WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Fix: Address and clean up code conversion in various files.

pull/8135/head
Reda Chouk 2025-02-21 21:40:53 +01:00
parent 146d17d134
commit 9178c53f79
20 changed files with 340 additions and 297 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
src/bio.c
View File

@ -142,7 +142,7 @@ static int wolfSSL_BIO_MEMORY_read(WOLFSSL_BIO* bio, void* buf, int len)
return WOLFSSL_BIO_ERROR; return WOLFSSL_BIO_ERROR;
} }
XMEMCPY(buf, bio->mem_buf->data + bio->rdIdx, sz); XMEMCPY(buf, bio->mem_buf->data + bio->rdIdx, (size_t)sz);
bio->rdIdx += sz; bio->rdIdx += sz;
if (bio->rdIdx >= bio->wrSz) { if (bio->rdIdx >= bio->wrSz) {
@ -167,14 +167,14 @@ static int wolfSSL_BIO_MEMORY_read(WOLFSSL_BIO* bio, void* buf, int len)
/* Resize the memory so we are not taking up more than necessary. /* Resize the memory so we are not taking up more than necessary.
* memmove reverts internally to memcpy if areas don't overlap */ * memmove reverts internally to memcpy if areas don't overlap */
XMEMMOVE(bio->mem_buf->data, bio->mem_buf->data + bio->rdIdx, XMEMMOVE(bio->mem_buf->data, bio->mem_buf->data + bio->rdIdx,
bio->wrSz - bio->rdIdx); (long unsigned int)bio->wrSz - (size_t)bio->rdIdx);
bio->wrSz -= bio->rdIdx; bio->wrSz -= bio->rdIdx;
bio->rdIdx = 0; bio->rdIdx = 0;
/* Resize down to WOLFSSL_BIO_RESIZE_THRESHOLD for fewer /* Resize down to WOLFSSL_BIO_RESIZE_THRESHOLD for fewer
* allocations. */ * allocations. */
if (wolfSSL_BUF_MEM_resize(bio->mem_buf, if (wolfSSL_BUF_MEM_resize(bio->mem_buf,
bio->wrSz > WOLFSSL_BIO_RESIZE_THRESHOLD ? bio->wrSz : bio->wrSz > WOLFSSL_BIO_RESIZE_THRESHOLD ?
WOLFSSL_BIO_RESIZE_THRESHOLD) == 0) { (size_t)bio->wrSz : WOLFSSL_BIO_RESIZE_THRESHOLD) == 0) {
WOLFSSL_MSG("wolfSSL_BUF_MEM_resize error"); WOLFSSL_MSG("wolfSSL_BUF_MEM_resize error");
return WOLFSSL_BIO_ERROR; return WOLFSSL_BIO_ERROR;
} }
@ -568,7 +568,7 @@ static int wolfSSL_BIO_BIO_write(WOLFSSL_BIO* bio, const void* data,
WOLFSSL_MSG("Error in wolfSSL_BIO_nwrite"); WOLFSSL_MSG("Error in wolfSSL_BIO_nwrite");
return sz1; return sz1;
} }
XMEMCPY(buf, data, sz1); XMEMCPY(buf, data, (size_t)sz1);
data = (char*)data + sz1; data = (char*)data + sz1;
len -= sz1; len -= sz1;
@ -576,7 +576,7 @@ static int wolfSSL_BIO_BIO_write(WOLFSSL_BIO* bio, const void* data,
/* try again to see if maybe we wrapped around the ring buffer */ /* try again to see if maybe we wrapped around the ring buffer */
sz2 = wolfSSL_BIO_nwrite(bio, &buf, len); sz2 = wolfSSL_BIO_nwrite(bio, &buf, len);
if (sz2 > 0) { if (sz2 > 0) {
XMEMCPY(buf, data, sz2); XMEMCPY(buf, data, (size_t)sz2);
sz1 += sz2; sz1 += sz2;
if (len > sz2) if (len > sz2)
bio->flags |= WOLFSSL_BIO_FLAG_WRITE|WOLFSSL_BIO_FLAG_RETRY; bio->flags |= WOLFSSL_BIO_FLAG_WRITE|WOLFSSL_BIO_FLAG_RETRY;
@ -614,8 +614,8 @@ static int wolfSSL_BIO_MEMORY_write(WOLFSSL_BIO* bio, const void* data,
if (len == 0) if (len == 0)
return WOLFSSL_SUCCESS; /* Return early to make logic simpler */ return WOLFSSL_SUCCESS; /* Return early to make logic simpler */
if (wolfSSL_BUF_MEM_grow_ex(bio->mem_buf, bio->wrSz + len, 0) if (wolfSSL_BUF_MEM_grow_ex(bio->mem_buf, ((size_t)bio->wrSz) +
== 0) { ((size_t)len), 0) == 0) {
WOLFSSL_MSG("Error growing memory area"); WOLFSSL_MSG("Error growing memory area");
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
@ -625,7 +625,7 @@ static int wolfSSL_BIO_MEMORY_write(WOLFSSL_BIO* bio, const void* data,
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
XMEMCPY(bio->mem_buf->data + bio->wrSz, data, len); XMEMCPY(bio->mem_buf->data + bio->wrSz, data, (size_t)len);
bio->ptr.mem_buf_data = (byte *)bio->mem_buf->data; bio->ptr.mem_buf_data = (byte *)bio->mem_buf->data;
bio->num.length = bio->mem_buf->max; bio->num.length = bio->mem_buf->max;
bio->wrSz += len; bio->wrSz += len;
@ -1146,7 +1146,7 @@ int wolfSSL_BIO_gets(WOLFSSL_BIO* bio, char* buf, int sz)
ret = wolfSSL_BIO_nread(bio, &c, cSz); ret = wolfSSL_BIO_nread(bio, &c, cSz);
if (ret > 0 && ret < sz) { if (ret > 0 && ret < sz) {
XMEMCPY(buf, c, ret); XMEMCPY(buf, c, (size_t)ret);
} }
break; break;
} }
@ -1268,13 +1268,13 @@ size_t wolfSSL_BIO_wpending(const WOLFSSL_BIO *bio)
return 0; return 0;
if (bio->type == WOLFSSL_BIO_MEMORY) { if (bio->type == WOLFSSL_BIO_MEMORY) {
return bio->wrSz; return (size_t)bio->wrSz;
} }
/* type BIO_BIO then check paired buffer */ /* type BIO_BIO then check paired buffer */
if (bio->type == WOLFSSL_BIO_BIO && bio->pair != NULL) { if (bio->type == WOLFSSL_BIO_BIO && bio->pair != NULL) {
WOLFSSL_BIO* pair = bio->pair; WOLFSSL_BIO* pair = bio->pair;
return pair->wrIdx; return (size_t)pair->wrIdx;
} }
return 0; return 0;
@ -1320,12 +1320,12 @@ size_t wolfSSL_BIO_ctrl_pending(WOLFSSL_BIO *bio)
#ifndef WOLFCRYPT_ONLY #ifndef WOLFCRYPT_ONLY
if (bio->type == WOLFSSL_BIO_SSL && bio->ptr.ssl != NULL) { if (bio->type == WOLFSSL_BIO_SSL && bio->ptr.ssl != NULL) {
return (long)wolfSSL_pending(bio->ptr.ssl); return (size_t)wolfSSL_pending(bio->ptr.ssl);
} }
#endif #endif
if (bio->type == WOLFSSL_BIO_MEMORY) { if (bio->type == WOLFSSL_BIO_MEMORY) {
return bio->wrSz - bio->rdIdx; return (size_t)(bio->wrSz - bio->rdIdx);
} }
/* type BIO_BIO then check paired buffer */ /* type BIO_BIO then check paired buffer */
@ -1334,11 +1334,12 @@ size_t wolfSSL_BIO_ctrl_pending(WOLFSSL_BIO *bio)
if (pair->wrIdx > 0 && pair->wrIdx <= pair->rdIdx) { if (pair->wrIdx > 0 && pair->wrIdx <= pair->rdIdx) {
/* in wrap around state where beginning of buffer is being /* in wrap around state where beginning of buffer is being
* overwritten */ * overwritten */
return pair->wrSz - pair->rdIdx + pair->wrIdx; return ((size_t)pair->wrSz) - ((size_t)pair->rdIdx) +
((size_t)pair->wrIdx);
} }
else { else {
/* simple case where has not wrapped around */ /* simple case where has not wrapped around */
return pair->wrIdx - pair->rdIdx; return (size_t)(pair->wrIdx - pair->rdIdx);
} }
} }
return 0; return 0;
@ -1435,7 +1436,7 @@ int wolfSSL_BIO_set_write_buf_size(WOLFSSL_BIO *bio, long size)
XFREE(bio->ptr.mem_buf_data, bio->heap, DYNAMIC_TYPE_OPENSSL); XFREE(bio->ptr.mem_buf_data, bio->heap, DYNAMIC_TYPE_OPENSSL);
} }
bio->ptr.mem_buf_data = (byte*)XMALLOC(size, bio->heap, bio->ptr.mem_buf_data = (byte*)XMALLOC((size_t)size, bio->heap,
DYNAMIC_TYPE_OPENSSL); DYNAMIC_TYPE_OPENSSL);
if (bio->ptr.mem_buf_data == NULL) { if (bio->ptr.mem_buf_data == NULL) {
WOLFSSL_MSG("Memory allocation error"); WOLFSSL_MSG("Memory allocation error");
@ -1451,7 +1452,7 @@ int wolfSSL_BIO_set_write_buf_size(WOLFSSL_BIO *bio, long size)
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
bio->wrSz = (int)size; bio->wrSz = (int)size;
bio->num.length = size; bio->num.length = (size_t)size;
bio->wrIdx = 0; bio->wrIdx = 0;
bio->rdIdx = 0; bio->rdIdx = 0;
if (bio->mem_buf != NULL) { if (bio->mem_buf != NULL) {
@ -2401,10 +2402,11 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
else else
port = str + XSTRLEN(str); /* point to null terminator */ port = str + XSTRLEN(str); /* point to null terminator */
bio->ip = (char*)XMALLOC((port - str) + 1, /* +1 for null char */ bio->ip = (char*)XMALLOC(
(size_t)(port - str) + 1, /* +1 for null char */
bio->heap, DYNAMIC_TYPE_OPENSSL); bio->heap, DYNAMIC_TYPE_OPENSSL);
if (bio->ip != NULL) { if (bio->ip != NULL) {
XMEMCPY(bio->ip, str, port - str); XMEMCPY(bio->ip, str, (size_t)(port - str));
bio->ip[port - str] = '\0'; bio->ip[port - str] = '\0';
bio->type = WOLFSSL_BIO_SOCKET; bio->type = WOLFSSL_BIO_SOCKET;
} }
@ -2960,7 +2962,7 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
bio->wrSz = len; bio->wrSz = len;
bio->ptr.mem_buf_data = (byte *)bio->mem_buf->data; bio->ptr.mem_buf_data = (byte *)bio->mem_buf->data;
if (len > 0 && bio->ptr.mem_buf_data != NULL) { if (len > 0 && bio->ptr.mem_buf_data != NULL) {
XMEMCPY(bio->ptr.mem_buf_data, buf, len); XMEMCPY(bio->ptr.mem_buf_data, buf, (size_t)len);
bio->flags |= WOLFSSL_BIO_FLAG_MEM_RDONLY; bio->flags |= WOLFSSL_BIO_FLAG_MEM_RDONLY;
bio->wrSzReset = bio->wrSz; bio->wrSzReset = bio->wrSz;
} }
@ -3329,11 +3331,11 @@ int wolfSSL_BIO_vprintf(WOLFSSL_BIO* bio, const char* format, va_list args)
count = XVSNPRINTF(NULL, 0, format, args); count = XVSNPRINTF(NULL, 0, format, args);
if (count >= 0) if (count >= 0)
{ {
pt = (char*)XMALLOC(count + 1, bio->heap, pt = (char*)XMALLOC((size_t)count + 1, bio->heap,
DYNAMIC_TYPE_TMP_BUFFER); DYNAMIC_TYPE_TMP_BUFFER);
if (pt != NULL) if (pt != NULL)
{ {
count = XVSNPRINTF(pt, count + 1, format, copy); count = XVSNPRINTF(pt, (size_t)count + 1, format, copy);
if (count >= 0) if (count >= 0)
{ {
ret = wolfSSL_BIO_write(bio, pt, count); ret = wolfSSL_BIO_write(bio, pt, count);
@ -3403,18 +3405,20 @@ int wolfSSL_BIO_dump(WOLFSSL_BIO *bio, const char *buf, int length)
o = 7; o = 7;
for (i = 0; i < BIO_DUMP_LINE_LEN; i++) { for (i = 0; i < BIO_DUMP_LINE_LEN; i++) {
if (i < length) if (i < length)
(void)XSNPRINTF(line + o, (int)sizeof(line) - o, (void)XSNPRINTF(line + o, (size_t)((int)sizeof(line) - o),
"%02x ", (unsigned char)buf[i]); "%02x ", (unsigned char)buf[i]);
else else
(void)XSNPRINTF(line + o, (int)sizeof(line) - o, " "); (void)XSNPRINTF(line + o, (size_t)((int)sizeof(line) - o),
" ");
if (i == 7) if (i == 7)
(void)XSNPRINTF(line + o + 2, (int)sizeof(line) - (o + 2), "-"); (void)XSNPRINTF(line + o + 2, (size_t)((int)sizeof(line) -
(o + 2)), "-");
o += 3; o += 3;
} }
(void)XSNPRINTF(line + o, (int)sizeof(line) - o, " "); (void)XSNPRINTF(line + o, (size_t)((int)sizeof(line) - o), " ");
o += 2; o += 2;
for (i = 0; (i < BIO_DUMP_LINE_LEN) && (i < length); i++) { for (i = 0; (i < BIO_DUMP_LINE_LEN) && (i < length); i++) {
(void)XSNPRINTF(line + o, (int)sizeof(line) - o, "%c", (void)XSNPRINTF(line + o, (size_t)((int)sizeof(line) - o), "%c",
((31 < buf[i]) && (buf[i] < 127)) ? buf[i] : '.'); ((31 < buf[i]) && (buf[i] < 127)) ? buf[i] : '.');
o++; o++;
} }

129
src/internal.c
View File

@ -6918,8 +6918,8 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
* then we possibly already have a side defined. Don't overwrite unless * then we possibly already have a side defined. Don't overwrite unless
* the context has a well defined role. */ * the context has a well defined role. */
if (newSSL || ctx->method->side != WOLFSSL_NEITHER_END) if (newSSL || ctx->method->side != WOLFSSL_NEITHER_END)
ssl->options.side = ctx->method->side; ssl->options.side = (word16)(ctx->method->side);
ssl->options.downgrade = ctx->method->downgrade; ssl->options.downgrade = (word16)(ctx->method->downgrade);
ssl->options.minDowngrade = ctx->minDowngrade; ssl->options.minDowngrade = ctx->minDowngrade;
ssl->options.haveRSA = ctx->haveRSA; ssl->options.haveRSA = ctx->haveRSA;
@ -6931,7 +6931,7 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
ssl->options.haveDilithiumSig = ctx->haveDilithiumSig; ssl->options.haveDilithiumSig = ctx->haveDilithiumSig;
#ifndef NO_PSK #ifndef NO_PSK
ssl->options.havePSK = ctx->havePSK; ssl->options.havePSK = (word16)(ctx->havePSK);
ssl->options.client_psk_cb = ctx->client_psk_cb; ssl->options.client_psk_cb = ctx->client_psk_cb;
ssl->options.server_psk_cb = ctx->server_psk_cb; ssl->options.server_psk_cb = ctx->server_psk_cb;
ssl->options.psk_ctx = ctx->psk_ctx; ssl->options.psk_ctx = ctx->psk_ctx;
@ -7275,7 +7275,7 @@ void FreeHandshakeHashes(WOLFSSL* ssl)
(defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3))) && \ (defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3))) && \
!defined(WOLFSSL_NO_CLIENT_AUTH) !defined(WOLFSSL_NO_CLIENT_AUTH)
if (ssl->hsHashes->messages != NULL) { if (ssl->hsHashes->messages != NULL) {
ForceZero(ssl->hsHashes->messages, ssl->hsHashes->length); ForceZero(ssl->hsHashes->messages, (word32)ssl->hsHashes->length);
XFREE(ssl->hsHashes->messages, ssl->heap, DYNAMIC_TYPE_HASHES); XFREE(ssl->hsHashes->messages, ssl->heap, DYNAMIC_TYPE_HASHES);
ssl->hsHashes->messages = NULL; ssl->hsHashes->messages = NULL;
} }
@ -7343,8 +7343,9 @@ int InitHandshakeHashesAndCopy(WOLFSSL* ssl, HS_Hashes* source,
(defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3))) && \ (defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3))) && \
!defined(WOLFSSL_NO_CLIENT_AUTH) !defined(WOLFSSL_NO_CLIENT_AUTH)
if (ret == 0 && source->messages != NULL) { if (ret == 0 && source->messages != NULL) {
(*destination)->messages = (byte*)XMALLOC(source->length, ssl->heap, (*destination)->messages = (byte*)XMALLOC((size_t)source->length,
DYNAMIC_TYPE_HASHES); ssl->heap,
(int)DYNAMIC_TYPE_HASHES);
(*destination)->length = source->length; (*destination)->length = source->length;
(*destination)->prevLen = source->prevLen; (*destination)->prevLen = source->prevLen;
@ -7353,7 +7354,7 @@ int InitHandshakeHashesAndCopy(WOLFSSL* ssl, HS_Hashes* source,
} }
else { else {
XMEMCPY((*destination)->messages, source->messages, XMEMCPY((*destination)->messages, source->messages,
source->length); (size_t)source->length);
} }
} }
#endif #endif
@ -9890,7 +9891,7 @@ int DtlsMsgPoolSend(WOLFSSL* ssl, int sendOnlyFirstPacket)
WriteSEQ(ssl, epochOrder, dtls->sequence_number); WriteSEQ(ssl, epochOrder, dtls->sequence_number);
DtlsSEQIncrement(ssl, epochOrder); DtlsSEQIncrement(ssl, epochOrder);
if ((ret = CheckAvailableSize(ssl, pool->sz)) != 0) { if ((ret = CheckAvailableSize(ssl, (int)pool->sz)) != 0) {
WOLFSSL_ERROR(ret); WOLFSSL_ERROR(ret);
return ret; return ret;
} }
@ -10363,10 +10364,10 @@ int HashRaw(WOLFSSL* ssl, const byte* data, int sz)
#if !defined(NO_SHA) && (!defined(NO_OLD_TLS) || \ #if !defined(NO_SHA) && (!defined(NO_OLD_TLS) || \
defined(WOLFSSL_ALLOW_TLS_SHA1)) defined(WOLFSSL_ALLOW_TLS_SHA1))
wc_ShaUpdate(&ssl->hsHashes->hashSha, data, sz); wc_ShaUpdate(&ssl->hsHashes->hashSha, data, (word32)(sz));
#endif #endif
#if !defined(NO_MD5) && !defined(NO_OLD_TLS) #if !defined(NO_MD5) && !defined(NO_OLD_TLS)
wc_Md5Update(&ssl->hsHashes->hashMd5, data, sz); wc_Md5Update(&ssl->hsHashes->hashMd5, data, (word32)(sz));
#endif #endif
if (IsAtLeastTLSv1_2(ssl)) { if (IsAtLeastTLSv1_2(ssl)) {
@ -10686,7 +10687,7 @@ static int SendHandshakeMsg(WOLFSSL* ssl, byte* input, word32 inputSz,
if (!ssl->options.buildingMsg) { if (!ssl->options.buildingMsg) {
/* Hash it before the loop as we modify the input with /* Hash it before the loop as we modify the input with
* encryption on */ * encryption on */
ret = HashRaw(ssl, input + rHdrSz, inputSz + hsHdrSz); ret = HashRaw(ssl, input + rHdrSz, (int)(inputSz) + hsHdrSz);
if (ret != 0) if (ret != 0)
return ret; return ret;
#ifdef WOLFSSL_DTLS #ifdef WOLFSSL_DTLS
@ -10946,7 +10947,7 @@ void ShrinkInputBuffer(WOLFSSL* ssl, int forcedFree)
if (!forcedFree && usedLength > 0) { if (!forcedFree && usedLength > 0) {
XMEMCPY(ssl->buffers.inputBuffer.staticBuffer, XMEMCPY(ssl->buffers.inputBuffer.staticBuffer,
ssl->buffers.inputBuffer.buffer + ssl->buffers.inputBuffer.idx, ssl->buffers.inputBuffer.buffer + ssl->buffers.inputBuffer.idx,
usedLength); (size_t)(usedLength));
} }
ForceZero(ssl->buffers.inputBuffer.buffer, ForceZero(ssl->buffers.inputBuffer.buffer,
@ -11254,7 +11255,7 @@ int GrowInputBuffer(WOLFSSL* ssl, int size, int usedLength)
if (usedLength) if (usedLength)
XMEMCPY(tmp, ssl->buffers.inputBuffer.buffer + XMEMCPY(tmp, ssl->buffers.inputBuffer.buffer +
ssl->buffers.inputBuffer.idx, usedLength); ssl->buffers.inputBuffer.idx, (size_t)(usedLength));
if (ssl->buffers.inputBuffer.dynamicFlag) { if (ssl->buffers.inputBuffer.dynamicFlag) {
if (IsEncryptionOn(ssl, 1)) { if (IsEncryptionOn(ssl, 1)) {
@ -14068,7 +14069,7 @@ int SetupStoreCtxCallback(WOLFSSL_X509_STORE_CTX** store_pt,
if (subjectCNLen > ASN_NAME_MAX-1) if (subjectCNLen > ASN_NAME_MAX-1)
subjectCNLen = ASN_NAME_MAX-1; subjectCNLen = ASN_NAME_MAX-1;
if (subjectCNLen > 0) { if (subjectCNLen > 0) {
XMEMCPY(domain, args->dCert->subjectCN, subjectCNLen); XMEMCPY(domain, args->dCert->subjectCN, (size_t)(subjectCNLen));
domain[subjectCNLen] = '\0'; domain[subjectCNLen] = '\0';
} }
} }
@ -15967,7 +15968,8 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
WOLFSSL_MSG( WOLFSSL_MSG(
"\tCallback override available, will continue"); "\tCallback override available, will continue");
/* check if fatal error */ /* check if fatal error */
args->fatal = (args->verifyErr) ? 1 : 0; args->fatal = (args->verifyErr) ? (word16)(1)
: (word16)(0);
if (args->fatal) if (args->fatal)
DoCertFatalAlert(ssl, ret); DoCertFatalAlert(ssl, ret);
} }
@ -19643,7 +19645,7 @@ static WC_INLINE int EncryptDo(WOLFSSL* ssl, byte* out, const byte* input,
additionalSz = writeAeadAuthData(ssl, additionalSz = writeAeadAuthData(ssl,
/* Length of the plain text minus the explicit /* Length of the plain text minus the explicit
* IV length minus the authentication tag size. */ * IV length minus the authentication tag size. */
sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size, type, sz - (word16)(AESGCM_EXP_IV_SZ) - ssl->specs.aead_mac_size, type,
ssl->encrypt.additional, 0, NULL, CUR_ORDER); ssl->encrypt.additional, 0, NULL, CUR_ORDER);
if (additionalSz < 0) { if (additionalSz < 0) {
ret = additionalSz; ret = additionalSz;
@ -19667,19 +19669,19 @@ static WC_INLINE int EncryptDo(WOLFSSL* ssl, byte* out, const byte* input,
ssl->encrypt.nonce, AESGCM_NONCE_SZ, ssl->encrypt.nonce, AESGCM_NONCE_SZ,
out + sz - ssl->specs.aead_mac_size, out + sz - ssl->specs.aead_mac_size,
ssl->specs.aead_mac_size, ssl->specs.aead_mac_size,
ssl->encrypt.additional, additionalSz); ssl->encrypt.additional, (word32)(additionalSz));
} }
if (ret == WC_NO_ERR_TRACE(NOT_COMPILED_IN)) if (ret == WC_NO_ERR_TRACE(NOT_COMPILED_IN))
#endif /* HAVE_PK_CALLBACKS */ #endif /* HAVE_PK_CALLBACKS */
{ {
ret = aes_auth_fn(ssl->encrypt.aes, ret = aes_auth_fn(ssl->encrypt.aes,
out + AESGCM_EXP_IV_SZ, input + AESGCM_EXP_IV_SZ, out + AESGCM_EXP_IV_SZ, input + AESGCM_EXP_IV_SZ,
sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size, sz - (word16)(AESGCM_EXP_IV_SZ) - ssl->specs.aead_mac_size,
ssl->encrypt.nonce, AESGCM_NONCE_SZ, ssl->encrypt.nonce, AESGCM_NONCE_SZ,
out + sz - ssl->specs.aead_mac_size, out + sz - ssl->specs.aead_mac_size,
ssl->specs.aead_mac_size, ssl->specs.aead_mac_size,
ssl->encrypt.additional, additionalSz); ssl->encrypt.additional, (word32)(additionalSz));
} }
#ifdef WOLFSSL_ASYNC_CRYPT #ifdef WOLFSSL_ASYNC_CRYPT
@ -20135,24 +20137,24 @@ static WC_INLINE int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input,
ret = ssl->ctx->PerformTlsRecordProcessingCb(ssl, 0, ret = ssl->ctx->PerformTlsRecordProcessingCb(ssl, 0,
plain + AESGCM_EXP_IV_SZ, plain + AESGCM_EXP_IV_SZ,
input + AESGCM_EXP_IV_SZ, input + AESGCM_EXP_IV_SZ,
sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size, sz - (word16)(AESGCM_EXP_IV_SZ) - ssl->specs.aead_mac_size,
ssl->decrypt.nonce, AESGCM_NONCE_SZ, ssl->decrypt.nonce, AESGCM_NONCE_SZ,
(byte *)(input + sz - ssl->specs.aead_mac_size), (byte *)(input + sz - ssl->specs.aead_mac_size),
ssl->specs.aead_mac_size, ssl->specs.aead_mac_size,
ssl->decrypt.additional, additionalSz); ssl->decrypt.additional, (word32)(additionalSz));
} }
if (ret == WC_NO_ERR_TRACE(NOT_COMPILED_IN)) if (ret == WC_NO_ERR_TRACE(NOT_COMPILED_IN))
#endif /* HAVE_PK_CALLBACKS */ #endif /* HAVE_PK_CALLBACKS */
{ {
if ((ret = aes_auth_fn(ssl->decrypt.aes, if ((ret = aes_auth_fn(ssl->decrypt.aes,
plain + AESGCM_EXP_IV_SZ, plain + AESGCM_EXP_IV_SZ,
input + AESGCM_EXP_IV_SZ, input + AESGCM_EXP_IV_SZ,
sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size, sz - (word16)(AESGCM_EXP_IV_SZ) - ssl->specs.aead_mac_size,
ssl->decrypt.nonce, AESGCM_NONCE_SZ, ssl->decrypt.nonce, AESGCM_NONCE_SZ,
input + sz - ssl->specs.aead_mac_size, input + sz - ssl->specs.aead_mac_size,
ssl->specs.aead_mac_size, ssl->specs.aead_mac_size,
ssl->decrypt.additional, additionalSz)) < 0) { ssl->decrypt.additional, (word32)(additionalSz))) < 0) {
#ifdef WOLFSSL_ASYNC_CRYPT #ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) { if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
ret = wolfSSL_AsyncPush(ssl, ret = wolfSSL_AsyncPush(ssl,
@ -20913,7 +20915,7 @@ static byte MaskMac(const byte* data, int sz, int macSz, byte* expMac)
r = (macSz - (scanStart - macStart)) % WC_SHA384_DIGEST_SIZE; r = (macSz - (scanStart - macStart)) % WC_SHA384_DIGEST_SIZE;
#endif #endif
XMEMSET(mac, 0, macSz); XMEMSET(mac, 0, (size_t)(macSz));
for (i = scanStart; i < sz; i += macSz) { for (i = scanStart; i < sz; i += macSz) {
for (j = 0; j < macSz && j + i < sz; j++) { for (j = 0; j < macSz && j + i < sz; j++) {
started = ctMaskGTE(i + j, macStart); started = ctMaskGTE(i + j, macStart);
@ -21064,7 +21066,7 @@ int DoApplicationData(WOLFSSL* ssl, byte* input, word32* inOutIdx, int sniff)
} }
#endif #endif
dataSz = msgSz - ssl->keys.padSz; dataSz = (int)(msgSz - ssl->keys.padSz);
if (dataSz < 0) { if (dataSz < 0) {
WOLFSSL_MSG("App data buffer error, malicious input?"); WOLFSSL_MSG("App data buffer error, malicious input?");
if (sniff == NO_SNIFF) { if (sniff == NO_SNIFF) {
@ -21454,7 +21456,7 @@ static int GetInputData(WOLFSSL *ssl, word32 size)
if (usedLength > 0 && ssl->buffers.inputBuffer.idx != 0) if (usedLength > 0 && ssl->buffers.inputBuffer.idx != 0)
XMEMMOVE(ssl->buffers.inputBuffer.buffer, XMEMMOVE(ssl->buffers.inputBuffer.buffer,
ssl->buffers.inputBuffer.buffer + ssl->buffers.inputBuffer.idx, ssl->buffers.inputBuffer.buffer + ssl->buffers.inputBuffer.idx,
usedLength); (size_t)(usedLength));
/* remove processed data */ /* remove processed data */
ssl->buffers.inputBuffer.idx = 0; ssl->buffers.inputBuffer.idx = 0;
@ -23600,7 +23602,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
min(args->ivSz, MAX_IV_SZ)); min(args->ivSz, MAX_IV_SZ));
args->idx += min(args->ivSz, MAX_IV_SZ); args->idx += min(args->ivSz, MAX_IV_SZ);
} }
XMEMCPY(output + args->idx, input, inSz); XMEMCPY(output + args->idx, input, (size_t)(inSz));
args->idx += (word32)inSz; args->idx += (word32)inSz;
#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_DTLS_CID) #if defined(WOLFSSL_DTLS) && defined(WOLFSSL_DTLS_CID)
if (ssl->options.dtls && DtlsGetCidTxSize(ssl) > 0) { if (ssl->options.dtls && DtlsGetCidTxSize(ssl) > 0) {
@ -24369,12 +24371,12 @@ int SendCertificate(WOLFSSL* ssl)
else { else {
fragSz = maxFragment - HANDSHAKE_HEADER_SZ; fragSz = maxFragment - HANDSHAKE_HEADER_SZ;
} }
sendSz += fragSz + HANDSHAKE_HEADER_SZ; sendSz += (int)(fragSz) + HANDSHAKE_HEADER_SZ;
i += HANDSHAKE_HEADER_SZ; i += HANDSHAKE_HEADER_SZ;
} }
else { else {
fragSz = min(length, maxFragment); fragSz = min(length, maxFragment);
sendSz += fragSz; sendSz += (int)(fragSz);
} }
if (IsEncryptionOn(ssl, 1)) if (IsEncryptionOn(ssl, 1))
@ -24503,7 +24505,7 @@ int SendCertificate(WOLFSSL* ssl)
DYNAMIC_TYPE_IN_BUFFER); DYNAMIC_TYPE_IN_BUFFER);
if (input == NULL) if (input == NULL)
return MEMORY_E; return MEMORY_E;
XMEMCPY(input, output + recordHeaderSz, inputSz); XMEMCPY(input, output + recordHeaderSz, (size_t)(inputSz));
} }
#ifndef WOLFSSL_DTLS #ifndef WOLFSSL_DTLS
@ -24730,7 +24732,7 @@ int SendCertificateRequest(WOLFSSL* ssl)
if (input == NULL) if (input == NULL)
return MEMORY_E; return MEMORY_E;
XMEMCPY(input, output + recordHeaderSz, inputSz); XMEMCPY(input, output + recordHeaderSz, (size_t)(inputSz));
#ifdef WOLFSSL_DTLS #ifdef WOLFSSL_DTLS
if (IsDtlsNotSctpMode(ssl) && if (IsDtlsNotSctpMode(ssl) &&
(ret = DtlsMsgPoolSave(ssl, input, (word32)inputSz, (ret = DtlsMsgPoolSave(ssl, input, (word32)inputSz,
@ -25936,7 +25938,7 @@ startScr:
size = (sz < (size_t)ssl->buffers.clearOutputBuffer.length) ? size = (sz < (size_t)ssl->buffers.clearOutputBuffer.length) ?
(int)sz : (int)ssl->buffers.clearOutputBuffer.length; (int)sz : (int)ssl->buffers.clearOutputBuffer.length;
XMEMCPY(output, ssl->buffers.clearOutputBuffer.buffer, size); XMEMCPY(output, ssl->buffers.clearOutputBuffer.buffer, (size_t)(size));
if (peek == 0) { if (peek == 0) {
ssl->buffers.clearOutputBuffer.length -= (word32)size; ssl->buffers.clearOutputBuffer.length -= (word32)size;
@ -29395,7 +29397,7 @@ int DecodePrivateKey(WOLFSSL *ssl, word32* length)
(ssl->buffers.keyType == dilithium_level3_sa_algo) || (ssl->buffers.keyType == dilithium_level3_sa_algo) ||
(ssl->buffers.keyType == dilithium_level5_sa_algo)) (ssl->buffers.keyType == dilithium_level5_sa_algo))
ssl->hsType = DYNAMIC_TYPE_DILITHIUM; ssl->hsType = DYNAMIC_TYPE_DILITHIUM;
ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey); ret = AllocKey(ssl, (int)(ssl->hsType), &ssl->hsKey);
if (ret != 0) { if (ret != 0) {
goto exit_dpk; goto exit_dpk;
} }
@ -29409,9 +29411,10 @@ int DecodePrivateKey(WOLFSSL *ssl, word32* length)
} }
else if (ssl->buffers.keyId) { else if (ssl->buffers.keyId) {
ret = wc_InitRsaKey_Id((RsaKey*)ssl->hsKey, ret = wc_InitRsaKey_Id((RsaKey*)ssl->hsKey,
ssl->buffers.key->buffer, (ssl->buffers.key->buffer),
ssl->buffers.key->length, ssl->heap, (int)(ssl->buffers.key->length),
ssl->buffers.keyDevId); ssl->heap,
ssl->buffers.keyDevId);
} }
if (ret == 0) { if (ret == 0) {
if (ssl->buffers.keySz < ssl->options.minRsaKeySz) { if (ssl->buffers.keySz < ssl->options.minRsaKeySz) {
@ -29435,7 +29438,7 @@ int DecodePrivateKey(WOLFSSL *ssl, word32* length)
} }
else if (ssl->buffers.keyId) { else if (ssl->buffers.keyId) {
ret = wc_ecc_init_id((ecc_key*)ssl->hsKey, ret = wc_ecc_init_id((ecc_key*)ssl->hsKey,
ssl->buffers.key->buffer, (ssl->buffers.key->buffer),
ssl->buffers.key->length, ssl->heap, ssl->buffers.key->length, ssl->heap,
ssl->buffers.keyDevId); ssl->buffers.keyDevId);
} }
@ -30703,7 +30706,7 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
(void)idx; /* suppress analyzer warning, keep idx current */ (void)idx; /* suppress analyzer warning, keep idx current */
#else #else
if (extSz != 0) { if (extSz != 0) {
c16toa(extSz, output + idx); c16toa((word16)(extSz), output + idx);
idx += HELLO_EXT_SZ_SZ; idx += HELLO_EXT_SZ_SZ;
if (IsAtLeastTLSv1_2(ssl)) { if (IsAtLeastTLSv1_2(ssl)) {
@ -30748,7 +30751,7 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
if (input == NULL) if (input == NULL)
return MEMORY_E; return MEMORY_E;
XMEMCPY(input, output + recordHeaderSz, inputSz); XMEMCPY(input, output + recordHeaderSz, (size_t)(inputSz));
#ifdef WOLFSSL_DTLS #ifdef WOLFSSL_DTLS
if (IsDtlsNotSctpMode(ssl) && if (IsDtlsNotSctpMode(ssl) &&
(ret = DtlsMsgPoolSave(ssl, input, (word32)inputSz, (ret = DtlsMsgPoolSave(ssl, input, (word32)inputSz,
@ -31250,7 +31253,9 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
else else
i += extSz; i += extSz;
totalExtSz -= OPAQUE16_LEN + OPAQUE16_LEN + extSz; totalExtSz -= (word16)(OPAQUE16_LEN) +
(word16)(OPAQUE16_LEN) +
extSz;
} }
*inOutIdx = i; *inOutIdx = i;
@ -31562,7 +31567,7 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
#endif #endif
*inOutIdx += dnSz; *inOutIdx += dnSz;
len -= OPAQUE16_LEN + dnSz; len -= (word16)(OPAQUE16_LEN) + dnSz;
} }
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
@ -32074,7 +32079,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
/* get PSK server hint from the wire */ /* get PSK server hint from the wire */
srvHintLen = (int)min(length, MAX_PSK_ID_LEN); srvHintLen = (int)min(length, MAX_PSK_ID_LEN);
XMEMCPY(ssl->arrays->server_hint, input + args->idx, XMEMCPY(ssl->arrays->server_hint, input + args->idx,
srvHintLen); (size_t)(srvHintLen));
ssl->arrays->server_hint[srvHintLen] = '\0'; /* null term */ ssl->arrays->server_hint[srvHintLen] = '\0'; /* null term */
args->idx += length; args->idx += length;
break; break;
@ -32294,7 +32299,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
/* get PSK server hint from the wire */ /* get PSK server hint from the wire */
srvHintLen = (int)min(length, MAX_PSK_ID_LEN); srvHintLen = (int)min(length, MAX_PSK_ID_LEN);
XMEMCPY(ssl->arrays->server_hint, input + args->idx, XMEMCPY(ssl->arrays->server_hint, input + args->idx,
srvHintLen); (size_t)(srvHintLen));
ssl->arrays->server_hint[srvHintLen] = '\0'; /* null term */ ssl->arrays->server_hint[srvHintLen] = '\0'; /* null term */
args->idx += length; args->idx += length;
@ -33210,7 +33215,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
/* create private key */ /* create private key */
ssl->hsType = DYNAMIC_TYPE_CURVE25519; ssl->hsType = DYNAMIC_TYPE_CURVE25519;
ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey); ret = AllocKey(ssl, (int)(ssl->hsType), &ssl->hsKey);
if (ret != 0) { if (ret != 0) {
goto exit_scke; goto exit_scke;
} }
@ -33261,7 +33266,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
/* create ephemeral private key */ /* create ephemeral private key */
ssl->hsType = DYNAMIC_TYPE_ECC; ssl->hsType = DYNAMIC_TYPE_ECC;
ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey); ret = AllocKey(ssl, (int)(ssl->hsType), &ssl->hsKey);
if (ret != 0) { if (ret != 0) {
goto exit_scke; goto exit_scke;
} }
@ -33312,7 +33317,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
/* create private key */ /* create private key */
ssl->hsType = DYNAMIC_TYPE_CURVE25519; ssl->hsType = DYNAMIC_TYPE_CURVE25519;
ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey); ret = AllocKey(ssl, (int)(ssl->hsType), &ssl->hsKey);
if (ret != 0) { if (ret != 0) {
goto exit_scke; goto exit_scke;
} }
@ -35427,7 +35432,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if (input == NULL) if (input == NULL)
return MEMORY_E; return MEMORY_E;
XMEMCPY(input, output + recordHeaderSz, inputSz); XMEMCPY(input, output + recordHeaderSz, (size_t)(inputSz));
#ifdef WOLFSSL_DTLS #ifdef WOLFSSL_DTLS
if (IsDtlsNotSctpMode(ssl) && if (IsDtlsNotSctpMode(ssl) &&
(ret = DtlsMsgPoolSave(ssl, input, (word32)inputSz, server_hello)) != 0) { (ret = DtlsMsgPoolSave(ssl, input, (word32)inputSz, server_hello)) != 0) {
@ -37883,8 +37888,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if (pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_3_MINOR) if (pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_3_MINOR)
pv.minor = TLSv1_2_MINOR; pv.minor = TLSv1_2_MINOR;
lesserVersion = !ssl->options.dtls && ssl->version.minor > pv.minor; lesserVersion = (byte)(!ssl->options.dtls &&
lesserVersion |= ssl->options.dtls && ssl->version.minor < pv.minor; ssl->version.minor > pv.minor);
lesserVersion |= ssl->options.dtls &&ssl->version.minor < pv.minor;
if (lesserVersion) { if (lesserVersion) {
byte belowMinDowngrade; byte belowMinDowngrade;
@ -38343,7 +38349,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
else else
i += extSz; i += extSz;
totalExtSz -= OPAQUE16_LEN + OPAQUE16_LEN + extSz; totalExtSz -= (word16)(OPAQUE16_LEN + OPAQUE16_LEN) + extSz;
} }
#endif #endif
*inOutIdx = i; *inOutIdx = i;
@ -38959,7 +38965,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if (input == NULL) if (input == NULL)
return MEMORY_E; return MEMORY_E;
XMEMCPY(input, output + recordHeaderSz, inputSz); XMEMCPY(input, output + recordHeaderSz, (size_t)(inputSz));
#ifdef WOLFSSL_DTLS #ifdef WOLFSSL_DTLS
if (IsDtlsNotSctpMode(ssl) && if (IsDtlsNotSctpMode(ssl) &&
(ret = DtlsMsgPoolSave(ssl, input, (word32)inputSz, server_hello_done)) != 0) { (ret = DtlsMsgPoolSave(ssl, input, (word32)inputSz, server_hello_done)) != 0) {
@ -41783,8 +41789,7 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ],
ret = args->lastErr; ret = args->lastErr;
args->lastErr = 0; /* reset */ args->lastErr = 0; /* reset */
/* On error 'ret' will be negative */ /* On error 'ret' will be negative */
mask = ((unsigned int)ret >> mask = (byte)((ret >> ((sizeof(ret) * 8) - 1)) & 0xFF) - 1;
((sizeof(ret) * 8) - 1)) - 1;
/* build PreMasterSecret */ /* build PreMasterSecret */
ssl->arrays->preMasterSecret[0] = ssl->chVersion.major; ssl->arrays->preMasterSecret[0] = ssl->chVersion.major;

12
src/keys.c
View File

@ -3908,7 +3908,8 @@ int DeriveKeys(WOLFSSL* ssl)
XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN); XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN);
if (ret == 0) { if (ret == 0) {
ret = wc_ShaUpdate(sha, shaInput, ret = wc_ShaUpdate(sha, shaInput,
(KEY_PREFIX + SECRET_LEN + 2 * RAN_LEN) - KEY_PREFIX + j); (KEY_PREFIX + SECRET_LEN + 2 * RAN_LEN) - KEY_PREFIX +
(word32)(j));
} }
if (ret == 0) { if (ret == 0) {
ret = wc_ShaFinal(sha, shaOutput); ret = wc_ShaFinal(sha, shaOutput);
@ -3942,12 +3943,13 @@ int DeriveKeys(WOLFSSL* ssl)
static int CleanPreMaster(WOLFSSL* ssl) static int CleanPreMaster(WOLFSSL* ssl)
{ {
int i, ret, sz = ssl->arrays->preMasterSz; int i, ret, sz = (int)(ssl->arrays->preMasterSz);
for (i = 0; i < sz; i++) for (i = 0; i < sz; i++)
ssl->arrays->preMasterSecret[i] = 0; ssl->arrays->preMasterSecret[i] = 0;
ret = wc_RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret, sz); ret = wc_RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret,
(word32)(sz));
if (ret != 0) if (ret != 0)
return ret; return ret;
@ -4035,8 +4037,8 @@ static int MakeSslMasterSecret(WOLFSSL* ssl)
} }
idx = 0; idx = 0;
XMEMCPY(shaInput, prefix, i + 1); XMEMCPY(shaInput, prefix, (size_t)(i + 1));
idx += i + 1; idx += (word32)(i + 1);
XMEMCPY(shaInput + idx, ssl->arrays->preMasterSecret, pmsSz); XMEMCPY(shaInput + idx, ssl->arrays->preMasterSecret, pmsSz);
idx += pmsSz; idx += pmsSz;

64
src/pk.c
View File

@ -414,7 +414,7 @@ int EncryptDerKey(byte *der, int *derSz, const WOLFSSL_EVP_CIPHER* cipher,
if (ret == 0) { if (ret == 0) {
/* Generate a random salt. */ /* Generate a random salt. */
if (wolfSSL_RAND_bytes(info->iv, info->ivSz) != 1) { if (wolfSSL_RAND_bytes(info->iv, (int)info->ivSz) != 1) {
WOLFSSL_MSG("generate iv failed"); WOLFSSL_MSG("generate iv failed");
ret = WOLFSSL_FATAL_ERROR; ret = WOLFSSL_FATAL_ERROR;
} }
@ -422,7 +422,7 @@ int EncryptDerKey(byte *der, int *derSz, const WOLFSSL_EVP_CIPHER* cipher,
if (ret == 0) { if (ret == 0) {
/* Calculate padding size - always a padding block. */ /* Calculate padding size - always a padding block. */
paddingSz = info->ivSz - ((*derSz) % info->ivSz); paddingSz = (int)info->ivSz - ((*derSz) % (int)info->ivSz);
/* Check der is big enough. */ /* Check der is big enough. */
if (maxDerSz < (*derSz) + paddingSz) { if (maxDerSz < (*derSz) + paddingSz) {
WOLFSSL_MSG("not enough DER buffer allocated"); WOLFSSL_MSG("not enough DER buffer allocated");
@ -431,7 +431,7 @@ int EncryptDerKey(byte *der, int *derSz, const WOLFSSL_EVP_CIPHER* cipher,
} }
if (ret == 0) { if (ret == 0) {
/* Set padding bytes to padding length. */ /* Set padding bytes to padding length. */
XMEMSET(der + (*derSz), (byte)paddingSz, paddingSz); XMEMSET(der + (*derSz), (byte)paddingSz, (size_t)paddingSz);
/* Add padding to DER size. */ /* Add padding to DER size. */
(*derSz) += (int)paddingSz; (*derSz) += (int)paddingSz;
@ -5645,7 +5645,8 @@ static int dsa_do_verify(const unsigned char* d, int dLen, unsigned char* sig,
ret = dLen == WC_SHA_DIGEST_SIZE ? ret = dLen == WC_SHA_DIGEST_SIZE ?
wc_DsaVerify(d, sig, (DsaKey*)dsa->internal, dsacheck) : BAD_FUNC_ARG; wc_DsaVerify(d, sig, (DsaKey*)dsa->internal, dsacheck) : BAD_FUNC_ARG;
#else #else
ret = wc_DsaVerify_ex(d, dLen, sig, (DsaKey*)dsa->internal, dsacheck); ret = wc_DsaVerify_ex(d, (word32)dLen, sig, (DsaKey*)dsa->internal,
dsacheck);
#endif #endif
if (ret != 0) { if (ret != 0) {
WOLFSSL_MSG("DsaVerify failed"); WOLFSSL_MSG("DsaVerify failed");
@ -9490,16 +9491,16 @@ int wolfSSL_i2d_ECPKParameters(const WOLFSSL_EC_GROUP* grp, unsigned char** pp)
/* Get the actual DER encoding of the OID. ecc_sets[grp->curve_idx].oid /* Get the actual DER encoding of the OID. ecc_sets[grp->curve_idx].oid
* is just the numerical representation. */ * is just the numerical representation. */
if (wc_ecc_get_oid(grp->curve_oid, &oid, &oidSz) < 0) if (wc_ecc_get_oid((word32)grp->curve_oid, &oid, &oidSz) < 0)
return WOLFSSL_FATAL_ERROR; return WOLFSSL_FATAL_ERROR;
len = SetObjectId(oidSz, NULL) + oidSz; len = SetObjectId((int)oidSz, NULL) + (int)oidSz;
if (pp == NULL) if (pp == NULL)
return len; return len;
if (*pp == NULL) { if (*pp == NULL) {
out = (unsigned char*)XMALLOC(len, NULL, DYNAMIC_TYPE_ASN1); out = (unsigned char*)XMALLOC((size_t)len, NULL, DYNAMIC_TYPE_ASN1);
if (out == NULL) if (out == NULL)
return WOLFSSL_FATAL_ERROR; return WOLFSSL_FATAL_ERROR;
} }
@ -9507,7 +9508,7 @@ int wolfSSL_i2d_ECPKParameters(const WOLFSSL_EC_GROUP* grp, unsigned char** pp)
out = *pp; out = *pp;
} }
idx = SetObjectId(oidSz, out); idx = SetObjectId((int)oidSz, out);
XMEMCPY(out + idx, oid, oidSz); XMEMCPY(out + idx, oid, oidSz);
if (*pp == NULL) if (*pp == NULL)
*pp = out; *pp = out;
@ -10288,7 +10289,7 @@ WOLFSSL_EC_POINT* wolfSSL_EC_POINT_hex2point(const WOLFSSL_EC_GROUP *group,
key_sz = (wolfSSL_EC_GROUP_get_degree(group) + 7) / 8; key_sz = (wolfSSL_EC_GROUP_get_degree(group) + 7) / 8;
if (hex[0] == '0' && hex[1] == '4') { /* uncompressed mode */ if (hex[0] == '0' && hex[1] == '4') { /* uncompressed mode */
str_sz = key_sz * 2; str_sz = (size_t)key_sz * 2;
XMEMSET(strGx, 0x0, str_sz + 1); XMEMSET(strGx, 0x0, str_sz + 1);
XMEMCPY(strGx, hex + 2, str_sz); XMEMCPY(strGx, hex + 2, str_sz);
@ -10314,7 +10315,7 @@ WOLFSSL_EC_POINT* wolfSSL_EC_POINT_hex2point(const WOLFSSL_EC_GROUP *group,
if (hex_to_bytes(hex + 2, octGx + 1, sz) != sz) { if (hex_to_bytes(hex + 2, octGx + 1, sz) != sz) {
goto err; goto err;
} }
if (wolfSSL_ECPoint_d2i(octGx, key_sz + 1, group, p) if (wolfSSL_ECPoint_d2i(octGx, (word32)key_sz + 1, group, p)
!= WOLFSSL_SUCCESS) { != WOLFSSL_SUCCESS) {
goto err; goto err;
} }
@ -15495,7 +15496,7 @@ int wolfSSL_PEM_def_callback(char* buf, int num, int rwFlag, void* userData)
if ((buf != NULL) && (userData != NULL)) { if ((buf != NULL) && (userData != NULL)) {
sz = (int)XSTRLEN((const char*)userData); sz = (int)XSTRLEN((const char*)userData);
sz = (int)min((word32)sz, (word32)num); sz = (int)min((word32)sz, (word32)num);
XMEMCPY(buf, userData, sz); XMEMCPY(buf, userData, (size_t)sz);
} }
else { else {
WOLFSSL_MSG("Error, default password cannot be created."); WOLFSSL_MSG("Error, default password cannot be created.");
@ -15989,7 +15990,7 @@ static void pem_find_pattern(char* pem, int pemLen, int idx, const char* prefix,
/* Find prefix part. */ /* Find prefix part. */
for (; idx < pemLen - prefixLen; idx++) { for (; idx < pemLen - prefixLen; idx++) {
if ((pem[idx] == prefix[0]) && if ((pem[idx] == prefix[0]) &&
(XMEMCMP(pem + idx, prefix, prefixLen) == 0)) { (XMEMCMP(pem + idx, prefix, (size_t)prefixLen) == 0)) {
idx += prefixLen; idx += prefixLen;
*start = idx; *start = idx;
break; break;
@ -15998,7 +15999,7 @@ static void pem_find_pattern(char* pem, int pemLen, int idx, const char* prefix,
/* Find postfix part. */ /* Find postfix part. */
for (; idx < pemLen - postfixLen; idx++) { for (; idx < pemLen - postfixLen; idx++) {
if ((pem[idx] == postfix[0]) && if ((pem[idx] == postfix[0]) &&
(XMEMCMP(pem + idx, postfix, postfixLen) == 0)) { (XMEMCMP(pem + idx, postfix, (size_t)postfixLen) == 0)) {
*len = idx - *start; *len = idx - *start;
break; break;
} }
@ -16034,7 +16035,7 @@ static int pem_read_data(char* pem, int pemLen, char **name, char **header,
/* Find header. */ /* Find header. */
pem_find_pattern(pem, pemLen, 0, PEM_BEGIN, PEM_HDR_FIN, &start, &nameLen); pem_find_pattern(pem, pemLen, 0, PEM_BEGIN, PEM_HDR_FIN, &start, &nameLen);
/* Allocate memory for header name. */ /* Allocate memory for header name. */
*name = (char*)XMALLOC(nameLen + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER); *name = (char*)XMALLOC((size_t)nameLen + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (*name == NULL) { if (*name == NULL) {
ret = MEMORY_E; ret = MEMORY_E;
} }
@ -16045,7 +16046,7 @@ static int pem_read_data(char* pem, int pemLen, char **name, char **header,
ret = ASN_NO_PEM_HEADER; ret = ASN_NO_PEM_HEADER;
} }
else { else {
XMEMCPY(*name, pem + start, nameLen); XMEMCPY(*name, pem + start, (size_t)nameLen);
} }
} }
if (ret == 0) { if (ret == 0) {
@ -16057,7 +16058,8 @@ static int pem_read_data(char* pem, int pemLen, char **name, char **header,
hdrLen++; hdrLen++;
} }
/* Allocate memory for encryption header string. */ /* Allocate memory for encryption header string. */
*header = (char*)XMALLOC(hdrLen + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER); *header = (char*)XMALLOC((size_t)hdrLen + 1, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (*header == NULL) { if (*header == NULL) {
ret = MEMORY_E; ret = MEMORY_E;
} }
@ -16066,7 +16068,7 @@ static int pem_read_data(char* pem, int pemLen, char **name, char **header,
/* Put in encryption header string. */ /* Put in encryption header string. */
(*header)[hdrLen] = '\0'; (*header)[hdrLen] = '\0';
if (hdrLen > 0) { if (hdrLen > 0) {
XMEMCPY(*header, pem + startHdr, hdrLen); XMEMCPY(*header, pem + startHdr, (size_t)hdrLen);
start = startHdr + hdrLen + 1; start = startHdr + hdrLen + 1;
} }
@ -16075,7 +16077,7 @@ static int pem_read_data(char* pem, int pemLen, char **name, char **header,
&endLen); &endLen);
/* Validate header name and footer name are the same. */ /* Validate header name and footer name are the same. */
if ((endLen != nameLen) || if ((endLen != nameLen) ||
(XMEMCMP(*name, pem + startEnd, nameLen) != 0)) { (XMEMCMP(*name, pem + startEnd, (size_t)nameLen) != 0)) {
ret = ASN_NO_PEM_HEADER; ret = ASN_NO_PEM_HEADER;
} }
} }
@ -16125,13 +16127,13 @@ static int pem_write_data(const char *name, const char *header,
pemLen = (derLen + 2) / 3 * 4; pemLen = (derLen + 2) / 3 * 4;
pemLen += (pemLen + 63) / 64; pemLen += (pemLen + 63) / 64;
/* Header */ /* Header */
pemLen += PEM_BEGIN_SZ + nameLen + PEM_HDR_FIN_EOL_SZ; pemLen += (word32)(PEM_BEGIN_SZ + nameLen + PEM_HDR_FIN_EOL_SZ);
if (headerLen > 0) { if (headerLen > 0) {
/* Encryption lines plus extra carriage return. */ /* Encryption lines plus extra carriage return. */
pemLen += headerLen + 1; pemLen += (word32)headerLen + 1;
} }
/* Trailer */ /* Trailer */
pemLen += PEM_END_SZ + nameLen + PEM_HDR_FIN_EOL_SZ; pemLen += (word32)(PEM_END_SZ + nameLen + PEM_HDR_FIN_EOL_SZ);
pem = (char*)XMALLOC(pemLen, NULL, DYNAMIC_TYPE_TMP_BUFFER); pem = (char*)XMALLOC(pemLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (pem == NULL) { if (pem == NULL) {
@ -16143,14 +16145,14 @@ static int pem_write_data(const char *name, const char *header,
/* Add header. */ /* Add header. */
XMEMCPY(p, PEM_BEGIN, PEM_BEGIN_SZ); XMEMCPY(p, PEM_BEGIN, PEM_BEGIN_SZ);
p += PEM_BEGIN_SZ; p += PEM_BEGIN_SZ;
XMEMCPY(p, name, nameLen); XMEMCPY(p, name, (size_t)nameLen);
p += nameLen; p += nameLen;
XMEMCPY(p, PEM_HDR_FIN_EOL_NEWLINE, PEM_HDR_FIN_EOL_SZ); XMEMCPY(p, PEM_HDR_FIN_EOL_NEWLINE, PEM_HDR_FIN_EOL_SZ);
p += PEM_HDR_FIN_EOL_SZ; p += PEM_HDR_FIN_EOL_SZ;
if (headerLen > 0) { if (headerLen > 0) {
/* Add encryption header. */ /* Add encryption header. */
XMEMCPY(p, header, headerLen); XMEMCPY(p, header, (size_t)headerLen);
p += headerLen; p += headerLen;
/* Blank line after a header and before body. */ /* Blank line after a header and before body. */
*(p++) = '\n'; *(p++) = '\n';
@ -16166,7 +16168,7 @@ static int pem_write_data(const char *name, const char *header,
/* Add trailer. */ /* Add trailer. */
XMEMCPY(p, PEM_END, PEM_END_SZ); XMEMCPY(p, PEM_END, PEM_END_SZ);
p += PEM_END_SZ; p += PEM_END_SZ;
XMEMCPY(p, name, nameLen); XMEMCPY(p, name, (size_t)nameLen);
p += nameLen; p += nameLen;
XMEMCPY(p, PEM_HDR_FIN_EOL_NEWLINE, PEM_HDR_FIN_EOL_SZ); XMEMCPY(p, PEM_HDR_FIN_EOL_NEWLINE, PEM_HDR_FIN_EOL_SZ);
p += PEM_HDR_FIN_EOL_SZ; p += PEM_HDR_FIN_EOL_SZ;
@ -16214,13 +16216,13 @@ int wolfSSL_PEM_read_bio(WOLFSSL_BIO* bio, char **name, char **header,
} }
if ((res == 1) && (!memAlloced)) { if ((res == 1) && (!memAlloced)) {
/* Need to return allocated memory - make sure it is allocated. */ /* Need to return allocated memory - make sure it is allocated. */
char* p = (char*)XMALLOC(pemLen, NULL, DYNAMIC_TYPE_TMP_BUFFER); char* p = (char*)XMALLOC((size_t)pemLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (p == NULL) { if (p == NULL) {
res = 0; res = 0;
} }
else { else {
/* Copy the data into new buffer. */ /* Copy the data into new buffer. */
XMEMCPY(p, pem, pemLen); XMEMCPY(p, pem, (size_t)pemLen);
pem = p; pem = p;
} }
} }
@ -16272,7 +16274,7 @@ int wolfSSL_PEM_write_bio(WOLFSSL_BIO* bio, const char *name,
} }
XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return (!err) ? pemLen : 0; return (!err) ? (int)pemLen : 0;
} }
#endif /* !NO_BIO */ #endif /* !NO_BIO */
@ -16497,7 +16499,7 @@ int pkcs8_encrypt(WOLFSSL_EVP_PKEY* pkey,
if (ret == 0) { if (ret == 0) {
/* Encrypt private into buffer. */ /* Encrypt private into buffer. */
ret = TraditionalEnc((byte*)pkey->pkey.ptr, pkey->pkey_sz, ret = TraditionalEnc((byte*)pkey->pkey.ptr, (word32)pkey->pkey_sz,
key, keySz, passwd, passwdSz, PKCS5, PBES2, encAlgId, key, keySz, passwd, passwdSz, PKCS5, PBES2, encAlgId,
NULL, 0, WC_PKCS12_ITT_DEFAULT, &rng, NULL); NULL, 0, WC_PKCS12_ITT_DEFAULT, &rng, NULL);
if (ret > 0) { if (ret > 0) {
@ -16531,7 +16533,7 @@ int pkcs8_encode(WOLFSSL_EVP_PKEY* pkey, byte* key, word32* keySz)
if (pkey->type == WC_EVP_PKEY_EC) { if (pkey->type == WC_EVP_PKEY_EC) {
/* ECC private and get curve OID information. */ /* ECC private and get curve OID information. */
algId = ECDSAk; algId = ECDSAk;
ret = wc_ecc_get_oid(pkey->ecc->group->curve_oid, &curveOid, ret = wc_ecc_get_oid((word32)pkey->ecc->group->curve_oid, &curveOid,
&oidSz); &oidSz);
} }
else else
@ -16558,7 +16560,7 @@ int pkcs8_encode(WOLFSSL_EVP_PKEY* pkey, byte* key, word32* keySz)
if (keySz == NULL) if (keySz == NULL)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
*keySz = pkey->pkey_sz; *keySz = (word32)pkey->pkey_sz;
if (key == NULL) if (key == NULL)
return LENGTH_ONLY_E; return LENGTH_ONLY_E;
@ -16579,7 +16581,7 @@ int pkcs8_encode(WOLFSSL_EVP_PKEY* pkey, byte* key, word32* keySz)
if (ret >= 0) { if (ret >= 0) {
/* Encode private key in PKCS#8 format. */ /* Encode private key in PKCS#8 format. */
ret = wc_CreatePKCS8Key(key, keySz, (byte*)pkey->pkey.ptr, ret = wc_CreatePKCS8Key(key, keySz, (byte*)pkey->pkey.ptr,
pkey->pkey_sz, algId, curveOid, oidSz); (word32)pkey->pkey_sz, algId, curveOid, oidSz);
} }
return ret; return ret;

178
src/ssl.c
View File

@ -1620,7 +1620,7 @@ int wolfSSL_get_ciphers(char* buf, int len)
for (i = 0; i < ciphersSz; i++) { for (i = 0; i < ciphersSz; i++) {
int cipherNameSz = (int)XSTRLEN(ciphers[i].name); int cipherNameSz = (int)XSTRLEN(ciphers[i].name);
if (cipherNameSz + 1 < len) { if (cipherNameSz + 1 < len) {
XSTRNCPY(buf, ciphers[i].name, len); XSTRNCPY(buf, ciphers[i].name, (size_t)len);
buf += cipherNameSz; buf += cipherNameSz;
if (i < ciphersSz - 1) if (i < ciphersSz - 1)
@ -1657,7 +1657,7 @@ int wolfSSL_get_ciphers_iana(char* buf, int len)
#endif #endif
cipherNameSz = (int)XSTRLEN(ciphers[i].name_iana); cipherNameSz = (int)XSTRLEN(ciphers[i].name_iana);
if (cipherNameSz + 1 < len) { if (cipherNameSz + 1 < len) {
XSTRNCPY(buf, ciphers[i].name_iana, len); XSTRNCPY(buf, ciphers[i].name_iana, (size_t)len);
buf += cipherNameSz; buf += cipherNameSz;
if (i < ciphersSz - 1) if (i < ciphersSz - 1)
@ -1683,7 +1683,7 @@ const char* wolfSSL_get_shared_ciphers(WOLFSSL* ssl, char* buf, int len)
cipher = wolfSSL_get_cipher_name_iana(ssl); cipher = wolfSSL_get_cipher_name_iana(ssl);
len = (int)min((word32)len, (word32)(XSTRLEN(cipher) + 1)); len = (int)min((word32)len, (word32)(XSTRLEN(cipher) + 1));
XMEMCPY(buf, cipher, len); XMEMCPY(buf, cipher, (size_t)len);
return buf; return buf;
} }
@ -2247,7 +2247,7 @@ int wolfSSL_export_dtls_srtp_keying_material(WOLFSSL* ssl,
return BUFFER_E; return BUFFER_E;
} }
return wolfSSL_export_keying_material(ssl, out, profile->kdfBits, return wolfSSL_export_keying_material(ssl, out, (size_t)profile->kdfBits,
DTLS_SRTP_KEYING_MATERIAL_LABEL, DTLS_SRTP_KEYING_MATERIAL_LABEL,
XSTR_SIZEOF(DTLS_SRTP_KEYING_MATERIAL_LABEL), NULL, 0, 0); XSTR_SIZEOF(DTLS_SRTP_KEYING_MATERIAL_LABEL), NULL, 0, 0);
} }
@ -3847,7 +3847,7 @@ int wolfSSL_ALPN_GetPeerProtocol(WOLFSSL* ssl, char **list, word16 *listSz)
*list = NULL; *list = NULL;
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
XMEMCPY(p, s + i, len); XMEMCPY(p, s + i, (size_t)len);
} }
*p = 0; *p = 0;
@ -7337,7 +7337,7 @@ static int d2iTryRsaKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem,
} }
pkey->pkey_sz = (int)keyIdx; pkey->pkey_sz = (int)keyIdx;
pkey->pkey.ptr = (char*)XMALLOC(memSz, NULL, pkey->pkey.ptr = (char*)XMALLOC((size_t)memSz, NULL,
priv ? DYNAMIC_TYPE_PRIVATE_KEY : priv ? DYNAMIC_TYPE_PRIVATE_KEY :
DYNAMIC_TYPE_PUBLIC_KEY); DYNAMIC_TYPE_PUBLIC_KEY);
if (pkey->pkey.ptr == NULL) { if (pkey->pkey.ptr == NULL) {
@ -7509,7 +7509,7 @@ static int d2iTryDsaKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem,
} }
pkey->pkey_sz = (int)keyIdx; pkey->pkey_sz = (int)keyIdx;
pkey->pkey.ptr = (char*)XMALLOC(memSz, NULL, pkey->pkey.ptr = (char*)XMALLOC((size_t)memSz, NULL,
priv ? DYNAMIC_TYPE_PRIVATE_KEY : priv ? DYNAMIC_TYPE_PRIVATE_KEY :
DYNAMIC_TYPE_PUBLIC_KEY); DYNAMIC_TYPE_PUBLIC_KEY);
if (pkey->pkey.ptr == NULL) { if (pkey->pkey.ptr == NULL) {
@ -7593,14 +7593,14 @@ static int d2iTryDhKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem,
} }
pkey->pkey_sz = (int)memSz; pkey->pkey_sz = (int)memSz;
pkey->pkey.ptr = (char*)XMALLOC(memSz, NULL, pkey->pkey.ptr = (char*)XMALLOC((size_t)memSz, NULL,
priv ? DYNAMIC_TYPE_PRIVATE_KEY : priv ? DYNAMIC_TYPE_PRIVATE_KEY :
DYNAMIC_TYPE_PUBLIC_KEY); DYNAMIC_TYPE_PUBLIC_KEY);
if (pkey->pkey.ptr == NULL) { if (pkey->pkey.ptr == NULL) {
ret = 0; ret = 0;
} }
if (ret == 1) { if (ret == 1) {
XMEMCPY(pkey->pkey.ptr, mem, memSz); XMEMCPY(pkey->pkey.ptr, mem, (size_t)memSz);
pkey->type = WC_EVP_PKEY_DH; pkey->type = WC_EVP_PKEY_DH;
pkey->ownDh = 1; pkey->ownDh = 1;
@ -7678,14 +7678,14 @@ static int d2iTryAltDhKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem,
ret = 1; ret = 1;
pkey->type = WC_EVP_PKEY_DH; pkey->type = WC_EVP_PKEY_DH;
pkey->pkey_sz = (int)memSz; pkey->pkey_sz = (int)memSz;
pkey->pkey.ptr = (char*)XMALLOC(memSz, NULL, pkey->pkey.ptr = (char*)XMALLOC((size_t)memSz, NULL,
priv ? DYNAMIC_TYPE_PRIVATE_KEY : priv ? DYNAMIC_TYPE_PRIVATE_KEY :
DYNAMIC_TYPE_PUBLIC_KEY); DYNAMIC_TYPE_PUBLIC_KEY);
if (pkey->pkey.ptr == NULL) { if (pkey->pkey.ptr == NULL) {
ret = 0; ret = 0;
} }
if (ret == 1) { if (ret == 1) {
XMEMCPY(pkey->pkey.ptr, mem, memSz); XMEMCPY(pkey->pkey.ptr, mem, (size_t)memSz);
pkey->ownDh = 1; pkey->ownDh = 1;
pkey->dh = wolfSSL_DH_new(); pkey->dh = wolfSSL_DH_new();
if (pkey->dh == NULL) { if (pkey->dh == NULL) {
@ -8006,16 +8006,16 @@ WOLFSSL_PKCS8_PRIV_KEY_INFO* wolfSSL_d2i_PKCS8_PKEY(
pkcs8Der->length, &algId); pkcs8Der->length, &algId);
if (ret >= 0) { if (ret >= 0) {
if (advanceLen == 0) /* Set only if not PEM */ if (advanceLen == 0) /* Set only if not PEM */
advanceLen = inOutIdx + ret; advanceLen = (int)inOutIdx + ret;
if (algId == DHk) { if (algId == DHk) {
/* Special case for DH as we expect the DER buffer to be always /* Special case for DH as we expect the DER buffer to be always
* be in PKCS8 format */ * be in PKCS8 format */
rawDer.buffer = pkcs8Der->buffer; rawDer.buffer = pkcs8Der->buffer;
rawDer.length = inOutIdx + ret; rawDer.length = inOutIdx + (word32)ret;
} }
else { else {
rawDer.buffer = pkcs8Der->buffer + inOutIdx; rawDer.buffer = pkcs8Der->buffer + inOutIdx;
rawDer.length = ret; rawDer.length = (word32)ret;
} }
ret = 0; /* good DER */ ret = 0; /* good DER */
} }
@ -8077,7 +8077,7 @@ int wolfSSL_i2d_PKCS8_PKEY(WOLFSSL_PKCS8_PRIV_KEY_INFO* key, unsigned char** pp)
return len; return len;
if (*pp == NULL) { if (*pp == NULL) {
out = (unsigned char*)XMALLOC(len, NULL, DYNAMIC_TYPE_ASN1); out = (unsigned char*)XMALLOC((size_t)len, NULL, DYNAMIC_TYPE_ASN1);
if (out == NULL) if (out == NULL)
return WOLFSSL_FATAL_ERROR; return WOLFSSL_FATAL_ERROR;
} }
@ -8167,7 +8167,8 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_PUBKEY_bio(WOLFSSL_BIO* bio,
return NULL; return NULL;
} }
mem = (unsigned char*)XMALLOC(memSz, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); mem = (unsigned char*)XMALLOC((size_t)memSz, bio->heap,
DYNAMIC_TYPE_TMP_BUFFER);
if (mem == NULL) { if (mem == NULL) {
return NULL; return NULL;
} }
@ -8226,15 +8227,16 @@ static int wolfSSL_EVP_PKEY_get_der(const WOLFSSL_EVP_PKEY* key,
if (*der) { if (*der) {
/* since this function signature has no size value passed in it is /* since this function signature has no size value passed in it is
* assumed that the user has allocated a large enough buffer */ * assumed that the user has allocated a large enough buffer */
XMEMCPY(*der, pt + pkcs8HeaderSz, sz); XMEMCPY(*der, pt + pkcs8HeaderSz, (size_t)sz);
*der += sz; *der += sz;
} }
else { else {
*der = (unsigned char*)XMALLOC(sz, NULL, DYNAMIC_TYPE_OPENSSL); *der = (unsigned char*)XMALLOC((size_t)sz, NULL,
DYNAMIC_TYPE_OPENSSL);
if (*der == NULL) { if (*der == NULL) {
return WOLFSSL_FATAL_ERROR; return WOLFSSL_FATAL_ERROR;
} }
XMEMCPY(*der, pt + pkcs8HeaderSz, sz); XMEMCPY(*der, pt + pkcs8HeaderSz, (size_t)sz);
} }
} }
return sz; return sz;
@ -8306,14 +8308,15 @@ static WOLFSSL_EVP_PKEY* _d2i_PublicKey(int type, WOLFSSL_EVP_PKEY** out,
local->type = type; local->type = type;
local->pkey_sz = (int)inSz; local->pkey_sz = (int)inSz;
local->pkcs8HeaderSz = pkcs8HeaderSz; local->pkcs8HeaderSz = pkcs8HeaderSz;
local->pkey.ptr = (char*)XMALLOC(inSz, NULL, DYNAMIC_TYPE_PUBLIC_KEY); local->pkey.ptr = (char*)XMALLOC((size_t)inSz, NULL,
DYNAMIC_TYPE_PUBLIC_KEY);
if (local->pkey.ptr == NULL) { if (local->pkey.ptr == NULL) {
wolfSSL_EVP_PKEY_free(local); wolfSSL_EVP_PKEY_free(local);
local = NULL; local = NULL;
return NULL; return NULL;
} }
else { else {
XMEMCPY(local->pkey.ptr, *in, inSz); XMEMCPY(local->pkey.ptr, *in, (size_t)inSz);
} }
switch (type) { switch (type) {
@ -12971,7 +12974,7 @@ cleanup:
{ {
WOLFSSL_ENTER("wolfSSL_ERR_get_error"); WOLFSSL_ENTER("wolfSSL_ERR_get_error");
#ifdef WOLFSSL_HAVE_ERROR_QUEUE #ifdef WOLFSSL_HAVE_ERROR_QUEUE
return wc_GetErrorNodeErr(); return (unsigned long)wc_GetErrorNodeErr();
#else #else
return (unsigned long)(0 - NOT_COMPILED_IN); return (unsigned long)(0 - NOT_COMPILED_IN);
#endif #endif
@ -13042,7 +13045,8 @@ cleanup:
do { do {
ret = wc_PeekErrorNode(0, &file, &reason, &line); ret = wc_PeekErrorNode(0, &file, &reason, &line);
if (ret >= 0) { if (ret >= 0) {
const char* r = wolfSSL_ERR_reason_error_string(0 - ret); const char* r = wolfSSL_ERR_reason_error_string(
(unsigned long)(0 - ret));
if (XSNPRINTF(buf, sizeof(buf), if (XSNPRINTF(buf, sizeof(buf),
"error:%d:wolfSSL library:%s:%s:%d\n", "error:%d:wolfSSL library:%s:%s:%d\n",
ret, r, file, line) ret, r, file, line)
@ -14965,9 +14969,9 @@ WOLFSSL_X509* wolfSSL_get_certificate(WOLFSSL* ssl)
} }
#ifndef WOLFSSL_X509_STORE_CERTS #ifndef WOLFSSL_X509_STORE_CERTS
ssl->ourCert = wolfSSL_X509_d2i_ex(NULL, ssl->ourCert = wolfSSL_X509_d2i_ex(NULL,
ssl->buffers.certificate->buffer, ssl->buffers.certificate->buffer,
ssl->buffers.certificate->length, (int)ssl->buffers.certificate->length,
ssl->heap); ssl->heap);
#endif #endif
} }
return ssl->ourCert; return ssl->ourCert;
@ -14981,9 +14985,9 @@ WOLFSSL_X509* wolfSSL_get_certificate(WOLFSSL* ssl)
} }
#ifndef WOLFSSL_X509_STORE_CERTS #ifndef WOLFSSL_X509_STORE_CERTS
ssl->ctx->ourCert = wolfSSL_X509_d2i_ex(NULL, ssl->ctx->ourCert = wolfSSL_X509_d2i_ex(NULL,
ssl->ctx->certificate->buffer, ssl->ctx->certificate->buffer,
ssl->ctx->certificate->length, (int)ssl->ctx->certificate->length,
ssl->heap); ssl->heap);
#endif #endif
ssl->ctx->ownOurCert = 1; ssl->ctx->ownOurCert = 1;
} }
@ -15005,7 +15009,8 @@ WOLFSSL_X509* wolfSSL_CTX_get0_certificate(WOLFSSL_CTX* ctx)
#ifndef WOLFSSL_X509_STORE_CERTS #ifndef WOLFSSL_X509_STORE_CERTS
ctx->ourCert = wolfSSL_X509_d2i_ex(NULL, ctx->ourCert = wolfSSL_X509_d2i_ex(NULL,
ctx->certificate->buffer, ctx->certificate->buffer,
ctx->certificate->length, ctx->heap); (int)ctx->certificate->length,
ctx->heap);
#endif #endif
ctx->ownOurCert = 1; ctx->ownOurCert = 1;
} }
@ -15804,42 +15809,42 @@ int wolfSSL_sk_CIPHER_description(WOLFSSL_CIPHER* cipher)
/* Build up the string by copying onto the end. */ /* Build up the string by copying onto the end. */
XSTRNCPY(dp, name, len); XSTRNCPY(dp, name, (size_t)len);
dp[len-1] = '\0'; strLen = (int)XSTRLEN(dp); dp[len-1] = '\0'; strLen = (int)XSTRLEN(dp);
len -= strLen; dp += strLen; len -= strLen; dp += strLen;
XSTRNCPY(dp, " ", len); XSTRNCPY(dp, " ", (size_t)len);
dp[len-1] = '\0'; strLen = (int)XSTRLEN(dp); dp[len-1] = '\0'; strLen = (int)XSTRLEN(dp);
len -= strLen; dp += strLen; len -= strLen; dp += strLen;
XSTRNCPY(dp, protocol, len); XSTRNCPY(dp, protocol, (size_t)len);
dp[len-1] = '\0'; strLen = (int)XSTRLEN(dp); dp[len-1] = '\0'; strLen = (int)XSTRLEN(dp);
len -= strLen; dp += strLen; len -= strLen; dp += strLen;
XSTRNCPY(dp, " Kx=", len); XSTRNCPY(dp, " Kx=", (size_t)len);
dp[len-1] = '\0'; strLen = (int)XSTRLEN(dp); dp[len-1] = '\0'; strLen = (int)XSTRLEN(dp);
len -= strLen; dp += strLen; len -= strLen; dp += strLen;
XSTRNCPY(dp, keaStr, len); XSTRNCPY(dp, keaStr, (size_t)len);
dp[len-1] = '\0'; strLen = (int)XSTRLEN(dp); dp[len-1] = '\0'; strLen = (int)XSTRLEN(dp);
len -= strLen; dp += strLen; len -= strLen; dp += strLen;
XSTRNCPY(dp, " Au=", len); XSTRNCPY(dp, " Au=", (size_t)len);
dp[len-1] = '\0'; strLen = (int)XSTRLEN(dp); dp[len-1] = '\0'; strLen = (int)XSTRLEN(dp);
len -= strLen; dp += strLen; len -= strLen; dp += strLen;
XSTRNCPY(dp, authStr, len); XSTRNCPY(dp, authStr, (size_t)len);
dp[len-1] = '\0'; strLen = (int)XSTRLEN(dp); dp[len-1] = '\0'; strLen = (int)XSTRLEN(dp);
len -= strLen; dp += strLen; len -= strLen; dp += strLen;
XSTRNCPY(dp, " Enc=", len); XSTRNCPY(dp, " Enc=", (size_t)len);
dp[len-1] = '\0'; strLen = (int)XSTRLEN(dp); dp[len-1] = '\0'; strLen = (int)XSTRLEN(dp);
len -= strLen; dp += strLen; len -= strLen; dp += strLen;
XSTRNCPY(dp, encStr, len); XSTRNCPY(dp, encStr, (size_t)len);
dp[len-1] = '\0'; strLen = (int)XSTRLEN(dp); dp[len-1] = '\0'; strLen = (int)XSTRLEN(dp);
len -= strLen; dp += strLen; len -= strLen; dp += strLen;
XSTRNCPY(dp, " Mac=", len); XSTRNCPY(dp, " Mac=", (size_t)len);
dp[len-1] = '\0'; strLen = (int)XSTRLEN(dp); dp[len-1] = '\0'; strLen = (int)XSTRLEN(dp);
len -= strLen; dp += strLen; len -= strLen; dp += (size_t)strLen;
XSTRNCPY(dp, macStr, len); XSTRNCPY(dp, macStr, (size_t)len);
dp[len-1] = '\0'; dp[len-1] = '\0';
return WOLFSSL_SUCCESS; return WOLFSSL_SUCCESS;
@ -16097,7 +16102,7 @@ char* wolfSSL_CIPHER_description(const WOLFSSL_CIPHER* cipher, char* in,
*/ */
if (cipher->in_stack == TRUE) { if (cipher->in_stack == TRUE) {
wolfSSL_sk_CIPHER_description((WOLFSSL_CIPHER*)cipher); wolfSSL_sk_CIPHER_description((WOLFSSL_CIPHER*)cipher);
XSTRNCPY(in,cipher->description,len); XSTRNCPY(in,cipher->description,(size_t)len);
return ret; return ret;
} }
#endif #endif
@ -16110,32 +16115,32 @@ char* wolfSSL_CIPHER_description(const WOLFSSL_CIPHER* cipher, char* in,
macStr = wolfssl_mac_to_string(cipher->ssl->specs.mac_algorithm); macStr = wolfssl_mac_to_string(cipher->ssl->specs.mac_algorithm);
/* Build up the string by copying onto the end. */ /* Build up the string by copying onto the end. */
XSTRNCPY(in, wolfSSL_CIPHER_get_name(cipher), len); XSTRNCPY(in, wolfSSL_CIPHER_get_name(cipher), (size_t)len);
in[len-1] = '\0'; strLen = XSTRLEN(in); len -= (int)strLen; in += strLen; in[len-1] = '\0'; strLen = XSTRLEN(in); len -= (int)strLen; in += strLen;
XSTRNCPY(in, " ", len); XSTRNCPY(in, " ", (size_t)len);
in[len-1] = '\0'; strLen = XSTRLEN(in); len -= (int)strLen; in += strLen; in[len-1] = '\0'; strLen = XSTRLEN(in); len -= (int)strLen; in += strLen;
XSTRNCPY(in, wolfSSL_get_version(cipher->ssl), len); XSTRNCPY(in, wolfSSL_get_version(cipher->ssl), (size_t)len);
in[len-1] = '\0'; strLen = XSTRLEN(in); len -= (int)strLen; in += strLen; in[len-1] = '\0'; strLen = XSTRLEN(in); len -= (int)strLen; in += strLen;
XSTRNCPY(in, " Kx=", len); XSTRNCPY(in, " Kx=", (size_t)len);
in[len-1] = '\0'; strLen = XSTRLEN(in); len -= (int)strLen; in += strLen; in[len-1] = '\0'; strLen = XSTRLEN(in); len -= (int)strLen; in += strLen;
XSTRNCPY(in, keaStr, len); XSTRNCPY(in, keaStr, (size_t)len);
in[len-1] = '\0'; strLen = XSTRLEN(in); len -= (int)strLen; in += strLen; in[len-1] = '\0'; strLen = XSTRLEN(in); len -= (int)strLen; in += strLen;
XSTRNCPY(in, " Au=", len); XSTRNCPY(in, " Au=", (size_t)len);
in[len-1] = '\0'; strLen = XSTRLEN(in); len -= (int)strLen; in += strLen; in[len-1] = '\0'; strLen = XSTRLEN(in); len -= (int)strLen; in += strLen;
XSTRNCPY(in, authStr, len); XSTRNCPY(in, authStr, (size_t)len);
in[len-1] = '\0'; strLen = XSTRLEN(in); len -= (int)strLen; in += strLen; in[len-1] = '\0'; strLen = XSTRLEN(in); len -= (int)strLen; in += strLen;
XSTRNCPY(in, " Enc=", len); XSTRNCPY(in, " Enc=", (size_t)len);
in[len-1] = '\0'; strLen = XSTRLEN(in); len -= (int)strLen; in += strLen; in[len-1] = '\0'; strLen = XSTRLEN(in); len -= (int)strLen; in += strLen;
XSTRNCPY(in, encStr, len); XSTRNCPY(in, encStr, (size_t)len);
in[len-1] = '\0'; strLen = XSTRLEN(in); len -= (int)strLen; in += strLen; in[len-1] = '\0'; strLen = XSTRLEN(in); len -= (int)strLen; in += strLen;
XSTRNCPY(in, " Mac=", len); XSTRNCPY(in, " Mac=", (size_t)len);
in[len-1] = '\0'; strLen = XSTRLEN(in); len -= (int)strLen; in += strLen; in[len-1] = '\0'; strLen = XSTRLEN(in); len -= (int)strLen; in += strLen;
XSTRNCPY(in, macStr, len); XSTRNCPY(in, macStr, (size_t)len);
in[len-1] = '\0'; in[len-1] = '\0';
return ret; return ret;
@ -17265,8 +17270,8 @@ long wolfSSL_clear_options(WOLFSSL* ssl, long opt)
WOLFSSL_ENTER("wolfSSL_clear_options"); WOLFSSL_ENTER("wolfSSL_clear_options");
if(ssl == NULL) if(ssl == NULL)
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
ssl->options.mask &= ~opt; ssl->options.mask &= (unsigned long)~opt;
return ssl->options.mask; return (long)ssl->options.mask;
} }
#ifdef HAVE_PK_CALLBACKS #ifdef HAVE_PK_CALLBACKS
@ -17532,7 +17537,7 @@ long wolfSSL_get_verify_result(const WOLFSSL *ssl)
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
return ssl->peerVerifyRet; return (long)ssl->peerVerifyRet;
} }
#endif #endif
@ -18246,7 +18251,7 @@ int wolfSSL_cmp_peer_cert_to_file(WOLFSSL* ssl, const char *fname)
if (sz > (long)sizeof(staticBuffer)) { if (sz > (long)sizeof(staticBuffer)) {
WOLFSSL_MSG("Getting dynamic buffer"); WOLFSSL_MSG("Getting dynamic buffer");
myBuffer = (byte*)XMALLOC(sz, ctx->heap, DYNAMIC_TYPE_FILE); myBuffer = (byte*)XMALLOC((size_t)sz, ctx->heap, DYNAMIC_TYPE_FILE);
dynamic = 1; dynamic = 1;
} }
@ -19136,7 +19141,7 @@ WOLFSSL_X509* wolfSSL_get_chain_X509(WOLFSSL_X509_CHAIN* chain, int idx)
#endif #endif
{ {
InitDecodedCert(cert, chain->certs[idx].buffer, InitDecodedCert(cert, chain->certs[idx].buffer,
chain->certs[idx].length, NULL); (word32)chain->certs[idx].length, NULL);
if ((ret = ParseCertRelative(cert, CERT_TYPE, 0, NULL, NULL)) != 0) { if ((ret = ParseCertRelative(cert, CERT_TYPE, 0, NULL, NULL)) != 0) {
WOLFSSL_MSG("Failed to parse cert"); WOLFSSL_MSG("Failed to parse cert");
@ -19198,10 +19203,11 @@ int wolfSSL_get_chain_cert_pem(WOLFSSL_X509_CHAIN* chain, int idx,
/* Null output buffer return size needed in outLen */ /* Null output buffer return size needed in outLen */
if(!buf) { if(!buf) {
if(Base64_Encode(chain->certs[idx].buffer, chain->certs[idx].length, if(Base64_Encode(chain->certs[idx].buffer,
(word32)chain->certs[idx].length,
NULL, &szNeeded) != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) NULL, &szNeeded) != WC_NO_ERR_TRACE(LENGTH_ONLY_E))
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
*outLen = szNeeded + headerLen + footerLen; *outLen = (int)szNeeded + headerLen + footerLen;
return WC_NO_ERR_TRACE(LENGTH_ONLY_E); return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
} }
@ -19210,7 +19216,7 @@ int wolfSSL_get_chain_cert_pem(WOLFSSL_X509_CHAIN* chain, int idx,
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
/* header */ /* header */
if (XMEMCPY(buf, header, headerLen) == NULL) if (XMEMCPY(buf, header, (size_t)headerLen) == NULL)
return WOLFSSL_FATAL_ERROR; return WOLFSSL_FATAL_ERROR;
i = headerLen; i = headerLen;
@ -19218,14 +19224,15 @@ int wolfSSL_get_chain_cert_pem(WOLFSSL_X509_CHAIN* chain, int idx,
/* body */ /* body */
*outLen = inLen; /* input to Base64_Encode */ *outLen = inLen; /* input to Base64_Encode */
if ( (err = Base64_Encode(chain->certs[idx].buffer, if ( (err = Base64_Encode(chain->certs[idx].buffer,
chain->certs[idx].length, buf + i, (word32*)outLen)) < 0) (word32)chain->certs[idx].length, buf + i,
(word32*)outLen)) < 0)
return err; return err;
i += *outLen; i += *outLen;
/* footer */ /* footer */
if ( (i + footerLen) > inLen) if ( (i + footerLen) > inLen)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
if (XMEMCPY(buf + i, footer, footerLen) == NULL) if (XMEMCPY(buf + i, footer, (size_t)footerLen) == NULL)
return WOLFSSL_FATAL_ERROR; return WOLFSSL_FATAL_ERROR;
*outLen += headerLen + footerLen; *outLen += headerLen + footerLen;
@ -19968,7 +19975,7 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl)
obj->dynamic |= WOLFSSL_ASN1_DYNAMIC_DATA; obj->dynamic |= WOLFSSL_ASN1_DYNAMIC_DATA;
} }
else { else {
obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA; obj->dynamic &= (unsigned char)~WOLFSSL_ASN1_DYNAMIC_DATA;
} }
} }
XMEMCPY((byte*)obj->obj, objBuf, obj->objSz); XMEMCPY((byte*)obj->obj, objBuf, obj->objSz);
@ -20083,7 +20090,7 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl)
bufSz = bufLen - 1; bufSz = bufLen - 1;
} }
if (bufSz) { if (bufSz) {
XMEMCPY(buf, name, bufSz); XMEMCPY(buf, name, (size_t)bufSz);
} }
else if (a->type == WOLFSSL_GEN_DNS || a->type == WOLFSSL_GEN_EMAIL || else if (a->type == WOLFSSL_GEN_DNS || a->type == WOLFSSL_GEN_EMAIL ||
a->type == WOLFSSL_GEN_URI) { a->type == WOLFSSL_GEN_URI) {
@ -20094,7 +20101,7 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl)
if ((desc = oid_translate_num_to_str(buf))) { if ((desc = oid_translate_num_to_str(buf))) {
bufSz = (int)XSTRLEN(desc); bufSz = (int)XSTRLEN(desc);
bufSz = (int)min((word32)bufSz,(word32) bufLen - 1); bufSz = (int)min((word32)bufSz,(word32) bufLen - 1);
XMEMCPY(buf, desc, bufSz); XMEMCPY(buf, desc, (size_t)bufSz);
} }
} }
else { else {
@ -20250,19 +20257,21 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl)
if (o->nid > 0) if (o->nid > 0)
return o->nid; return o->nid;
if ((ret = GetObjectId(o->obj, &idx, &oid, o->grp, o->objSz)) < 0) { if ((ret = GetObjectId(o->obj, &idx, &oid,
(word32)o->grp, o->objSz)) < 0) {
if (ret == WC_NO_ERR_TRACE(ASN_OBJECT_ID_E)) { if (ret == WC_NO_ERR_TRACE(ASN_OBJECT_ID_E)) {
/* Put ASN object tag in front and try again */ /* Put ASN object tag in front and try again */
int len = SetObjectId(o->objSz, NULL) + o->objSz; int len = SetObjectId((int)o->objSz, NULL) + (int)o->objSz;
byte* buf = (byte*)XMALLOC(len, NULL, DYNAMIC_TYPE_TMP_BUFFER); byte* buf = (byte*)XMALLOC((size_t)len, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (!buf) { if (!buf) {
WOLFSSL_MSG("malloc error"); WOLFSSL_MSG("malloc error");
return WOLFSSL_FATAL_ERROR; return WOLFSSL_FATAL_ERROR;
} }
idx = SetObjectId(o->objSz, buf); idx = (word32)SetObjectId((int)o->objSz, buf);
XMEMCPY(buf + idx, o->obj, o->objSz); XMEMCPY(buf + idx, o->obj, o->objSz);
idx = 0; idx = 0;
ret = GetObjectId(buf, &idx, &oid, o->grp, len); ret = GetObjectId(buf, &idx, &oid, (word32)o->grp, (word32)len);
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (ret < 0) { if (ret < 0) {
WOLFSSL_MSG("Issue getting OID of object"); WOLFSSL_MSG("Issue getting OID of object");
@ -20401,13 +20410,13 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl)
/* try as a short name */ /* try as a short name */
len = (int)XSTRLEN(s); len = (int)XSTRLEN(s);
if ((int)XSTRLEN(wolfssl_object_info[i].sName) == len && if ((int)XSTRLEN(wolfssl_object_info[i].sName) == len &&
XSTRNCMP(wolfssl_object_info[i].sName, s, len) == 0) { XSTRNCMP(wolfssl_object_info[i].sName, s, (word32)len) == 0) {
return wolfssl_object_info[i].nid; return wolfssl_object_info[i].nid;
} }
/* try as a long name */ /* try as a long name */
if ((int)XSTRLEN(wolfssl_object_info[i].lName) == len && if ((int)XSTRLEN(wolfssl_object_info[i].lName) == len &&
XSTRNCMP(wolfssl_object_info[i].lName, s, len) == 0) { XSTRNCMP(wolfssl_object_info[i].lName, s, (word32)len) == 0) {
return wolfssl_object_info[i].nid; return wolfssl_object_info[i].nid;
} }
} }
@ -20462,7 +20471,7 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl)
obj->dynamic |= WOLFSSL_ASN1_DYNAMIC_DATA; obj->dynamic |= WOLFSSL_ASN1_DYNAMIC_DATA;
i = SetObjectId((int)outSz, (byte*)obj->obj); i = SetObjectId((int)outSz, (byte*)obj->obj);
XMEMCPY((byte*)obj->obj + i, out, outSz); XMEMCPY((byte*)obj->obj + i, out, outSz);
obj->objSz = i + outSz; obj->objSz = (word32)i + outSz;
return obj; return obj;
} }
@ -21148,7 +21157,8 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_bio(WOLFSSL_BIO* bio,
return NULL; return NULL;
} }
mem = (unsigned char*)XMALLOC(memSz, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); mem = (unsigned char*)XMALLOC((size_t)memSz, bio->heap,
DYNAMIC_TYPE_TMP_BUFFER);
if (mem == NULL) { if (mem == NULL) {
WOLFSSL_MSG("Malloc failure"); WOLFSSL_MSG("Malloc failure");
return NULL; return NULL;
@ -21173,7 +21183,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_bio(WOLFSSL_BIO* bio,
int i; int i;
int j = 0; int j = 0;
extraBioMem = (unsigned char *)XMALLOC(extraBioMemSz, NULL, extraBioMem = (unsigned char *)XMALLOC((size_t)extraBioMemSz, NULL,
DYNAMIC_TYPE_TMP_BUFFER); DYNAMIC_TYPE_TMP_BUFFER);
if (extraBioMem == NULL) { if (extraBioMem == NULL) {
WOLFSSL_MSG("Malloc failure"); WOLFSSL_MSG("Malloc failure");
@ -23084,13 +23094,13 @@ int set_curves_list(WOLFSSL* ssl, WOLFSSL_CTX *ctx, const char* names,
if (len > MAX_CURVE_NAME_SZ - 1) if (len > MAX_CURVE_NAME_SZ - 1)
goto leave; goto leave;
XMEMCPY(name, names + start, len); XMEMCPY(name, names + start, (size_t)len);
name[len] = 0; name[len] = 0;
curve = WOLFSSL_NAMED_GROUP_INVALID; curve = WOLFSSL_NAMED_GROUP_INVALID;
for (nist_name = kNistCurves; nist_name->name != NULL; nist_name++) { for (nist_name = kNistCurves; nist_name->name != NULL; nist_name++) {
if (len == nist_name->name_len && if (len == nist_name->name_len &&
XSTRNCMP(name, nist_name->name, len) == 0) { XSTRNCMP(name, nist_name->name, (size_t)len) == 0) {
curve = nist_name->curve; curve = nist_name->curve;
break; break;
} }
@ -23113,7 +23123,7 @@ int set_curves_list(WOLFSSL* ssl, WOLFSSL_CTX *ctx, const char* names,
goto leave; goto leave;
} }
curve = GetCurveByOID(eccSet->oidSum); curve = GetCurveByOID((int)eccSet->oidSum);
#else #else
WOLFSSL_MSG("API not present to search farther using name"); WOLFSSL_MSG("API not present to search farther using name");
goto leave; goto leave;
@ -24244,7 +24254,7 @@ static int bio_get_data(WOLFSSL_BIO* bio, byte** data)
ret = wolfSSL_BIO_get_len(bio); ret = wolfSSL_BIO_get_len(bio);
if (ret > 0) { if (ret > 0) {
mem = (byte*)XMALLOC(ret, bio->heap, DYNAMIC_TYPE_OPENSSL); mem = (byte*)XMALLOC((size_t)ret, bio->heap, DYNAMIC_TYPE_OPENSSL);
if (mem == NULL) { if (mem == NULL) {
WOLFSSL_MSG("Memory error"); WOLFSSL_MSG("Memory error");
ret = MEMORY_E; ret = MEMORY_E;
@ -24337,7 +24347,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_AutoPrivateKey(WOLFSSL_EVP_PKEY** pkey,
*/ */
ret = GetSequence(der, &idx, &len, keyLen); ret = GetSequence(der, &idx, &len, keyLen);
if (ret >= 0) { if (ret >= 0) {
word32 end = idx + len; word32 end = idx + (word32)len;
while (ret >= 0 && idx < end) { while (ret >= 0 && idx < end) {
/* Skip type */ /* Skip type */
idx++; idx++;
@ -24345,10 +24355,10 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_AutoPrivateKey(WOLFSSL_EVP_PKEY** pkey,
len = 0; len = 0;
ret = GetLength(der, &idx, &len, keyLen); ret = GetLength(der, &idx, &len, keyLen);
if (ret >= 0) { if (ret >= 0) {
if (idx + len > end) if (idx + (word32)len > end)
ret = ASN_PARSE_E; ret = ASN_PARSE_E;
else { else {
idx += len; idx += (word32)len;
cnt++; cnt++;
} }
} }

20
src/ssl_crypto.c
View File

@ -2543,21 +2543,23 @@ WOLFSSL_DES_LONG wolfSSL_DES_cbc_cksum(const unsigned char* in,
if ((!err) && (dataSz % DES_BLOCK_SIZE)) { if ((!err) && (dataSz % DES_BLOCK_SIZE)) {
/* Allocate a buffer big enough to hold padded input. */ /* Allocate a buffer big enough to hold padded input. */
dataSz += DES_BLOCK_SIZE - (dataSz % DES_BLOCK_SIZE); dataSz += DES_BLOCK_SIZE - (dataSz % DES_BLOCK_SIZE);
data = (unsigned char*)XMALLOC(dataSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); data = (unsigned char*)XMALLOC((size_t)dataSz, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (data == NULL) { if (data == NULL) {
WOLFSSL_MSG("Issue creating temporary buffer"); WOLFSSL_MSG("Issue creating temporary buffer");
err = 1; err = 1;
} }
else { else {
/* Copy input and pad with 0s. */ /* Copy input and pad with 0s. */
XMEMCPY(data, in, length); XMEMCPY(data, in, (size_t)length);
XMEMSET(data + length, 0, dataSz - length); XMEMSET(data + length, 0, (size_t)(dataSz - length));
} }
} }
if (!err) { if (!err) {
/* Allocate buffer to hold encrypted data. */ /* Allocate buffer to hold encrypted data. */
tmp = (unsigned char*)XMALLOC(dataSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); tmp = (unsigned char*)XMALLOC((size_t)dataSz, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (tmp == NULL) { if (tmp == NULL) {
WOLFSSL_MSG("Issue creating temporary buffer"); WOLFSSL_MSG("Issue creating temporary buffer");
err = 1; err = 1;
@ -2637,7 +2639,7 @@ void wolfSSL_DES_cbc_encrypt(const unsigned char* input, unsigned char* output,
if (lb_sz != 0) { if (lb_sz != 0) {
/* Create a 0 padded block from remaining bytes. */ /* Create a 0 padded block from remaining bytes. */
XMEMSET(lastBlock, 0, DES_BLOCK_SIZE); XMEMSET(lastBlock, 0, DES_BLOCK_SIZE);
XMEMCPY(lastBlock, input + len, lb_sz); XMEMCPY(lastBlock, input + len, (size_t)lb_sz);
/* Encrypt last block into output. */ /* Encrypt last block into output. */
wc_Des_CbcEncrypt(des, output + len, lastBlock, wc_Des_CbcEncrypt(des, output + len, lastBlock,
(word32)DES_BLOCK_SIZE); (word32)DES_BLOCK_SIZE);
@ -2651,7 +2653,7 @@ void wolfSSL_DES_cbc_encrypt(const unsigned char* input, unsigned char* output,
wc_Des_CbcDecrypt(des, lastBlock, input + len, wc_Des_CbcDecrypt(des, lastBlock, input + len,
(word32)DES_BLOCK_SIZE); (word32)DES_BLOCK_SIZE);
/* Copy out the required amount of the decrypted block. */ /* Copy out the required amount of the decrypted block. */
XMEMCPY(output + len, lastBlock, lb_sz); XMEMCPY(output + len, lastBlock, (size_t)lb_sz);
} }
} }
} }
@ -2775,7 +2777,7 @@ void wolfSSL_DES_ede3_cbc_encrypt(const unsigned char* input,
if (lb_sz != 0) { if (lb_sz != 0) {
/* Create a 0 padded block from remaining bytes. */ /* Create a 0 padded block from remaining bytes. */
XMEMSET(lastBlock, 0, DES_BLOCK_SIZE); XMEMSET(lastBlock, 0, DES_BLOCK_SIZE);
XMEMCPY(lastBlock, input + len, lb_sz); XMEMCPY(lastBlock, input + len, (size_t)lb_sz);
/* Encrypt last block into output. */ /* Encrypt last block into output. */
ret = wc_Des3_CbcEncrypt(des3, output + len, lastBlock, ret = wc_Des3_CbcEncrypt(des3, output + len, lastBlock,
(word32)DES_BLOCK_SIZE); (word32)DES_BLOCK_SIZE);
@ -2825,7 +2827,7 @@ void wolfSSL_DES_ede3_cbc_encrypt(const unsigned char* input,
(void)ret; (void)ret;
#endif #endif
/* Copy out the required amount of the decrypted block. */ /* Copy out the required amount of the decrypted block. */
XMEMCPY(output + len, lastBlock, lb_sz); XMEMCPY(output + len, lastBlock, (size_t)lb_sz);
} }
} }
} }
@ -2940,7 +2942,7 @@ static int wolfssl_aes_set_key(const unsigned char *key, const int bits,
return WOLFSSL_FATAL_ERROR; return WOLFSSL_FATAL_ERROR;
} }
if (wc_AesSetKey((Aes*)aes, key, ((bits)/8), NULL, enc) != 0) { if (wc_AesSetKey((Aes*)aes, key, (word32)((bits)/8), NULL, enc) != 0) {
WOLFSSL_MSG("Error in setting AES key"); WOLFSSL_MSG("Error in setting AES key");
return WOLFSSL_FATAL_ERROR; return WOLFSSL_FATAL_ERROR;
} }

23
src/ssl_load.c
View File

@ -134,7 +134,7 @@ static int DataToDerBuffer(const unsigned char* buff, word32 len, int format,
/* Data in buffer has PEM format - extract DER data. */ /* Data in buffer has PEM format - extract DER data. */
if (format == WOLFSSL_FILETYPE_PEM) { if (format == WOLFSSL_FILETYPE_PEM) {
#ifdef WOLFSSL_PEM_TO_DER #ifdef WOLFSSL_PEM_TO_DER
ret = PemToDer(buff, len, type, der, heap, info, algId); ret = PemToDer(buff, (long)(len), type, der, heap, info, algId);
if (ret != 0) { if (ret != 0) {
FreeDer(der); FreeDer(der);
} }
@ -1254,7 +1254,7 @@ static int ProcessBufferPrivPkcs8Dec(EncryptedInfo* info, DerBuffer* der,
} }
if (ret >= 0) { if (ret >= 0) {
/* Zero out encrypted data not overwritten. */ /* Zero out encrypted data not overwritten. */
ForceZero(der->buffer + ret, der->length - ret); ForceZero(der->buffer + ret, der->length - (word32)ret);
/* Set decrypted data length. */ /* Set decrypted data length. */
der->length = (word32)ret; der->length = (word32)ret;
} }
@ -5228,7 +5228,8 @@ int wolfSSL_CTX_use_RSAPrivateKey(WOLFSSL_CTX* ctx, WOLFSSL_RSA* rsa)
if (ret == 1) { if (ret == 1) {
/* Allocate memory to hold DER encoding.. */ /* Allocate memory to hold DER encoding.. */
der = (unsigned char*)XMALLOC(derSize, NULL, DYNAMIC_TYPE_TMP_BUFFER); der = (unsigned char*)XMALLOC((size_t)derSize, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (der == NULL) { if (der == NULL) {
WOLFSSL_MSG("Malloc failure"); WOLFSSL_MSG("Malloc failure");
ret = MEMORY_E; ret = MEMORY_E;
@ -5470,8 +5471,8 @@ int wolfSSL_SetTmpDH(WOLFSSL* ssl, const unsigned char* p, int pSz,
} }
if (ret == 1) { if (ret == 1) {
/* Copy p and g into allocated buffers. */ /* Copy p and g into allocated buffers. */
XMEMCPY(pAlloc, p, pSz); XMEMCPY(pAlloc, p, (size_t)pSz);
XMEMCPY(gAlloc, g, gSz); XMEMCPY(gAlloc, g, (size_t)gSz);
/* Set the buffers into SSL. */ /* Set the buffers into SSL. */
ret = wolfssl_set_tmp_dh(ssl, pAlloc, pSz, gAlloc, gSz); ret = wolfssl_set_tmp_dh(ssl, pAlloc, pSz, gAlloc, gSz);
} }
@ -5629,8 +5630,8 @@ int wolfSSL_CTX_SetTmpDH(WOLFSSL_CTX* ctx, const unsigned char* p, int pSz,
if (ret == 1) { if (ret == 1) {
/* Copy p and g into allocated buffers. */ /* Copy p and g into allocated buffers. */
XMEMCPY(pAlloc, p, pSz); XMEMCPY(pAlloc, p, (size_t)pSz);
XMEMCPY(gAlloc, g, gSz); XMEMCPY(gAlloc, g, (size_t)gSz);
/* Set the buffers into SSL context. */ /* Set the buffers into SSL context. */
ret = wolfssl_ctx_set_tmp_dh(ctx, pAlloc, pSz, gAlloc, gSz); ret = wolfssl_ctx_set_tmp_dh(ctx, pAlloc, pSz, gAlloc, gSz);
} }
@ -5682,8 +5683,8 @@ long wolfSSL_set_tmp_dh(WOLFSSL *ssl, WOLFSSL_DH *dh)
if (ret == 1) { if (ret == 1) {
/* Allocate buffers for p and g to be assigned into SSL. */ /* Allocate buffers for p and g to be assigned into SSL. */
p = (byte*)XMALLOC(pSz, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); p = (byte*)XMALLOC((size_t)pSz, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
g = (byte*)XMALLOC(gSz, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); g = (byte*)XMALLOC((size_t)gSz, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
if ((p == NULL) || (g == NULL)) { if ((p == NULL) || (g == NULL)) {
ret = MEMORY_E; ret = MEMORY_E;
} }
@ -5748,8 +5749,8 @@ long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX* ctx, WOLFSSL_DH* dh)
if (ret == 1) { if (ret == 1) {
/* Allocate buffers for p and g to be assigned into SSL. */ /* Allocate buffers for p and g to be assigned into SSL. */
p = (byte*)XMALLOC(pSz, ctx->heap, DYNAMIC_TYPE_PUBLIC_KEY); p = (byte*)XMALLOC((size_t)pSz, ctx->heap, DYNAMIC_TYPE_PUBLIC_KEY);
g = (byte*)XMALLOC(gSz, ctx->heap, DYNAMIC_TYPE_PUBLIC_KEY); g = (byte*)XMALLOC((size_t)gSz, ctx->heap, DYNAMIC_TYPE_PUBLIC_KEY);
if ((p == NULL) || (g == NULL)) { if ((p == NULL) || (g == NULL)) {
ret = MEMORY_E; ret = MEMORY_E;
} }

13
src/ssl_sess.c
View File

@ -375,7 +375,7 @@ int wolfSSL_SetServerID(WOLFSSL* ssl, const byte* id, int len, int newSession)
WOLFSSL_MSG("Valid ServerID not cached already"); WOLFSSL_MSG("Valid ServerID not cached already");
ssl->session->idLen = (word16)len; ssl->session->idLen = (word16)len;
XMEMCPY(ssl->session->serverID, id, len); XMEMCPY(ssl->session->serverID, id, (size_t)len);
} }
#ifdef HAVE_EXT_CACHE #ifdef HAVE_EXT_CACHE
else { else {
@ -1819,7 +1819,7 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
ticLen = addSession->ticketLen; ticLen = addSession->ticketLen;
/* Alloc Memory here to avoid syscalls during lock */ /* Alloc Memory here to avoid syscalls during lock */
if (ticLen > SESSION_TICKET_LEN) { if (ticLen > SESSION_TICKET_LEN) {
ticBuff = (byte*)XMALLOC(ticLen, NULL, ticBuff = (byte*)XMALLOC((size_t)ticLen, NULL,
DYNAMIC_TYPE_SESSION_TICK); DYNAMIC_TYPE_SESSION_TICK);
if (ticBuff == NULL) { if (ticBuff == NULL) {
return MEMORY_E; return MEMORY_E;
@ -1978,7 +1978,7 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
/* Copy in the certs from the session */ /* Copy in the certs from the session */
addSession->chain.count = cacheSession->chain.count; addSession->chain.count = cacheSession->chain.count;
XMEMCPY(addSession->chain.certs, cacheSession->chain.certs, XMEMCPY(addSession->chain.certs, cacheSession->chain.certs,
sizeof(x509_buffer) * cacheSession->chain.count); sizeof(x509_buffer) * (size_t)cacheSession->chain.count);
} }
#endif /* SESSION_CERTS */ #endif /* SESSION_CERTS */
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA) #if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
@ -2669,7 +2669,8 @@ int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION* sess, unsigned char** p)
unsigned char *data; unsigned char *data;
if (*p == NULL) if (*p == NULL)
*p = (unsigned char*)XMALLOC(size, NULL, DYNAMIC_TYPE_OPENSSL); *p = (unsigned char*)XMALLOC((size_t)size, NULL,
DYNAMIC_TYPE_OPENSSL);
if (*p == NULL) if (*p == NULL)
return 0; return 0;
data = *p; data = *p;
@ -2693,7 +2694,7 @@ int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION* sess, unsigned char** p)
c16toa((word16)sess->chain.certs[i].length, data + idx); c16toa((word16)sess->chain.certs[i].length, data + idx);
idx += OPAQUE16_LEN; idx += OPAQUE16_LEN;
XMEMCPY(data + idx, sess->chain.certs[i].buffer, XMEMCPY(data + idx, sess->chain.certs[i].buffer,
sess->chain.certs[i].length); (size_t)sess->chain.certs[i].length);
idx += sess->chain.certs[i].length; idx += sess->chain.certs[i].length;
} }
#endif #endif
@ -3524,7 +3525,7 @@ int wolfSSL_SESSION_get_master_key(const WOLFSSL_SESSION* ses,
size = outSz; size = outSz;
} }
XMEMCPY(out, ses->masterSecret, size); XMEMCPY(out, ses->masterSecret, (size_t)size);
return size; return size;
} }

28
src/tls.c
View File

@ -1036,7 +1036,7 @@ static int Hmac_UpdateFinal_CT(Hmac* hmac, byte* digest, const byte* in,
if (ret != 0) if (ret != 0)
return ret; return ret;
XMEMSET(hmac->innerHash, 0, macLen); XMEMSET(hmac->innerHash, 0, (size_t)macLen);
if (safeBlocks > 0) { if (safeBlocks > 0) {
ret = Hmac_HashUpdate(hmac, header, headerSz); ret = Hmac_HashUpdate(hmac, header, headerSz);
@ -1051,7 +1051,7 @@ static int Hmac_UpdateFinal_CT(Hmac* hmac, byte* digest, const byte* in,
else else
safeBlocks = 0; safeBlocks = 0;
XMEMSET(digest, 0, macLen); XMEMSET(digest, 0, (size_t)macLen);
k = (unsigned int)(safeBlocks * blockSz); k = (unsigned int)(safeBlocks * blockSz);
for (i = safeBlocks; i < blocks; i++) { for (i = safeBlocks; i < blocks; i++) {
unsigned char hashBlock[WC_MAX_BLOCK_SIZE]; unsigned char hashBlock[WC_MAX_BLOCK_SIZE];
@ -1202,8 +1202,8 @@ static int Hmac_UpdateFinal(Hmac* hmac, byte* digest, const byte* in,
ret = wc_HmacUpdate(hmac, header, headerSz); ret = wc_HmacUpdate(hmac, header, headerSz);
if (ret == 0) { if (ret == 0) {
/* Fill the rest of the block with any available data. */ /* Fill the rest of the block with any available data. */
word32 currSz = ctMaskLT((int)msgSz, blockSz) & msgSz; word32 currSz = ctMaskLT((int)msgSz, (int)blockSz) & msgSz;
currSz |= ctMaskGTE((int)msgSz, blockSz) & blockSz; currSz |= ctMaskGTE((int)msgSz, (int)blockSz) & blockSz;
currSz -= WOLFSSL_TLS_HMAC_INNER_SZ; currSz -= WOLFSSL_TLS_HMAC_INNER_SZ;
currSz &= ~(0 - (currSz >> 31)); currSz &= ~(0 - (currSz >> 31));
ret = wc_HmacUpdate(hmac, in, currSz); ret = wc_HmacUpdate(hmac, in, currSz);
@ -1350,7 +1350,7 @@ int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, int padSz,
#ifdef HAVE_BLAKE2 #ifdef HAVE_BLAKE2
if (wolfSSL_GetHmacType(ssl) == WC_HASH_TYPE_BLAKE2B) { if (wolfSSL_GetHmacType(ssl) == WC_HASH_TYPE_BLAKE2B) {
ret = Hmac_UpdateFinal(&hmac, digest, in, ret = Hmac_UpdateFinal(&hmac, digest, in,
sz + hashSz + padSz + 1, myInner, innerSz); sz + hashSz + (word32)padSz + 1, myInner, innerSz);
} }
else else
#endif #endif
@ -1361,8 +1361,9 @@ int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, int padSz,
} }
#else #else
ret = Hmac_UpdateFinal(&hmac, digest, in, sz + hashSz + padSz + 1, ret = Hmac_UpdateFinal(&hmac, digest, in, sz + hashSz +
myInner, innerSz); (word32)(padSz) + 1,
myInner, innerSz);
#endif #endif
} }
else { else {
@ -3543,7 +3544,7 @@ static int TLSX_CSR_Parse(WOLFSSL* ssl, const byte* input, word16 length,
if (request) { if (request) {
XMEMCPY(request->nonce, csr->request.ocsp[0].nonce, XMEMCPY(request->nonce, csr->request.ocsp[0].nonce,
csr->request.ocsp[0].nonceSz); (size_t)csr->request.ocsp[0].nonceSz);
request->nonceSz = csr->request.ocsp[0].nonceSz; request->nonceSz = csr->request.ocsp[0].nonceSz;
} }
} }
@ -3753,14 +3754,14 @@ int TLSX_CSR_InitRequest_ex(TLSX* extensions, DecodedCert* cert,
csr->requests--; csr->requests--;
} }
/* preserve nonce */ /* preserve nonce */
XMEMCPY(nonce, request->nonce, nonceSz); XMEMCPY(nonce, csr->request.ocsp->nonce, (size_t)nonceSz);
if (req_cnt < MAX_CERT_EXTENSIONS) { if (req_cnt < MAX_CERT_EXTENSIONS) {
if ((ret = InitOcspRequest(request, cert, 0, heap)) != 0) if ((ret = InitOcspRequest(request, cert, 0, heap)) != 0)
return ret; return ret;
/* restore nonce */ /* restore nonce */
XMEMCPY(request->nonce, nonce, nonceSz); XMEMCPY(csr->request.ocsp->nonce, nonce, (size_t)nonceSz);
request->nonceSz = nonceSz; request->nonceSz = nonceSz;
csr->requests++; csr->requests++;
} }
@ -4075,7 +4076,7 @@ static int TLSX_CSR2_Parse(WOLFSSL* ssl, const byte* input, word16 length,
if (request) { if (request) {
XMEMCPY(request->nonce, XMEMCPY(request->nonce,
csr2->request.ocsp[0].nonce, csr2->request.ocsp[0].nonce,
csr2->request.ocsp[0].nonceSz); (size_t)csr2->request.ocsp[0].nonceSz);
request->nonceSz = request->nonceSz =
csr2->request.ocsp[0].nonceSz; csr2->request.ocsp[0].nonceSz;
@ -4295,7 +4296,8 @@ int TLSX_CSR2_InitRequests(TLSX* extensions, DecodedCert* cert, byte isPeer,
int nonceSz = csr2->request.ocsp[0].nonceSz; int nonceSz = csr2->request.ocsp[0].nonceSz;
/* preserve nonce, replicating nonce of ocsp[0] */ /* preserve nonce, replicating nonce of ocsp[0] */
XMEMCPY(nonce, csr2->request.ocsp[0].nonce, nonceSz); XMEMCPY(nonce, csr2->request.ocsp[0].nonce,
(size_t)nonceSz);
if ((ret = InitOcspRequest( if ((ret = InitOcspRequest(
&csr2->request.ocsp[csr2->requests], cert, &csr2->request.ocsp[csr2->requests], cert,
@ -4304,7 +4306,7 @@ int TLSX_CSR2_InitRequests(TLSX* extensions, DecodedCert* cert, byte isPeer,
/* restore nonce */ /* restore nonce */
XMEMCPY(csr2->request.ocsp[csr2->requests].nonce, XMEMCPY(csr2->request.ocsp[csr2->requests].nonce,
nonce, nonceSz); nonce, (size_t)nonceSz);
csr2->request.ocsp[csr2->requests].nonceSz = nonceSz; csr2->request.ocsp[csr2->requests].nonceSz = nonceSz;
csr2->requests++; csr2->requests++;
} }

12
src/tls13.c
View File

@ -1024,7 +1024,7 @@ int Tls13_Exporter(WOLFSSL* ssl, unsigned char *out, size_t outLen,
ret = Tls13HKDFExpandLabel(ssl, firstExpand, hashLen, ret = Tls13HKDFExpandLabel(ssl, firstExpand, hashLen,
ssl->arrays->exporterSecret, hashLen, ssl->arrays->exporterSecret, hashLen,
protocol, protocolLen, (byte*)label, (word32)labelLen, protocol, protocolLen, (byte*)label, (word32)labelLen,
emptyHash, hashLen, hashType); emptyHash, hashLen, (int)hashType);
if (ret != 0) if (ret != 0)
return ret; return ret;
@ -1035,7 +1035,7 @@ int Tls13_Exporter(WOLFSSL* ssl, unsigned char *out, size_t outLen,
ret = Tls13HKDFExpandLabel(ssl, out, (word32)outLen, firstExpand, hashLen, ret = Tls13HKDFExpandLabel(ssl, out, (word32)outLen, firstExpand, hashLen,
protocol, protocolLen, exporterLabel, EXPORTER_LABEL_SZ, protocol, protocolLen, exporterLabel, EXPORTER_LABEL_SZ,
hashOut, hashLen, hashType); hashOut, hashLen, (int)hashType);
return ret; return ret;
} }
@ -7439,7 +7439,7 @@ int SendTls13ServerHello(WOLFSSL* ssl, byte extMsgType)
/* replace the last 8 bytes of server random with the accept */ /* replace the last 8 bytes of server random with the accept */
if (((WOLFSSL_ECH*)echX->data)->state == ECH_PARSED_INTERNAL) { if (((WOLFSSL_ECH*)echX->data)->state == ECH_PARSED_INTERNAL) {
ret = EchWriteAcceptance(ssl, output + RECORD_HEADER_SZ, ret = EchWriteAcceptance(ssl, output + RECORD_HEADER_SZ,
serverRandomOffset - RECORD_HEADER_SZ, (int)serverRandomOffset - RECORD_HEADER_SZ,
sendSz - RECORD_HEADER_SZ); sendSz - RECORD_HEADER_SZ);
/* remove ech so we don't keep sending it in write */ /* remove ech so we don't keep sending it in write */
@ -8470,7 +8470,7 @@ static word32 NextCert(byte* data, word32 length, word32* idx)
* offset index offset * offset index offset
* returns Total number of bytes written. * returns Total number of bytes written.
*/ */
static word32 WriteCSRToBuffer(WOLFSSL* ssl, DerBuffer** certExts, static int WriteCSRToBuffer(WOLFSSL* ssl, DerBuffer** certExts,
word16* extSz, word16 extSz_num) word16* extSz, word16 extSz_num)
{ {
int ret = 0; int ret = 0;
@ -8488,7 +8488,7 @@ static word32 WriteCSRToBuffer(WOLFSSL* ssl, DerBuffer** certExts,
if (csr) { if (csr) {
for (extIdx = 0; extIdx < (word16)(extSz_num); extIdx++) { for (extIdx = 0; extIdx < (word16)(extSz_num); extIdx++) {
tmpSz = TLSX_CSR_GetSize_ex(csr, 0, extIdx); tmpSz = TLSX_CSR_GetSize_ex(csr, 0, (int)extIdx);
if (tmpSz > (OPAQUE8_LEN + OPAQUE24_LEN) && if (tmpSz > (OPAQUE8_LEN + OPAQUE24_LEN) &&
certExts[extIdx] == NULL) { certExts[extIdx] == NULL) {
@ -8523,7 +8523,7 @@ static word32 WriteCSRToBuffer(WOLFSSL* ssl, DerBuffer** certExts,
/* chain cert empty extension size */ /* chain cert empty extension size */
totalSz += OPAQUE16_LEN * extSz_num; totalSz += OPAQUE16_LEN * extSz_num;
} }
return totalSz; return (int)totalSz;
} }
#endif /* HAVE_CERTIFICATE_STATUS_REQUEST */ #endif /* HAVE_CERTIFICATE_STATUS_REQUEST */
/* Add certificate data and empty extension to output up to the fragment size. /* Add certificate data and empty extension to output up to the fragment size.

3
src/wolfio.c
View File

@ -1493,7 +1493,8 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
sin = (SOCKADDR_IN *)&addr; sin = (SOCKADDR_IN *)&addr;
sin->sin_family = AF_INET; sin->sin_family = AF_INET;
sin->sin_port = XHTONS(port); sin->sin_port = XHTONS(port);
XMEMCPY(&sin->sin_addr.s_addr, entry->h_addr_list[0], entry->h_length); XMEMCPY(&sin->sin_addr.s_addr, entry->h_addr_list[0],
(size_t)entry->h_length);
#endif #endif
} }

8
tests/api.c
View File

@ -542,7 +542,7 @@ static int wolfssl_bio_s_fixed_mem_write(WOLFSSL_BIO* bio, const char* data,
if (bio->wrSz - bio->wrIdx < len) { if (bio->wrSz - bio->wrIdx < len) {
len = bio->wrSz - bio->wrIdx; len = bio->wrSz - bio->wrIdx;
} }
XMEMCPY(bio->ptr.mem_buf_data + bio->wrIdx, data, len); XMEMCPY(bio->ptr.mem_buf_data + bio->wrIdx, data, (size_t)len);
bio->wrIdx += len; bio->wrIdx += len;
} }
@ -558,7 +558,7 @@ static int wolfssl_bio_s_fixed_mem_read(WOLFSSL_BIO* bio, char* data, int len)
if (bio->wrSz - bio->rdIdx < len) { if (bio->wrSz - bio->rdIdx < len) {
len = bio->wrSz - bio->rdIdx; len = bio->wrSz - bio->rdIdx;
} }
XMEMCPY(data, bio->ptr.mem_buf_data + bio->rdIdx, len); XMEMCPY(data, bio->ptr.mem_buf_data + bio->rdIdx, (size_t)len);
bio->rdIdx += len; bio->rdIdx += len;
} }
@ -2320,7 +2320,7 @@ static int test_wolfSSL_CTX_load_verify_locations(void)
/* Get cert cache size */ /* Get cert cache size */
ExpectIntGT(cacheSz = wolfSSL_CTX_get_cert_cache_memsize(ctx), 0); ExpectIntGT(cacheSz = wolfSSL_CTX_get_cert_cache_memsize(ctx), 0);
ExpectNotNull(cache = (byte*)XMALLOC(cacheSz, NULL, ExpectNotNull(cache = (byte*)XMALLOC((size_t)cacheSz, NULL,
DYNAMIC_TYPE_TMP_BUFFER)); DYNAMIC_TYPE_TMP_BUFFER));
ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(NULL, NULL, -1, NULL), ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(NULL, NULL, -1, NULL),
@ -3114,7 +3114,7 @@ static int test_wolfSSL_CertManagerNameConstraint(void)
WOLFSSL_FILETYPE_ASN1)); WOLFSSL_FILETYPE_ASN1));
ExpectNotNull(pt = (byte*)wolfSSL_X509_get_tbs(x509, &derSz)); ExpectNotNull(pt = (byte*)wolfSSL_X509_get_tbs(x509, &derSz));
if (EXPECT_SUCCESS() && (der != NULL)) { if (EXPECT_SUCCESS() && (der != NULL)) {
XMEMCPY(der, pt, derSz); XMEMCPY(der, pt, (size_t)derSz);
/* find the name constraint extension and alter it */ /* find the name constraint extension and alter it */
pt = der; pt = der;

2
tests/quic.c
View File

@ -606,7 +606,7 @@ static int ctx_send_alert(WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level, uint8_t
if (ctx->verbose) { if (ctx->verbose) {
printf("[%s] send_alert: level=%d, err=%d\n", ctx->name, level, err); printf("[%s] send_alert: level=%d, err=%d\n", ctx->name, level, err);
} }
ctx->alert_level = level; ctx->alert_level = (int)level;
ctx->alert = alert; ctx->alert = alert;
return 1; return 1;
} }

6
wolfcrypt/src/cmac.c
View File

@ -212,7 +212,7 @@ int wc_CmacUpdate(Cmac* cmac, const byte* in, word32 inSz)
#endif #endif
{ {
ret = wc_CryptoCb_Cmac(cmac, NULL, 0, in, inSz, ret = wc_CryptoCb_Cmac(cmac, NULL, 0, in, inSz,
NULL, NULL, cmac->type, NULL); NULL, NULL, (int)cmac->type, NULL);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret; return ret;
/* fall-through when unavailable */ /* fall-through when unavailable */
@ -294,8 +294,8 @@ int wc_CmacFinalNoFree(Cmac* cmac, byte* out, word32* outSz)
if (cmac->devId != INVALID_DEVID) if (cmac->devId != INVALID_DEVID)
#endif #endif
{ {
ret = wc_CryptoCb_Cmac(cmac, NULL, 0, NULL, 0, out, outSz, cmac->type, ret = wc_CryptoCb_Cmac(cmac, NULL, 0, NULL, 0, out, outSz,
NULL); (int)cmac->type, NULL);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret; return ret;

2
wolfcrypt/src/ecc.c
View File

@ -7520,7 +7520,7 @@ static int _HMAC_K(byte* K, word32 KSz, byte* V, word32 VSz,
ret = init = wc_HmacInit(&hmac, heap, INVALID_DEVID); ret = init = wc_HmacInit(&hmac, heap, INVALID_DEVID);
if (ret == 0) if (ret == 0)
ret = wc_HmacSetKey(&hmac, hashType, K, KSz); ret = wc_HmacSetKey(&hmac, (int)hashType, K, KSz);
if (ret == 0) if (ret == 0)
ret = wc_HmacUpdate(&hmac, V, VSz); ret = wc_HmacUpdate(&hmac, V, VSz);

17
wolfcrypt/src/evp.c
View File

@ -2633,7 +2633,7 @@ int wolfSSL_EVP_PKEY_derive(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *key, size_
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
if (ctx->pkey->hkdfMode == WOLFSSL_EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND) { if (ctx->pkey->hkdfMode == WOLFSSL_EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND) {
if (wc_HKDF(hkdfHashType, ctx->pkey->hkdfKey, ctx->pkey->hkdfKeySz, if (wc_HKDF((int)hkdfHashType, ctx->pkey->hkdfKey, ctx->pkey->hkdfKeySz,
ctx->pkey->hkdfSalt, ctx->pkey->hkdfSaltSz, ctx->pkey->hkdfSalt, ctx->pkey->hkdfSaltSz,
ctx->pkey->hkdfInfo, ctx->pkey->hkdfInfoSz, key, ctx->pkey->hkdfInfo, ctx->pkey->hkdfInfoSz, key,
(word32)*keylen) != 0) { (word32)*keylen) != 0) {
@ -2642,7 +2642,7 @@ int wolfSSL_EVP_PKEY_derive(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *key, size_
} }
} }
else if (ctx->pkey->hkdfMode == WOLFSSL_EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY) { else if (ctx->pkey->hkdfMode == WOLFSSL_EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY) {
if (wc_HKDF_Extract(hkdfHashType, ctx->pkey->hkdfSalt, if (wc_HKDF_Extract((int)hkdfHashType, ctx->pkey->hkdfSalt,
ctx->pkey->hkdfSaltSz, ctx->pkey->hkdfKey, ctx->pkey->hkdfSaltSz, ctx->pkey->hkdfKey,
ctx->pkey->hkdfKeySz, key) != 0) { ctx->pkey->hkdfKeySz, key) != 0) {
WOLFSSL_MSG("wc_HKDF_Extract failed."); WOLFSSL_MSG("wc_HKDF_Extract failed.");
@ -2659,7 +2659,7 @@ int wolfSSL_EVP_PKEY_derive(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *key, size_
} }
} }
else if (ctx->pkey->hkdfMode == WOLFSSL_EVP_PKEY_HKDEF_MODE_EXPAND_ONLY) { else if (ctx->pkey->hkdfMode == WOLFSSL_EVP_PKEY_HKDEF_MODE_EXPAND_ONLY) {
if (wc_HKDF_Expand(hkdfHashType, ctx->pkey->hkdfKey, if (wc_HKDF_Expand((int)hkdfHashType, ctx->pkey->hkdfKey,
ctx->pkey->hkdfKeySz, ctx->pkey->hkdfInfo, ctx->pkey->hkdfKeySz, ctx->pkey->hkdfInfo,
ctx->pkey->hkdfInfoSz, key, ctx->pkey->hkdfInfoSz, key,
(word32)*keylen) != 0) { (word32)*keylen) != 0) {
@ -4863,6 +4863,7 @@ int wolfSSL_PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
{ {
const char *nostring = ""; const char *nostring = "";
int ret = 0; int ret = 0;
enum wc_HashType pbkdf2HashType;
if (pass == NULL) { if (pass == NULL) {
passlen = 0; passlen = 0;
@ -4871,8 +4872,10 @@ int wolfSSL_PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
passlen = (int)XSTRLEN(pass); passlen = (int)XSTRLEN(pass);
} }
pbkdf2HashType = EvpMd2MacType(digest);
ret = wc_PBKDF2((byte*)out, (byte*)pass, passlen, (byte*)salt, saltlen, ret = wc_PBKDF2((byte*)out, (byte*)pass, passlen, (byte*)salt, saltlen,
iter, keylen, EvpMd2MacType(digest)); iter, keylen, pbkdf2HashType);
if (ret == 0) if (ret == 0)
return WOLFSSL_SUCCESS; return WOLFSSL_SUCCESS;
else else
@ -6295,14 +6298,16 @@ void wolfSSL_EVP_init(void)
case WC_AES_256_OFB_TYPE: case WC_AES_256_OFB_TYPE:
#endif #endif
wc_AesFree(&ctx->cipher.aes); wc_AesFree(&ctx->cipher.aes);
ctx->flags &= ~WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED; ctx->flags &=
(unsigned long)~WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
break; break;
#if defined(WOLFSSL_AES_XTS) && \ #if defined(WOLFSSL_AES_XTS) && \
(!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
case WC_AES_128_XTS_TYPE: case WC_AES_128_XTS_TYPE:
case WC_AES_256_XTS_TYPE: case WC_AES_256_XTS_TYPE:
wc_AesXtsFree(&ctx->cipher.xts); wc_AesXtsFree(&ctx->cipher.xts);
ctx->flags &= ~WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED; ctx->flags &=
(unsigned long)~WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
break; break;
#endif #endif
#endif /* AES */ #endif /* AES */

2
wolfcrypt/src/kdf.c
View File

@ -814,7 +814,7 @@ int wc_SSH_KDF(byte hashId, byte keyId, byte* key, word32 keySz,
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
ret = wc_HmacSizeByType(enmhashId); ret = wc_HmacSizeByType((int)enmhashId);
if (ret <= 0) { if (ret <= 0) {
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }

16
wolfcrypt/src/logging.c
View File

@ -904,7 +904,7 @@ unsigned long wc_PeekErrorNodeLineData(const char **file, int *line,
* Get the error value at the HEAD of the ERR queue or 0 if the queue * Get the error value at the HEAD of the ERR queue or 0 if the queue
* is empty. The HEAD entry is removed by this call. * is empty. The HEAD entry is removed by this call.
*/ */
unsigned long wc_GetErrorNodeErr(void) int wc_GetErrorNodeErr(void)
{ {
int ret; int ret;
@ -923,7 +923,7 @@ unsigned long wc_GetErrorNodeErr(void)
wc_ClearErrorNodes(); wc_ClearErrorNodes();
} }
} }
return (unsigned long)ret; return ret;
} }
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
@ -1171,7 +1171,7 @@ int wc_AddErrorNode(int error, int line, char* buf, char* file)
sz = WOLFSSL_MAX_ERROR_SZ - 1; sz = WOLFSSL_MAX_ERROR_SZ - 1;
} }
if (sz > 0) { if (sz > 0) {
XMEMCPY(err->error, buf, sz); XMEMCPY(err->error, buf, (size_t)sz);
} }
sz = (int)XSTRLEN(file); sz = (int)XSTRLEN(file);
@ -1179,7 +1179,7 @@ int wc_AddErrorNode(int error, int line, char* buf, char* file)
sz = WOLFSSL_MAX_ERROR_SZ - 1; sz = WOLFSSL_MAX_ERROR_SZ - 1;
} }
if (sz > 0) { if (sz > 0) {
XMEMCPY(err->file, file, sz); XMEMCPY(err->file, file, (size_t)sz);
} }
err->value = error; err->value = error;
@ -1420,7 +1420,7 @@ unsigned long wc_PeekErrorNodeLineData(const char **file, int *line,
} }
} }
unsigned long wc_GetErrorNodeErr(void) int wc_GetErrorNodeErr(void)
{ {
int ret; int ret;
@ -1428,7 +1428,7 @@ unsigned long wc_GetErrorNodeErr(void)
if (ERRQ_LOCK() != 0) { if (ERRQ_LOCK() != 0) {
WOLFSSL_MSG("Lock debug mutex failed"); WOLFSSL_MSG("Lock debug mutex failed");
return (unsigned long)(0 - BAD_MUTEX_E); return (0 - BAD_MUTEX_E);
} }
ret = pullErrorNode(NULL, NULL, NULL); ret = pullErrorNode(NULL, NULL, NULL);
@ -1595,10 +1595,10 @@ unsigned long wc_PeekErrorNodeLineData(const char **file, int *line,
return (unsigned long)(0 - NOT_COMPILED_IN); return (unsigned long)(0 - NOT_COMPILED_IN);
} }
unsigned long wc_GetErrorNodeErr(void) int wc_GetErrorNodeErr(void)
{ {
WOLFSSL_ENTER("wc_GetErrorNodeErr"); WOLFSSL_ENTER("wc_GetErrorNodeErr");
return (unsigned long)(0 - NOT_COMPILED_IN); return (0 - NOT_COMPILED_IN);
} }
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)

40
wolfcrypt/test/test.c
View File

@ -857,7 +857,7 @@ static void render_error_message(const char* msg, wc_test_ret_t es)
#else #else
err_sys_printf("%s error L=%d code=%d (%s)\n", msg, err_sys_printf("%s error L=%d code=%d (%s)\n", msg,
WC_TEST_RET_DEC_LN(es), -WC_TEST_RET_DEC_I(es), WC_TEST_RET_DEC_LN(es), -WC_TEST_RET_DEC_I(es),
wolfSSL_ERR_reason_error_string(-WC_TEST_RET_DEC_I(es)) wolfSSL_ERR_reason_error_string((unsigned long)-WC_TEST_RET_DEC_I(es))
); );
#endif #endif
break; break;
@ -9466,7 +9466,7 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
return MEMORY_E; return MEMORY_E;
#endif #endif
cipher = (byte*)XMALLOC(plainSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); cipher = (byte*)XMALLOC((size_t)plainSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (cipher == NULL) { if (cipher == NULL) {
ret = WC_TEST_RET_ENC_ERRNO; ret = WC_TEST_RET_ENC_ERRNO;
goto EVP_TEST_END; goto EVP_TEST_END;
@ -9492,7 +9492,7 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
} }
cipherSz += idx; cipherSz += idx;
if (XMEMCMP(cipher, expected, plainSz)) { if (XMEMCMP(cipher, expected, (size_t)plainSz)) {
ret = WC_TEST_RET_ENC_NC; ret = WC_TEST_RET_ENC_NC;
goto EVP_TEST_END; goto EVP_TEST_END;
} }
@ -9526,7 +9526,7 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
} }
cipherSz += idx; cipherSz += idx;
if ((expectedSz != cipherSz) || XMEMCMP(plain, cipher, plainSz)) { if ((expectedSz != cipherSz) || XMEMCMP(plain, cipher, (size_t)plainSz)) {
ret = WC_TEST_RET_ENC_NC; ret = WC_TEST_RET_ENC_NC;
goto EVP_TEST_END; goto EVP_TEST_END;
} }
@ -11471,9 +11471,11 @@ static wc_test_ret_t aes_xts_128_test(void)
for (k = 0; k < j; k += WC_AES_BLOCK_SIZE) { for (k = 0; k < j; k += WC_AES_BLOCK_SIZE) {
if ((j - k) < WC_AES_BLOCK_SIZE*2) if ((j - k) < WC_AES_BLOCK_SIZE*2)
ret = wc_AesXtsEncryptFinal(aes, large_input + k, large_input + k, j - k, &stream); ret = wc_AesXtsEncryptFinal(aes, large_input + k,
large_input + k, (word32)(j - k), &stream);
else else
ret = wc_AesXtsEncryptUpdate(aes, large_input + k, large_input + k, WC_AES_BLOCK_SIZE, &stream); ret = wc_AesXtsEncryptUpdate(aes, large_input + k,
large_input + k, WC_AES_BLOCK_SIZE, &stream);
#if defined(WOLFSSL_ASYNC_CRYPT) #if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
#endif #endif
@ -11533,9 +11535,11 @@ static wc_test_ret_t aes_xts_128_test(void)
for (k = 0; k < j; k += WC_AES_BLOCK_SIZE) { for (k = 0; k < j; k += WC_AES_BLOCK_SIZE) {
if ((j - k) < WC_AES_BLOCK_SIZE*2) if ((j - k) < WC_AES_BLOCK_SIZE*2)
ret = wc_AesXtsDecryptFinal(aes, large_input + k, large_input + k, j - k, &stream); ret = wc_AesXtsDecryptFinal(aes, large_input + k,
large_input + k, (word32)(j - k), &stream);
else else
ret = wc_AesXtsDecryptUpdate(aes, large_input + k, large_input + k, WC_AES_BLOCK_SIZE, &stream); ret = wc_AesXtsDecryptUpdate(aes, large_input + k,
large_input + k, WC_AES_BLOCK_SIZE, &stream);
#if defined(WOLFSSL_ASYNC_CRYPT) #if defined(WOLFSSL_ASYNC_CRYPT)
#ifdef WC_AES_XTS_SUPPORT_SIMULTANEOUS_ENC_AND_DEC_KEYS #ifdef WC_AES_XTS_SUPPORT_SIMULTANEOUS_ENC_AND_DEC_KEYS
ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev,
@ -12122,7 +12126,7 @@ static wc_test_ret_t aes_xts_192_test(void)
ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_ENCRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_ENCRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsEncrypt(aes, large_input, large_input, j, i1, ret = wc_AesXtsEncrypt(aes, large_input, large_input, (word32)j, i1,
sizeof(i1)); sizeof(i1));
#if defined(WOLFSSL_ASYNC_CRYPT) #if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
@ -12133,7 +12137,7 @@ static wc_test_ret_t aes_xts_192_test(void)
ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_DECRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_DECRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsDecrypt(aes, large_input, large_input, j, i1, ret = wc_AesXtsDecrypt(aes, large_input, large_input, (word32)j, i1,
sizeof(i1)); sizeof(i1));
#if defined(WOLFSSL_ASYNC_CRYPT) #if defined(WOLFSSL_ASYNC_CRYPT)
#ifdef WC_AES_XTS_SUPPORT_SIMULTANEOUS_ENC_AND_DEC_KEYS #ifdef WC_AES_XTS_SUPPORT_SIMULTANEOUS_ENC_AND_DEC_KEYS
@ -12171,9 +12175,11 @@ static wc_test_ret_t aes_xts_192_test(void)
for (k = 0; k < j; k += WC_AES_BLOCK_SIZE) { for (k = 0; k < j; k += WC_AES_BLOCK_SIZE) {
if ((j - k) < WC_AES_BLOCK_SIZE*2) if ((j - k) < WC_AES_BLOCK_SIZE*2)
ret = wc_AesXtsEncryptFinal(aes, large_input + k, large_input + k, j - k, &stream); ret = wc_AesXtsEncryptFinal(aes, large_input + k,
large_input + k, (word32)(j - k), &stream);
else else
ret = wc_AesXtsEncryptUpdate(aes, large_input + k, large_input + k, WC_AES_BLOCK_SIZE, &stream); ret = wc_AesXtsEncryptUpdate(aes, large_input + k,
large_input + k, WC_AES_BLOCK_SIZE, &stream);
#if defined(WOLFSSL_ASYNC_CRYPT) #if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
#endif #endif
@ -12233,9 +12239,11 @@ static wc_test_ret_t aes_xts_192_test(void)
for (k = 0; k < j; k += WC_AES_BLOCK_SIZE) { for (k = 0; k < j; k += WC_AES_BLOCK_SIZE) {
if ((j - k) < WC_AES_BLOCK_SIZE*2) if ((j - k) < WC_AES_BLOCK_SIZE*2)
ret = wc_AesXtsDecryptFinal(aes, large_input + k, large_input + k, j - k, &stream); ret = wc_AesXtsDecryptFinal(aes, large_input + k,
large_input + k, (word32)(j - k), &stream);
else else
ret = wc_AesXtsDecryptUpdate(aes, large_input + k, large_input + k, WC_AES_BLOCK_SIZE, &stream); ret = wc_AesXtsDecryptUpdate(aes, large_input + k,
large_input + k, WC_AES_BLOCK_SIZE, &stream);
#if defined(WOLFSSL_ASYNC_CRYPT) #if defined(WOLFSSL_ASYNC_CRYPT)
#ifdef WC_AES_XTS_SUPPORT_SIMULTANEOUS_ENC_AND_DEC_KEYS #ifdef WC_AES_XTS_SUPPORT_SIMULTANEOUS_ENC_AND_DEC_KEYS
ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev, ret = wc_AsyncWait(ret, &aes->aes_decrypt.asyncDev,
@ -12578,7 +12586,7 @@ static wc_test_ret_t aes_xts_256_test(void)
ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_ENCRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_ENCRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsEncrypt(aes, large_input, large_input, j, i1, ret = wc_AesXtsEncrypt(aes, large_input, large_input, (word32)j, i1,
sizeof(i1)); sizeof(i1));
#if defined(WOLFSSL_ASYNC_CRYPT) #if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE); ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
@ -12589,7 +12597,7 @@ static wc_test_ret_t aes_xts_256_test(void)
ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_DECRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_DECRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsDecrypt(aes, large_input, large_input, j, i1, ret = wc_AesXtsDecrypt(aes, large_input, large_input, (word32)j, i1,
sizeof(i1)); sizeof(i1));
#if defined(WOLFSSL_ASYNC_CRYPT) #if defined(WOLFSSL_ASYNC_CRYPT)
#ifdef WC_AES_XTS_SUPPORT_SIMULTANEOUS_ENC_AND_DEC_KEYS #ifdef WC_AES_XTS_SUPPORT_SIMULTANEOUS_ENC_AND_DEC_KEYS

2
wolfssl/wolfcrypt/logging.h
View File

@ -135,7 +135,7 @@ WOLFSSL_API void wolfSSL_SetLoggingPrefix(const char* prefix);
WOLFSSL_LOCAL unsigned long wc_PeekErrorNodeLineData( WOLFSSL_LOCAL unsigned long wc_PeekErrorNodeLineData(
const char **file, int *line, const char **data, int *flags, const char **file, int *line, const char **data, int *flags,
int (*ignore_err)(int err)); int (*ignore_err)(int err));
WOLFSSL_LOCAL unsigned long wc_GetErrorNodeErr(void); WOLFSSL_LOCAL int wc_GetErrorNodeErr(void);
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
WOLFSSL_API void wc_ERR_print_errors_fp(XFILE fp); WOLFSSL_API void wc_ERR_print_errors_fp(XFILE fp);
WOLFSSL_API void wc_ERR_print_errors_cb(int (*cb)(const char *str, WOLFSSL_API void wc_ERR_print_errors_cb(int (*cb)(const char *str,