clang scan-build fixes
This commit is contained in:
toddouska
parent
f8b106601b
commit
2bee126062
@ -760,8 +760,8 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt,
|
|||||||
int ToTraditionalEnc(byte* input, word32 sz,const char* password,int passwordSz)
|
int ToTraditionalEnc(byte* input, word32 sz,const char* password,int passwordSz)
|
||||||
{
|
{
|
||||||
word32 inOutIdx = 0, oid;
|
word32 inOutIdx = 0, oid;
|
||||||
int first, second, length, iterations, saltSz, id;
|
int first, second, length, version, saltSz, id;
|
||||||
int version;
|
int iterations = 0;
|
||||||
byte salt[MAX_SALT_SIZE];
|
byte salt[MAX_SALT_SIZE];
|
||||||
byte cbcIv[MAX_IV_SIZE];
|
byte cbcIv[MAX_IV_SIZE];
|
||||||
|
|
||||||
@ -1375,6 +1375,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
|||||||
cert->srcIdx += 2;
|
cert->srcIdx += 2;
|
||||||
id = cert->source[cert->srcIdx++];
|
id = cert->source[cert->srcIdx++];
|
||||||
b = cert->source[cert->srcIdx++]; /* strType */
|
b = cert->source[cert->srcIdx++]; /* strType */
|
||||||
|
(void)b; /* may want to validate? */
|
||||||
|
|
||||||
if (GetLength(cert->source, &cert->srcIdx, &strLen,
|
if (GetLength(cert->source, &cert->srcIdx, &strLen,
|
||||||
cert->maxIdx) < 0)
|
cert->maxIdx) < 0)
|
||||||
|
|||||||
@ -116,6 +116,9 @@ mp_clear (mp_int * a)
|
|||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
|
if (a == NULL)
|
||||||
|
return;
|
||||||
|
|
||||||
/* only do anything if a hasn't been freed previously */
|
/* only do anything if a hasn't been freed previously */
|
||||||
if (a->dp != NULL) {
|
if (a->dp != NULL) {
|
||||||
/* first zero the digits */
|
/* first zero the digits */
|
||||||
|
|||||||
@ -236,6 +236,16 @@ int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt,
|
|||||||
mp_int B1;
|
mp_int B1;
|
||||||
|
|
||||||
if (hashType == MD5) {
|
if (hashType == MD5) {
|
||||||
|
Md5 md5;
|
||||||
|
|
||||||
|
InitMd5(&md5);
|
||||||
|
Md5Update(&md5, buffer, totalLen);
|
||||||
|
Md5Final(&md5, Ai);
|
||||||
|
|
||||||
|
for (i = 1; i < iterations; i++) {
|
||||||
|
Md5Update(&md5, Ai, u);
|
||||||
|
Md5Final(&md5, Ai);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
else if (hashType == SHA) {
|
else if (hashType == SHA) {
|
||||||
Sha sha;
|
Sha sha;
|
||||||
@ -251,10 +261,30 @@ int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt,
|
|||||||
}
|
}
|
||||||
#ifndef NO_SHA256
|
#ifndef NO_SHA256
|
||||||
else if (hashType == SHA256) {
|
else if (hashType == SHA256) {
|
||||||
|
Sha256 sha256;
|
||||||
|
|
||||||
|
InitSha256(&sha256);
|
||||||
|
Sha256Update(&sha256, buffer, totalLen);
|
||||||
|
Sha256Final(&sha256, Ai);
|
||||||
|
|
||||||
|
for (i = 1; i < iterations; i++) {
|
||||||
|
Sha256Update(&sha256, Ai, u);
|
||||||
|
Sha256Final(&sha256, Ai);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
#ifdef CYASSL_SHA512
|
#ifdef CYASSL_SHA512
|
||||||
else if (hashType == SHA512) {
|
else if (hashType == SHA512) {
|
||||||
|
Sha512 sha512;
|
||||||
|
|
||||||
|
InitSha512(&sha512);
|
||||||
|
Sha512Update(&sha512, buffer, totalLen);
|
||||||
|
Sha512Final(&sha512, Ai);
|
||||||
|
|
||||||
|
for (i = 1; i < iterations; i++) {
|
||||||
|
Sha512Update(&sha512, Ai, u);
|
||||||
|
Sha512Final(&sha512, Ai);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|||||||
@ -210,7 +210,7 @@ void RabbitProcess(Rabbit* ctx, byte* output, const byte* input, word32 msglen)
|
|||||||
U32V(ctx->workCtx.x[1]<<16));
|
U32V(ctx->workCtx.x[1]<<16));
|
||||||
|
|
||||||
/* Increment pointers and decrement length */
|
/* Increment pointers and decrement length */
|
||||||
input += 16;
|
input += 16;
|
||||||
output += 16;
|
output += 16;
|
||||||
msglen -= 16;
|
msglen -= 16;
|
||||||
}
|
}
|
||||||
@ -219,25 +219,25 @@ void RabbitProcess(Rabbit* ctx, byte* output, const byte* input, word32 msglen)
|
|||||||
if (msglen) {
|
if (msglen) {
|
||||||
|
|
||||||
word32 i;
|
word32 i;
|
||||||
word32 tmp[4];
|
byte buffer[16];
|
||||||
byte* buffer = (byte*)tmp;
|
|
||||||
|
|
||||||
/* Iterate the system */
|
/* Iterate the system */
|
||||||
RABBIT_next_state(&(ctx->workCtx));
|
RABBIT_next_state(&(ctx->workCtx));
|
||||||
|
|
||||||
/* Generate 16 bytes of pseudo-random data */
|
/* Generate 16 bytes of pseudo-random data */
|
||||||
tmp[0] = LITTLE32(ctx->workCtx.x[0] ^
|
*(word32*)(buffer+ 0) = LITTLE32(ctx->workCtx.x[0] ^
|
||||||
(ctx->workCtx.x[5]>>16) ^ U32V(ctx->workCtx.x[3]<<16));
|
(ctx->workCtx.x[5]>>16) ^ U32V(ctx->workCtx.x[3]<<16));
|
||||||
tmp[1] = LITTLE32(ctx->workCtx.x[2] ^
|
*(word32*)(buffer+ 4) = LITTLE32(ctx->workCtx.x[2] ^
|
||||||
(ctx->workCtx.x[7]>>16) ^ U32V(ctx->workCtx.x[5]<<16));
|
(ctx->workCtx.x[7]>>16) ^ U32V(ctx->workCtx.x[5]<<16));
|
||||||
tmp[2] = LITTLE32(ctx->workCtx.x[4] ^
|
*(word32*)(buffer+ 8) = LITTLE32(ctx->workCtx.x[4] ^
|
||||||
(ctx->workCtx.x[1]>>16) ^ U32V(ctx->workCtx.x[7]<<16));
|
(ctx->workCtx.x[1]>>16) ^ U32V(ctx->workCtx.x[7]<<16));
|
||||||
tmp[3] = LITTLE32(ctx->workCtx.x[6] ^
|
*(word32*)(buffer+12) = LITTLE32(ctx->workCtx.x[6] ^
|
||||||
(ctx->workCtx.x[3]>>16) ^ U32V(ctx->workCtx.x[1]<<16));
|
(ctx->workCtx.x[3]>>16) ^ U32V(ctx->workCtx.x[1]<<16));
|
||||||
|
|
||||||
/* Encrypt/decrypt the data */
|
/* Encrypt/decrypt the data */
|
||||||
for (i=0; i<msglen; i++)
|
for (i=0; i<msglen; i++)
|
||||||
output[i] = input[i] ^ buffer[i];
|
output[i] = input[i] ^ buffer[i]; /* scan-build thinks buffer[i] */
|
||||||
|
/* is garbage, it is not! */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -153,7 +153,7 @@ enum {
|
|||||||
#elif !defined(MICRIUM_MALLOC) && !defined(EBSNET) && !defined(CYASSL_SAFERTOS)
|
#elif !defined(MICRIUM_MALLOC) && !defined(EBSNET) && !defined(CYASSL_SAFERTOS)
|
||||||
/* default C runtime, can install different routines at runtime */
|
/* default C runtime, can install different routines at runtime */
|
||||||
#include <cyassl/ctaocrypt/memory.h>
|
#include <cyassl/ctaocrypt/memory.h>
|
||||||
#define XMALLOC(s, h, t) CyaSSL_Malloc((s))
|
#define XMALLOC(s, h, t) ((void)h, (void)t, CyaSSL_Malloc((s)))
|
||||||
#define XFREE(p, h, t) {void* xp = (p); if((xp)) CyaSSL_Free((xp));}
|
#define XFREE(p, h, t) {void* xp = (p); if((xp)) CyaSSL_Free((xp));}
|
||||||
#define XREALLOC(p, n, h, t) CyaSSL_Realloc((p), (n))
|
#define XREALLOC(p, n, h, t) CyaSSL_Realloc((p), (n))
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
@ -449,7 +449,6 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK,
|
|||||||
(void)havePSK;
|
(void)havePSK;
|
||||||
(void)haveNTRU;
|
(void)haveNTRU;
|
||||||
(void)haveStaticECC;
|
(void)haveStaticECC;
|
||||||
(void)haveRSAsig;
|
|
||||||
|
|
||||||
if (suites->setSuites)
|
if (suites->setSuites)
|
||||||
return; /* trust user settings, don't override */
|
return; /* trust user settings, don't override */
|
||||||
@ -457,8 +456,10 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK,
|
|||||||
if (side == SERVER_END && haveStaticECC)
|
if (side == SERVER_END && haveStaticECC)
|
||||||
haveRSA = 0; /* can't do RSA with ECDSA key */
|
haveRSA = 0; /* can't do RSA with ECDSA key */
|
||||||
|
|
||||||
if (side == SERVER_END && haveECDSAsig)
|
if (side == SERVER_END && haveECDSAsig) {
|
||||||
haveRSAsig = 0; /* can't have RSA sig if signed by ECDSA */
|
haveRSAsig = 0; /* can't have RSA sig if signed by ECDSA */
|
||||||
|
(void)haveRSAsig; /* non ecc builds won't read */
|
||||||
|
}
|
||||||
|
|
||||||
#ifdef CYASSL_DTLS
|
#ifdef CYASSL_DTLS
|
||||||
if (pv.major == DTLS_MAJOR && pv.minor == DTLS_MINOR)
|
if (pv.major == DTLS_MAJOR && pv.minor == DTLS_MINOR)
|
||||||
@ -3349,7 +3350,8 @@ int SendCertificate(CYASSL* ssl)
|
|||||||
if (ssl->buffers.certChain.buffer) {
|
if (ssl->buffers.certChain.buffer) {
|
||||||
XMEMCPY(output + i, ssl->buffers.certChain.buffer,
|
XMEMCPY(output + i, ssl->buffers.certChain.buffer,
|
||||||
ssl->buffers.certChain.length);
|
ssl->buffers.certChain.length);
|
||||||
i += ssl->buffers.certChain.length;
|
/* if add more to output adjust i
|
||||||
|
i += ssl->buffers.certChain.length; */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
HashOutput(ssl, output, sendSz, 0);
|
HashOutput(ssl, output, sendSz, 0);
|
||||||
@ -3418,7 +3420,8 @@ int SendCertificateRequest(CYASSL* ssl)
|
|||||||
}
|
}
|
||||||
|
|
||||||
c16toa(0, &output[i]); /* auth's */
|
c16toa(0, &output[i]); /* auth's */
|
||||||
i += REQ_HEADER_SZ;
|
/* if add more to output, adjust i
|
||||||
|
i += REQ_HEADER_SZ; */
|
||||||
|
|
||||||
HashOutput(ssl, output, sendSz, 0);
|
HashOutput(ssl, output, sendSz, 0);
|
||||||
|
|
||||||
@ -5259,7 +5262,8 @@ int SetCipherList(Suites* s, const char* list)
|
|||||||
idx += 2;
|
idx += 2;
|
||||||
}
|
}
|
||||||
XMEMCPY(output + idx, encSecret, encSz);
|
XMEMCPY(output + idx, encSecret, encSz);
|
||||||
idx += encSz;
|
/* if add more to output, adjust idx
|
||||||
|
idx += encSz; */
|
||||||
|
|
||||||
HashOutput(ssl, output, sendSz, 0);
|
HashOutput(ssl, output, sendSz, 0);
|
||||||
|
|
||||||
|
|||||||
@ -1103,7 +1103,6 @@ int DeriveKeys(CYASSL* ssl)
|
|||||||
XMEMCPY(shaInput + idx, ssl->arrays.serverRandom, RAN_LEN);
|
XMEMCPY(shaInput + idx, ssl->arrays.serverRandom, RAN_LEN);
|
||||||
idx += RAN_LEN;
|
idx += RAN_LEN;
|
||||||
XMEMCPY(shaInput + idx, ssl->arrays.clientRandom, RAN_LEN);
|
XMEMCPY(shaInput + idx, ssl->arrays.clientRandom, RAN_LEN);
|
||||||
idx += RAN_LEN;
|
|
||||||
|
|
||||||
ShaUpdate(&sha, shaInput, sizeof(shaInput) - KEY_PREFIX + j);
|
ShaUpdate(&sha, shaInput, sizeof(shaInput) - KEY_PREFIX + j);
|
||||||
ShaFinal(&sha, shaOutput);
|
ShaFinal(&sha, shaOutput);
|
||||||
|
|||||||
@ -722,7 +722,6 @@ int AddCA(CYASSL_CERT_MANAGER* cm, buffer der, int type, int verify)
|
|||||||
|
|
||||||
(void)heap;
|
(void)heap;
|
||||||
(void)dynamicType;
|
(void)dynamicType;
|
||||||
(void)pkcs8Enc;
|
|
||||||
|
|
||||||
if (type == CERT_TYPE || type == CA_TYPE) {
|
if (type == CERT_TYPE || type == CA_TYPE) {
|
||||||
XSTRNCPY(header, "-----BEGIN CERTIFICATE-----", sizeof(header));
|
XSTRNCPY(header, "-----BEGIN CERTIFICATE-----", sizeof(header));
|
||||||
@ -759,8 +758,10 @@ int AddCA(CYASSL_CERT_MANAGER* cm, buffer der, int type, int verify)
|
|||||||
sizeof(footer));
|
sizeof(footer));
|
||||||
|
|
||||||
headerEnd = XSTRNSTR((char*)buff, header, sz);
|
headerEnd = XSTRNSTR((char*)buff, header, sz);
|
||||||
if (headerEnd)
|
if (headerEnd) {
|
||||||
pkcs8Enc = 1;
|
pkcs8Enc = 1;
|
||||||
|
(void)pkcs8Enc; /* only opensslextra will read */
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (!headerEnd && type == PRIVATEKEY_TYPE) { /* may be ecc */
|
if (!headerEnd && type == PRIVATEKEY_TYPE) { /* may be ecc */
|
||||||
@ -936,7 +937,7 @@ int AddCA(CYASSL_CERT_MANAGER* cm, buffer der, int type, int verify)
|
|||||||
CYASSL_MSG("Growing Tmp Chain Buffer");
|
CYASSL_MSG("Growing Tmp Chain Buffer");
|
||||||
bufferSz = sz - consumed; /* will shrink to actual size */
|
bufferSz = sz - consumed; /* will shrink to actual size */
|
||||||
chainBuffer = (byte*)XMALLOC(bufferSz, ctx->heap,
|
chainBuffer = (byte*)XMALLOC(bufferSz, ctx->heap,
|
||||||
DYNAMIC_FILE_TYPE);
|
DYNAMIC_TYPE_FILE);
|
||||||
if (chainBuffer == NULL) {
|
if (chainBuffer == NULL) {
|
||||||
XFREE(der.buffer, ctx->heap, dynamicType);
|
XFREE(der.buffer, ctx->heap, dynamicType);
|
||||||
return MEMORY_E;
|
return MEMORY_E;
|
||||||
@ -1386,6 +1387,7 @@ int CyaSSL_CertManagerVerifyBuffer(CYASSL_CERT_MANAGER* cm, const byte* buff,
|
|||||||
CYASSL_ENTER("CyaSSL_CertManagerVerifyBuffer");
|
CYASSL_ENTER("CyaSSL_CertManagerVerifyBuffer");
|
||||||
|
|
||||||
der.buffer = NULL;
|
der.buffer = NULL;
|
||||||
|
der.length = 0;
|
||||||
|
|
||||||
if (format == SSL_FILETYPE_PEM) {
|
if (format == SSL_FILETYPE_PEM) {
|
||||||
EncryptedInfo info;
|
EncryptedInfo info;
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user