBuf = (byte*)XMALLOC((size_t)der_max_len, bio->heap, + DYNAMIC_TYPE_TMP_BUFFER); if (derBuf == NULL) { WOLFSSL_MSG("Malloc failed"); wolfSSL_EVP_PKEY_free(pkey); @@ -5605,7 +5616,7 @@ int wolfSSL_PEM_write_bio_DSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_DSA* dsa, } /* convert key to der format */ - derSz = wc_DsaKeyToDer((DsaKey*)dsa->internal, derBuf, der_max_len); + derSz = wc_DsaKeyToDer((DsaKey*)dsa->internal, derBuf, (word32)der_max_len); if (derSz < 0) { WOLFSSL_MSG("wc_DsaKeyToDer failed"); XFREE(derBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); @@ -5613,7 +5624,8 @@ int wolfSSL_PEM_write_bio_DSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_DSA* dsa, return 0; } - pkey->pkey.ptr = (char*)XMALLOC(derSz, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); + pkey->pkey.ptr = (char*)XMALLOC((size_t)derSz, bio->heap, + DYNAMIC_TYPE_TMP_BUFFER); if (pkey->pkey.ptr == NULL) { WOLFSSL_MSG("key malloc failed"); XFREE(derBuf, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); @@ -5623,7 +5635,7 @@ int wolfSSL_PEM_write_bio_DSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_DSA* dsa, /* add der info to the evp key */ pkey->pkey_sz = derSz; - XMEMCPY(pkey->pkey.ptr, derBuf, derSz); + XMEMCPY(pkey->pkey.ptr, derBuf, (size_t)derSz); XFREE(derBuf, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); ret = wolfSSL_PEM_write_bio_PrivateKey(bio, pkey, cipher, passwd, len, @@ -5701,14 +5713,14 @@ int wolfSSL_PEM_write_mem_DSAPrivateKey(WOLFSSL_DSA* dsa, der_max_len = MAX_DSA_PRIVKEY_SZ; - derBuf = (byte*)XMALLOC(der_max_len, NULL, DYNAMIC_TYPE_DER); + derBuf = (byte*)XMALLOC((size_t)der_max_len, NULL, DYNAMIC_TYPE_DER); if (derBuf == NULL) { WOLFSSL_MSG("malloc failed"); return 0; } /* Key to DER */ - derSz = wc_DsaKeyToDer((DsaKey*)dsa->internal, derBuf, der_max_len); + derSz = wc_DsaKeyToDer((DsaKey*)dsa->internal, derBuf, (word32)der_max_len); if (derSz < 0) { WOLFSSL_MSG("wc_DsaKeyToDer failed"); XFREE(derBuf, NULL, DYNAMIC_TYPE_DER); @@ -5735,7 +5747,7 @@ int wolfSSL_PEM_write_mem_DSAPrivateKey(WOLFSSL_DSA* dsa, (int)XSTRLEN(footer) + 1; } - tmp = (byte*)XMALLOC(*pLen, NULL, DYNAMIC_TYPE_PEM); + tmp = (byte*)XMALLOC((size_t)*pLen, NULL, DYNAMIC_TYPE_PEM); if (tmp == NULL) { WOLFSSL_MSG("malloc failed"); XFREE(derBuf, NULL, DYNAMIC_TYPE_DER); @@ -5745,7 +5757,8 @@ int wolfSSL_PEM_write_mem_DSAPrivateKey(WOLFSSL_DSA* dsa, } /* DER to PEM */ - *pLen = wc_DerToPemEx(derBuf, derSz, tmp, *pLen, cipherInfo, type); + *pLen = wc_DerToPemEx(derBuf, (word32)derSz, tmp, (word32)*pLen, cipherInfo, + type); if (*pLen <= 0) { WOLFSSL_MSG("wc_DerToPemEx failed"); XFREE(derBuf, NULL, DYNAMIC_TYPE_DER); @@ -5758,15 +5771,15 @@ int wolfSSL_PEM_write_mem_DSAPrivateKey(WOLFSSL_DSA* dsa, if (cipherInfo != NULL) XFREE(cipherInfo, NULL, DYNAMIC_TYPE_STRING); - *pem = (byte*)XMALLOC((*pLen)+1, NULL, DYNAMIC_TYPE_KEY); + *pem = (byte*)XMALLOC((size_t)((*pLen)+1), NULL, DYNAMIC_TYPE_KEY); if (*pem == NULL) { WOLFSSL_MSG("malloc failed"); XFREE(tmp, NULL, DYNAMIC_TYPE_PEM); return 0; } - XMEMSET(*pem, 0, (*pLen)+1); + XMEMSET(*pem, 0, (size_t)((*pLen)+1)); - if (XMEMCPY(*pem, tmp, *pLen) == NULL) { + if (XMEMCPY(*pem, tmp, (size_t)*pLen) == NULL) { WOLFSSL_MSG("XMEMCPY failed"); XFREE(pem, NULL, DYNAMIC_TYPE_KEY); XFREE(tmp, NULL, DYNAMIC_TYPE_PEM); @@ -5815,7 +5828,7 @@ int wolfSSL_PEM_write_DSAPrivateKey(XFILE fp, WOLFSSL_DSA *dsa, return 0; } - ret = (int)XFWRITE(pem, pLen, 1, fp); + ret = (int)XFWRITE(pem, (size_t)pLen, 1, fp); if (ret != 1) { WOLFSSL_MSG("DSA private key file write failed"); return 0; @@ -5935,7 +5948,8 @@ int wolfSSL_DSA_LoadDer(WOLFSSL_DSA* dsa, const unsigned char* derBuf, int derSz return -1; } - ret = DsaPrivateKeyDecode(derBuf, &idx, (DsaKey*)dsa->internal, derSz); + ret = DsaPrivateKeyDecode(derBuf, &idx, (DsaKey*)dsa->internal, + (word32)derSz); if (ret < 0) { WOLFSSL_MSG("DsaPrivateKeyDecode failed"); return -1; @@ -5967,10 +5981,12 @@ int wolfSSL_DSA_LoadDer_ex(WOLFSSL_DSA* dsa, const unsigned char* derBuf, } if (opt == WOLFSSL_DSA_LOAD_PRIVATE) { - ret = DsaPrivateKeyDecode(derBuf, &idx, (DsaKey*)dsa->internal, derSz); + ret = DsaPrivateKeyDecode(derBuf, &idx, (DsaKey*)dsa->internal, + (word32)derSz); } else { - ret = DsaPublicKeyDecode(derBuf, &idx, (DsaKey*)dsa->internal, derSz); + ret = DsaPublicKeyDecode(derBuf, &idx, (DsaKey*)dsa->internal, + (word32)derSz); } if (ret < 0 && opt == WOLFSSL_DSA_LOAD_PRIVATE) { @@ -6258,7 +6274,7 @@ static int wolfssl_dh_set_nid(WOLFSSL_DH* dh, int nid) if (!err) { /* Set prime from data retrieved. */ - dh->p = wolfSSL_BN_bin2bn(params->p, params->p_len, NULL); + dh->p = wolfSSL_BN_bin2bn(params->p, (int)params->p_len, NULL); if (dh->p == NULL) { WOLFSSL_ERROR_MSG("Error converting p hex to WOLFSSL_BIGNUM."); err = 1; @@ -6266,7 +6282,7 @@ static int wolfssl_dh_set_nid(WOLFSSL_DH* dh, int nid) } if (!err) { /* Set generator from data retrieved. */ - dh->g = wolfSSL_BN_bin2bn(params->g, params->g_len, NULL); + dh->g = wolfSSL_BN_bin2bn(params->g, (int)params->g_len, NULL); if (dh->g == NULL) { WOLFSSL_ERROR_MSG("Error converting g hex to WOLFSSL_BIGNUM."); err = 1; @@ -7457,7 +7473,7 @@ static WOLFSSL_DH *wolfssl_dhparams_read_pem(WOLFSSL_DH **dh, } } /* Load the DER encoded DH parameters from buffer into a DH key. */ - if ((!err) && (wolfSSL_DH_LoadDer(localDh, der->buffer, der->length) + if ((!err) && (wolfSSL_DH_LoadDer(localDh, der->buffer, (int)der->length) != 1)) { /* Free an allocated DH key. */ if ((dh == NULL) || (localDh != *dh)) { @@ -8390,7 +8406,7 @@ int wolfSSL_DH_generate_key(WOLFSSL_DH* dh) if (ret == 1) { /* Get the size of the prime in bytes. */ - pubSz = wolfSSL_BN_num_bytes(dh->p); + pubSz = (word32)wolfSSL_BN_num_bytes(dh->p); if (pubSz == 0) { WOLFSSL_ERROR_MSG("Prime parameter invalid"); ret = 0; @@ -8399,7 +8415,7 @@ int wolfSSL_DH_generate_key(WOLFSSL_DH* dh) if (ret == 1) { /* Private key size can be as much as the size of the prime. */ if (dh->length) { - privSz = dh->length / 8; /* to bytes */ + privSz = (word32)(dh->length / 8); /* to bytes */ } else { privSz = pubSz; @@ -8438,12 +8454,14 @@ int wolfSSL_DH_generate_key(WOLFSSL_DH* dh) ret = 0; } /* Set public key from array. */ - if ((ret == 1) && (wolfSSL_BN_bin2bn(pub, pubSz, dh->pub_key) == NULL)) { + if ((ret == 1) && (wolfSSL_BN_bin2bn(pub, (int)pubSz, dh->pub_key) == + NULL)) { WOLFSSL_ERROR_MSG("Bad DH bn2bin error pub"); ret = 0; } /* Set private key from array. */ - if ((ret == 1) && (wolfSSL_BN_bin2bn(priv, privSz, dh->priv_key) == NULL)) { + if ((ret == 1) && (wolfSSL_BN_bin2bn(priv, (int)privSz, dh->priv_key) == + NULL)) { WOLFSSL_ERROR_MSG("Bad DH bn2bin error priv"); ret = 0; } @@ -8520,7 +8538,7 @@ int wolfSSL_DH_compute_key(unsigned char* key, const WOLFSSL_BIGNUM* otherPub, /* Validate the size of the public key. */ sz = wolfSSL_BN_num_bytes(otherPub); - if (sz > (int)pubSz) { + if (sz > pubSz) { WOLFSSL_ERROR_MSG("Bad otherPub size"); ret = -1; } @@ -8529,13 +8547,15 @@ int wolfSSL_DH_compute_key(unsigned char* key, const WOLFSSL_BIGNUM* otherPub, if (ret == 0) { #ifdef WOLFSSL_SMALL_STACK /* Allocate memory for the public key array. */ - pub = (unsigned char*)XMALLOC(sz, NULL, DYNAMIC_TYPE_PUBLIC_KEY); + pub = (unsigned char*)XMALLOC((size_t)sz, NULL, + DYNAMIC_TYPE_PUBLIC_KEY); if (pub == NULL) ret = -1; } if (ret == 0) { /* Allocate memory for the private key array. */ - priv = (unsigned char*)XMALLOC(privSz, NULL, DYNAMIC_TYPE_PRIVATE_KEY); + priv = (unsigned char*)XMALLOC((size_t)privSz, NULL, + DYNAMIC_TYPE_PRIVATE_KEY); if (priv == NULL) { ret = -1; } @@ -8564,7 +8584,7 @@ int wolfSSL_DH_compute_key(unsigned char* key, const WOLFSSL_BIGNUM* otherPub, PRIVATE_KEY_UNLOCK(); /* Calculate shared secret from private and public keys. */ if ((ret == 0) && (wc_DhAgree((DhKey*)dh->internal, key, &keySz, priv, - privSz, pub, pubSz) < 0)) { + (word32)privSz, pub, (word32)pubSz) < 0)) { WOLFSSL_ERROR_MSG("wc_DhAgree failed"); ret = -1; } @@ -8579,7 +8599,7 @@ int wolfSSL_DH_compute_key(unsigned char* key, const WOLFSSL_BIGNUM* otherPub, #endif { /* Zeroize sensitive data. */ - ForceZero(priv, privSz); + ForceZero(priv, (word32)privSz); } #ifdef WOLFSSL_SMALL_STACK XFREE(pub, NULL, DYNAMIC_TYPE_PUBLIC_KEY); @@ -8919,7 +8939,7 @@ static void ec_group_set_nid(WOLFSSL_EC_GROUP* group, int nid) if (ecc_sets[i].id == eccEnum) { /* Found id in wolfCrypt supported EC curves. */ group->curve_idx = i; - group->curve_oid = ecc_sets[i].oidSum; + group->curve_oid = (int)ecc_sets[i].oidSum; break; } } @@ -9746,7 +9766,7 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group, /* Hex string: allocate 2 bytes to represent each byte plus 1 for '\0'. */ - hex = (char*)XMALLOC(2 * len + 1, NULL, DYNAMIC_TYPE_ECC); + hex = (char*)XMALLOC((size_t)(2 * len + 1), NULL, DYNAMIC_TYPE_ECC); if (hex == NULL) { err = 1; } @@ -9754,7 +9774,7 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group, if (!err) { /* Make bytes all zeros to allow for ordinate values less than max size. */ - XMEMSET(hex, 0, 2 * len + 1); + XMEMSET(hex, 0, (size_t)(2 * len + 1)); /* Calculate offset as leading zeros not encoded. */ i = sz - mp_unsigned_bin_size((mp_int*)point->X->internal) + 1; @@ -11550,8 +11570,8 @@ WOLFSSL_EC_KEY *wolfSSL_o2i_ECPublicKey(WOLFSSL_EC_KEY **key, ret = *key; /* Import point into public key field. */ - if (wolfSSL_EC_POINT_oct2point(ret->group, ret->pub_key, *in, len, - NULL) != 1) { + if (wolfSSL_EC_POINT_oct2point(ret->group, ret->pub_key, *in, + (size_t)len, NULL) != 1) { WOLFSSL_MSG("wolfSSL_EC_POINT_oct2point error"); ret = NULL; err = 1; @@ -11755,8 +11775,8 @@ int wolfSSL_i2d_ECPrivateKey(const WOLFSSL_EC_KEY *key, unsigned char **out) /* Calculate the length of the private key DER encoding using internal EC * key. */ - if ((!err) && ((int)(len = wc_EccKeyDerSize((ecc_key*)key->internal, 0)) <= - 0)) { + if ((!err) && ((int)(len = (word32)wc_EccKeyDerSize((ecc_key*)key->internal, + 0)) <= 0)) { WOLFSSL_MSG("wc_EccKeyDerSize error"); err = 1; } @@ -11875,11 +11895,11 @@ int wolfSSL_EC_KEY_LoadDer_ex(WOLFSSL_EC_KEY* key, const unsigned char* derBuf, /* Load into internal EC key based on key type option. */ if (opt == WOLFSSL_EC_KEY_LOAD_PRIVATE) { ret = wc_EccPrivateKeyDecode(derBuf, &idx, (ecc_key*)key->internal, - derSz); + (word32)derSz); } else { ret = wc_EccPublicKeyDecode(derBuf, &idx, (ecc_key*)key->internal, - derSz); + (word32)derSz); if (ret < 0) { ecc_key *tmp = (ecc_key*)XMALLOC(sizeof(ecc_key), ((ecc_key*)key->internal)->heap, DYNAMIC_TYPE_ECC); @@ -11891,7 +11911,7 @@ int wolfSSL_EC_KEY_LoadDer_ex(WOLFSSL_EC_KEY* key, const unsigned char* derBuf, ret = wc_ecc_init_ex(tmp, ((ecc_key*)key->internal)->heap, INVALID_DEVID); if (ret == 0) { - ret = wc_ecc_import_x963(derBuf, derSz, tmp); + ret = wc_ecc_import_x963(derBuf, (word32)derSz, tmp); if (ret == 0) { /* Take ownership of new key - set tmp to the old * key which will then be freed below. */ @@ -11899,7 +11919,7 @@ int wolfSSL_EC_KEY_LoadDer_ex(WOLFSSL_EC_KEY* key, const unsigned char* derBuf, key->internal = tmp; tmp = old; - idx = derSz; + idx = (word32)derSz; } wc_ecc_free(tmp); } @@ -11965,7 +11985,7 @@ static int wolfssl_ec_key_to_pubkey_der(WOLFSSL_EC_KEY* key, } if (sz > 0) { /* Allocate memory to hold encoding. */ - buf = (byte*)XMALLOC(sz, heap, DYNAMIC_TYPE_TMP_BUFFER); + buf = (byte*)XMALLOC((size_t)sz, heap, DYNAMIC_TYPE_TMP_BUFFER); if (buf == NULL) { WOLFSSL_MSG("malloc failed"); sz = 0; @@ -11973,7 +11993,7 @@ static int wolfssl_ec_key_to_pubkey_der(WOLFSSL_EC_KEY* key, } if (sz > 0) { /* Encode public key to DER using wolfSSL. */ - sz = wc_EccPublicKeyToDer((ecc_key*)key->internal, buf, sz, 1); + sz = wc_EccPublicKeyToDer((ecc_key*)key->internal, buf, (word32)sz, 1); if (sz < 0) { WOLFSSL_MSG("wc_EccPublicKeyToDer failed"); sz = 0; @@ -12076,7 +12096,7 @@ WOLFSSL_EC_KEY* wolfSSL_PEM_read_bio_EC_PUBKEY(WOLFSSL_BIO* bio, err = 1; } /* Load the EC key with the public key from the DER encoding. */ - if ((!err) && (wolfSSL_EC_KEY_LoadDer_ex(ec, der->buffer, der->length, + if ((!err) && (wolfSSL_EC_KEY_LoadDer_ex(ec, der->buffer, (int)der->length, WOLFSSL_EC_KEY_LOAD_PUBLIC) != 1)) { WOLFSSL_ERROR_MSG("Error loading DER buffer into WOLFSSL_EC_KEY"); err = 1; @@ -12141,7 +12161,7 @@ WOLFSSL_EC_KEY* wolfSSL_PEM_read_bio_ECPrivateKey(WOLFSSL_BIO* bio, err = 1; } /* Load the EC key with the private key from the DER encoding. */ - if ((!err) && (wolfSSL_EC_KEY_LoadDer_ex(ec, der->buffer, der->length, + if ((!err) && (wolfSSL_EC_KEY_LoadDer_ex(ec, der->buffer, (int)der->length, WOLFSSL_EC_KEY_LOAD_PRIVATE) != 1)) { WOLFSSL_ERROR_MSG("Error loading DER buffer into WOLFSSL_EC_KEY"); err = 1; @@ -12273,7 +12293,7 @@ int wolfSSL_PEM_write_mem_ECPrivateKey(WOLFSSL_EC_KEY* ec, #if defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM) int ret = 1; byte* derBuf = NULL; - int der_max_len = 0; + word32 der_max_len = 0; int derSz = 0; WOLFSSL_MSG("wolfSSL_PEM_write_mem_ECPrivateKey"); @@ -12298,10 +12318,12 @@ int wolfSSL_PEM_write_mem_ECPrivateKey(WOLFSSL_EC_KEY* ec, if (ret == 1) { /* Calculate maximum size of DER encoding. * 4 > size of pub, priv + ASN.1 additional information */ - der_max_len = 4 * wc_ecc_size((ecc_key*)ec->internal) + AES_BLOCK_SIZE; + der_max_len = 4 * (word32)wc_ecc_size((ecc_key*)ec->internal) + + AES_BLOCK_SIZE; /* Allocate buffer big enough to hold encoding. */ - derBuf = (byte*)XMALLOC(der_max_len, NULL, DYNAMIC_TYPE_TMP_BUFFER); + derBuf = (byte*)XMALLOC((size_t)der_max_len, NULL, + DYNAMIC_TYPE_TMP_BUFFER); if (derBuf == NULL) { WOLFSSL_MSG("malloc failed"); ret = 0; @@ -12380,7 +12402,7 @@ int wolfSSL_PEM_write_ECPrivateKey(XFILE fp, WOLFSSL_EC_KEY *ec, } /* Write out to file the PEM encoding of the EC private key. */ - if ((ret == 1) && (XFWRITE(pem, pLen, 1, fp) != 1)) { + if ((ret == 1) && ((int)XFWRITE(pem, 1, (size_t)pLen, fp) != pLen)) { WOLFSSL_MSG("ECC private key file write failed"); ret = 0; } @@ -12526,7 +12548,7 @@ int SetECKeyExternal(WOLFSSL_EC_KEY* eckey) ecc_key* key = (ecc_key*)eckey->internal; /* Set group (OID, nid and idx) from wolfCrypt EC key. */ - eckey->group->curve_oid = key->dp->oidSum; + eckey->group->curve_oid = (int)key->dp->oidSum; eckey->group->curve_nid = EccEnumToNID(key->dp->id); eckey->group->curve_idx = key->idx; @@ -12676,7 +12698,7 @@ void wolfSSL_EC_KEY_set_conv_form(WOLFSSL_EC_KEY *key, int form) || form == POINT_CONVERSION_COMPRESSED #endif ) { - key->form = (char)form; + key->form = (unsigned char)form; } else { WOLFSSL_MSG("Incorrect form or HAVE_COMP_KEY not compiled in"); @@ -13249,16 +13271,16 @@ int wolfSSL_i2d_ECDSA_SIG(const WOLFSSL_ECDSA_SIG *sig, unsigned char **pp) * top bit set. */ /* Get total length of r including any prepended zero. */ - word32 rLen = mp_leading_bit((mp_int*)sig->r->internal) + - mp_unsigned_bin_size((mp_int*)sig->r->internal); + word32 rLen = (word32)(mp_leading_bit((mp_int*)sig->r->internal) + + mp_unsigned_bin_size((mp_int*)sig->r->internal)); /* Get total length of s including any prepended zero. */ - word32 sLen = mp_leading_bit((mp_int*)sig->s->internal) + - mp_unsigned_bin_size((mp_int*)sig->s->internal); + word32 sLen = (word32)(mp_leading_bit((mp_int*)sig->s->internal) + + mp_unsigned_bin_size((mp_int*)sig->s->internal)); /* Calculate length of data in sequence. */ - len = 1 + ASN_LEN_SIZE(rLen) + rLen + - 1 + ASN_LEN_SIZE(sLen) + sLen; + len = (word32)1 + ASN_LEN_SIZE(rLen) + rLen + + (word32)1 + ASN_LEN_SIZE(sLen) + sLen; /* Add in the length of the SEQUENCE. */ - len += 1 + ASN_LEN_SIZE(len); + len += (word32)1 + ASN_LEN_SIZE(len); /* Encode only if there is a buffer to encode into. */ if ((pp != NULL) && (*pp != NULL)) { @@ -13489,7 +13511,7 @@ int wolfSSL_ECDSA_do_verify(const unsigned char *dgst, int dLen, #ifndef WOLF_CRYPTO_CB_ONLY_ECC /* Verify hash using digest, r and s as MP ints and internal EC key. */ if (wc_ecc_verify_hash_ex((mp_int*)sig->r->internal, - (mp_int*)sig->s->internal, dgst, dLen, &verified, + (mp_int*)sig->s->internal, dgst, (word32)dLen, &verified, (ecc_key *)key->internal) != MP_OKAY) { WOLFSSL_MSG("wc_ecc_verify_hash failed"); ret = -1; @@ -13502,8 +13524,8 @@ int wolfSSL_ECDSA_do_verify(const unsigned char *dgst, int dLen, signatureLen = i2d_ECDSA_SIG(sig, &p); if (signatureLen > 0) { /* verify hash. expects to call wc_CryptoCb_EccVerify internally */ - ret = wc_ecc_verify_hash(signature, signatureLen, dgst, dLen, - &verified, (ecc_key*)key->internal); + ret = wc_ecc_verify_hash(signature, signatureLen, dgst, + (word32)dLen, &verified, (ecc_key*)key->internal); if (ret != MP_OKAY) { WOLFSSL_MSG("wc_ecc_verify_hash failed"); ret = -1; @@ -13563,8 +13585,8 @@ int wolfSSL_ECDSA_sign(int type, const unsigned char *digest, int digestSz, /* Sign the digest with the key using the RNG and put signature into buffer * update sigSz to be actual length. */ - if ((ret == 1) && (wc_ecc_sign_hash(digest, digestSz, sig, sigSz, rng, - (ecc_key*)key->internal) != 0)) { + if ((ret == 1) && (wc_ecc_sign_hash(digest, (word32)digestSz, sig, sigSz, + rng, (ecc_key*)key->internal) != 0)) { ret = 0; } @@ -13606,8 +13628,8 @@ int wolfSSL_ECDSA_verify(int type, const unsigned char *digest, int digestSz, } /* Verify signature using digest and key. */ - if ((ret == 1) && (wc_ecc_verify_hash(sig, sigSz, digest, digestSz, &verify, - (ecc_key*)key->internal) != 0)) { + if ((ret == 1) && (wc_ecc_verify_hash(sig, (word32)sigSz, digest, + (word32)digestSz, &verify, (ecc_key*)key->internal) != 0)) { ret = 0; } /* When no error, verification may still have failed - check now. */ diff --git a/src/ssl_asn1.c b/src/ssl_asn1.c index d285dffea..2e559283e 100644 --- a/src/ssl_asn1.c +++ b/src/ssl_asn1.c @@ -181,12 +181,12 @@ static int wolfSSL_i2d_X509_ALGOR(const WOLFSSL_X509_ALGOR* algor, byte* buf) ret = 0; } else if (GetObjectId(algor->algorithm->obj, &idx, &oid, - algor->algorithm->grp, algor->algorithm->objSz) < 0) { + (word32)algor->algorithm->grp, algor->algorithm->objSz) < 0) { WOLFSSL_MSG("Issue getting OID of object"); ret = 0; } else { - ret = SetAlgoID(oid, buf, algor->algorithm->grp, 0); + ret = (int)SetAlgoID((int)oid, buf, algor->algorithm->grp, 0); } return ret; @@ -203,9 +203,9 @@ static int wolfSSL_i2d_ASN1_BIT_STRING(const WOLFSSL_ASN1_BIT_STRING* bit_str, { int len; - len = SetBitString(bit_str->length, 0, buf); + len = (int)SetBitString((word32)bit_str->length, 0, buf); if ((buf != NULL) && (bit_str->data != NULL)) { - XMEMCPY(buf + len, bit_str->data, bit_str->length); + XMEMCPY(buf + len, bit_str->data, (size_t)bit_str->length); } return len + bit_str->length; @@ -295,10 +295,11 @@ static int wolfssl_i2d_asn1_items(const void* src, byte*buf, static int i2d_ASN_SEQUENCE(const void* src, byte* buf, const WOLFSSL_ASN1_ITEM* tpl) { - int seq_len; - int len = 0; + word32 seq_len; + word32 len = 0; - seq_len = wolfssl_i2d_asn1_items(src, NULL, tpl->members, tpl->mcount); + seq_len = (word32)wolfssl_i2d_asn1_items(src, NULL, tpl->members, + tpl->mcount); if (seq_len != 0) { len = SetSequence(seq_len, buf); if (buf != NULL) { @@ -307,7 +308,7 @@ static int i2d_ASN_SEQUENCE(const void* src, byte* buf, len += seq_len; } - return len; + return (int)len; } /* Encode ASN1 template item. @@ -363,7 +364,7 @@ int wolfSSL_ASN1_item_i2d(const void* src, byte** dest, if ((ret == 1) && (dest != NULL)) { if (*dest == NULL) { - buf = (byte*)XMALLOC(len, NULL, DYNAMIC_TYPE_ASN1); + buf = (byte*)XMALLOC((size_t)len, NULL, DYNAMIC_TYPE_ASN1); if (buf == NULL) ret = 0; *dest = buf; @@ -465,13 +466,14 @@ static int wolfssl_asn1_bit_string_grow(WOLFSSL_ASN1_BIT_STRING* bitStr, byte* tmp; /* Realloc to length required. */ - tmp = (byte*)XREALLOC(bitStr->data, len, NULL, DYNAMIC_TYPE_OPENSSL); + tmp = (byte*)XREALLOC(bitStr->data, (size_t)len, NULL, + DYNAMIC_TYPE_OPENSSL); if (tmp == NULL) { ret = 0; } else { /* Clear out new, top bytes. */ - XMEMSET(tmp + bitStr->length, 0, len - bitStr->length); + XMEMSET(tmp + bitStr->length, 0, (size_t)(len - bitStr->length)); bitStr->data = tmp; bitStr->length = len; } @@ -622,7 +624,7 @@ static int wolfssl_asn1_integer_require_len(WOLFSSL_ASN1_INTEGER* a, int len, a->length = 0; if ((!a->isDynamic) && (len > (int)a->dataMax)) { /* Create a new buffer to hold large integer value. */ - data = (byte*)XMALLOC(len, NULL, DYNAMIC_TYPE_OPENSSL); + data = (byte*)XMALLOC((size_t)len, NULL, DYNAMIC_TYPE_OPENSSL); if (data == NULL) { ret = 0; } @@ -630,13 +632,13 @@ static int wolfssl_asn1_integer_require_len(WOLFSSL_ASN1_INTEGER* a, int len, /* Indicate data is dynamic and copy data over. */ a->isDynamic = 1; a->data = data; - a->dataMax = len; + a->dataMax = (word32)len; } } if (keepOldData) { if (oldData != a->data) { /* Copy old data into new buffer. */ - XMEMCPY(a->data, oldData, oldLen); + XMEMCPY(a->data, oldData, (size_t)oldLen); } /* Restore old length. */ a->length = oldLen; @@ -682,7 +684,7 @@ WOLFSSL_ASN1_INTEGER* wolfSSL_ASN1_INTEGER_dup(const WOLFSSL_ASN1_INTEGER* src) dup = NULL; } else { - XMEMCPY(dup->data, src->data, src->length); + XMEMCPY(dup->data, src->data, (size_t)src->length); } } @@ -728,7 +730,7 @@ int wolfSSL_ASN1_INTEGER_cmp(const WOLFSSL_ASN1_INTEGER* a, } else { /* Compare data given they are the same length. */ - ret = XMEMCMP(a->data, b->data, a->length); + ret = XMEMCMP(a->data, b->data, (size_t)a->length); } /* Reverse comparison result when both negative. */ if (a->negative) { @@ -779,7 +781,7 @@ static int wolfssl_asn1_int_twos_compl(byte* data, int length, byte* neg) int len; /* Get length from DER header. */ - if (GetLength(data, &idx, &len, length) < 0) { + if (GetLength(data, &idx, &len, (word32)length) < 0) { ret = -1; } else { @@ -787,7 +789,7 @@ static int wolfssl_asn1_int_twos_compl(byte* data, int length, byte* neg) *neg = data[idx] & 0x80; } if ((neg == NULL) || (*neg != 0)) { - wolfssl_twos_compl(data + idx, length - idx); + wolfssl_twos_compl(data + idx, length - (int)idx); } } @@ -819,7 +821,8 @@ int wolfSSL_i2d_ASN1_INTEGER(const WOLFSSL_ASN1_INTEGER* a, unsigned char** out) if ((ret == 0) && (*out == NULL)) { /* Allocate buffer to hold encoding. */ - buf = (unsigned char*)XMALLOC(a->length, NULL, DYNAMIC_TYPE_ASN1); + buf = (unsigned char*)XMALLOC((size_t)a->length, NULL, + DYNAMIC_TYPE_ASN1); if (buf == NULL) { WOLFSSL_MSG("Failed to allocate output buffer."); ret = -1; @@ -829,7 +832,7 @@ int wolfSSL_i2d_ASN1_INTEGER(const WOLFSSL_ASN1_INTEGER* a, unsigned char** out) } if (ret == 0) { /* Copy the data (including tag and length) into output buffer. */ - XMEMCPY(*out, a->data, a->length); + XMEMCPY(*out, a->data, (size_t)a->length); /* Only magnitude of the number stored (i.e. the sign isn't encoded). * The "negative" field is 1 if the value must be interpreted as * negative and we need to output the 2's complement of the value in @@ -898,7 +901,8 @@ WOLFSSL_ASN1_INTEGER* wolfSSL_d2i_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER** a, if ((!err) && ((ret = wolfSSL_ASN1_INTEGER_new()) == NULL)) { err = 1; } - if ((!err) && (wolfssl_asn1_integer_require_len(ret, idx + len, 0) != 1)) { + if ((!err) && (wolfssl_asn1_integer_require_len(ret, (int)idx + len, 0) != + 1)) { err = 1; } if (!err) { @@ -906,8 +910,8 @@ WOLFSSL_ASN1_INTEGER* wolfSSL_d2i_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER** a, ret->type = V_ASN1_INTEGER; /* Copy DER encoding and length. */ - XMEMCPY(ret->data, *in, idx + len); - ret->length = idx + len; + XMEMCPY(ret->data, *in, (size_t)(idx + (word32)len)); + ret->length = (int)idx + len; /* Do 2's complement if number is negative. */ if (wolfssl_asn1_int_twos_compl(ret->data, ret->length, &ret->negative) != 0) { @@ -1042,12 +1046,12 @@ int wolfSSL_a2i_ASN1_INTEGER(WOLFSSL_BIO *bio, WOLFSSL_ASN1_INTEGER *asn1, if (ret == 1) { /* Decode string and append to data. */ outLen = (word32)(lineLen / 2); - (void)Base16_Decode((byte*)buf, lineLen, asn1->data + asn1->length, - &outLen); + (void)Base16_Decode((byte*)buf, (word32)lineLen, + asn1->data + asn1->length, &outLen); } if (ret == 1) { /* Update length of data. */ - asn1->length += outLen; + asn1->length += (int)outLen; } } @@ -1057,7 +1061,7 @@ int wolfSSL_a2i_ASN1_INTEGER(WOLFSSL_BIO *bio, WOLFSSL_ASN1_INTEGER *asn1, /* Get ASN.1 header length. */ idx = SetASNInt(asn1->length, asn1->data[0], NULL); /* Move data to be after ASN.1 header. */ - XMEMMOVE(asn1->data + idx, asn1->data, asn1->length); + XMEMMOVE(asn1->data + idx, asn1->data, (size_t)asn1->length); /* Encode ASN.1 header. */ SetASNInt(asn1->length, asn1->data[idx], asn1->data); /* Update length of data. */ @@ -1092,7 +1096,7 @@ int wolfSSL_i2a_ASN1_INTEGER(BIO *bp, const WOLFSSL_ASN1_INTEGER *a) if (!err) { /* Read DER length - must be at least 1 byte. */ - if (GetLength(a->data, &idx, &len, a->length) <= 0) { + if (GetLength(a->data, &idx, &len, (word32)a->length) <= 0) { err = 1; } } @@ -1100,7 +1104,7 @@ int wolfSSL_i2a_ASN1_INTEGER(BIO *bp, const WOLFSSL_ASN1_INTEGER *a) /* Keep encoding and writing while no error and bytes in data. */ while ((!err) && (idx < (word32)a->length)) { /* Number of bytes left to encode. */ - int encLen = a->length - idx; + int encLen = a->length - (int)idx; /* Reduce to maximum buffer size if necessary. */ if (encLen > (int)sizeof(buf) / 2) { encLen = (int)sizeof(buf) / 2; @@ -1108,12 +1112,12 @@ int wolfSSL_i2a_ASN1_INTEGER(BIO *bp, const WOLFSSL_ASN1_INTEGER *a) /* Encode bytes from data into buffer. */ bufLen = (int)sizeof(buf); - (void)Base16_Encode(a->data + idx, encLen, buf, &bufLen); + (void)Base16_Encode(a->data + idx, (word32)encLen, buf, &bufLen); /* Update index to next bytes to encoded. */ - idx += encLen; + idx += (word32)encLen; /* Write out characters but not NUL char. */ - if (wolfSSL_BIO_write(bp, buf, bufLen - 1) != (int)(bufLen - 1)) { + if (wolfSSL_BIO_write(bp, buf, (int)bufLen - 1) != (int)(bufLen - 1)) { err = 1; } } @@ -1233,7 +1237,7 @@ int wolfSSL_i2c_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER *a, unsigned char **pp) (*pp)[0] = padVal; } /* Copy remaining bytes into output buffer. */ - XMEMCPY(*pp + pad, a->data + idx, len - pad); + XMEMCPY(*pp + pad, a->data + idx, (size_t)(len - pad)); /* Two's complement copied bytes when negative. */ if (a->negative) { wolfssl_twos_compl(*pp + pad, len - pad); @@ -1272,7 +1276,7 @@ WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai, if (!err) { /* Get the length of ASN.1 INTEGER number. */ if ((ai->data[0] != ASN_INTEGER) || (GetLength(ai->data, &idx, &len, - ai->length) <= 0)) { + (word32)ai->length) <= 0)) { #if defined(WOLFSSL_QT) || defined(WOLFSSL_HAPROXY) idx = 0; len = ai->length; @@ -1423,7 +1427,7 @@ long wolfSSL_ASN1_INTEGER_get(const WOLFSSL_ASN1_INTEGER* a) } if (ret > 0) { /* Get the big number as a word. */ - ret = wolfSSL_BN_get_word(bn); + ret = (long)wolfSSL_BN_get_word(bn); /* Negate number of ASN.1 INTEGER was negative. */ if (a->negative == 1) { ret = -ret; @@ -1789,7 +1793,7 @@ int wolfSSL_i2d_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT *a, unsigned char **pp) *pp += a->objSz; } /* Return length of DER encoding. */ - len = a->objSz; + len = (int)a->objSz; } } @@ -1827,7 +1831,8 @@ WOLFSSL_ASN1_OBJECT *wolfSSL_c2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a, if (!err) { /* Allocate memory for content octets. */ - ret->obj = (const unsigned char*)XMALLOC(len, NULL, DYNAMIC_TYPE_ASN1); + ret->obj = (const unsigned char*)XMALLOC((size_t)len, NULL, + DYNAMIC_TYPE_ASN1); if (ret->obj == NULL) { WOLFSSL_MSG("error allocating asn data memory"); wolfSSL_ASN1_OBJECT_free(ret); @@ -1840,7 +1845,7 @@ WOLFSSL_ASN1_OBJECT *wolfSSL_c2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a, /* Content octets buffer was dynamically allocated. */ ret->dynamic |= WOLFSSL_ASN1_DYNAMIC_DATA; /* Copy in content octets and set size. */ - XMEMCPY((byte*)ret->obj, *pp, len); + XMEMCPY((byte*)ret->obj, *pp, (size_t)len); ret->objSz = (unsigned int)len; /* Move pointer to after data copied out. */ @@ -2173,7 +2178,7 @@ int wolfSSL_ASN1_STRING_cmp(const WOLFSSL_ASN1_STRING *a, ret = a->length - b->length; } /* Compare data. */ - else if ((ret = XMEMCMP(a->data, b->data, a->length)) == 0) { + else if ((ret = XMEMCMP(a->data, b->data, (size_t)a->length)) == 0) { /* Compare ASN.1 types - wolfSSL_ASN1_STRING_type_new(). */ ret = a->type - b->type; } @@ -2293,14 +2298,15 @@ int wolfSSL_ASN1_STRING_to_UTF8(unsigned char **out, WOLFSSL_ASN1_STRING *asn1) } if (len != -1) { /* Allocate buffer to hold string and NUL. */ - buf = (unsigned char*)XMALLOC(len + 1, NULL, DYNAMIC_TYPE_OPENSSL); + buf = (unsigned char*)XMALLOC((size_t)(len + 1), NULL, + DYNAMIC_TYPE_OPENSSL); if (buf == NULL) { len = -1; } } if (len != -1) { /* Copy in string - NUL always put on end of stored string. */ - XMEMCPY(buf, data, len + 1); + XMEMCPY(buf, data, (size_t)(len + 1)); /* Return buffer. */ *out = buf; } @@ -2325,7 +2331,7 @@ static char* wolfssl_asn1_string_to_hex_chars(const WOLFSSL_ASN1_STRING *s) char* tmp; int tmpSz = s->length * 3; - tmp = (char*)XMALLOC(tmpSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + tmp = (char*)XMALLOC((size_t)tmpSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); if (tmp == NULL) { WOLFSSL_MSG("Memory Error"); } @@ -2519,7 +2525,8 @@ int wolfSSL_ASN1_STRING_set(WOLFSSL_ASN1_STRING* asn1, const void* data, int sz) /* Check string will fit - including NUL. */ if (sz + 1 > CTC_NAME_SIZE) { /* Allocate new buffer. */ - asn1->data = (char*)XMALLOC(sz + 1, NULL, DYNAMIC_TYPE_OPENSSL); + asn1->data = (char*)XMALLOC((size_t)(sz + 1), NULL, + DYNAMIC_TYPE_OPENSSL); if (asn1->data == NULL) { ret = 0; } @@ -2539,7 +2546,7 @@ int wolfSSL_ASN1_STRING_set(WOLFSSL_ASN1_STRING* asn1, const void* data, int sz) /* Check if there is a string to copy. */ if (data != NULL) { /* Copy string and append NUL. */ - XMEMCPY(asn1->data, data, sz); + XMEMCPY(asn1->data, data, (size_t)sz); asn1->data[sz] = '\0'; } /* Set size of string. */ @@ -3453,7 +3460,7 @@ int wolfSSL_ASN1_TIME_set_string(WOLFSSL_ASN1_TIME *t, const char *str) } if ((ret == 1) && (t != NULL)) { /* Copy in string including NUL terminator. */ - XMEMCPY(t->data, str, slen); + XMEMCPY(t->data, str, (size_t)slen); /* Do not include NUL terminator in length. */ t->length = slen - 1; /* Set ASN.1 type based on string length. */ diff --git a/src/ssl_bn.c b/src/ssl_bn.c index 4cdacbd64..9102a8e03 100644 --- a/src/ssl_bn.c +++ b/src/ssl_bn.c @@ -509,7 +509,8 @@ WOLFSSL_BIGNUM* wolfSSL_BN_bin2bn(const unsigned char* data, int len, } else { /* Decode into big number. */ - if (mp_read_unsigned_bin((mp_int*)ret->internal, data, len) != 0) { + if (mp_read_unsigned_bin((mp_int*)ret->internal, data, (word32)len) + != 0) { WOLFSSL_MSG("mp_read_unsigned_bin failure"); /* Don't return anything on failure. bn will be freed if set. */ ret = NULL; @@ -557,7 +558,7 @@ static char* wolfssl_bn_bn2radix(const WOLFSSL_BIGNUM* bn, int radix) if (!err) { /* Allocate string. */ - str = (char*)XMALLOC(len, NULL, DYNAMIC_TYPE_OPENSSL); + str = (char*)XMALLOC((size_t)len, NULL, DYNAMIC_TYPE_OPENSSL); if (str == NULL) { WOLFSSL_MSG("BN_bn2hex malloc string failure"); err = 1; @@ -1985,7 +1986,7 @@ int wolfSSL_BN_gcd(WOLFSSL_BIGNUM* r, WOLFSSL_BIGNUM* a, WOLFSSL_BIGNUM* b, int wolfSSL_BN_rand(WOLFSSL_BIGNUM* bn, int bits, int top, int bottom) { int ret = 1; - int len = (bits + 7) / 8; + word32 len = (word32)((bits + 7) / 8); WC_RNG* rng; WOLFSSL_ENTER("wolfSSL_BN_rand"); diff --git a/src/ssl_misc.c b/src/ssl_misc.c index 6197b45f8..af0b99bac 100644 --- a/src/ssl_misc.c +++ b/src/ssl_misc.c @@ -129,7 +129,7 @@ static int wolfssl_read_bio_len(WOLFSSL_BIO* bio, int sz, char** data) char* mem; /* Allocate buffer to hold data. */ - mem = (char*)XMALLOC(sz, bio->heap, DYNAMIC_TYPE_OPENSSL); + mem = (char*)XMALLOC((size_t)sz, bio->heap, DYNAMIC_TYPE_OPENSSL); if (mem == NULL) { WOLFSSL_ERROR_MSG("Memory allocation error"); ret = MEMORY_E; @@ -272,13 +272,13 @@ static int wolfssl_read_file(XFILE fp, char** data, int* dataSz) ret = wolfssl_file_len(fp, &sz); if (ret == 0) { /* Allocate memory big enough to hold whole file. */ - mem = (char*)XMALLOC(sz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + mem = (char*)XMALLOC((size_t)sz, NULL, DYNAMIC_TYPE_TMP_BUFFER); if (mem == NULL) { ret = MEMORY_E; } } /* Read whole file into new buffer. */ - if ((ret == 0) && ((int)XFREAD(mem, 1, sz, fp) != sz)) { + if ((ret == 0) && ((int)XFREAD(mem, 1, (size_t)sz, fp) != sz)) { ret = WOLFSSL_BAD_FILE; } if (ret == 0) { diff --git a/wolfcrypt/src/dsa.c b/wolfcrypt/src/dsa.c index 77d1ad5ac..1e4f59a3f 100644 --- a/wolfcrypt/src/dsa.c +++ b/wolfcrypt/src/dsa.c @@ -160,7 +160,7 @@ int wc_MakeDsaKey(WC_RNG *rng, DsaKey *dsa) /* generate extra 64 bits so that bias from mod function is negligible */ cSz = qSz + (64 / WOLFSSL_BIT_SIZE); - cBuf = (byte*)XMALLOC(cSz, dsa->heap, DYNAMIC_TYPE_TMP_BUFFER); + cBuf = (byte*)XMALLOC((size_t)cSz, dsa->heap, DYNAMIC_TYPE_TMP_BUFFER); if (cBuf == NULL) { return MEMORY_E; } @@ -184,10 +184,10 @@ int wc_MakeDsaKey(WC_RNG *rng, DsaKey *dsa) * Hash_DRBG uses SHA-256 which matches maximum * requested_security_strength of (L,N). */ - err = wc_RNG_GenerateBlock(rng, cBuf, cSz); + err = wc_RNG_GenerateBlock(rng, cBuf, (word32)cSz); if (err != MP_OKAY) break; - err = mp_read_unsigned_bin(&dsa->x, cBuf, cSz); + err = mp_read_unsigned_bin(&dsa->x, cBuf, (word32)cSz); if (err != MP_OKAY) break; } while (mp_cmp_d(&dsa->x, 1) != MP_GT); @@ -209,8 +209,10 @@ int wc_MakeDsaKey(WC_RNG *rng, DsaKey *dsa) err = mp_add_d(&dsa->x, 1, &dsa->x); /* public key : y = g^x mod p */ - if (err == MP_OKAY) - err = mp_exptmod_ex(&dsa->g, &dsa->x, dsa->q.used, &dsa->p, &dsa->y); + if (err == MP_OKAY) { + err = mp_exptmod_ex(&dsa->g, &dsa->x, (int)dsa->q.used, &dsa->p, + &dsa->y); + } if (err == MP_OKAY) dsa->type = DSA_PRIVATE; @@ -276,14 +278,14 @@ int wc_MakeDsaParameters(WC_RNG *rng, int modulus_size, DsaKey *dsa) msize = modulus_size / WOLFSSL_BIT_SIZE; /* allocate ram */ - buf = (unsigned char *)XMALLOC(msize - qsize, + buf = (unsigned char *)XMALLOC((size_t)(msize - qsize), dsa->heap, DYNAMIC_TYPE_TMP_BUFFER); if (buf == NULL) { return MEMORY_E; } /* make a random string that will be multiplied against q */ - err = wc_RNG_GenerateBlock(rng, buf, msize - qsize); + err = wc_RNG_GenerateBlock(rng, buf, (word32)(msize - qsize)); if (err != MP_OKAY) { XFREE(buf, dsa->heap, DYNAMIC_TYPE_TMP_BUFFER); return err; @@ -293,7 +295,7 @@ int wc_MakeDsaParameters(WC_RNG *rng, int modulus_size, DsaKey *dsa) buf[0] |= 0xC0; /* force even */ - buf[msize - qsize - 1] &= ~1; + buf[msize - qsize - 1] &= (unsigned char)~1; #ifdef WOLFSSL_SMALL_STACK if (((tmp = (mp_int *)XMALLOC(sizeof(*tmp), NULL, DYNAMIC_TYPE_WOLF_BIGINT)) == NULL) || @@ -307,7 +309,7 @@ int wc_MakeDsaParameters(WC_RNG *rng, int modulus_size, DsaKey *dsa) err = mp_init_multi(tmp, tmp2, &dsa->p, &dsa->q, 0, 0); if (err == MP_OKAY) - err = mp_read_unsigned_bin(tmp2, buf, msize - qsize); + err = mp_read_unsigned_bin(tmp2, buf, (word32)(msize - qsize)); /* make our prime q */ if (err == MP_OKAY) @@ -346,7 +348,7 @@ int wc_MakeDsaParameters(WC_RNG *rng, int modulus_size, DsaKey *dsa) */ if (err == MP_OKAY) { if (loop_check_prime) - err = mp_add_d(tmp2, 2*loop_check_prime, tmp2); + err = mp_add_d(tmp2, 2 * (mp_digit)loop_check_prime, tmp2); } if (err == MP_OKAY) @@ -407,7 +409,7 @@ static int _DsaImportParamsRaw(DsaKey* dsa, const char* p, const char* q, const char* g, int trusted, WC_RNG* rng) { int err; - word32 pSz, qSz; + int pSz, qSz; if (dsa == NULL || p == NULL || q == NULL || g == NULL) return BAD_FUNC_ARG; @@ -523,9 +525,9 @@ int wc_DsaExportParamsRaw(DsaKey* dsa, byte* p, word32* pSz, return BAD_FUNC_ARG; /* get required output buffer sizes */ - pLen = mp_unsigned_bin_size(&dsa->p); - qLen = mp_unsigned_bin_size(&dsa->q); - gLen = mp_unsigned_bin_size(&dsa->g); + pLen = (word32)mp_unsigned_bin_size(&dsa->p); + qLen = (word32)mp_unsigned_bin_size(&dsa->q); + gLen = (word32)mp_unsigned_bin_size(&dsa->g); /* return buffer sizes and LENGTH_ONLY_E if buffers are NULL */ if (p == NULL && q == NULL && g == NULL) { @@ -599,8 +601,8 @@ int wc_DsaExportKeyRaw(DsaKey* dsa, byte* x, word32* xSz, byte* y, word32* ySz) return BAD_FUNC_ARG; /* get required output buffer sizes */ - xLen = mp_unsigned_bin_size(&dsa->x); - yLen = mp_unsigned_bin_size(&dsa->y); + xLen = (word32)mp_unsigned_bin_size(&dsa->x); + yLen = (word32)mp_unsigned_bin_size(&dsa->y); /* return buffer sizes and LENGTH_ONLY_E if buffers are NULL */ if (x == NULL && y == NULL) { @@ -664,7 +666,8 @@ int wc_DsaSign_ex(const byte* digest, word32 digestSz, byte* out, DsaKey* key, byte buffer[DSA_MAX_HALF_SIZE]; #endif mp_int* qMinus1; - int ret = 0, halfSz = 0; + int ret = 0; + word32 halfSz = 0; if (digest == NULL || out == NULL || key == NULL || rng == NULL) return BAD_FUNC_ARG; @@ -709,7 +712,7 @@ int wc_DsaSign_ex(const byte* digest, word32 digestSz, byte* out, DsaKey* key, break; } - halfSz = min(DSA_MAX_HALF_SIZE, mp_unsigned_bin_size(&key->q)); + halfSz = min(DSA_MAX_HALF_SIZE, (word32)mp_unsigned_bin_size(&key->q)); /* NIST FIPS 186-4: Sections 4.1 * q is a prime divisor where 2^(N-1) < q < 2^N and N is the bit length * of q. @@ -836,7 +839,8 @@ int wc_DsaSign_ex(const byte* digest, word32 digestSz, byte* out, DsaKey* key, } /* generate r, r = (g exp k mod p) mod q */ - if (mp_exptmod_ex(&key->g, k, key->q.used, &key->p, r) != MP_OKAY) { + if (mp_exptmod_ex(&key->g, k, (int)key->q.used, &key->p, r) != + MP_OKAY) { ret = MP_EXPTMOD_E; break; } @@ -905,11 +909,11 @@ int wc_DsaSign_ex(const byte* digest, word32 digestSz, byte* out, DsaKey* key, /* write out */ { - if (mp_to_unsigned_bin_len(r, out, halfSz) != MP_OKAY) + if (mp_to_unsigned_bin_len(r, out, (int)halfSz) != MP_OKAY) ret = MP_TO_E; else { out += halfSz; /* advance to s in output */ - ret = mp_to_unsigned_bin_len(s, out, halfSz); + ret = mp_to_unsigned_bin_len(s, out, (int)halfSz); } } } while (0); @@ -1027,8 +1031,8 @@ int wc_DsaVerify_ex(const byte* digest, word32 digestSz, const byte* sig, } /* set r and s from signature */ - if (mp_read_unsigned_bin(r, sig, qSz) != MP_OKAY || - mp_read_unsigned_bin(s, sig + qSz, qSz) != MP_OKAY) { + if (mp_read_unsigned_bin(r, sig, (word32)qSz) != MP_OKAY || + mp_read_unsigned_bin(s, sig + qSz, (word32)qSz) != MP_OKAY) { ret = MP_READ_E; break; } diff --git a/wolfcrypt/src/eccsi.c b/wolfcrypt/src/eccsi.c index 23c95f49b..ed2e2b8bd 100644 --- a/wolfcrypt/src/eccsi.c +++ b/wolfcrypt/src/eccsi.c @@ -521,12 +521,12 @@ static int eccsi_encode_point(ecc_point* point, word32 size, byte* data, } /* Write out the point's x ordinate into key size bytes. */ - err = mp_to_unsigned_bin_len(point->x, data, size); + err = mp_to_unsigned_bin_len(point->x, data, (int)size); } if (err == 0) { data += size; /* Write out the point's y ordinate into key size bytes. */ - err = mp_to_unsigned_bin_len(point->y, data, size); + err = mp_to_unsigned_bin_len(point->y, data, (int)size); } if (err == 0) { *sz = size * 2 + !raw; @@ -646,14 +646,14 @@ int wc_ExportEccsiKey(EccsiKey* key, byte* data, word32* sz) if (err == 0) { if (data == NULL) { - *sz = key->ecc.dp->size * 3; + *sz = (word32)(key->ecc.dp->size * 3); err = LENGTH_ONLY_E; } else if (*sz < (word32)key->ecc.dp->size * 3) { err = BUFFER_E; } else { - *sz = key->ecc.dp->size * 3; + *sz = (word32)(key->ecc.dp->size * 3); } } if (err == 0) { @@ -684,12 +684,12 @@ static int eccsi_decode_key(EccsiKey* key, const byte* data) /* Read the secret value from key size bytes. */ err = mp_read_unsigned_bin(wc_ecc_key_get_priv(&key->ecc), data, - key->ecc.dp->size); + (word32)key->ecc.dp->size); if (err == 0) { data += key->ecc.dp->size; /* Read public key. */ err = eccsi_decode_point(&key->ecc.pubkey, (word32)key->ecc.dp->size, - data, key->ecc.dp->size * 2); + data, (word32)(key->ecc.dp->size * 2)); } return err; @@ -768,14 +768,14 @@ int wc_ExportEccsiPrivateKey(EccsiKey* key, byte* data, word32* sz) if (err == 0) { if (data == NULL) { - *sz = key->ecc.dp->size; + *sz = (word32)key->ecc.dp->size; err = LENGTH_ONLY_E; } else if (*sz < (word32)key->ecc.dp->size) { err = BUFFER_E; } else { - *sz = key->ecc.dp->size; + *sz = (word32)key->ecc.dp->size; } } if (err == 0) { @@ -814,7 +814,7 @@ int wc_ImportEccsiPrivateKey(EccsiKey* key, const byte* data, word32 sz) if (err == 0) { err = mp_read_unsigned_bin(wc_ecc_key_get_priv(&key->ecc), data, - key->ecc.dp->size); + (word32)key->ecc.dp->size); } return err; @@ -1007,7 +1007,7 @@ int wc_EncodeEccsiPair(const EccsiKey* key, mp_int* ssk, ecc_point* pvt, } if ((err == 0) && (data == NULL)) { - *sz = key->ecc.dp->size * 3; + *sz = (word32)(key->ecc.dp->size * 3); err = LENGTH_ONLY_E; } if ((err == 0) && (*sz < (word32)(key->ecc.dp->size * 3))) { @@ -1028,7 +1028,7 @@ int wc_EncodeEccsiPair(const EccsiKey* key, mp_int* ssk, ecc_point* pvt, err = mp_to_unsigned_bin_len(pvt->y, data, key->ecc.dp->size); } if (err == 0) { - *sz = key->ecc.dp->size * 3; + *sz = (word32)(key->ecc.dp->size * 3); } return err; @@ -1068,14 +1068,14 @@ int wc_EncodeEccsiSsk(const EccsiKey* key, mp_int* ssk, byte* data, word32* sz) if (err == 0) { if (data == NULL) { - *sz = key->ecc.dp->size; + *sz = (word32)key->ecc.dp->size; err = LENGTH_ONLY_E; } else if (*sz < (word32)key->ecc.dp->size) { err = BUFFER_E; } else { - *sz = key->ecc.dp->size; + *sz = (word32)key->ecc.dp->size; } } if (err == 0) { @@ -1114,7 +1114,7 @@ int wc_DecodeEccsiSsk(const EccsiKey* key, const byte* data, word32 sz, } if (err == 0) { - err = mp_read_unsigned_bin(ssk, data, key->ecc.dp->size); + err = mp_read_unsigned_bin(ssk, data, (word32)key->ecc.dp->size); } return err; @@ -1191,17 +1191,17 @@ int wc_DecodeEccsiPair(const EccsiKey* key, const byte* data, word32 sz, if (err == 0) { /* Read the SSK value from key size bytes. */ - err = mp_read_unsigned_bin(ssk, data, key->ecc.dp->size); + err = mp_read_unsigned_bin(ssk, data, (word32)key->ecc.dp->size); } if (err == 0) { data += key->ecc.dp->size; /* Read the PVT's x value from key size bytes. */ - err = mp_read_unsigned_bin(pvt->x, data, key->ecc.dp->size); + err = mp_read_unsigned_bin(pvt->x, data, (word32)key->ecc.dp->size); } if (err == 0) { data += key->ecc.dp->size; /* Read the PVT's y value from key size bytes. */ - err = mp_read_unsigned_bin(pvt->y, data, key->ecc.dp->size); + err = mp_read_unsigned_bin(pvt->y, data, (word32)key->ecc.dp->size); } if (err == 0) { err = mp_set(pvt->z, 1); @@ -1275,7 +1275,7 @@ int wc_DecodeEccsiPvtFromSig(const EccsiKey* key, const byte* sig, word32 sz, } if (err == 0) { - word32 rSz = key->ecc.dp->size * 2; + word32 rSz = (word32)(key->ecc.dp->size * 2); err = eccsi_decode_point(pvt, (word32)key->ecc.dp->size, sig + rSz, sz - rSz); } @@ -1811,7 +1811,7 @@ static int eccsi_compute_he(EccsiKey* key, enum wc_HashType hashType, mp_int* r, const byte* msg, word32 msgSz, byte* he, word32* heSz) { int err = 0; - word32 dataSz = key->ecc.dp->size; + word32 dataSz = (word32)key->ecc.dp->size; int hash_inited = 0; /* HE = hash( HS | r | M ) */ @@ -1822,7 +1822,7 @@ static int eccsi_compute_he(EccsiKey* key, enum wc_HashType hashType, err = wc_HashUpdate(&key->hash, hashType, key->idHash, key->idHashSz); } if (err == 0) { - err = mp_to_unsigned_bin_len(r, key->data, dataSz); + err = mp_to_unsigned_bin_len(r, key->data, (int)dataSz); } if (err == 0) { /* r */ @@ -1836,7 +1836,7 @@ static int eccsi_compute_he(EccsiKey* key, enum wc_HashType hashType, err = wc_HashFinal(&key->hash, hashType, he); } if (err == 0) { - *heSz = wc_HashGetDigestSize(hashType); + *heSz = (word32)wc_HashGetDigestSize(hashType); } if (hash_inited) { @@ -1860,14 +1860,14 @@ static int eccsi_encode_sig(const EccsiKey* key, mp_int* r, mp_int* s, byte* sig, word32* sigSz) { int err; - word32 sz = key->ecc.dp->size; + word32 sz = (word32)key->ecc.dp->size; - err = mp_to_unsigned_bin_len(r, sig, sz); + err = mp_to_unsigned_bin_len(r, sig, (int)sz); if (err == 0) { - err = mp_to_unsigned_bin_len(s, sig + sz, sz); + err = mp_to_unsigned_bin_len(s, sig + sz, (int)sz); } if (err == 0) { - *sigSz = key->ecc.dp->size * 2 + 1; + *sigSz = (word32)(key->ecc.dp->size * 2 + 1); err = wc_ecc_export_point_der(wc_ecc_get_curve_idx(key->ecc.dp->id), key->pvt, sig + sz * 2, sigSz); } @@ -1898,7 +1898,7 @@ static int eccsi_gen_sig(EccsiKey* key, WC_RNG* rng, enum wc_HashType hashType, const byte* msg, word32 msgSz, mp_int* r, mp_int* s) { int err = 0; - word32 sz = key->ecc.dp->size; + int sz = key->ecc.dp->size; word32 heSz = 0; const mp_int* jx = NULL; mp_int* he = &key->tmp; @@ -1990,7 +1990,7 @@ int wc_SignEccsiHash(EccsiKey* key, WC_RNG* rng, enum wc_HashType hashType, } if (err == 0) { - sz = key->ecc.dp->size; + sz = (word32)key->ecc.dp->size; if (sig == NULL) { *sigSz = sz * 4 + 1; err = LENGTH_ONLY_E; @@ -2024,7 +2024,7 @@ int wc_SignEccsiHash(EccsiKey* key, WC_RNG* rng, enum wc_HashType hashType, mp_forcezero(j); /* Step 6: s = s' fitted */ - err = eccsi_fit_to_octets(s, &key->params.order, sz, s); + err = eccsi_fit_to_octets(s, &key->params.order, (int)sz, s); } /* Step 7: Output Signature = ( r | s | PVT ) */ @@ -2050,7 +2050,7 @@ static int eccsi_decode_sig_s(const EccsiKey* key, const byte* sig, word32 sigSz, mp_int* s) { int err = 0; - word32 sz = key->ecc.dp->size; + word32 sz = (word32)key->ecc.dp->size; if (sigSz != sz * 4 + 1) { err = BAD_FUNC_ARG; @@ -2079,7 +2079,7 @@ static int eccsi_decode_sig_r_pvt(const EccsiKey* key, const byte* sig, word32 sigSz, mp_int* r, ecc_point* pvt) { int err = 0; - word32 sz = key->ecc.dp->size; + word32 sz = (word32)key->ecc.dp->size; if (sigSz != sz * 4 + 1) { err = BAD_FUNC_ARG; diff --git a/wolfcrypt/src/fe_448.c b/wolfcrypt/src/fe_448.c index e0fde82d3..0dd439ed7 100644 --- a/wolfcrypt/src/fe_448.c +++ b/wolfcrypt/src/fe_448.c @@ -1836,8 +1836,6 @@ static WC_INLINE void fe448_mul_8(sword32* r, const sword32* a, const sword32* b sword64 t13 = (sword64)a[ 6] * b[ 7]; sword64 t113 = (sword64)a[ 7] * b[ 6]; sword64 t14 = (sword64)a[ 7] * b[ 7]; - sword64 o; - sword64 t15; t1 += t101; t2 += t102; t2 += t202; t3 += t103; t3 += t203; t3 += t303; @@ -1854,8 +1852,8 @@ static WC_INLINE void fe448_mul_8(sword32* r, const sword32* a, const sword32* b t11 += t111; t11 += t211; t11 += t311; t12 += t112; t12 += t212; t13 += t113; - o = t14 >> 28; - t15 = o; + sword64 o = t14 >> 28; + sword64 t15 = o; t14 -= o << 28; o = (t0 >> 28); t1 += o; t = o << 28; t0 -= t; o = (t1 >> 28); t2 += o; t = o << 28; t1 -= t; diff --git a/wolfcrypt/src/fe_x25519_128.i b/wolfcrypt/src/fe_x25519_128.i index 69e3dd42e..eff2d408e 100644 --- a/wolfcrypt/src/fe_x25519_128.i +++ b/wolfcrypt/src/fe_x25519_128.i @@ -302,7 +302,7 @@ void fe_mul(fe r, const fe a, const fe b) t2 += t1 >> 51; r[1] = t1 & 0x7ffffffffffff; t3 += t2 >> 51; r[2] = t2 & 0x7ffffffffffff; t4 += t3 >> 51; r[3] = t3 & 0x7ffffffffffff; - r[0] += (t4 >> 51) * k19; + r[0] += (sword64)((t4 >> 51) * k19); r[4] = t4 & 0x7ffffffffffff; } @@ -345,7 +345,7 @@ void fe_sq(fe r, const fe a) t2 += t1 >> 51; r[1] = t1 & 0x7ffffffffffff; t3 += t2 >> 51; r[2] = t2 & 0x7ffffffffffff; t4 += t3 >> 51; r[3] = t3 & 0x7ffffffffffff; - r[0] += (t4 >> 51) * k19; + r[0] += (sword64)((t4 >> 51) * k19); r[4] = t4 & 0x7ffffffffffff; } @@ -372,7 +372,7 @@ void fe_mul121666(fe r, fe a) t2 += t1 >> 51; r[1] = t1 & 0x7ffffffffffff; t3 += t2 >> 51; r[2] = t2 & 0x7ffffffffffff; t4 += t3 >> 51; r[3] = t3 & 0x7ffffffffffff; - r[0] += (t4 >> 51) * k19; + r[0] += (sword64)((t4 >> 51) * k19); r[4] = t4 & 0x7ffffffffffff; } @@ -430,8 +430,8 @@ int curve25519(byte* r, const byte* n, const byte* a) b = n[pos / 8] >> (pos & 7); b &= 1; swap ^= b; - fe_cswap(x2, x3, swap); - fe_cswap(z2, z3, swap); + fe_cswap(x2, x3, (int)swap); + fe_cswap(z2, z3, (int)swap); swap = b; fe_sub(t0, x3, z3); @@ -453,8 +453,8 @@ int curve25519(byte* r, const byte* n, const byte* a) fe_mul(z3, x1, z2); fe_mul(z2, t1, t0); } - fe_cswap(x2, x3, swap); - fe_cswap(z2, z3, swap); + fe_cswap(x2, x3, (int)swap); + fe_cswap(z2, z3, (int)swap); fe_invert(z2, z2); fe_mul(x2, x2, z2); @@ -591,7 +591,7 @@ void fe_sq2(fe r, const fe a) t2 += t1 >> 51; r[1] = t1 & 0x7ffffffffffff; t3 += t2 >> 51; r[2] = t2 & 0x7ffffffffffff; t4 += t3 >> 51; r[3] = t3 & 0x7ffffffffffff; - r[0] += (t4 >> 51) * k19; + r[0] += (sword64)((t4 >> 51) * k19); r[4] = t4 & 0x7ffffffffffff; } diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index 33fb3bc64..03c624fc3 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -1438,8 +1438,9 @@ static int RsaPad_PSS(const byte* input, word32 inputLen, byte* pkcsBlock, #if defined(WOLFSSL_PSS_LONG_SALT) || defined(WOLFSSL_PSS_SALT_LEN_DISCOVER) #if !defined(WOLFSSL_NO_MALLOC) || defined(WOLFSSL_STATIC_MEMORY) - msg = (byte*)XMALLOC(RSA_PSS_PAD_SZ + inputLen + saltLen, heap, - DYNAMIC_TYPE_RSA_BUFFER); + msg = (byte*)XMALLOC( + (size_t)(RSA_PSS_PAD_SZ + inputLen + (word32)saltLen), + heap, DYNAMIC_TYPE_RSA_BUFFER); if (msg == NULL) { return MEMORY_E; } @@ -1451,7 +1452,7 @@ static int RsaPad_PSS(const byte* input, word32 inputLen, byte* pkcsBlock, m += inputLen; o = (int)(m - s); if (saltLen > 0) { - ret = wc_RNG_GenerateBlock(rng, m, saltLen); + ret = wc_RNG_GenerateBlock(rng, m, (word32)saltLen); if (ret == 0) { m += saltLen; } @@ -1459,8 +1460,9 @@ static int RsaPad_PSS(const byte* input, word32 inputLen, byte* pkcsBlock, #else if ((int)pkcsBlockLen < RSA_PSS_PAD_SZ + (int)inputLen + saltLen) { #if !defined(WOLFSSL_NO_MALLOC) || defined(WOLFSSL_STATIC_MEMORY) - msg = (byte*)XMALLOC(RSA_PSS_PAD_SZ + inputLen + (word32)saltLen, heap, - DYNAMIC_TYPE_RSA_BUFFER); + msg = (byte*)XMALLOC( + (size_t)(RSA_PSS_PAD_SZ + inputLen + (word32)saltLen), + heap, DYNAMIC_TYPE_RSA_BUFFER); if (msg == NULL) { return MEMORY_E; } @@ -4090,9 +4092,11 @@ int wc_RsaPSS_CheckPadding_ex2(const byte* in, word32 inSz, byte* sig, #ifdef WOLFSSL_PSS_LONG_SALT /* if long salt is larger then default maximum buffer then allocate a buffer */ - if (ret == 0 && sizeof(sigCheckBuf) < (RSA_PSS_PAD_SZ + inSz + saltLen)) { - sigCheck = (byte*)XMALLOC(RSA_PSS_PAD_SZ + inSz + saltLen, heap, - DYNAMIC_TYPE_RSA_BUFFER); + if ((ret == 0) && + (sizeof(sigCheckBuf) < (RSA_PSS_PAD_SZ + inSz + (word32)saltLen))) { + sigCheck = (byte*)XMALLOC( + (size_t)(RSA_PSS_PAD_SZ + inSz + (word32)saltLen), + heap, DYNAMIC_TYPE_RSA_BUFFER); if (sigCheck == NULL) { ret = MEMORY_E; } diff --git a/wolfcrypt/src/sakke.c b/wolfcrypt/src/sakke.c index 3adc01dd7..062965208 100644 --- a/wolfcrypt/src/sakke.c +++ b/wolfcrypt/src/sakke.c @@ -601,7 +601,7 @@ int wc_ExportSakkeKey(SakkeKey* key, byte* data, word32* sz) } if ((err == 0) && (data == NULL)) { - *sz = 3 * key->ecc.dp->size; + *sz = (word32)(3 * key->ecc.dp->size); err = LENGTH_ONLY_E; } if ((err >= 0) && (*sz < (word32)(3 * key->ecc.dp->size))) { @@ -609,7 +609,8 @@ int wc_ExportSakkeKey(SakkeKey* key, byte* data, word32* sz) } if (err == 0) { /* Write out the secret value into key size bytes. */ - err = mp_to_unsigned_bin_len(wc_ecc_key_get_priv(&key->ecc), data, key->ecc.dp->size); + err = mp_to_unsigned_bin_len(wc_ecc_key_get_priv(&key->ecc), data, + key->ecc.dp->size); } if (err == 0) { data += key->ecc.dp->size; @@ -624,7 +625,7 @@ int wc_ExportSakkeKey(SakkeKey* key, byte* data, word32* sz) key->ecc.dp->size); } if (err == 0) { - *sz = 3 * key->ecc.dp->size; + *sz = (word32)(3 * key->ecc.dp->size); } return err; @@ -660,17 +661,19 @@ int wc_ImportSakkeKey(SakkeKey* key, const byte* data, word32 sz) if (err == 0) { /* Read the secret value from key size bytes. */ err = mp_read_unsigned_bin(wc_ecc_key_get_priv(&key->ecc), data, - key->ecc.dp->size); + (word32)key->ecc.dp->size); } if (err == 0) { data += key->ecc.dp->size; /* Read the public key point's x value from key size bytes. */ - err = mp_read_unsigned_bin(key->ecc.pubkey.x, data, key->ecc.dp->size); + err = mp_read_unsigned_bin(key->ecc.pubkey.x, data, + (word32)key->ecc.dp->size); } if (err == 0) { data += key->ecc.dp->size; /* Read the public key point's y value from key size bytes. */ - err = mp_read_unsigned_bin(key->ecc.pubkey.y, data, key->ecc.dp->size); + err = mp_read_unsigned_bin(key->ecc.pubkey.y, data, + (word32)key->ecc.dp->size); } if (err == 0) { err = mp_set(key->ecc.pubkey.z, 1); @@ -707,7 +710,7 @@ int wc_ExportSakkePrivateKey(SakkeKey* key, byte* data, word32* sz) } if ((err == 0) && (data == NULL)) { - *sz = key->ecc.dp->size; + *sz = (word32)key->ecc.dp->size; err = LENGTH_ONLY_E; } if ((err >= 0) && (*sz < (word32)key->ecc.dp->size)) { @@ -719,7 +722,7 @@ int wc_ExportSakkePrivateKey(SakkeKey* key, byte* data, word32* sz) key->ecc.dp->size); } if (err == 0) { - *sz = key->ecc.dp->size; + *sz = (word32)key->ecc.dp->size; } return err; @@ -756,7 +759,7 @@ int wc_ImportSakkePrivateKey(SakkeKey* key, const byte* data, word32 sz) if (err == 0) { /* Read the secret value from key size bytes. */ err = mp_read_unsigned_bin(wc_ecc_key_get_priv(&key->ecc), data, - key->ecc.dp->size); + (word32)key->ecc.dp->size); } return err; @@ -838,12 +841,12 @@ static int sakke_encode_point(ecc_point* point, word32 size, byte* data, } /* Write out the point's x ordinate into key size bytes. */ - err = mp_to_unsigned_bin_len(point->x, data, size); + err = mp_to_unsigned_bin_len(point->x, data, (int)size); } if (err == 0) { data += size; /* Write out the point's y ordinate into key size bytes. */ - err = mp_to_unsigned_bin_len(point->y, data, size); + err = mp_to_unsigned_bin_len(point->y, data, (int)size); } if (err == 0) { *sz = size * 2 + !raw; @@ -2491,7 +2494,7 @@ int wc_GetSakkeAuthSize(SakkeKey* key, word16* authSz) } if (err == 0) { word16 n = (word16)((mp_count_bits(&key->params.prime) + 7) / 8); - *authSz = 1 + 2 * n; + *authSz = (word16)(1 + 2 * n); } return err; @@ -6131,8 +6134,8 @@ static int sakke_calc_h_v(SakkeKey* key, enum wc_HashType hashType, * @param [in] idx Index to start XORing into. * @param [in] n Length of data to XOR (mask) in bytes. */ -static void sakke_xor_in_v(const byte* v, word32 hashSz, byte* out, int idx, - int n) +static void sakke_xor_in_v(const byte* v, word32 hashSz, byte* out, word32 idx, + word32 n) { int o; word32 i; @@ -6146,7 +6149,7 @@ static void sakke_xor_in_v(const byte* v, word32 hashSz, byte* out, int idx, else { i = 0; } - o = i; + o = (int)i; xorbuf(out + idx + i - o, v + i, hashSz - i); } @@ -6389,7 +6392,7 @@ int wc_GetSakkePointI(SakkeKey* key, byte* data, word32* sz) } if ((err == 0) && (data == NULL)) { - *sz = key->ecc.dp->size * 2; + *sz = (word32)(key->ecc.dp->size * 2); err = LENGTH_ONLY_E; } if ((err == 0) && (*sz < (word32)key->ecc.dp->size * 2)) { @@ -6406,7 +6409,7 @@ int wc_GetSakkePointI(SakkeKey* key, byte* data, word32* sz) err = mp_to_unsigned_bin_len(key->i.i->y, data, key->ecc.dp->size); } if (err == 0) { - *sz = key->ecc.dp->size * 2; + *sz = (word32)(key->ecc.dp->size * 2); } return err; @@ -6444,12 +6447,14 @@ int wc_SetSakkePointI(SakkeKey* key, const byte* id, word16 idSz, if (err == 0) { /* Read the x value from key size bytes. */ - err = mp_read_unsigned_bin(key->i.i->x, data, key->ecc.dp->size); + err = mp_read_unsigned_bin(key->i.i->x, data, + (word32)key->ecc.dp->size); } if (err == 0) { data += key->ecc.dp->size; /* Read the y value from key size bytes. */ - err = mp_read_unsigned_bin(key->i.i->y, data, key->ecc.dp->size); + err = mp_read_unsigned_bin(key->i.i->y, data, + (word32)key->ecc.dp->size); } if (err == 0) { err = mp_set(key->i.i->z, 1); @@ -6687,7 +6692,7 @@ int wc_MakeSakkeEncapsulatedSSV(SakkeKey* key, enum wc_HashType hashType, n = (word16)((mp_count_bits(&key->params.prime) + 7) / 8); /* Uncompressed point */ - outSz = 1 + 2 * n; + outSz = (word16)(1 + 2 * n); if ((auth != NULL) && (*authSz < outSz)) { err = BAD_FUNC_ARG; @@ -6876,7 +6881,7 @@ int wc_DeriveSakkeSSV(SakkeKey* key, enum wc_HashType hashType, byte* ssv, if (err == 0) { r = key->tmp.p2; - err = wc_ecc_import_point_der(auth, n * 2 + 1, + err = wc_ecc_import_point_der(auth, (word32)(n * 2 + 1), wc_ecc_get_curve_idx(key->ecc.dp->id), r); } @@ -6916,7 +6921,7 @@ int wc_DeriveSakkeSSV(SakkeKey* key, enum wc_HashType hashType, byte* ssv, err = sakke_compute_point_r(key, key->id, key->idSz, ri, n, test); } - if ((err == 0) && (XMEMCMP(auth, test, 2 * n + 1) != 0)) { + if ((err == 0) && (XMEMCMP(auth, test, (size_t)(2 * n + 1)) != 0)) { err = SAKKE_VERIFY_FAIL_E; } diff --git a/wolfssl/wolfcrypt/sakke.h b/wolfssl/wolfcrypt/sakke.h index f6651279b..173c33bb9 100644 --- a/wolfssl/wolfcrypt/sakke.h +++ b/wolfssl/wolfcrypt/sakke.h @@ -100,7 +100,7 @@ typedef struct SakkeKeyPointI { /** Table associated with point I. */ byte* table; /** Length of table */ - int tableLen; + word32 tableLen; /** Identity associated with point I. */ byte id[SAKKE_ID_MAX_SIZE]; /** Size of identity associated with point I. */ @@ -114,7 +114,7 @@ typedef struct SakkeKeyRsk { /** Table associated with point I. */ byte* table; /** Length of table */ - int tableLen; + word32 tableLen; /** Indicates whether an RSK value has been set. */ byte set:1; } SakkeKeyRsk;