wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 04:04:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

more fixes for implicit casts, including asn=template.

Browse Source
This commit is contained in:
Daniel Pouzzner
2023-04-10 17:11:20 -05:00
parent ee50d95b0b
commit ed11669f3c
14 changed files with 513 additions and 488 deletions
Download Patch File Download Diff File Expand all files Collapse all files

82
wolfcrypt/benchmark/benchmark.c
View File

@@ -500,19 +500,19 @@
*/ */
static int bench_all = 1; static int bench_all = 1;
/* Cipher algorithms to benchmark. */ /* Cipher algorithms to benchmark. */
static int bench_cipher_algs = 0; static word32 bench_cipher_algs = 0;
/* Digest algorithms to benchmark. */ /* Digest algorithms to benchmark. */
static int bench_digest_algs = 0; static word32 bench_digest_algs = 0;
/* MAC algorithms to benchmark. */ /* MAC algorithms to benchmark. */
static int bench_mac_algs = 0; static word32 bench_mac_algs = 0;
/* Asymmetric algorithms to benchmark. */ /* Asymmetric algorithms to benchmark. */
static int bench_asym_algs = 0; static word32 bench_asym_algs = 0;
/* Post-Quantum Asymmetric algorithms to benchmark. */ /* Post-Quantum Asymmetric algorithms to benchmark. */
static int bench_pq_asym_algs = 0; static word32 bench_pq_asym_algs = 0;
/* Post-Quantum Asymmetric algorithms to benchmark. (Part 2)*/ /* Post-Quantum Asymmetric algorithms to benchmark. (Part 2)*/
static int bench_pq_asym_algs2 = 0; static word32 bench_pq_asym_algs2 = 0;
/* Other cryptographic algorithms to benchmark. */ /* Other cryptographic algorithms to benchmark. */
static int bench_other_algs = 0; static word32 bench_other_algs = 0;
#if !defined(WOLFSSL_BENCHMARK_ALL) && !defined(NO_MAIN_DRIVER) #if !defined(WOLFSSL_BENCHMARK_ALL) && !defined(NO_MAIN_DRIVER)
@@ -907,10 +907,10 @@ static const char* bench_desc_words[][15] = {
#define SHOW_INTEL_CYCLES(b, n, s) \ #define SHOW_INTEL_CYCLES(b, n, s) \
(void)XSNPRINTF((b) + XSTRLEN(b), (n) - XSTRLEN(b), " %s = %6.2f\n", \ (void)XSNPRINTF((b) + XSTRLEN(b), (n) - XSTRLEN(b), " %s = %6.2f\n", \
bench_result_words1[lng_index][2], \ bench_result_words1[lng_index][2], \
count == 0 ? 0 : (float)total_cycles / ((word64)count*(s))) count == 0 ? 0 : (double)total_cycles / ((word64)count*(s)))
#define SHOW_INTEL_CYCLES_CSV(b, n, s) \ #define SHOW_INTEL_CYCLES_CSV(b, n, s) \
(void)XSNPRINTF((b) + XSTRLEN(b), (n) - XSTRLEN(b), "%.6f,\n", \ (void)XSNPRINTF((b) + XSTRLEN(b), (n) - XSTRLEN(b), "%.6f,\n", \
count == 0 ? 0 : (float)total_cycles / ((word64)count*(s))) count == 0 ? 0 : (double)total_cycles / ((word64)count*(s)))
#elif defined(LINUX_CYCLE_COUNT) #elif defined(LINUX_CYCLE_COUNT)
#include <linux/perf_event.h> #include <linux/perf_event.h>
#include <sys/syscall.h> #include <sys/syscall.h>
@@ -1323,15 +1323,15 @@ static const char* bench_result_words2[][5] = {
while(options) { while(options) {
if (options & AAD_SIZE_DEFAULT) { if (options & AAD_SIZE_DEFAULT) {
aesAuthAddSz = AES_AUTH_ADD_SZ; aesAuthAddSz = AES_AUTH_ADD_SZ;
options &= ~AAD_SIZE_DEFAULT; options &= ~(word32)AAD_SIZE_DEFAULT;
} }
else if (options & AAD_SIZE_ZERO) { else if (options & AAD_SIZE_ZERO) {
aesAuthAddSz = 0; aesAuthAddSz = 0;
options &= ~AAD_SIZE_ZERO; options &= ~(word32)AAD_SIZE_ZERO;
} }
else if (options & AAD_SIZE_CUSTOM) { else if (options & AAD_SIZE_CUSTOM) {
aesAuthAddSz = aes_aad_size; aesAuthAddSz = aes_aad_size;
options &= ~AAD_SIZE_CUSTOM; options &= ~(word32)AAD_SIZE_CUSTOM;
} }
fn(i); fn(i);
aesAuthAddSz = aesAuthAddSz_orig; aesAuthAddSz = aesAuthAddSz_orig;
@@ -1754,7 +1754,7 @@ static const char* get_blocktype_base10(double* blocks)
/* countSz is number of bytes that 1 count represents. Normally bench_size, /* countSz is number of bytes that 1 count represents. Normally bench_size,
* except for AES direct that operates on AES_BLOCK_SIZE blocks */ * except for AES direct that operates on AES_BLOCK_SIZE blocks */
static void bench_stats_sym_finish(const char* desc, int useDeviceID, static void bench_stats_sym_finish(const char* desc, int useDeviceID,
int count, int countSz, int count, word32 countSz,
double start, int ret) double start, int ret)
{ {
double total, persec = 0, blocks = (double)count; double total, persec = 0, blocks = (double)count;
@@ -1880,7 +1880,7 @@ static void bench_stats_sym_finish(const char* desc, int useDeviceID,
ESP_LOGV(TAG, "finish total_cycles = %llu", total_cycles); ESP_LOGV(TAG, "finish total_cycles = %llu", total_cycles);
/* implement other cycle counters here */ /* implement other cycle counters here */
#else #else
SHOW_INTEL_CYCLES_CSV(msg, sizeof(msg), countSz); SHOW_INTEL_CYCLES_CSV(msg, sizeof(msg), (unsigned)countSz);
#endif #endif
} /* if (csv_format == 1) */ } /* if (csv_format == 1) */
@@ -1913,7 +1913,7 @@ static void bench_stats_sym_finish(const char* desc, int useDeviceID,
/* implement other architecture cycle counters here */ /* implement other architecture cycle counters here */
#else #else
SHOW_INTEL_CYCLES(msg, sizeof(msg), countSz); SHOW_INTEL_CYCLES(msg, sizeof(msg), (unsigned)countSz);
#endif #endif
} /* not CSV format */ } /* not CSV format */
@@ -3658,7 +3658,7 @@ static void bench_aesecb_internal(int useDeviceID,
bench_stats_start(&count, &start); bench_stats_start(&count, &start);
do { do {
int outer_loop_limit = ((bench_size / benchSz) * 10) + 1; int outer_loop_limit = (((int)bench_size / benchSz) * 10) + 1;
for (times = 0; for (times = 0;
times < outer_loop_limit /* numBlocks */ || pending > 0; times < outer_loop_limit /* numBlocks */ || pending > 0;
) { ) {
@@ -3700,7 +3700,7 @@ exit_aes_enc:
bench_stats_start(&count, &start); bench_stats_start(&count, &start);
do { do {
int outer_loop_limit = (10 * (bench_size / benchSz)) + 1; int outer_loop_limit = (10 * ((int)bench_size / benchSz)) + 1;
for (times = 0; times < outer_loop_limit || pending > 0; ) { for (times = 0; times < outer_loop_limit || pending > 0; ) {
bench_async_poll(&pending); bench_async_poll(&pending);
@@ -5835,7 +5835,7 @@ void bench_blake2s(void)
#ifdef WOLFSSL_CMAC #ifdef WOLFSSL_CMAC
static void bench_cmac_helper(int keySz, const char* outMsg, int useDeviceID) static void bench_cmac_helper(word32 keySz, const char* outMsg, int useDeviceID)
{ {
Cmac cmac; Cmac cmac;
byte digest[AES_BLOCK_SIZE]; byte digest[AES_BLOCK_SIZE];
@@ -6180,7 +6180,7 @@ void bench_siphash(void)
#ifndef NO_RSA #ifndef NO_RSA
#if defined(WOLFSSL_KEY_GEN) #if defined(WOLFSSL_KEY_GEN)
static void bench_rsaKeyGen_helper(int useDeviceID, int keySz) static void bench_rsaKeyGen_helper(int useDeviceID, word32 keySz)
{ {
RsaKey genKey[BENCH_MAX_PENDING]; RsaKey genKey[BENCH_MAX_PENDING];
double start; double start;
@@ -6207,7 +6207,7 @@ static void bench_rsaKeyGen_helper(int useDeviceID, int keySz)
goto exit; goto exit;
} }
ret = wc_MakeRsaKey(&genKey[i], keySz, rsa_e_val, &gRng); ret = wc_MakeRsaKey(&genKey[i], (int)keySz, rsa_e_val, &gRng);
if (!bench_async_handle(&ret, if (!bench_async_handle(&ret,
BENCH_ASYNC_GET_DEV(&genKey[i]), 0, BENCH_ASYNC_GET_DEV(&genKey[i]), 0,
&times, &pending)) { &times, &pending)) {
@@ -6219,7 +6219,7 @@ static void bench_rsaKeyGen_helper(int useDeviceID, int keySz)
count += times; count += times;
} while (bench_stats_check(start)); } while (bench_stats_check(start));
exit: exit:
bench_stats_asym_finish("RSA", keySz, desc[2], useDeviceID, count, bench_stats_asym_finish("RSA", (int)keySz, desc[2], useDeviceID, count,
start, ret); start, ret);
/* cleanup */ /* cleanup */
@@ -6232,19 +6232,18 @@ void bench_rsaKeyGen(int useDeviceID)
{ {
int k; int k;
#if !defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL) #if !defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)
const int keySizes[2] = {1024, 2048}; static const word32 keySizes[2] = {1024, 2048};
#else #else
const int keySizes[1] = {2048}; static const word32 keySizes[1] = {2048};
#endif #endif
for (k = 0; k < (int)(sizeof(keySizes)/sizeof(int)); k++) { for (k = 0; k < (int)(sizeof(keySizes)/sizeof(int)); k++) {
int keySz = keySizes[k]; bench_rsaKeyGen_helper(useDeviceID, keySizes[k]);
bench_rsaKeyGen_helper(useDeviceID, keySz);
} }
} }
void bench_rsaKeyGen_size(int useDeviceID, int keySz) void bench_rsaKeyGen_size(int useDeviceID, word32 keySz)
{ {
bench_rsaKeyGen_helper(useDeviceID, keySz); bench_rsaKeyGen_helper(useDeviceID, keySz);
} }
@@ -6358,7 +6357,7 @@ static unsigned char rsa_3072_sig[] = {
#endif /* WOLFSSL_RSA_VERIFY_INLINE || WOLFSSL_RSA_PUBLIC_ONLY */ #endif /* WOLFSSL_RSA_VERIFY_INLINE || WOLFSSL_RSA_PUBLIC_ONLY */
static void bench_rsa_helper(int useDeviceID, RsaKey rsaKey[BENCH_MAX_PENDING], static void bench_rsa_helper(int useDeviceID, RsaKey rsaKey[BENCH_MAX_PENDING],
int rsaKeySz) word32 rsaKeySz)
{ {
int ret = 0, i, times, count = 0, pending = 0; int ret = 0, i, times, count = 0, pending = 0;
word32 idx = 0; word32 idx = 0;
@@ -6437,7 +6436,7 @@ static void bench_rsa_helper(int useDeviceID, RsaKey rsaKey[BENCH_MAX_PENDING],
count += times; count += times;
} while (bench_stats_check(start)); } while (bench_stats_check(start));
exit_rsa_verify: exit_rsa_verify:
bench_stats_asym_finish("RSA", rsaKeySz, desc[0], bench_stats_asym_finish("RSA", (int)rsaKeySz, desc[0],
useDeviceID, count, start, ret); useDeviceID, count, start, ret);
#endif /* !WOLFSSL_RSA_VERIFY_ONLY */ #endif /* !WOLFSSL_RSA_VERIFY_ONLY */
@@ -6473,7 +6472,7 @@ exit_rsa_verify:
count += times; count += times;
} while (bench_stats_check(start)); } while (bench_stats_check(start));
exit_rsa_pub: exit_rsa_pub:
bench_stats_asym_finish("RSA", rsaKeySz, desc[1], bench_stats_asym_finish("RSA", (int)rsaKeySz, desc[1],
useDeviceID, count, start, ret); useDeviceID, count, start, ret);
#endif /* !WOLFSSL_RSA_PUBLIC_ONLY */ #endif /* !WOLFSSL_RSA_PUBLIC_ONLY */
} }
@@ -6503,7 +6502,7 @@ exit_rsa_pub:
count += times; count += times;
} while (bench_stats_check(start)); } while (bench_stats_check(start));
exit_rsa_sign: exit_rsa_sign:
bench_stats_asym_finish("RSA", rsaKeySz, desc[4], useDeviceID, bench_stats_asym_finish("RSA", (int)rsaKeySz, desc[4], useDeviceID,
count, start, ret); count, start, ret);
if (ret < 0) { if (ret < 0) {
@@ -6560,7 +6559,7 @@ exit_rsa_sign:
} while (bench_stats_check(start)); } while (bench_stats_check(start));
exit_rsa_verifyinline: exit_rsa_verifyinline:
bench_stats_asym_finish("RSA", rsaKeySz, desc[5], bench_stats_asym_finish("RSA", (int)rsaKeySz, desc[5],
useDeviceID, count, start, ret); useDeviceID, count, start, ret);
} }
@@ -6580,7 +6579,7 @@ void bench_rsa(int useDeviceID)
int i; int i;
RsaKey rsaKey[BENCH_MAX_PENDING]; RsaKey rsaKey[BENCH_MAX_PENDING];
int ret = 0; int ret = 0;
int rsaKeySz = 0; word32 rsaKeySz = 0;
const byte* tmp; const byte* tmp;
size_t bytes; size_t bytes;
#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) && !defined(WOLFSSL_RSA_VERIFY_ONLY) #if !defined(WOLFSSL_RSA_PUBLIC_ONLY) && !defined(WOLFSSL_RSA_VERIFY_ONLY)
@@ -6675,7 +6674,7 @@ exit_bench_rsa:
#ifdef WOLFSSL_KEY_GEN #ifdef WOLFSSL_KEY_GEN
/* bench any size of RSA key */ /* bench any size of RSA key */
void bench_rsa_key(int useDeviceID, int rsaKeySz) void bench_rsa_key(int useDeviceID, word32 rsaKeySz)
{ {
int ret = 0, i, pending = 0; int ret = 0, i, pending = 0;
RsaKey rsaKey[BENCH_MAX_PENDING]; RsaKey rsaKey[BENCH_MAX_PENDING];
@@ -6706,7 +6705,7 @@ void bench_rsa_key(int useDeviceID, int rsaKeySz)
} }
/* create the RSA key */ /* create the RSA key */
ret = wc_MakeRsaKey(&rsaKey[i], rsaKeySz, exp, &gRng); ret = wc_MakeRsaKey(&rsaKey[i], (int)rsaKeySz, exp, &gRng);
if (ret == WC_PENDING_E) { if (ret == WC_PENDING_E) {
isPending[i] = 1; isPending[i] = 1;
pending = 1; pending = 1;
@@ -7495,7 +7494,7 @@ void bench_eccEncrypt(int curveId)
goto exit; goto exit;
for (i = 0; i < (int)sizeof(msg); i++) for (i = 0; i < (int)sizeof(msg); i++)
msg[i] = i; msg[i] = (byte)i;
bench_stats_start(&count, &start); bench_stats_start(&count, &start);
do { do {
@@ -8931,12 +8930,12 @@ void bench_sphincsKeySign(byte level, byte optim)
#endif /* HAVE_GET_CYCLES */ #endif /* HAVE_GET_CYCLES */
void benchmark_configure(int block_size) void benchmark_configure(word32 block_size)
{ {
/* must be greater than 0 */ /* must be greater than 0 */
if (block_size > 0) { if (block_size > 0) {
numBlocks = numBlocks * bench_size / block_size; numBlocks = (int)((word32)numBlocks * bench_size / block_size);
bench_size = (word32)block_size; bench_size = block_size;
} }
} }
@@ -9065,8 +9064,7 @@ static void Usage(void)
*/ */
static int string_matches(const char* arg, const char* str) static int string_matches(const char* arg, const char* str)
{ {
int len = (int)XSTRLEN(str) + 1; return XSTRCMP(arg, str) == 0;
return XSTRNCMP(arg, str, len) == 0;
} }
#endif /* MAIN_NO_ARGS */ #endif /* MAIN_NO_ARGS */
@@ -9156,7 +9154,7 @@ int wolfcrypt_benchmark_main(int argc, char** argv)
argc--; argc--;
argv++; argv++;
if (argc > 1) { if (argc > 1) {
aes_aad_size = XATOI(argv[1]); aes_aad_size = (word32)XATOI(argv[1]);
aes_aad_options |= AAD_SIZE_CUSTOM; aes_aad_options |= AAD_SIZE_CUSTOM;
} }
} }
@@ -9298,7 +9296,7 @@ int wolfcrypt_benchmark_main(int argc, char** argv)
} }
else { else {
/* parse for block size */ /* parse for block size */
benchmark_configure(XATOI(argv[1])); benchmark_configure((word32)XATOI(argv[1]));
} }
argc--; argc--;
argv++; argv++;

6
wolfcrypt/benchmark/benchmark.h
View File

@@ -43,7 +43,7 @@ int wolfcrypt_benchmark_main(int argc, char** argv);
/* individual benchmarks */ /* individual benchmarks */
int benchmark_init(void); int benchmark_init(void);
int benchmark_free(void); int benchmark_free(void);
void benchmark_configure(int block_size); void benchmark_configure(word32 block_size);
void bench_des(int useDeviceID); void bench_des(int useDeviceID);
void bench_arc4(int useDeviceID); void bench_arc4(int useDeviceID);
@@ -92,9 +92,9 @@ void bench_hmac_sha384(int useDeviceID);
void bench_hmac_sha512(int useDeviceID); void bench_hmac_sha512(int useDeviceID);
void bench_siphash(void); void bench_siphash(void);
void bench_rsaKeyGen(int useDeviceID); void bench_rsaKeyGen(int useDeviceID);
void bench_rsaKeyGen_size(int useDeviceID, int keySz); void bench_rsaKeyGen_size(int useDeviceID, word32 keySz);
void bench_rsa(int useDeviceID); void bench_rsa(int useDeviceID);
void bench_rsa_key(int useDeviceID, int keySz); void bench_rsa_key(int useDeviceID, word32 keySz);
void bench_dh(int useDeviceID); void bench_dh(int useDeviceID);
void bench_kyber(int type); void bench_kyber(int type);
void bench_ecc_curve(int curveId); void bench_ecc_curve(int curveId);

594
wolfcrypt/src/asn.c
View File

File diff suppressed because it is too large Load Diff

126
wolfcrypt/src/ecc.c
View File

@@ -228,8 +228,8 @@ ECC Curve Sizes:
#define MAX_ECC_BITS_USE MAX_ECC_BITS_NEEDED #define MAX_ECC_BITS_USE MAX_ECC_BITS_NEEDED
#endif #endif
#define ECC_KEY_MAX_BITS(key) \ #define ECC_KEY_MAX_BITS(key) \
(((key == NULL) || (key->dp == NULL)) ? MAX_ECC_BITS_USE \ ((((key) == NULL) || ((key)->dp == NULL)) ? MAX_ECC_BITS_USE \
: (key->dp->size * 8)) : (unsigned)((key)->dp->size * 8))
/* forward declarations */ /* forward declarations */
static int wc_ecc_new_point_ex(ecc_point** point, void* heap); static int wc_ecc_new_point_ex(ecc_point** point, void* heap);
@@ -3040,7 +3040,7 @@ static int ecc_mulmod(const mp_int* k, ecc_point* P, ecc_point* Q,
} }
#else #else
/* Swap R[0] and R[1] if other index is needed. */ /* Swap R[0] and R[1] if other index is needed. */
swap ^= b; swap ^= (int)b;
if (err == MP_OKAY) if (err == MP_OKAY)
err = mp_cond_swap_ct(R[0]->x, R[1]->x, (int)modulus->used, swap); err = mp_cond_swap_ct(R[0]->x, R[1]->x, (int)modulus->used, swap);
if (err == MP_OKAY) if (err == MP_OKAY)
@@ -4650,7 +4650,7 @@ static int wc_ecc_shared_secret_gen_sync(ecc_key* private_key, ecc_point* point,
} }
if (err == MP_OKAY) { if (err == MP_OKAY) {
XMEMSET(out, 0, x); XMEMSET(out, 0, (size_t)x);
err = mp_to_unsigned_bin(result->x, out + err = mp_to_unsigned_bin(result->x, out +
(x - mp_unsigned_bin_size(result->x))); (x - mp_unsigned_bin_size(result->x)));
} }
@@ -5870,7 +5870,7 @@ int wc_ecc_init_id(ecc_key* key, unsigned char* id, int len, void* heap,
if (ret == 0) if (ret == 0)
ret = wc_ecc_init_ex(key, heap, devId); ret = wc_ecc_init_ex(key, heap, devId);
if (ret == 0 && id != NULL && len != 0) { if (ret == 0 && id != NULL && len != 0) {
XMEMCPY(key->id, id, len); XMEMCPY(key->id, id, (size_t)len);
key->idLen = len; key->idLen = len;
#ifdef WOLFSSL_SE050 #ifdef WOLFSSL_SE050
/* Set SE050 ID from word32, populate ecc_key with public from SE050 */ /* Set SE050 ID from word32, populate ecc_key with public from SE050 */
@@ -5900,7 +5900,7 @@ int wc_ecc_init_label(ecc_key* key, const char* label, void* heap, int devId)
if (ret == 0) if (ret == 0)
ret = wc_ecc_init_ex(key, heap, devId); ret = wc_ecc_init_ex(key, heap, devId);
if (ret == 0) { if (ret == 0) {
XMEMCPY(key->label, label, labelLen); XMEMCPY(key->label, label, (size_t)labelLen);
key->labelLen = labelLen; key->labelLen = labelLen;
} }
@@ -7133,7 +7133,7 @@ int wc_ecc_gen_deterministic_k(const byte* hash, word32 hashSz,
#endif #endif
VSz = KSz = hashSz; VSz = KSz = hashSz;
qLen = xSz = h1len = mp_unsigned_bin_size(order); qLen = xSz = h1len = (word32)mp_unsigned_bin_size(order);
/* 3.2 b. Set V = 0x01 0x01 ... */ /* 3.2 b. Set V = 0x01 0x01 ... */
XMEMSET(V, 0x01, VSz); XMEMSET(V, 0x01, VSz);
@@ -7142,7 +7142,7 @@ int wc_ecc_gen_deterministic_k(const byte* hash, word32 hashSz,
XMEMSET(K, 0x00, KSz); XMEMSET(K, 0x00, KSz);
mp_init(z1); /* always init z1 and free z1 */ mp_init(z1); /* always init z1 and free z1 */
ret = mp_to_unsigned_bin_len(priv, x, qLen); ret = mp_to_unsigned_bin_len(priv, x, (int)qLen);
if (ret == 0) { if (ret == 0) {
#ifdef WOLFSSL_CHECK_MEM_ZERO #ifdef WOLFSSL_CHECK_MEM_ZERO
wc_MemZero_Add("wc_ecc_gen_deterministic_k x", x, qLen); wc_MemZero_Add("wc_ecc_gen_deterministic_k x", x, qLen);
@@ -7176,7 +7176,7 @@ int wc_ecc_gen_deterministic_k(const byte* hash, word32 hashSz,
#endif #endif
{ {
/* use original hash and keep leading 0's */ /* use original hash and keep leading 0's */
mp_to_unsigned_bin_len(z1, h1, h1len); mp_to_unsigned_bin_len(z1, h1, (int)h1len);
} }
} }
mp_free(z1); mp_free(z1);
@@ -7224,9 +7224,9 @@ int wc_ecc_gen_deterministic_k(const byte* hash, word32 hashSz,
if (ret == 0) { if (ret == 0) {
int sz; int sz;
sz = MIN(qLen - xSz, VSz); sz = (int)MIN(qLen - xSz, (size_t)VSz);
XMEMCPY(x + xSz, V, sz); XMEMCPY(x + xSz, V, (size_t)sz);
xSz += sz; xSz += (word32)sz;
} }
else { else {
break; /* error case */ break; /* error case */
@@ -7241,7 +7241,7 @@ int wc_ecc_gen_deterministic_k(const byte* hash, word32 hashSz,
if ((ret == 0) && ((int)(xSz * WOLFSSL_BIT_SIZE) != qbits)) { if ((ret == 0) && ((int)(xSz * WOLFSSL_BIT_SIZE) != qbits)) {
/* handle odd case where shift of 'k' is needed with RFC 6979 /* handle odd case where shift of 'k' is needed with RFC 6979
* k = bits2int(T) in section 3.2 h.3 */ * k = bits2int(T) in section 3.2 h.3 */
mp_rshb(k, (xSz * WOLFSSL_BIT_SIZE) - qbits); mp_rshb(k, ((int)xSz * WOLFSSL_BIT_SIZE) - qbits);
} }
/* 3.2 step h.3 the key should be smaller than the order of base /* 3.2 step h.3 the key should be smaller than the order of base
@@ -7297,7 +7297,7 @@ int wc_ecc_set_deterministic(ecc_key* key, byte flag)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
key->deterministic = flag; key->deterministic = flag ? 1 : 0;
return 0; return 0;
} }
#endif /* end sign_ex and deterministic sign */ #endif /* end sign_ex and deterministic sign */
@@ -8110,6 +8110,8 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
} }
#endif /* !NO_ASN */ #endif /* !NO_ASN */
#ifndef WOLF_CRYPTO_CB_ONLY_ECC
#if !defined(WOLFSSL_STM32_PKA) && !defined(WOLFSSL_PSOC6_CRYPTO) && \ #if !defined(WOLFSSL_STM32_PKA) && !defined(WOLFSSL_PSOC6_CRYPTO) && \
!defined(WOLF_CRYPTO_CB_ONLY_ECC) !defined(WOLF_CRYPTO_CB_ONLY_ECC)
static int wc_ecc_check_r_s_range(ecc_key* key, mp_int* r, mp_int* s) static int wc_ecc_check_r_s_range(ecc_key* key, mp_int* r, mp_int* s)
@@ -8142,7 +8144,6 @@ static int wc_ecc_check_r_s_range(ecc_key* key, mp_int* r, mp_int* s)
} }
#endif /* !WOLFSSL_STM32_PKA && !WOLFSSL_PSOC6_CRYPTO */ #endif /* !WOLFSSL_STM32_PKA && !WOLFSSL_PSOC6_CRYPTO */
#ifndef WOLF_CRYPTO_CB_ONLY_ECC
static int ecc_verify_hash_sp(mp_int *r, mp_int *s, const byte* hash, static int ecc_verify_hash_sp(mp_int *r, mp_int *s, const byte* hash,
word32 hashlen, int* res, ecc_key* key) word32 hashlen, int* res, ecc_key* key)
{ {
@@ -8333,7 +8334,7 @@ static int ecc_verify_hash(mp_int *r, mp_int *s, const byte* hash,
/* read hash */ /* read hash */
if (err == MP_OKAY) { if (err == MP_OKAY) {
/* we may need to truncate if hash is longer than key size */ /* we may need to truncate if hash is longer than key size */
unsigned int orderBits = mp_count_bits(curve->order); unsigned int orderBits = (unsigned int)mp_count_bits(curve->order);
/* truncate down to byte size, may be all that's needed */ /* truncate down to byte size, may be all that's needed */
if ( (WOLFSSL_BIT_SIZE * hashlen) > orderBits) if ( (WOLFSSL_BIT_SIZE * hashlen) > orderBits)
@@ -8830,9 +8831,9 @@ int wc_ecc_import_point_der_ex(const byte* in, word32 inLen,
/* calculate key size based on inLen / 2 if uncompressed or shortKeySize /* calculate key size based on inLen / 2 if uncompressed or shortKeySize
* is true */ * is true */
#ifdef HAVE_COMP_KEY #ifdef HAVE_COMP_KEY
keysize = compressed && !shortKeySize ? inLen : inLen>>1; keysize = (int)((compressed && !shortKeySize) ? inLen : inLen>>1);
#else #else
keysize = inLen>>1; keysize = (int)(inLen>>1);
#endif #endif
/* read data */ /* read data */
@@ -9109,7 +9110,7 @@ int wc_ecc_export_point_der_compressed(const int curve_idx, ecc_point* point,
if ((curve_idx < 0) || (wc_ecc_is_valid_idx(curve_idx) == 0)) if ((curve_idx < 0) || (wc_ecc_is_valid_idx(curve_idx) == 0))
return ECC_BAD_ARG_E; return ECC_BAD_ARG_E;
numlen = ecc_sets[curve_idx].size; numlen = (word32)ecc_sets[curve_idx].size;
output_len = 1 + numlen; /* y point type + x */ output_len = 1 + numlen; /* y point type + x */
/* return length needed only */ /* return length needed only */
@@ -9145,7 +9146,7 @@ int wc_ecc_export_point_der_compressed(const int curve_idx, ecc_point* point,
/* pad and store x */ /* pad and store x */
XMEMSET(buf, 0, ECC_BUFSIZE); XMEMSET(buf, 0, ECC_BUFSIZE);
ret = mp_to_unsigned_bin(point->x, buf + ret = mp_to_unsigned_bin(point->x, buf +
(numlen - mp_unsigned_bin_size(point->x))); (numlen - (word32)mp_unsigned_bin_size(point->x)));
if (ret != MP_OKAY) if (ret != MP_OKAY)
goto done; goto done;
XMEMCPY(out+1, buf, numlen); XMEMCPY(out+1, buf, numlen);
@@ -10049,7 +10050,7 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
#endif #endif
/* determine key size */ /* determine key size */
keysize = (inLen>>1); keysize = (int)(inLen>>1);
err = wc_ecc_set_curve(key, keysize, curve_id); err = wc_ecc_set_curve(key, keysize, curve_id);
key->type = ECC_PUBLICKEY; key->type = ECC_PUBLICKEY;
} }
@@ -11078,7 +11079,7 @@ static int ecc_public_key_size(ecc_key* key, word32* sz)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
/* 'Uncompressed' | x | y */ /* 'Uncompressed' | x | y */
*sz = 1 + 2 * key->dp->size; *sz = 1 + 2 * (word32)key->dp->size;
return 0; return 0;
} }
@@ -11725,8 +11726,7 @@ static const struct {
/* find a hole and free as required, return -1 if no hole found */ /* find a hole and free as required, return -1 if no hole found */
static int find_hole(void) static int find_hole(void)
{ {
unsigned x; int x, y, z;
int y, z;
for (z = -1, y = INT_MAX, x = 0; x < FP_ENTRIES; x++) { for (z = -1, y = INT_MAX, x = 0; x < FP_ENTRIES; x++) {
if (fp_cache[x].lru_count < y && fp_cache[x].lock == 0) { if (fp_cache[x].lru_count < y && fp_cache[x].lock == 0) {
z = x; z = x;
@@ -11746,7 +11746,7 @@ static int find_hole(void)
mp_clear(&fp_cache[z].mu); mp_clear(&fp_cache[z].mu);
wc_ecc_del_point(fp_cache[z].g); wc_ecc_del_point(fp_cache[z].g);
fp_cache[z].g = NULL; fp_cache[z].g = NULL;
for (x = 0; x < (1U<<FP_LUT); x++) { for (x = 0; x < (1<<FP_LUT); x++) {
wc_ecc_del_point(fp_cache[z].LUT[x]); wc_ecc_del_point(fp_cache[z].LUT[x]);
fp_cache[z].LUT[x] = NULL; fp_cache[z].LUT[x] = NULL;
} }
@@ -11852,7 +11852,7 @@ static int build_lut(int idx, mp_int* a, mp_int* modulus, mp_digit mp,
} }
/* get bitlen and round up to next multiple of FP_LUT */ /* get bitlen and round up to next multiple of FP_LUT */
bitlen = mp_unsigned_bin_size(modulus) << 3; bitlen = (unsigned)mp_unsigned_bin_size(modulus) << 3;
x = bitlen % FP_LUT; x = bitlen % FP_LUT;
if (x) { if (x) {
bitlen += FP_LUT - x; bitlen += FP_LUT - x;
@@ -12027,7 +12027,7 @@ static int accel_fp_mul(int idx, const mp_int* k, ecc_point *R, mp_int* a,
/* if it's smaller than modulus we fine */ /* if it's smaller than modulus we fine */
if (mp_unsigned_bin_size(k) > mp_unsigned_bin_size(modulus)) { if (mp_unsigned_bin_size(k) > mp_unsigned_bin_size(modulus)) {
/* find order */ /* find order */
y = mp_unsigned_bin_size(modulus); y = (unsigned)mp_unsigned_bin_size(modulus);
for (x = 0; ecc_sets[x].size; x++) { for (x = 0; ecc_sets[x].size; x++) {
if (y <= (unsigned)ecc_sets[x].size) break; if (y <= (unsigned)ecc_sets[x].size) break;
} }
@@ -12049,10 +12049,10 @@ static int accel_fp_mul(int idx, const mp_int* k, ecc_point *R, mp_int* a,
} }
/* get bitlen and round up to next multiple of FP_LUT */ /* get bitlen and round up to next multiple of FP_LUT */
bitlen = mp_unsigned_bin_size(modulus) << 3; bitlen = (unsigned)mp_unsigned_bin_size(modulus) << 3;
x = bitlen % FP_LUT; x = bitlen % FP_LUT;
if (x) { if (x) {
bitlen += FP_LUT - x; bitlen += FP_LUT - (unsigned)x;
} }
lut_gap = bitlen / FP_LUT; lut_gap = bitlen / FP_LUT;
@@ -12076,7 +12076,7 @@ static int accel_fp_mul(int idx, const mp_int* k, ecc_point *R, mp_int* a,
#endif #endif
/* let's reverse kb so it's little endian */ /* let's reverse kb so it's little endian */
x = 0; x = 0;
y = mp_unsigned_bin_size(tk); y = (unsigned)mp_unsigned_bin_size(tk);
if (y > 0) { if (y > 0) {
y -= 1; y -= 1;
} }
@@ -12088,10 +12088,10 @@ static int accel_fp_mul(int idx, const mp_int* k, ecc_point *R, mp_int* a,
/* at this point we can start, yipee */ /* at this point we can start, yipee */
first = 1; first = 1;
for (x = lut_gap-1; x >= 0; x--) { for (x = (int)lut_gap-1; x >= 0; x--) {
/* extract FP_LUT bits from kb spread out by lut_gap bits and offset /* extract FP_LUT bits from kb spread out by lut_gap bits and offset
by x bits from the start */ by x bits from the start */
bitpos = x; bitpos = (unsigned)x;
for (y = z = 0; y < FP_LUT; y++) { for (y = z = 0; y < FP_LUT; y++) {
z |= ((kb[bitpos>>3] >> (bitpos&7)) & 1) << y; z |= ((kb[bitpos>>3] >> (bitpos&7)) & 1) << y;
bitpos += lut_gap; /* it's y*lut_gap + x, but here we can avoid bitpos += lut_gap; /* it's y*lut_gap + x, but here we can avoid
@@ -12206,7 +12206,7 @@ static int accel_fp_mul2add(int idx1, int idx2,
/* if it's smaller than modulus we fine */ /* if it's smaller than modulus we fine */
if (mp_unsigned_bin_size(kA) > mp_unsigned_bin_size(modulus)) { if (mp_unsigned_bin_size(kA) > mp_unsigned_bin_size(modulus)) {
/* find order */ /* find order */
y = mp_unsigned_bin_size(modulus); y = (unsigned)mp_unsigned_bin_size(modulus);
for (x = 0; ecc_sets[x].size; x++) { for (x = 0; ecc_sets[x].size; x++) {
if (y <= (unsigned)ecc_sets[x].size) break; if (y <= (unsigned)ecc_sets[x].size) break;
} }
@@ -12241,7 +12241,7 @@ static int accel_fp_mul2add(int idx1, int idx2,
/* if it's smaller than modulus we fine */ /* if it's smaller than modulus we fine */
if (mp_unsigned_bin_size(kB) > mp_unsigned_bin_size(modulus)) { if (mp_unsigned_bin_size(kB) > mp_unsigned_bin_size(modulus)) {
/* find order */ /* find order */
y = mp_unsigned_bin_size(modulus); y = (unsigned)mp_unsigned_bin_size(modulus);
for (x = 0; ecc_sets[x].size; x++) { for (x = 0; ecc_sets[x].size; x++) {
if (y <= (unsigned)ecc_sets[x].size) break; if (y <= (unsigned)ecc_sets[x].size) break;
} }
@@ -12274,10 +12274,10 @@ static int accel_fp_mul2add(int idx1, int idx2,
#endif #endif
/* get bitlen and round up to next multiple of FP_LUT */ /* get bitlen and round up to next multiple of FP_LUT */
bitlen = mp_unsigned_bin_size(modulus) << 3; bitlen = (unsigned)mp_unsigned_bin_size(modulus) << 3;
x = bitlen % FP_LUT; x = bitlen % FP_LUT;
if (x) { if (x) {
bitlen += FP_LUT - x; bitlen += FP_LUT - (unsigned)x;
} }
lut_gap = bitlen / FP_LUT; lut_gap = bitlen / FP_LUT;
@@ -12305,7 +12305,7 @@ static int accel_fp_mul2add(int idx1, int idx2,
/* let's reverse kb so it's little endian */ /* let's reverse kb so it's little endian */
x = 0; x = 0;
y = mp_unsigned_bin_size(tka); y = (unsigned)mp_unsigned_bin_size(tka);
if (y > 0) { if (y > 0) {
y -= 1; y -= 1;
} }
@@ -12329,7 +12329,7 @@ static int accel_fp_mul2add(int idx1, int idx2,
#endif #endif
if ((err = mp_to_unsigned_bin(tkb, kb[1])) == MP_OKAY) { if ((err = mp_to_unsigned_bin(tkb, kb[1])) == MP_OKAY) {
x = 0; x = 0;
y = mp_unsigned_bin_size(tkb); y = (unsigned)mp_unsigned_bin_size(tkb);
if (y > 0) { if (y > 0) {
y -= 1; y -= 1;
} }
@@ -12341,10 +12341,10 @@ static int accel_fp_mul2add(int idx1, int idx2,
/* at this point we can start, yipee */ /* at this point we can start, yipee */
first = 1; first = 1;
for (x = lut_gap-1; x >= 0; x--) { for (x = (int)lut_gap-1; x >= 0; x--) {
/* extract FP_LUT bits from kb spread out by lut_gap bits and /* extract FP_LUT bits from kb spread out by lut_gap bits and
offset by x bits from the start */ offset by x bits from the start */
bitpos = x; bitpos = (unsigned)x;
for (y = zA = zB = 0; y < FP_LUT; y++) { for (y = zA = zB = 0; y < FP_LUT; y++) {
zA |= ((kb[0][bitpos>>3] >> (bitpos&7)) & 1) << y; zA |= ((kb[0][bitpos>>3] >> (bitpos&7)) & 1) << y;
zB |= ((kb[1][bitpos>>3] >> (bitpos&7)) & 1) << y; zB |= ((kb[1][bitpos>>3] >> (bitpos&7)) & 1) << y;
@@ -13100,7 +13100,7 @@ int wc_ecc_ctx_set_info(ecEncCtx* ctx, const byte* info, int sz)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
ctx->kdfInfo = info; ctx->kdfInfo = info;
ctx->kdfInfoSz = sz; ctx->kdfInfoSz = (word32)sz;
return 0; return 0;
} }
@@ -13137,9 +13137,9 @@ int wc_ecc_ctx_set_peer_salt(ecEncCtx* ctx, const byte* salt)
/* mix half and half */ /* mix half and half */
/* tmp stores 2nd half of client before overwrite */ /* tmp stores 2nd half of client before overwrite */
XMEMCPY(tmp, ctx->clientSalt + halfSz, halfSz); XMEMCPY(tmp, ctx->clientSalt + halfSz, (size_t)halfSz);
XMEMCPY(ctx->clientSalt + halfSz, ctx->serverSalt, halfSz); XMEMCPY(ctx->clientSalt + halfSz, ctx->serverSalt, (size_t)halfSz);
XMEMCPY(ctx->serverSalt, tmp, halfSz); XMEMCPY(ctx->serverSalt, tmp, (size_t)halfSz);
ctx->kdfSalt = ctx->clientSalt; ctx->kdfSalt = ctx->clientSalt;
ctx->kdfSaltSz = EXCHANGE_SALT_SZ; ctx->kdfSaltSz = EXCHANGE_SALT_SZ;
@@ -13325,9 +13325,9 @@ static int ecc_get_key_sizes(ecEncCtx* ctx, int* encKeySz, int* ivSz,
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
#ifdef WOLFSSL_ECIES_OLD #ifdef WOLFSSL_ECIES_OLD
*keysLen = *encKeySz + *ivSz + *digestSz; *keysLen = *encKeySz + *ivSz + (int)*digestSz;
#else #else
*keysLen = *encKeySz + *digestSz; *keysLen = *encKeySz + (int)*digestSz;
#endif #endif
return 0; return 0;
@@ -13392,10 +13392,10 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
#ifndef WOLFSSL_ECIES_OLD #ifndef WOLFSSL_ECIES_OLD
if (!compressed) { if (!compressed) {
pubKeySz = 1 + wc_ecc_size(privKey) * 2; pubKeySz = 1 + (word32)wc_ecc_size(privKey) * 2;
} }
else { else {
pubKeySz = 1 + wc_ecc_size(privKey); pubKeySz = 1 + (word32)wc_ecc_size(privKey);
} }
#else #else
(void) compressed; /* avoid unused parameter if WOLFSSL_ECIES_OLD is defined */ (void) compressed; /* avoid unused parameter if WOLFSSL_ECIES_OLD is defined */
@@ -13496,7 +13496,7 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
case ecHKDF_SHA256 : case ecHKDF_SHA256 :
ret = wc_HKDF(WC_SHA256, sharedSecret, sharedSz, ctx->kdfSalt, ret = wc_HKDF(WC_SHA256, sharedSecret, sharedSz, ctx->kdfSalt,
ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz, ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz,
keys, keysLen); keys, (word32)keysLen);
break; break;
default: default:
@@ -13517,7 +13517,7 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
macKey = encKey + encKeySz; macKey = encKey + encKeySz;
ret = wc_RNG_GenerateBlock(privKey->rng, encIv, ivSz); ret = wc_RNG_GenerateBlock(privKey->rng, encIv, ivSz);
#else #else
XMEMSET(iv, 0, ivSz); XMEMSET(iv, 0, (size_t)ivSz);
encKey = keys + offset; encKey = keys + offset;
encIv = iv; encIv = iv;
macKey = encKey + encKeySz; macKey = encKey + encKeySz;
@@ -13542,7 +13542,7 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
#endif #endif
ret = wc_AesInit(aes, NULL, INVALID_DEVID); ret = wc_AesInit(aes, NULL, INVALID_DEVID);
if (ret == 0) { if (ret == 0) {
ret = wc_AesSetKey(aes, encKey, encKeySz, encIv, ret = wc_AesSetKey(aes, encKey, (word32)encKeySz, encIv,
AES_ENCRYPTION); AES_ENCRYPTION);
if (ret == 0) { if (ret == 0) {
ret = wc_AesCbcEncrypt(aes, out, msg, msgSz); ret = wc_AesCbcEncrypt(aes, out, msg, msgSz);
@@ -13585,7 +13585,7 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
ret = wc_AesInit(aes, NULL, INVALID_DEVID); ret = wc_AesInit(aes, NULL, INVALID_DEVID);
if (ret == 0) { if (ret == 0) {
ret = wc_AesSetKey(aes, encKey, encKeySz, ctr_iv, ret = wc_AesSetKey(aes, encKey, (word32)encKeySz, ctr_iv,
AES_ENCRYPTION); AES_ENCRYPTION);
if (ret == 0) { if (ret == 0) {
ret = wc_AesCtrEncrypt(aes, out, msg, msgSz); ret = wc_AesCtrEncrypt(aes, out, msg, msgSz);
@@ -13891,7 +13891,7 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
case ecHKDF_SHA256 : case ecHKDF_SHA256 :
ret = wc_HKDF(WC_SHA256, sharedSecret, sharedSz, ctx->kdfSalt, ret = wc_HKDF(WC_SHA256, sharedSecret, sharedSz, ctx->kdfSalt,
ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz, ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz,
keys, keysLen); keys, (word32)keysLen);
break; break;
default: default:
@@ -13912,7 +13912,7 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
msgSz -= ivSz; msgSz -= ivSz;
macKey = encKey + encKeySz; macKey = encKey + encKeySz;
#else #else
XMEMSET(iv, 0, ivSz); XMEMSET(iv, 0, (size_t)ivSz);
encKey = keys + offset; encKey = keys + offset;
encIv = iv; encIv = iv;
macKey = encKey + encKeySz; macKey = encKey + encKeySz;
@@ -13985,7 +13985,7 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
#endif #endif
ret = wc_AesInit(aes, NULL, INVALID_DEVID); ret = wc_AesInit(aes, NULL, INVALID_DEVID);
if (ret == 0) { if (ret == 0) {
ret = wc_AesSetKey(aes, encKey, encKeySz, encIv, ret = wc_AesSetKey(aes, encKey, (word32)encKeySz, encIv,
AES_DECRYPTION); AES_DECRYPTION);
if (ret == 0) { if (ret == 0) {
ret = wc_AesCbcDecrypt(aes, out, msg, msgSz-digestSz); ret = wc_AesCbcDecrypt(aes, out, msg, msgSz-digestSz);
@@ -14024,7 +14024,7 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
XMEMCPY(ctr_iv, encIv, WOLFSSL_ECIES_GEN_IV_SIZE); XMEMCPY(ctr_iv, encIv, WOLFSSL_ECIES_GEN_IV_SIZE);
XMEMSET(ctr_iv + WOLFSSL_ECIES_GEN_IV_SIZE, 0, XMEMSET(ctr_iv + WOLFSSL_ECIES_GEN_IV_SIZE, 0,
AES_BLOCK_SIZE - WOLFSSL_ECIES_GEN_IV_SIZE); AES_BLOCK_SIZE - WOLFSSL_ECIES_GEN_IV_SIZE);
ret = wc_AesSetKey(aes, encKey, encKeySz, ctr_iv, ret = wc_AesSetKey(aes, encKey, (word32)encKeySz, ctr_iv,
AES_ENCRYPTION); AES_ENCRYPTION);
if (ret == 0) { if (ret == 0) {
ret = wc_AesCtrEncrypt(aes, out, msg, msgSz-digestSz); ret = wc_AesCtrEncrypt(aes, out, msg, msgSz-digestSz);
@@ -14529,7 +14529,7 @@ static int wc_ecc_export_x963_compressed(ecc_key* key, byte* out, word32* outLen
return ECC_BAD_ARG_E; return ECC_BAD_ARG_E;
} }
numlen = key->dp->size; numlen = (word32)key->dp->size;
if (*outLen < (1 + numlen)) { if (*outLen < (1 + numlen)) {
*outLen = 1 + numlen; *outLen = 1 + numlen;
@@ -14548,7 +14548,7 @@ static int wc_ecc_export_x963_compressed(ecc_key* key, byte* out, word32* outLen
/* pad and store x */ /* pad and store x */
XMEMSET(out+1, 0, numlen); XMEMSET(out+1, 0, numlen);
ret = mp_to_unsigned_bin(key->pubkey.x, ret = mp_to_unsigned_bin(key->pubkey.x,
out+1 + (numlen - mp_unsigned_bin_size(key->pubkey.x))); out+1 + (numlen - (word32)mp_unsigned_bin_size(key->pubkey.x)));
*outLen = 1 + numlen; *outLen = 1 + numlen;
return ret; return ret;
@@ -14636,8 +14636,7 @@ int wc_X963_KDF(enum wc_HashType type, const byte* secret, word32 secretSz,
const byte* sinfo, word32 sinfoSz, byte* out, word32 outSz) const byte* sinfo, word32 sinfoSz, byte* out, word32 outSz)
{ {
int ret; int ret;
int digestSz, copySz; word32 digestSz, copySz, remaining = outSz;
int remaining = outSz;
byte* outIdx; byte* outIdx;
byte counter[4]; byte counter[4];
byte tmp[WC_MAX_DIGEST_SIZE]; byte tmp[WC_MAX_DIGEST_SIZE];
@@ -14657,9 +14656,10 @@ int wc_X963_KDF(enum wc_HashType type, const byte* secret, word32 secretSz,
type != WC_HASH_TYPE_SHA512) type != WC_HASH_TYPE_SHA512)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
digestSz = wc_HashGetDigestSize(type); ret = wc_HashGetDigestSize(type);
if (digestSz < 0) if (ret < 0)
return digestSz; return ret;
digestSz = (word32)ret;
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
hash = (wc_HashAlg*)XMALLOC(sizeof(wc_HashAlg), NULL, hash = (wc_HashAlg*)XMALLOC(sizeof(wc_HashAlg), NULL,

29
wolfcrypt/src/hmac.c
View File

@@ -340,7 +340,7 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
#ifdef WOLF_CRYPTO_CB #ifdef WOLF_CRYPTO_CB
hmac->keyRaw = key; /* use buffer directly */ hmac->keyRaw = key; /* use buffer directly */
hmac->keyLen = length; hmac->keyLen = (word16)length;
#endif #endif
#ifdef WOLFSSL_MAXQ108X #ifdef WOLFSSL_MAXQ108X
@@ -1055,7 +1055,7 @@ int wc_HmacInit_Id(Hmac* hmac, unsigned char* id, int len, void* heap,
if (ret == 0) if (ret == 0)
ret = wc_HmacInit(hmac, heap, devId); ret = wc_HmacInit(hmac, heap, devId);
if (ret == 0) { if (ret == 0) {
XMEMCPY(hmac->id, id, len); XMEMCPY(hmac->id, id, (size_t)len);
hmac->idLen = len; hmac->idLen = len;
} }
@@ -1078,7 +1078,7 @@ int wc_HmacInit_Label(Hmac* hmac, const char* label, void* heap, int devId)
if (ret == 0) if (ret == 0)
ret = wc_HmacInit(hmac, heap, devId); ret = wc_HmacInit(hmac, heap, devId);
if (ret == 0) { if (ret == 0) {
XMEMCPY(hmac->label, label, labelLen); XMEMCPY(hmac->label, label, (size_t)labelLen);
hmac->labelLen = labelLen; hmac->labelLen = labelLen;
} }
@@ -1199,7 +1199,7 @@ int wolfSSL_GetHmacMaxSize(void)
#endif #endif
int ret; int ret;
const byte* localSalt; /* either points to user input or tmp */ const byte* localSalt; /* either points to user input or tmp */
int hashSz; word32 hashSz;
ret = wc_HmacSizeByType(type); ret = wc_HmacSizeByType(type);
if (ret < 0) { if (ret < 0) {
@@ -1213,7 +1213,7 @@ int wolfSSL_GetHmacMaxSize(void)
} }
#endif #endif
hashSz = ret; hashSz = (word32)ret;
localSalt = salt; localSalt = salt;
if (localSalt == NULL) { if (localSalt == NULL) {
XMEMSET(tmp, 0, hashSz); XMEMSET(tmp, 0, hashSz);
@@ -1259,9 +1259,15 @@ int wolfSSL_GetHmacMaxSize(void)
#endif #endif
int ret = 0; int ret = 0;
word32 outIdx = 0; word32 outIdx = 0;
word32 hashSz = wc_HmacSizeByType(type); word32 hashSz;
byte n = 0x1; byte n = 0x1;
ret = wc_HmacSizeByType(type);
if (ret < 0) {
return ret;
}
hashSz = (word32)ret;
/* RFC 5869 states that the length of output keying material in /* RFC 5869 states that the length of output keying material in
* octets must be L <= 255*HashLen or N = ceil(L/HashLen) */ * octets must be L <= 255*HashLen or N = ceil(L/HashLen) */
@@ -1285,7 +1291,7 @@ int wolfSSL_GetHmacMaxSize(void)
} }
while (outIdx < outSz) { while (outIdx < outSz) {
int tmpSz = (n == 1) ? 0 : hashSz; word32 tmpSz = (n == 1) ? 0 : hashSz;
word32 left = outSz - outIdx; word32 left = outSz - outIdx;
ret = wc_HmacSetKey(myHmac, type, inKey, inKeySz); ret = wc_HmacSetKey(myHmac, type, inKey, inKeySz);
@@ -1338,11 +1344,14 @@ int wolfSSL_GetHmacMaxSize(void)
byte* out, word32 outSz) byte* out, word32 outSz)
{ {
byte prk[WC_MAX_DIGEST_SIZE]; byte prk[WC_MAX_DIGEST_SIZE];
int hashSz = wc_HmacSizeByType(type); word32 hashSz;
int ret; int ret;
if (hashSz < 0) ret = wc_HmacSizeByType(type);
return BAD_FUNC_ARG; if (ret < 0) {
return ret;
}
hashSz = (word32)ret;
ret = wc_HKDF_Extract(type, salt, saltSz, inKey, inKeySz, prk); ret = wc_HKDF_Extract(type, salt, saltSz, inKey, inKeySz, prk);
if (ret != 0) if (ret != 0)

15
wolfcrypt/src/kdf.c
View File

@@ -351,11 +351,11 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen,
* digest The type of digest to use. * digest The type of digest to use.
* returns 0 on success, otherwise failure. * returns 0 on success, otherwise failure.
*/ */
int wc_Tls13_HKDF_Extract(byte* prk, const byte* salt, int saltLen, int wc_Tls13_HKDF_Extract(byte* prk, const byte* salt, word32 saltLen,
byte* ikm, int ikmLen, int digest) byte* ikm, word32 ikmLen, int digest)
{ {
int ret; int ret;
int len = 0; word32 len = 0;
switch (digest) { switch (digest) {
#ifndef NO_SHA256 #ifndef NO_SHA256
@@ -425,7 +425,7 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen,
int digest) int digest)
{ {
int ret = 0; int ret = 0;
int idx = 0; word32 idx = 0;
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
byte* data; byte* data;
#else #else
@@ -755,7 +755,7 @@ int wc_SSH_KDF(byte hashId, byte keyId, byte* key, word32 keySz,
byte kPad = 0; byte kPad = 0;
byte pad = 0; byte pad = 0;
byte kSzFlat[LENGTH_SZ]; byte kSzFlat[LENGTH_SZ];
int digestSz; word32 digestSz;
int ret; int ret;
if (key == NULL || keySz == 0 || if (key == NULL || keySz == 0 ||
@@ -766,10 +766,11 @@ int wc_SSH_KDF(byte hashId, byte keyId, byte* key, word32 keySz,
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
digestSz = wc_HmacSizeByType(enmhashId); ret = wc_HmacSizeByType(enmhashId);
if (digestSz <= 0) { if (ret <= 0) {
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
digestSz = (word32)ret;
if (k[0] & 0x80) kPad = 1; if (k[0] & 0x80) kPad = 1;
c32toa(kSz + kPad, kSzFlat); c32toa(kSz + kPad, kSzFlat);

9
wolfcrypt/src/misc.c
View File

@@ -330,7 +330,7 @@ WC_MISC_STATIC WC_INLINE void ForceZero(void* mem, word32 len)
len -= l; len -= l;
while (l--) *z++ = 0; while (l--) *z++ = 0;
#endif #endif
for (w = (volatile word64*)z; len >= sizeof(*w); len -= sizeof(*w)) for (w = (volatile word64*)z; len >= sizeof(*w); len -= (word32)sizeof(*w))
*w++ = 0; *w++ = 0;
z = (volatile byte*)w; z = (volatile byte*)w;
#endif #endif
@@ -561,6 +561,13 @@ WC_MISC_STATIC WC_INLINE int ctMaskSelInt(byte m, int a, int b)
(a & ( (signed int)(signed char)m)); (a & ( (signed int)(signed char)m));
} }
/* Constant time - select word32 a when mask is set and word32 b otherwise. */
WC_MISC_STATIC WC_INLINE word32 ctMaskSelWord32(byte m, word32 a, word32 b)
{
return (((word32)b & (word32)(~(signed int)(signed char)m)) |
((word32)a & (word32)( (signed int)(signed char)m)));
}
/* Constant time - bit set when a <= b. */ /* Constant time - bit set when a <= b. */
WC_MISC_STATIC WC_INLINE byte ctSetLTE(int a, int b) WC_MISC_STATIC WC_INLINE byte ctSetLTE(int a, int b)
{ {

12
wolfcrypt/src/random.c
View File

@@ -370,8 +370,8 @@ static int Hash_df(DRBG_internal* drbg, byte* out, word32 outSz, byte type,
{ {
int ret = DRBG_FAILURE; int ret = DRBG_FAILURE;
byte ctr; byte ctr;
int i; word32 i;
int len; word32 len;
word32 bits = (outSz * 8); /* reverse byte order */ word32 bits = (outSz * 8); /* reverse byte order */
#ifdef WOLFSSL_SMALL_STACK_CACHE #ifdef WOLFSSL_SMALL_STACK_CACHE
wc_Sha256* sha = &drbg->sha256; wc_Sha256* sha = &drbg->sha256;
@@ -537,8 +537,8 @@ static int Hash_gen(DRBG_internal* drbg, byte* out, word32 outSz, const byte* V)
byte data[DRBG_SEED_LEN]; byte data[DRBG_SEED_LEN];
byte digest[WC_SHA256_DIGEST_SIZE]; byte digest[WC_SHA256_DIGEST_SIZE];
#endif #endif
int i; word32 i;
int len; word32 len;
#ifdef WOLFSSL_SMALL_STACK_CACHE #ifdef WOLFSSL_SMALL_STACK_CACHE
wc_Sha256* sha = &drbg->sha256; wc_Sha256* sha = &drbg->sha256;
#else #else
@@ -621,9 +621,9 @@ static WC_INLINE void array_add(byte* d, word32 dLen, const byte* s, word32 sLen
int sIdx, dIdx; int sIdx, dIdx;
word16 carry = 0; word16 carry = 0;
dIdx = dLen - 1; dIdx = (int)dLen - 1;
for (sIdx = (int)sLen - 1; sIdx >= 0; sIdx--) { for (sIdx = (int)sLen - 1; sIdx >= 0; sIdx--) {
carry += (word16)d[dIdx] + (word16)s[sIdx]; carry += (word16)(d[dIdx] + s[sIdx]);
d[dIdx] = (byte)carry; d[dIdx] = (byte)carry;
carry >>= 8; carry >>= 8;
dIdx--; dIdx--;

77
wolfcrypt/src/rsa.c
View File

@@ -373,7 +373,7 @@ int wc_InitRsaKey_Id(RsaKey* key, unsigned char* id, int len, void* heap,
if (ret == 0) if (ret == 0)
ret = wc_InitRsaKey_ex(key, heap, devId); ret = wc_InitRsaKey_ex(key, heap, devId);
if (ret == 0 && id != NULL && len != 0) { if (ret == 0 && id != NULL && len != 0) {
XMEMCPY(key->id, id, len); XMEMCPY(key->id, id, (size_t)len);
key->idLen = len; key->idLen = len;
#ifdef WOLFSSL_SE050 #ifdef WOLFSSL_SE050
/* Set SE050 ID from word32, populate RsaKey with public from SE050 */ /* Set SE050 ID from word32, populate RsaKey with public from SE050 */
@@ -403,7 +403,7 @@ int wc_InitRsaKey_Label(RsaKey* key, const char* label, void* heap, int devId)
if (ret == 0) if (ret == 0)
ret = wc_InitRsaKey_ex(key, heap, devId); ret = wc_InitRsaKey_ex(key, heap, devId);
if (ret == 0) { if (ret == 0) {
XMEMCPY(key->label, label, labelLen); XMEMCPY(key->label, label, (size_t)labelLen);
key->labelLen = labelLen; key->labelLen = labelLen;
} }
@@ -1141,7 +1141,7 @@ static int RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock,
void* heap) void* heap)
{ {
int ret; int ret;
int hLen; word32 hLen;
int psLen; int psLen;
int i; int i;
word32 idx; word32 idx;
@@ -1163,10 +1163,11 @@ static int RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock,
} }
/* limit of label is the same as limit of hash function which is massive */ /* limit of label is the same as limit of hash function which is massive */
hLen = wc_HashGetDigestSize(hType); ret = wc_HashGetDigestSize(hType);
if (hLen < 0) { if (ret < 0) {
return hLen; return ret;
} }
hLen = (word32)ret;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
lHash = (byte*)XMALLOC(hLen, heap, DYNAMIC_TYPE_RSA_BUFFER); lHash = (byte*)XMALLOC(hLen, heap, DYNAMIC_TYPE_RSA_BUFFER);
@@ -1181,7 +1182,7 @@ static int RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock,
#else #else
/* hLen should never be larger than lHash since size is max digest size, /* hLen should never be larger than lHash since size is max digest size,
but check before blindly calling wc_Hash */ but check before blindly calling wc_Hash */
if ((word32)hLen > sizeof(lHash)) { if (hLen > sizeof(lHash)) {
WOLFSSL_MSG("OAEP lHash to small for digest!!"); WOLFSSL_MSG("OAEP lHash to small for digest!!");
return MEMORY_E; return MEMORY_E;
} }
@@ -1204,7 +1205,7 @@ static int RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock,
k = RSA key size k = RSA key size
hLen = hash digest size -- will always be >= 0 at this point hLen = hash digest size -- will always be >= 0 at this point
*/ */
if ((word32)(2 * hLen + 2) > pkcsBlockLen) { if ((2 * hLen + 2) > pkcsBlockLen) {
WOLFSSL_MSG("OAEP pad error hash to big for RSA key size"); WOLFSSL_MSG("OAEP pad error hash to big for RSA key size");
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
XFREE(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER); XFREE(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER);
@@ -1224,7 +1225,7 @@ static int RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock,
/* concatenate lHash || PS || 0x01 || msg */ /* concatenate lHash || PS || 0x01 || msg */
idx = pkcsBlockLen - 1 - inputLen; idx = pkcsBlockLen - 1 - inputLen;
psLen = pkcsBlockLen - inputLen - 2 * hLen - 2; psLen = (int)pkcsBlockLen - (int)inputLen - 2 * (int)hLen - 2;
if (pkcsBlockLen < inputLen) { /*make sure not writing over end of buffer */ if (pkcsBlockLen < inputLen) { /*make sure not writing over end of buffer */
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
XFREE(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER); XFREE(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER);
@@ -1301,7 +1302,7 @@ static int RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock,
/* xor created seedMask with seed to make maskedSeed */ /* xor created seedMask with seed to make maskedSeed */
i = 0; i = 0;
while (idx < (word32)(hLen + 1) && i < hLen) { while (idx < (hLen + 1) && i < (int)hLen) {
pkcsBlock[idx] = pkcsBlock[idx] ^ seed[i++]; pkcsBlock[idx] = pkcsBlock[idx] ^ seed[i++];
idx++; idx++;
} }
@@ -1635,7 +1636,7 @@ static int RsaUnPad_OAEP(byte *pkcsBlock, unsigned int pkcsBlockLen,
byte **output, enum wc_HashType hType, int mgf, byte **output, enum wc_HashType hType, int mgf,
byte* optLabel, word32 labelLen, void* heap) byte* optLabel, word32 labelLen, void* heap)
{ {
int hLen; word32 hLen;
int ret; int ret;
byte h[WC_MAX_DIGEST_SIZE]; /* max digest size */ byte h[WC_MAX_DIGEST_SIZE]; /* max digest size */
word32 idx; word32 idx;
@@ -1653,10 +1654,11 @@ static int RsaUnPad_OAEP(byte *pkcsBlock, unsigned int pkcsBlockLen,
return BUFFER_E; return BUFFER_E;
} }
hLen = wc_HashGetDigestSize(hType); ret = wc_HashGetDigestSize(hType);
if ((hLen < 0) || (pkcsBlockLen < (2 * (word32)hLen + 2))) { if ((ret < 0) || (pkcsBlockLen < (2 * (word32)ret + 2))) {
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
hLen = (word32)ret;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
tmp = (byte*)XMALLOC(pkcsBlockLen, heap, DYNAMIC_TYPE_RSA_BUFFER); tmp = (byte*)XMALLOC(pkcsBlockLen, heap, DYNAMIC_TYPE_RSA_BUFFER);
@@ -1730,16 +1732,16 @@ static int RsaUnPad_OAEP(byte *pkcsBlock, unsigned int pkcsBlockLen,
these checks. these checks.
*/ */
ret = 0; ret = 0;
ret |= ConstantCompare(pkcsBlock + hLen + 1, h, hLen); ret |= ConstantCompare(pkcsBlock + hLen + 1, h, (int)hLen);
ret += pkcsBlock[idx++] ^ 0x01; /* separator value is 0x01 */ ret += pkcsBlock[idx++] ^ 0x01; /* separator value is 0x01 */
ret += pkcsBlock[0] ^ 0x00; /* Y, the first value, should be 0 */ ret += pkcsBlock[0] ^ 0x00; /* Y, the first value, should be 0 */
/* Return 0 data length on error. */ /* Return 0 data length on error. */
idx = ctMaskSelInt(ctMaskEq(ret, 0), idx, pkcsBlockLen); idx = ctMaskSelWord32(ctMaskEq(ret, 0), idx, pkcsBlockLen);
/* adjust pointer to correct location in array and return size of M */ /* adjust pointer to correct location in array and return size of M */
*output = (byte*)(pkcsBlock + idx); *output = (byte*)(pkcsBlock + idx);
return pkcsBlockLen - idx; return (int)(pkcsBlockLen - idx);
} }
#endif /* !WC_NO_RSA_OAEP */ #endif /* !WC_NO_RSA_OAEP */
@@ -1916,7 +1918,7 @@ static int RsaUnPad(const byte *pkcsBlock, unsigned int pkcsBlockLen,
} }
*output = (byte *)(pkcsBlock + i); *output = (byte *)(pkcsBlock + i);
ret = pkcsBlockLen - i; ret = (int)pkcsBlockLen - i;
} }
#ifndef WOLFSSL_RSA_VERIFY_ONLY #ifndef WOLFSSL_RSA_VERIFY_ONLY
else { else {
@@ -1928,21 +1930,21 @@ static int RsaUnPad(const byte *pkcsBlock, unsigned int pkcsBlockLen,
/* Decrypted with private key - unpad must be constant time. */ /* Decrypted with private key - unpad must be constant time. */
for (j = 2; j < pkcsBlockLen; j++) { for (j = 2; j < pkcsBlockLen; j++) {
/* Update i if not passed the separator and at separator. */ /* Update i if not passed the separator and at separator. */
i |= (~pastSep) & ctMask16Eq(pkcsBlock[j], 0x00) & (j + 1); i |= (word16)(~pastSep) & ctMask16Eq(pkcsBlock[j], 0x00) & (word16)(j + 1);
pastSep |= ctMask16Eq(pkcsBlock[j], 0x00); pastSep |= ctMask16Eq(pkcsBlock[j], 0x00);
} }
/* Minimum of 11 bytes of pre-message data - including leading 0x00. */ /* Minimum of 11 bytes of pre-message data - including leading 0x00. */
invalid |= ctMaskLT(i, RSA_MIN_PAD_SZ); invalid |= ctMaskLT(i, RSA_MIN_PAD_SZ);
/* Must have seen separator. */ /* Must have seen separator. */
invalid |= ~pastSep; invalid |= (byte)~pastSep;
/* First byte must be 0x00. */ /* First byte must be 0x00. */
invalid |= ctMaskNotEq(pkcsBlock[0], 0x00); invalid |= ctMaskNotEq(pkcsBlock[0], 0x00);
/* Check against expected block type: padValue */ /* Check against expected block type: padValue */
invalid |= ctMaskNotEq(pkcsBlock[1], padValue); invalid |= ctMaskNotEq(pkcsBlock[1], padValue);
*output = (byte *)(pkcsBlock + i); *output = (byte *)(pkcsBlock + i);
ret = ((int)-1 + (int)(invalid >> 7)) & (pkcsBlockLen - i); ret = ((int)-1 + (int)(invalid >> 7)) & ((int)pkcsBlockLen - i);
} }
#endif #endif
@@ -2782,7 +2784,7 @@ static int RsaFunctionSync(const byte* in, word32 inLen, byte* out,
} }
if (ret == 0) { if (ret == 0) {
if (mp_to_unsigned_bin_len(tmp, out, *outLen) != MP_OKAY) if (mp_to_unsigned_bin_len(tmp, out, (int)*outLen) != MP_OKAY)
ret = MP_TO_E; ret = MP_TO_E;
} }
#else #else
@@ -2803,11 +2805,14 @@ static int RsaFunctionSync(const byte* in, word32 inLen, byte* out,
static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out, static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
word32* outLen, int type, RsaKey* key, WC_RNG* rng) word32* outLen, int type, RsaKey* key, WC_RNG* rng)
{ {
#ifdef WOLFSSL_HAVE_SP_RSA
int ret; int ret;
#endif word32 keyLen;
word32 keyLen = wc_RsaEncryptSize(key); ret = wc_RsaEncryptSize(key);
if (ret < 0) {
return ret;
}
keyLen = (word32)ret;
if (inLen > keyLen) { if (inLen > keyLen) {
WOLFSSL_MSG("Expected that inLen be no longer RSA key length"); WOLFSSL_MSG("Expected that inLen be no longer RSA key length");
@@ -3187,8 +3192,7 @@ static int wc_RsaFunction_ex(const byte* in, word32 inLen, byte* out,
#ifndef WOLF_CRYPTO_CB_ONLY_RSA #ifndef WOLF_CRYPTO_CB_ONLY_RSA
if (ret != CRYPTOCB_UNAVAILABLE) if (ret != CRYPTOCB_UNAVAILABLE)
return ret; return ret;
/* fall-through when unavailable */ /* fall-through when unavailable and try using software */
ret = 0; /* reset error code and try using software */
#else #else
return ret; return ret;
#endif #endif
@@ -3371,7 +3375,7 @@ static int RsaPublicEncryptEx(const byte* in, word32 inLen, byte* out,
#endif /* WOLFSSL_CRYPTOCELL */ #endif /* WOLFSSL_CRYPTOCELL */
key->state = RSA_STATE_ENCRYPT_PAD; key->state = RSA_STATE_ENCRYPT_PAD;
ret = wc_RsaPad_ex(in, inLen, out, sz, pad_value, rng, pad_type, hash, ret = wc_RsaPad_ex(in, inLen, out, (word32)sz, pad_value, rng, pad_type, hash,
mgf, label, labelSz, saltLen, mp_count_bits(&key->n), mgf, label, labelSz, saltLen, mp_count_bits(&key->n),
key->heap); key->heap);
if (ret < 0) { if (ret < 0) {
@@ -3384,7 +3388,7 @@ static int RsaPublicEncryptEx(const byte* in, word32 inLen, byte* out,
case RSA_STATE_ENCRYPT_EXPTMOD: case RSA_STATE_ENCRYPT_EXPTMOD:
key->dataLen = outLen; key->dataLen = outLen;
ret = wc_RsaFunction(out, sz, out, &key->dataLen, rsa_type, key, rng); ret = wc_RsaFunction(out, (word32)sz, out, &key->dataLen, rsa_type, key, rng);
if (ret >= 0 || ret == WC_PENDING_E) { if (ret >= 0 || ret == WC_PENDING_E) {
key->state = RSA_STATE_ENCRYPT_RES; key->state = RSA_STATE_ENCRYPT_RES;
@@ -3396,7 +3400,7 @@ static int RsaPublicEncryptEx(const byte* in, word32 inLen, byte* out,
FALL_THROUGH; FALL_THROUGH;
case RSA_STATE_ENCRYPT_RES: case RSA_STATE_ENCRYPT_RES:
ret = key->dataLen; ret = (int)key->dataLen;
break; break;
default: default:
@@ -3588,8 +3592,8 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
for (j = 0; j < key->dataLen; j++) { for (j = 0; j < key->dataLen; j++) {
signed char c; signed char c;
out[i] = key->data[j]; out[i] = key->data[j];
c = ctMaskGTE(j, start); c = (signed char)ctMaskGTE((int)j, start);
c &= ctMaskLT(i, outLen); c &= (signed char)ctMaskLT((int)i, (int)outLen);
/* 0 - no add, -1 add */ /* 0 - no add, -1 add */
i += (word32)((byte)(-c)); i += (word32)((byte)(-c));
} }
@@ -3597,14 +3601,14 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
else else
#endif #endif
{ {
XMEMCPY(out, pad, ret); XMEMCPY(out, pad, (size_t)ret);
} }
} }
else else
*outPtr = pad; *outPtr = pad;
#if !defined(WOLFSSL_RSA_VERIFY_ONLY) #if !defined(WOLFSSL_RSA_VERIFY_ONLY)
ret = ctMaskSelInt(ctMaskLTE(ret, outLen), ret, RSA_BUFFER_E); ret = ctMaskSelInt(ctMaskLTE(ret, (int)outLen), ret, RSA_BUFFER_E);
#ifndef WOLFSSL_RSA_DECRYPT_TO_0_LEN #ifndef WOLFSSL_RSA_DECRYPT_TO_0_LEN
ret = ctMaskSelInt(ctMaskNotEq(ret, 0), ret, RSA_BUFFER_E); ret = ctMaskSelInt(ctMaskNotEq(ret, 0), ret, RSA_BUFFER_E);
#endif #endif
@@ -4545,7 +4549,7 @@ static int _CheckProbablePrime(mp_int* p, mp_int* q, mp_int* e, int nlen,
/* 4.4,5.5 - Check that prime >= (2^(1/2))(2^((nlen/2)-1)) /* 4.4,5.5 - Check that prime >= (2^(1/2))(2^((nlen/2)-1))
* This is a comparison against lowerBound */ * This is a comparison against lowerBound */
ret = mp_read_unsigned_bin(tmp1, lower_bound, nlen/16); ret = mp_read_unsigned_bin(tmp1, lower_bound, (word32)nlen/16);
if (ret != MP_OKAY) goto notOkay; if (ret != MP_OKAY) goto notOkay;
ret = mp_cmp(prime, tmp1); ret = mp_cmp(prime, tmp1);
if (ret == MP_LT) goto exit; if (ret == MP_LT) goto exit;
@@ -4723,7 +4727,8 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
mp_int tmp2_buf, *tmp2 = &tmp2_buf; mp_int tmp2_buf, *tmp2 = &tmp2_buf;
mp_int tmp3_buf, *tmp3 = &tmp3_buf; mp_int tmp3_buf, *tmp3 = &tmp3_buf;
#endif /* WOLFSSL_SMALL_STACK */ #endif /* WOLFSSL_SMALL_STACK */
int i, failCount, primeSz, isPrime = 0; int i, failCount, isPrime = 0;
word32 primeSz;
byte* buf = NULL; byte* buf = NULL;
#endif /* !WOLFSSL_CRYPTOCELL && !WOLFSSL_SE050 */ #endif /* !WOLFSSL_CRYPTOCELL && !WOLFSSL_SE050 */
int err; int err;
@@ -4826,7 +4831,7 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
/* The failCount value comes from NIST FIPS 186-4, section B.3.3, /* The failCount value comes from NIST FIPS 186-4, section B.3.3,
* process steps 4.7 and 5.8. */ * process steps 4.7 and 5.8. */
failCount = 5 * (size / 2); failCount = 5 * (size / 2);
primeSz = size / 16; /* size is the size of n in bits. primeSz = (word32)size / 16; /* size is the size of n in bits.
primeSz is in bytes. */ primeSz is in bytes. */
/* allocate buffer to work with */ /* allocate buffer to work with */

22
wolfcrypt/src/sp_int.c
View File

@@ -245,7 +245,7 @@ do { \
int n##ii; \ int n##ii; \
(n)[0] = n##d; \ (n)[0] = n##d; \
(n)[0]->size = (s); \ (n)[0]->size = (s); \
for (n##ii = 1; n##ii < (c); n##ii++) { \ for (n##ii = 1; n##ii < (int)(c); n##ii++) { \
(n)[n##ii] = MP_INT_NEXT((n)[n##ii-1], s); \ (n)[n##ii] = MP_INT_NEXT((n)[n##ii-1], s); \
(n)[n##ii]->size = (s); \ (n)[n##ii]->size = (s); \
} \ } \
@@ -5037,9 +5037,9 @@ int sp_cond_swap_ct(sp_int* a, sp_int* b, int cnt, int swap)
ALLOC_SP_INT(t, cnt, err, NULL); ALLOC_SP_INT(t, cnt, err, NULL);
if (err == MP_OKAY) { if (err == MP_OKAY) {
/* XOR other fields in sp_int into temp - mask set when swapping. */ /* XOR other fields in sp_int into temp - mask set when swapping. */
t->used = (a->used ^ b->used) & mask; t->used = (a->used ^ b->used) & (unsigned int)mask;
#ifdef WOLFSSL_SP_INT_NEGATIVE #ifdef WOLFSSL_SP_INT_NEGATIVE
t->sign = (a->sign ^ b->sign) & mask; t->sign = (a->sign ^ b->sign) & (unsigned int)mask;
#endif #endif
/* XOR requested words into temp - mask set when swapping. */ /* XOR requested words into temp - mask set when swapping. */
@@ -7749,7 +7749,7 @@ int sp_lshd(sp_int* a, int s)
/* Move up digits. */ /* Move up digits. */
XMEMMOVE(a->dp + s, a->dp, a->used * SP_WORD_SIZEOF); XMEMMOVE(a->dp + s, a->dp, a->used * SP_WORD_SIZEOF);
/* Back fill with zeros. */ /* Back fill with zeros. */
XMEMSET(a->dp, 0, s * SP_WORD_SIZEOF); XMEMSET(a->dp, 0, (size_t)s * SP_WORD_SIZEOF);
/* Update used. */ /* Update used. */
a->used += (unsigned int)s; a->used += (unsigned int)s;
/* Remove leading zeros. */ /* Remove leading zeros. */
@@ -8597,7 +8597,7 @@ static int _sp_mul(const sp_int* a, const sp_int* b, sp_int* r)
} }
for (; k <= (a->used - 1) + (b->used - 1); k++) { for (; k <= (a->used - 1) + (b->used - 1); k++) {
j = (int)(b->used - 1); j = (int)(b->used - 1);
i = k - j; i = k - (unsigned int)j;
for (; (i < a->used) && (j >= 0); i++, j--) { for (; (i < a->used) && (j >= 0); i++, j--) {
SP_ASM_MUL_ADD(l, h, o, a->dp[i], b->dp[j]); SP_ASM_MUL_ADD(l, h, o, a->dp[i], b->dp[j]);
} }
@@ -13240,9 +13240,9 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
* - Montgomery form of base * - Montgomery form of base
*/ */
#ifndef WOLFSSL_SP_NO_MALLOC #ifndef WOLFSSL_SP_NO_MALLOC
ALLOC_DYN_SP_INT_ARRAY(t, m->used * 2 + 1, preCnt + 2, err, NULL); ALLOC_DYN_SP_INT_ARRAY(t, m->used * 2 + 1, (size_t)preCnt + 2, err, NULL);
#else #else
ALLOC_SP_INT_ARRAY(t, m->used * 2 + 1, preCnt + 2, err, NULL); ALLOC_SP_INT_ARRAY(t, m->used * 2 + 1, (size_t)preCnt + 2, err, NULL);
#endif #endif
if (err == MP_OKAY) { if (err == MP_OKAY) {
/* Set variables to use allocate memory. */ /* Set variables to use allocate memory. */
@@ -13412,7 +13412,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
n <<= winBits; n <<= winBits;
c -= winBits; c -= winBits;
} }
y &= mask; y &= (int)mask;
} }
/* 4.5. Montgomery multiply result by table entry. */ /* 4.5. Montgomery multiply result by table entry. */
@@ -17751,7 +17751,7 @@ int sp_rand_prime(sp_int* r, int len, WC_RNG* rng, void* heap)
} }
/* Get number of digits required to handle required number of bytes. */ /* Get number of digits required to handle required number of bytes. */
digits = (len + SP_WORD_SIZEOF - 1) / SP_WORD_SIZEOF; digits = ((unsigned int)len + SP_WORD_SIZEOF - 1) / SP_WORD_SIZEOF;
/* Ensure result has space. */ /* Ensure result has space. */
if (r->size < digits) { if (r->size < digits) {
err = MP_VAL; err = MP_VAL;
@@ -17812,7 +17812,7 @@ int sp_rand_prime(sp_int* r, int len, WC_RNG* rng, void* heap)
fflush(stdout); fflush(stdout);
#endif /* SHOW_GEN */ #endif /* SHOW_GEN */
/* Generate bytes into digit array. */ /* Generate bytes into digit array. */
err = wc_RNG_GenerateBlock(rng, (byte*)r->dp, len); err = wc_RNG_GenerateBlock(rng, (byte*)r->dp, (word32)len);
if (err != 0) { if (err != 0) {
err = MP_VAL; err = MP_VAL;
break; break;
@@ -18379,7 +18379,7 @@ static WC_INLINE int _sp_gcd(const sp_int* a, const sp_int* b, sp_int* r)
/* Used for swapping sp_ints. */ /* Used for swapping sp_ints. */
sp_int* s; sp_int* s;
/* Determine maximum digit length numbers will reach. */ /* Determine maximum digit length numbers will reach. */
int used = (a->used >= b->used) ? a->used + 1 : b->used + 1; unsigned int used = (a->used >= b->used) ? a->used + 1 : b->used + 1;
DECL_SP_INT_ARRAY(d, used, 3); DECL_SP_INT_ARRAY(d, used, 3);
SAVE_VECTOR_REGISTERS(err = _svr_ret;); SAVE_VECTOR_REGISTERS(err = _svr_ret;);

4
wolfcrypt/src/wolfmath.c
View File

@@ -149,10 +149,10 @@ int mp_cond_copy(mp_int* a, int copy, mp_int* b)
for (; i < b->used; i++) { for (; i < b->used; i++) {
b->dp[i] ^= (get_digit(a, (int)i) ^ get_digit(b, (int)i)) & mask; b->dp[i] ^= (get_digit(a, (int)i) ^ get_digit(b, (int)i)) & mask;
} }
b->used ^= (a->used ^ b->used) & (mp_digit)mask; b->used ^= (a->used ^ b->used) & (unsigned int)mask;
#if (!defined(WOLFSSL_SP_MATH) && !defined(WOLFSSL_SP_MATH_ALL)) || \ #if (!defined(WOLFSSL_SP_MATH) && !defined(WOLFSSL_SP_MATH_ALL)) || \
defined(WOLFSSL_SP_INT_NEGATIVE) defined(WOLFSSL_SP_INT_NEGATIVE)
b->sign ^= (a->sign ^ b->sign) & (mp_digit)mask; b->sign ^= (a->sign ^ b->sign) & (unsigned int)mask;
#endif #endif
} }

4
wolfssl/wolfcrypt/kdf.h
View File

@@ -76,8 +76,8 @@ enum {
MAX_TLS13_HKDF_LABEL_SZ = 47 + WC_MAX_DIGEST_SIZE MAX_TLS13_HKDF_LABEL_SZ = 47 + WC_MAX_DIGEST_SIZE
}; };
WOLFSSL_API int wc_Tls13_HKDF_Extract(byte* prk, const byte* salt, int saltLen, WOLFSSL_API int wc_Tls13_HKDF_Extract(byte* prk, const byte* salt,
byte* ikm, int ikmLen, int digest); word32 saltLen, byte* ikm, word32 ikmLen, int digest);
WOLFSSL_API int wc_Tls13_HKDF_Expand_Label(byte* okm, word32 okmLen, WOLFSSL_API int wc_Tls13_HKDF_Expand_Label(byte* okm, word32 okmLen,
const byte* prk, word32 prkLen, const byte* prk, word32 prkLen,

1
wolfssl/wolfcrypt/misc.h
View File

@@ -128,6 +128,7 @@ WOLFSSL_LOCAL word16 ctMask16Eq(int a, int b);
WOLFSSL_LOCAL byte ctMaskNotEq(int a, int b); WOLFSSL_LOCAL byte ctMaskNotEq(int a, int b);
WOLFSSL_LOCAL byte ctMaskSel(byte m, byte a, byte b); WOLFSSL_LOCAL byte ctMaskSel(byte m, byte a, byte b);
WOLFSSL_LOCAL int ctMaskSelInt(byte m, int a, int b); WOLFSSL_LOCAL int ctMaskSelInt(byte m, int a, int b);
WOLFSSL_LOCAL word32 ctMaskSelWord32(byte m, word32 a, word32 b);
WOLFSSL_LOCAL byte ctSetLTE(int a, int b); WOLFSSL_LOCAL byte ctSetLTE(int a, int b);
WOLFSSL_LOCAL void ctMaskCopy(byte mask, byte* dst, byte* src, word16 size); WOLFSSL_LOCAL void ctMaskCopy(byte mask, byte* dst, byte* src, word16 size);
WOLFSSL_LOCAL word32 MakeWordFromHash(const byte* hashID); WOLFSSL_LOCAL word32 MakeWordFromHash(const byte* hashID);

20
wolfssl/wolfcrypt/sp_int.h
View File

@@ -669,8 +669,8 @@ typedef struct sp_ecc_ctx {
*/ */
#define sp_clamp(a) \ #define sp_clamp(a) \
do { \ do { \
unsigned int ii; \ int ii; \
for (ii = (a)->used - 1; ii >= 0 && (a)->dp[ii] == 0; ii--) { \ for (ii = (int)(a)->used - 1; ii >= 0 && (a)->dp[ii] == 0; ii--) { \
} \ } \
(a)->used = (unsigned int)ii + 1; \ (a)->used = (unsigned int)ii + 1; \
} while (0) } while (0)
@@ -759,7 +759,7 @@ typedef struct sp_ecc_ctx {
/* Calculate the number of words required to support a number of bits. */ /* Calculate the number of words required to support a number of bits. */
#define MP_BITS_CNT(bits) \ #define MP_BITS_CNT(bits) \
(((bits + SP_WORD_SIZE - 1) / SP_WORD_SIZE) * 2 + 1) ((((bits) + SP_WORD_SIZE - 1) / SP_WORD_SIZE) * 2 + 1)
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
/* /*
@@ -772,13 +772,13 @@ typedef struct sp_ecc_ctx {
#define DECL_MP_INT_SIZE(name, bits) \ #define DECL_MP_INT_SIZE(name, bits) \
sp_int* name = NULL sp_int* name = NULL
/* Allocate an mp_int of minimal size and zero out. */ /* Allocate an mp_int of minimal size and zero out. */
#define NEW_MP_INT_SIZE(name, bits, heap, type) \ #define NEW_MP_INT_SIZE(name, bits, heap, type) \
do { \ do { \
name = (mp_int*)XMALLOC(MP_INT_SIZEOF(MP_BITS_CNT(bits)), heap, type); \ (name) = (mp_int*)XMALLOC(MP_INT_SIZEOF(MP_BITS_CNT(bits)), heap, type); \
if (name != NULL) { \ if ((name) != NULL) { \
XMEMSET(name, 0, MP_INT_SIZEOF(MP_BITS_CNT(bits))); \ XMEMSET(name, 0, MP_INT_SIZEOF(MP_BITS_CNT(bits))); \
} \ } \
} \ } \
while (0) while (0)
/* Dispose of dynamically allocated mp_int. */ /* Dispose of dynamically allocated mp_int. */
#define FREE_MP_INT_SIZE(name, heap, type) \ #define FREE_MP_INT_SIZE(name, heap, type) \