WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

more fixes for implicit casts, including asn=template.

pull/6284/head
Daniel Pouzzner 2023-04-10 17:11:20 -05:00
parent ee50d95b0b
commit ed11669f3c
14 changed files with 513 additions and 488 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
wolfcrypt/benchmark/benchmark.c
View File

@ -500,19 +500,19 @@
*/
static int bench_all = 1;
/* Cipher algorithms to benchmark. */
static int bench_cipher_algs = 0;
static word32 bench_cipher_algs = 0;
/* Digest algorithms to benchmark. */
static int bench_digest_algs = 0;
static word32 bench_digest_algs = 0;
/* MAC algorithms to benchmark. */
static int bench_mac_algs = 0;
static word32 bench_mac_algs = 0;
/* Asymmetric algorithms to benchmark. */
static int bench_asym_algs = 0;
static word32 bench_asym_algs = 0;
/* Post-Quantum Asymmetric algorithms to benchmark. */
static int bench_pq_asym_algs = 0;
static word32 bench_pq_asym_algs = 0;
/* Post-Quantum Asymmetric algorithms to benchmark. (Part 2)*/
static int bench_pq_asym_algs2 = 0;
static word32 bench_pq_asym_algs2 = 0;
/* Other cryptographic algorithms to benchmark. */
static int bench_other_algs = 0;
static word32 bench_other_algs = 0;
#if !defined(WOLFSSL_BENCHMARK_ALL) && !defined(NO_MAIN_DRIVER)
@ -907,10 +907,10 @@ static const char* bench_desc_words[][15] = {
#define SHOW_INTEL_CYCLES(b, n, s) \
(void)XSNPRINTF((b) + XSTRLEN(b), (n) - XSTRLEN(b), " %s = %6.2f\n", \
bench_result_words1[lng_index][2], \
count == 0 ? 0 : (float)total_cycles / ((word64)count*(s)))
count == 0 ? 0 : (double)total_cycles / ((word64)count*(s)))
#define SHOW_INTEL_CYCLES_CSV(b, n, s) \
(void)XSNPRINTF((b) + XSTRLEN(b), (n) - XSTRLEN(b), "%.6f,\n", \
count == 0 ? 0 : (float)total_cycles / ((word64)count*(s)))
count == 0 ? 0 : (double)total_cycles / ((word64)count*(s)))
#elif defined(LINUX_CYCLE_COUNT)
#include <linux/perf_event.h>
#include <sys/syscall.h>
@ -1323,15 +1323,15 @@ static const char* bench_result_words2[][5] = {
while(options) {
if (options & AAD_SIZE_DEFAULT) {
aesAuthAddSz = AES_AUTH_ADD_SZ;
options &= ~AAD_SIZE_DEFAULT;
options &= ~(word32)AAD_SIZE_DEFAULT;
}
else if (options & AAD_SIZE_ZERO) {
aesAuthAddSz = 0;
options &= ~AAD_SIZE_ZERO;
options &= ~(word32)AAD_SIZE_ZERO;
}
else if (options & AAD_SIZE_CUSTOM) {
aesAuthAddSz = aes_aad_size;
options &= ~AAD_SIZE_CUSTOM;
options &= ~(word32)AAD_SIZE_CUSTOM;
}
fn(i);
aesAuthAddSz = aesAuthAddSz_orig;
@ -1754,7 +1754,7 @@ static const char* get_blocktype_base10(double* blocks)
/* countSz is number of bytes that 1 count represents. Normally bench_size,
* except for AES direct that operates on AES_BLOCK_SIZE blocks */
static void bench_stats_sym_finish(const char* desc, int useDeviceID,
int count, int countSz,
int count, word32 countSz,
double start, int ret)
{
double total, persec = 0, blocks = (double)count;
@ -1880,7 +1880,7 @@ static void bench_stats_sym_finish(const char* desc, int useDeviceID,
ESP_LOGV(TAG, "finish total_cycles = %llu", total_cycles);
/* implement other cycle counters here */
#else
SHOW_INTEL_CYCLES_CSV(msg, sizeof(msg), countSz);
SHOW_INTEL_CYCLES_CSV(msg, sizeof(msg), (unsigned)countSz);
#endif
} /* if (csv_format == 1) */
@ -1913,7 +1913,7 @@ static void bench_stats_sym_finish(const char* desc, int useDeviceID,
/* implement other architecture cycle counters here */
#else
SHOW_INTEL_CYCLES(msg, sizeof(msg), countSz);
SHOW_INTEL_CYCLES(msg, sizeof(msg), (unsigned)countSz);
#endif
} /* not CSV format */
@ -3658,7 +3658,7 @@ static void bench_aesecb_internal(int useDeviceID,
bench_stats_start(&count, &start);
do {
int outer_loop_limit = ((bench_size / benchSz) * 10) + 1;
int outer_loop_limit = (((int)bench_size / benchSz) * 10) + 1;
for (times = 0;
times < outer_loop_limit /* numBlocks */ || pending > 0;
) {
@ -3700,7 +3700,7 @@ exit_aes_enc:
bench_stats_start(&count, &start);
do {
int outer_loop_limit = (10 * (bench_size / benchSz)) + 1;
int outer_loop_limit = (10 * ((int)bench_size / benchSz)) + 1;
for (times = 0; times < outer_loop_limit || pending > 0; ) {
bench_async_poll(&pending);
@ -5835,7 +5835,7 @@ void bench_blake2s(void)
#ifdef WOLFSSL_CMAC
static void bench_cmac_helper(int keySz, const char* outMsg, int useDeviceID)
static void bench_cmac_helper(word32 keySz, const char* outMsg, int useDeviceID)
{
Cmac cmac;
byte digest[AES_BLOCK_SIZE];
@ -6180,7 +6180,7 @@ void bench_siphash(void)
#ifndef NO_RSA
#if defined(WOLFSSL_KEY_GEN)
static void bench_rsaKeyGen_helper(int useDeviceID, int keySz)
static void bench_rsaKeyGen_helper(int useDeviceID, word32 keySz)
{
RsaKey genKey[BENCH_MAX_PENDING];
double start;
@ -6207,7 +6207,7 @@ static void bench_rsaKeyGen_helper(int useDeviceID, int keySz)
goto exit;
}
ret = wc_MakeRsaKey(&genKey[i], keySz, rsa_e_val, &gRng);
ret = wc_MakeRsaKey(&genKey[i], (int)keySz, rsa_e_val, &gRng);
if (!bench_async_handle(&ret,
BENCH_ASYNC_GET_DEV(&genKey[i]), 0,
&times, &pending)) {
@ -6219,7 +6219,7 @@ static void bench_rsaKeyGen_helper(int useDeviceID, int keySz)
count += times;
} while (bench_stats_check(start));
exit:
bench_stats_asym_finish("RSA", keySz, desc[2], useDeviceID, count,
bench_stats_asym_finish("RSA", (int)keySz, desc[2], useDeviceID, count,
start, ret);
/* cleanup */
@ -6232,19 +6232,18 @@ void bench_rsaKeyGen(int useDeviceID)
{
int k;
#if !defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)
const int keySizes[2] = {1024, 2048};
static const word32 keySizes[2] = {1024, 2048};
#else
const int keySizes[1] = {2048};
static const word32 keySizes[1] = {2048};
#endif
for (k = 0; k < (int)(sizeof(keySizes)/sizeof(int)); k++) {
int keySz = keySizes[k];
bench_rsaKeyGen_helper(useDeviceID, keySz);
bench_rsaKeyGen_helper(useDeviceID, keySizes[k]);
}
}
void bench_rsaKeyGen_size(int useDeviceID, int keySz)
void bench_rsaKeyGen_size(int useDeviceID, word32 keySz)
{
bench_rsaKeyGen_helper(useDeviceID, keySz);
}
@ -6358,7 +6357,7 @@ static unsigned char rsa_3072_sig[] = {
#endif /* WOLFSSL_RSA_VERIFY_INLINE || WOLFSSL_RSA_PUBLIC_ONLY */
static void bench_rsa_helper(int useDeviceID, RsaKey rsaKey[BENCH_MAX_PENDING],
int rsaKeySz)
word32 rsaKeySz)
{
int ret = 0, i, times, count = 0, pending = 0;
word32 idx = 0;
@ -6437,7 +6436,7 @@ static void bench_rsa_helper(int useDeviceID, RsaKey rsaKey[BENCH_MAX_PENDING],
count += times;
} while (bench_stats_check(start));
exit_rsa_verify:
bench_stats_asym_finish("RSA", rsaKeySz, desc[0],
bench_stats_asym_finish("RSA", (int)rsaKeySz, desc[0],
useDeviceID, count, start, ret);
#endif /* !WOLFSSL_RSA_VERIFY_ONLY */
@ -6473,7 +6472,7 @@ exit_rsa_verify:
count += times;
} while (bench_stats_check(start));
exit_rsa_pub:
bench_stats_asym_finish("RSA", rsaKeySz, desc[1],
bench_stats_asym_finish("RSA", (int)rsaKeySz, desc[1],
useDeviceID, count, start, ret);
#endif /* !WOLFSSL_RSA_PUBLIC_ONLY */
}
@ -6503,7 +6502,7 @@ exit_rsa_pub:
count += times;
} while (bench_stats_check(start));
exit_rsa_sign:
bench_stats_asym_finish("RSA", rsaKeySz, desc[4], useDeviceID,
bench_stats_asym_finish("RSA", (int)rsaKeySz, desc[4], useDeviceID,
count, start, ret);
if (ret < 0) {
@ -6560,7 +6559,7 @@ exit_rsa_sign:
} while (bench_stats_check(start));
exit_rsa_verifyinline:
bench_stats_asym_finish("RSA", rsaKeySz, desc[5],
bench_stats_asym_finish("RSA", (int)rsaKeySz, desc[5],
useDeviceID, count, start, ret);
}
@ -6580,7 +6579,7 @@ void bench_rsa(int useDeviceID)
int i;
RsaKey rsaKey[BENCH_MAX_PENDING];
int ret = 0;
int rsaKeySz = 0;
word32 rsaKeySz = 0;
const byte* tmp;
size_t bytes;
#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) && !defined(WOLFSSL_RSA_VERIFY_ONLY)
@ -6675,7 +6674,7 @@ exit_bench_rsa:
#ifdef WOLFSSL_KEY_GEN
/* bench any size of RSA key */
void bench_rsa_key(int useDeviceID, int rsaKeySz)
void bench_rsa_key(int useDeviceID, word32 rsaKeySz)
{
int ret = 0, i, pending = 0;
RsaKey rsaKey[BENCH_MAX_PENDING];
@ -6706,7 +6705,7 @@ void bench_rsa_key(int useDeviceID, int rsaKeySz)
}
/* create the RSA key */
ret = wc_MakeRsaKey(&rsaKey[i], rsaKeySz, exp, &gRng);
ret = wc_MakeRsaKey(&rsaKey[i], (int)rsaKeySz, exp, &gRng);
if (ret == WC_PENDING_E) {
isPending[i] = 1;
pending = 1;
@ -7495,7 +7494,7 @@ void bench_eccEncrypt(int curveId)
goto exit;
for (i = 0; i < (int)sizeof(msg); i++)
msg[i] = i;
msg[i] = (byte)i;
bench_stats_start(&count, &start);
do {
@ -8931,12 +8930,12 @@ void bench_sphincsKeySign(byte level, byte optim)
#endif /* HAVE_GET_CYCLES */
void benchmark_configure(int block_size)
void benchmark_configure(word32 block_size)
{
/* must be greater than 0 */
if (block_size > 0) {
numBlocks = numBlocks * bench_size / block_size;
bench_size = (word32)block_size;
numBlocks = (int)((word32)numBlocks * bench_size / block_size);
bench_size = block_size;
}
}
@ -9065,8 +9064,7 @@ static void Usage(void)
*/
static int string_matches(const char* arg, const char* str)
{
int len = (int)XSTRLEN(str) + 1;
return XSTRNCMP(arg, str, len) == 0;
return XSTRCMP(arg, str) == 0;
}
#endif /* MAIN_NO_ARGS */
@ -9156,7 +9154,7 @@ int wolfcrypt_benchmark_main(int argc, char** argv)
argc--;
argv++;
if (argc > 1) {
aes_aad_size = XATOI(argv[1]);
aes_aad_size = (word32)XATOI(argv[1]);
aes_aad_options |= AAD_SIZE_CUSTOM;
}
}
@ -9298,7 +9296,7 @@ int wolfcrypt_benchmark_main(int argc, char** argv)
}
else {
/* parse for block size */
benchmark_configure(XATOI(argv[1]));
benchmark_configure((word32)XATOI(argv[1]));
}
argc--;
argv++;

6
wolfcrypt/benchmark/benchmark.h
View File

@ -43,7 +43,7 @@ int wolfcrypt_benchmark_main(int argc, char** argv);
/* individual benchmarks */
int benchmark_init(void);
int benchmark_free(void);
void benchmark_configure(int block_size);
void benchmark_configure(word32 block_size);
void bench_des(int useDeviceID);
void bench_arc4(int useDeviceID);
@ -92,9 +92,9 @@ void bench_hmac_sha384(int useDeviceID);
void bench_hmac_sha512(int useDeviceID);
void bench_siphash(void);
void bench_rsaKeyGen(int useDeviceID);
void bench_rsaKeyGen_size(int useDeviceID, int keySz);
void bench_rsaKeyGen_size(int useDeviceID, word32 keySz);
void bench_rsa(int useDeviceID);
void bench_rsa_key(int useDeviceID, int keySz);
void bench_rsa_key(int useDeviceID, word32 keySz);
void bench_dh(int useDeviceID);
void bench_kyber(int type);
void bench_ecc_curve(int curveId);

594
wolfcrypt/src/asn.c
View File

File diff suppressed because it is too large Load Diff

126
wolfcrypt/src/ecc.c
View File

@ -228,8 +228,8 @@ ECC Curve Sizes:
#define MAX_ECC_BITS_USE MAX_ECC_BITS_NEEDED
#endif
#define ECC_KEY_MAX_BITS(key) \
(((key == NULL) || (key->dp == NULL)) ? MAX_ECC_BITS_USE \
: (key->dp->size * 8))
((((key) == NULL) || ((key)->dp == NULL)) ? MAX_ECC_BITS_USE \
: (unsigned)((key)->dp->size * 8))
/* forward declarations */
static int wc_ecc_new_point_ex(ecc_point** point, void* heap);
@ -3040,7 +3040,7 @@ static int ecc_mulmod(const mp_int* k, ecc_point* P, ecc_point* Q,
}
#else
/* Swap R[0] and R[1] if other index is needed. */
swap ^= b;
swap ^= (int)b;
if (err == MP_OKAY)
err = mp_cond_swap_ct(R[0]->x, R[1]->x, (int)modulus->used, swap);
if (err == MP_OKAY)
@ -4650,7 +4650,7 @@ static int wc_ecc_shared_secret_gen_sync(ecc_key* private_key, ecc_point* point,
}
if (err == MP_OKAY) {
XMEMSET(out, 0, x);
XMEMSET(out, 0, (size_t)x);
err = mp_to_unsigned_bin(result->x, out +
(x - mp_unsigned_bin_size(result->x)));
}
@ -5870,7 +5870,7 @@ int wc_ecc_init_id(ecc_key* key, unsigned char* id, int len, void* heap,
if (ret == 0)
ret = wc_ecc_init_ex(key, heap, devId);
if (ret == 0 && id != NULL && len != 0) {
XMEMCPY(key->id, id, len);
XMEMCPY(key->id, id, (size_t)len);
key->idLen = len;
#ifdef WOLFSSL_SE050
/* Set SE050 ID from word32, populate ecc_key with public from SE050 */
@ -5900,7 +5900,7 @@ int wc_ecc_init_label(ecc_key* key, const char* label, void* heap, int devId)
if (ret == 0)
ret = wc_ecc_init_ex(key, heap, devId);
if (ret == 0) {
XMEMCPY(key->label, label, labelLen);
XMEMCPY(key->label, label, (size_t)labelLen);
key->labelLen = labelLen;
}
@ -7133,7 +7133,7 @@ int wc_ecc_gen_deterministic_k(const byte* hash, word32 hashSz,
#endif
VSz = KSz = hashSz;
qLen = xSz = h1len = mp_unsigned_bin_size(order);
qLen = xSz = h1len = (word32)mp_unsigned_bin_size(order);
/* 3.2 b. Set V = 0x01 0x01 ... */
XMEMSET(V, 0x01, VSz);
@ -7142,7 +7142,7 @@ int wc_ecc_gen_deterministic_k(const byte* hash, word32 hashSz,
XMEMSET(K, 0x00, KSz);
mp_init(z1); /* always init z1 and free z1 */
ret = mp_to_unsigned_bin_len(priv, x, qLen);
ret = mp_to_unsigned_bin_len(priv, x, (int)qLen);
if (ret == 0) {
#ifdef WOLFSSL_CHECK_MEM_ZERO
wc_MemZero_Add("wc_ecc_gen_deterministic_k x", x, qLen);
@ -7176,7 +7176,7 @@ int wc_ecc_gen_deterministic_k(const byte* hash, word32 hashSz,
#endif
{
/* use original hash and keep leading 0's */
mp_to_unsigned_bin_len(z1, h1, h1len);
mp_to_unsigned_bin_len(z1, h1, (int)h1len);
}
}
mp_free(z1);
@ -7224,9 +7224,9 @@ int wc_ecc_gen_deterministic_k(const byte* hash, word32 hashSz,
if (ret == 0) {
int sz;
sz = MIN(qLen - xSz, VSz);
XMEMCPY(x + xSz, V, sz);
xSz += sz;
sz = (int)MIN(qLen - xSz, (size_t)VSz);
XMEMCPY(x + xSz, V, (size_t)sz);
xSz += (word32)sz;
}
else {
break; /* error case */
@ -7241,7 +7241,7 @@ int wc_ecc_gen_deterministic_k(const byte* hash, word32 hashSz,
if ((ret == 0) && ((int)(xSz * WOLFSSL_BIT_SIZE) != qbits)) {
/* handle odd case where shift of 'k' is needed with RFC 6979
* k = bits2int(T) in section 3.2 h.3 */
mp_rshb(k, (xSz * WOLFSSL_BIT_SIZE) - qbits);
mp_rshb(k, ((int)xSz * WOLFSSL_BIT_SIZE) - qbits);
}
/* 3.2 step h.3 the key should be smaller than the order of base
@ -7297,7 +7297,7 @@ int wc_ecc_set_deterministic(ecc_key* key, byte flag)
return BAD_FUNC_ARG;
}
key->deterministic = flag;
key->deterministic = flag ? 1 : 0;
return 0;
}
#endif /* end sign_ex and deterministic sign */
@ -8110,6 +8110,8 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
}
#endif /* !NO_ASN */
#ifndef WOLF_CRYPTO_CB_ONLY_ECC
#if !defined(WOLFSSL_STM32_PKA) && !defined(WOLFSSL_PSOC6_CRYPTO) && \
!defined(WOLF_CRYPTO_CB_ONLY_ECC)
static int wc_ecc_check_r_s_range(ecc_key* key, mp_int* r, mp_int* s)
@ -8142,7 +8144,6 @@ static int wc_ecc_check_r_s_range(ecc_key* key, mp_int* r, mp_int* s)
}
#endif /* !WOLFSSL_STM32_PKA && !WOLFSSL_PSOC6_CRYPTO */
#ifndef WOLF_CRYPTO_CB_ONLY_ECC
static int ecc_verify_hash_sp(mp_int *r, mp_int *s, const byte* hash,
word32 hashlen, int* res, ecc_key* key)
{
@ -8333,7 +8334,7 @@ static int ecc_verify_hash(mp_int *r, mp_int *s, const byte* hash,
/* read hash */
if (err == MP_OKAY) {
/* we may need to truncate if hash is longer than key size */
unsigned int orderBits = mp_count_bits(curve->order);
unsigned int orderBits = (unsigned int)mp_count_bits(curve->order);
/* truncate down to byte size, may be all that's needed */
if ( (WOLFSSL_BIT_SIZE * hashlen) > orderBits)
@ -8830,9 +8831,9 @@ int wc_ecc_import_point_der_ex(const byte* in, word32 inLen,
/* calculate key size based on inLen / 2 if uncompressed or shortKeySize
* is true */
#ifdef HAVE_COMP_KEY
keysize = compressed && !shortKeySize ? inLen : inLen>>1;
keysize = (int)((compressed && !shortKeySize) ? inLen : inLen>>1);
#else
keysize = inLen>>1;
keysize = (int)(inLen>>1);
#endif
/* read data */
@ -9109,7 +9110,7 @@ int wc_ecc_export_point_der_compressed(const int curve_idx, ecc_point* point,
if ((curve_idx < 0) || (wc_ecc_is_valid_idx(curve_idx) == 0))
return ECC_BAD_ARG_E;
numlen = ecc_sets[curve_idx].size;
numlen = (word32)ecc_sets[curve_idx].size;
output_len = 1 + numlen; /* y point type + x */
/* return length needed only */
@ -9145,7 +9146,7 @@ int wc_ecc_export_point_der_compressed(const int curve_idx, ecc_point* point,
/* pad and store x */
XMEMSET(buf, 0, ECC_BUFSIZE);
ret = mp_to_unsigned_bin(point->x, buf +
(numlen - mp_unsigned_bin_size(point->x)));
(numlen - (word32)mp_unsigned_bin_size(point->x)));
if (ret != MP_OKAY)
goto done;
XMEMCPY(out+1, buf, numlen);
@ -10049,7 +10050,7 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
#endif
/* determine key size */
keysize = (inLen>>1);
keysize = (int)(inLen>>1);
err = wc_ecc_set_curve(key, keysize, curve_id);
key->type = ECC_PUBLICKEY;
}
@ -11078,7 +11079,7 @@ static int ecc_public_key_size(ecc_key* key, word32* sz)
return BAD_FUNC_ARG;
/* 'Uncompressed' | x | y */
*sz = 1 + 2 * key->dp->size;
*sz = 1 + 2 * (word32)key->dp->size;
return 0;
}
@ -11725,8 +11726,7 @@ static const struct {
/* find a hole and free as required, return -1 if no hole found */
static int find_hole(void)
{
unsigned x;
int y, z;
int x, y, z;
for (z = -1, y = INT_MAX, x = 0; x < FP_ENTRIES; x++) {
if (fp_cache[x].lru_count < y && fp_cache[x].lock == 0) {
z = x;
@ -11746,7 +11746,7 @@ static int find_hole(void)
mp_clear(&fp_cache[z].mu);
wc_ecc_del_point(fp_cache[z].g);
fp_cache[z].g = NULL;
for (x = 0; x < (1U<<FP_LUT); x++) {
for (x = 0; x < (1<<FP_LUT); x++) {
wc_ecc_del_point(fp_cache[z].LUT[x]);
fp_cache[z].LUT[x] = NULL;
}
@ -11852,7 +11852,7 @@ static int build_lut(int idx, mp_int* a, mp_int* modulus, mp_digit mp,
}
/* get bitlen and round up to next multiple of FP_LUT */
bitlen = mp_unsigned_bin_size(modulus) << 3;
bitlen = (unsigned)mp_unsigned_bin_size(modulus) << 3;
x = bitlen % FP_LUT;
if (x) {
bitlen += FP_LUT - x;
@ -12027,7 +12027,7 @@ static int accel_fp_mul(int idx, const mp_int* k, ecc_point *R, mp_int* a,
/* if it's smaller than modulus we fine */
if (mp_unsigned_bin_size(k) > mp_unsigned_bin_size(modulus)) {
/* find order */
y = mp_unsigned_bin_size(modulus);
y = (unsigned)mp_unsigned_bin_size(modulus);
for (x = 0; ecc_sets[x].size; x++) {
if (y <= (unsigned)ecc_sets[x].size) break;
}
@ -12049,10 +12049,10 @@ static int accel_fp_mul(int idx, const mp_int* k, ecc_point *R, mp_int* a,
}
/* get bitlen and round up to next multiple of FP_LUT */
bitlen = mp_unsigned_bin_size(modulus) << 3;
bitlen = (unsigned)mp_unsigned_bin_size(modulus) << 3;
x = bitlen % FP_LUT;
if (x) {
bitlen += FP_LUT - x;
bitlen += FP_LUT - (unsigned)x;
}
lut_gap = bitlen / FP_LUT;
@ -12076,7 +12076,7 @@ static int accel_fp_mul(int idx, const mp_int* k, ecc_point *R, mp_int* a,
#endif
/* let's reverse kb so it's little endian */
x = 0;
y = mp_unsigned_bin_size(tk);
y = (unsigned)mp_unsigned_bin_size(tk);
if (y > 0) {
y -= 1;
}
@ -12088,10 +12088,10 @@ static int accel_fp_mul(int idx, const mp_int* k, ecc_point *R, mp_int* a,
/* at this point we can start, yipee */
first = 1;
for (x = lut_gap-1; x >= 0; x--) {
for (x = (int)lut_gap-1; x >= 0; x--) {
/* extract FP_LUT bits from kb spread out by lut_gap bits and offset
by x bits from the start */
bitpos = x;
bitpos = (unsigned)x;
for (y = z = 0; y < FP_LUT; y++) {
z |= ((kb[bitpos>>3] >> (bitpos&7)) & 1) << y;
bitpos += lut_gap; /* it's y*lut_gap + x, but here we can avoid
@ -12206,7 +12206,7 @@ static int accel_fp_mul2add(int idx1, int idx2,
/* if it's smaller than modulus we fine */
if (mp_unsigned_bin_size(kA) > mp_unsigned_bin_size(modulus)) {
/* find order */
y = mp_unsigned_bin_size(modulus);
y = (unsigned)mp_unsigned_bin_size(modulus);
for (x = 0; ecc_sets[x].size; x++) {
if (y <= (unsigned)ecc_sets[x].size) break;
}
@ -12241,7 +12241,7 @@ static int accel_fp_mul2add(int idx1, int idx2,
/* if it's smaller than modulus we fine */
if (mp_unsigned_bin_size(kB) > mp_unsigned_bin_size(modulus)) {
/* find order */
y = mp_unsigned_bin_size(modulus);
y = (unsigned)mp_unsigned_bin_size(modulus);
for (x = 0; ecc_sets[x].size; x++) {
if (y <= (unsigned)ecc_sets[x].size) break;
}
@ -12274,10 +12274,10 @@ static int accel_fp_mul2add(int idx1, int idx2,
#endif
/* get bitlen and round up to next multiple of FP_LUT */
bitlen = mp_unsigned_bin_size(modulus) << 3;
bitlen = (unsigned)mp_unsigned_bin_size(modulus) << 3;
x = bitlen % FP_LUT;
if (x) {
bitlen += FP_LUT - x;
bitlen += FP_LUT - (unsigned)x;
}
lut_gap = bitlen / FP_LUT;
@ -12305,7 +12305,7 @@ static int accel_fp_mul2add(int idx1, int idx2,
/* let's reverse kb so it's little endian */
x = 0;
y = mp_unsigned_bin_size(tka);
y = (unsigned)mp_unsigned_bin_size(tka);
if (y > 0) {
y -= 1;
}
@ -12329,7 +12329,7 @@ static int accel_fp_mul2add(int idx1, int idx2,
#endif
if ((err = mp_to_unsigned_bin(tkb, kb[1])) == MP_OKAY) {
x = 0;
y = mp_unsigned_bin_size(tkb);
y = (unsigned)mp_unsigned_bin_size(tkb);
if (y > 0) {
y -= 1;
}
@ -12341,10 +12341,10 @@ static int accel_fp_mul2add(int idx1, int idx2,
/* at this point we can start, yipee */
first = 1;
for (x = lut_gap-1; x >= 0; x--) {
for (x = (int)lut_gap-1; x >= 0; x--) {
/* extract FP_LUT bits from kb spread out by lut_gap bits and
offset by x bits from the start */
bitpos = x;
bitpos = (unsigned)x;
for (y = zA = zB = 0; y < FP_LUT; y++) {
zA |= ((kb[0][bitpos>>3] >> (bitpos&7)) & 1) << y;
zB |= ((kb[1][bitpos>>3] >> (bitpos&7)) & 1) << y;
@ -13100,7 +13100,7 @@ int wc_ecc_ctx_set_info(ecEncCtx* ctx, const byte* info, int sz)
return BAD_FUNC_ARG;
ctx->kdfInfo = info;
ctx->kdfInfoSz = sz;
ctx->kdfInfoSz = (word32)sz;
return 0;
}
@ -13137,9 +13137,9 @@ int wc_ecc_ctx_set_peer_salt(ecEncCtx* ctx, const byte* salt)
/* mix half and half */
/* tmp stores 2nd half of client before overwrite */
XMEMCPY(tmp, ctx->clientSalt + halfSz, halfSz);
XMEMCPY(ctx->clientSalt + halfSz, ctx->serverSalt, halfSz);
XMEMCPY(ctx->serverSalt, tmp, halfSz);
XMEMCPY(tmp, ctx->clientSalt + halfSz, (size_t)halfSz);
XMEMCPY(ctx->clientSalt + halfSz, ctx->serverSalt, (size_t)halfSz);
XMEMCPY(ctx->serverSalt, tmp, (size_t)halfSz);
ctx->kdfSalt = ctx->clientSalt;
ctx->kdfSaltSz = EXCHANGE_SALT_SZ;
@ -13325,9 +13325,9 @@ static int ecc_get_key_sizes(ecEncCtx* ctx, int* encKeySz, int* ivSz,
return BAD_FUNC_ARG;
#ifdef WOLFSSL_ECIES_OLD
*keysLen = *encKeySz + *ivSz + *digestSz;
*keysLen = *encKeySz + *ivSz + (int)*digestSz;
#else
*keysLen = *encKeySz + *digestSz;
*keysLen = *encKeySz + (int)*digestSz;
#endif
return 0;
@ -13392,10 +13392,10 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
#ifndef WOLFSSL_ECIES_OLD
if (!compressed) {
pubKeySz = 1 + wc_ecc_size(privKey) * 2;
pubKeySz = 1 + (word32)wc_ecc_size(privKey) * 2;
}
else {
pubKeySz = 1 + wc_ecc_size(privKey);
pubKeySz = 1 + (word32)wc_ecc_size(privKey);
}
#else
(void) compressed; /* avoid unused parameter if WOLFSSL_ECIES_OLD is defined */
@ -13496,7 +13496,7 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
case ecHKDF_SHA256 :
ret = wc_HKDF(WC_SHA256, sharedSecret, sharedSz, ctx->kdfSalt,
ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz,
keys, keysLen);
keys, (word32)keysLen);
break;
default:
@ -13517,7 +13517,7 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
macKey = encKey + encKeySz;
ret = wc_RNG_GenerateBlock(privKey->rng, encIv, ivSz);
#else
XMEMSET(iv, 0, ivSz);
XMEMSET(iv, 0, (size_t)ivSz);
encKey = keys + offset;
encIv = iv;
macKey = encKey + encKeySz;
@ -13542,7 +13542,7 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
#endif
ret = wc_AesInit(aes, NULL, INVALID_DEVID);
if (ret == 0) {
ret = wc_AesSetKey(aes, encKey, encKeySz, encIv,
ret = wc_AesSetKey(aes, encKey, (word32)encKeySz, encIv,
AES_ENCRYPTION);
if (ret == 0) {
ret = wc_AesCbcEncrypt(aes, out, msg, msgSz);
@ -13585,7 +13585,7 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
ret = wc_AesInit(aes, NULL, INVALID_DEVID);
if (ret == 0) {
ret = wc_AesSetKey(aes, encKey, encKeySz, ctr_iv,
ret = wc_AesSetKey(aes, encKey, (word32)encKeySz, ctr_iv,
AES_ENCRYPTION);
if (ret == 0) {
ret = wc_AesCtrEncrypt(aes, out, msg, msgSz);
@ -13891,7 +13891,7 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
case ecHKDF_SHA256 :
ret = wc_HKDF(WC_SHA256, sharedSecret, sharedSz, ctx->kdfSalt,
ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz,
keys, keysLen);
keys, (word32)keysLen);
break;
default:
@ -13912,7 +13912,7 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
msgSz -= ivSz;
macKey = encKey + encKeySz;
#else
XMEMSET(iv, 0, ivSz);
XMEMSET(iv, 0, (size_t)ivSz);
encKey = keys + offset;
encIv = iv;
macKey = encKey + encKeySz;
@ -13985,7 +13985,7 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
#endif
ret = wc_AesInit(aes, NULL, INVALID_DEVID);
if (ret == 0) {
ret = wc_AesSetKey(aes, encKey, encKeySz, encIv,
ret = wc_AesSetKey(aes, encKey, (word32)encKeySz, encIv,
AES_DECRYPTION);
if (ret == 0) {
ret = wc_AesCbcDecrypt(aes, out, msg, msgSz-digestSz);
@ -14024,7 +14024,7 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
XMEMCPY(ctr_iv, encIv, WOLFSSL_ECIES_GEN_IV_SIZE);
XMEMSET(ctr_iv + WOLFSSL_ECIES_GEN_IV_SIZE, 0,
AES_BLOCK_SIZE - WOLFSSL_ECIES_GEN_IV_SIZE);
ret = wc_AesSetKey(aes, encKey, encKeySz, ctr_iv,
ret = wc_AesSetKey(aes, encKey, (word32)encKeySz, ctr_iv,
AES_ENCRYPTION);
if (ret == 0) {
ret = wc_AesCtrEncrypt(aes, out, msg, msgSz-digestSz);
@ -14529,7 +14529,7 @@ static int wc_ecc_export_x963_compressed(ecc_key* key, byte* out, word32* outLen
return ECC_BAD_ARG_E;
}
numlen = key->dp->size;
numlen = (word32)key->dp->size;
if (*outLen < (1 + numlen)) {
*outLen = 1 + numlen;
@ -14548,7 +14548,7 @@ static int wc_ecc_export_x963_compressed(ecc_key* key, byte* out, word32* outLen
/* pad and store x */
XMEMSET(out+1, 0, numlen);
ret = mp_to_unsigned_bin(key->pubkey.x,
out+1 + (numlen - mp_unsigned_bin_size(key->pubkey.x)));
out+1 + (numlen - (word32)mp_unsigned_bin_size(key->pubkey.x)));
*outLen = 1 + numlen;
return ret;
@ -14636,8 +14636,7 @@ int wc_X963_KDF(enum wc_HashType type, const byte* secret, word32 secretSz,
const byte* sinfo, word32 sinfoSz, byte* out, word32 outSz)
{
int ret;
int digestSz, copySz;
int remaining = outSz;
word32 digestSz, copySz, remaining = outSz;
byte* outIdx;
byte counter[4];
byte tmp[WC_MAX_DIGEST_SIZE];
@ -14657,9 +14656,10 @@ int wc_X963_KDF(enum wc_HashType type, const byte* secret, word32 secretSz,
type != WC_HASH_TYPE_SHA512)
return BAD_FUNC_ARG;
digestSz = wc_HashGetDigestSize(type);
if (digestSz < 0)
return digestSz;
ret = wc_HashGetDigestSize(type);
if (ret < 0)
return ret;
digestSz = (word32)ret;
#ifdef WOLFSSL_SMALL_STACK
hash = (wc_HashAlg*)XMALLOC(sizeof(wc_HashAlg), NULL,

29
wolfcrypt/src/hmac.c
View File

@ -340,7 +340,7 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
#ifdef WOLF_CRYPTO_CB
hmac->keyRaw = key; /* use buffer directly */
hmac->keyLen = length;
hmac->keyLen = (word16)length;
#endif
#ifdef WOLFSSL_MAXQ108X
@ -1055,7 +1055,7 @@ int wc_HmacInit_Id(Hmac* hmac, unsigned char* id, int len, void* heap,
if (ret == 0)
ret = wc_HmacInit(hmac, heap, devId);
if (ret == 0) {
XMEMCPY(hmac->id, id, len);
XMEMCPY(hmac->id, id, (size_t)len);
hmac->idLen = len;
}
@ -1078,7 +1078,7 @@ int wc_HmacInit_Label(Hmac* hmac, const char* label, void* heap, int devId)
if (ret == 0)
ret = wc_HmacInit(hmac, heap, devId);
if (ret == 0) {
XMEMCPY(hmac->label, label, labelLen);
XMEMCPY(hmac->label, label, (size_t)labelLen);
hmac->labelLen = labelLen;
}
@ -1199,7 +1199,7 @@ int wolfSSL_GetHmacMaxSize(void)
#endif
int ret;
const byte* localSalt; /* either points to user input or tmp */
int hashSz;
word32 hashSz;
ret = wc_HmacSizeByType(type);
if (ret < 0) {
@ -1213,7 +1213,7 @@ int wolfSSL_GetHmacMaxSize(void)
}
#endif
hashSz = ret;
hashSz = (word32)ret;
localSalt = salt;
if (localSalt == NULL) {
XMEMSET(tmp, 0, hashSz);
@ -1259,9 +1259,15 @@ int wolfSSL_GetHmacMaxSize(void)
#endif
int ret = 0;
word32 outIdx = 0;
word32 hashSz = wc_HmacSizeByType(type);
word32 hashSz;
byte n = 0x1;
ret = wc_HmacSizeByType(type);
if (ret < 0) {
return ret;
}
hashSz = (word32)ret;
/* RFC 5869 states that the length of output keying material in
* octets must be L <= 255*HashLen or N = ceil(L/HashLen) */
@ -1285,7 +1291,7 @@ int wolfSSL_GetHmacMaxSize(void)
}
while (outIdx < outSz) {
int tmpSz = (n == 1) ? 0 : hashSz;
word32 tmpSz = (n == 1) ? 0 : hashSz;
word32 left = outSz - outIdx;
ret = wc_HmacSetKey(myHmac, type, inKey, inKeySz);
@ -1338,11 +1344,14 @@ int wolfSSL_GetHmacMaxSize(void)
byte* out, word32 outSz)
{
byte prk[WC_MAX_DIGEST_SIZE];
int hashSz = wc_HmacSizeByType(type);
word32 hashSz;
int ret;
if (hashSz < 0)
return BAD_FUNC_ARG;
ret = wc_HmacSizeByType(type);
if (ret < 0) {
return ret;
}
hashSz = (word32)ret;
ret = wc_HKDF_Extract(type, salt, saltSz, inKey, inKeySz, prk);
if (ret != 0)

15
wolfcrypt/src/kdf.c
View File

@ -351,11 +351,11 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen,
* digest The type of digest to use.
* returns 0 on success, otherwise failure.
*/
int wc_Tls13_HKDF_Extract(byte* prk, const byte* salt, int saltLen,
byte* ikm, int ikmLen, int digest)
int wc_Tls13_HKDF_Extract(byte* prk, const byte* salt, word32 saltLen,
byte* ikm, word32 ikmLen, int digest)
{
int ret;
int len = 0;
word32 len = 0;
switch (digest) {
#ifndef NO_SHA256
@ -425,7 +425,7 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen,
int digest)
{
int ret = 0;
int idx = 0;
word32 idx = 0;
#ifdef WOLFSSL_SMALL_STACK
byte* data;
#else
@ -755,7 +755,7 @@ int wc_SSH_KDF(byte hashId, byte keyId, byte* key, word32 keySz,
byte kPad = 0;
byte pad = 0;
byte kSzFlat[LENGTH_SZ];
int digestSz;
word32 digestSz;
int ret;
if (key == NULL || keySz == 0 ||
@ -766,10 +766,11 @@ int wc_SSH_KDF(byte hashId, byte keyId, byte* key, word32 keySz,
return BAD_FUNC_ARG;
}
digestSz = wc_HmacSizeByType(enmhashId);
if (digestSz <= 0) {
ret = wc_HmacSizeByType(enmhashId);
if (ret <= 0) {
return BAD_FUNC_ARG;
}
digestSz = (word32)ret;
if (k[0] & 0x80) kPad = 1;
c32toa(kSz + kPad, kSzFlat);

9
wolfcrypt/src/misc.c
View File

@ -330,7 +330,7 @@ WC_MISC_STATIC WC_INLINE void ForceZero(void* mem, word32 len)
len -= l;
while (l--) *z++ = 0;
#endif
for (w = (volatile word64*)z; len >= sizeof(*w); len -= sizeof(*w))
for (w = (volatile word64*)z; len >= sizeof(*w); len -= (word32)sizeof(*w))
*w++ = 0;
z = (volatile byte*)w;
#endif
@ -561,6 +561,13 @@ WC_MISC_STATIC WC_INLINE int ctMaskSelInt(byte m, int a, int b)
(a & ( (signed int)(signed char)m));
}
/* Constant time - select word32 a when mask is set and word32 b otherwise. */
WC_MISC_STATIC WC_INLINE word32 ctMaskSelWord32(byte m, word32 a, word32 b)
{
return (((word32)b & (word32)(~(signed int)(signed char)m)) |
((word32)a & (word32)( (signed int)(signed char)m)));
}
/* Constant time - bit set when a <= b. */
WC_MISC_STATIC WC_INLINE byte ctSetLTE(int a, int b)
{

12
wolfcrypt/src/random.c
View File

@ -370,8 +370,8 @@ static int Hash_df(DRBG_internal* drbg, byte* out, word32 outSz, byte type,
{
int ret = DRBG_FAILURE;
byte ctr;
int i;
int len;
word32 i;
word32 len;
word32 bits = (outSz * 8); /* reverse byte order */
#ifdef WOLFSSL_SMALL_STACK_CACHE
wc_Sha256* sha = &drbg->sha256;
@ -537,8 +537,8 @@ static int Hash_gen(DRBG_internal* drbg, byte* out, word32 outSz, const byte* V)
byte data[DRBG_SEED_LEN];
byte digest[WC_SHA256_DIGEST_SIZE];
#endif
int i;
int len;
word32 i;
word32 len;
#ifdef WOLFSSL_SMALL_STACK_CACHE
wc_Sha256* sha = &drbg->sha256;
#else
@ -621,9 +621,9 @@ static WC_INLINE void array_add(byte* d, word32 dLen, const byte* s, word32 sLen
int sIdx, dIdx;
word16 carry = 0;
dIdx = dLen - 1;
dIdx = (int)dLen - 1;
for (sIdx = (int)sLen - 1; sIdx >= 0; sIdx--) {
carry += (word16)d[dIdx] + (word16)s[sIdx];
carry += (word16)(d[dIdx] + s[sIdx]);
d[dIdx] = (byte)carry;
carry >>= 8;
dIdx--;

77
wolfcrypt/src/rsa.c
View File

@ -373,7 +373,7 @@ int wc_InitRsaKey_Id(RsaKey* key, unsigned char* id, int len, void* heap,
if (ret == 0)
ret = wc_InitRsaKey_ex(key, heap, devId);
if (ret == 0 && id != NULL && len != 0) {
XMEMCPY(key->id, id, len);
XMEMCPY(key->id, id, (size_t)len);
key->idLen = len;
#ifdef WOLFSSL_SE050
/* Set SE050 ID from word32, populate RsaKey with public from SE050 */
@ -403,7 +403,7 @@ int wc_InitRsaKey_Label(RsaKey* key, const char* label, void* heap, int devId)
if (ret == 0)
ret = wc_InitRsaKey_ex(key, heap, devId);
if (ret == 0) {
XMEMCPY(key->label, label, labelLen);
XMEMCPY(key->label, label, (size_t)labelLen);
key->labelLen = labelLen;
}
@ -1141,7 +1141,7 @@ static int RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock,
void* heap)
{
int ret;
int hLen;
word32 hLen;
int psLen;
int i;
word32 idx;
@ -1163,10 +1163,11 @@ static int RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock,
}
/* limit of label is the same as limit of hash function which is massive */
hLen = wc_HashGetDigestSize(hType);
if (hLen < 0) {
return hLen;
ret = wc_HashGetDigestSize(hType);
if (ret < 0) {
return ret;
}
hLen = (word32)ret;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
lHash = (byte*)XMALLOC(hLen, heap, DYNAMIC_TYPE_RSA_BUFFER);
@ -1181,7 +1182,7 @@ static int RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock,
#else
/* hLen should never be larger than lHash since size is max digest size,
but check before blindly calling wc_Hash */
if ((word32)hLen > sizeof(lHash)) {
if (hLen > sizeof(lHash)) {
WOLFSSL_MSG("OAEP lHash to small for digest!!");
return MEMORY_E;
}
@ -1204,7 +1205,7 @@ static int RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock,
k = RSA key size
hLen = hash digest size -- will always be >= 0 at this point
*/
if ((word32)(2 * hLen + 2) > pkcsBlockLen) {
if ((2 * hLen + 2) > pkcsBlockLen) {
WOLFSSL_MSG("OAEP pad error hash to big for RSA key size");
#ifdef WOLFSSL_SMALL_STACK
XFREE(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER);
@ -1224,7 +1225,7 @@ static int RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock,
/* concatenate lHash || PS || 0x01 || msg */
idx = pkcsBlockLen - 1 - inputLen;
psLen = pkcsBlockLen - inputLen - 2 * hLen - 2;
psLen = (int)pkcsBlockLen - (int)inputLen - 2 * (int)hLen - 2;
if (pkcsBlockLen < inputLen) { /*make sure not writing over end of buffer */
#ifdef WOLFSSL_SMALL_STACK
XFREE(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER);
@ -1301,7 +1302,7 @@ static int RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock,
/* xor created seedMask with seed to make maskedSeed */
i = 0;
while (idx < (word32)(hLen + 1) && i < hLen) {
while (idx < (hLen + 1) && i < (int)hLen) {
pkcsBlock[idx] = pkcsBlock[idx] ^ seed[i++];
idx++;
}
@ -1635,7 +1636,7 @@ static int RsaUnPad_OAEP(byte *pkcsBlock, unsigned int pkcsBlockLen,
byte **output, enum wc_HashType hType, int mgf,
byte* optLabel, word32 labelLen, void* heap)
{
int hLen;
word32 hLen;
int ret;
byte h[WC_MAX_DIGEST_SIZE]; /* max digest size */
word32 idx;
@ -1653,10 +1654,11 @@ static int RsaUnPad_OAEP(byte *pkcsBlock, unsigned int pkcsBlockLen,
return BUFFER_E;
}
hLen = wc_HashGetDigestSize(hType);
if ((hLen < 0) || (pkcsBlockLen < (2 * (word32)hLen + 2))) {
ret = wc_HashGetDigestSize(hType);
if ((ret < 0) || (pkcsBlockLen < (2 * (word32)ret + 2))) {
return BAD_FUNC_ARG;
}
hLen = (word32)ret;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
tmp = (byte*)XMALLOC(pkcsBlockLen, heap, DYNAMIC_TYPE_RSA_BUFFER);
@ -1730,16 +1732,16 @@ static int RsaUnPad_OAEP(byte *pkcsBlock, unsigned int pkcsBlockLen,
these checks.
*/
ret = 0;
ret |= ConstantCompare(pkcsBlock + hLen + 1, h, hLen);
ret |= ConstantCompare(pkcsBlock + hLen + 1, h, (int)hLen);
ret += pkcsBlock[idx++] ^ 0x01; /* separator value is 0x01 */
ret += pkcsBlock[0] ^ 0x00; /* Y, the first value, should be 0 */
/* Return 0 data length on error. */
idx = ctMaskSelInt(ctMaskEq(ret, 0), idx, pkcsBlockLen);
idx = ctMaskSelWord32(ctMaskEq(ret, 0), idx, pkcsBlockLen);
/* adjust pointer to correct location in array and return size of M */
*output = (byte*)(pkcsBlock + idx);
return pkcsBlockLen - idx;
return (int)(pkcsBlockLen - idx);
}
#endif /* !WC_NO_RSA_OAEP */
@ -1916,7 +1918,7 @@ static int RsaUnPad(const byte *pkcsBlock, unsigned int pkcsBlockLen,
}
*output = (byte *)(pkcsBlock + i);
ret = pkcsBlockLen - i;
ret = (int)pkcsBlockLen - i;
}
#ifndef WOLFSSL_RSA_VERIFY_ONLY
else {
@ -1928,21 +1930,21 @@ static int RsaUnPad(const byte *pkcsBlock, unsigned int pkcsBlockLen,
/* Decrypted with private key - unpad must be constant time. */
for (j = 2; j < pkcsBlockLen; j++) {
/* Update i if not passed the separator and at separator. */
i |= (~pastSep) & ctMask16Eq(pkcsBlock[j], 0x00) & (j + 1);
i |= (word16)(~pastSep) & ctMask16Eq(pkcsBlock[j], 0x00) & (word16)(j + 1);
pastSep |= ctMask16Eq(pkcsBlock[j], 0x00);
}
/* Minimum of 11 bytes of pre-message data - including leading 0x00. */
invalid |= ctMaskLT(i, RSA_MIN_PAD_SZ);
/* Must have seen separator. */
invalid |= ~pastSep;
invalid |= (byte)~pastSep;
/* First byte must be 0x00. */
invalid |= ctMaskNotEq(pkcsBlock[0], 0x00);
/* Check against expected block type: padValue */
invalid |= ctMaskNotEq(pkcsBlock[1], padValue);
*output = (byte *)(pkcsBlock + i);
ret = ((int)-1 + (int)(invalid >> 7)) & (pkcsBlockLen - i);
ret = ((int)-1 + (int)(invalid >> 7)) & ((int)pkcsBlockLen - i);
}
#endif
@ -2782,7 +2784,7 @@ static int RsaFunctionSync(const byte* in, word32 inLen, byte* out,
}
if (ret == 0) {
if (mp_to_unsigned_bin_len(tmp, out, *outLen) != MP_OKAY)
if (mp_to_unsigned_bin_len(tmp, out, (int)*outLen) != MP_OKAY)
ret = MP_TO_E;
}
#else
@ -2803,11 +2805,14 @@ static int RsaFunctionSync(const byte* in, word32 inLen, byte* out,
static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
word32* outLen, int type, RsaKey* key, WC_RNG* rng)
{
#ifdef WOLFSSL_HAVE_SP_RSA
int ret;
#endif
word32 keyLen;
word32 keyLen = wc_RsaEncryptSize(key);
ret = wc_RsaEncryptSize(key);
if (ret < 0) {
return ret;
}
keyLen = (word32)ret;
if (inLen > keyLen) {
WOLFSSL_MSG("Expected that inLen be no longer RSA key length");
@ -3187,8 +3192,7 @@ static int wc_RsaFunction_ex(const byte* in, word32 inLen, byte* out,
#ifndef WOLF_CRYPTO_CB_ONLY_RSA
if (ret != CRYPTOCB_UNAVAILABLE)
return ret;
/* fall-through when unavailable */
ret = 0; /* reset error code and try using software */
/* fall-through when unavailable and try using software */
#else
return ret;
#endif
@ -3371,7 +3375,7 @@ static int RsaPublicEncryptEx(const byte* in, word32 inLen, byte* out,
#endif /* WOLFSSL_CRYPTOCELL */
key->state = RSA_STATE_ENCRYPT_PAD;
ret = wc_RsaPad_ex(in, inLen, out, sz, pad_value, rng, pad_type, hash,
ret = wc_RsaPad_ex(in, inLen, out, (word32)sz, pad_value, rng, pad_type, hash,
mgf, label, labelSz, saltLen, mp_count_bits(&key->n),
key->heap);
if (ret < 0) {
@ -3384,7 +3388,7 @@ static int RsaPublicEncryptEx(const byte* in, word32 inLen, byte* out,
case RSA_STATE_ENCRYPT_EXPTMOD:
key->dataLen = outLen;
ret = wc_RsaFunction(out, sz, out, &key->dataLen, rsa_type, key, rng);
ret = wc_RsaFunction(out, (word32)sz, out, &key->dataLen, rsa_type, key, rng);
if (ret >= 0 || ret == WC_PENDING_E) {
key->state = RSA_STATE_ENCRYPT_RES;
@ -3396,7 +3400,7 @@ static int RsaPublicEncryptEx(const byte* in, word32 inLen, byte* out,
FALL_THROUGH;
case RSA_STATE_ENCRYPT_RES:
ret = key->dataLen;
ret = (int)key->dataLen;
break;
default:
@ -3588,8 +3592,8 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
for (j = 0; j < key->dataLen; j++) {
signed char c;
out[i] = key->data[j];
c = ctMaskGTE(j, start);
c &= ctMaskLT(i, outLen);
c = (signed char)ctMaskGTE((int)j, start);
c &= (signed char)ctMaskLT((int)i, (int)outLen);
/* 0 - no add, -1 add */
i += (word32)((byte)(-c));
}
@ -3597,14 +3601,14 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
else
#endif
{
XMEMCPY(out, pad, ret);
XMEMCPY(out, pad, (size_t)ret);
}
}
else
*outPtr = pad;
#if !defined(WOLFSSL_RSA_VERIFY_ONLY)
ret = ctMaskSelInt(ctMaskLTE(ret, outLen), ret, RSA_BUFFER_E);
ret = ctMaskSelInt(ctMaskLTE(ret, (int)outLen), ret, RSA_BUFFER_E);
#ifndef WOLFSSL_RSA_DECRYPT_TO_0_LEN
ret = ctMaskSelInt(ctMaskNotEq(ret, 0), ret, RSA_BUFFER_E);
#endif
@ -4545,7 +4549,7 @@ static int _CheckProbablePrime(mp_int* p, mp_int* q, mp_int* e, int nlen,
/* 4.4,5.5 - Check that prime >= (2^(1/2))(2^((nlen/2)-1))
* This is a comparison against lowerBound */
ret = mp_read_unsigned_bin(tmp1, lower_bound, nlen/16);
ret = mp_read_unsigned_bin(tmp1, lower_bound, (word32)nlen/16);
if (ret != MP_OKAY) goto notOkay;
ret = mp_cmp(prime, tmp1);
if (ret == MP_LT) goto exit;
@ -4723,7 +4727,8 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
mp_int tmp2_buf, *tmp2 = &tmp2_buf;
mp_int tmp3_buf, *tmp3 = &tmp3_buf;
#endif /* WOLFSSL_SMALL_STACK */
int i, failCount, primeSz, isPrime = 0;
int i, failCount, isPrime = 0;
word32 primeSz;
byte* buf = NULL;
#endif /* !WOLFSSL_CRYPTOCELL && !WOLFSSL_SE050 */
int err;
@ -4826,7 +4831,7 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
/* The failCount value comes from NIST FIPS 186-4, section B.3.3,
* process steps 4.7 and 5.8. */
failCount = 5 * (size / 2);
primeSz = size / 16; /* size is the size of n in bits.
primeSz = (word32)size / 16; /* size is the size of n in bits.
primeSz is in bytes. */
/* allocate buffer to work with */

22
wolfcrypt/src/sp_int.c
View File

@ -245,7 +245,7 @@ do { \
int n##ii; \
(n)[0] = n##d; \
(n)[0]->size = (s); \
for (n##ii = 1; n##ii < (c); n##ii++) { \
for (n##ii = 1; n##ii < (int)(c); n##ii++) { \
(n)[n##ii] = MP_INT_NEXT((n)[n##ii-1], s); \
(n)[n##ii]->size = (s); \
} \
@ -5037,9 +5037,9 @@ int sp_cond_swap_ct(sp_int* a, sp_int* b, int cnt, int swap)
ALLOC_SP_INT(t, cnt, err, NULL);
if (err == MP_OKAY) {
/* XOR other fields in sp_int into temp - mask set when swapping. */
t->used = (a->used ^ b->used) & mask;
t->used = (a->used ^ b->used) & (unsigned int)mask;
#ifdef WOLFSSL_SP_INT_NEGATIVE
t->sign = (a->sign ^ b->sign) & mask;
t->sign = (a->sign ^ b->sign) & (unsigned int)mask;
#endif
/* XOR requested words into temp - mask set when swapping. */
@ -7749,7 +7749,7 @@ int sp_lshd(sp_int* a, int s)
/* Move up digits. */
XMEMMOVE(a->dp + s, a->dp, a->used * SP_WORD_SIZEOF);
/* Back fill with zeros. */
XMEMSET(a->dp, 0, s * SP_WORD_SIZEOF);
XMEMSET(a->dp, 0, (size_t)s * SP_WORD_SIZEOF);
/* Update used. */
a->used += (unsigned int)s;
/* Remove leading zeros. */
@ -8597,7 +8597,7 @@ static int _sp_mul(const sp_int* a, const sp_int* b, sp_int* r)
}
for (; k <= (a->used - 1) + (b->used - 1); k++) {
j = (int)(b->used - 1);
i = k - j;
i = k - (unsigned int)j;
for (; (i < a->used) && (j >= 0); i++, j--) {
SP_ASM_MUL_ADD(l, h, o, a->dp[i], b->dp[j]);
}
@ -13240,9 +13240,9 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
* - Montgomery form of base
*/
#ifndef WOLFSSL_SP_NO_MALLOC
ALLOC_DYN_SP_INT_ARRAY(t, m->used * 2 + 1, preCnt + 2, err, NULL);
ALLOC_DYN_SP_INT_ARRAY(t, m->used * 2 + 1, (size_t)preCnt + 2, err, NULL);
#else
ALLOC_SP_INT_ARRAY(t, m->used * 2 + 1, preCnt + 2, err, NULL);
ALLOC_SP_INT_ARRAY(t, m->used * 2 + 1, (size_t)preCnt + 2, err, NULL);
#endif
if (err == MP_OKAY) {
/* Set variables to use allocate memory. */
@ -13412,7 +13412,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
n <<= winBits;
c -= winBits;
}
y &= mask;
y &= (int)mask;
}
/* 4.5. Montgomery multiply result by table entry. */
@ -17751,7 +17751,7 @@ int sp_rand_prime(sp_int* r, int len, WC_RNG* rng, void* heap)
}
/* Get number of digits required to handle required number of bytes. */
digits = (len + SP_WORD_SIZEOF - 1) / SP_WORD_SIZEOF;
digits = ((unsigned int)len + SP_WORD_SIZEOF - 1) / SP_WORD_SIZEOF;
/* Ensure result has space. */
if (r->size < digits) {
err = MP_VAL;
@ -17812,7 +17812,7 @@ int sp_rand_prime(sp_int* r, int len, WC_RNG* rng, void* heap)
fflush(stdout);
#endif /* SHOW_GEN */
/* Generate bytes into digit array. */
err = wc_RNG_GenerateBlock(rng, (byte*)r->dp, len);
err = wc_RNG_GenerateBlock(rng, (byte*)r->dp, (word32)len);
if (err != 0) {
err = MP_VAL;
break;
@ -18379,7 +18379,7 @@ static WC_INLINE int _sp_gcd(const sp_int* a, const sp_int* b, sp_int* r)
/* Used for swapping sp_ints. */
sp_int* s;
/* Determine maximum digit length numbers will reach. */
int used = (a->used >= b->used) ? a->used + 1 : b->used + 1;
unsigned int used = (a->used >= b->used) ? a->used + 1 : b->used + 1;
DECL_SP_INT_ARRAY(d, used, 3);
SAVE_VECTOR_REGISTERS(err = _svr_ret;);

4
wolfcrypt/src/wolfmath.c
View File

@ -149,10 +149,10 @@ int mp_cond_copy(mp_int* a, int copy, mp_int* b)
for (; i < b->used; i++) {
b->dp[i] ^= (get_digit(a, (int)i) ^ get_digit(b, (int)i)) & mask;
}
b->used ^= (a->used ^ b->used) & (mp_digit)mask;
b->used ^= (a->used ^ b->used) & (unsigned int)mask;
#if (!defined(WOLFSSL_SP_MATH) && !defined(WOLFSSL_SP_MATH_ALL)) || \
defined(WOLFSSL_SP_INT_NEGATIVE)
b->sign ^= (a->sign ^ b->sign) & (mp_digit)mask;
b->sign ^= (a->sign ^ b->sign) & (unsigned int)mask;
#endif
}

4
wolfssl/wolfcrypt/kdf.h
View File

@ -76,8 +76,8 @@ enum {
MAX_TLS13_HKDF_LABEL_SZ = 47 + WC_MAX_DIGEST_SIZE
};
WOLFSSL_API int wc_Tls13_HKDF_Extract(byte* prk, const byte* salt, int saltLen,
byte* ikm, int ikmLen, int digest);
WOLFSSL_API int wc_Tls13_HKDF_Extract(byte* prk, const byte* salt,
word32 saltLen, byte* ikm, word32 ikmLen, int digest);
WOLFSSL_API int wc_Tls13_HKDF_Expand_Label(byte* okm, word32 okmLen,
const byte* prk, word32 prkLen,

1
wolfssl/wolfcrypt/misc.h
View File

@ -128,6 +128,7 @@ WOLFSSL_LOCAL word16 ctMask16Eq(int a, int b);
WOLFSSL_LOCAL byte ctMaskNotEq(int a, int b);
WOLFSSL_LOCAL byte ctMaskSel(byte m, byte a, byte b);
WOLFSSL_LOCAL int ctMaskSelInt(byte m, int a, int b);
WOLFSSL_LOCAL word32 ctMaskSelWord32(byte m, word32 a, word32 b);
WOLFSSL_LOCAL byte ctSetLTE(int a, int b);
WOLFSSL_LOCAL void ctMaskCopy(byte mask, byte* dst, byte* src, word16 size);
WOLFSSL_LOCAL word32 MakeWordFromHash(const byte* hashID);

20
wolfssl/wolfcrypt/sp_int.h
View File

@ -669,8 +669,8 @@ typedef struct sp_ecc_ctx {
*/
#define sp_clamp(a) \
do { \
unsigned int ii; \
for (ii = (a)->used - 1; ii >= 0 && (a)->dp[ii] == 0; ii--) { \
int ii; \
for (ii = (int)(a)->used - 1; ii >= 0 && (a)->dp[ii] == 0; ii--) { \
} \
(a)->used = (unsigned int)ii + 1; \
} while (0)
@ -759,7 +759,7 @@ typedef struct sp_ecc_ctx {
/* Calculate the number of words required to support a number of bits. */
#define MP_BITS_CNT(bits) \
(((bits + SP_WORD_SIZE - 1) / SP_WORD_SIZE) * 2 + 1)
((((bits) + SP_WORD_SIZE - 1) / SP_WORD_SIZE) * 2 + 1)
#ifdef WOLFSSL_SMALL_STACK
/*
@ -772,13 +772,13 @@ typedef struct sp_ecc_ctx {
#define DECL_MP_INT_SIZE(name, bits) \
sp_int* name = NULL
/* Allocate an mp_int of minimal size and zero out. */
#define NEW_MP_INT_SIZE(name, bits, heap, type) \
do { \
name = (mp_int*)XMALLOC(MP_INT_SIZEOF(MP_BITS_CNT(bits)), heap, type); \
if (name != NULL) { \
XMEMSET(name, 0, MP_INT_SIZEOF(MP_BITS_CNT(bits))); \
} \
} \
#define NEW_MP_INT_SIZE(name, bits, heap, type) \
do { \
(name) = (mp_int*)XMALLOC(MP_INT_SIZEOF(MP_BITS_CNT(bits)), heap, type); \
if ((name) != NULL) { \
XMEMSET(name, 0, MP_INT_SIZEOF(MP_BITS_CNT(bits))); \
} \
} \
while (0)
/* Dispose of dynamically allocated mp_int. */
#define FREE_MP_INT_SIZE(name, heap, type) \