ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-05-10 00:49:04 +08:00
Code Issues Releases Wiki Activity

Use size_t cast for pointer subtractions

Browse Source 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman 2023-11-04 12:20:09 +00:00
parent effdfe7409
commit e4a6f5a7ec
26 changed files with 99 additions and 98 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
library/aesce.c
View File

@ -300,7 +300,7 @@ static void aesce_setkey_enc(unsigned char *rk,
rki + key_len_in_words < rko_end;
rki += key_len_in_words) {
size_t iteration = (rki - (uint32_t *) rk) / key_len_in_words;
size_t iteration = (size_t) (rki - (uint32_t *) rk) / key_len_in_words;
uint32_t *rko;
rko = rki + key_len_in_words;
rko[0] = aes_rot_word(aes_sub_word(rki[key_len_in_words - 1]));

4
library/base64.c
View File

@ -116,7 +116,7 @@ int mbedtls_base64_encode(unsigned char *dst, size_t dlen, size_t *olen,
*p++ = '=';
}
*olen = p - dst;
*olen = (size_t) (p - dst);
*p = 0;
return 0;
@ -225,7 +225,7 @@ int mbedtls_base64_decode(unsigned char *dst, size_t dlen, size_t *olen,
}
}
*olen = p - dst;
*olen = (size_t) (p - dst);
return 0;
}

2
library/bignum.c
View File

@ -701,7 +701,7 @@ int mbedtls_mpi_write_string(const mbedtls_mpi *X, int radix,
}
*p++ = '\0';
*olen = p - buf;
*olen = (size_t) (p - buf);
cleanup:

2
library/debug.c
View File

@ -366,7 +366,7 @@ static void debug_print_line_by_line(const mbedtls_ssl_context *ssl, int level,
start = text;
for (cur = text; *cur != '\0'; cur++) {
if (*cur == '\n') {
size_t len = cur - start + 1;
size_t len = (size_t) (cur - start) + 1;
if (len > DEBUG_BUF_SIZE - 1) {
len = DEBUG_BUF_SIZE - 1;
}

4
library/dhm.c
View File

@ -51,7 +51,7 @@ static int dhm_read_bignum(mbedtls_mpi *X,
n = ((*p)[0] << 8) | (*p)[1];
(*p) += 2;
if ((int) (end - *p) < n) {
if ((size_t) (end - *p) < (size_t) n) {
return MBEDTLS_ERR_DHM_BAD_INPUT_DATA;
}
@ -257,7 +257,7 @@ int mbedtls_dhm_make_params(mbedtls_dhm_context *ctx, int x_size,
DHM_MPI_EXPORT(&ctx->G, n2);
DHM_MPI_EXPORT(&ctx->GX, n3);
*olen = p - output;
*olen = (size_t) (p - output);
cleanup:
if (ret != 0 && ret > -128) {

4
library/ecdh.c
View File

@ -363,7 +363,7 @@ static int ecdh_read_params_internal(mbedtls_ecdh_context_mbed *ctx,
const unsigned char *end)
{
return mbedtls_ecp_tls_read_point(&ctx->grp, &ctx->Qp, buf,
end - *buf);
(size_t) (end - *buf));
}
/*
@ -379,7 +379,7 @@ int mbedtls_ecdh_read_params(mbedtls_ecdh_context *ctx,
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_ecp_group_id grp_id;
if ((ret = mbedtls_ecp_tls_read_group_id(&grp_id, buf, end - *buf))
if ((ret = mbedtls_ecp_tls_read_group_id(&grp_id, buf, (size_t) (end - *buf)))
!= 0) {
return ret;
}

20
library/ecjpake.c
View File

@ -168,7 +168,7 @@ static int ecjpake_write_len_point(unsigned char **p,
}
ret = mbedtls_ecp_point_write_binary(grp, P, pf,
&len, *p + 4, end - (*p + 4));
&len, *p + 4, (size_t) (end - (*p + 4)));
if (ret != 0) {
return ret;
}
@ -226,7 +226,7 @@ static int ecjpake_hash(const mbedtls_md_type_t md_type,
/* Compute hash */
MBEDTLS_MPI_CHK(mbedtls_ecjpake_compute_hash(md_type,
buf, p - buf, hash));
buf, (size_t) (p - buf), hash));
/* Turn it into an integer mod n */
MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(h, hash,
@ -269,7 +269,7 @@ static int ecjpake_zkp_read(const mbedtls_md_type_t md_type,
return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
}
MBEDTLS_MPI_CHK(mbedtls_ecp_tls_read_point(grp, &V, p, end - *p));
MBEDTLS_MPI_CHK(mbedtls_ecp_tls_read_point(grp, &V, p, (size_t) (end - *p)));
if (end < *p || (size_t) (end - *p) < 1) {
ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
@ -346,7 +346,7 @@ static int ecjpake_zkp_write(const mbedtls_md_type_t md_type,
/* Write it out */
MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_point(grp, &V,
pf, &len, *p, end - *p));
pf, &len, *p, (size_t) (end - *p)));
*p += len;
len = mbedtls_mpi_size(&h); /* actually r */
@ -392,7 +392,7 @@ static int ecjpake_kkp_read(const mbedtls_md_type_t md_type,
* ECSchnorrZKP zkp;
* } ECJPAKEKeyKP;
*/
MBEDTLS_MPI_CHK(mbedtls_ecp_tls_read_point(grp, X, p, end - *p));
MBEDTLS_MPI_CHK(mbedtls_ecp_tls_read_point(grp, X, p, (size_t) (end - *p)));
if (mbedtls_ecp_is_zero(X)) {
ret = MBEDTLS_ERR_ECP_INVALID_KEY;
goto cleanup;
@ -431,7 +431,7 @@ static int ecjpake_kkp_write(const mbedtls_md_type_t md_type,
MBEDTLS_MPI_CHK(mbedtls_ecp_gen_keypair_base((mbedtls_ecp_group *) grp, G, x, X,
f_rng, p_rng));
MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_point(grp, X,
pf, &len, *p, end - *p));
pf, &len, *p, (size_t) (end - *p)));
*p += len;
/* Generate and write proof */
@ -504,7 +504,7 @@ static int ecjpake_kkpp_write(const mbedtls_md_type_t md_type,
MBEDTLS_MPI_CHK(ecjpake_kkp_write(md_type, grp, pf, G, xm2, Xb, id,
&p, end, f_rng, p_rng));
*olen = p - buf;
*olen = (size_t) (p - buf);
cleanup:
return ret;
@ -693,7 +693,7 @@ int mbedtls_ecjpake_write_round_two(mbedtls_ecjpake_context *ctx,
goto cleanup;
}
MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_group(&ctx->grp, &ec_len,
p, end - p));
p, (size_t) (end - p)));
p += ec_len;
}
@ -702,7 +702,7 @@ int mbedtls_ecjpake_write_round_two(mbedtls_ecjpake_context *ctx,
goto cleanup;
}
MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_point(&ctx->grp, &Xm,
ctx->point_format, &ec_len, p, end - p));
ctx->point_format, &ec_len, p, (size_t) (end - p)));
p += ec_len;
MBEDTLS_MPI_CHK(ecjpake_zkp_write(ctx->md_type, &ctx->grp,
@ -710,7 +710,7 @@ int mbedtls_ecjpake_write_round_two(mbedtls_ecjpake_context *ctx,
&G, &xm, &Xm, ID_MINE,
&p, end, f_rng, p_rng));
*olen = p - buf;
*olen = (size_t) (p - buf);
cleanup:
mbedtls_ecp_point_free(&G);

8
library/lms.c
View File

@ -505,7 +505,7 @@ static int get_merkle_path(mbedtls_lms_private_t *ctx,
unsigned int height;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
tree = mbedtls_calloc(MERKLE_TREE_NODE_AM(ctx->params.type),
tree = mbedtls_calloc((size_t) MERKLE_TREE_NODE_AM(ctx->params.type),
node_bytes);
if (tree == NULL) {
return MBEDTLS_ERR_LMS_ALLOC_FAILED;
@ -530,7 +530,7 @@ static int get_merkle_path(mbedtls_lms_private_t *ctx,
exit:
mbedtls_zeroize_and_free(tree, node_bytes *
MERKLE_TREE_NODE_AM(ctx->params.type));
(size_t) MERKLE_TREE_NODE_AM(ctx->params.type));
return ret;
}
@ -669,7 +669,7 @@ int mbedtls_lms_calculate_public_key(mbedtls_lms_public_t *ctx,
return MBEDTLS_ERR_LMS_BAD_INPUT_DATA;
}
tree = mbedtls_calloc(MERKLE_TREE_NODE_AM(priv_ctx->params.type),
tree = mbedtls_calloc((size_t) MERKLE_TREE_NODE_AM(priv_ctx->params.type),
node_bytes);
if (tree == NULL) {
return MBEDTLS_ERR_LMS_ALLOC_FAILED;
@ -692,7 +692,7 @@ int mbedtls_lms_calculate_public_key(mbedtls_lms_public_t *ctx,
exit:
mbedtls_zeroize_and_free(tree, node_bytes *
MERKLE_TREE_NODE_AM(priv_ctx->params.type));
(size_t) MERKLE_TREE_NODE_AM(priv_ctx->params.type));
return ret;
}

2
library/oid.c
View File

@ -1129,7 +1129,7 @@ int mbedtls_oid_from_numeric_string(mbedtls_asn1_buf *oid,
}
}
encoded_len = out_ptr - oid->p;
encoded_len = (size_t) (out_ptr - oid->p);
resized_mem = mbedtls_calloc(encoded_len, 1);
if (resized_mem == NULL) {
ret = MBEDTLS_ERR_ASN1_ALLOC_FAILED;

8
library/pem.c
View File

@ -298,7 +298,7 @@ int mbedtls_pem_read_buffer(mbedtls_pem_context *ctx, const char *header, const
if (*end == '\n') {
end++;
}
*use_len = end - data;
*use_len = (size_t) (end - data);
enc = 0;
@ -383,7 +383,7 @@ int mbedtls_pem_read_buffer(mbedtls_pem_context *ctx, const char *header, const
return MBEDTLS_ERR_PEM_INVALID_DATA;
}
ret = mbedtls_base64_decode(NULL, 0, &len, s1, s2 - s1);
ret = mbedtls_base64_decode(NULL, 0, &len, s1, (size_t) (s2 - s1));
if (ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER) {
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PEM_INVALID_DATA, ret);
@ -393,7 +393,7 @@ int mbedtls_pem_read_buffer(mbedtls_pem_context *ctx, const char *header, const
return MBEDTLS_ERR_PEM_ALLOC_FAILED;
}
if ((ret = mbedtls_base64_decode(buf, len, &len, s1, s2 - s1)) != 0) {
if ((ret = mbedtls_base64_decode(buf, len, &len, s1, (size_t) (s2 - s1))) != 0) {
mbedtls_zeroize_and_free(buf, len);
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PEM_INVALID_DATA, ret);
}
@ -508,7 +508,7 @@ int mbedtls_pem_write_buffer(const char *header, const char *footer,
p += strlen(footer);
*p++ = '\0';
*olen = p - buf;
*olen = (size_t) (p - buf);
/* Clean any remaining data previously written to the buffer */
memset(buf + *olen, 0, buf_len - *olen);

2
library/pkcs7.c
View File

@ -316,7 +316,7 @@ static int pkcs7_get_signer_info(unsigned char **p, unsigned char *end,
goto out;
}
signer->issuer_raw.len = *p - signer->issuer_raw.p;
signer->issuer_raw.len = (size_t) (*p - signer->issuer_raw.p);
ret = mbedtls_x509_get_serial(p, end_issuer_and_sn, &signer->serial);
if (ret != 0) {

4
library/pkparse.c
View File

@ -928,7 +928,7 @@ int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end,
ret = pk_use_ecparams(&alg_params, pk);
}
if (ret == 0) {
ret = pk_ecc_set_pubkey(pk, *p, end - *p);
ret = pk_ecc_set_pubkey(pk, *p, (size_t) (end - *p));
*p += end - *p;
}
} else
@ -1233,7 +1233,7 @@ static int pk_parse_key_sec1_der(mbedtls_pk_context *pk,
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
}
if ((ret = pk_ecc_set_pubkey(pk, p, end2 - p)) == 0) {
if ((ret = pk_ecc_set_pubkey(pk, p, (size_t) (end2 - p))) == 0) {
pubkey_done = 1;
} else {
/*

2
library/psa_crypto.c
View File

@ -6625,7 +6625,7 @@ static psa_status_t psa_tls12_prf_psk_to_ms_set_key(
memcpy(cur, data, data_length);
cur += data_length;
status = psa_tls12_prf_set_key(prf, pms, cur - pms);
status = psa_tls12_prf_set_key(prf, pms, (size_t) (cur - pms));
mbedtls_zeroize_and_free(pms, pms_len);
return status;

6
library/rsa.c
View File

@ -1620,12 +1620,12 @@ int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx,
goto cleanup;
}
if (ilen - (p - buf) > output_max_len) {
if (ilen - ((size_t) (p - buf)) > output_max_len) {
ret = MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE;
goto cleanup;
}
*olen = ilen - (p - buf);
*olen = ilen - ((size_t) (p - buf));
if (*olen != 0) {
memcpy(output, p, *olen);
}
@ -2191,7 +2191,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_rsa_context *ctx,
return MBEDTLS_ERR_RSA_INVALID_PADDING;
}
observed_salt_len = hash_start - p;
observed_salt_len = (size_t) (hash_start - p);
if (expected_salt_len != MBEDTLS_RSA_SALT_LEN_ANY &&
observed_salt_len != (size_t) expected_salt_len) {

14
library/ssl_client.c
View File

@ -155,7 +155,7 @@ static int ssl_write_alpn_ext(mbedtls_ssl_context *ssl,
p += protocol_name_len;
}
*out_len = p - buf;
*out_len = (size_t) (p - buf);
/* List length = *out_len - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */
MBEDTLS_PUT_UINT16_BE(*out_len - 6, buf, 4);
@ -285,7 +285,7 @@ static int ssl_write_supported_groups_ext(mbedtls_ssl_context *ssl,
}
/* Length of named_group_list */
named_group_list_len = p - named_group_list;
named_group_list_len = (size_t) (p - named_group_list);
if (named_group_list_len == 0) {
MBEDTLS_SSL_DEBUG_MSG(1, ("No group available."));
return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
@ -301,7 +301,7 @@ static int ssl_write_supported_groups_ext(mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_BUF(3, "Supported groups extension",
buf + 4, named_group_list_len + 2);
*out_len = p - buf;
*out_len = (size_t) (p - buf);
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
mbedtls_ssl_tls13_set_hs_sent_ext_mask(
@ -391,14 +391,14 @@ static int ssl_write_client_hello_cipher_suites(
}
/* Write the cipher_suites length in number of bytes */
cipher_suites_len = p - cipher_suites;
cipher_suites_len = (size_t) (p - cipher_suites);
MBEDTLS_PUT_UINT16_BE(cipher_suites_len, buf, 0);
MBEDTLS_SSL_DEBUG_MSG(3,
("client hello, got %" MBEDTLS_PRINTF_SIZET " cipher suites",
cipher_suites_len/2));
/* Output the total length of cipher_suites field. */
*out_len = p - buf;
*out_len = (size_t) (p - buf);
return 0;
}
@ -679,7 +679,7 @@ static int ssl_write_client_hello_body(mbedtls_ssl_context *ssl,
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */
/* Write the length of the list of extensions. */
extensions_len = p - p_extensions_len - 2;
extensions_len = (size_t) (p - p_extensions_len) - 2;
if (extensions_len == 0) {
p = p_extensions_len;
@ -696,7 +696,7 @@ static int ssl_write_client_hello_body(mbedtls_ssl_context *ssl,
3, MBEDTLS_SSL_HS_CLIENT_HELLO, handshake->sent_extensions);
#endif
*out_len = p - buf;
*out_len = (size_t) (p - buf);
return 0;
}

27
library/ssl_msg.c
View File

@ -848,7 +848,7 @@ static void ssl_extract_add_data_from_record(unsigned char *add_data,
cur += 2;
}
*add_data_len = cur - add_data;
*add_data_len = (size_t) (cur - add_data);
}
#if defined(MBEDTLS_SSL_HAVE_AEAD)
@ -1212,7 +1212,7 @@ hmac_failed_etm_disabled:
iv, transform->ivlen,
add_data, add_data_len,
data, rec->data_len, /* src */
data, rec->buf_len - (data - rec->buf), /* dst */
data, rec->buf_len - (size_t) (data - rec->buf), /* dst */
&rec->data_len,
transform->taglen)) != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_auth_encrypt_ext", ret);
@ -1635,12 +1635,13 @@ int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl,
return ret;
}
#else
if ((ret = mbedtls_cipher_auth_decrypt_ext(&transform->cipher_ctx_dec,
iv, transform->ivlen,
add_data, add_data_len,
data, rec->data_len + transform->taglen, /* src */
data, rec->buf_len - (data - rec->buf), &olen, /* dst */
transform->taglen)) != 0) {
if ((ret = mbedtls_cipher_auth_decrypt_ext
(&transform->cipher_ctx_dec,
iv, transform->ivlen,
add_data, add_data_len,
data, rec->data_len + transform->taglen, /* src */
data, rec->buf_len - (size_t) (data - rec->buf), &olen, /* dst */
transform->taglen)) != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_auth_decrypt_ext", ret);
if (ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED) {
@ -2228,7 +2229,7 @@ int mbedtls_ssl_fetch_input(mbedtls_ssl_context *ssl, size_t nb_want)
MBEDTLS_SSL_DEBUG_MSG(2, ("timer has expired"));
ret = MBEDTLS_ERR_SSL_TIMEOUT;
} else {
len = in_buf_len - (ssl->in_hdr - ssl->in_buf);
len = in_buf_len - (size_t) (ssl->in_hdr - ssl->in_buf);
if (mbedtls_ssl_is_handshake_over(ssl) == 0) {
timeout = ssl->handshake->retransmit_timeout;
@ -2592,7 +2593,7 @@ int mbedtls_ssl_flight_transmit(mbedtls_ssl_context *ssl)
} else {
const unsigned char * const p = ssl->handshake->cur_msg_p;
const size_t hs_len = cur->len - 12;
const size_t frag_off = p - (cur->p + 12);
const size_t frag_off = (size_t) (p - (cur->p + 12));
const size_t rem_len = hs_len - frag_off;
size_t cur_hs_frag_len, max_hs_frag_len;
@ -2969,9 +2970,9 @@ int mbedtls_ssl_write_record(mbedtls_ssl_context *ssl, int force_flush)
mbedtls_record rec;
rec.buf = ssl->out_iv;
rec.buf_len = out_buf_len - (ssl->out_iv - ssl->out_buf);
rec.buf_len = out_buf_len - (size_t) (ssl->out_iv - ssl->out_buf);
rec.data_len = ssl->out_msglen;
rec.data_offset = ssl->out_msg - rec.buf;
rec.data_offset = (size_t) (ssl->out_msg - rec.buf);
memcpy(&rec.ctr[0], ssl->out_ctr, sizeof(rec.ctr));
mbedtls_ssl_write_version(rec.ver, ssl->conf->transport, tls_ver);
@ -3594,7 +3595,7 @@ int mbedtls_ssl_check_dtls_clihlo_cookie(
return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
}
*olen = p - obuf;
*olen = (size_t) (p - obuf);
/* Go back and fill length fields */
obuf[27] = (unsigned char) (*olen - 28);

4
library/ssl_ticket.c
View File

@ -341,7 +341,7 @@ int mbedtls_ssl_ticket_write(void *p_ticket,
/* Dump session state */
if ((ret = mbedtls_ssl_session_save(session,
state, end - state,
state, (size_t) (end - state),
&clear_len)) != 0 ||
(unsigned long) clear_len > 65535) {
goto cleanup;
@ -364,7 +364,7 @@ int mbedtls_ssl_ticket_write(void *p_ticket,
/* Additional data: key name, IV and length */
key_name, TICKET_ADD_DATA_LEN,
state, clear_len,
state, end - state, &ciph_len,
state, (size_t) (end - state), &ciph_len,
TICKET_AUTH_TAG_BYTES)) != 0) {
goto cleanup;
}

12
library/ssl_tls.c
View File

@ -3755,7 +3755,7 @@ static int ssl_session_load(mbedtls_ssl_session *session,
session->tls_version = (mbedtls_ssl_protocol_version) (0x0300 | *p++);
/* Dispatch according to TLS version. */
remaining_len = (end - p);
remaining_len = (size_t) (end - p);
switch (session->tls_version) {
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
case MBEDTLS_SSL_VERSION_TLS1_2:
@ -6795,7 +6795,7 @@ int mbedtls_ssl_psk_derive_premaster(mbedtls_ssl_context *ssl, mbedtls_key_excha
/* Write length only when we know the actual value */
if ((ret = mbedtls_dhm_calc_secret(&ssl->handshake->dhm_ctx,
p + 2, end - (p + 2), &len,
p + 2, (size_t) (end - (p + 2)), &len,
ssl->conf->f_rng, ssl->conf->p_rng)) != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_calc_secret", ret);
return ret;
@ -6812,7 +6812,7 @@ int mbedtls_ssl_psk_derive_premaster(mbedtls_ssl_context *ssl, mbedtls_key_excha
size_t zlen;
if ((ret = mbedtls_ecdh_calc_secret(&ssl->handshake->ecdh_ctx, &zlen,
p + 2, end - (p + 2),
p + 2, (size_t) (end - (p + 2)),
ssl->conf->f_rng, ssl->conf->p_rng)) != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_calc_secret", ret);
return ret;
@ -6845,7 +6845,7 @@ int mbedtls_ssl_psk_derive_premaster(mbedtls_ssl_context *ssl, mbedtls_key_excha
memcpy(p, psk, psk_len);
p += psk_len;
ssl->handshake->pmslen = p - ssl->handshake->premaster;
ssl->handshake->pmslen = (size_t) (p - ssl->handshake->premaster);
return 0;
}
@ -9328,7 +9328,7 @@ int mbedtls_ssl_write_sig_alg_ext(mbedtls_ssl_context *ssl, unsigned char *buf,
}
/* Length of supported_signature_algorithms */
supported_sig_alg_len = p - supported_sig_alg;
supported_sig_alg_len = (size_t) (p - supported_sig_alg);
if (supported_sig_alg_len == 0) {
MBEDTLS_SSL_DEBUG_MSG(1, ("No signature algorithms defined."));
return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
@ -9338,7 +9338,7 @@ int mbedtls_ssl_write_sig_alg_ext(mbedtls_ssl_context *ssl, unsigned char *buf,
MBEDTLS_PUT_UINT16_BE(supported_sig_alg_len + 2, buf, 2);
MBEDTLS_PUT_UINT16_BE(supported_sig_alg_len, buf, 4);
*out_len = p - buf;
*out_len = (size_t) (p - buf);
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_SIG_ALG);

10
library/ssl_tls12_client.c
View File

@ -607,7 +607,7 @@ int mbedtls_ssl_tls12_write_client_hello_exts(mbedtls_ssl_context *ssl,
p += ext_len;
#endif
*out_len = p - buf;
*out_len = (size_t) (p - buf);
return 0;
}
@ -2174,7 +2174,7 @@ start_processing:
#endif
p = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl);
end = ssl->in_msg + ssl->in_hslen;
MBEDTLS_SSL_DEBUG_BUF(3, "server key exchange", p, end - p);
MBEDTLS_SSL_DEBUG_BUF(3, "server key exchange", p, (size_t) (end - p));
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
@ -2299,7 +2299,7 @@ start_processing:
mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE;
mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE;
unsigned char *params = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl);
size_t params_len = p - params;
size_t params_len = (size_t) (p - params);
void *rs_ctx = NULL;
uint16_t sig_alg;
@ -3252,9 +3252,9 @@ static int ssl_write_certificate_verify(mbedtls_ssl_context *ssl)
size_t hashlen;
void *rs_ctx = NULL;
#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
size_t out_buf_len = ssl->out_buf_len - (ssl->out_msg - ssl->out_buf);
size_t out_buf_len = ssl->out_buf_len - (size_t) (ssl->out_msg - ssl->out_buf);
#else
size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN - (ssl->out_msg - ssl->out_buf);
size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN - (size_t) (ssl->out_msg - ssl->out_buf);
#endif
MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate verify"));

28
library/ssl_tls12_server.c
View File

@ -1858,7 +1858,7 @@ static void ssl_write_renegotiation_ext(mbedtls_ssl_context *ssl,
*p++ = 0x00;
}
*olen = p - buf;
*olen = (size_t) (p - buf);
}
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
@ -1950,7 +1950,7 @@ static void ssl_write_ecjpake_kkpp_ext(mbedtls_ssl_context *ssl,
#if defined(MBEDTLS_USE_PSA_CRYPTO)
ret = mbedtls_psa_ecjpake_write_round(&ssl->handshake->psa_pake_ctx,
p + 2, end - p - 2, &kkpp_len,
p + 2, (size_t) (end - p - 2), &kkpp_len,
MBEDTLS_ECJPAKE_ROUND_ONE);
if (ret != 0) {
psa_destroy_key(ssl->handshake->psa_pake_password);
@ -1960,7 +1960,7 @@ static void ssl_write_ecjpake_kkpp_ext(mbedtls_ssl_context *ssl,
}
#else
ret = mbedtls_ecjpake_write_round_one(&ssl->handshake->ecjpake_ctx,
p + 2, end - p - 2, &kkpp_len,
p + 2, (size_t) (end - p - 2), &kkpp_len,
ssl->conf->f_rng, ssl->conf->p_rng);
if (ret != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_write_round_one", ret);
@ -2081,7 +2081,7 @@ static int ssl_write_hello_verify_request(mbedtls_ssl_context *ssl)
MBEDTLS_SSL_DEBUG_BUF(3, "cookie sent", cookie_len_byte + 1, *cookie_len_byte);
ssl->out_msglen = p - ssl->out_msg;
ssl->out_msglen = (size_t) (p - ssl->out_msg);
ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
ssl->out_msg[0] = MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST;
@ -2386,7 +2386,7 @@ static int ssl_write_server_hello(mbedtls_ssl_context *ssl)
p += 2 + ext_len;
}
ssl->out_msglen = p - buf;
ssl->out_msglen = (size_t) (p - buf);
ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_HELLO;
@ -2570,12 +2570,12 @@ static int ssl_write_certificate_request(mbedtls_ssl_context *ssl)
MBEDTLS_SSL_DEBUG_BUF(3, "requested DN", p - dn_size, dn_size);
total_dn_size += 2 + dn_size;
total_dn_size += (unsigned short) (2 + dn_size);
crt = crt->next;
}
}
ssl->out_msglen = p - buf;
ssl->out_msglen = (size_t) (p - buf);
ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST;
MBEDTLS_PUT_UINT16_BE(total_dn_size, ssl->out_msg, 4 + ct_len + sa_len);
@ -2779,9 +2779,9 @@ static int ssl_prepare_server_key_exchange(mbedtls_ssl_context *ssl,
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
size_t out_buf_len = ssl->out_buf_len - (ssl->out_msg - ssl->out_buf);
size_t out_buf_len = ssl->out_buf_len - (size_t) (ssl->out_msg - ssl->out_buf);
#else
size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN - (ssl->out_msg - ssl->out_buf);
size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN - (size_t) (ssl->out_msg - ssl->out_buf);
#endif
#endif
@ -3086,7 +3086,7 @@ curve_matching_done:
return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
}
size_t dig_signed_len = ssl->out_msg + ssl->out_msglen - dig_signed;
size_t dig_signed_len = (size_t) (ssl->out_msg + ssl->out_msglen - dig_signed);
size_t hashlen = 0;
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
@ -3763,7 +3763,7 @@ static int ssl_parse_client_key_exchange(mbedtls_ssl_context *ssl)
handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
#else
if ((ret = mbedtls_ecdh_read_public(&ssl->handshake->ecdh_ctx,
p, end - p)) != 0) {
p, (size_t) (end - p))) != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_read_public", ret);
return MBEDTLS_ERR_SSL_DECODE_ERROR;
}
@ -3976,7 +3976,7 @@ static int ssl_parse_client_key_exchange(mbedtls_ssl_context *ssl)
}
if ((ret = mbedtls_ecdh_read_public(&ssl->handshake->ecdh_ctx,
p, end - p)) != 0) {
p, (size_t) (end - p))) != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_read_public", ret);
return MBEDTLS_ERR_SSL_DECODE_ERROR;
}
@ -4005,7 +4005,7 @@ static int ssl_parse_client_key_exchange(mbedtls_ssl_context *ssl)
if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE) {
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if ((ret = mbedtls_psa_ecjpake_read_round(
&ssl->handshake->psa_pake_ctx, p, end - p,
&ssl->handshake->psa_pake_ctx, p, (size_t) (end - p),
MBEDTLS_ECJPAKE_ROUND_TWO)) != 0) {
psa_destroy_key(ssl->handshake->psa_pake_password);
psa_pake_abort(&ssl->handshake->psa_pake_ctx);
@ -4015,7 +4015,7 @@ static int ssl_parse_client_key_exchange(mbedtls_ssl_context *ssl)
}
#else
ret = mbedtls_ecjpake_read_round_two(&ssl->handshake->ecjpake_ctx,
p, end - p);
p, (size_t) (end - p));
if (ret != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_read_round_two", ret);
return MBEDTLS_ERR_SSL_INTERNAL_ERROR;

8
library/x509_create.c
View File

@ -169,7 +169,7 @@ static int parse_attribute_value_string(const char *s,
return MBEDTLS_ERR_X509_INVALID_NAME;
}
}
*data_len = d - data;
*data_len = (size_t) (d - data);
return 0;
}
@ -297,8 +297,8 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam
while (c <= end) {
if (in_attr_type && *c == '=') {
if ((attr_descr = x509_attr_descr_from_name(s, c - s)) == NULL) {
if ((mbedtls_oid_from_numeric_string(&oid, s, c - s)) != 0) {
if ((attr_descr = x509_attr_descr_from_name(s, (size_t) (c - s))) == NULL) {
if ((mbedtls_oid_from_numeric_string(&oid, s, (size_t) (c - s))) != 0) {
return MBEDTLS_ERR_X509_INVALID_NAME;
} else {
numericoid = 1;
@ -322,7 +322,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam
/* We know that c >= s (loop invariant) and c != s (in this
* else branch), hence c - s - 1 >= 0. */
parse_ret = parse_attribute_value_hex_der_encoded(
s + 1, c - s - 1,
s + 1, (size_t) (c - s) - 1,
data, sizeof(data), &data_len, &tag);
if (parse_ret != 0) {
mbedtls_free(oid.p);

4
library/x509_crl.c
View File

@ -367,7 +367,7 @@ int mbedtls_x509_crl_parse_der(mbedtls_x509_crl *chain,
}
end = p + len;
crl->tbs.len = end - crl->tbs.p;
crl->tbs.len = (size_t) (end - crl->tbs.p);
/*
* Version ::= INTEGER OPTIONAL { v1(0), v2(1) }
@ -411,7 +411,7 @@ int mbedtls_x509_crl_parse_der(mbedtls_x509_crl *chain,
return ret;
}
crl->issuer_raw.len = p - crl->issuer_raw.p;
crl->issuer_raw.len = (size_t) (p - crl->issuer_raw.p);
/*
* thisUpdate Time

10
library/x509_crt.c
View File

@ -1108,7 +1108,7 @@ static int x509_crt_parse_der_core(mbedtls_x509_crt *crt,
}
end = crt_end = p + len;
crt->raw.len = crt_end - buf;
crt->raw.len = (size_t) (crt_end - buf);
if (make_copy != 0) {
/* Create and populate a new buffer for the raw field. */
crt->raw.p = p = mbedtls_calloc(1, crt->raw.len);
@ -1138,7 +1138,7 @@ static int x509_crt_parse_der_core(mbedtls_x509_crt *crt,
}
end = p + len;
crt->tbs.len = end - crt->tbs.p;
crt->tbs.len = (size_t) (end - crt->tbs.p);
/*
* Version ::= INTEGER { v1(0), v2(1), v3(2) }
@ -1185,7 +1185,7 @@ static int x509_crt_parse_der_core(mbedtls_x509_crt *crt,
return ret;
}
crt->issuer_raw.len = p - crt->issuer_raw.p;
crt->issuer_raw.len = (size_t) (p - crt->issuer_raw.p);
/*
* Validity ::= SEQUENCE {
@ -1215,7 +1215,7 @@ static int x509_crt_parse_der_core(mbedtls_x509_crt *crt,
return ret;
}
crt->subject_raw.len = p - crt->subject_raw.p;
crt->subject_raw.len = (size_t) (p - crt->subject_raw.p);
/*
* SubjectPublicKeyInfo
@ -1225,7 +1225,7 @@ static int x509_crt_parse_der_core(mbedtls_x509_crt *crt,
mbedtls_x509_crt_free(crt);
return ret;
}
crt->pk_raw.len = p - crt->pk_raw.p;
crt->pk_raw.len = (size_t) (p - crt->pk_raw.p);
/*
* issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,

4
library/x509_csr.c
View File

@ -328,7 +328,7 @@ static int mbedtls_x509_csr_parse_der_internal(mbedtls_x509_csr *csr,
}
end = p + len;
csr->cri.len = end - csr->cri.p;
csr->cri.len = (size_t) (end - csr->cri.p);
/*
* Version ::= INTEGER { v1(0) }
@ -361,7 +361,7 @@ static int mbedtls_x509_csr_parse_der_internal(mbedtls_x509_csr *csr,
return ret;
}
csr->subject_raw.len = p - csr->subject_raw.p;
csr->subject_raw.len = (size_t) (p - csr->subject_raw.p);
/*
* subjectPKInfo SubjectPublicKeyInfo

2
library/x509write_crt.c
View File

@ -481,7 +481,7 @@ int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx,
*/
MBEDTLS_ASN1_CHK_ADD(pub_len,
mbedtls_pk_write_pubkey_der(ctx->subject_key,
buf, c - buf));
buf, (size_t) (c - buf)));
c -= pub_len;
len += pub_len;

4
library/x509write_csr.c
View File

@ -185,7 +185,7 @@ static int x509write_csr_der_internal(mbedtls_x509write_csr *ctx,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC));
MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_pk_write_pubkey_der(ctx->key,
buf, c - buf));
buf, (size_t) (c - buf)));
c -= pub_len;
len += pub_len;
@ -276,7 +276,7 @@ static int x509write_csr_der_internal(mbedtls_x509write_csr *ctx,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE));
/* Zero the unused bytes at the start of buf */
memset(buf, 0, c2 - buf);
memset(buf, 0, (size_t) (c2 - buf));
return (int) len;
}