cleanup build warnings

1. Change `CyaSSL_OCSP_set_options()` to return `SSL_SUCCESS` or `SSL_FAILURE` as `int` like rest of API. 2. Fix data narrowing warning in file io.c function `process_http_response()`. 3. Fix global variable shadowed warning in file ssl.c function `CyaSSL_GetSessionAtIndex()` 4. Fix data narrowing warning in file internal.c functions `Encrypt()` and `Decrypt()`. Passed in a word32 size parameter that was provided a word16 and used as a word16. 5. Removed unreachable code from file tls.c function `CyaSSL_GetHmacType()`. 6. Fix data narrowing warnings in file aes.c functions `AesCcmEncrypt()` and `AesCcmDecrypt()`.
2013-08-23 10:09:35 -07:00 · 2013-08-23 10:09:35 -07:00 · d734c86c72
commit d734c86c72
parent 64ba0587a3
6 changed files with 28 additions and 22 deletions
--- a/ctaocrypt/src/aes.c
+++ b/ctaocrypt/src/aes.c
@ -2733,12 +2733,13 @@ void AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
 {
    byte A[AES_BLOCK_SIZE];
    byte B[AES_BLOCK_SIZE];
-    word32 i, lenSz;
+    byte lenSz;
+    word32 i;

    XMEMCPY(B+1, nonce, nonceSz);
-    lenSz = AES_BLOCK_SIZE - 1 - nonceSz;
+    lenSz = AES_BLOCK_SIZE - 1 - (byte)nonceSz;
    B[0] = (authInSz > 0 ? 64 : 0)
-         + (8 * ((authTagSz - 2) / 2))
+         + (8 * (((byte)authTagSz - 2) / 2))
         + (lenSz - 1);
    for (i = 0; i < lenSz; i++)
        B[AES_BLOCK_SIZE - 1 - i] = (inSz >> (8 * i)) & 0xFF;
@ -2750,7 +2751,7 @@ void AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
        roll_x(aes, in, inSz, A);
    XMEMCPY(authTag, A, authTagSz);

-    B[0] = (lenSz - 1);
+    B[0] = lenSz - 1;
    for (i = 0; i < lenSz; i++)
        B[AES_BLOCK_SIZE - 1 - i] = 0;
    AesEncrypt(aes, B, A);
@ -2786,14 +2787,16 @@ int  AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
    byte A[AES_BLOCK_SIZE];
    byte B[AES_BLOCK_SIZE];
    byte* o;
-    word32 i, lenSz, oSz; int result = 0;
+    byte lenSz;
+    word32 i, oSz;
+    int result = 0;

    o = out;
    oSz = inSz;
    XMEMCPY(B+1, nonce, nonceSz);
-    lenSz = AES_BLOCK_SIZE - 1 - nonceSz;
+    lenSz = AES_BLOCK_SIZE - 1 - (byte)nonceSz;

-    B[0] = (lenSz - 1);
+    B[0] = lenSz - 1;
    for (i = 0; i < lenSz; i++)
        B[AES_BLOCK_SIZE - 1 - i] = 0;
    B[15] = 1;
@ -2822,7 +2825,7 @@ int  AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
    oSz = inSz;

    B[0] = (authInSz > 0 ? 64 : 0)
-         + (8 * ((authTagSz - 2) / 2))
+         + (8 * (((byte)authTagSz - 2) / 2))
         + (lenSz - 1);
    for (i = 0; i < lenSz; i++)
        B[AES_BLOCK_SIZE - 1 - i] = (inSz >> (8 * i)) & 0xFF;
@ -2833,7 +2836,7 @@ int  AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
    if (inSz > 0)
        roll_x(aes, o, oSz, A);

-    B[0] = (lenSz - 1);
+    B[0] = lenSz - 1;
    for (i = 0; i < lenSz; i++)
        B[AES_BLOCK_SIZE - 1 - i] = 0;
    AesEncrypt(aes, B, B);
--- a/cyassl/ssl.h
+++ b/cyassl/ssl.h
@ -1140,7 +1140,7 @@ CYASSL_API int CyaSSL_accept_ex(CYASSL*, HandShakeCallBack, TimeoutCallBack,
 #endif /* CYASSL_CALLBACKS */


-CYASSL_API long CyaSSL_CTX_OCSP_set_options(CYASSL_CTX*, long);
+CYASSL_API int  CyaSSL_CTX_OCSP_set_options(CYASSL_CTX*, int);
 CYASSL_API int  CyaSSL_CTX_OCSP_set_override_url(CYASSL_CTX*, const char*);

 /* OCSP Options */
--- a/src/internal.c
+++ b/src/internal.c
@ -3683,7 +3683,7 @@ static INLINE void AeadIncrementExpIV(CYASSL* ssl)
 #endif


-static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word32 sz)
+static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word16 sz)
 {
    (void)out;
    (void)input;
@ -3834,7 +3834,7 @@ static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word32 sz)


 static INLINE int Decrypt(CYASSL* ssl, byte* plain, const byte* input,
-                           word32 sz)
+                           word16 sz)
 {
    (void)plain;
    (void)input;
--- a/src/io.c
+++ b/src/io.c
@ -679,7 +679,8 @@ static int process_http_response(int sfd, byte** respBuf,
        }
        else {
            *end = 0;
-            len -= end - start + 2;
+            len -= (int)(end - start) + 2;
+                /* adjust len to remove the first line including the /r/n */

            if (XSTRNCASECMP(start, "HTTP/1", 6) == 0) {
                start += 9;
--- a/src/ssl.c
+++ b/src/ssl.c
@ -4797,14 +4797,14 @@ int CyaSSL_GetSessionIndex(CYASSL* ssl)
 }


-int CyaSSL_GetSessionAtIndex(int index, CYASSL_SESSION* session)
+int CyaSSL_GetSessionAtIndex(int idx, CYASSL_SESSION* session)
 {
    int row, col, result = SSL_FAILURE;

    CYASSL_ENTER("CyaSSL_GetSessionAtIndex");

-    row = index >> SESSIDX_ROW_SHIFT;
-    col = index & SESSIDX_IDX_MASK;
+    row = idx >> SESSIDX_ROW_SHIFT;
+    col = idx & SESSIDX_IDX_MASK;

    if (LockMutex(&session_mutex) != 0) {
        return BAD_MUTEX_ERROR;
@ -10353,7 +10353,7 @@ const byte* CyaSSL_get_sessionID(const CYASSL_SESSION* session)
 #endif /* SESSION_CERTS */


-long CyaSSL_CTX_OCSP_set_options(CYASSL_CTX* ctx, long options)
+int CyaSSL_CTX_OCSP_set_options(CYASSL_CTX* ctx, int options)
 {
    CYASSL_ENTER("CyaSSL_CTX_OCSP_set_options");
 #ifdef HAVE_OCSP
@ -10361,9 +10361,9 @@ long CyaSSL_CTX_OCSP_set_options(CYASSL_CTX* ctx, long options)
        ctx->ocsp.enabled = (options & CYASSL_OCSP_ENABLE) != 0;
        ctx->ocsp.useOverrideUrl = (options & CYASSL_OCSP_URL_OVERRIDE) != 0;
        ctx->ocsp.useNonce = (options & CYASSL_OCSP_NO_NONCE) == 0;
-        return 1;
+        return SSL_SUCCESS;
    }
-    return 0;
+    return SSL_FAILURE;
 #else
    (void)ctx;
    (void)options;
--- a/src/tls.c
+++ b/src/tls.c
@ -450,15 +450,17 @@ int CyaSSL_GetHmacType(CYASSL* ssl)
        #endif
        #ifndef NO_SHA
        case sha_mac:
-        default:
        {
            return SHA;
        }
        break;
        #endif
+        default:
+        {
+            return SSL_FATAL_ERROR;
+        }
+        break;
    }
-
-    return -1;
 }