From 23986e5d5d501ae93bed161752708ba18fb9e016 Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Sun, 24 Apr 2011 08:57:21 +0000 Subject: [PATCH] - Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops --- ChangeLog | 5 + include/polarssl/aes.h | 10 +- include/polarssl/arc4.h | 6 +- include/polarssl/base64.h | 10 +- include/polarssl/bignum.h | 42 ++-- include/polarssl/camellia.h | 10 +- include/polarssl/cipher.h | 24 +- include/polarssl/debug.h | 2 +- include/polarssl/des.h | 6 +- include/polarssl/dhm.h | 10 +- include/polarssl/md.h | 34 +-- include/polarssl/md2.h | 16 +- include/polarssl/md4.h | 14 +- include/polarssl/md5.h | 14 +- include/polarssl/net.h | 6 +- include/polarssl/padlock.h | 2 +- include/polarssl/pem.h | 6 +- include/polarssl/pkcs11.h | 4 +- include/polarssl/rsa.h | 90 +++---- include/polarssl/sha1.h | 14 +- include/polarssl/sha2.h | 14 +- include/polarssl/sha4.h | 14 +- include/polarssl/ssl.h | 40 +-- include/polarssl/x509.h | 16 +- include/polarssl/xtea.h | 10 +- library/aes.c | 12 +- library/arc4.c | 10 +- library/base64.c | 14 +- library/bignum.c | 246 ++++++++++--------- library/camellia.c | 16 +- library/cipher.c | 19 +- library/cipher_wrap.c | 245 +++++++++---------- library/debug.c | 17 +- library/des.c | 6 +- library/dhm.c | 13 +- library/havege.c | 6 +- library/md.c | 13 +- library/md2.c | 19 +- library/md4.c | 19 +- library/md5.c | 19 +- library/md_wrap.c | 313 ++++++++++++------------ library/net.c | 9 +- library/padlock.c | 8 +- library/pem.c | 30 +-- library/pkcs11.c | 5 +- library/rsa.c | 55 +++-- library/sha1.c | 19 +- library/sha2.c | 19 +- library/sha4.c | 19 +- library/ssl_cli.c | 26 +- library/ssl_srv.c | 31 ++- library/ssl_tls.c | 122 ++++----- library/x509parse.c | 137 +++++++---- library/xtea.c | 40 ++- programs/aes/aescrypt2.c | 3 +- programs/aes/crypt_and_hash.c | 5 +- programs/hash/generic_sum.c | 2 +- programs/hash/md5sum.c | 2 +- programs/hash/sha1sum.c | 2 +- programs/hash/sha2sum.c | 2 +- programs/pkey/dh_client.c | 11 +- programs/pkey/dh_server.c | 7 +- programs/pkey/rsa_sign.c | 3 +- programs/pkey/rsa_verify.c | 3 +- programs/pkey/rsa_verify_pss.c | 3 +- programs/ssl/ssl_client2.c | 3 +- tests/suites/test_suite_cipher.function | 18 +- 67 files changed, 1041 insertions(+), 949 deletions(-) diff --git a/ChangeLog b/ChangeLog index e8a7f6998..c797eb706 100644 --- a/ChangeLog +++ b/ChangeLog @@ -6,6 +6,11 @@ Features (AES CTR, Camellia CTR, XTEA CBC) including the option to enable and disable individual modes when needed +Changes + * Major argument / variable rewrite. Introduced use of size_t + instead of int for buffer lengths and loop variables for + better unsigned / signed use + = Version 0.99-pre4 released on 2011-04-01 Features * Added support for PKCS#1 v2.1 encoding and thus support diff --git a/include/polarssl/aes.h b/include/polarssl/aes.h index 40b3a56bf..4b975687f 100644 --- a/include/polarssl/aes.h +++ b/include/polarssl/aes.h @@ -27,6 +27,8 @@ #ifndef POLARSSL_AES_H #define POLARSSL_AES_H +#include + #define AES_ENCRYPT 1 #define AES_DECRYPT 0 @@ -57,7 +59,7 @@ extern "C" { * * \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH */ -int aes_setkey_enc( aes_context *ctx, const unsigned char *key, int keysize ); +int aes_setkey_enc( aes_context *ctx, const unsigned char *key, unsigned int keysize ); /** * \brief AES key schedule (decryption) @@ -68,7 +70,7 @@ int aes_setkey_enc( aes_context *ctx, const unsigned char *key, int keysize ); * * \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH */ -int aes_setkey_dec( aes_context *ctx, const unsigned char *key, int keysize ); +int aes_setkey_dec( aes_context *ctx, const unsigned char *key, unsigned int keysize ); /** * \brief AES-ECB block encryption/decryption @@ -101,7 +103,7 @@ int aes_crypt_ecb( aes_context *ctx, */ int aes_crypt_cbc( aes_context *ctx, int mode, - int length, + size_t length, unsigned char iv[16], const unsigned char *input, unsigned char *output ); @@ -121,7 +123,7 @@ int aes_crypt_cbc( aes_context *ctx, */ int aes_crypt_cfb128( aes_context *ctx, int mode, - int length, + size_t length, int *iv_off, unsigned char iv[16], const unsigned char *input, diff --git a/include/polarssl/arc4.h b/include/polarssl/arc4.h index 2344c74af..48ad60b26 100644 --- a/include/polarssl/arc4.h +++ b/include/polarssl/arc4.h @@ -27,6 +27,8 @@ #ifndef POLARSSL_ARC4_H #define POLARSSL_ARC4_H +#include + /** * \brief ARC4 context structure */ @@ -49,7 +51,7 @@ extern "C" { * \param key the secret key * \param keylen length of the key */ -void arc4_setup( arc4_context *ctx, const unsigned char *key, int keylen ); +void arc4_setup( arc4_context *ctx, const unsigned char *key, unsigned int keylen ); /** * \brief ARC4 cipher function @@ -61,7 +63,7 @@ void arc4_setup( arc4_context *ctx, const unsigned char *key, int keylen ); * * \return 0 if successful */ -int arc4_crypt( arc4_context *ctx, int length, const unsigned char *input, +int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input, unsigned char *output ); /* diff --git a/include/polarssl/base64.h b/include/polarssl/base64.h index 1c6498c5f..27ba68539 100644 --- a/include/polarssl/base64.h +++ b/include/polarssl/base64.h @@ -27,6 +27,8 @@ #ifndef POLARSSL_BASE64_H #define POLARSSL_BASE64_H +#include + #define POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL 0x0010 #define POLARSSL_ERR_BASE64_INVALID_CHARACTER 0x0012 @@ -49,8 +51,8 @@ extern "C" { * \note Call this function with *dlen = 0 to obtain the * required buffer size in *dlen */ -int base64_encode( unsigned char *dst, int *dlen, - const unsigned char *src, int slen ); +int base64_encode( unsigned char *dst, size_t *dlen, + const unsigned char *src, size_t slen ); /** * \brief Decode a base64-formatted buffer @@ -68,8 +70,8 @@ int base64_encode( unsigned char *dst, int *dlen, * \note Call this function with *dlen = 0 to obtain the * required buffer size in *dlen */ -int base64_decode( unsigned char *dst, int *dlen, - const unsigned char *src, int slen ); +int base64_decode( unsigned char *dst, size_t *dlen, + const unsigned char *src, size_t slen ); /** * \brief Checkup routine diff --git a/include/polarssl/bignum.h b/include/polarssl/bignum.h index ebc1f8f2f..909df1d91 100644 --- a/include/polarssl/bignum.h +++ b/include/polarssl/bignum.h @@ -28,6 +28,7 @@ #define POLARSSL_BIGNUM_H #include +#include #define POLARSSL_ERR_MPI_FILE_IO_ERROR 0x0002 #define POLARSSL_ERR_MPI_BAD_INPUT_DATA 0x0004 @@ -43,13 +44,16 @@ * Define the base integer type, architecture-wise */ #if defined(POLARSSL_HAVE_INT8) +typedef signed char t_s_int; typedef unsigned char t_int; typedef unsigned short t_dbl; #else #if defined(POLARSSL_HAVE_INT16) +typedef signed short t_s_int; typedef unsigned short t_int; typedef unsigned long t_dbl; #else + typedef signed long t_s_int; typedef unsigned long t_int; #if defined(_MSC_VER) && defined(_M_IX86) typedef unsigned __int64 t_dbl; @@ -73,7 +77,7 @@ typedef unsigned long t_dbl; typedef struct { int s; /*!< integer sign */ - int n; /*!< total # of limbs */ + size_t n; /*!< total # of limbs */ t_int *p; /*!< pointer to limbs */ } mpi; @@ -101,7 +105,7 @@ void mpi_free( mpi *X, ... ); * \return 0 if successful, * 1 if memory allocation failed */ -int mpi_grow( mpi *X, int nblimbs ); +int mpi_grow( mpi *X, size_t nblimbs ); /** * \brief Copy the contents of Y into X @@ -131,28 +135,28 @@ void mpi_swap( mpi *X, mpi *Y ); * \return 0 if successful, * 1 if memory allocation failed */ -int mpi_lset( mpi *X, int z ); +int mpi_lset( mpi *X, t_s_int z ); /** * \brief Return the number of least significant bits * * \param X MPI to use */ -int mpi_lsb( const mpi *X ); +size_t mpi_lsb( const mpi *X ); /** * \brief Return the number of most significant bits * * \param X MPI to use */ -int mpi_msb( const mpi *X ); +size_t mpi_msb( const mpi *X ); /** * \brief Return the total size in bytes * * \param X MPI to use */ -int mpi_size( const mpi *X ); +size_t mpi_size( const mpi *X ); /** * \brief Import from an ASCII string @@ -180,7 +184,7 @@ int mpi_read_string( mpi *X, int radix, const char *s ); * \note Call this function with *slen = 0 to obtain the * minimum required buffer size in *slen. */ -int mpi_write_string( const mpi *X, int radix, char *s, int *slen ); +int mpi_write_string( const mpi *X, int radix, char *s, size_t *slen ); /** * \brief Read X from an opened file @@ -217,7 +221,7 @@ int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout ); * \return 0 if successful, * 1 if memory allocation failed */ -int mpi_read_binary( mpi *X, const unsigned char *buf, int buflen ); +int mpi_read_binary( mpi *X, const unsigned char *buf, size_t buflen ); /** * \brief Export X into unsigned binary data, big endian @@ -229,7 +233,7 @@ int mpi_read_binary( mpi *X, const unsigned char *buf, int buflen ); * \return 0 if successful, * POLARSSL_ERR_MPI_BUFFER_TOO_SMALL if buf isn't large enough */ -int mpi_write_binary( const mpi *X, unsigned char *buf, int buflen ); +int mpi_write_binary( const mpi *X, unsigned char *buf, size_t buflen ); /** * \brief Left-shift: X <<= count @@ -240,7 +244,7 @@ int mpi_write_binary( const mpi *X, unsigned char *buf, int buflen ); * \return 0 if successful, * 1 if memory allocation failed */ -int mpi_shift_l( mpi *X, int count ); +int mpi_shift_l( mpi *X, size_t count ); /** * \brief Right-shift: X >>= count @@ -251,7 +255,7 @@ int mpi_shift_l( mpi *X, int count ); * \return 0 if successful, * 1 if memory allocation failed */ -int mpi_shift_r( mpi *X, int count ); +int mpi_shift_r( mpi *X, size_t count ); /** * \brief Compare unsigned values @@ -287,7 +291,7 @@ int mpi_cmp_mpi( const mpi *X, const mpi *Y ); * -1 if X is lesser than z or * 0 if X is equal to z */ -int mpi_cmp_int( const mpi *X, int z ); +int mpi_cmp_int( const mpi *X, t_s_int z ); /** * \brief Unsigned addition: X = |A| + |B| @@ -347,7 +351,7 @@ int mpi_sub_mpi( mpi *X, const mpi *A, const mpi *B ); * \return 0 if successful, * 1 if memory allocation failed */ -int mpi_add_int( mpi *X, const mpi *A, int b ); +int mpi_add_int( mpi *X, const mpi *A, t_s_int b ); /** * \brief Signed substraction: X = A - b @@ -359,7 +363,7 @@ int mpi_add_int( mpi *X, const mpi *A, int b ); * \return 0 if successful, * 1 if memory allocation failed */ -int mpi_sub_int( mpi *X, const mpi *A, int b ); +int mpi_sub_int( mpi *X, const mpi *A, t_s_int b ); /** * \brief Baseline multiplication: X = A * B @@ -385,7 +389,7 @@ int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B ); * \return 0 if successful, * 1 if memory allocation failed */ -int mpi_mul_int( mpi *X, const mpi *A, t_int b ); +int mpi_mul_int( mpi *X, const mpi *A, t_s_int b ); /** * \brief Division by mpi: A = Q * B + R @@ -417,7 +421,7 @@ int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B ); * * \note Either Q or R can be NULL. */ -int mpi_div_int( mpi *Q, mpi *R, const mpi *A, int b ); +int mpi_div_int( mpi *Q, mpi *R, const mpi *A, t_s_int b ); /** * \brief Modulo: R = A mod B @@ -445,7 +449,7 @@ int mpi_mod_mpi( mpi *R, const mpi *A, const mpi *B ); * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0, * POLARSSL_ERR_MPI_NEGATIVE_VALUE if b < 0 */ -int mpi_mod_int( t_int *r, const mpi *A, int b ); +int mpi_mod_int( t_int *r, const mpi *A, t_s_int b ); /** * \brief Sliding-window exponentiation: X = A^E mod N @@ -477,7 +481,7 @@ int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR ); * \return 0 if successful, * 1 if memory allocation failed */ -int mpi_fill_random( mpi *X, int size, int (*f_rng)(void *), void *p_rng ); +int mpi_fill_random( mpi *X, size_t size, int (*f_rng)(void *), void *p_rng ); /** * \brief Greatest common divisor: G = gcd(A, B) @@ -531,7 +535,7 @@ int mpi_is_prime( mpi *X, int (*f_rng)(void *), void *p_rng ); * 1 if memory allocation failed, * POLARSSL_ERR_MPI_BAD_INPUT_DATA if nbits is < 3 */ -int mpi_gen_prime( mpi *X, int nbits, int dh_flag, +int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag, int (*f_rng)(void *), void *p_rng ); /** diff --git a/include/polarssl/camellia.h b/include/polarssl/camellia.h index cebd677e7..4884fdc60 100644 --- a/include/polarssl/camellia.h +++ b/include/polarssl/camellia.h @@ -27,6 +27,8 @@ #ifndef POLARSSL_CAMELLIA_H #define POLARSSL_CAMELLIA_H +#include + #ifdef _MSC_VER #include typedef UINT32 uint32_t; @@ -63,7 +65,7 @@ extern "C" { * * \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH */ -int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, int keysize ); +int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, unsigned int keysize ); /** * \brief CAMELLIA key schedule (decryption) @@ -74,7 +76,7 @@ int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, int ke * * \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH */ -int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, int keysize ); +int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, unsigned int keysize ); /** * \brief CAMELLIA-ECB block encryption/decryption @@ -107,7 +109,7 @@ int camellia_crypt_ecb( camellia_context *ctx, */ int camellia_crypt_cbc( camellia_context *ctx, int mode, - int length, + size_t length, unsigned char iv[16], const unsigned char *input, unsigned char *output ); @@ -127,7 +129,7 @@ int camellia_crypt_cbc( camellia_context *ctx, */ int camellia_crypt_cfb128( camellia_context *ctx, int mode, - int length, + size_t length, int *iv_off, unsigned char iv[16], const unsigned char *input, diff --git a/include/polarssl/cipher.h b/include/polarssl/cipher.h index 53755598f..67819da08 100644 --- a/include/polarssl/cipher.h +++ b/include/polarssl/cipher.h @@ -96,26 +96,26 @@ typedef struct { cipher_mode_t mode; /** Cipher key length, in bits (default length for variable sized ciphers) */ - int key_length; + unsigned int key_length; /** Name of the cipher */ const char * name; /** IV size, in bytes */ - int iv_size; + unsigned int iv_size; /** block size, in bytes */ - int block_size; + unsigned int block_size; /** Encrypt using CBC */ - int (*cbc_func)( void *ctx, operation_t mode, int length, unsigned char *iv, + int (*cbc_func)( void *ctx, operation_t mode, size_t length, unsigned char *iv, const unsigned char *input, unsigned char *output ); /** Set key for encryption purposes */ - int (*setkey_enc_func)( void *ctx, const unsigned char *key, int key_length); + int (*setkey_enc_func)( void *ctx, const unsigned char *key, unsigned int key_length); /** Set key for decryption purposes */ - int (*setkey_dec_func)( void *ctx, const unsigned char *key, int key_length); + int (*setkey_dec_func)( void *ctx, const unsigned char *key, unsigned int key_length); /** Allocate a new context */ void * (*ctx_alloc_func)( void ); @@ -142,7 +142,7 @@ typedef struct { unsigned char unprocessed_data[POLARSSL_MAX_IV_LENGTH]; /** Number of bytes that still need processing */ - int unprocessed_len; + size_t unprocessed_len; /** Current IV */ unsigned char iv[POLARSSL_MAX_IV_LENGTH]; @@ -167,7 +167,7 @@ const int *cipher_list( void ); * \brief Returns the cipher information structure associated * with the given cipher name. * - * \param cipher_name Name of the cipher to search for. + * \param cipher_name Name of the cipher to search for. * * \return the cipher information structure associated with the * given cipher_name, or NULL if not found. @@ -215,7 +215,7 @@ int cipher_free_ctx( cipher_context_t *ctx ); * \return size of the cipher's blocks, or 0 if ctx has not been * initialised. */ -static inline int cipher_get_block_size( const cipher_context_t *ctx ) +static inline unsigned int cipher_get_block_size( const cipher_context_t *ctx ) { if( NULL == ctx || NULL == ctx->cipher_info ) return 0; @@ -332,8 +332,8 @@ int cipher_reset( cipher_context_t *ctx, const unsigned char *iv ); * * \returns 0 on success, 1 if parameter verification fails. */ -int cipher_update( cipher_context_t *ctx, const unsigned char *input, int ilen, - unsigned char *output, int *olen ); +int cipher_update( cipher_context_t *ctx, const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen ); /** * \brief Generic cipher finalisation function. If data still @@ -347,7 +347,7 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input, int ilen, * * \returns 0 on success, 1 if parameter verification fails. */ -int cipher_finish( cipher_context_t *ctx, unsigned char *output, int *olen); +int cipher_finish( cipher_context_t *ctx, unsigned char *output, size_t *olen); /** diff --git a/include/polarssl/debug.h b/include/polarssl/debug.h index c6f74061e..e84f4b8c6 100644 --- a/include/polarssl/debug.h +++ b/include/polarssl/debug.h @@ -72,7 +72,7 @@ void debug_print_ret( const ssl_context *ssl, int level, void debug_print_buf( const ssl_context *ssl, int level, const char *file, int line, const char *text, - unsigned char *buf, int len ); + unsigned char *buf, size_t len ); void debug_print_mpi( const ssl_context *ssl, int level, const char *file, int line, diff --git a/include/polarssl/des.h b/include/polarssl/des.h index 0d3493c60..f9e8e60bf 100644 --- a/include/polarssl/des.h +++ b/include/polarssl/des.h @@ -27,6 +27,8 @@ #ifndef POLARSSL_DES_H #define POLARSSL_DES_H +#include + #define DES_ENCRYPT 1 #define DES_DECRYPT 0 @@ -171,7 +173,7 @@ int des_crypt_ecb( des_context *ctx, */ int des_crypt_cbc( des_context *ctx, int mode, - int length, + size_t length, unsigned char iv[8], const unsigned char *input, unsigned char *output ); @@ -203,7 +205,7 @@ int des3_crypt_ecb( des3_context *ctx, */ int des3_crypt_cbc( des3_context *ctx, int mode, - int length, + size_t length, unsigned char iv[8], const unsigned char *input, unsigned char *output ); diff --git a/include/polarssl/dhm.h b/include/polarssl/dhm.h index 4206b8806..4a479d6ec 100644 --- a/include/polarssl/dhm.h +++ b/include/polarssl/dhm.h @@ -44,7 +44,7 @@ */ typedef struct { - int len; /*!< size(P) in chars */ + size_t len; /*!< size(P) in chars */ mpi P; /*!< prime modulus */ mpi G; /*!< generator */ mpi X; /*!< secret value */ @@ -89,7 +89,7 @@ int dhm_read_params( dhm_context *ctx, * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code */ int dhm_make_params( dhm_context *ctx, int x_size, - unsigned char *output, int *olen, + unsigned char *output, size_t *olen, int (*f_rng)(void *), void *p_rng ); /** @@ -102,7 +102,7 @@ int dhm_make_params( dhm_context *ctx, int x_size, * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code */ int dhm_read_public( dhm_context *ctx, - const unsigned char *input, int ilen ); + const unsigned char *input, size_t ilen ); /** * \brief Create own private value X and export G^X @@ -117,7 +117,7 @@ int dhm_read_public( dhm_context *ctx, * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code */ int dhm_make_public( dhm_context *ctx, int x_size, - unsigned char *output, int olen, + unsigned char *output, size_t olen, int (*f_rng)(void *), void *p_rng ); /** @@ -130,7 +130,7 @@ int dhm_make_public( dhm_context *ctx, int x_size, * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code */ int dhm_calc_secret( dhm_context *ctx, - unsigned char *output, int *olen ); + unsigned char *output, size_t *olen ); /* * \brief Free the components of a DHM key diff --git a/include/polarssl/md.h b/include/polarssl/md.h index 4d4b835de..9bda3ee57 100644 --- a/include/polarssl/md.h +++ b/include/polarssl/md.h @@ -30,6 +30,8 @@ #ifndef POLARSSL_MD_H #define POLARSSL_MD_H +#include + #ifdef _MSC_VER #define inline _inline #endif @@ -66,23 +68,23 @@ typedef struct { void (*starts_func)( void *ctx ); /** Digest update function */ - void (*update_func)( void *ctx, const unsigned char *input, int ilen ); + void (*update_func)( void *ctx, const unsigned char *input, size_t ilen ); /** Digest finalisation function */ void (*finish_func)( void *ctx, unsigned char *output ); /** Generic digest function */ - void (*digest_func)( const unsigned char *input, int ilen, + void (*digest_func)( const unsigned char *input, size_t ilen, unsigned char *output ); /** Generic file digest function */ int (*file_func)( const char *path, unsigned char *output ); /** HMAC Initialisation function */ - void (*hmac_starts_func)( void *ctx, const unsigned char *key, int keylen ); + void (*hmac_starts_func)( void *ctx, const unsigned char *key, size_t keylen ); /** HMAC update function */ - void (*hmac_update_func)( void *ctx, const unsigned char *input, int ilen ); + void (*hmac_update_func)( void *ctx, const unsigned char *input, size_t ilen ); /** HMAC finalisation function */ void (*hmac_finish_func)( void *ctx, unsigned char *output); @@ -91,8 +93,8 @@ typedef struct { void (*hmac_reset_func)( void *ctx ); /** Generic HMAC function */ - void (*hmac_func)( const unsigned char *key, int keylen, - const unsigned char *input, int ilen, + void (*hmac_func)( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, unsigned char *output ); /** Allocate a new context */ @@ -135,7 +137,7 @@ const int *md_list( void ); * \brief Returns the message digest information associated with the * given digest name. * - * \param md_name Name of the digest to search for. + * \param md_name Name of the digest to search for. * * \return The message digest information associated with md_name or * NULL if not found. @@ -184,7 +186,7 @@ int md_free_ctx( md_context_t *ctx ); * * \return size of the message digest output. */ -static inline unsigned char md_get_size ( const md_info_t *md_info) +static inline unsigned char md_get_size( const md_info_t *md_info ) { return md_info->size; } @@ -196,7 +198,7 @@ static inline unsigned char md_get_size ( const md_info_t *md_info) * * \return type of the message digest output. */ -static inline md_type_t md_get_type ( const md_info_t *md_info ) +static inline md_type_t md_get_type( const md_info_t *md_info ) { return md_info->type; } @@ -208,7 +210,7 @@ static inline md_type_t md_get_type ( const md_info_t *md_info ) * * \return name of the message digest output. */ -static inline const char *md_get_name ( const md_info_t *md_info ) +static inline const char *md_get_name( const md_info_t *md_info ) { return md_info->name; } @@ -231,7 +233,7 @@ int md_starts( md_context_t *ctx ); * * \returns 0 on success, 1 if parameter verification fails. */ -int md_update( md_context_t *ctx, const unsigned char *input, int ilen ); +int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen ); /** * \brief Generic message digest final digest @@ -253,7 +255,7 @@ int md_finish( md_context_t *ctx, unsigned char *output ); * * \returns 0 on success, 1 if parameter verification fails. */ -int md( const md_info_t *md_info, const unsigned char *input, int ilen, +int md( const md_info_t *md_info, const unsigned char *input, size_t ilen, unsigned char *output ); /** @@ -277,7 +279,7 @@ int md_file( const md_info_t *md_info, const char *path, unsigned char *output ) * * \returns 0 on success, 1 if parameter verification fails. */ -int md_hmac_starts( md_context_t *ctx, const unsigned char *key, int keylen ); +int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen ); /** * \brief Generic HMAC process buffer @@ -288,7 +290,7 @@ int md_hmac_starts( md_context_t *ctx, const unsigned char *key, int keylen ); * * \returns 0 on success, 1 if parameter verification fails. */ -int md_hmac_update( md_context_t *ctx, const unsigned char *input, int ilen ); +int md_hmac_update( md_context_t *ctx, const unsigned char *input, size_t ilen ); /** * \brief Generic HMAC final digest @@ -321,8 +323,8 @@ int md_hmac_reset( md_context_t *ctx ); * * \returns 0 on success, 1 if parameter verification fails. */ -int md_hmac( const md_info_t *md_info, const unsigned char *key, int keylen, - const unsigned char *input, int ilen, +int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, unsigned char *output ); #ifdef __cplusplus diff --git a/include/polarssl/md2.h b/include/polarssl/md2.h index bcda2e3ab..9a497f193 100644 --- a/include/polarssl/md2.h +++ b/include/polarssl/md2.h @@ -27,6 +27,8 @@ #ifndef POLARSSL_MD2_H #define POLARSSL_MD2_H +#include + /** * \brief MD2 context structure */ @@ -38,7 +40,7 @@ typedef struct unsigned char ipad[64]; /*!< HMAC: inner padding */ unsigned char opad[64]; /*!< HMAC: outer padding */ - int left; /*!< amount of data in buffer */ + size_t left; /*!< amount of data in buffer */ } md2_context; @@ -60,7 +62,7 @@ void md2_starts( md2_context *ctx ); * \param input buffer holding the data * \param ilen length of the input data */ -void md2_update( md2_context *ctx, const unsigned char *input, int ilen ); +void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen ); /** * \brief MD2 final digest @@ -77,7 +79,7 @@ void md2_finish( md2_context *ctx, unsigned char output[16] ); * \param ilen length of the input data * \param output MD2 checksum result */ -void md2( const unsigned char *input, int ilen, unsigned char output[16] ); +void md2( const unsigned char *input, size_t ilen, unsigned char output[16] ); /** * \brief Output = MD2( file contents ) @@ -97,7 +99,7 @@ int md2_file( const char *path, unsigned char output[16] ); * \param key HMAC secret key * \param keylen length of the HMAC key */ -void md2_hmac_starts( md2_context *ctx, const unsigned char *key, int keylen ); +void md2_hmac_starts( md2_context *ctx, const unsigned char *key, size_t keylen ); /** * \brief MD2 HMAC process buffer @@ -106,7 +108,7 @@ void md2_hmac_starts( md2_context *ctx, const unsigned char *key, int keylen ); * \param input buffer holding the data * \param ilen length of the input data */ -void md2_hmac_update( md2_context *ctx, const unsigned char *input, int ilen ); +void md2_hmac_update( md2_context *ctx, const unsigned char *input, size_t ilen ); /** * \brief MD2 HMAC final digest @@ -132,8 +134,8 @@ void md2_hmac_reset( md2_context *ctx ); * \param ilen length of the input data * \param output HMAC-MD2 result */ -void md2_hmac( const unsigned char *key, int keylen, - const unsigned char *input, int ilen, +void md2_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, unsigned char output[16] ); /** diff --git a/include/polarssl/md4.h b/include/polarssl/md4.h index c3c5d7efb..5a796ae32 100644 --- a/include/polarssl/md4.h +++ b/include/polarssl/md4.h @@ -27,6 +27,8 @@ #ifndef POLARSSL_MD4_H #define POLARSSL_MD4_H +#include + /** * \brief MD4 context structure */ @@ -59,7 +61,7 @@ void md4_starts( md4_context *ctx ); * \param input buffer holding the data * \param ilen length of the input data */ -void md4_update( md4_context *ctx, const unsigned char *input, int ilen ); +void md4_update( md4_context *ctx, const unsigned char *input, size_t ilen ); /** * \brief MD4 final digest @@ -76,7 +78,7 @@ void md4_finish( md4_context *ctx, unsigned char output[16] ); * \param ilen length of the input data * \param output MD4 checksum result */ -void md4( const unsigned char *input, int ilen, unsigned char output[16] ); +void md4( const unsigned char *input, size_t ilen, unsigned char output[16] ); /** * \brief Output = MD4( file contents ) @@ -96,7 +98,7 @@ int md4_file( const char *path, unsigned char output[16] ); * \param key HMAC secret key * \param keylen length of the HMAC key */ -void md4_hmac_starts( md4_context *ctx, const unsigned char *key, int keylen ); +void md4_hmac_starts( md4_context *ctx, const unsigned char *key, size_t keylen ); /** * \brief MD4 HMAC process buffer @@ -105,7 +107,7 @@ void md4_hmac_starts( md4_context *ctx, const unsigned char *key, int keylen ); * \param input buffer holding the data * \param ilen length of the input data */ -void md4_hmac_update( md4_context *ctx, const unsigned char *input, int ilen ); +void md4_hmac_update( md4_context *ctx, const unsigned char *input, size_t ilen ); /** * \brief MD4 HMAC final digest @@ -131,8 +133,8 @@ void md4_hmac_reset( md4_context *ctx ); * \param ilen length of the input data * \param output HMAC-MD4 result */ -void md4_hmac( const unsigned char *key, int keylen, - const unsigned char *input, int ilen, +void md4_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, unsigned char output[16] ); /** diff --git a/include/polarssl/md5.h b/include/polarssl/md5.h index e728c38ca..cf0459d06 100644 --- a/include/polarssl/md5.h +++ b/include/polarssl/md5.h @@ -27,6 +27,8 @@ #ifndef POLARSSL_MD5_H #define POLARSSL_MD5_H +#include + /** * \brief MD5 context structure */ @@ -59,7 +61,7 @@ void md5_starts( md5_context *ctx ); * \param input buffer holding the data * \param ilen length of the input data */ -void md5_update( md5_context *ctx, const unsigned char *input, int ilen ); +void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen ); /** * \brief MD5 final digest @@ -76,7 +78,7 @@ void md5_finish( md5_context *ctx, unsigned char output[16] ); * \param ilen length of the input data * \param output MD5 checksum result */ -void md5( const unsigned char *input, int ilen, unsigned char output[16] ); +void md5( const unsigned char *input, size_t ilen, unsigned char output[16] ); /** * \brief Output = MD5( file contents ) @@ -97,7 +99,7 @@ int md5_file( const char *path, unsigned char output[16] ); * \param keylen length of the HMAC key */ void md5_hmac_starts( md5_context *ctx, - const unsigned char *key, int keylen ); + const unsigned char *key, size_t keylen ); /** * \brief MD5 HMAC process buffer @@ -107,7 +109,7 @@ void md5_hmac_starts( md5_context *ctx, * \param ilen length of the input data */ void md5_hmac_update( md5_context *ctx, - const unsigned char *input, int ilen ); + const unsigned char *input, size_t ilen ); /** * \brief MD5 HMAC final digest @@ -133,8 +135,8 @@ void md5_hmac_reset( md5_context *ctx ); * \param ilen length of the input data * \param output HMAC-MD5 result */ -void md5_hmac( const unsigned char *key, int keylen, - const unsigned char *input, int ilen, +void md5_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, unsigned char output[16] ); /** diff --git a/include/polarssl/net.h b/include/polarssl/net.h index 188432e9a..3fa2161b4 100644 --- a/include/polarssl/net.h +++ b/include/polarssl/net.h @@ -27,6 +27,8 @@ #ifndef POLARSSL_NET_H #define POLARSSL_NET_H +#include + #define POLARSSL_ERR_NET_UNKNOWN_HOST -0x0F00 #define POLARSSL_ERR_NET_SOCKET_FAILED -0x0F10 #define POLARSSL_ERR_NET_CONNECT_FAILED -0x0F20 @@ -124,7 +126,7 @@ void net_usleep( unsigned long usec ); * or a non-zero error code; POLARSSL_ERR_NET_TRY_AGAIN * indicates read() is blocking. */ -int net_recv( void *ctx, unsigned char *buf, int len ); +int net_recv( void *ctx, unsigned char *buf, size_t len ); /** * \brief Write at most 'len' characters. If no error occurs, @@ -138,7 +140,7 @@ int net_recv( void *ctx, unsigned char *buf, int len ); * or a non-zero error code; POLARSSL_ERR_NET_TRY_AGAIN * indicates write() is blocking. */ -int net_send( void *ctx, unsigned char *buf, int len ); +int net_send( void *ctx, unsigned char *buf, size_t len ); /** * \brief Gracefully shutdown the connection diff --git a/include/polarssl/padlock.h b/include/polarssl/padlock.h index 99ecfee1a..722c9b223 100644 --- a/include/polarssl/padlock.h +++ b/include/polarssl/padlock.h @@ -86,7 +86,7 @@ int padlock_xcryptecb( aes_context *ctx, */ int padlock_xcryptcbc( aes_context *ctx, int mode, - int length, + size_t length, unsigned char iv[16], const unsigned char *input, unsigned char *output ); diff --git a/include/polarssl/pem.h b/include/polarssl/pem.h index dfb2f1ed2..509ed11a9 100644 --- a/include/polarssl/pem.h +++ b/include/polarssl/pem.h @@ -27,6 +27,8 @@ #ifndef POLARSSL_PEM_H #define POLARSSL_PEM_H +#include + /** * \name PEM Error codes * These error codes are returned in case of errors reading the @@ -49,7 +51,7 @@ typedef struct { unsigned char *buf; /*!< buffer for decoded data */ - int buflen; /*!< length of the buffer */ + size_t buflen; /*!< length of the buffer */ unsigned char *info; /*!< buffer for extra header information */ } pem_context; @@ -82,7 +84,7 @@ void pem_init( pem_context *ctx ); int pem_read_buffer( pem_context *ctx, char *header, char *footer, const unsigned char *data, const unsigned char *pwd, - int pwdlen, int *use_len ); + size_t pwdlen, size_t *use_len ); /** * \brief PEM context memory freeing diff --git a/include/polarssl/pkcs11.h b/include/polarssl/pkcs11.h index 5087e1951..8e2a8ceed 100644 --- a/include/polarssl/pkcs11.h +++ b/include/polarssl/pkcs11.h @@ -94,7 +94,7 @@ void pkcs11_priv_key_free( pkcs11_context *priv_key ); * an error is thrown. */ int pkcs11_decrypt( pkcs11_context *ctx, - int mode, int *olen, + int mode, size_t *olen, const unsigned char *input, unsigned char *output, unsigned int output_max_len ); @@ -118,7 +118,7 @@ int pkcs11_decrypt( pkcs11_context *ctx, int pkcs11_sign( pkcs11_context *ctx, int mode, int hash_id, - int hashlen, + unsigned int hashlen, const unsigned char *hash, unsigned char *sig ); diff --git a/include/polarssl/rsa.h b/include/polarssl/rsa.h index 509e24d55..cb2420a7a 100644 --- a/include/polarssl/rsa.h +++ b/include/polarssl/rsa.h @@ -49,11 +49,11 @@ #define SIG_RSA_MD2 2 #define SIG_RSA_MD4 3 #define SIG_RSA_MD5 4 -#define SIG_RSA_SHA1 5 -#define SIG_RSA_SHA224 14 -#define SIG_RSA_SHA256 11 -#define SIG_RSA_SHA384 12 -#define SIG_RSA_SHA512 13 +#define SIG_RSA_SHA1 5 +#define SIG_RSA_SHA224 14 +#define SIG_RSA_SHA256 11 +#define SIG_RSA_SHA384 12 +#define SIG_RSA_SHA512 13 #define RSA_PUBLIC 0 #define RSA_PRIVATE 1 @@ -64,28 +64,28 @@ #define RSA_SIGN 1 #define RSA_CRYPT 2 -#define ASN1_STR_CONSTRUCTED_SEQUENCE "\x30" -#define ASN1_STR_NULL "\x05" -#define ASN1_STR_OID "\x06" -#define ASN1_STR_OCTET_STRING "\x04" +#define ASN1_STR_CONSTRUCTED_SEQUENCE "\x30" +#define ASN1_STR_NULL "\x05" +#define ASN1_STR_OID "\x06" +#define ASN1_STR_OCTET_STRING "\x04" -#define OID_DIGEST_ALG_MDX "\x2A\x86\x48\x86\xF7\x0D\x02\x00" -#define OID_HASH_ALG_SHA1 "\x2b\x0e\x03\x02\x1a" -#define OID_HASH_ALG_SHA2X "\x60\x86\x48\x01\x65\x03\x04\x02\x00" +#define OID_DIGEST_ALG_MDX "\x2A\x86\x48\x86\xF7\x0D\x02\x00" +#define OID_HASH_ALG_SHA1 "\x2b\x0e\x03\x02\x1a" +#define OID_HASH_ALG_SHA2X "\x60\x86\x48\x01\x65\x03\x04\x02\x00" -#define OID_ISO_MEMBER_BODIES "\x2a" -#define OID_ISO_IDENTIFIED_ORG "\x2b" +#define OID_ISO_MEMBER_BODIES "\x2a" +#define OID_ISO_IDENTIFIED_ORG "\x2b" /* * ISO Member bodies OID parts */ -#define OID_COUNTRY_US "\x86\x48" -#define OID_RSA_DATA_SECURITY "\x86\xf7\x0d" +#define OID_COUNTRY_US "\x86\x48" +#define OID_RSA_DATA_SECURITY "\x86\xf7\x0d" /* * ISO Identified organization OID parts */ -#define OID_OIW_SECSIG_SHA1 "\x0e\x03\x02\x1a" +#define OID_OIW_SECSIG_SHA1 "\x0e\x03\x02\x1a" /* * DigestInfo ::= SEQUENCE { @@ -96,30 +96,30 @@ * * Digest ::= OCTET STRING */ -#define ASN1_HASH_MDX \ -( \ - ASN1_STR_CONSTRUCTED_SEQUENCE "\x20" \ - ASN1_STR_CONSTRUCTED_SEQUENCE "\x0C" \ - ASN1_STR_OID "\x08" \ - OID_DIGEST_ALG_MDX \ - ASN1_STR_NULL "\x00" \ - ASN1_STR_OCTET_STRING "\x10" \ +#define ASN1_HASH_MDX \ +( \ + ASN1_STR_CONSTRUCTED_SEQUENCE "\x20" \ + ASN1_STR_CONSTRUCTED_SEQUENCE "\x0C" \ + ASN1_STR_OID "\x08" \ + OID_DIGEST_ALG_MDX \ + ASN1_STR_NULL "\x00" \ + ASN1_STR_OCTET_STRING "\x10" \ ) -#define ASN1_HASH_SHA1 \ - ASN1_STR_CONSTRUCTED_SEQUENCE "\x21" \ - ASN1_STR_CONSTRUCTED_SEQUENCE "\x09" \ - ASN1_STR_OID "\x05" \ - OID_HASH_ALG_SHA1 \ - ASN1_STR_NULL "\x00" \ +#define ASN1_HASH_SHA1 \ + ASN1_STR_CONSTRUCTED_SEQUENCE "\x21" \ + ASN1_STR_CONSTRUCTED_SEQUENCE "\x09" \ + ASN1_STR_OID "\x05" \ + OID_HASH_ALG_SHA1 \ + ASN1_STR_NULL "\x00" \ ASN1_STR_OCTET_STRING "\x14" -#define ASN1_HASH_SHA2X \ - ASN1_STR_CONSTRUCTED_SEQUENCE "\x11" \ - ASN1_STR_CONSTRUCTED_SEQUENCE "\x0d" \ - ASN1_STR_OID "\x09" \ - OID_HASH_ALG_SHA2X \ - ASN1_STR_NULL "\x00" \ +#define ASN1_HASH_SHA2X \ + ASN1_STR_CONSTRUCTED_SEQUENCE "\x11" \ + ASN1_STR_CONSTRUCTED_SEQUENCE "\x0d" \ + ASN1_STR_OID "\x09" \ + OID_HASH_ALG_SHA2X \ + ASN1_STR_NULL "\x00" \ ASN1_STR_OCTET_STRING "\x00" /** @@ -128,7 +128,7 @@ typedef struct { int ver; /*!< always 0 */ - int len; /*!< size(N) in chars */ + size_t len; /*!< size(N) in chars */ mpi N; /*!< public modulus */ mpi E; /*!< public exponent */ @@ -188,7 +188,7 @@ void rsa_init( rsa_context *ctx, int rsa_gen_key( rsa_context *ctx, int (*f_rng)(void *), void *p_rng, - int nbits, int exponent ); + unsigned int nbits, int exponent ); /** * \brief Check a public RSA key @@ -263,7 +263,7 @@ int rsa_private( rsa_context *ctx, int rsa_pkcs1_encrypt( rsa_context *ctx, int (*f_rng)(void *), void *p_rng, - int mode, int ilen, + int mode, size_t ilen, const unsigned char *input, unsigned char *output ); @@ -275,7 +275,7 @@ int rsa_pkcs1_encrypt( rsa_context *ctx, * \param input buffer holding the encrypted data * \param output buffer that will hold the plaintext * \param olen will contain the plaintext length - * \param output_max_len maximum length of the output buffer + * \param output_max_len maximum length of the output buffer * * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * @@ -284,10 +284,10 @@ int rsa_pkcs1_encrypt( rsa_context *ctx, * an error is thrown. */ int rsa_pkcs1_decrypt( rsa_context *ctx, - int mode, int *olen, + int mode, size_t *olen, const unsigned char *input, unsigned char *output, - int output_max_len ); + size_t output_max_len ); /** * \brief Do a private RSA to sign a message digest @@ -318,7 +318,7 @@ int rsa_pkcs1_sign( rsa_context *ctx, void *p_rng, int mode, int hash_id, - int hashlen, + unsigned int hashlen, const unsigned char *hash, unsigned char *sig ); @@ -347,7 +347,7 @@ int rsa_pkcs1_sign( rsa_context *ctx, int rsa_pkcs1_verify( rsa_context *ctx, int mode, int hash_id, - int hashlen, + unsigned int hashlen, const unsigned char *hash, unsigned char *sig ); diff --git a/include/polarssl/sha1.h b/include/polarssl/sha1.h index 1d5cc258d..76b369a5d 100644 --- a/include/polarssl/sha1.h +++ b/include/polarssl/sha1.h @@ -27,6 +27,8 @@ #ifndef POLARSSL_SHA1_H #define POLARSSL_SHA1_H +#include + /** * \brief SHA-1 context structure */ @@ -59,7 +61,7 @@ void sha1_starts( sha1_context *ctx ); * \param input buffer holding the data * \param ilen length of the input data */ -void sha1_update( sha1_context *ctx, const unsigned char *input, int ilen ); +void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen ); /** * \brief SHA-1 final digest @@ -76,7 +78,7 @@ void sha1_finish( sha1_context *ctx, unsigned char output[20] ); * \param ilen length of the input data * \param output SHA-1 checksum result */ -void sha1( const unsigned char *input, int ilen, unsigned char output[20] ); +void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] ); /** * \brief Output = SHA-1( file contents ) @@ -96,7 +98,7 @@ int sha1_file( const char *path, unsigned char output[20] ); * \param key HMAC secret key * \param keylen length of the HMAC key */ -void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, int keylen ); +void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, size_t keylen ); /** * \brief SHA-1 HMAC process buffer @@ -105,7 +107,7 @@ void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, int keylen ) * \param input buffer holding the data * \param ilen length of the input data */ -void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, int ilen ); +void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, size_t ilen ); /** * \brief SHA-1 HMAC final digest @@ -131,8 +133,8 @@ void sha1_hmac_reset( sha1_context *ctx ); * \param ilen length of the input data * \param output HMAC-SHA-1 result */ -void sha1_hmac( const unsigned char *key, int keylen, - const unsigned char *input, int ilen, +void sha1_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, unsigned char output[20] ); /** diff --git a/include/polarssl/sha2.h b/include/polarssl/sha2.h index 5e2d907dc..c963ca1e1 100644 --- a/include/polarssl/sha2.h +++ b/include/polarssl/sha2.h @@ -27,6 +27,8 @@ #ifndef POLARSSL_SHA2_H #define POLARSSL_SHA2_H +#include + /** * \brief SHA-256 context structure */ @@ -61,7 +63,7 @@ void sha2_starts( sha2_context *ctx, int is224 ); * \param input buffer holding the data * \param ilen length of the input data */ -void sha2_update( sha2_context *ctx, const unsigned char *input, int ilen ); +void sha2_update( sha2_context *ctx, const unsigned char *input, size_t ilen ); /** * \brief SHA-256 final digest @@ -79,7 +81,7 @@ void sha2_finish( sha2_context *ctx, unsigned char output[32] ); * \param output SHA-224/256 checksum result * \param is224 0 = use SHA256, 1 = use SHA224 */ -void sha2( const unsigned char *input, int ilen, +void sha2( const unsigned char *input, size_t ilen, unsigned char output[32], int is224 ); /** @@ -102,7 +104,7 @@ int sha2_file( const char *path, unsigned char output[32], int is224 ); * \param keylen length of the HMAC key * \param is224 0 = use SHA256, 1 = use SHA224 */ -void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, int keylen, +void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, size_t keylen, int is224 ); /** @@ -112,7 +114,7 @@ void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, int keylen, * \param input buffer holding the data * \param ilen length of the input data */ -void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, int ilen ); +void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, size_t ilen ); /** * \brief SHA-256 HMAC final digest @@ -139,8 +141,8 @@ void sha2_hmac_reset( sha2_context *ctx ); * \param output HMAC-SHA-224/256 result * \param is224 0 = use SHA256, 1 = use SHA224 */ -void sha2_hmac( const unsigned char *key, int keylen, - const unsigned char *input, int ilen, +void sha2_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, unsigned char output[32], int is224 ); /** diff --git a/include/polarssl/sha4.h b/include/polarssl/sha4.h index 5f980b98e..81a69cdcc 100644 --- a/include/polarssl/sha4.h +++ b/include/polarssl/sha4.h @@ -27,6 +27,8 @@ #ifndef POLARSSL_SHA4_H #define POLARSSL_SHA4_H +#include + #if defined(_MSC_VER) || defined(__WATCOMC__) #define UL64(x) x##ui64 #define int64 __int64 @@ -69,7 +71,7 @@ void sha4_starts( sha4_context *ctx, int is384 ); * \param input buffer holding the data * \param ilen length of the input data */ -void sha4_update( sha4_context *ctx, const unsigned char *input, int ilen ); +void sha4_update( sha4_context *ctx, const unsigned char *input, size_t ilen ); /** * \brief SHA-512 final digest @@ -87,7 +89,7 @@ void sha4_finish( sha4_context *ctx, unsigned char output[64] ); * \param output SHA-384/512 checksum result * \param is384 0 = use SHA512, 1 = use SHA384 */ -void sha4( const unsigned char *input, int ilen, +void sha4( const unsigned char *input, size_t ilen, unsigned char output[64], int is384 ); /** @@ -110,7 +112,7 @@ int sha4_file( const char *path, unsigned char output[64], int is384 ); * \param key HMAC secret key * \param keylen length of the HMAC key */ -void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, int keylen, +void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, size_t keylen, int is384 ); /** @@ -120,7 +122,7 @@ void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, int keylen, * \param input buffer holding the data * \param ilen length of the input data */ -void sha4_hmac_update( sha4_context *ctx, const unsigned char *input, int ilen ); +void sha4_hmac_update( sha4_context *ctx, const unsigned char *input, size_t ilen ); /** * \brief SHA-512 HMAC final digest @@ -147,8 +149,8 @@ void sha4_hmac_reset( sha4_context *ctx ); * \param output HMAC-SHA-384/512 result * \param is384 0 = use SHA512, 1 = use SHA384 */ -void sha4_hmac( const unsigned char *key, int keylen, - const unsigned char *input, int ilen, +void sha4_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, unsigned char output[64], int is384 ); /** diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h index 772bb556e..15b595ff1 100644 --- a/include/polarssl/ssl.h +++ b/include/polarssl/ssl.h @@ -204,7 +204,7 @@ struct _ssl_session { time_t start; /*!< starting time */ int ciphersuite; /*!< chosen ciphersuite */ - int length; /*!< session id length */ + size_t length; /*!< session id length */ unsigned char id[32]; /*!< session identifier */ unsigned char master[48]; /*!< the master secret */ ssl_session *next; /*!< next session entry */ @@ -228,8 +228,8 @@ struct _ssl_context */ int (*f_rng)(void *); void (*f_dbg)(void *, int, const char *); - int (*f_recv)(void *, unsigned char *, int); - int (*f_send)(void *, unsigned char *, int); + int (*f_recv)(void *, unsigned char *, size_t); + int (*f_send)(void *, unsigned char *, size_t); int (*f_vrfy)(void *, x509_cert *, int, int); void *p_rng; /*!< context for the RNG function */ @@ -256,10 +256,10 @@ struct _ssl_context unsigned char *in_offt; /*!< read offset in application data */ int in_msgtype; /*!< record header: message type */ - int in_msglen; /*!< record header: message length */ - int in_left; /*!< amount of data read so far */ + size_t in_msglen; /*!< record header: message length */ + size_t in_left; /*!< amount of data read so far */ - int in_hslen; /*!< current handshake message length */ + size_t in_hslen; /*!< current handshake message length */ int nb_zero; /*!< # of 0-length encrypted messages */ /* @@ -270,8 +270,8 @@ struct _ssl_context unsigned char *out_msg; /*!< the message contents (out_hdr+5) */ int out_msgtype; /*!< record header: message type */ - int out_msglen; /*!< record header: message length */ - int out_left; /*!< amount of data not yet written */ + size_t out_msglen; /*!< record header: message length */ + size_t out_left; /*!< amount of data not yet written */ /* * PKI layer @@ -300,11 +300,11 @@ struct _ssl_context int do_crypt; /*!< en(de)cryption flag */ int *ciphersuites; /*!< allowed ciphersuites */ - int pmslen; /*!< premaster length */ - int keylen; /*!< symmetric key length */ - int minlen; /*!< min. ciphertext length */ - int ivlen; /*!< IV length */ - int maclen; /*!< MAC length */ + size_t pmslen; /*!< premaster length */ + unsigned int keylen; /*!< symmetric key length */ + size_t minlen; /*!< min. ciphertext length */ + size_t ivlen; /*!< IV length */ + size_t maclen; /*!< MAC length */ unsigned char randbytes[64]; /*!< random bytes */ unsigned char premaster[256]; /*!< premaster secret */ @@ -322,7 +322,7 @@ struct _ssl_context * TLS extensions */ unsigned char *hostname; - unsigned long hostname_len; + size_t hostname_len; }; #ifdef __cplusplus @@ -447,8 +447,8 @@ void ssl_set_dbg( ssl_context *ssl, * \param p_send write parameter */ void ssl_set_bio( ssl_context *ssl, - int (*f_recv)(void *, unsigned char *, int), void *p_recv, - int (*f_send)(void *, unsigned char *, int), void *p_send ); + int (*f_recv)(void *, unsigned char *, size_t), void *p_recv, + int (*f_send)(void *, unsigned char *, size_t), void *p_send ); /** * \brief Set the session callbacks (server-side only) @@ -556,7 +556,7 @@ int ssl_set_hostname( ssl_context *ssl, const char *hostname ); * * \return how many bytes are available in the read buffer */ -int ssl_get_bytes_avail( const ssl_context *ssl ); +size_t ssl_get_bytes_avail( const ssl_context *ssl ); /** * \brief Return the result of the certificate verification @@ -609,7 +609,7 @@ int ssl_handshake( ssl_context *ssl ); * \return This function returns the number of bytes read, * or a negative error code. */ -int ssl_read( ssl_context *ssl, unsigned char *buf, int len ); +int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len ); /** * \brief Write exactly 'len' application data bytes @@ -625,7 +625,7 @@ int ssl_read( ssl_context *ssl, unsigned char *buf, int len ); * it must be called later with the *same* arguments, * until it returns a positive value. */ -int ssl_write( ssl_context *ssl, const unsigned char *buf, int len ); +int ssl_write( ssl_context *ssl, const unsigned char *buf, size_t len ); /** * \brief Notify the peer that the connection is being closed @@ -651,7 +651,7 @@ int ssl_derive_keys( ssl_context *ssl ); void ssl_calc_verify( ssl_context *ssl, unsigned char hash[36] ); int ssl_read_record( ssl_context *ssl ); -int ssl_fetch_input( ssl_context *ssl, int nb_want ); +int ssl_fetch_input( ssl_context *ssl, size_t nb_want ); int ssl_write_record( ssl_context *ssl ); int ssl_flush_output( ssl_context *ssl ); diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h index e6d0c34f5..731c1863c 100644 --- a/include/polarssl/x509.h +++ b/include/polarssl/x509.h @@ -284,7 +284,7 @@ typedef struct _x509_buf { int tag; /**< ASN1 type, e.g. ASN1_UTF8_STRING. */ - int len; /**< ASN1 length, e.g. in octets. */ + size_t len; /**< ASN1 length, e.g. in octets. */ unsigned char *p; /**< ASN1 data, e.g. in ASCII. */ } x509_buf; @@ -294,7 +294,7 @@ x509_buf; */ typedef struct _x509_bitstring { - int len; /**< ASN1 length, e.g. in octets. */ + size_t len; /**< ASN1 length, e.g. in octets. */ unsigned char unused_bits; /**< Number of unused bits at the end of the string */ unsigned char *p; /**< Raw ASN1 data for the bit string */ } @@ -483,7 +483,7 @@ extern "C" { * * \return 0 if successful, or a specific X509 or PEM error code */ -int x509parse_crt( x509_cert *chain, const unsigned char *buf, int buflen ); +int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen ); /** \ingroup x509_module */ /** @@ -508,7 +508,7 @@ int x509parse_crtfile( x509_cert *chain, const char *path ); * * \return 0 if successful, or a specific X509 or PEM error code */ -int x509parse_crl( x509_crl *chain, const unsigned char *buf, int buflen ); +int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen ); /** \ingroup x509_module */ /** @@ -535,8 +535,8 @@ int x509parse_crlfile( x509_crl *chain, const char *path ); * \return 0 if successful, or a specific X509 or PEM error code */ int x509parse_key( rsa_context *rsa, - const unsigned char *key, int keylen, - const unsigned char *pwd, int pwdlen ); + const unsigned char *key, size_t keylen, + const unsigned char *pwd, size_t pwdlen ); /** \ingroup x509_module */ /** @@ -562,7 +562,7 @@ int x509parse_keyfile( rsa_context *rsa, const char *path, * \return 0 if successful, or a specific X509 or PEM error code */ int x509parse_public_key( rsa_context *rsa, - const unsigned char *key, int keylen ); + const unsigned char *key, size_t keylen ); /** \ingroup x509_module */ /** @@ -585,7 +585,7 @@ int x509parse_public_keyfile( rsa_context *rsa, const char *path ); * * \return 0 if successful, or a specific X509 or PEM error code */ -int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, int dhminlen ); +int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen ); /** \ingroup x509_module */ /** diff --git a/include/polarssl/xtea.h b/include/polarssl/xtea.h index feb1237cc..8f41d5d4d 100644 --- a/include/polarssl/xtea.h +++ b/include/polarssl/xtea.h @@ -27,6 +27,8 @@ #ifndef POLARSSL_XTEA_H #define POLARSSL_XTEA_H +#include + #ifdef _MSC_VER #include typedef UINT32 uint32_t; @@ -71,9 +73,9 @@ void xtea_setup( xtea_context *ctx, unsigned char key[16] ); * \return 0 if successful */ int xtea_crypt_ecb( xtea_context *ctx, - int mode, - unsigned char input[8], - unsigned char output[8] ); + int mode, + unsigned char input[8], + unsigned char output[8] ); /** * \brief XTEA CBC cipher function @@ -90,7 +92,7 @@ int xtea_crypt_ecb( xtea_context *ctx, */ int xtea_crypt_cbc( xtea_context *ctx, int mode, - int length, + size_t length, unsigned char iv[8], unsigned char *input, unsigned char *output); diff --git a/library/aes.c b/library/aes.c index 7e768e0f4..ce418d679 100644 --- a/library/aes.c +++ b/library/aes.c @@ -36,8 +36,6 @@ #include "polarssl/aes.h" #include "polarssl/padlock.h" -#include - /* * 32-bit integer manipulation macros (little endian) */ @@ -441,9 +439,9 @@ static void aes_gen_tables( void ) /* * AES key schedule (encryption) */ -int aes_setkey_enc( aes_context *ctx, const unsigned char *key, int keysize ) +int aes_setkey_enc( aes_context *ctx, const unsigned char *key, unsigned int keysize ) { - int i; + unsigned int i; unsigned long *RK; #if !defined(POLARSSL_AES_ROM_TABLES) @@ -546,7 +544,7 @@ int aes_setkey_enc( aes_context *ctx, const unsigned char *key, int keysize ) /* * AES key schedule (decryption) */ -int aes_setkey_dec( aes_context *ctx, const unsigned char *key, int keysize ) +int aes_setkey_dec( aes_context *ctx, const unsigned char *key, unsigned int keysize ) { int i, j; aes_context cty; @@ -758,7 +756,7 @@ int aes_crypt_ecb( aes_context *ctx, */ int aes_crypt_cbc( aes_context *ctx, int mode, - int length, + size_t length, unsigned char iv[16], const unsigned char *input, unsigned char *output ) @@ -823,7 +821,7 @@ int aes_crypt_cbc( aes_context *ctx, */ int aes_crypt_cfb128( aes_context *ctx, int mode, - int length, + size_t length, int *iv_off, unsigned char iv[16], const unsigned char *input, diff --git a/library/arc4.c b/library/arc4.c index c7725bec0..07665ad62 100644 --- a/library/arc4.c +++ b/library/arc4.c @@ -37,9 +37,10 @@ /* * ARC4 key schedule */ -void arc4_setup( arc4_context *ctx, const unsigned char *key, int keylen ) +void arc4_setup( arc4_context *ctx, const unsigned char *key, unsigned int keylen ) { - int i, j, k, a; + int i, j, a; + unsigned int k; unsigned char *m; ctx->x = 0; @@ -65,10 +66,11 @@ void arc4_setup( arc4_context *ctx, const unsigned char *key, int keylen ) /* * ARC4 cipher function */ -int arc4_crypt( arc4_context *ctx, int length, const unsigned char *input, +int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input, unsigned char *output ) { - int i, x, y, a, b; + int x, y, a, b; + size_t i; unsigned char *m; x = ctx->x; diff --git a/library/base64.c b/library/base64.c index 8d49a81a7..8601c9419 100644 --- a/library/base64.c +++ b/library/base64.c @@ -60,10 +60,10 @@ static const unsigned char base64_dec_map[128] = /* * Encode a buffer into base64 format */ -int base64_encode( unsigned char *dst, int *dlen, - const unsigned char *src, int slen ) +int base64_encode( unsigned char *dst, size_t *dlen, + const unsigned char *src, size_t slen ) { - int i, n; + size_t i, n; int C1, C2, C3; unsigned char *p; @@ -123,10 +123,10 @@ int base64_encode( unsigned char *dst, int *dlen, /* * Decode a base64-formatted buffer */ -int base64_decode( unsigned char *dst, int *dlen, - const unsigned char *src, int slen ) +int base64_decode( unsigned char *dst, size_t *dlen, + const unsigned char *src, size_t slen ) { - int i, j, n; + size_t i, j, n; unsigned long x; unsigned char *p; @@ -210,7 +210,7 @@ static const unsigned char base64_test_enc[] = */ int base64_self_test( int verbose ) { - int len; + size_t len; unsigned char *src, buffer[128]; if( verbose != 0 ) diff --git a/library/bignum.c b/library/bignum.c index 8ae3921db..3d8b383d9 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -37,7 +37,6 @@ #include "polarssl/bignum.h" #include "polarssl/bn_mul.h" -#include #include #include @@ -102,7 +101,7 @@ void mpi_free( mpi *X, ... ) /* * Enlarge to the specified number of limbs */ -int mpi_grow( mpi *X, int nblimbs ) +int mpi_grow( mpi *X, size_t nblimbs ) { t_int *p; @@ -132,7 +131,8 @@ int mpi_grow( mpi *X, int nblimbs ) */ int mpi_copy( mpi *X, const mpi *Y ) { - int ret, i; + int ret; + size_t i; if( X == Y ) return( 0 ); @@ -169,7 +169,7 @@ void mpi_swap( mpi *X, mpi *Y ) /* * Set value from integer */ -int mpi_lset( mpi *X, int z ) +int mpi_lset( mpi *X, t_s_int z ) { int ret; @@ -187,9 +187,9 @@ cleanup: /* * Return the number of least significant bits */ -int mpi_lsb( const mpi *X ) +size_t mpi_lsb( const mpi *X ) { - int i, j, count = 0; + size_t i, j, count = 0; for( i = 0; i < X->n; i++ ) for( j = 0; j < (int) biL; j++, count++ ) @@ -202,25 +202,25 @@ int mpi_lsb( const mpi *X ) /* * Return the number of most significant bits */ -int mpi_msb( const mpi *X ) +size_t mpi_msb( const mpi *X ) { - int i, j; + size_t i, j; for( i = X->n - 1; i > 0; i-- ) if( X->p[i] != 0 ) break; - for( j = biL - 1; j >= 0; j-- ) - if( ( ( X->p[i] >> j ) & 1 ) != 0 ) + for( j = biL; j > 0; j-- ) + if( ( ( X->p[i] >> ( j - 1 ) ) & 1 ) != 0 ) break; - return( ( i * biL ) + j + 1 ); + return( ( i * biL ) + j ); } /* * Return the total size in bytes */ -int mpi_size( const mpi *X ) +size_t mpi_size( const mpi *X ) { return( ( mpi_msb( X ) + 7 ) >> 3 ); } @@ -247,7 +247,8 @@ static int mpi_get_digit( t_int *d, int radix, char c ) */ int mpi_read_string( mpi *X, int radix, const char *s ) { - int ret, i, j, n, slen; + int ret; + size_t i, j, slen, n; t_int d; mpi T; @@ -265,15 +266,15 @@ int mpi_read_string( mpi *X, int radix, const char *s ) MPI_CHK( mpi_grow( X, n ) ); MPI_CHK( mpi_lset( X, 0 ) ); - for( i = slen - 1, j = 0; i >= 0; i--, j++ ) + for( i = slen, j = 0; i > 0; i--, j++ ) { - if( i == 0 && s[i] == '-' ) + if( i == 1 && s[i - 1] == '-' ) { X->s = -1; break; } - MPI_CHK( mpi_get_digit( &d, radix, s[i] ) ); + MPI_CHK( mpi_get_digit( &d, radix, s[i - 1] ) ); X->p[j / (2 * ciL)] |= d << ( (j % (2 * ciL)) << 2 ); } } @@ -340,9 +341,10 @@ cleanup: /* * Export into an ASCII string */ -int mpi_write_string( const mpi *X, int radix, char *s, int *slen ) +int mpi_write_string( const mpi *X, int radix, char *s, size_t *slen ) { - int ret = 0, n; + int ret = 0; + size_t n; char *p; mpi T; @@ -368,15 +370,16 @@ int mpi_write_string( const mpi *X, int radix, char *s, int *slen ) if( radix == 16 ) { - int c, i, j, k; + int c; + size_t i, j, k; - for( i = X->n - 1, k = 0; i >= 0; i-- ) + for( i = X->n, k = 0; i > 0; i-- ) { - for( j = ciL - 1; j >= 0; j-- ) + for( j = ciL; j > 0; j-- ) { - c = ( X->p[i] >> (j << 3) ) & 0xFF; + c = ( X->p[i - 1] >> ( ( j - 1 ) << 3) ) & 0xFF; - if( c == 0 && k == 0 && (i + j) != 0 ) + if( c == 0 && k == 0 && ( i + j + 3 ) != 0 ) continue; p += sprintf( p, "%02X", c ); @@ -410,7 +413,7 @@ cleanup: int mpi_read_file( mpi *X, int radix, FILE *fin ) { t_int d; - int slen; + size_t slen; char *p; char s[1024]; @@ -435,16 +438,15 @@ int mpi_read_file( mpi *X, int radix, FILE *fin ) */ int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout ) { - int n, ret; - size_t slen; - size_t plen; + int ret; + size_t n, slen, plen; char s[2048]; n = sizeof( s ); memset( s, 0, n ); n -= 2; - MPI_CHK( mpi_write_string( X, radix, s, (int *) &n ) ); + MPI_CHK( mpi_write_string( X, radix, s, (size_t *) &n ) ); if( p == NULL ) p = ""; @@ -470,9 +472,10 @@ cleanup: /* * Import X from unsigned binary data, big endian */ -int mpi_read_binary( mpi *X, const unsigned char *buf, int buflen ) +int mpi_read_binary( mpi *X, const unsigned char *buf, size_t buflen ) { - int ret, i, j, n; + int ret; + size_t i, j, n; for( n = 0; n < buflen; n++ ) if( buf[n] != 0 ) @@ -481,8 +484,8 @@ int mpi_read_binary( mpi *X, const unsigned char *buf, int buflen ) MPI_CHK( mpi_grow( X, CHARS_TO_LIMBS( buflen - n ) ) ); MPI_CHK( mpi_lset( X, 0 ) ); - for( i = buflen - 1, j = 0; i >= n; i--, j++ ) - X->p[j / ciL] |= ((t_int) buf[i]) << ((j % ciL) << 3); + for( i = buflen, j = 0; i > n; i--, j++ ) + X->p[j / ciL] |= ((t_int) buf[i - 1]) << ((j % ciL) << 3); cleanup: @@ -492,9 +495,9 @@ cleanup: /* * Export X into unsigned binary data, big endian */ -int mpi_write_binary( const mpi *X, unsigned char *buf, int buflen ) +int mpi_write_binary( const mpi *X, unsigned char *buf, size_t buflen ) { - int i, j, n; + size_t i, j, n; n = mpi_size( X ); @@ -512,9 +515,10 @@ int mpi_write_binary( const mpi *X, unsigned char *buf, int buflen ) /* * Left-shift: X <<= count */ -int mpi_shift_l( mpi *X, int count ) +int mpi_shift_l( mpi *X, size_t count ) { - int ret, i, v0, t1; + int ret; + size_t i, v0, t1; t_int r0 = 0, r1; v0 = count / (biL ); @@ -532,11 +536,11 @@ int mpi_shift_l( mpi *X, int count ) */ if( v0 > 0 ) { - for( i = X->n - 1; i >= v0; i-- ) - X->p[i] = X->p[i - v0]; + for( i = X->n; i > v0; i-- ) + X->p[i - 1] = X->p[i - v0 - 1]; - for( ; i >= 0; i-- ) - X->p[i] = 0; + for( ; i > 0; i-- ) + X->p[i - 1] = 0; } /* @@ -561,9 +565,9 @@ cleanup: /* * Right-shift: X >>= count */ -int mpi_shift_r( mpi *X, int count ) +int mpi_shift_r( mpi *X, size_t count ) { - int i, v0, v1; + size_t i, v0, v1; t_int r0 = 0, r1; v0 = count / biL; @@ -586,11 +590,11 @@ int mpi_shift_r( mpi *X, int count ) */ if( v1 > 0 ) { - for( i = X->n - 1; i >= 0; i-- ) + for( i = X->n; i > 0; i-- ) { - r1 = X->p[i] << (biL - v1); - X->p[i] >>= v1; - X->p[i] |= r0; + r1 = X->p[i - 1] << (biL - v1); + X->p[i - 1] >>= v1; + X->p[i - 1] |= r0; r0 = r1; } } @@ -603,26 +607,26 @@ int mpi_shift_r( mpi *X, int count ) */ int mpi_cmp_abs( const mpi *X, const mpi *Y ) { - int i, j; + size_t i, j; - for( i = X->n - 1; i >= 0; i-- ) - if( X->p[i] != 0 ) + for( i = X->n; i > 0; i-- ) + if( X->p[i - 1] != 0 ) break; - for( j = Y->n - 1; j >= 0; j-- ) - if( Y->p[j] != 0 ) + for( j = Y->n; j > 0; j-- ) + if( Y->p[j - 1] != 0 ) break; - if( i < 0 && j < 0 ) + if( i == 0 && j == 0 ) return( 0 ); if( i > j ) return( 1 ); if( j > i ) return( -1 ); - for( ; i >= 0; i-- ) + for( ; i > 0; i-- ) { - if( X->p[i] > Y->p[i] ) return( 1 ); - if( X->p[i] < Y->p[i] ) return( -1 ); + if( X->p[i - 1] > Y->p[i - 1] ) return( 1 ); + if( X->p[i - 1] < Y->p[i - 1] ) return( -1 ); } return( 0 ); @@ -633,17 +637,17 @@ int mpi_cmp_abs( const mpi *X, const mpi *Y ) */ int mpi_cmp_mpi( const mpi *X, const mpi *Y ) { - int i, j; + size_t i, j; - for( i = X->n - 1; i >= 0; i-- ) - if( X->p[i] != 0 ) + for( i = X->n; i > 0; i-- ) + if( X->p[i - 1] != 0 ) break; - for( j = Y->n - 1; j >= 0; j-- ) - if( Y->p[j] != 0 ) + for( j = Y->n; j > 0; j-- ) + if( Y->p[j - 1] != 0 ) break; - if( i < 0 && j < 0 ) + if( i == 0 && j == 0 ) return( 0 ); if( i > j ) return( X->s ); @@ -652,10 +656,10 @@ int mpi_cmp_mpi( const mpi *X, const mpi *Y ) if( X->s > 0 && Y->s < 0 ) return( 1 ); if( Y->s > 0 && X->s < 0 ) return( -1 ); - for( ; i >= 0; i-- ) + for( ; i > 0; i-- ) { - if( X->p[i] > Y->p[i] ) return( X->s ); - if( X->p[i] < Y->p[i] ) return( -X->s ); + if( X->p[i - 1] > Y->p[i - 1] ) return( X->s ); + if( X->p[i - 1] < Y->p[i - 1] ) return( -X->s ); } return( 0 ); @@ -664,7 +668,7 @@ int mpi_cmp_mpi( const mpi *X, const mpi *Y ) /* * Compare signed values */ -int mpi_cmp_int( const mpi *X, int z ) +int mpi_cmp_int( const mpi *X, t_s_int z ) { mpi Y; t_int p[1]; @@ -682,7 +686,8 @@ int mpi_cmp_int( const mpi *X, int z ) */ int mpi_add_abs( mpi *X, const mpi *A, const mpi *B ) { - int ret, i, j; + int ret; + size_t i, j; t_int *o, *p, c; if( X == B ) @@ -698,15 +703,15 @@ int mpi_add_abs( mpi *X, const mpi *A, const mpi *B ) */ X->s = 1; - for( j = B->n - 1; j >= 0; j-- ) - if( B->p[j] != 0 ) + for( j = B->n; j > 0; j-- ) + if( B->p[j - 1] != 0 ) break; - MPI_CHK( mpi_grow( X, j + 1 ) ); + MPI_CHK( mpi_grow( X, j ) ); o = B->p; p = X->p; c = 0; - for( i = 0; i <= j; i++, o++, p++ ) + for( i = 0; i < j; i++, o++, p++ ) { *p += c; c = ( *p < c ); *p += *o; c += ( *p < *o ); @@ -731,9 +736,9 @@ cleanup: /* * Helper for mpi substraction */ -static void mpi_sub_hlp( int n, t_int *s, t_int *d ) +static void mpi_sub_hlp( size_t n, t_int *s, t_int *d ) { - int i; + size_t i; t_int c, z; for( i = c = 0; i < n; i++, s++, d++ ) @@ -755,7 +760,8 @@ static void mpi_sub_hlp( int n, t_int *s, t_int *d ) int mpi_sub_abs( mpi *X, const mpi *A, const mpi *B ) { mpi TB; - int ret, n; + int ret; + size_t n; if( mpi_cmp_abs( A, B ) < 0 ) return( POLARSSL_ERR_MPI_NEGATIVE_VALUE ); @@ -778,11 +784,11 @@ int mpi_sub_abs( mpi *X, const mpi *A, const mpi *B ) ret = 0; - for( n = B->n - 1; n >= 0; n-- ) - if( B->p[n] != 0 ) + for( n = B->n; n > 0; n-- ) + if( B->p[n - 1] != 0 ) break; - mpi_sub_hlp( n + 1, B->p, X->p ); + mpi_sub_hlp( n, B->p, X->p ); cleanup: @@ -856,7 +862,7 @@ cleanup: /* * Signed addition: X = A + b */ -int mpi_add_int( mpi *X, const mpi *A, int b ) +int mpi_add_int( mpi *X, const mpi *A, t_s_int b ) { mpi _B; t_int p[1]; @@ -872,7 +878,7 @@ int mpi_add_int( mpi *X, const mpi *A, int b ) /* * Signed substraction: X = A - b */ -int mpi_sub_int( mpi *X, const mpi *A, int b ) +int mpi_sub_int( mpi *X, const mpi *A, t_s_int b ) { mpi _B; t_int p[1]; @@ -888,7 +894,7 @@ int mpi_sub_int( mpi *X, const mpi *A, int b ) /* * Helper for mpi multiplication */ -static void mpi_mul_hlp( int i, t_int *s, t_int *d, t_int b ) +static void mpi_mul_hlp( size_t i, t_int *s, t_int *d, t_int b ) { t_int c = 0, t = 0; @@ -954,7 +960,8 @@ static void mpi_mul_hlp( int i, t_int *s, t_int *d, t_int b ) */ int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B ) { - int ret, i, j; + int ret; + size_t i, j; mpi TA, TB; mpi_init( &TA, &TB, NULL ); @@ -962,19 +969,19 @@ int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B ) if( X == A ) { MPI_CHK( mpi_copy( &TA, A ) ); A = &TA; } if( X == B ) { MPI_CHK( mpi_copy( &TB, B ) ); B = &TB; } - for( i = A->n - 1; i >= 0; i-- ) - if( A->p[i] != 0 ) + for( i = A->n; i > 0; i-- ) + if( A->p[i - 1] != 0 ) break; - for( j = B->n - 1; j >= 0; j-- ) - if( B->p[j] != 0 ) + for( j = B->n; j > 0; j-- ) + if( B->p[j - 1] != 0 ) break; - MPI_CHK( mpi_grow( X, i + j + 2 ) ); + MPI_CHK( mpi_grow( X, i + j ) ); MPI_CHK( mpi_lset( X, 0 ) ); - for( i++; j >= 0; j-- ) - mpi_mul_hlp( i, A->p, X->p + j, B->p[j] ); + for( i++; j > 0; j-- ) + mpi_mul_hlp( i - 1, A->p, X->p + j - 1, B->p[j - 1] ); X->s = A->s * B->s; @@ -988,7 +995,7 @@ cleanup: /* * Baseline multiplication: X = A * b */ -int mpi_mul_int( mpi *X, const mpi *A, t_int b ) +int mpi_mul_int( mpi *X, const mpi *A, t_s_int b ) { mpi _B; t_int p[1]; @@ -1006,7 +1013,8 @@ int mpi_mul_int( mpi *X, const mpi *A, t_int b ) */ int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B ) { - int ret, i, n, t, k; + int ret; + size_t i, n, t, k; mpi X, Y, Z, T1, T2; if( mpi_cmp_int( B, 0 ) == 0 ) @@ -1169,7 +1177,7 @@ cleanup: * 1 if memory allocation failed * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0 */ -int mpi_div_int( mpi *Q, mpi *R, const mpi *A, int b ) +int mpi_div_int( mpi *Q, mpi *R, const mpi *A, t_s_int b ) { mpi _B; t_int p[1]; @@ -1208,9 +1216,9 @@ cleanup: /* * Modulo: r = A mod b */ -int mpi_mod_int( t_int *r, const mpi *A, int b ) +int mpi_mod_int( t_int *r, const mpi *A, t_s_int b ) { - int i; + size_t i; t_int x, y, z; if( b == 0 ) @@ -1237,9 +1245,9 @@ int mpi_mod_int( t_int *r, const mpi *A, int b ) /* * general case */ - for( i = A->n - 1, y = 0; i >= 0; i-- ) + for( i = A->n, y = 0; i > 0; i-- ) { - x = A->p[i]; + x = A->p[i - 1]; y = ( y << biH ) | ( x >> biH ); z = y / b; y -= z * b; @@ -1285,7 +1293,7 @@ static void mpi_montg_init( t_int *mm, const mpi *N ) */ static void mpi_montmul( mpi *A, const mpi *B, const mpi *N, t_int mm, const mpi *T ) { - int i, n, m; + size_t i, n, m; t_int u0, u1, *d; memset( T->p, 0, T->n * ciL ); @@ -1336,8 +1344,10 @@ static void mpi_montred( mpi *A, const mpi *N, t_int mm, const mpi *T ) */ int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR ) { - int ret, i, j, wsize, wbits; - int bufsize, nblimbs, nbits; + int ret; + size_t wbits, wsize, one = 1; + size_t i, j, nblimbs; + size_t bufsize, nbits; t_int ei, mm, state; mpi RR, T, W[64]; @@ -1396,7 +1406,7 @@ int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR ) /* * W[1 << (wsize - 1)] = W[1] ^ (wsize - 1) */ - j = 1 << (wsize - 1); + j = one << (wsize - 1); MPI_CHK( mpi_grow( &W[j], N->n + 1 ) ); MPI_CHK( mpi_copy( &W[j], &W[1] ) ); @@ -1407,7 +1417,7 @@ int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR ) /* * W[i] = W[i - 1] * W[1] */ - for( i = j + 1; i < (1 << wsize); i++ ) + for( i = j + 1; i < (one << wsize); i++ ) { MPI_CHK( mpi_grow( &W[i], N->n + 1 ) ); MPI_CHK( mpi_copy( &W[i], &W[i - 1] ) ); @@ -1487,7 +1497,7 @@ int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR ) wbits <<= 1; - if( (wbits & (1 << wsize)) != 0 ) + if( (wbits & (one << wsize)) != 0 ) mpi_montmul( X, &W[1], N, mm, &T ); } @@ -1498,7 +1508,7 @@ int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR ) cleanup: - for( i = (1 << (wsize - 1)); i < (1 << wsize); i++ ) + for( i = (one << (wsize - 1)); i < (one << wsize); i++ ) mpi_free( &W[i], NULL ); if( _RR != NULL ) @@ -1513,7 +1523,8 @@ cleanup: */ int mpi_gcd( mpi *G, const mpi *A, const mpi *B ) { - int ret, lz, lzt; + int ret; + size_t lz, lzt; mpi TG, TA, TB; mpi_init( &TG, &TA, &TB, NULL ); @@ -1559,9 +1570,10 @@ cleanup: return( ret ); } -int mpi_fill_random( mpi *X, int size, int (*f_rng)(void *), void *p_rng ) +int mpi_fill_random( mpi *X, size_t size, int (*f_rng)(void *), void *p_rng ) { - int ret, k; + int ret; + size_t k; unsigned char *p; MPI_CHK( mpi_grow( X, size ) ); @@ -1700,7 +1712,8 @@ static const int small_prime[] = */ int mpi_is_prime( mpi *X, int (*f_rng)(void *), void *p_rng ) { - int ret, i, j, n, s, xs; + int ret, xs; + size_t i, j, n, s; mpi W, R, T, A, RR; if( mpi_cmp_int( X, 0 ) == 0 || @@ -1811,10 +1824,11 @@ cleanup: /* * Prime number generation */ -int mpi_gen_prime( mpi *X, int nbits, int dh_flag, +int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag, int (*f_rng)(void *), void *p_rng ) { - int ret, k, n; + int ret; + size_t k, n; mpi Y; if( nbits < 3 ) @@ -1878,7 +1892,7 @@ cleanup: #if defined(POLARSSL_SELF_TEST) -#define GCD_PAIR_COUNT 3 +#define GCD_PAIR_COUNT 3 static const int gcd_pairs[GCD_PAIR_COUNT][3] = { @@ -2012,17 +2026,17 @@ int mpi_self_test( int verbose ) for ( i = 0; i < GCD_PAIR_COUNT; i++) { MPI_CHK( mpi_lset( &X, gcd_pairs[i][0] ) ); - MPI_CHK( mpi_lset( &Y, gcd_pairs[i][1] ) ); + MPI_CHK( mpi_lset( &Y, gcd_pairs[i][1] ) ); - MPI_CHK( mpi_gcd( &A, &X, &Y ) ); + MPI_CHK( mpi_gcd( &A, &X, &Y ) ); - if( mpi_cmp_int( &A, gcd_pairs[i][2] ) != 0 ) - { - if( verbose != 0 ) - printf( "failed at %d\n", i ); + if( mpi_cmp_int( &A, gcd_pairs[i][2] ) != 0 ) + { + if( verbose != 0 ) + printf( "failed at %d\n", i ); - return( 1 ); - } + return( 1 ); + } } if( verbose != 0 ) diff --git a/library/camellia.c b/library/camellia.c index 6624d175a..d725c1930 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -35,8 +35,6 @@ #include "polarssl/camellia.h" -#include - /* * 32-bit integer manipulation macros (big endian) */ @@ -309,9 +307,10 @@ static void camellia_feistel(const uint32_t x[2], const uint32_t k[2], uint32_t /* * Camellia key schedule (encryption) */ -int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, int keysize ) +int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, unsigned int keysize ) { - int i, idx; + int idx; + size_t i; uint32_t *RK; unsigned char t[64]; uint32_t SIGMA[6][2]; @@ -412,9 +411,10 @@ int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, int ke /* * Camellia key schedule (decryption) */ -int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, int keysize ) +int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, unsigned int keysize ) { - int i, idx; + int idx; + size_t i; camellia_context cty; uint32_t *RK; uint32_t *SK; @@ -526,7 +526,7 @@ int camellia_crypt_ecb( camellia_context *ctx, */ int camellia_crypt_cbc( camellia_context *ctx, int mode, - int length, + size_t length, unsigned char iv[16], const unsigned char *input, unsigned char *output ) @@ -579,7 +579,7 @@ int camellia_crypt_cbc( camellia_context *ctx, */ int camellia_crypt_cfb128( camellia_context *ctx, int mode, - int length, + size_t length, int *iv_off, unsigned char iv[16], const unsigned char *input, diff --git a/library/cipher.c b/library/cipher.c index ee3cd45ac..56ac7c44f 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -34,7 +34,6 @@ #include "polarssl/cipher.h" #include "polarssl/cipher_wrap.h" -#include #include #if defined _MSC_VER && !defined strcasecmp @@ -196,10 +195,10 @@ int cipher_reset( cipher_context_t *ctx, const unsigned char *iv ) return 0; } -int cipher_update( cipher_context_t *ctx, const unsigned char *input, int ilen, - unsigned char *output, int *olen ) +int cipher_update( cipher_context_t *ctx, const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen ) { - int copy_len = 0; + size_t copy_len = 0; if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen || input == output ) @@ -286,18 +285,18 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input, int ilen, return 1; } -static void add_pkcs_padding( unsigned char *output, unsigned char output_len, - int data_len ) +static void add_pkcs_padding( unsigned char *output, size_t output_len, + size_t data_len ) { - unsigned char padding_len = output_len - data_len; + size_t padding_len = output_len - data_len; unsigned char i = 0; for( i = 0; i < padding_len; i++ ) - output[data_len + i] = padding_len; + output[data_len + i] = (unsigned char) padding_len; } static int get_pkcs_padding( unsigned char *input, unsigned char input_len, - int *data_len) + size_t *data_len) { int i = 0; unsigned char padding_len = 0; @@ -319,7 +318,7 @@ static int get_pkcs_padding( unsigned char *input, unsigned char input_len, return 0; } -int cipher_finish( cipher_context_t *ctx, unsigned char *output, int *olen) +int cipher_finish( cipher_context_t *ctx, unsigned char *output, size_t *olen) { if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen ) return 1; diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index bfcfcb598..f1abf299a 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -36,23 +36,22 @@ #include "polarssl/camellia.h" #include "polarssl/des.h" -#include #include #if defined(POLARSSL_AES_C) -int aes_crypt_cbc_wrap( void *ctx, operation_t operation, int length, +int aes_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length, unsigned char *iv, const unsigned char *input, unsigned char *output ) { return aes_crypt_cbc( (aes_context *) ctx, operation, length, iv, input, output ); } -int aes_setkey_dec_wrap( void *ctx, const unsigned char *key, int key_length ) +int aes_setkey_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) { return aes_setkey_dec( (aes_context *) ctx, key, key_length ); } -int aes_setkey_enc_wrap( void *ctx, const unsigned char *key, int key_length ) +int aes_setkey_enc_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) { return aes_setkey_enc( (aes_context *) ctx, key, key_length ); } @@ -68,65 +67,65 @@ static void aes_ctx_free( void *ctx ) } const cipher_info_t aes_128_cbc_info = { - POLARSSL_CIPHER_AES_128_CBC, - POLARSSL_CIPHER_ID_AES, - POLARSSL_MODE_CBC, - 128, - "AES-128-CBC", - 16, - 16, - aes_crypt_cbc_wrap, - aes_setkey_enc_wrap, - aes_setkey_dec_wrap, - aes_ctx_alloc, - aes_ctx_free + POLARSSL_CIPHER_AES_128_CBC, + POLARSSL_CIPHER_ID_AES, + POLARSSL_MODE_CBC, + 128, + "AES-128-CBC", + 16, + 16, + aes_crypt_cbc_wrap, + aes_setkey_enc_wrap, + aes_setkey_dec_wrap, + aes_ctx_alloc, + aes_ctx_free }; const cipher_info_t aes_192_cbc_info = { - POLARSSL_CIPHER_AES_192_CBC, - POLARSSL_CIPHER_ID_AES, - POLARSSL_MODE_CBC, - 192, - "AES-192-CBC", - 16, - 16, - aes_crypt_cbc_wrap, - aes_setkey_enc_wrap, - aes_setkey_dec_wrap, - aes_ctx_alloc, - aes_ctx_free + POLARSSL_CIPHER_AES_192_CBC, + POLARSSL_CIPHER_ID_AES, + POLARSSL_MODE_CBC, + 192, + "AES-192-CBC", + 16, + 16, + aes_crypt_cbc_wrap, + aes_setkey_enc_wrap, + aes_setkey_dec_wrap, + aes_ctx_alloc, + aes_ctx_free }; const cipher_info_t aes_256_cbc_info = { - POLARSSL_CIPHER_AES_256_CBC, - POLARSSL_CIPHER_ID_AES, - POLARSSL_MODE_CBC, - 256, - "AES-256-CBC", - 16, - 16, - aes_crypt_cbc_wrap, - aes_setkey_enc_wrap, - aes_setkey_dec_wrap, - aes_ctx_alloc, - aes_ctx_free + POLARSSL_CIPHER_AES_256_CBC, + POLARSSL_CIPHER_ID_AES, + POLARSSL_MODE_CBC, + 256, + "AES-256-CBC", + 16, + 16, + aes_crypt_cbc_wrap, + aes_setkey_enc_wrap, + aes_setkey_dec_wrap, + aes_ctx_alloc, + aes_ctx_free }; #endif #if defined(POLARSSL_CAMELLIA_C) -int camellia_crypt_cbc_wrap( void *ctx, operation_t operation, int length, +int camellia_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length, unsigned char *iv, const unsigned char *input, unsigned char *output ) { return camellia_crypt_cbc( (camellia_context *) ctx, operation, length, iv, input, output ); } -int camellia_setkey_dec_wrap( void *ctx, const unsigned char *key, int key_length ) +int camellia_setkey_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) { return camellia_setkey_dec( (camellia_context *) ctx, key, key_length ); } -int camellia_setkey_enc_wrap( void *ctx, const unsigned char *key, int key_length ) +int camellia_setkey_enc_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) { return camellia_setkey_enc( (camellia_context *) ctx, key, key_length ); } @@ -142,101 +141,101 @@ static void camellia_ctx_free( void *ctx ) } const cipher_info_t camellia_128_cbc_info = { - POLARSSL_CIPHER_CAMELLIA_128_CBC, - POLARSSL_CIPHER_ID_CAMELLIA, - POLARSSL_MODE_CBC, - 128, - "CAMELLIA-128-CBC", - 16, - 16, - camellia_crypt_cbc_wrap, - camellia_setkey_enc_wrap, - camellia_setkey_dec_wrap, - camellia_ctx_alloc, - camellia_ctx_free + POLARSSL_CIPHER_CAMELLIA_128_CBC, + POLARSSL_CIPHER_ID_CAMELLIA, + POLARSSL_MODE_CBC, + 128, + "CAMELLIA-128-CBC", + 16, + 16, + camellia_crypt_cbc_wrap, + camellia_setkey_enc_wrap, + camellia_setkey_dec_wrap, + camellia_ctx_alloc, + camellia_ctx_free }; const cipher_info_t camellia_192_cbc_info = { - POLARSSL_CIPHER_CAMELLIA_192_CBC, - POLARSSL_CIPHER_ID_CAMELLIA, - POLARSSL_MODE_CBC, - 192, - "CAMELLIA-192-CBC", - 16, - 16, - camellia_crypt_cbc_wrap, - camellia_setkey_enc_wrap, - camellia_setkey_dec_wrap, - camellia_ctx_alloc, - camellia_ctx_free + POLARSSL_CIPHER_CAMELLIA_192_CBC, + POLARSSL_CIPHER_ID_CAMELLIA, + POLARSSL_MODE_CBC, + 192, + "CAMELLIA-192-CBC", + 16, + 16, + camellia_crypt_cbc_wrap, + camellia_setkey_enc_wrap, + camellia_setkey_dec_wrap, + camellia_ctx_alloc, + camellia_ctx_free }; const cipher_info_t camellia_256_cbc_info = { - POLARSSL_CIPHER_CAMELLIA_256_CBC, - POLARSSL_CIPHER_ID_CAMELLIA, - POLARSSL_MODE_CBC, - 256, - "CAMELLIA-256-CBC", - 16, - 16, - camellia_crypt_cbc_wrap, - camellia_setkey_enc_wrap, - camellia_setkey_dec_wrap, - camellia_ctx_alloc, - camellia_ctx_free + POLARSSL_CIPHER_CAMELLIA_256_CBC, + POLARSSL_CIPHER_ID_CAMELLIA, + POLARSSL_MODE_CBC, + 256, + "CAMELLIA-256-CBC", + 16, + 16, + camellia_crypt_cbc_wrap, + camellia_setkey_enc_wrap, + camellia_setkey_dec_wrap, + camellia_ctx_alloc, + camellia_ctx_free }; #endif #if defined(POLARSSL_DES_C) -int des_crypt_cbc_wrap( void *ctx, operation_t operation, int length, +int des_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length, unsigned char *iv, const unsigned char *input, unsigned char *output ) { return des_crypt_cbc( (des_context *) ctx, operation, length, iv, input, output ); } -int des3_crypt_cbc_wrap( void *ctx, operation_t operation, int length, +int des3_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length, unsigned char *iv, const unsigned char *input, unsigned char *output ) { return des3_crypt_cbc( (des3_context *) ctx, operation, length, iv, input, output ); } -int des_setkey_dec_wrap( void *ctx, const unsigned char *key, int key_length ) +int des_setkey_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) { ((void) key_length); return des_setkey_dec( (des_context *) ctx, key ); } -int des_setkey_enc_wrap( void *ctx, const unsigned char *key, int key_length ) +int des_setkey_enc_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) { ((void) key_length); return des_setkey_enc( (des_context *) ctx, key ); } -int des3_set2key_dec_wrap( void *ctx, const unsigned char *key, int key_length ) +int des3_set2key_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) { ((void) key_length); return des3_set2key_dec( (des3_context *) ctx, key ); } -int des3_set2key_enc_wrap( void *ctx, const unsigned char *key, int key_length ) +int des3_set2key_enc_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) { ((void) key_length); return des3_set2key_enc( (des3_context *) ctx, key ); } -int des3_set3key_dec_wrap( void *ctx, const unsigned char *key, int key_length ) +int des3_set3key_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) { ((void) key_length); return des3_set3key_dec( (des3_context *) ctx, key ); } -int des3_set3key_enc_wrap( void *ctx, const unsigned char *key, int key_length ) +int des3_set3key_enc_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) { ((void) key_length); @@ -259,48 +258,48 @@ static void des_ctx_free( void *ctx ) } const cipher_info_t des_cbc_info = { - POLARSSL_CIPHER_DES_CBC, - POLARSSL_CIPHER_ID_DES, - POLARSSL_MODE_CBC, - POLARSSL_KEY_LENGTH_DES, - "DES-CBC", - 8, - 8, - des_crypt_cbc_wrap, - des_setkey_enc_wrap, - des_setkey_dec_wrap, - des_ctx_alloc, - des_ctx_free + POLARSSL_CIPHER_DES_CBC, + POLARSSL_CIPHER_ID_DES, + POLARSSL_MODE_CBC, + POLARSSL_KEY_LENGTH_DES, + "DES-CBC", + 8, + 8, + des_crypt_cbc_wrap, + des_setkey_enc_wrap, + des_setkey_dec_wrap, + des_ctx_alloc, + des_ctx_free }; const cipher_info_t des_ede_cbc_info = { - POLARSSL_CIPHER_DES_EDE_CBC, - POLARSSL_CIPHER_ID_DES, - POLARSSL_MODE_CBC, - POLARSSL_KEY_LENGTH_DES_EDE, - "DES-EDE-CBC", - 16, - 16, - des3_crypt_cbc_wrap, - des3_set2key_enc_wrap, - des3_set2key_dec_wrap, - des3_ctx_alloc, - des_ctx_free + POLARSSL_CIPHER_DES_EDE_CBC, + POLARSSL_CIPHER_ID_DES, + POLARSSL_MODE_CBC, + POLARSSL_KEY_LENGTH_DES_EDE, + "DES-EDE-CBC", + 16, + 16, + des3_crypt_cbc_wrap, + des3_set2key_enc_wrap, + des3_set2key_dec_wrap, + des3_ctx_alloc, + des_ctx_free }; const cipher_info_t des_ede3_cbc_info = { - POLARSSL_CIPHER_DES_EDE3_CBC, - POLARSSL_CIPHER_ID_DES, - POLARSSL_MODE_CBC, - POLARSSL_KEY_LENGTH_DES_EDE3, - "DES-EDE3-CBC", - 8, - 8, - des3_crypt_cbc_wrap, - des3_set3key_enc_wrap, - des3_set3key_dec_wrap, - des3_ctx_alloc, - des_ctx_free + POLARSSL_CIPHER_DES_EDE3_CBC, + POLARSSL_CIPHER_ID_DES, + POLARSSL_MODE_CBC, + POLARSSL_KEY_LENGTH_DES_EDE3, + "DES-EDE3-CBC", + 8, + 8, + des3_crypt_cbc_wrap, + des3_set3key_enc_wrap, + des3_set3key_dec_wrap, + des3_ctx_alloc, + des_ctx_free }; #endif diff --git a/library/debug.c b/library/debug.c index 6d4fd3153..1c8dbf523 100644 --- a/library/debug.c +++ b/library/debug.c @@ -87,12 +87,12 @@ void debug_print_ret( const ssl_context *ssl, int level, void debug_print_buf( const ssl_context *ssl, int level, const char *file, int line, const char *text, - unsigned char *buf, int len ) + unsigned char *buf, size_t len ) { char str[512]; - int i, maxlen = sizeof( str ) - 1; + size_t i, maxlen = sizeof( str ) - 1; - if( ssl->f_dbg == NULL || len < 0 ) + if( ssl->f_dbg == NULL ) return; snprintf( str, maxlen, "%s(%04d): dumping '%s' (%d bytes)\n", @@ -132,7 +132,8 @@ void debug_print_mpi( const ssl_context *ssl, int level, const char *text, const mpi *X ) { char str[512]; - int i, j, k, n, maxlen = sizeof( str ) - 1, zeros = 1; + int j, k, maxlen = sizeof( str ) - 1, zeros = 1; + size_t i, n; if( ssl->f_dbg == NULL || X == NULL ) return; @@ -152,14 +153,14 @@ void debug_print_mpi( const ssl_context *ssl, int level, str[maxlen] = '\0'; ssl->f_dbg( ssl->p_dbg, level, str ); - for( i = n, j = 0; i >= 0; i-- ) + for( i = n + 1, j = 0; i > 0; i-- ) { - if( zeros && X->p[i] == 0 ) + if( zeros && X->p[i - 1] == 0 ) continue; for( k = sizeof( t_int ) - 1; k >= 0; k-- ) { - if( zeros && ( ( X->p[i] >> (k << 3) ) & 0xFF ) == 0 ) + if( zeros && ( ( X->p[i - 1] >> (k << 3) ) & 0xFF ) == 0 ) continue; else zeros = 0; @@ -176,7 +177,7 @@ void debug_print_mpi( const ssl_context *ssl, int level, } snprintf( str, maxlen, " %02x", (unsigned int) - ( X->p[i] >> (k << 3) ) & 0xFF ); + ( X->p[i - 1] >> (k << 3) ) & 0xFF ); str[maxlen] = '\0'; ssl->f_dbg( ssl->p_dbg, level, str ); diff --git a/library/des.c b/library/des.c index 39ff216dc..303403082 100644 --- a/library/des.c +++ b/library/des.c @@ -35,8 +35,6 @@ #include "polarssl/des.h" -#include - /* * 32-bit integer manipulation macros (big endian) */ @@ -611,7 +609,7 @@ int des_crypt_ecb( des_context *ctx, */ int des_crypt_cbc( des_context *ctx, int mode, - int length, + size_t length, unsigned char iv[8], const unsigned char *input, unsigned char *output ) @@ -706,7 +704,7 @@ int des3_crypt_ecb( des3_context *ctx, */ int des3_crypt_cbc( des3_context *ctx, int mode, - int length, + size_t length, unsigned char iv[8], const unsigned char *input, unsigned char *output ) diff --git a/library/dhm.c b/library/dhm.c index 4b78722d0..1a8211ee7 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -34,8 +34,6 @@ #include "polarssl/dhm.h" -#include - /* * helper to validate the mpi size and import it */ @@ -128,10 +126,11 @@ int dhm_read_params( dhm_context *ctx, * Setup and write the ServerKeyExchange parameters */ int dhm_make_params( dhm_context *ctx, int x_size, - unsigned char *output, int *olen, + unsigned char *output, size_t *olen, int (*f_rng)(void *), void *p_rng ) { - int ret, n, n1, n2, n3; + int ret, n; + size_t n1, n2, n3; unsigned char *p; /* @@ -186,7 +185,7 @@ cleanup: * Import the peer's public value G^Y */ int dhm_read_public( dhm_context *ctx, - const unsigned char *input, int ilen ) + const unsigned char *input, size_t ilen ) { int ret; @@ -203,7 +202,7 @@ int dhm_read_public( dhm_context *ctx, * Create own private value X and export G^X */ int dhm_make_public( dhm_context *ctx, int x_size, - unsigned char *output, int olen, + unsigned char *output, size_t olen, int (*f_rng)(void *), void *p_rng ) { int ret, n; @@ -241,7 +240,7 @@ cleanup: * Derive and export the shared secret (G^Y)^X mod P */ int dhm_calc_secret( dhm_context *ctx, - unsigned char *output, int *olen ) + unsigned char *output, size_t *olen ) { int ret; diff --git a/library/havege.c b/library/havege.c index 499fe4f2b..11c3d289c 100644 --- a/library/havege.c +++ b/library/havege.c @@ -34,12 +34,12 @@ #if defined(POLARSSL_HAVEGE_C) -#include -#include - #include "polarssl/havege.h" #include "polarssl/timing.h" +#include +#include + /* ------------------------------------------------------------------------ * On average, one iteration accesses two 8-word blocks in the havege WALK * table, and generates 16 words in the RES array. diff --git a/library/md.c b/library/md.c index 62c3e45b9..dcdf7c9cb 100644 --- a/library/md.c +++ b/library/md.c @@ -34,7 +34,6 @@ #include "polarssl/md.h" #include "polarssl/md_wrap.h" -#include #include #if defined _MSC_VER && !defined strcasecmp @@ -190,7 +189,7 @@ int md_starts( md_context_t *ctx ) return 0; } -int md_update( md_context_t *ctx, const unsigned char *input, int ilen ) +int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen ) { if( ctx == NULL || ctx->md_info == NULL ) return 1; @@ -210,7 +209,7 @@ int md_finish( md_context_t *ctx, unsigned char *output ) return 0; } -int md( const md_info_t *md_info, const unsigned char *input, int ilen, +int md( const md_info_t *md_info, const unsigned char *input, size_t ilen, unsigned char *output ) { if ( md_info == NULL ) @@ -229,7 +228,7 @@ int md_file( const md_info_t *md_info, const char *path, unsigned char *output ) return md_info->file_func( path, output ); } -int md_hmac_starts( md_context_t *ctx, const unsigned char *key, int keylen ) +int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen ) { if( ctx == NULL || ctx->md_info == NULL ) return 1; @@ -239,7 +238,7 @@ int md_hmac_starts( md_context_t *ctx, const unsigned char *key, int keylen ) return 0; } -int md_hmac_update( md_context_t *ctx, const unsigned char *input, int ilen ) +int md_hmac_update( md_context_t *ctx, const unsigned char *input, size_t ilen ) { if( ctx == NULL || ctx->md_info == NULL ) return 1; @@ -269,8 +268,8 @@ int md_hmac_reset( md_context_t *ctx ) return 0; } -int md_hmac( const md_info_t *md_info, const unsigned char *key, int keylen, - const unsigned char *input, int ilen, +int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, unsigned char *output ) { if( md_info == NULL ) diff --git a/library/md2.c b/library/md2.c index 774103332..4daea580d 100644 --- a/library/md2.c +++ b/library/md2.c @@ -35,7 +35,6 @@ #include "polarssl/md2.h" -#include #include static const unsigned char PI_SUBST[256] = @@ -116,9 +115,9 @@ static void md2_process( md2_context *ctx ) /* * MD2 process buffer */ -void md2_update( md2_context *ctx, const unsigned char *input, int ilen ) +void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen ) { - int fill; + size_t fill; while( ilen > 0 ) { @@ -146,7 +145,7 @@ void md2_update( md2_context *ctx, const unsigned char *input, int ilen ) */ void md2_finish( md2_context *ctx, unsigned char output[16] ) { - int i; + size_t i; unsigned char x; x = (unsigned char)( 16 - ctx->left ); @@ -165,7 +164,7 @@ void md2_finish( md2_context *ctx, unsigned char output[16] ) /* * output = MD2( input buffer ) */ -void md2( const unsigned char *input, int ilen, unsigned char output[16] ) +void md2( const unsigned char *input, size_t ilen, unsigned char output[16] ) { md2_context ctx; @@ -211,9 +210,9 @@ int md2_file( const char *path, unsigned char output[16] ) /* * MD2 HMAC context setup */ -void md2_hmac_starts( md2_context *ctx, const unsigned char *key, int keylen ) +void md2_hmac_starts( md2_context *ctx, const unsigned char *key, size_t keylen ) { - int i; + size_t i; unsigned char sum[16]; if( keylen > 64 ) @@ -241,7 +240,7 @@ void md2_hmac_starts( md2_context *ctx, const unsigned char *key, int keylen ) /* * MD2 HMAC process buffer */ -void md2_hmac_update( md2_context *ctx, const unsigned char *input, int ilen ) +void md2_hmac_update( md2_context *ctx, const unsigned char *input, size_t ilen ) { md2_update( ctx, input, ilen ); } @@ -274,8 +273,8 @@ void md2_hmac_reset( md2_context *ctx ) /* * output = HMAC-MD2( hmac key, input buffer ) */ -void md2_hmac( const unsigned char *key, int keylen, - const unsigned char *input, int ilen, +void md2_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, unsigned char output[16] ) { md2_context ctx; diff --git a/library/md4.c b/library/md4.c index 73cfbf87a..36948991c 100644 --- a/library/md4.c +++ b/library/md4.c @@ -35,7 +35,6 @@ #include "polarssl/md4.h" -#include #include /* @@ -181,9 +180,9 @@ static void md4_process( md4_context *ctx, const unsigned char data[64] ) /* * MD4 process buffer */ -void md4_update( md4_context *ctx, const unsigned char *input, int ilen ) +void md4_update( md4_context *ctx, const unsigned char *input, size_t ilen ) { - int fill; + size_t fill; unsigned long left; if( ilen <= 0 ) @@ -192,7 +191,7 @@ void md4_update( md4_context *ctx, const unsigned char *input, int ilen ) left = ctx->total[0] & 0x3F; fill = 64 - left; - ctx->total[0] += ilen; + ctx->total[0] += (unsigned long) ilen; ctx->total[0] &= 0xFFFFFFFF; if( ctx->total[0] < (unsigned long) ilen ) @@ -261,7 +260,7 @@ void md4_finish( md4_context *ctx, unsigned char output[16] ) /* * output = MD4( input buffer ) */ -void md4( const unsigned char *input, int ilen, unsigned char output[16] ) +void md4( const unsigned char *input, size_t ilen, unsigned char output[16] ) { md4_context ctx; @@ -307,9 +306,9 @@ int md4_file( const char *path, unsigned char output[16] ) /* * MD4 HMAC context setup */ -void md4_hmac_starts( md4_context *ctx, const unsigned char *key, int keylen ) +void md4_hmac_starts( md4_context *ctx, const unsigned char *key, size_t keylen ) { - int i; + size_t i; unsigned char sum[16]; if( keylen > 64 ) @@ -337,7 +336,7 @@ void md4_hmac_starts( md4_context *ctx, const unsigned char *key, int keylen ) /* * MD4 HMAC process buffer */ -void md4_hmac_update( md4_context *ctx, const unsigned char *input, int ilen ) +void md4_hmac_update( md4_context *ctx, const unsigned char *input, size_t ilen ) { md4_update( ctx, input, ilen ); } @@ -370,8 +369,8 @@ void md4_hmac_reset( md4_context *ctx ) /* * output = HMAC-MD4( hmac key, input buffer ) */ -void md4_hmac( const unsigned char *key, int keylen, - const unsigned char *input, int ilen, +void md4_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, unsigned char output[16] ) { md4_context ctx; diff --git a/library/md5.c b/library/md5.c index 2984b1d22..f37999215 100644 --- a/library/md5.c +++ b/library/md5.c @@ -34,7 +34,6 @@ #include "polarssl/md5.h" -#include #include /* @@ -200,9 +199,9 @@ static void md5_process( md5_context *ctx, const unsigned char data[64] ) /* * MD5 process buffer */ -void md5_update( md5_context *ctx, const unsigned char *input, int ilen ) +void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen ) { - int fill; + size_t fill; unsigned long left; if( ilen <= 0 ) @@ -211,7 +210,7 @@ void md5_update( md5_context *ctx, const unsigned char *input, int ilen ) left = ctx->total[0] & 0x3F; fill = 64 - left; - ctx->total[0] += ilen; + ctx->total[0] += (unsigned long) ilen; ctx->total[0] &= 0xFFFFFFFF; if( ctx->total[0] < (unsigned long) ilen ) @@ -280,7 +279,7 @@ void md5_finish( md5_context *ctx, unsigned char output[16] ) /* * output = MD5( input buffer ) */ -void md5( const unsigned char *input, int ilen, unsigned char output[16] ) +void md5( const unsigned char *input, size_t ilen, unsigned char output[16] ) { md5_context ctx; @@ -326,9 +325,9 @@ int md5_file( const char *path, unsigned char output[16] ) /* * MD5 HMAC context setup */ -void md5_hmac_starts( md5_context *ctx, const unsigned char *key, int keylen ) +void md5_hmac_starts( md5_context *ctx, const unsigned char *key, size_t keylen ) { - int i; + size_t i; unsigned char sum[16]; if( keylen > 64 ) @@ -356,7 +355,7 @@ void md5_hmac_starts( md5_context *ctx, const unsigned char *key, int keylen ) /* * MD5 HMAC process buffer */ -void md5_hmac_update( md5_context *ctx, const unsigned char *input, int ilen ) +void md5_hmac_update( md5_context *ctx, const unsigned char *input, size_t ilen ) { md5_update( ctx, input, ilen ); } @@ -389,8 +388,8 @@ void md5_hmac_reset( md5_context *ctx ) /* * output = HMAC-MD5( hmac key, input buffer ) */ -void md5_hmac( const unsigned char *key, int keylen, - const unsigned char *input, int ilen, +void md5_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, unsigned char output[16] ) { md5_context ctx; diff --git a/library/md_wrap.c b/library/md_wrap.c index 944a12a64..bb87c63b9 100644 --- a/library/md_wrap.c +++ b/library/md_wrap.c @@ -39,7 +39,6 @@ #include "polarssl/sha2.h" #include "polarssl/sha4.h" -#include #include #if defined(POLARSSL_MD2_C) @@ -49,7 +48,7 @@ static void md2_starts_wrap( void *ctx ) md2_starts( (md2_context *) ctx ); } -static void md2_update_wrap( void *ctx, const unsigned char *input, int ilen ) +static void md2_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { md2_update( (md2_context *) ctx, input, ilen ); } @@ -59,12 +58,12 @@ static void md2_finish_wrap( void *ctx, unsigned char *output ) md2_finish( (md2_context *) ctx, output ); } -static void md2_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen ) +static void md2_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen ) { md2_hmac_starts( (md2_context *) ctx, key, keylen ); } -static void md2_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen ) +static void md2_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { md2_hmac_update( (md2_context *) ctx, input, ilen ); } @@ -90,21 +89,21 @@ static void md2_ctx_free( void *ctx ) } const md_info_t md2_info = { - POLARSSL_MD_MD2, - "MD2", - 16, - md2_starts_wrap, - md2_update_wrap, - md2_finish_wrap, - md2, - md2_file, - md2_hmac_starts_wrap, - md2_hmac_update_wrap, - md2_hmac_finish_wrap, - md2_hmac_reset_wrap, - md2_hmac, - md2_ctx_alloc, - md2_ctx_free, + POLARSSL_MD_MD2, + "MD2", + 16, + md2_starts_wrap, + md2_update_wrap, + md2_finish_wrap, + md2, + md2_file, + md2_hmac_starts_wrap, + md2_hmac_update_wrap, + md2_hmac_finish_wrap, + md2_hmac_reset_wrap, + md2_hmac, + md2_ctx_alloc, + md2_ctx_free, }; #endif @@ -116,7 +115,7 @@ void md4_starts_wrap( void *ctx ) md4_starts( (md4_context *) ctx ); } -void md4_update_wrap( void *ctx, const unsigned char *input, int ilen ) +void md4_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { md4_update( (md4_context *) ctx, input, ilen ); } @@ -126,12 +125,12 @@ void md4_finish_wrap( void *ctx, unsigned char *output ) md4_finish( (md4_context *) ctx, output ); } -void md4_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen ) +void md4_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen ) { md4_hmac_starts( (md4_context *) ctx, key, keylen ); } -void md4_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen ) +void md4_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { md4_hmac_update( (md4_context *) ctx, input, ilen ); } @@ -157,21 +156,21 @@ void md4_ctx_free( void *ctx ) } const md_info_t md4_info = { - POLARSSL_MD_MD4, - "MD4", - 16, - md4_starts_wrap, - md4_update_wrap, - md4_finish_wrap, - md4, - md4_file, - md4_hmac_starts_wrap, - md4_hmac_update_wrap, - md4_hmac_finish_wrap, - md4_hmac_reset_wrap, - md4_hmac, - md4_ctx_alloc, - md4_ctx_free, + POLARSSL_MD_MD4, + "MD4", + 16, + md4_starts_wrap, + md4_update_wrap, + md4_finish_wrap, + md4, + md4_file, + md4_hmac_starts_wrap, + md4_hmac_update_wrap, + md4_hmac_finish_wrap, + md4_hmac_reset_wrap, + md4_hmac, + md4_ctx_alloc, + md4_ctx_free, }; #endif @@ -183,7 +182,7 @@ static void md5_starts_wrap( void *ctx ) md5_starts( (md5_context *) ctx ); } -static void md5_update_wrap( void *ctx, const unsigned char *input, int ilen ) +static void md5_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { md5_update( (md5_context *) ctx, input, ilen ); } @@ -193,12 +192,12 @@ static void md5_finish_wrap( void *ctx, unsigned char *output ) md5_finish( (md5_context *) ctx, output ); } -static void md5_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen ) +static void md5_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen ) { md5_hmac_starts( (md5_context *) ctx, key, keylen ); } -static void md5_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen ) +static void md5_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { md5_hmac_update( (md5_context *) ctx, input, ilen ); } @@ -224,21 +223,21 @@ static void md5_ctx_free( void *ctx ) } const md_info_t md5_info = { - POLARSSL_MD_MD5, - "MD5", - 16, - md5_starts_wrap, - md5_update_wrap, - md5_finish_wrap, - md5, - md5_file, - md5_hmac_starts_wrap, - md5_hmac_update_wrap, - md5_hmac_finish_wrap, - md5_hmac_reset_wrap, - md5_hmac, - md5_ctx_alloc, - md5_ctx_free, + POLARSSL_MD_MD5, + "MD5", + 16, + md5_starts_wrap, + md5_update_wrap, + md5_finish_wrap, + md5, + md5_file, + md5_hmac_starts_wrap, + md5_hmac_update_wrap, + md5_hmac_finish_wrap, + md5_hmac_reset_wrap, + md5_hmac, + md5_ctx_alloc, + md5_ctx_free, }; #endif @@ -250,7 +249,7 @@ void sha1_starts_wrap( void *ctx ) sha1_starts( (sha1_context *) ctx ); } -void sha1_update_wrap( void *ctx, const unsigned char *input, int ilen ) +void sha1_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { sha1_update( (sha1_context *) ctx, input, ilen ); } @@ -260,12 +259,12 @@ void sha1_finish_wrap( void *ctx, unsigned char *output ) sha1_finish( (sha1_context *) ctx, output ); } -void sha1_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen ) +void sha1_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen ) { sha1_hmac_starts( (sha1_context *) ctx, key, keylen ); } -void sha1_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen ) +void sha1_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { sha1_hmac_update( (sha1_context *) ctx, input, ilen ); } @@ -291,21 +290,21 @@ void sha1_ctx_free( void *ctx ) } const md_info_t sha1_info = { - POLARSSL_MD_SHA1, - "SHA1", - 20, - sha1_starts_wrap, - sha1_update_wrap, - sha1_finish_wrap, - sha1, - sha1_file, - sha1_hmac_starts_wrap, - sha1_hmac_update_wrap, - sha1_hmac_finish_wrap, - sha1_hmac_reset_wrap, - sha1_hmac, - sha1_ctx_alloc, - sha1_ctx_free, + POLARSSL_MD_SHA1, + "SHA1", + 20, + sha1_starts_wrap, + sha1_update_wrap, + sha1_finish_wrap, + sha1, + sha1_file, + sha1_hmac_starts_wrap, + sha1_hmac_update_wrap, + sha1_hmac_finish_wrap, + sha1_hmac_reset_wrap, + sha1_hmac, + sha1_ctx_alloc, + sha1_ctx_free, }; #endif @@ -320,7 +319,7 @@ void sha224_starts_wrap( void *ctx ) sha2_starts( (sha2_context *) ctx, 1 ); } -void sha224_update_wrap( void *ctx, const unsigned char *input, int ilen ) +void sha224_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { sha2_update( (sha2_context *) ctx, input, ilen ); } @@ -330,7 +329,7 @@ void sha224_finish_wrap( void *ctx, unsigned char *output ) sha2_finish( (sha2_context *) ctx, output ); } -void sha224_wrap( const unsigned char *input, int ilen, +void sha224_wrap( const unsigned char *input, size_t ilen, unsigned char *output ) { sha2( input, ilen, output, 1 ); @@ -341,12 +340,12 @@ int sha224_file_wrap( const char *path, unsigned char *output ) return sha2_file( path, output, 1 ); } -void sha224_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen ) +void sha224_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen ) { sha2_hmac_starts( (sha2_context *) ctx, key, keylen, 1 ); } -void sha224_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen ) +void sha224_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { sha2_hmac_update( (sha2_context *) ctx, input, ilen ); } @@ -361,8 +360,8 @@ void sha224_hmac_reset_wrap( void *ctx ) sha2_hmac_reset( (sha2_context *) ctx ); } -void sha224_hmac_wrap( const unsigned char *key, int keylen, - const unsigned char *input, int ilen, +void sha224_hmac_wrap( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, unsigned char *output ) { sha2_hmac( key, keylen, input, ilen, output, 1 ); @@ -379,21 +378,21 @@ void sha224_ctx_free( void *ctx ) } const md_info_t sha224_info = { - POLARSSL_MD_SHA224, - "SHA224", - 28, - sha224_starts_wrap, - sha224_update_wrap, - sha224_finish_wrap, - sha224_wrap, - sha224_file_wrap, - sha224_hmac_starts_wrap, - sha224_hmac_update_wrap, - sha224_hmac_finish_wrap, - sha224_hmac_reset_wrap, - sha224_hmac_wrap, - sha224_ctx_alloc, - sha224_ctx_free, + POLARSSL_MD_SHA224, + "SHA224", + 28, + sha224_starts_wrap, + sha224_update_wrap, + sha224_finish_wrap, + sha224_wrap, + sha224_file_wrap, + sha224_hmac_starts_wrap, + sha224_hmac_update_wrap, + sha224_hmac_finish_wrap, + sha224_hmac_reset_wrap, + sha224_hmac_wrap, + sha224_ctx_alloc, + sha224_ctx_free, }; void sha256_starts_wrap( void *ctx ) @@ -401,7 +400,7 @@ void sha256_starts_wrap( void *ctx ) sha2_starts( (sha2_context *) ctx, 0 ); } -void sha256_update_wrap( void *ctx, const unsigned char *input, int ilen ) +void sha256_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { sha2_update( (sha2_context *) ctx, input, ilen ); } @@ -411,7 +410,7 @@ void sha256_finish_wrap( void *ctx, unsigned char *output ) sha2_finish( (sha2_context *) ctx, output ); } -void sha256_wrap( const unsigned char *input, int ilen, +void sha256_wrap( const unsigned char *input, size_t ilen, unsigned char *output ) { sha2( input, ilen, output, 0 ); @@ -422,12 +421,12 @@ int sha256_file_wrap( const char *path, unsigned char *output ) return sha2_file( path, output, 0 ); } -void sha256_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen ) +void sha256_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen ) { sha2_hmac_starts( (sha2_context *) ctx, key, keylen, 0 ); } -void sha256_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen ) +void sha256_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { sha2_hmac_update( (sha2_context *) ctx, input, ilen ); } @@ -442,8 +441,8 @@ void sha256_hmac_reset_wrap( void *ctx ) sha2_hmac_reset( (sha2_context *) ctx ); } -void sha256_hmac_wrap( const unsigned char *key, int keylen, - const unsigned char *input, int ilen, +void sha256_hmac_wrap( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, unsigned char *output ) { sha2_hmac( key, keylen, input, ilen, output, 0 ); @@ -460,21 +459,21 @@ void sha256_ctx_free( void *ctx ) } const md_info_t sha256_info = { - POLARSSL_MD_SHA256, - "SHA256", - 32, - sha256_starts_wrap, - sha256_update_wrap, - sha256_finish_wrap, - sha256_wrap, - sha256_file_wrap, - sha256_hmac_starts_wrap, - sha256_hmac_update_wrap, - sha256_hmac_finish_wrap, - sha256_hmac_reset_wrap, - sha256_hmac_wrap, - sha256_ctx_alloc, - sha256_ctx_free, + POLARSSL_MD_SHA256, + "SHA256", + 32, + sha256_starts_wrap, + sha256_update_wrap, + sha256_finish_wrap, + sha256_wrap, + sha256_file_wrap, + sha256_hmac_starts_wrap, + sha256_hmac_update_wrap, + sha256_hmac_finish_wrap, + sha256_hmac_reset_wrap, + sha256_hmac_wrap, + sha256_ctx_alloc, + sha256_ctx_free, }; #endif @@ -486,7 +485,7 @@ void sha384_starts_wrap( void *ctx ) sha4_starts( (sha4_context *) ctx, 1 ); } -void sha384_update_wrap( void *ctx, const unsigned char *input, int ilen ) +void sha384_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { sha4_update( (sha4_context *) ctx, input, ilen ); } @@ -496,7 +495,7 @@ void sha384_finish_wrap( void *ctx, unsigned char *output ) sha4_finish( (sha4_context *) ctx, output ); } -void sha384_wrap( const unsigned char *input, int ilen, +void sha384_wrap( const unsigned char *input, size_t ilen, unsigned char *output ) { sha4( input, ilen, output, 1 ); @@ -507,12 +506,12 @@ int sha384_file_wrap( const char *path, unsigned char *output ) return sha4_file( path, output, 1 ); } -void sha384_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen ) +void sha384_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen ) { sha4_hmac_starts( (sha4_context *) ctx, key, keylen, 1 ); } -void sha384_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen ) +void sha384_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { sha4_hmac_update( (sha4_context *) ctx, input, ilen ); } @@ -527,8 +526,8 @@ void sha384_hmac_reset_wrap( void *ctx ) sha4_hmac_reset( (sha4_context *) ctx ); } -void sha384_hmac_wrap( const unsigned char *key, int keylen, - const unsigned char *input, int ilen, +void sha384_hmac_wrap( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, unsigned char *output ) { sha4_hmac( key, keylen, input, ilen, output, 1 ); @@ -545,21 +544,21 @@ void sha384_ctx_free( void *ctx ) } const md_info_t sha384_info = { - POLARSSL_MD_SHA384, - "SHA384", - 48, - sha384_starts_wrap, - sha384_update_wrap, - sha384_finish_wrap, - sha384_wrap, - sha384_file_wrap, - sha384_hmac_starts_wrap, - sha384_hmac_update_wrap, - sha384_hmac_finish_wrap, - sha384_hmac_reset_wrap, - sha384_hmac_wrap, - sha384_ctx_alloc, - sha384_ctx_free, + POLARSSL_MD_SHA384, + "SHA384", + 48, + sha384_starts_wrap, + sha384_update_wrap, + sha384_finish_wrap, + sha384_wrap, + sha384_file_wrap, + sha384_hmac_starts_wrap, + sha384_hmac_update_wrap, + sha384_hmac_finish_wrap, + sha384_hmac_reset_wrap, + sha384_hmac_wrap, + sha384_ctx_alloc, + sha384_ctx_free, }; void sha512_starts_wrap( void *ctx ) @@ -567,7 +566,7 @@ void sha512_starts_wrap( void *ctx ) sha4_starts( (sha4_context *) ctx, 0 ); } -void sha512_update_wrap( void *ctx, const unsigned char *input, int ilen ) +void sha512_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { sha4_update( (sha4_context *) ctx, input, ilen ); } @@ -577,7 +576,7 @@ void sha512_finish_wrap( void *ctx, unsigned char *output ) sha4_finish( (sha4_context *) ctx, output ); } -void sha512_wrap( const unsigned char *input, int ilen, +void sha512_wrap( const unsigned char *input, size_t ilen, unsigned char *output ) { sha4( input, ilen, output, 0 ); @@ -588,12 +587,12 @@ int sha512_file_wrap( const char *path, unsigned char *output ) return sha4_file( path, output, 0 ); } -void sha512_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen ) +void sha512_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen ) { sha4_hmac_starts( (sha4_context *) ctx, key, keylen, 0 ); } -void sha512_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen ) +void sha512_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { sha4_hmac_update( (sha4_context *) ctx, input, ilen ); } @@ -608,8 +607,8 @@ void sha512_hmac_reset_wrap( void *ctx ) sha4_hmac_reset( (sha4_context *) ctx ); } -void sha512_hmac_wrap( const unsigned char *key, int keylen, - const unsigned char *input, int ilen, +void sha512_hmac_wrap( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, unsigned char *output ) { sha4_hmac( key, keylen, input, ilen, output, 0 ); @@ -626,21 +625,21 @@ void sha512_ctx_free( void *ctx ) } const md_info_t sha512_info = { - POLARSSL_MD_SHA512, - "SHA512", - 64, - sha512_starts_wrap, - sha512_update_wrap, - sha512_finish_wrap, - sha512_wrap, - sha512_file_wrap, - sha512_hmac_starts_wrap, - sha512_hmac_update_wrap, - sha512_hmac_finish_wrap, - sha512_hmac_reset_wrap, - sha512_hmac_wrap, - sha512_ctx_alloc, - sha512_ctx_free, + POLARSSL_MD_SHA512, + "SHA512", + 64, + sha512_starts_wrap, + sha512_update_wrap, + sha512_finish_wrap, + sha512_wrap, + sha512_file_wrap, + sha512_hmac_starts_wrap, + sha512_hmac_update_wrap, + sha512_hmac_finish_wrap, + sha512_hmac_reset_wrap, + sha512_hmac_wrap, + sha512_ctx_alloc, + sha512_ctx_free, }; #endif diff --git a/library/net.c b/library/net.c index e884d56fc..378f7982d 100644 --- a/library/net.c +++ b/library/net.c @@ -40,8 +40,8 @@ #pragma comment( lib, "ws2_32.lib" ) #endif -#define read(fd,buf,len) recv(fd,buf,len,0) -#define write(fd,buf,len) send(fd,buf,len,0) +#define read(fd,buf,len) recv(fd,buf,(int) len,0) +#define write(fd,buf,len) send(fd,buf,(int) len,0) #define close(fd) closesocket(fd) static int wsa_init_done = 0; @@ -69,7 +69,6 @@ static int wsa_init_done = 0; #endif -#include #include #include #include @@ -289,7 +288,7 @@ void net_usleep( unsigned long usec ) /* * Read at most 'len' characters */ -int net_recv( void *ctx, unsigned char *buf, int len ) +int net_recv( void *ctx, unsigned char *buf, size_t len ) { int ret = read( *((int *) ctx), buf, len ); @@ -321,7 +320,7 @@ int net_recv( void *ctx, unsigned char *buf, int len ) /* * Write at most 'len' characters */ -int net_send( void *ctx, unsigned char *buf, int len ) +int net_send( void *ctx, unsigned char *buf, size_t len ) { int ret = write( *((int *) ctx), buf, len ); diff --git a/library/padlock.c b/library/padlock.c index d576544a8..2e2e4775f 100644 --- a/library/padlock.c +++ b/library/padlock.c @@ -33,13 +33,10 @@ #if defined(POLARSSL_PADLOCK_C) -#include "polarssl/aes.h" #include "polarssl/padlock.h" #if defined(POLARSSL_HAVE_X86) -#include - /* * PadLock detection routine */ @@ -115,12 +112,13 @@ int padlock_xcryptecb( aes_context *ctx, */ int padlock_xcryptcbc( aes_context *ctx, int mode, - int length, + size_t length, unsigned char iv[16], const unsigned char *input, unsigned char *output ) { - int ebx, count; + int ebx; + size_t count; unsigned long *rk; unsigned long *iw; unsigned long *ctrl; diff --git a/library/pem.c b/library/pem.c index 6117f044e..bcfcdd2f9 100644 --- a/library/pem.c +++ b/library/pem.c @@ -35,7 +35,6 @@ #include "polarssl/cipher.h" #include -#include void pem_init( pem_context *ctx ) { @@ -46,9 +45,9 @@ void pem_init( pem_context *ctx ) /* * Read a 16-byte hex string and convert it to binary */ -static int pem_get_iv( const unsigned char *s, unsigned char *iv, int iv_len ) +static int pem_get_iv( const unsigned char *s, unsigned char *iv, size_t iv_len ) { - int i, j, k; + size_t i, j, k; memset( iv, 0, iv_len ); @@ -67,13 +66,13 @@ static int pem_get_iv( const unsigned char *s, unsigned char *iv, int iv_len ) return( 0 ); } -static void pem_pbkdf1( unsigned char *key, int keylen, +static void pem_pbkdf1( unsigned char *key, size_t keylen, unsigned char *iv, - const unsigned char *pwd, int pwdlen ) + const unsigned char *pwd, size_t pwdlen ) { md5_context md5_ctx; unsigned char md5sum[16]; - int use_len; + size_t use_len; /* * key[ 0..15] = MD5(pwd || IV) @@ -118,8 +117,8 @@ static void pem_pbkdf1( unsigned char *key, int keylen, * Decrypt with DES-CBC, using PBKDF1 for key derivation */ static void pem_des_decrypt( unsigned char des_iv[8], - unsigned char *buf, int buflen, - const unsigned char *pwd, int pwdlen ) + unsigned char *buf, size_t buflen, + const unsigned char *pwd, size_t pwdlen ) { des_context des_ctx; unsigned char des_key[8]; @@ -138,8 +137,8 @@ static void pem_des_decrypt( unsigned char des_iv[8], * Decrypt with 3DES-CBC, using PBKDF1 for key derivation */ static void pem_des3_decrypt( unsigned char des3_iv[8], - unsigned char *buf, int buflen, - const unsigned char *pwd, int pwdlen ) + unsigned char *buf, size_t buflen, + const unsigned char *pwd, size_t pwdlen ) { des3_context des3_ctx; unsigned char des3_key[24]; @@ -159,9 +158,9 @@ static void pem_des3_decrypt( unsigned char des3_iv[8], /* * Decrypt with AES-XXX-CBC, using PBKDF1 for key derivation */ -static void pem_aes_decrypt( unsigned char aes_iv[16], int keylen, - unsigned char *buf, int buflen, - const unsigned char *pwd, int pwdlen ) +static void pem_aes_decrypt( unsigned char aes_iv[16], unsigned int keylen, + unsigned char *buf, size_t buflen, + const unsigned char *pwd, size_t pwdlen ) { aes_context aes_ctx; unsigned char aes_key[32]; @@ -179,9 +178,10 @@ static void pem_aes_decrypt( unsigned char aes_iv[16], int keylen, #endif /* POLARSSL_MD5_C && (POLARSSL_AES_C || POLARSSL_DES_C) */ -int pem_read_buffer( pem_context *ctx, char *header, char *footer, const unsigned char *data, const unsigned char *pwd, int pwdlen, int *use_len ) +int pem_read_buffer( pem_context *ctx, char *header, char *footer, const unsigned char *data, const unsigned char *pwd, size_t pwdlen, size_t *use_len ) { - int ret, len, enc; + int ret, enc; + size_t len; unsigned char *buf; unsigned char *s1, *s2; #if defined(POLARSSL_MD5_C) && (defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C)) diff --git a/library/pkcs11.c b/library/pkcs11.c index b4f478763..b71415a41 100644 --- a/library/pkcs11.c +++ b/library/pkcs11.c @@ -32,7 +32,6 @@ #if defined(POLARSSL_PKCS11_C) #include -#include int pkcs11_x509_cert_init( x509_cert *cert, pkcs11h_certificate_t pkcs11_cert ) { @@ -113,7 +112,7 @@ void pkcs11_priv_key_free( pkcs11_context *priv_key ) } int pkcs11_decrypt( pkcs11_context *ctx, - int mode, int *olen, + int mode, size_t *olen, const unsigned char *input, unsigned char *output, unsigned int output_max_len ) @@ -153,7 +152,7 @@ int pkcs11_decrypt( pkcs11_context *ctx, int pkcs11_sign( pkcs11_context *ctx, int mode, int hash_id, - int hashlen, + unsigned int hashlen, const unsigned char *hash, unsigned char *sig ) { diff --git a/library/rsa.c b/library/rsa.c index a0f750ea2..4d3fc4c42 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -37,7 +37,6 @@ #include "polarssl/md.h" #include -#include #include /* @@ -61,7 +60,7 @@ void rsa_init( rsa_context *ctx, int rsa_gen_key( rsa_context *ctx, int (*f_rng)(void *), void *p_rng, - int nbits, int exponent ) + unsigned int nbits, int exponent ) { int ret; mpi P1, Q1, H, G; @@ -206,7 +205,8 @@ int rsa_public( rsa_context *ctx, const unsigned char *input, unsigned char *output ) { - int ret, olen; + int ret; + size_t olen; mpi T; mpi_init( &T, NULL ); @@ -240,7 +240,8 @@ int rsa_private( rsa_context *ctx, const unsigned char *input, unsigned char *output ) { - int ret, olen; + int ret; + size_t olen; mpi T, T1, T2; mpi_init( &T, &T1, &T2, NULL ); @@ -301,15 +302,15 @@ cleanup: * @param src source of the mask generation * @param slen length of the source buffer * @param md_ctx message digest context to use - * @param hlen length of the digest result */ -static void mgf_mask( unsigned char *dst, int dlen, unsigned char *src, int slen, +static void mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src, size_t slen, md_context_t *md_ctx ) { unsigned char mask[POLARSSL_MD_MAX_SIZE]; unsigned char counter[4]; unsigned char *p; - int i, use_len, hlen; + unsigned int hlen; + size_t i, use_len; memset( mask, 0, POLARSSL_MD_MAX_SIZE ); memset( counter, 0, 4 ); @@ -347,16 +348,16 @@ static void mgf_mask( unsigned char *dst, int dlen, unsigned char *src, int slen int rsa_pkcs1_encrypt( rsa_context *ctx, int (*f_rng)(void *), void *p_rng, - int mode, int ilen, + int mode, size_t ilen, const unsigned char *input, unsigned char *output ) { - int nb_pad, olen; + size_t nb_pad, olen; unsigned char *p = output; #if defined(POLARSSL_PKCS1_V21) + unsigned int i, hlen; const md_info_t *md_info; md_context_t md_ctx; - int i, hlen; #endif olen = ctx->len; @@ -368,7 +369,7 @@ int rsa_pkcs1_encrypt( rsa_context *ctx, { case RSA_PKCS_V15: - if( ilen < 0 || olen < ilen + 11 ) + if( olen < ilen + 11 ) return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); nb_pad = olen - 3 - ilen; @@ -404,7 +405,7 @@ int rsa_pkcs1_encrypt( rsa_context *ctx, hlen = md_get_size( md_info ); - if( ilen < 0 || olen < ilen + 2 * hlen + 2 || f_rng == NULL ) + if( olen < ilen + 2 * hlen + 2 || f_rng == NULL ) return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); memset( output, 0, olen ); @@ -453,19 +454,20 @@ int rsa_pkcs1_encrypt( rsa_context *ctx, * Do an RSA operation, then remove the message padding */ int rsa_pkcs1_decrypt( rsa_context *ctx, - int mode, int *olen, + int mode, size_t *olen, const unsigned char *input, unsigned char *output, - int output_max_len) + size_t output_max_len) { - int ret, ilen; + int ret; + size_t ilen; unsigned char *p; unsigned char buf[1024]; #if defined(POLARSSL_PKCS1_V21) unsigned char lhash[POLARSSL_MD_MAX_SIZE]; + unsigned int hlen; const md_info_t *md_info; md_context_t md_ctx; - int hlen; #endif ilen = ctx->len; @@ -554,7 +556,7 @@ int rsa_pkcs1_decrypt( rsa_context *ctx, } if (ilen - (int)(p - buf) > output_max_len) - return( POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE ); + return( POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE ); *olen = ilen - (int)(p - buf); memcpy( output, p, *olen ); @@ -570,17 +572,18 @@ int rsa_pkcs1_sign( rsa_context *ctx, void *p_rng, int mode, int hash_id, - int hashlen, + unsigned int hashlen, const unsigned char *hash, unsigned char *sig ) { - int nb_pad, olen; + size_t nb_pad, olen; unsigned char *p = sig; #if defined(POLARSSL_PKCS1_V21) unsigned char salt[POLARSSL_MD_MAX_SIZE]; + unsigned int i, slen, hlen, offset = 0; + size_t msb; const md_info_t *md_info; md_context_t md_ctx; - int i, slen, hlen, msb, offset = 0; #else (void) f_rng; (void) p_rng; @@ -796,18 +799,20 @@ int rsa_pkcs1_sign( rsa_context *ctx, int rsa_pkcs1_verify( rsa_context *ctx, int mode, int hash_id, - int hashlen, + unsigned int hashlen, const unsigned char *hash, unsigned char *sig ) { - int ret, len, siglen; + int ret; + size_t len, siglen; unsigned char *p, c; unsigned char buf[1024]; #if defined(POLARSSL_PKCS1_V21) unsigned char zeros[8]; + unsigned int hlen; + size_t slen, msb; const md_info_t *md_info; md_context_t md_ctx; - int slen, hlen, msb; #endif siglen = ctx->len; @@ -1078,7 +1083,7 @@ static int myrand( void *rng_state ) */ int rsa_self_test( int verbose ) { - int len; + size_t len; rsa_context rsa; unsigned char sha1sum[20]; unsigned char rsa_plaintext[PT_LEN]; @@ -1128,7 +1133,7 @@ int rsa_self_test( int verbose ) if( rsa_pkcs1_decrypt( &rsa, RSA_PRIVATE, &len, rsa_ciphertext, rsa_decrypted, - sizeof(rsa_decrypted) ) != 0 ) + sizeof(rsa_decrypted) ) != 0 ) { if( verbose != 0 ) printf( "failed\n" ); diff --git a/library/sha1.c b/library/sha1.c index f320c43e6..5f625839f 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -34,7 +34,6 @@ #include "polarssl/sha1.h" -#include #include /* @@ -234,9 +233,9 @@ static void sha1_process( sha1_context *ctx, const unsigned char data[64] ) /* * SHA-1 process buffer */ -void sha1_update( sha1_context *ctx, const unsigned char *input, int ilen ) +void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen ) { - int fill; + size_t fill; unsigned long left; if( ilen <= 0 ) @@ -245,7 +244,7 @@ void sha1_update( sha1_context *ctx, const unsigned char *input, int ilen ) left = ctx->total[0] & 0x3F; fill = 64 - left; - ctx->total[0] += ilen; + ctx->total[0] += (unsigned long) ilen; ctx->total[0] &= 0xFFFFFFFF; if( ctx->total[0] < (unsigned long) ilen ) @@ -315,7 +314,7 @@ void sha1_finish( sha1_context *ctx, unsigned char output[20] ) /* * output = SHA-1( input buffer ) */ -void sha1( const unsigned char *input, int ilen, unsigned char output[20] ) +void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] ) { sha1_context ctx; @@ -361,9 +360,9 @@ int sha1_file( const char *path, unsigned char output[20] ) /* * SHA-1 HMAC context setup */ -void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, int keylen ) +void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, size_t keylen ) { - int i; + size_t i; unsigned char sum[20]; if( keylen > 64 ) @@ -391,7 +390,7 @@ void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, int keylen ) /* * SHA-1 HMAC process buffer */ -void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, int ilen ) +void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, size_t ilen ) { sha1_update( ctx, input, ilen ); } @@ -424,8 +423,8 @@ void sha1_hmac_reset( sha1_context *ctx ) /* * output = HMAC-SHA-1( hmac key, input buffer ) */ -void sha1_hmac( const unsigned char *key, int keylen, - const unsigned char *input, int ilen, +void sha1_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, unsigned char output[20] ) { sha1_context ctx; diff --git a/library/sha2.c b/library/sha2.c index dd5ae98a6..64ebc43d5 100644 --- a/library/sha2.c +++ b/library/sha2.c @@ -34,7 +34,6 @@ #include "polarssl/sha2.h" -#include #include /* @@ -230,9 +229,9 @@ static void sha2_process( sha2_context *ctx, const unsigned char data[64] ) /* * SHA-256 process buffer */ -void sha2_update( sha2_context *ctx, const unsigned char *input, int ilen ) +void sha2_update( sha2_context *ctx, const unsigned char *input, size_t ilen ) { - int fill; + size_t fill; unsigned long left; if( ilen <= 0 ) @@ -241,7 +240,7 @@ void sha2_update( sha2_context *ctx, const unsigned char *input, int ilen ) left = ctx->total[0] & 0x3F; fill = 64 - left; - ctx->total[0] += ilen; + ctx->total[0] += (unsigned long) ilen; ctx->total[0] &= 0xFFFFFFFF; if( ctx->total[0] < (unsigned long) ilen ) @@ -316,7 +315,7 @@ void sha2_finish( sha2_context *ctx, unsigned char output[32] ) /* * output = SHA-256( input buffer ) */ -void sha2( const unsigned char *input, int ilen, +void sha2( const unsigned char *input, size_t ilen, unsigned char output[32], int is224 ) { sha2_context ctx; @@ -363,10 +362,10 @@ int sha2_file( const char *path, unsigned char output[32], int is224 ) /* * SHA-256 HMAC context setup */ -void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, int keylen, +void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, size_t keylen, int is224 ) { - int i; + size_t i; unsigned char sum[32]; if( keylen > 64 ) @@ -394,7 +393,7 @@ void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, int keylen, /* * SHA-256 HMAC process buffer */ -void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, int ilen ) +void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, size_t ilen ) { sha2_update( ctx, input, ilen ); } @@ -431,8 +430,8 @@ void sha2_hmac_reset( sha2_context *ctx ) /* * output = HMAC-SHA-256( hmac key, input buffer ) */ -void sha2_hmac( const unsigned char *key, int keylen, - const unsigned char *input, int ilen, +void sha2_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, unsigned char output[32], int is224 ) { sha2_context ctx; diff --git a/library/sha4.c b/library/sha4.c index cf20d0131..bbb3108f7 100644 --- a/library/sha4.c +++ b/library/sha4.c @@ -34,7 +34,6 @@ #include "polarssl/sha4.h" -#include #include /* @@ -223,9 +222,9 @@ static void sha4_process( sha4_context *ctx, const unsigned char data[128] ) /* * SHA-512 process buffer */ -void sha4_update( sha4_context *ctx, const unsigned char *input, int ilen ) +void sha4_update( sha4_context *ctx, const unsigned char *input, size_t ilen ) { - int fill; + size_t fill; unsigned int64 left; if( ilen <= 0 ) @@ -234,7 +233,7 @@ void sha4_update( sha4_context *ctx, const unsigned char *input, int ilen ) left = ctx->total[0] & 0x7F; fill = (int)( 128 - left ); - ctx->total[0] += ilen; + ctx->total[0] += (unsigned int64) ilen; if( ctx->total[0] < (unsigned int64) ilen ) ctx->total[1]++; @@ -314,7 +313,7 @@ void sha4_finish( sha4_context *ctx, unsigned char output[64] ) /* * output = SHA-512( input buffer ) */ -void sha4( const unsigned char *input, int ilen, +void sha4( const unsigned char *input, size_t ilen, unsigned char output[64], int is384 ) { sha4_context ctx; @@ -361,10 +360,10 @@ int sha4_file( const char *path, unsigned char output[64], int is384 ) /* * SHA-512 HMAC context setup */ -void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, int keylen, +void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, size_t keylen, int is384 ) { - int i; + size_t i; unsigned char sum[64]; if( keylen > 128 ) @@ -393,7 +392,7 @@ void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, int keylen, * SHA-512 HMAC process buffer */ void sha4_hmac_update( sha4_context *ctx, - const unsigned char *input, int ilen ) + const unsigned char *input, size_t ilen ) { sha4_update( ctx, input, ilen ); } @@ -430,8 +429,8 @@ void sha4_hmac_reset( sha4_context *ctx ) /* * output = HMAC-SHA-512( hmac key, input buffer ) */ -void sha4_hmac( const unsigned char *key, int keylen, - const unsigned char *input, int ilen, +void sha4_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, unsigned char output[64], int is384 ) { sha4_context ctx; diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 4b04efa43..d82f5cae2 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -34,14 +34,14 @@ #include "polarssl/pkcs11.h" #endif /* defined(POLARSSL_PKCS11_C) */ -#include #include #include #include static int ssl_write_client_hello( ssl_context *ssl ) { - int ret, i, n; + int ret; + size_t i, n; unsigned char *buf; unsigned char *p; time_t t; @@ -174,7 +174,8 @@ static int ssl_write_client_hello( ssl_context *ssl ) static int ssl_parse_server_hello( ssl_context *ssl ) { time_t t; - int ret, i, n; + int ret, i; + size_t n; int ext_len; unsigned char *buf; @@ -240,7 +241,7 @@ static int ssl_parse_server_hello( ssl_context *ssl ) * 42+n . 43+n extensions length * 44+n . 44+n+m extensions */ - if( n < 0 || n > 32 || ssl->in_hslen > 42 + n ) + if( n > 32 || ssl->in_hslen > 42 + n ) { ext_len = ( ( buf[42 + n] << 8 ) | ( buf[43 + n] ) ) + 2; @@ -250,7 +251,7 @@ static int ssl_parse_server_hello( ssl_context *ssl ) ext_len = 0; } - if( n < 0 || n > 32 || ssl->in_hslen != 42 + n + ext_len ) + if( n > 32 || ssl->in_hslen != 42 + n + ext_len ) { SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); @@ -321,7 +322,8 @@ static int ssl_parse_server_hello( ssl_context *ssl ) static int ssl_parse_server_key_exchange( ssl_context *ssl ) { - int ret, n; + int ret; + size_t n; unsigned char *p, *end; unsigned char hash[36]; md5_context md5; @@ -333,7 +335,7 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl ) ssl->session->ciphersuite != SSL_EDH_RSA_AES_128_SHA && ssl->session->ciphersuite != SSL_EDH_RSA_AES_256_SHA && ssl->session->ciphersuite != SSL_EDH_RSA_CAMELLIA_128_SHA && - ssl->session->ciphersuite != SSL_EDH_RSA_CAMELLIA_256_SHA) + ssl->session->ciphersuite != SSL_EDH_RSA_CAMELLIA_256_SHA) { SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) ); ssl->state++; @@ -380,7 +382,7 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl ) return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); } - if( (int)( end - p ) != ssl->peer_cert->rsa.len ) + if( (unsigned int)( end - p ) != ssl->peer_cert->rsa.len ) { SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); @@ -518,7 +520,8 @@ static int ssl_parse_server_hello_done( ssl_context *ssl ) static int ssl_write_client_key_exchange( ssl_context *ssl ) { - int ret, i, n; + int ret; + size_t i, n; SSL_DEBUG_MSG( 2, ( "=> write client key exchange" ) ); @@ -526,7 +529,7 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) ssl->session->ciphersuite == SSL_EDH_RSA_AES_128_SHA || ssl->session->ciphersuite == SSL_EDH_RSA_AES_256_SHA || ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA || - ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA) + ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA) { #if !defined(POLARSSL_DHM_C) SSL_DEBUG_MSG( 1, ( "support for dhm in not available" ) ); @@ -625,7 +628,8 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) static int ssl_write_certificate_verify( ssl_context *ssl ) { - int ret = 0, n = 0; + int ret = 0; + size_t n = 0; unsigned char hash[36]; SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) ); diff --git a/library/ssl_srv.c b/library/ssl_srv.c index f875fbfe7..c626b4218 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -34,16 +34,17 @@ #include "polarssl/pkcs11.h" #endif /* defined(POLARSSL_PKCS11_C) */ -#include #include #include #include static int ssl_parse_client_hello( ssl_context *ssl ) { - int ret, i, j, n; - int ciph_len, sess_len; - int chal_len, comp_len; + int ret; + unsigned int i, j; + size_t n; + unsigned int ciph_len, sess_len; + unsigned int chal_len, comp_len; unsigned char *buf, *p; SSL_DEBUG_MSG( 2, ( "=> parse client hello" ) ); @@ -137,7 +138,7 @@ static int ssl_parse_client_hello( ssl_context *ssl ) return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); } - if( sess_len < 0 || sess_len > 32 ) + if( sess_len > 32 ) { SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); @@ -273,7 +274,7 @@ static int ssl_parse_client_hello( ssl_context *ssl ) /* * Check the handshake message length */ - if( buf[1] != 0 || n != 4 + ( ( buf[2] << 8 ) | buf[3] ) ) + if( buf[1] != 0 || n != (unsigned int) 4 + ( ( buf[2] << 8 ) | buf[3] ) ) { SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); @@ -284,7 +285,7 @@ static int ssl_parse_client_hello( ssl_context *ssl ) */ sess_len = buf[38]; - if( sess_len < 0 || sess_len > 32 ) + if( sess_len > 32 ) { SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); @@ -460,7 +461,8 @@ static int ssl_write_server_hello( ssl_context *ssl ) static int ssl_write_certificate_request( ssl_context *ssl ) { - int ret, n; + int ret; + size_t n; unsigned char *buf, *p; const x509_cert *crt; @@ -525,7 +527,8 @@ static int ssl_write_certificate_request( ssl_context *ssl ) static int ssl_write_server_key_exchange( ssl_context *ssl ) { - int ret, n, rsa_key_len = 0; + int ret; + size_t n, rsa_key_len = 0; unsigned char hash[36]; md5_context md5; sha1_context sha1; @@ -536,7 +539,7 @@ static int ssl_write_server_key_exchange( ssl_context *ssl ) ssl->session->ciphersuite != SSL_EDH_RSA_AES_128_SHA && ssl->session->ciphersuite != SSL_EDH_RSA_AES_256_SHA && ssl->session->ciphersuite != SSL_EDH_RSA_CAMELLIA_128_SHA && - ssl->session->ciphersuite != SSL_EDH_RSA_CAMELLIA_256_SHA) + ssl->session->ciphersuite != SSL_EDH_RSA_CAMELLIA_256_SHA) { SSL_DEBUG_MSG( 2, ( "<= skip write server key exchange" ) ); ssl->state++; @@ -681,7 +684,8 @@ static int ssl_write_server_hello_done( ssl_context *ssl ) static int ssl_parse_client_key_exchange( ssl_context *ssl ) { - int ret, i, n = 0; + int ret; + size_t i, n = 0; SSL_DEBUG_MSG( 2, ( "=> parse client key exchange" ) ); @@ -707,7 +711,7 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl ) ssl->session->ciphersuite == SSL_EDH_RSA_AES_128_SHA || ssl->session->ciphersuite == SSL_EDH_RSA_AES_256_SHA || ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA || - ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA) + ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA) { #if !defined(POLARSSL_DHM_C) SSL_DEBUG_MSG( 1, ( "support for dhm is not available" ) ); @@ -840,7 +844,8 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl ) static int ssl_parse_certificate_verify( ssl_context *ssl ) { - int n1, n2, ret; + int ret; + size_t n1, n2; unsigned char hash[36]; SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 3875e9994..8b87668f3 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -42,7 +42,6 @@ #include "polarssl/debug.h" #include "polarssl/ssl.h" -#include #include #include @@ -53,12 +52,12 @@ /* * Key material generation */ -static int tls1_prf( unsigned char *secret, int slen, char *label, - unsigned char *random, int rlen, - unsigned char *dstbuf, int dlen ) +static int tls1_prf( unsigned char *secret, size_t slen, char *label, + unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen ) { - int nb, hs; - int i, j, k; + size_t nb, hs; + size_t i, j, k; unsigned char *S1, *S2; unsigned char tmp[128]; unsigned char h_i[20]; @@ -139,7 +138,7 @@ int ssl_derive_keys( ssl_context *ssl ) */ if( ssl->resume == 0 ) { - int len = ssl->pmslen; + size_t len = ssl->pmslen; SSL_DEBUG_BUF( 3, "premaster secret", ssl->premaster, len ); @@ -431,7 +430,7 @@ void ssl_calc_verify( ssl_context *ssl, unsigned char hash[36] ) * SSLv3.0 MAC functions */ static void ssl_mac_md5( unsigned char *secret, - unsigned char *buf, int len, + unsigned char *buf, size_t len, unsigned char *ctr, int type ) { unsigned char header[11]; @@ -460,7 +459,7 @@ static void ssl_mac_md5( unsigned char *secret, } static void ssl_mac_sha1( unsigned char *secret, - unsigned char *buf, int len, + unsigned char *buf, size_t len, unsigned char *ctr, int type ) { unsigned char header[11]; @@ -493,7 +492,7 @@ static void ssl_mac_sha1( unsigned char *secret, */ static int ssl_encrypt_buf( ssl_context *ssl ) { - int i, padlen; + size_t i, padlen; SSL_DEBUG_MSG( 2, ( "=> encrypt buf" ) ); @@ -530,8 +529,8 @@ static int ssl_encrypt_buf( ssl_context *ssl ) ssl->out_msglen += ssl->maclen; - for( i = 7; i >= 0; i-- ) - if( ++ssl->out_ctr[i] != 0 ) + for( i = 8; i > 0; i-- ) + if( ++ssl->out_ctr[i - 1] != 0 ) break; if( ssl->ivlen == 0 ) @@ -556,7 +555,7 @@ static int ssl_encrypt_buf( ssl_context *ssl ) else { unsigned char *enc_msg; - int enc_msglen; + size_t enc_msglen; padlen = ssl->ivlen - ( ssl->out_msglen + 1 ) % ssl->ivlen; if( padlen == ssl->ivlen ) @@ -615,29 +614,29 @@ static int ssl_encrypt_buf( ssl_context *ssl ) case 16: #if defined(POLARSSL_AES_C) - if ( ssl->session->ciphersuite == SSL_RSA_AES_128_SHA || - ssl->session->ciphersuite == SSL_EDH_RSA_AES_128_SHA || - ssl->session->ciphersuite == SSL_RSA_AES_256_SHA || - ssl->session->ciphersuite == SSL_EDH_RSA_AES_256_SHA) - { + if ( ssl->session->ciphersuite == SSL_RSA_AES_128_SHA || + ssl->session->ciphersuite == SSL_EDH_RSA_AES_128_SHA || + ssl->session->ciphersuite == SSL_RSA_AES_256_SHA || + ssl->session->ciphersuite == SSL_EDH_RSA_AES_256_SHA) + { aes_crypt_cbc( (aes_context *) ssl->ctx_enc, AES_ENCRYPT, enc_msglen, ssl->iv_enc, enc_msg, enc_msg); break; - } + } #endif #if defined(POLARSSL_CAMELLIA_C) - if ( ssl->session->ciphersuite == SSL_RSA_CAMELLIA_128_SHA || - ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA || - ssl->session->ciphersuite == SSL_RSA_CAMELLIA_256_SHA || - ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA) - { + if ( ssl->session->ciphersuite == SSL_RSA_CAMELLIA_128_SHA || + ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA || + ssl->session->ciphersuite == SSL_RSA_CAMELLIA_256_SHA || + ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA) + { camellia_crypt_cbc( (camellia_context *) ssl->ctx_enc, CAMELLIA_ENCRYPT, enc_msglen, ssl->iv_enc, enc_msg, enc_msg ); break; - } + } #endif default: @@ -652,7 +651,7 @@ static int ssl_encrypt_buf( ssl_context *ssl ) static int ssl_decrypt_buf( ssl_context *ssl ) { - int i, padlen; + size_t i, padlen; unsigned char tmp[20]; SSL_DEBUG_MSG( 2, ( "=> decrypt buf" ) ); @@ -679,7 +678,7 @@ static int ssl_decrypt_buf( ssl_context *ssl ) { unsigned char *dec_msg; unsigned char *dec_msg_result; - int dec_msglen; + size_t dec_msglen; /* * Decrypt and check the padding @@ -720,29 +719,29 @@ static int ssl_decrypt_buf( ssl_context *ssl ) case 16: #if defined(POLARSSL_AES_C) - if ( ssl->session->ciphersuite == SSL_RSA_AES_128_SHA || - ssl->session->ciphersuite == SSL_EDH_RSA_AES_128_SHA || - ssl->session->ciphersuite == SSL_RSA_AES_256_SHA || - ssl->session->ciphersuite == SSL_EDH_RSA_AES_256_SHA) - { + if ( ssl->session->ciphersuite == SSL_RSA_AES_128_SHA || + ssl->session->ciphersuite == SSL_EDH_RSA_AES_128_SHA || + ssl->session->ciphersuite == SSL_RSA_AES_256_SHA || + ssl->session->ciphersuite == SSL_EDH_RSA_AES_256_SHA) + { aes_crypt_cbc( (aes_context *) ssl->ctx_dec, AES_DECRYPT, dec_msglen, ssl->iv_dec, dec_msg, dec_msg_result ); break; - } + } #endif #if defined(POLARSSL_CAMELLIA_C) - if ( ssl->session->ciphersuite == SSL_RSA_CAMELLIA_128_SHA || - ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA || - ssl->session->ciphersuite == SSL_RSA_CAMELLIA_256_SHA || - ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA) - { + if ( ssl->session->ciphersuite == SSL_RSA_CAMELLIA_128_SHA || + ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA || + ssl->session->ciphersuite == SSL_RSA_CAMELLIA_256_SHA || + ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA) + { camellia_crypt_cbc( (camellia_context *) ssl->ctx_dec, CAMELLIA_DECRYPT, dec_msglen, ssl->iv_dec, dec_msg, dec_msg_result ); break; - } + } #endif default: @@ -851,8 +850,8 @@ static int ssl_decrypt_buf( ssl_context *ssl ) else ssl->nb_zero = 0; - for( i = 7; i >= 0; i-- ) - if( ++ssl->in_ctr[i] != 0 ) + for( i = 8; i > 0; i-- ) + if( ++ssl->in_ctr[i - 1] != 0 ) break; SSL_DEBUG_MSG( 2, ( "<= decrypt buf" ) ); @@ -863,9 +862,10 @@ static int ssl_decrypt_buf( ssl_context *ssl ) /* * Fill the input message buffer */ -int ssl_fetch_input( ssl_context *ssl, int nb_want ) +int ssl_fetch_input( ssl_context *ssl, size_t nb_want ) { - int ret, len; + int ret; + size_t len; SSL_DEBUG_MSG( 2, ( "=> fetch input" ) ); @@ -924,7 +924,8 @@ int ssl_flush_output( ssl_context *ssl ) */ int ssl_write_record( ssl_context *ssl ) { - int ret, len = ssl->out_msglen; + int ret; + size_t len = ssl->out_msglen; SSL_DEBUG_MSG( 2, ( "=> write record" ) ); @@ -1181,7 +1182,8 @@ int ssl_read_record( ssl_context *ssl ) */ int ssl_write_certificate( ssl_context *ssl ) { - int ret, i, n; + int ret; + size_t i, n; const x509_cert *crt; SSL_DEBUG_MSG( 2, ( "=> write certificate" ) ); @@ -1277,7 +1279,8 @@ write_msg: int ssl_parse_certificate( ssl_context *ssl ) { - int ret, i, n; + int ret; + size_t i, n; SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) ); @@ -1621,10 +1624,11 @@ int ssl_write_finished( ssl_context *ssl ) int ssl_parse_finished( ssl_context *ssl ) { - int ret, hash_len; - md5_context md5; - sha1_context sha1; + int ret; + unsigned int hash_len; unsigned char buf[36]; + md5_context md5; + sha1_context sha1; SSL_DEBUG_MSG( 2, ( "=> parse finished" ) ); @@ -1758,8 +1762,8 @@ void ssl_set_dbg( ssl_context *ssl, } void ssl_set_bio( ssl_context *ssl, - int (*f_recv)(void *, unsigned char *, int), void *p_recv, - int (*f_send)(void *, unsigned char *, int), void *p_send ) + int (*f_recv)(void *, unsigned char *, size_t), void *p_recv, + int (*f_send)(void *, unsigned char *, size_t), void *p_send ) { ssl->f_recv = f_recv; ssl->f_send = f_send; @@ -1869,7 +1873,7 @@ int ssl_set_hostname( ssl_context *ssl, const char *hostname ) /* * SSL get accessors */ -int ssl_get_bytes_avail( const ssl_context *ssl ) +size_t ssl_get_bytes_avail( const ssl_context *ssl ) { return( ssl->in_offt == NULL ? 0 : ssl->in_msglen ); } @@ -2064,9 +2068,10 @@ int ssl_handshake( ssl_context *ssl ) /* * Receive application data decrypted from the SSL layer */ -int ssl_read( ssl_context *ssl, unsigned char *buf, int len ) +int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len ) { - int ret, n; + int ret; + size_t n; SSL_DEBUG_MSG( 2, ( "=> read" ) ); @@ -2124,15 +2129,16 @@ int ssl_read( ssl_context *ssl, unsigned char *buf, int len ) SSL_DEBUG_MSG( 2, ( "<= read" ) ); - return( n ); + return( (int) n ); } /* * Send application data to be encrypted by the SSL layer */ -int ssl_write( ssl_context *ssl, const unsigned char *buf, int len ) +int ssl_write( ssl_context *ssl, const unsigned char *buf, size_t len ) { - int ret, n; + int ret; + size_t n; SSL_DEBUG_MSG( 2, ( "=> write" ) ); @@ -2169,7 +2175,7 @@ int ssl_write( ssl_context *ssl, const unsigned char *buf, int len ) SSL_DEBUG_MSG( 2, ( "<= write" ) ); - return( n ); + return( (int) n ); } /* diff --git a/library/x509parse.c b/library/x509parse.c index 9d0ebd294..ddbeb3888 100644 --- a/library/x509parse.c +++ b/library/x509parse.c @@ -59,7 +59,7 @@ */ static int asn1_get_len( unsigned char **p, const unsigned char *end, - int *len ) + size_t *len ) { if( ( end - *p ) < 1 ) return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); @@ -92,7 +92,7 @@ static int asn1_get_len( unsigned char **p, } } - if( *len > (int) ( end - *p ) ) + if( *len > (size_t) ( end - *p ) ) return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); return( 0 ); @@ -100,7 +100,7 @@ static int asn1_get_len( unsigned char **p, static int asn1_get_tag( unsigned char **p, const unsigned char *end, - int *len, int tag ) + size_t *len, int tag ) { if( ( end - *p ) < 1 ) return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); @@ -117,7 +117,8 @@ static int asn1_get_bool( unsigned char **p, const unsigned char *end, int *val ) { - int ret, len; + int ret; + size_t len; if( ( ret = asn1_get_tag( p, end, &len, ASN1_BOOLEAN ) ) != 0 ) return( ret ); @@ -135,7 +136,8 @@ static int asn1_get_int( unsigned char **p, const unsigned char *end, int *val ) { - int ret, len; + int ret; + size_t len; if( ( ret = asn1_get_tag( p, end, &len, ASN1_INTEGER ) ) != 0 ) return( ret ); @@ -158,7 +160,8 @@ static int asn1_get_mpi( unsigned char **p, const unsigned char *end, mpi *X ) { - int ret, len; + int ret; + size_t len; if( ( ret = asn1_get_tag( p, end, &len, ASN1_INTEGER ) ) != 0 ) return( ret ); @@ -209,7 +212,8 @@ static int asn1_get_sequence_of( unsigned char **p, x509_sequence *cur, int tag) { - int ret, len; + int ret; + size_t len; x509_buf *buf; /* Get main sequence tag */ @@ -260,7 +264,8 @@ static int x509_get_version( unsigned char **p, const unsigned char *end, int *ver ) { - int ret, len; + int ret; + size_t len; if( ( ret = asn1_get_tag( p, end, &len, ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ) != 0 ) @@ -321,7 +326,8 @@ static int x509_get_alg( unsigned char **p, const unsigned char *end, x509_buf *alg ) { - int ret, len; + int ret; + size_t len; if( ( ret = asn1_get_tag( p, end, &len, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) @@ -365,7 +371,8 @@ static int x509_get_attr_type_value( unsigned char **p, const unsigned char *end, x509_name *cur ) { - int ret, len; + int ret; + size_t len; x509_buf *oid; x509_buf *val; @@ -422,7 +429,8 @@ static int x509_get_name( unsigned char **p, const unsigned char *end, x509_name *cur ) { - int ret, len; + int ret; + size_t len; const unsigned char *end2; x509_name *use; @@ -478,7 +486,8 @@ static int x509_get_time( unsigned char **p, const unsigned char *end, x509_time *time ) { - int ret, len; + int ret; + size_t len; char date[64]; unsigned char tag; @@ -547,7 +556,8 @@ static int x509_get_dates( unsigned char **p, x509_time *from, x509_time *to ) { - int ret, len; + int ret; + size_t len; if( ( ret = asn1_get_tag( p, end, &len, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) @@ -578,7 +588,8 @@ static int x509_get_pubkey( unsigned char **p, x509_buf *pk_alg_oid, mpi *N, mpi *E ) { - int ret, len, can_handle; + int ret, can_handle; + size_t len; unsigned char *end2; if( ( ret = x509_get_alg( p, end, pk_alg_oid ) ) != 0 ) @@ -651,7 +662,8 @@ static int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig ) { - int ret, len; + int ret; + size_t len; sig->tag = **p; @@ -707,7 +719,8 @@ static int x509_get_ext( unsigned char **p, const unsigned char *end, x509_buf *ext ) { - int ret, len; + int ret; + size_t len; if( *p == end ) return( 0 ); @@ -747,7 +760,8 @@ static int x509_get_crl_ext( unsigned char **p, const unsigned char *end, x509_buf *ext ) { - int ret, len; + int ret; + size_t len; if( ( ret = x509_get_ext( p, end, ext ) ) != 0 ) { @@ -778,7 +792,8 @@ static int x509_get_basic_constraints( unsigned char **p, int *ca_istrue, int *max_pathlen ) { - int ret, len; + int ret; + size_t len; /* * BasicConstraints ::= SEQUENCE { @@ -893,7 +908,8 @@ static int x509_get_crt_ext( unsigned char **p, const unsigned char *end, x509_cert *crt ) { - int ret, len; + int ret; + size_t len; unsigned char *end_ext_data, *end_ext_octet; if( ( ret = x509_get_ext( p, end, &crt->v3_ext ) ) != 0 ) @@ -1017,7 +1033,8 @@ static int x509_get_entries( unsigned char **p, const unsigned char *end, x509_crl_entry *entry ) { - int ret, entry_len; + int ret; + size_t entry_len; x509_crl_entry *cur_entry = entry; if( *p == end ) @@ -1036,7 +1053,7 @@ static int x509_get_entries( unsigned char **p, while( *p < end ) { - int len2; + size_t len2; if( ( ret = asn1_get_tag( p, end, &len2, ASN1_SEQUENCE | ASN1_CONSTRUCTED ) ) != 0 ) @@ -1100,9 +1117,10 @@ static int x509_get_sig_alg( const x509_buf *sig_oid, int *sig_alg ) /* * Parse one or more certificates and add them to the chained list */ -int x509parse_crt( x509_cert *chain, const unsigned char *buf, int buflen ) +int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen ) { - int ret, len, use_len; + int ret; + size_t len, use_len; unsigned char *p, *end; x509_cert *crt; #if defined(POLARSSL_PEM_C) @@ -1207,7 +1225,7 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, int buflen ) return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT ); } - if( len != (int) ( end - p ) ) + if( len != (size_t) ( end - p ) ) { x509_free( crt ); return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT | @@ -1436,9 +1454,10 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, int buflen ) /* * Parse one or more CRLs and add them to the chained list */ -int x509parse_crl( x509_crl *chain, const unsigned char *buf, int buflen ) +int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen ) { - int ret, len, use_len; + int ret; + size_t len, use_len; unsigned char *p, *end; x509_crl *crl; #if defined(POLARSSL_PEM_C) @@ -1543,7 +1562,7 @@ int x509parse_crl( x509_crl *chain, const unsigned char *buf, int buflen ) return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT ); } - if( len != (int) ( end - p ) ) + if( len != (size_t) ( end - p ) ) { x509_crl_free( crl ); return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT | @@ -1794,10 +1813,11 @@ int x509parse_crlfile( x509_crl *chain, const char *path ) /* * Parse a private RSA key */ -int x509parse_key( rsa_context *rsa, const unsigned char *key, int keylen, - const unsigned char *pwd, int pwdlen ) +int x509parse_key( rsa_context *rsa, const unsigned char *key, size_t keylen, + const unsigned char *pwd, size_t pwdlen ) { - int ret, len; + int ret; + size_t len; unsigned char *p, *end; #if defined(POLARSSL_PEM_C) pem_context pem; @@ -1942,9 +1962,10 @@ int x509parse_keyfile( rsa_context *rsa, const char *path, const char *pwd ) /* * Parse a public RSA key */ -int x509parse_public_key( rsa_context *rsa, const unsigned char *key, int keylen ) +int x509parse_public_key( rsa_context *rsa, const unsigned char *key, size_t keylen ) { - int ret, len; + int ret; + size_t len; unsigned char *p, *end; x509_buf alg_oid; #if defined(POLARSSL_PEM_C) @@ -2053,9 +2074,10 @@ int x509parse_public_keyfile( rsa_context *rsa, const char *path ) /* * Parse DHM parameters */ -int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, int dhminlen ) +int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen ) { - int ret, len; + int ret; + size_t len; unsigned char *p, *end; #if defined(POLARSSL_PEM_C) pem_context pem; @@ -2180,7 +2202,7 @@ int compat_snprintf(char *str, size_t size, const char *format, ...) // No quick fix possible if ( res < 0 ) - return( size + 20 ); + return( (int) size + 20 ); return res; } @@ -2195,13 +2217,13 @@ int compat_snprintf(char *str, size_t size, const char *format, ...) if( ret == -1 ) \ return( -1 ); \ \ - if ( ret > n ) { \ + if ( (unsigned int) ret > n ) { \ p[n - 1] = '\0'; \ return POLARSSL_ERR_DEBUG_BUF_TOO_SMALL;\ } \ \ - n -= ret; \ - p += ret; \ + n -= (unsigned int) ret; \ + p += (unsigned int) ret; \ } /* @@ -2210,7 +2232,8 @@ int compat_snprintf(char *str, size_t size, const char *format, ...) */ int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn ) { - int i, ret, n; + int ret; + size_t i, n; unsigned char c; const x509_name *name; char s[128], *p; @@ -2294,7 +2317,7 @@ int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn ) name = name->next; } - return( size - n ); + return( (int) ( size - n ) ); } /* @@ -2303,7 +2326,8 @@ int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn ) */ int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial ) { - int i, ret, nr, n; + int ret; + size_t i, n, nr; char *p; p = buf; @@ -2319,7 +2343,7 @@ int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial ) SAFE_SNPRINTF(); } - return( size - n ); + return( (int) ( size - n ) ); } /* @@ -2328,7 +2352,8 @@ int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial ) int x509parse_cert_info( char *buf, size_t size, const char *prefix, const x509_cert *crt ) { - int n, ret; + int ret; + size_t n; char *p; p = buf; @@ -2389,7 +2414,7 @@ int x509parse_cert_info( char *buf, size_t size, const char *prefix, crt->rsa.N.n * (int) sizeof( unsigned long ) * 8 ); SAFE_SNPRINTF(); - return( size - n ); + return( (int) ( size - n ) ); } /* Compare a given OID string with an OID x509_buf * */ @@ -2429,7 +2454,8 @@ const char *x509_oid_get_description( x509_buf *oid ) /* Return the x.y.z.... style numeric string for the given OID */ int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid ) { - int ret, n, i; + int ret; + size_t i, n; unsigned int value; char *p; @@ -2445,7 +2471,7 @@ int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid ) /* TODO: value can overflow in value. */ value = 0; - for( i=1; i < oid->len; i++ ) + for( i = 1; i < oid->len; i++ ) { value <<= 7; value += oid->p[i] & 0x7F; @@ -2459,7 +2485,7 @@ int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid ) } } - return( size - n ); + return( (int) ( size - n ) ); } /* @@ -2468,7 +2494,8 @@ int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid ) int x509parse_crl_info( char *buf, size_t size, const char *prefix, const x509_crl *crl ) { - int i, n, nr, ret; + int ret; + size_t i, n, nr; char *p; const x509_crl_entry *entry; @@ -2550,7 +2577,7 @@ int x509parse_crl_info( char *buf, size_t size, const char *prefix, ret = snprintf( p, n, "\n" ); SAFE_SNPRINTF(); - return( size - n ); + return( (int) ( size - n ) ); } /* @@ -2627,7 +2654,7 @@ int x509parse_revoked( const x509_cert *crt, const x509_crl *crl ) * * \param out Buffer to receive the hash (Should be at least 64 bytes) */ -static void x509_hash( const unsigned char *in, int len, int alg, +static void x509_hash( const unsigned char *in, size_t len, int alg, unsigned char *out ) { switch( alg ) @@ -2731,7 +2758,7 @@ int x509parse_verify( x509_cert *crt, int (*f_vrfy)(void *, x509_cert *, int, int), void *p_vrfy ) { - int cn_len; + size_t cn_len; int hash_id; int pathlen; x509_cert *parent; @@ -2999,7 +3026,9 @@ void x509_crl_free( x509_crl *crl ) int x509_self_test( int verbose ) { #if defined(POLARSSL_MD5_C) - int ret, i, j; + int ret; + int flags; + size_t i, j; x509_cert cacert; x509_cert clicert; rsa_context rsa; @@ -3053,10 +3082,10 @@ int x509_self_test( int verbose ) if( verbose != 0 ) printf( "passed\n X.509 signature verify: "); - ret = x509parse_verify( &clicert, &cacert, NULL, "PolarSSL Client 2", &i, NULL, NULL ); + ret = x509parse_verify( &clicert, &cacert, NULL, "PolarSSL Client 2", &flags, NULL, NULL ); if( ret != 0 ) { - printf("%02x", i); + printf("%02x", flags); if( verbose != 0 ) printf( "failed\n" ); diff --git a/library/xtea.c b/library/xtea.c index 036948d04..bc473e527 100644 --- a/library/xtea.c +++ b/library/xtea.c @@ -29,8 +29,6 @@ #include "polarssl/xtea.h" -#include - /* * 32-bit integer manipulation macros (big endian) */ @@ -38,9 +36,9 @@ #define GET_ULONG_BE(n,b,i) \ { \ (n) = ( (unsigned long) (b)[(i) ] << 24 ) \ - | ( (unsigned long) (b)[(i) + 1] << 16 ) \ - | ( (unsigned long) (b)[(i) + 2] << 8 ) \ - | ( (unsigned long) (b)[(i) + 3] ); \ + | ( (unsigned long) (b)[(i) + 1] << 16 ) \ + | ( (unsigned long) (b)[(i) + 2] << 8 ) \ + | ( (unsigned long) (b)[(i) + 3] ); \ } #endif @@ -65,7 +63,7 @@ void xtea_setup( xtea_context *ctx, unsigned char key[16] ) for( i = 0; i < 4; i++ ) { - GET_ULONG_BE( ctx->k[i], key, i << 2 ); + GET_ULONG_BE( ctx->k[i], key, i << 2 ); } } @@ -84,25 +82,25 @@ int xtea_crypt_ecb( xtea_context *ctx, int mode, unsigned char input[8], if( mode == XTEA_ENCRYPT ) { - uint32_t sum = 0, delta = 0x9E3779B9; + uint32_t sum = 0, delta = 0x9E3779B9; - for( i = 0; i < 32; i++ ) - { - v0 += (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]); - sum += delta; - v1 += (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]); - } + for( i = 0; i < 32; i++ ) + { + v0 += (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]); + sum += delta; + v1 += (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]); + } } else /* XTEA_DECRYPT */ { - uint32_t delta = 0x9E3779B9, sum = delta * 32; + uint32_t delta = 0x9E3779B9, sum = delta * 32; - for( i = 0; i < 32; i++ ) - { - v1 -= (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]); - sum -= delta; - v0 -= (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]); - } + for( i = 0; i < 32; i++ ) + { + v1 -= (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]); + sum -= delta; + v0 -= (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]); + } } PUT_ULONG_BE( v0, output, 0 ); @@ -116,7 +114,7 @@ int xtea_crypt_ecb( xtea_context *ctx, int mode, unsigned char input[8], */ int xtea_crypt_cbc( xtea_context *ctx, int mode, - int length, + size_t length, unsigned char iv[8], unsigned char *input, unsigned char *output) diff --git a/programs/aes/aescrypt2.c b/programs/aes/aescrypt2.c index e761554fc..59caf30a4 100644 --- a/programs/aes/aescrypt2.c +++ b/programs/aes/aescrypt2.c @@ -55,7 +55,8 @@ int main( int argc, char *argv[] ) { int ret = 1, i, n; - int keylen, mode, lastn; + int mode, lastn; + size_t keylen; FILE *fkey, *fin = NULL, *fout = NULL; char *p; diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c index 4f1b2eca2..afd85a75f 100644 --- a/programs/aes/crypt_and_hash.c +++ b/programs/aes/crypt_and_hash.c @@ -56,7 +56,8 @@ int main( int argc, char *argv[] ) { int ret = 1, i, n; - int keylen, mode, lastn, olen; + int mode, lastn; + size_t keylen, olen; FILE *fkey, *fin = NULL, *fout = NULL; char *p; @@ -291,7 +292,7 @@ int main( int argc, char *argv[] ) for( offset = 0; offset < filesize; offset += cipher_get_block_size( &cipher_ctx ) ) { n = ( filesize - offset > cipher_get_block_size( &cipher_ctx ) ) ? - cipher_get_block_size( &cipher_ctx ) : (int) ( filesize - offset ); + cipher_get_block_size( &cipher_ctx ) : (unsigned int) ( filesize - offset ); if( fread( buffer, 1, n, fin ) != (size_t) n ) { diff --git a/programs/hash/generic_sum.c b/programs/hash/generic_sum.c index add0ecd6e..9437ce844 100644 --- a/programs/hash/generic_sum.c +++ b/programs/hash/generic_sum.c @@ -83,7 +83,7 @@ static int generic_check( const md_info_t *md_info, char *filename ) n = sizeof( line ); - while( fgets( line, n - 1, f ) != NULL ) + while( fgets( line, (int) n - 1, f ) != NULL ) { n = strlen( line ); diff --git a/programs/hash/md5sum.c b/programs/hash/md5sum.c index 0b9d0041c..2d72d9914 100644 --- a/programs/hash/md5sum.c +++ b/programs/hash/md5sum.c @@ -83,7 +83,7 @@ static int md5_check( char *filename ) n = sizeof( line ); - while( fgets( line, n - 1, f ) != NULL ) + while( fgets( line, (int) n - 1, f ) != NULL ) { n = strlen( line ); diff --git a/programs/hash/sha1sum.c b/programs/hash/sha1sum.c index 954568b7a..03b7766ea 100644 --- a/programs/hash/sha1sum.c +++ b/programs/hash/sha1sum.c @@ -83,7 +83,7 @@ static int sha1_check( char *filename ) n = sizeof( line ); - while( fgets( line, n - 1, f ) != NULL ) + while( fgets( line, (int) n - 1, f ) != NULL ) { n = strlen( line ); diff --git a/programs/hash/sha2sum.c b/programs/hash/sha2sum.c index 6d07f0d80..b36929535 100644 --- a/programs/hash/sha2sum.c +++ b/programs/hash/sha2sum.c @@ -83,7 +83,7 @@ static int sha2_check( char *filename ) n = sizeof( line ); - while( fgets( line, n - 1, f ) != NULL ) + while( fgets( line, (int) n - 1, f ) != NULL ) { n = strlen( line ); diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index 8b9ced4c7..20018982c 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -44,7 +44,8 @@ int main( void ) { FILE *f; - int ret, n, buflen; + int ret; + size_t n, buflen; int server_fd = -1; unsigned char *p, *end; @@ -123,7 +124,7 @@ int main( void ) } n = buflen = ( buf[0] << 8 ) | buf[1]; - if( buflen < 1 || buflen > (int) sizeof( buf ) ) + if( buflen < 1 || buflen > sizeof( buf ) ) { printf( " failed\n ! Got an invalid buffer length\n\n" ); goto exit; @@ -134,7 +135,7 @@ int main( void ) */ memset( buf, 0, sizeof( buf ) ); - if( ( ret = net_recv( &server_fd, buf, n ) ) != n ) + if( ( ret = net_recv( &server_fd, buf, n ) ) != (int) n ) { printf( " failed\n ! net_recv returned %d\n\n", ret ); goto exit; @@ -162,7 +163,7 @@ int main( void ) printf( "\n . Verifying the server's RSA signature" ); fflush( stdout ); - if( ( n = (int)( end - p ) ) != rsa.len ) + if( ( n = (size_t) ( end - p ) ) != rsa.len ) { ret = 1; printf( " failed\n ! Invalid RSA signature size\n\n" ); @@ -192,7 +193,7 @@ int main( void ) goto exit; } - if( ( ret = net_send( &server_fd, buf, n ) ) != n ) + if( ( ret = net_send( &server_fd, buf, n ) ) != (int) n ) { printf( " failed\n ! net_send returned %d\n\n", ret ); goto exit; diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index f09357699..dd6b348d7 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -44,7 +44,8 @@ int main( void ) { FILE *f; - int ret, n, buflen; + int ret; + size_t n, buflen; int listen_fd = -1; int client_fd = -1; @@ -177,7 +178,7 @@ int main( void ) buf2[1] = (unsigned char)( buflen ); if( ( ret = net_send( &client_fd, buf2, 2 ) ) != 2 || - ( ret = net_send( &client_fd, buf, buflen ) ) != buflen ) + ( ret = net_send( &client_fd, buf, buflen ) ) != (int) buflen ) { printf( " failed\n ! net_send returned %d\n\n", ret ); goto exit; @@ -192,7 +193,7 @@ int main( void ) memset( buf, 0, sizeof( buf ) ); n = dhm.len; - if( ( ret = net_recv( &client_fd, buf, n ) ) != n ) + if( ( ret = net_recv( &client_fd, buf, n ) ) != (int) n ) { printf( " failed\n ! net_recv returned %d\n\n", ret ); goto exit; diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c index 344d030e2..c283514cf 100644 --- a/programs/pkey/rsa_sign.c +++ b/programs/pkey/rsa_sign.c @@ -36,7 +36,8 @@ int main( int argc, char *argv[] ) { FILE *f; - int ret, i; + int ret; + size_t i; rsa_context rsa; unsigned char hash[20]; unsigned char buf[512]; diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c index 84cb84e76..7f52a0985 100644 --- a/programs/pkey/rsa_verify.c +++ b/programs/pkey/rsa_verify.c @@ -36,7 +36,8 @@ int main( int argc, char *argv[] ) { FILE *f; - int ret, i, c; + int ret, c; + size_t i; rsa_context rsa; unsigned char hash[20]; unsigned char buf[512]; diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c index ce07707d4..cde83c254 100644 --- a/programs/pkey/rsa_verify_pss.c +++ b/programs/pkey/rsa_verify_pss.c @@ -43,7 +43,8 @@ int main( int argc, char *argv[] ) { FILE *f; - int ret, i; + int ret; + size_t i; rsa_context rsa; unsigned char hash[20]; unsigned char buf[512]; diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 15a0bb0a9..353c21cde 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -92,7 +92,8 @@ int main( int argc, char *argv[] ) x509_cert cacert; x509_cert clicert; rsa_context rsa; - int i, j, n; + int i; + size_t j, n; char *p, *q; const int *list; diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index 34c065ccf..de18c46a7 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -4,7 +4,7 @@ END_HEADER BEGIN_CASE enc_dec_buf:cipher_id:cipher_string:key_len:length: - int length = {length}; + size_t length = {length}; unsigned char key[32]; unsigned char iv[16]; @@ -16,8 +16,8 @@ enc_dec_buf:cipher_id:cipher_string:key_len:length: unsigned char encbuf[64]; unsigned char decbuf[64]; - int outlen = 0; - int enclen = 0; + size_t outlen = 0; + size_t enclen = 0; memset( key, 0, 32 ); memset( iv , 0, 16 ); @@ -107,9 +107,9 @@ END_CASE BEGIN_CASE enc_dec_buf_multipart:cipher_id:key_len:first_length:second_length: - int first_length = {first_length}; - int second_length = {second_length}; - int length = first_length + second_length; + size_t first_length = {first_length}; + size_t second_length = {second_length}; + size_t length = first_length + second_length; unsigned char key[32]; unsigned char iv[16]; @@ -121,9 +121,9 @@ enc_dec_buf_multipart:cipher_id:key_len:first_length:second_length: unsigned char encbuf[64]; unsigned char decbuf[64]; - int outlen = 0; - int totaloutlen = 0; - int enclen = 0; + size_t outlen = 0; + size_t totaloutlen = 0; + size_t enclen = 0; memset( key, 0, 32 ); memset( iv , 0, 16 );