From 23986e5d5d501ae93bed161752708ba18fb9e016 Mon Sep 17 00:00:00 2001
From: Paul Bakker
Date: Sun, 24 Apr 2011 08:57:21 +0000
Subject: [PATCH] - Major type rewrite of int to size_t for most variables and
arguments used for buffer lengths and loops
---
ChangeLog | 5 +
include/polarssl/aes.h | 10 +-
include/polarssl/arc4.h | 6 +-
include/polarssl/base64.h | 10 +-
include/polarssl/bignum.h | 42 ++--
include/polarssl/camellia.h | 10 +-
include/polarssl/cipher.h | 24 +-
include/polarssl/debug.h | 2 +-
include/polarssl/des.h | 6 +-
include/polarssl/dhm.h | 10 +-
include/polarssl/md.h | 34 +--
include/polarssl/md2.h | 16 +-
include/polarssl/md4.h | 14 +-
include/polarssl/md5.h | 14 +-
include/polarssl/net.h | 6 +-
include/polarssl/padlock.h | 2 +-
include/polarssl/pem.h | 6 +-
include/polarssl/pkcs11.h | 4 +-
include/polarssl/rsa.h | 90 +++----
include/polarssl/sha1.h | 14 +-
include/polarssl/sha2.h | 14 +-
include/polarssl/sha4.h | 14 +-
include/polarssl/ssl.h | 40 +--
include/polarssl/x509.h | 16 +-
include/polarssl/xtea.h | 10 +-
library/aes.c | 12 +-
library/arc4.c | 10 +-
library/base64.c | 14 +-
library/bignum.c | 246 ++++++++++---------
library/camellia.c | 16 +-
library/cipher.c | 19 +-
library/cipher_wrap.c | 245 +++++++++----------
library/debug.c | 17 +-
library/des.c | 6 +-
library/dhm.c | 13 +-
library/havege.c | 6 +-
library/md.c | 13 +-
library/md2.c | 19 +-
library/md4.c | 19 +-
library/md5.c | 19 +-
library/md_wrap.c | 313 ++++++++++++------------
library/net.c | 9 +-
library/padlock.c | 8 +-
library/pem.c | 30 +--
library/pkcs11.c | 5 +-
library/rsa.c | 55 +++--
library/sha1.c | 19 +-
library/sha2.c | 19 +-
library/sha4.c | 19 +-
library/ssl_cli.c | 26 +-
library/ssl_srv.c | 31 ++-
library/ssl_tls.c | 122 ++++-----
library/x509parse.c | 137 +++++++----
library/xtea.c | 40 ++-
programs/aes/aescrypt2.c | 3 +-
programs/aes/crypt_and_hash.c | 5 +-
programs/hash/generic_sum.c | 2 +-
programs/hash/md5sum.c | 2 +-
programs/hash/sha1sum.c | 2 +-
programs/hash/sha2sum.c | 2 +-
programs/pkey/dh_client.c | 11 +-
programs/pkey/dh_server.c | 7 +-
programs/pkey/rsa_sign.c | 3 +-
programs/pkey/rsa_verify.c | 3 +-
programs/pkey/rsa_verify_pss.c | 3 +-
programs/ssl/ssl_client2.c | 3 +-
tests/suites/test_suite_cipher.function | 18 +-
67 files changed, 1041 insertions(+), 949 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index e8a7f6998..c797eb706 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,11 @@ Features
(AES CTR, Camellia CTR, XTEA CBC) including the option to
enable and disable individual modes when needed
+Changes
+ * Major argument / variable rewrite. Introduced use of size_t
+ instead of int for buffer lengths and loop variables for
+ better unsigned / signed use
+
= Version 0.99-pre4 released on 2011-04-01
Features
* Added support for PKCS#1 v2.1 encoding and thus support
diff --git a/include/polarssl/aes.h b/include/polarssl/aes.h
index 40b3a56bf..4b975687f 100644
--- a/include/polarssl/aes.h
+++ b/include/polarssl/aes.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_AES_H
#define POLARSSL_AES_H
+#include
+
#define AES_ENCRYPT 1
#define AES_DECRYPT 0
@@ -57,7 +59,7 @@ extern "C" {
*
* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH
*/
-int aes_setkey_enc( aes_context *ctx, const unsigned char *key, int keysize );
+int aes_setkey_enc( aes_context *ctx, const unsigned char *key, unsigned int keysize );
/**
* \brief AES key schedule (decryption)
@@ -68,7 +70,7 @@ int aes_setkey_enc( aes_context *ctx, const unsigned char *key, int keysize );
*
* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH
*/
-int aes_setkey_dec( aes_context *ctx, const unsigned char *key, int keysize );
+int aes_setkey_dec( aes_context *ctx, const unsigned char *key, unsigned int keysize );
/**
* \brief AES-ECB block encryption/decryption
@@ -101,7 +103,7 @@ int aes_crypt_ecb( aes_context *ctx,
*/
int aes_crypt_cbc( aes_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output );
@@ -121,7 +123,7 @@ int aes_crypt_cbc( aes_context *ctx,
*/
int aes_crypt_cfb128( aes_context *ctx,
int mode,
- int length,
+ size_t length,
int *iv_off,
unsigned char iv[16],
const unsigned char *input,
diff --git a/include/polarssl/arc4.h b/include/polarssl/arc4.h
index 2344c74af..48ad60b26 100644
--- a/include/polarssl/arc4.h
+++ b/include/polarssl/arc4.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_ARC4_H
#define POLARSSL_ARC4_H
+#include
+
/**
* \brief ARC4 context structure
*/
@@ -49,7 +51,7 @@ extern "C" {
* \param key the secret key
* \param keylen length of the key
*/
-void arc4_setup( arc4_context *ctx, const unsigned char *key, int keylen );
+void arc4_setup( arc4_context *ctx, const unsigned char *key, unsigned int keylen );
/**
* \brief ARC4 cipher function
@@ -61,7 +63,7 @@ void arc4_setup( arc4_context *ctx, const unsigned char *key, int keylen );
*
* \return 0 if successful
*/
-int arc4_crypt( arc4_context *ctx, int length, const unsigned char *input,
+int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input,
unsigned char *output );
/*
diff --git a/include/polarssl/base64.h b/include/polarssl/base64.h
index 1c6498c5f..27ba68539 100644
--- a/include/polarssl/base64.h
+++ b/include/polarssl/base64.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_BASE64_H
#define POLARSSL_BASE64_H
+#include
+
#define POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL 0x0010
#define POLARSSL_ERR_BASE64_INVALID_CHARACTER 0x0012
@@ -49,8 +51,8 @@ extern "C" {
* \note Call this function with *dlen = 0 to obtain the
* required buffer size in *dlen
*/
-int base64_encode( unsigned char *dst, int *dlen,
- const unsigned char *src, int slen );
+int base64_encode( unsigned char *dst, size_t *dlen,
+ const unsigned char *src, size_t slen );
/**
* \brief Decode a base64-formatted buffer
@@ -68,8 +70,8 @@ int base64_encode( unsigned char *dst, int *dlen,
* \note Call this function with *dlen = 0 to obtain the
* required buffer size in *dlen
*/
-int base64_decode( unsigned char *dst, int *dlen,
- const unsigned char *src, int slen );
+int base64_decode( unsigned char *dst, size_t *dlen,
+ const unsigned char *src, size_t slen );
/**
* \brief Checkup routine
diff --git a/include/polarssl/bignum.h b/include/polarssl/bignum.h
index ebc1f8f2f..909df1d91 100644
--- a/include/polarssl/bignum.h
+++ b/include/polarssl/bignum.h
@@ -28,6 +28,7 @@
#define POLARSSL_BIGNUM_H
#include
+#include
#define POLARSSL_ERR_MPI_FILE_IO_ERROR 0x0002
#define POLARSSL_ERR_MPI_BAD_INPUT_DATA 0x0004
@@ -43,13 +44,16 @@
* Define the base integer type, architecture-wise
*/
#if defined(POLARSSL_HAVE_INT8)
+typedef signed char t_s_int;
typedef unsigned char t_int;
typedef unsigned short t_dbl;
#else
#if defined(POLARSSL_HAVE_INT16)
+typedef signed short t_s_int;
typedef unsigned short t_int;
typedef unsigned long t_dbl;
#else
+ typedef signed long t_s_int;
typedef unsigned long t_int;
#if defined(_MSC_VER) && defined(_M_IX86)
typedef unsigned __int64 t_dbl;
@@ -73,7 +77,7 @@ typedef unsigned long t_dbl;
typedef struct
{
int s; /*!< integer sign */
- int n; /*!< total # of limbs */
+ size_t n; /*!< total # of limbs */
t_int *p; /*!< pointer to limbs */
}
mpi;
@@ -101,7 +105,7 @@ void mpi_free( mpi *X, ... );
* \return 0 if successful,
* 1 if memory allocation failed
*/
-int mpi_grow( mpi *X, int nblimbs );
+int mpi_grow( mpi *X, size_t nblimbs );
/**
* \brief Copy the contents of Y into X
@@ -131,28 +135,28 @@ void mpi_swap( mpi *X, mpi *Y );
* \return 0 if successful,
* 1 if memory allocation failed
*/
-int mpi_lset( mpi *X, int z );
+int mpi_lset( mpi *X, t_s_int z );
/**
* \brief Return the number of least significant bits
*
* \param X MPI to use
*/
-int mpi_lsb( const mpi *X );
+size_t mpi_lsb( const mpi *X );
/**
* \brief Return the number of most significant bits
*
* \param X MPI to use
*/
-int mpi_msb( const mpi *X );
+size_t mpi_msb( const mpi *X );
/**
* \brief Return the total size in bytes
*
* \param X MPI to use
*/
-int mpi_size( const mpi *X );
+size_t mpi_size( const mpi *X );
/**
* \brief Import from an ASCII string
@@ -180,7 +184,7 @@ int mpi_read_string( mpi *X, int radix, const char *s );
* \note Call this function with *slen = 0 to obtain the
* minimum required buffer size in *slen.
*/
-int mpi_write_string( const mpi *X, int radix, char *s, int *slen );
+int mpi_write_string( const mpi *X, int radix, char *s, size_t *slen );
/**
* \brief Read X from an opened file
@@ -217,7 +221,7 @@ int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout );
* \return 0 if successful,
* 1 if memory allocation failed
*/
-int mpi_read_binary( mpi *X, const unsigned char *buf, int buflen );
+int mpi_read_binary( mpi *X, const unsigned char *buf, size_t buflen );
/**
* \brief Export X into unsigned binary data, big endian
@@ -229,7 +233,7 @@ int mpi_read_binary( mpi *X, const unsigned char *buf, int buflen );
* \return 0 if successful,
* POLARSSL_ERR_MPI_BUFFER_TOO_SMALL if buf isn't large enough
*/
-int mpi_write_binary( const mpi *X, unsigned char *buf, int buflen );
+int mpi_write_binary( const mpi *X, unsigned char *buf, size_t buflen );
/**
* \brief Left-shift: X <<= count
@@ -240,7 +244,7 @@ int mpi_write_binary( const mpi *X, unsigned char *buf, int buflen );
* \return 0 if successful,
* 1 if memory allocation failed
*/
-int mpi_shift_l( mpi *X, int count );
+int mpi_shift_l( mpi *X, size_t count );
/**
* \brief Right-shift: X >>= count
@@ -251,7 +255,7 @@ int mpi_shift_l( mpi *X, int count );
* \return 0 if successful,
* 1 if memory allocation failed
*/
-int mpi_shift_r( mpi *X, int count );
+int mpi_shift_r( mpi *X, size_t count );
/**
* \brief Compare unsigned values
@@ -287,7 +291,7 @@ int mpi_cmp_mpi( const mpi *X, const mpi *Y );
* -1 if X is lesser than z or
* 0 if X is equal to z
*/
-int mpi_cmp_int( const mpi *X, int z );
+int mpi_cmp_int( const mpi *X, t_s_int z );
/**
* \brief Unsigned addition: X = |A| + |B|
@@ -347,7 +351,7 @@ int mpi_sub_mpi( mpi *X, const mpi *A, const mpi *B );
* \return 0 if successful,
* 1 if memory allocation failed
*/
-int mpi_add_int( mpi *X, const mpi *A, int b );
+int mpi_add_int( mpi *X, const mpi *A, t_s_int b );
/**
* \brief Signed substraction: X = A - b
@@ -359,7 +363,7 @@ int mpi_add_int( mpi *X, const mpi *A, int b );
* \return 0 if successful,
* 1 if memory allocation failed
*/
-int mpi_sub_int( mpi *X, const mpi *A, int b );
+int mpi_sub_int( mpi *X, const mpi *A, t_s_int b );
/**
* \brief Baseline multiplication: X = A * B
@@ -385,7 +389,7 @@ int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B );
* \return 0 if successful,
* 1 if memory allocation failed
*/
-int mpi_mul_int( mpi *X, const mpi *A, t_int b );
+int mpi_mul_int( mpi *X, const mpi *A, t_s_int b );
/**
* \brief Division by mpi: A = Q * B + R
@@ -417,7 +421,7 @@ int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B );
*
* \note Either Q or R can be NULL.
*/
-int mpi_div_int( mpi *Q, mpi *R, const mpi *A, int b );
+int mpi_div_int( mpi *Q, mpi *R, const mpi *A, t_s_int b );
/**
* \brief Modulo: R = A mod B
@@ -445,7 +449,7 @@ int mpi_mod_mpi( mpi *R, const mpi *A, const mpi *B );
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0,
* POLARSSL_ERR_MPI_NEGATIVE_VALUE if b < 0
*/
-int mpi_mod_int( t_int *r, const mpi *A, int b );
+int mpi_mod_int( t_int *r, const mpi *A, t_s_int b );
/**
* \brief Sliding-window exponentiation: X = A^E mod N
@@ -477,7 +481,7 @@ int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR );
* \return 0 if successful,
* 1 if memory allocation failed
*/
-int mpi_fill_random( mpi *X, int size, int (*f_rng)(void *), void *p_rng );
+int mpi_fill_random( mpi *X, size_t size, int (*f_rng)(void *), void *p_rng );
/**
* \brief Greatest common divisor: G = gcd(A, B)
@@ -531,7 +535,7 @@ int mpi_is_prime( mpi *X, int (*f_rng)(void *), void *p_rng );
* 1 if memory allocation failed,
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if nbits is < 3
*/
-int mpi_gen_prime( mpi *X, int nbits, int dh_flag,
+int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag,
int (*f_rng)(void *), void *p_rng );
/**
diff --git a/include/polarssl/camellia.h b/include/polarssl/camellia.h
index cebd677e7..4884fdc60 100644
--- a/include/polarssl/camellia.h
+++ b/include/polarssl/camellia.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_CAMELLIA_H
#define POLARSSL_CAMELLIA_H
+#include
+
#ifdef _MSC_VER
#include
typedef UINT32 uint32_t;
@@ -63,7 +65,7 @@ extern "C" {
*
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH
*/
-int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, int keysize );
+int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, unsigned int keysize );
/**
* \brief CAMELLIA key schedule (decryption)
@@ -74,7 +76,7 @@ int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, int ke
*
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH
*/
-int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, int keysize );
+int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, unsigned int keysize );
/**
* \brief CAMELLIA-ECB block encryption/decryption
@@ -107,7 +109,7 @@ int camellia_crypt_ecb( camellia_context *ctx,
*/
int camellia_crypt_cbc( camellia_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output );
@@ -127,7 +129,7 @@ int camellia_crypt_cbc( camellia_context *ctx,
*/
int camellia_crypt_cfb128( camellia_context *ctx,
int mode,
- int length,
+ size_t length,
int *iv_off,
unsigned char iv[16],
const unsigned char *input,
diff --git a/include/polarssl/cipher.h b/include/polarssl/cipher.h
index 53755598f..67819da08 100644
--- a/include/polarssl/cipher.h
+++ b/include/polarssl/cipher.h
@@ -96,26 +96,26 @@ typedef struct {
cipher_mode_t mode;
/** Cipher key length, in bits (default length for variable sized ciphers) */
- int key_length;
+ unsigned int key_length;
/** Name of the cipher */
const char * name;
/** IV size, in bytes */
- int iv_size;
+ unsigned int iv_size;
/** block size, in bytes */
- int block_size;
+ unsigned int block_size;
/** Encrypt using CBC */
- int (*cbc_func)( void *ctx, operation_t mode, int length, unsigned char *iv,
+ int (*cbc_func)( void *ctx, operation_t mode, size_t length, unsigned char *iv,
const unsigned char *input, unsigned char *output );
/** Set key for encryption purposes */
- int (*setkey_enc_func)( void *ctx, const unsigned char *key, int key_length);
+ int (*setkey_enc_func)( void *ctx, const unsigned char *key, unsigned int key_length);
/** Set key for decryption purposes */
- int (*setkey_dec_func)( void *ctx, const unsigned char *key, int key_length);
+ int (*setkey_dec_func)( void *ctx, const unsigned char *key, unsigned int key_length);
/** Allocate a new context */
void * (*ctx_alloc_func)( void );
@@ -142,7 +142,7 @@ typedef struct {
unsigned char unprocessed_data[POLARSSL_MAX_IV_LENGTH];
/** Number of bytes that still need processing */
- int unprocessed_len;
+ size_t unprocessed_len;
/** Current IV */
unsigned char iv[POLARSSL_MAX_IV_LENGTH];
@@ -167,7 +167,7 @@ const int *cipher_list( void );
* \brief Returns the cipher information structure associated
* with the given cipher name.
*
- * \param cipher_name Name of the cipher to search for.
+ * \param cipher_name Name of the cipher to search for.
*
* \return the cipher information structure associated with the
* given cipher_name, or NULL if not found.
@@ -215,7 +215,7 @@ int cipher_free_ctx( cipher_context_t *ctx );
* \return size of the cipher's blocks, or 0 if ctx has not been
* initialised.
*/
-static inline int cipher_get_block_size( const cipher_context_t *ctx )
+static inline unsigned int cipher_get_block_size( const cipher_context_t *ctx )
{
if( NULL == ctx || NULL == ctx->cipher_info )
return 0;
@@ -332,8 +332,8 @@ int cipher_reset( cipher_context_t *ctx, const unsigned char *iv );
*
* \returns 0 on success, 1 if parameter verification fails.
*/
-int cipher_update( cipher_context_t *ctx, const unsigned char *input, int ilen,
- unsigned char *output, int *olen );
+int cipher_update( cipher_context_t *ctx, const unsigned char *input, size_t ilen,
+ unsigned char *output, size_t *olen );
/**
* \brief Generic cipher finalisation function. If data still
@@ -347,7 +347,7 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input, int ilen,
*
* \returns 0 on success, 1 if parameter verification fails.
*/
-int cipher_finish( cipher_context_t *ctx, unsigned char *output, int *olen);
+int cipher_finish( cipher_context_t *ctx, unsigned char *output, size_t *olen);
/**
diff --git a/include/polarssl/debug.h b/include/polarssl/debug.h
index c6f74061e..e84f4b8c6 100644
--- a/include/polarssl/debug.h
+++ b/include/polarssl/debug.h
@@ -72,7 +72,7 @@ void debug_print_ret( const ssl_context *ssl, int level,
void debug_print_buf( const ssl_context *ssl, int level,
const char *file, int line, const char *text,
- unsigned char *buf, int len );
+ unsigned char *buf, size_t len );
void debug_print_mpi( const ssl_context *ssl, int level,
const char *file, int line,
diff --git a/include/polarssl/des.h b/include/polarssl/des.h
index 0d3493c60..f9e8e60bf 100644
--- a/include/polarssl/des.h
+++ b/include/polarssl/des.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_DES_H
#define POLARSSL_DES_H
+#include
+
#define DES_ENCRYPT 1
#define DES_DECRYPT 0
@@ -171,7 +173,7 @@ int des_crypt_ecb( des_context *ctx,
*/
int des_crypt_cbc( des_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[8],
const unsigned char *input,
unsigned char *output );
@@ -203,7 +205,7 @@ int des3_crypt_ecb( des3_context *ctx,
*/
int des3_crypt_cbc( des3_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[8],
const unsigned char *input,
unsigned char *output );
diff --git a/include/polarssl/dhm.h b/include/polarssl/dhm.h
index 4206b8806..4a479d6ec 100644
--- a/include/polarssl/dhm.h
+++ b/include/polarssl/dhm.h
@@ -44,7 +44,7 @@
*/
typedef struct
{
- int len; /*!< size(P) in chars */
+ size_t len; /*!< size(P) in chars */
mpi P; /*!< prime modulus */
mpi G; /*!< generator */
mpi X; /*!< secret value */
@@ -89,7 +89,7 @@ int dhm_read_params( dhm_context *ctx,
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/
int dhm_make_params( dhm_context *ctx, int x_size,
- unsigned char *output, int *olen,
+ unsigned char *output, size_t *olen,
int (*f_rng)(void *), void *p_rng );
/**
@@ -102,7 +102,7 @@ int dhm_make_params( dhm_context *ctx, int x_size,
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/
int dhm_read_public( dhm_context *ctx,
- const unsigned char *input, int ilen );
+ const unsigned char *input, size_t ilen );
/**
* \brief Create own private value X and export G^X
@@ -117,7 +117,7 @@ int dhm_read_public( dhm_context *ctx,
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/
int dhm_make_public( dhm_context *ctx, int x_size,
- unsigned char *output, int olen,
+ unsigned char *output, size_t olen,
int (*f_rng)(void *), void *p_rng );
/**
@@ -130,7 +130,7 @@ int dhm_make_public( dhm_context *ctx, int x_size,
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/
int dhm_calc_secret( dhm_context *ctx,
- unsigned char *output, int *olen );
+ unsigned char *output, size_t *olen );
/*
* \brief Free the components of a DHM key
diff --git a/include/polarssl/md.h b/include/polarssl/md.h
index 4d4b835de..9bda3ee57 100644
--- a/include/polarssl/md.h
+++ b/include/polarssl/md.h
@@ -30,6 +30,8 @@
#ifndef POLARSSL_MD_H
#define POLARSSL_MD_H
+#include
+
#ifdef _MSC_VER
#define inline _inline
#endif
@@ -66,23 +68,23 @@ typedef struct {
void (*starts_func)( void *ctx );
/** Digest update function */
- void (*update_func)( void *ctx, const unsigned char *input, int ilen );
+ void (*update_func)( void *ctx, const unsigned char *input, size_t ilen );
/** Digest finalisation function */
void (*finish_func)( void *ctx, unsigned char *output );
/** Generic digest function */
- void (*digest_func)( const unsigned char *input, int ilen,
+ void (*digest_func)( const unsigned char *input, size_t ilen,
unsigned char *output );
/** Generic file digest function */
int (*file_func)( const char *path, unsigned char *output );
/** HMAC Initialisation function */
- void (*hmac_starts_func)( void *ctx, const unsigned char *key, int keylen );
+ void (*hmac_starts_func)( void *ctx, const unsigned char *key, size_t keylen );
/** HMAC update function */
- void (*hmac_update_func)( void *ctx, const unsigned char *input, int ilen );
+ void (*hmac_update_func)( void *ctx, const unsigned char *input, size_t ilen );
/** HMAC finalisation function */
void (*hmac_finish_func)( void *ctx, unsigned char *output);
@@ -91,8 +93,8 @@ typedef struct {
void (*hmac_reset_func)( void *ctx );
/** Generic HMAC function */
- void (*hmac_func)( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+ void (*hmac_func)( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char *output );
/** Allocate a new context */
@@ -135,7 +137,7 @@ const int *md_list( void );
* \brief Returns the message digest information associated with the
* given digest name.
*
- * \param md_name Name of the digest to search for.
+ * \param md_name Name of the digest to search for.
*
* \return The message digest information associated with md_name or
* NULL if not found.
@@ -184,7 +186,7 @@ int md_free_ctx( md_context_t *ctx );
*
* \return size of the message digest output.
*/
-static inline unsigned char md_get_size ( const md_info_t *md_info)
+static inline unsigned char md_get_size( const md_info_t *md_info )
{
return md_info->size;
}
@@ -196,7 +198,7 @@ static inline unsigned char md_get_size ( const md_info_t *md_info)
*
* \return type of the message digest output.
*/
-static inline md_type_t md_get_type ( const md_info_t *md_info )
+static inline md_type_t md_get_type( const md_info_t *md_info )
{
return md_info->type;
}
@@ -208,7 +210,7 @@ static inline md_type_t md_get_type ( const md_info_t *md_info )
*
* \return name of the message digest output.
*/
-static inline const char *md_get_name ( const md_info_t *md_info )
+static inline const char *md_get_name( const md_info_t *md_info )
{
return md_info->name;
}
@@ -231,7 +233,7 @@ int md_starts( md_context_t *ctx );
*
* \returns 0 on success, 1 if parameter verification fails.
*/
-int md_update( md_context_t *ctx, const unsigned char *input, int ilen );
+int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen );
/**
* \brief Generic message digest final digest
@@ -253,7 +255,7 @@ int md_finish( md_context_t *ctx, unsigned char *output );
*
* \returns 0 on success, 1 if parameter verification fails.
*/
-int md( const md_info_t *md_info, const unsigned char *input, int ilen,
+int md( const md_info_t *md_info, const unsigned char *input, size_t ilen,
unsigned char *output );
/**
@@ -277,7 +279,7 @@ int md_file( const md_info_t *md_info, const char *path, unsigned char *output )
*
* \returns 0 on success, 1 if parameter verification fails.
*/
-int md_hmac_starts( md_context_t *ctx, const unsigned char *key, int keylen );
+int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen );
/**
* \brief Generic HMAC process buffer
@@ -288,7 +290,7 @@ int md_hmac_starts( md_context_t *ctx, const unsigned char *key, int keylen );
*
* \returns 0 on success, 1 if parameter verification fails.
*/
-int md_hmac_update( md_context_t *ctx, const unsigned char *input, int ilen );
+int md_hmac_update( md_context_t *ctx, const unsigned char *input, size_t ilen );
/**
* \brief Generic HMAC final digest
@@ -321,8 +323,8 @@ int md_hmac_reset( md_context_t *ctx );
*
* \returns 0 on success, 1 if parameter verification fails.
*/
-int md_hmac( const md_info_t *md_info, const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char *output );
#ifdef __cplusplus
diff --git a/include/polarssl/md2.h b/include/polarssl/md2.h
index bcda2e3ab..9a497f193 100644
--- a/include/polarssl/md2.h
+++ b/include/polarssl/md2.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_MD2_H
#define POLARSSL_MD2_H
+#include
+
/**
* \brief MD2 context structure
*/
@@ -38,7 +40,7 @@ typedef struct
unsigned char ipad[64]; /*!< HMAC: inner padding */
unsigned char opad[64]; /*!< HMAC: outer padding */
- int left; /*!< amount of data in buffer */
+ size_t left; /*!< amount of data in buffer */
}
md2_context;
@@ -60,7 +62,7 @@ void md2_starts( md2_context *ctx );
* \param input buffer holding the data
* \param ilen length of the input data
*/
-void md2_update( md2_context *ctx, const unsigned char *input, int ilen );
+void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief MD2 final digest
@@ -77,7 +79,7 @@ void md2_finish( md2_context *ctx, unsigned char output[16] );
* \param ilen length of the input data
* \param output MD2 checksum result
*/
-void md2( const unsigned char *input, int ilen, unsigned char output[16] );
+void md2( const unsigned char *input, size_t ilen, unsigned char output[16] );
/**
* \brief Output = MD2( file contents )
@@ -97,7 +99,7 @@ int md2_file( const char *path, unsigned char output[16] );
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
-void md2_hmac_starts( md2_context *ctx, const unsigned char *key, int keylen );
+void md2_hmac_starts( md2_context *ctx, const unsigned char *key, size_t keylen );
/**
* \brief MD2 HMAC process buffer
@@ -106,7 +108,7 @@ void md2_hmac_starts( md2_context *ctx, const unsigned char *key, int keylen );
* \param input buffer holding the data
* \param ilen length of the input data
*/
-void md2_hmac_update( md2_context *ctx, const unsigned char *input, int ilen );
+void md2_hmac_update( md2_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief MD2 HMAC final digest
@@ -132,8 +134,8 @@ void md2_hmac_reset( md2_context *ctx );
* \param ilen length of the input data
* \param output HMAC-MD2 result
*/
-void md2_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void md2_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[16] );
/**
diff --git a/include/polarssl/md4.h b/include/polarssl/md4.h
index c3c5d7efb..5a796ae32 100644
--- a/include/polarssl/md4.h
+++ b/include/polarssl/md4.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_MD4_H
#define POLARSSL_MD4_H
+#include
+
/**
* \brief MD4 context structure
*/
@@ -59,7 +61,7 @@ void md4_starts( md4_context *ctx );
* \param input buffer holding the data
* \param ilen length of the input data
*/
-void md4_update( md4_context *ctx, const unsigned char *input, int ilen );
+void md4_update( md4_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief MD4 final digest
@@ -76,7 +78,7 @@ void md4_finish( md4_context *ctx, unsigned char output[16] );
* \param ilen length of the input data
* \param output MD4 checksum result
*/
-void md4( const unsigned char *input, int ilen, unsigned char output[16] );
+void md4( const unsigned char *input, size_t ilen, unsigned char output[16] );
/**
* \brief Output = MD4( file contents )
@@ -96,7 +98,7 @@ int md4_file( const char *path, unsigned char output[16] );
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
-void md4_hmac_starts( md4_context *ctx, const unsigned char *key, int keylen );
+void md4_hmac_starts( md4_context *ctx, const unsigned char *key, size_t keylen );
/**
* \brief MD4 HMAC process buffer
@@ -105,7 +107,7 @@ void md4_hmac_starts( md4_context *ctx, const unsigned char *key, int keylen );
* \param input buffer holding the data
* \param ilen length of the input data
*/
-void md4_hmac_update( md4_context *ctx, const unsigned char *input, int ilen );
+void md4_hmac_update( md4_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief MD4 HMAC final digest
@@ -131,8 +133,8 @@ void md4_hmac_reset( md4_context *ctx );
* \param ilen length of the input data
* \param output HMAC-MD4 result
*/
-void md4_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void md4_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[16] );
/**
diff --git a/include/polarssl/md5.h b/include/polarssl/md5.h
index e728c38ca..cf0459d06 100644
--- a/include/polarssl/md5.h
+++ b/include/polarssl/md5.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_MD5_H
#define POLARSSL_MD5_H
+#include
+
/**
* \brief MD5 context structure
*/
@@ -59,7 +61,7 @@ void md5_starts( md5_context *ctx );
* \param input buffer holding the data
* \param ilen length of the input data
*/
-void md5_update( md5_context *ctx, const unsigned char *input, int ilen );
+void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief MD5 final digest
@@ -76,7 +78,7 @@ void md5_finish( md5_context *ctx, unsigned char output[16] );
* \param ilen length of the input data
* \param output MD5 checksum result
*/
-void md5( const unsigned char *input, int ilen, unsigned char output[16] );
+void md5( const unsigned char *input, size_t ilen, unsigned char output[16] );
/**
* \brief Output = MD5( file contents )
@@ -97,7 +99,7 @@ int md5_file( const char *path, unsigned char output[16] );
* \param keylen length of the HMAC key
*/
void md5_hmac_starts( md5_context *ctx,
- const unsigned char *key, int keylen );
+ const unsigned char *key, size_t keylen );
/**
* \brief MD5 HMAC process buffer
@@ -107,7 +109,7 @@ void md5_hmac_starts( md5_context *ctx,
* \param ilen length of the input data
*/
void md5_hmac_update( md5_context *ctx,
- const unsigned char *input, int ilen );
+ const unsigned char *input, size_t ilen );
/**
* \brief MD5 HMAC final digest
@@ -133,8 +135,8 @@ void md5_hmac_reset( md5_context *ctx );
* \param ilen length of the input data
* \param output HMAC-MD5 result
*/
-void md5_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void md5_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[16] );
/**
diff --git a/include/polarssl/net.h b/include/polarssl/net.h
index 188432e9a..3fa2161b4 100644
--- a/include/polarssl/net.h
+++ b/include/polarssl/net.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_NET_H
#define POLARSSL_NET_H
+#include
+
#define POLARSSL_ERR_NET_UNKNOWN_HOST -0x0F00
#define POLARSSL_ERR_NET_SOCKET_FAILED -0x0F10
#define POLARSSL_ERR_NET_CONNECT_FAILED -0x0F20
@@ -124,7 +126,7 @@ void net_usleep( unsigned long usec );
* or a non-zero error code; POLARSSL_ERR_NET_TRY_AGAIN
* indicates read() is blocking.
*/
-int net_recv( void *ctx, unsigned char *buf, int len );
+int net_recv( void *ctx, unsigned char *buf, size_t len );
/**
* \brief Write at most 'len' characters. If no error occurs,
@@ -138,7 +140,7 @@ int net_recv( void *ctx, unsigned char *buf, int len );
* or a non-zero error code; POLARSSL_ERR_NET_TRY_AGAIN
* indicates write() is blocking.
*/
-int net_send( void *ctx, unsigned char *buf, int len );
+int net_send( void *ctx, unsigned char *buf, size_t len );
/**
* \brief Gracefully shutdown the connection
diff --git a/include/polarssl/padlock.h b/include/polarssl/padlock.h
index 99ecfee1a..722c9b223 100644
--- a/include/polarssl/padlock.h
+++ b/include/polarssl/padlock.h
@@ -86,7 +86,7 @@ int padlock_xcryptecb( aes_context *ctx,
*/
int padlock_xcryptcbc( aes_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output );
diff --git a/include/polarssl/pem.h b/include/polarssl/pem.h
index dfb2f1ed2..509ed11a9 100644
--- a/include/polarssl/pem.h
+++ b/include/polarssl/pem.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_PEM_H
#define POLARSSL_PEM_H
+#include
+
/**
* \name PEM Error codes
* These error codes are returned in case of errors reading the
@@ -49,7 +51,7 @@
typedef struct
{
unsigned char *buf; /*!< buffer for decoded data */
- int buflen; /*!< length of the buffer */
+ size_t buflen; /*!< length of the buffer */
unsigned char *info; /*!< buffer for extra header information */
}
pem_context;
@@ -82,7 +84,7 @@ void pem_init( pem_context *ctx );
int pem_read_buffer( pem_context *ctx, char *header, char *footer,
const unsigned char *data,
const unsigned char *pwd,
- int pwdlen, int *use_len );
+ size_t pwdlen, size_t *use_len );
/**
* \brief PEM context memory freeing
diff --git a/include/polarssl/pkcs11.h b/include/polarssl/pkcs11.h
index 5087e1951..8e2a8ceed 100644
--- a/include/polarssl/pkcs11.h
+++ b/include/polarssl/pkcs11.h
@@ -94,7 +94,7 @@ void pkcs11_priv_key_free( pkcs11_context *priv_key );
* an error is thrown.
*/
int pkcs11_decrypt( pkcs11_context *ctx,
- int mode, int *olen,
+ int mode, size_t *olen,
const unsigned char *input,
unsigned char *output,
unsigned int output_max_len );
@@ -118,7 +118,7 @@ int pkcs11_decrypt( pkcs11_context *ctx,
int pkcs11_sign( pkcs11_context *ctx,
int mode,
int hash_id,
- int hashlen,
+ unsigned int hashlen,
const unsigned char *hash,
unsigned char *sig );
diff --git a/include/polarssl/rsa.h b/include/polarssl/rsa.h
index 509e24d55..cb2420a7a 100644
--- a/include/polarssl/rsa.h
+++ b/include/polarssl/rsa.h
@@ -49,11 +49,11 @@
#define SIG_RSA_MD2 2
#define SIG_RSA_MD4 3
#define SIG_RSA_MD5 4
-#define SIG_RSA_SHA1 5
-#define SIG_RSA_SHA224 14
-#define SIG_RSA_SHA256 11
-#define SIG_RSA_SHA384 12
-#define SIG_RSA_SHA512 13
+#define SIG_RSA_SHA1 5
+#define SIG_RSA_SHA224 14
+#define SIG_RSA_SHA256 11
+#define SIG_RSA_SHA384 12
+#define SIG_RSA_SHA512 13
#define RSA_PUBLIC 0
#define RSA_PRIVATE 1
@@ -64,28 +64,28 @@
#define RSA_SIGN 1
#define RSA_CRYPT 2
-#define ASN1_STR_CONSTRUCTED_SEQUENCE "\x30"
-#define ASN1_STR_NULL "\x05"
-#define ASN1_STR_OID "\x06"
-#define ASN1_STR_OCTET_STRING "\x04"
+#define ASN1_STR_CONSTRUCTED_SEQUENCE "\x30"
+#define ASN1_STR_NULL "\x05"
+#define ASN1_STR_OID "\x06"
+#define ASN1_STR_OCTET_STRING "\x04"
-#define OID_DIGEST_ALG_MDX "\x2A\x86\x48\x86\xF7\x0D\x02\x00"
-#define OID_HASH_ALG_SHA1 "\x2b\x0e\x03\x02\x1a"
-#define OID_HASH_ALG_SHA2X "\x60\x86\x48\x01\x65\x03\x04\x02\x00"
+#define OID_DIGEST_ALG_MDX "\x2A\x86\x48\x86\xF7\x0D\x02\x00"
+#define OID_HASH_ALG_SHA1 "\x2b\x0e\x03\x02\x1a"
+#define OID_HASH_ALG_SHA2X "\x60\x86\x48\x01\x65\x03\x04\x02\x00"
-#define OID_ISO_MEMBER_BODIES "\x2a"
-#define OID_ISO_IDENTIFIED_ORG "\x2b"
+#define OID_ISO_MEMBER_BODIES "\x2a"
+#define OID_ISO_IDENTIFIED_ORG "\x2b"
/*
* ISO Member bodies OID parts
*/
-#define OID_COUNTRY_US "\x86\x48"
-#define OID_RSA_DATA_SECURITY "\x86\xf7\x0d"
+#define OID_COUNTRY_US "\x86\x48"
+#define OID_RSA_DATA_SECURITY "\x86\xf7\x0d"
/*
* ISO Identified organization OID parts
*/
-#define OID_OIW_SECSIG_SHA1 "\x0e\x03\x02\x1a"
+#define OID_OIW_SECSIG_SHA1 "\x0e\x03\x02\x1a"
/*
* DigestInfo ::= SEQUENCE {
@@ -96,30 +96,30 @@
*
* Digest ::= OCTET STRING
*/
-#define ASN1_HASH_MDX \
-( \
- ASN1_STR_CONSTRUCTED_SEQUENCE "\x20" \
- ASN1_STR_CONSTRUCTED_SEQUENCE "\x0C" \
- ASN1_STR_OID "\x08" \
- OID_DIGEST_ALG_MDX \
- ASN1_STR_NULL "\x00" \
- ASN1_STR_OCTET_STRING "\x10" \
+#define ASN1_HASH_MDX \
+( \
+ ASN1_STR_CONSTRUCTED_SEQUENCE "\x20" \
+ ASN1_STR_CONSTRUCTED_SEQUENCE "\x0C" \
+ ASN1_STR_OID "\x08" \
+ OID_DIGEST_ALG_MDX \
+ ASN1_STR_NULL "\x00" \
+ ASN1_STR_OCTET_STRING "\x10" \
)
-#define ASN1_HASH_SHA1 \
- ASN1_STR_CONSTRUCTED_SEQUENCE "\x21" \
- ASN1_STR_CONSTRUCTED_SEQUENCE "\x09" \
- ASN1_STR_OID "\x05" \
- OID_HASH_ALG_SHA1 \
- ASN1_STR_NULL "\x00" \
+#define ASN1_HASH_SHA1 \
+ ASN1_STR_CONSTRUCTED_SEQUENCE "\x21" \
+ ASN1_STR_CONSTRUCTED_SEQUENCE "\x09" \
+ ASN1_STR_OID "\x05" \
+ OID_HASH_ALG_SHA1 \
+ ASN1_STR_NULL "\x00" \
ASN1_STR_OCTET_STRING "\x14"
-#define ASN1_HASH_SHA2X \
- ASN1_STR_CONSTRUCTED_SEQUENCE "\x11" \
- ASN1_STR_CONSTRUCTED_SEQUENCE "\x0d" \
- ASN1_STR_OID "\x09" \
- OID_HASH_ALG_SHA2X \
- ASN1_STR_NULL "\x00" \
+#define ASN1_HASH_SHA2X \
+ ASN1_STR_CONSTRUCTED_SEQUENCE "\x11" \
+ ASN1_STR_CONSTRUCTED_SEQUENCE "\x0d" \
+ ASN1_STR_OID "\x09" \
+ OID_HASH_ALG_SHA2X \
+ ASN1_STR_NULL "\x00" \
ASN1_STR_OCTET_STRING "\x00"
/**
@@ -128,7 +128,7 @@
typedef struct
{
int ver; /*!< always 0 */
- int len; /*!< size(N) in chars */
+ size_t len; /*!< size(N) in chars */
mpi N; /*!< public modulus */
mpi E; /*!< public exponent */
@@ -188,7 +188,7 @@ void rsa_init( rsa_context *ctx,
int rsa_gen_key( rsa_context *ctx,
int (*f_rng)(void *),
void *p_rng,
- int nbits, int exponent );
+ unsigned int nbits, int exponent );
/**
* \brief Check a public RSA key
@@ -263,7 +263,7 @@ int rsa_private( rsa_context *ctx,
int rsa_pkcs1_encrypt( rsa_context *ctx,
int (*f_rng)(void *),
void *p_rng,
- int mode, int ilen,
+ int mode, size_t ilen,
const unsigned char *input,
unsigned char *output );
@@ -275,7 +275,7 @@ int rsa_pkcs1_encrypt( rsa_context *ctx,
* \param input buffer holding the encrypted data
* \param output buffer that will hold the plaintext
* \param olen will contain the plaintext length
- * \param output_max_len maximum length of the output buffer
+ * \param output_max_len maximum length of the output buffer
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*
@@ -284,10 +284,10 @@ int rsa_pkcs1_encrypt( rsa_context *ctx,
* an error is thrown.
*/
int rsa_pkcs1_decrypt( rsa_context *ctx,
- int mode, int *olen,
+ int mode, size_t *olen,
const unsigned char *input,
unsigned char *output,
- int output_max_len );
+ size_t output_max_len );
/**
* \brief Do a private RSA to sign a message digest
@@ -318,7 +318,7 @@ int rsa_pkcs1_sign( rsa_context *ctx,
void *p_rng,
int mode,
int hash_id,
- int hashlen,
+ unsigned int hashlen,
const unsigned char *hash,
unsigned char *sig );
@@ -347,7 +347,7 @@ int rsa_pkcs1_sign( rsa_context *ctx,
int rsa_pkcs1_verify( rsa_context *ctx,
int mode,
int hash_id,
- int hashlen,
+ unsigned int hashlen,
const unsigned char *hash,
unsigned char *sig );
diff --git a/include/polarssl/sha1.h b/include/polarssl/sha1.h
index 1d5cc258d..76b369a5d 100644
--- a/include/polarssl/sha1.h
+++ b/include/polarssl/sha1.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_SHA1_H
#define POLARSSL_SHA1_H
+#include
+
/**
* \brief SHA-1 context structure
*/
@@ -59,7 +61,7 @@ void sha1_starts( sha1_context *ctx );
* \param input buffer holding the data
* \param ilen length of the input data
*/
-void sha1_update( sha1_context *ctx, const unsigned char *input, int ilen );
+void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief SHA-1 final digest
@@ -76,7 +78,7 @@ void sha1_finish( sha1_context *ctx, unsigned char output[20] );
* \param ilen length of the input data
* \param output SHA-1 checksum result
*/
-void sha1( const unsigned char *input, int ilen, unsigned char output[20] );
+void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] );
/**
* \brief Output = SHA-1( file contents )
@@ -96,7 +98,7 @@ int sha1_file( const char *path, unsigned char output[20] );
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
-void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, int keylen );
+void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, size_t keylen );
/**
* \brief SHA-1 HMAC process buffer
@@ -105,7 +107,7 @@ void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, int keylen )
* \param input buffer holding the data
* \param ilen length of the input data
*/
-void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, int ilen );
+void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief SHA-1 HMAC final digest
@@ -131,8 +133,8 @@ void sha1_hmac_reset( sha1_context *ctx );
* \param ilen length of the input data
* \param output HMAC-SHA-1 result
*/
-void sha1_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void sha1_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[20] );
/**
diff --git a/include/polarssl/sha2.h b/include/polarssl/sha2.h
index 5e2d907dc..c963ca1e1 100644
--- a/include/polarssl/sha2.h
+++ b/include/polarssl/sha2.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_SHA2_H
#define POLARSSL_SHA2_H
+#include
+
/**
* \brief SHA-256 context structure
*/
@@ -61,7 +63,7 @@ void sha2_starts( sha2_context *ctx, int is224 );
* \param input buffer holding the data
* \param ilen length of the input data
*/
-void sha2_update( sha2_context *ctx, const unsigned char *input, int ilen );
+void sha2_update( sha2_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief SHA-256 final digest
@@ -79,7 +81,7 @@ void sha2_finish( sha2_context *ctx, unsigned char output[32] );
* \param output SHA-224/256 checksum result
* \param is224 0 = use SHA256, 1 = use SHA224
*/
-void sha2( const unsigned char *input, int ilen,
+void sha2( const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 );
/**
@@ -102,7 +104,7 @@ int sha2_file( const char *path, unsigned char output[32], int is224 );
* \param keylen length of the HMAC key
* \param is224 0 = use SHA256, 1 = use SHA224
*/
-void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, int keylen,
+void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, size_t keylen,
int is224 );
/**
@@ -112,7 +114,7 @@ void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, int keylen,
* \param input buffer holding the data
* \param ilen length of the input data
*/
-void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, int ilen );
+void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief SHA-256 HMAC final digest
@@ -139,8 +141,8 @@ void sha2_hmac_reset( sha2_context *ctx );
* \param output HMAC-SHA-224/256 result
* \param is224 0 = use SHA256, 1 = use SHA224
*/
-void sha2_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void sha2_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 );
/**
diff --git a/include/polarssl/sha4.h b/include/polarssl/sha4.h
index 5f980b98e..81a69cdcc 100644
--- a/include/polarssl/sha4.h
+++ b/include/polarssl/sha4.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_SHA4_H
#define POLARSSL_SHA4_H
+#include
+
#if defined(_MSC_VER) || defined(__WATCOMC__)
#define UL64(x) x##ui64
#define int64 __int64
@@ -69,7 +71,7 @@ void sha4_starts( sha4_context *ctx, int is384 );
* \param input buffer holding the data
* \param ilen length of the input data
*/
-void sha4_update( sha4_context *ctx, const unsigned char *input, int ilen );
+void sha4_update( sha4_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief SHA-512 final digest
@@ -87,7 +89,7 @@ void sha4_finish( sha4_context *ctx, unsigned char output[64] );
* \param output SHA-384/512 checksum result
* \param is384 0 = use SHA512, 1 = use SHA384
*/
-void sha4( const unsigned char *input, int ilen,
+void sha4( const unsigned char *input, size_t ilen,
unsigned char output[64], int is384 );
/**
@@ -110,7 +112,7 @@ int sha4_file( const char *path, unsigned char output[64], int is384 );
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
-void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, int keylen,
+void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, size_t keylen,
int is384 );
/**
@@ -120,7 +122,7 @@ void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, int keylen,
* \param input buffer holding the data
* \param ilen length of the input data
*/
-void sha4_hmac_update( sha4_context *ctx, const unsigned char *input, int ilen );
+void sha4_hmac_update( sha4_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief SHA-512 HMAC final digest
@@ -147,8 +149,8 @@ void sha4_hmac_reset( sha4_context *ctx );
* \param output HMAC-SHA-384/512 result
* \param is384 0 = use SHA512, 1 = use SHA384
*/
-void sha4_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void sha4_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[64], int is384 );
/**
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index 772bb556e..15b595ff1 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -204,7 +204,7 @@ struct _ssl_session
{
time_t start; /*!< starting time */
int ciphersuite; /*!< chosen ciphersuite */
- int length; /*!< session id length */
+ size_t length; /*!< session id length */
unsigned char id[32]; /*!< session identifier */
unsigned char master[48]; /*!< the master secret */
ssl_session *next; /*!< next session entry */
@@ -228,8 +228,8 @@ struct _ssl_context
*/
int (*f_rng)(void *);
void (*f_dbg)(void *, int, const char *);
- int (*f_recv)(void *, unsigned char *, int);
- int (*f_send)(void *, unsigned char *, int);
+ int (*f_recv)(void *, unsigned char *, size_t);
+ int (*f_send)(void *, unsigned char *, size_t);
int (*f_vrfy)(void *, x509_cert *, int, int);
void *p_rng; /*!< context for the RNG function */
@@ -256,10 +256,10 @@ struct _ssl_context
unsigned char *in_offt; /*!< read offset in application data */
int in_msgtype; /*!< record header: message type */
- int in_msglen; /*!< record header: message length */
- int in_left; /*!< amount of data read so far */
+ size_t in_msglen; /*!< record header: message length */
+ size_t in_left; /*!< amount of data read so far */
- int in_hslen; /*!< current handshake message length */
+ size_t in_hslen; /*!< current handshake message length */
int nb_zero; /*!< # of 0-length encrypted messages */
/*
@@ -270,8 +270,8 @@ struct _ssl_context
unsigned char *out_msg; /*!< the message contents (out_hdr+5) */
int out_msgtype; /*!< record header: message type */
- int out_msglen; /*!< record header: message length */
- int out_left; /*!< amount of data not yet written */
+ size_t out_msglen; /*!< record header: message length */
+ size_t out_left; /*!< amount of data not yet written */
/*
* PKI layer
@@ -300,11 +300,11 @@ struct _ssl_context
int do_crypt; /*!< en(de)cryption flag */
int *ciphersuites; /*!< allowed ciphersuites */
- int pmslen; /*!< premaster length */
- int keylen; /*!< symmetric key length */
- int minlen; /*!< min. ciphertext length */
- int ivlen; /*!< IV length */
- int maclen; /*!< MAC length */
+ size_t pmslen; /*!< premaster length */
+ unsigned int keylen; /*!< symmetric key length */
+ size_t minlen; /*!< min. ciphertext length */
+ size_t ivlen; /*!< IV length */
+ size_t maclen; /*!< MAC length */
unsigned char randbytes[64]; /*!< random bytes */
unsigned char premaster[256]; /*!< premaster secret */
@@ -322,7 +322,7 @@ struct _ssl_context
* TLS extensions
*/
unsigned char *hostname;
- unsigned long hostname_len;
+ size_t hostname_len;
};
#ifdef __cplusplus
@@ -447,8 +447,8 @@ void ssl_set_dbg( ssl_context *ssl,
* \param p_send write parameter
*/
void ssl_set_bio( ssl_context *ssl,
- int (*f_recv)(void *, unsigned char *, int), void *p_recv,
- int (*f_send)(void *, unsigned char *, int), void *p_send );
+ int (*f_recv)(void *, unsigned char *, size_t), void *p_recv,
+ int (*f_send)(void *, unsigned char *, size_t), void *p_send );
/**
* \brief Set the session callbacks (server-side only)
@@ -556,7 +556,7 @@ int ssl_set_hostname( ssl_context *ssl, const char *hostname );
*
* \return how many bytes are available in the read buffer
*/
-int ssl_get_bytes_avail( const ssl_context *ssl );
+size_t ssl_get_bytes_avail( const ssl_context *ssl );
/**
* \brief Return the result of the certificate verification
@@ -609,7 +609,7 @@ int ssl_handshake( ssl_context *ssl );
* \return This function returns the number of bytes read,
* or a negative error code.
*/
-int ssl_read( ssl_context *ssl, unsigned char *buf, int len );
+int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len );
/**
* \brief Write exactly 'len' application data bytes
@@ -625,7 +625,7 @@ int ssl_read( ssl_context *ssl, unsigned char *buf, int len );
* it must be called later with the *same* arguments,
* until it returns a positive value.
*/
-int ssl_write( ssl_context *ssl, const unsigned char *buf, int len );
+int ssl_write( ssl_context *ssl, const unsigned char *buf, size_t len );
/**
* \brief Notify the peer that the connection is being closed
@@ -651,7 +651,7 @@ int ssl_derive_keys( ssl_context *ssl );
void ssl_calc_verify( ssl_context *ssl, unsigned char hash[36] );
int ssl_read_record( ssl_context *ssl );
-int ssl_fetch_input( ssl_context *ssl, int nb_want );
+int ssl_fetch_input( ssl_context *ssl, size_t nb_want );
int ssl_write_record( ssl_context *ssl );
int ssl_flush_output( ssl_context *ssl );
diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h
index e6d0c34f5..731c1863c 100644
--- a/include/polarssl/x509.h
+++ b/include/polarssl/x509.h
@@ -284,7 +284,7 @@
typedef struct _x509_buf
{
int tag; /**< ASN1 type, e.g. ASN1_UTF8_STRING. */
- int len; /**< ASN1 length, e.g. in octets. */
+ size_t len; /**< ASN1 length, e.g. in octets. */
unsigned char *p; /**< ASN1 data, e.g. in ASCII. */
}
x509_buf;
@@ -294,7 +294,7 @@ x509_buf;
*/
typedef struct _x509_bitstring
{
- int len; /**< ASN1 length, e.g. in octets. */
+ size_t len; /**< ASN1 length, e.g. in octets. */
unsigned char unused_bits; /**< Number of unused bits at the end of the string */
unsigned char *p; /**< Raw ASN1 data for the bit string */
}
@@ -483,7 +483,7 @@ extern "C" {
*
* \return 0 if successful, or a specific X509 or PEM error code
*/
-int x509parse_crt( x509_cert *chain, const unsigned char *buf, int buflen );
+int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen );
/** \ingroup x509_module */
/**
@@ -508,7 +508,7 @@ int x509parse_crtfile( x509_cert *chain, const char *path );
*
* \return 0 if successful, or a specific X509 or PEM error code
*/
-int x509parse_crl( x509_crl *chain, const unsigned char *buf, int buflen );
+int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen );
/** \ingroup x509_module */
/**
@@ -535,8 +535,8 @@ int x509parse_crlfile( x509_crl *chain, const char *path );
* \return 0 if successful, or a specific X509 or PEM error code
*/
int x509parse_key( rsa_context *rsa,
- const unsigned char *key, int keylen,
- const unsigned char *pwd, int pwdlen );
+ const unsigned char *key, size_t keylen,
+ const unsigned char *pwd, size_t pwdlen );
/** \ingroup x509_module */
/**
@@ -562,7 +562,7 @@ int x509parse_keyfile( rsa_context *rsa, const char *path,
* \return 0 if successful, or a specific X509 or PEM error code
*/
int x509parse_public_key( rsa_context *rsa,
- const unsigned char *key, int keylen );
+ const unsigned char *key, size_t keylen );
/** \ingroup x509_module */
/**
@@ -585,7 +585,7 @@ int x509parse_public_keyfile( rsa_context *rsa, const char *path );
*
* \return 0 if successful, or a specific X509 or PEM error code
*/
-int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, int dhminlen );
+int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen );
/** \ingroup x509_module */
/**
diff --git a/include/polarssl/xtea.h b/include/polarssl/xtea.h
index feb1237cc..8f41d5d4d 100644
--- a/include/polarssl/xtea.h
+++ b/include/polarssl/xtea.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_XTEA_H
#define POLARSSL_XTEA_H
+#include
+
#ifdef _MSC_VER
#include
typedef UINT32 uint32_t;
@@ -71,9 +73,9 @@ void xtea_setup( xtea_context *ctx, unsigned char key[16] );
* \return 0 if successful
*/
int xtea_crypt_ecb( xtea_context *ctx,
- int mode,
- unsigned char input[8],
- unsigned char output[8] );
+ int mode,
+ unsigned char input[8],
+ unsigned char output[8] );
/**
* \brief XTEA CBC cipher function
@@ -90,7 +92,7 @@ int xtea_crypt_ecb( xtea_context *ctx,
*/
int xtea_crypt_cbc( xtea_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[8],
unsigned char *input,
unsigned char *output);
diff --git a/library/aes.c b/library/aes.c
index 7e768e0f4..ce418d679 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -36,8 +36,6 @@
#include "polarssl/aes.h"
#include "polarssl/padlock.h"
-#include
-
/*
* 32-bit integer manipulation macros (little endian)
*/
@@ -441,9 +439,9 @@ static void aes_gen_tables( void )
/*
* AES key schedule (encryption)
*/
-int aes_setkey_enc( aes_context *ctx, const unsigned char *key, int keysize )
+int aes_setkey_enc( aes_context *ctx, const unsigned char *key, unsigned int keysize )
{
- int i;
+ unsigned int i;
unsigned long *RK;
#if !defined(POLARSSL_AES_ROM_TABLES)
@@ -546,7 +544,7 @@ int aes_setkey_enc( aes_context *ctx, const unsigned char *key, int keysize )
/*
* AES key schedule (decryption)
*/
-int aes_setkey_dec( aes_context *ctx, const unsigned char *key, int keysize )
+int aes_setkey_dec( aes_context *ctx, const unsigned char *key, unsigned int keysize )
{
int i, j;
aes_context cty;
@@ -758,7 +756,7 @@ int aes_crypt_ecb( aes_context *ctx,
*/
int aes_crypt_cbc( aes_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output )
@@ -823,7 +821,7 @@ int aes_crypt_cbc( aes_context *ctx,
*/
int aes_crypt_cfb128( aes_context *ctx,
int mode,
- int length,
+ size_t length,
int *iv_off,
unsigned char iv[16],
const unsigned char *input,
diff --git a/library/arc4.c b/library/arc4.c
index c7725bec0..07665ad62 100644
--- a/library/arc4.c
+++ b/library/arc4.c
@@ -37,9 +37,10 @@
/*
* ARC4 key schedule
*/
-void arc4_setup( arc4_context *ctx, const unsigned char *key, int keylen )
+void arc4_setup( arc4_context *ctx, const unsigned char *key, unsigned int keylen )
{
- int i, j, k, a;
+ int i, j, a;
+ unsigned int k;
unsigned char *m;
ctx->x = 0;
@@ -65,10 +66,11 @@ void arc4_setup( arc4_context *ctx, const unsigned char *key, int keylen )
/*
* ARC4 cipher function
*/
-int arc4_crypt( arc4_context *ctx, int length, const unsigned char *input,
+int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input,
unsigned char *output )
{
- int i, x, y, a, b;
+ int x, y, a, b;
+ size_t i;
unsigned char *m;
x = ctx->x;
diff --git a/library/base64.c b/library/base64.c
index 8d49a81a7..8601c9419 100644
--- a/library/base64.c
+++ b/library/base64.c
@@ -60,10 +60,10 @@ static const unsigned char base64_dec_map[128] =
/*
* Encode a buffer into base64 format
*/
-int base64_encode( unsigned char *dst, int *dlen,
- const unsigned char *src, int slen )
+int base64_encode( unsigned char *dst, size_t *dlen,
+ const unsigned char *src, size_t slen )
{
- int i, n;
+ size_t i, n;
int C1, C2, C3;
unsigned char *p;
@@ -123,10 +123,10 @@ int base64_encode( unsigned char *dst, int *dlen,
/*
* Decode a base64-formatted buffer
*/
-int base64_decode( unsigned char *dst, int *dlen,
- const unsigned char *src, int slen )
+int base64_decode( unsigned char *dst, size_t *dlen,
+ const unsigned char *src, size_t slen )
{
- int i, j, n;
+ size_t i, j, n;
unsigned long x;
unsigned char *p;
@@ -210,7 +210,7 @@ static const unsigned char base64_test_enc[] =
*/
int base64_self_test( int verbose )
{
- int len;
+ size_t len;
unsigned char *src, buffer[128];
if( verbose != 0 )
diff --git a/library/bignum.c b/library/bignum.c
index 8ae3921db..3d8b383d9 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -37,7 +37,6 @@
#include "polarssl/bignum.h"
#include "polarssl/bn_mul.h"
-#include
#include
#include
@@ -102,7 +101,7 @@ void mpi_free( mpi *X, ... )
/*
* Enlarge to the specified number of limbs
*/
-int mpi_grow( mpi *X, int nblimbs )
+int mpi_grow( mpi *X, size_t nblimbs )
{
t_int *p;
@@ -132,7 +131,8 @@ int mpi_grow( mpi *X, int nblimbs )
*/
int mpi_copy( mpi *X, const mpi *Y )
{
- int ret, i;
+ int ret;
+ size_t i;
if( X == Y )
return( 0 );
@@ -169,7 +169,7 @@ void mpi_swap( mpi *X, mpi *Y )
/*
* Set value from integer
*/
-int mpi_lset( mpi *X, int z )
+int mpi_lset( mpi *X, t_s_int z )
{
int ret;
@@ -187,9 +187,9 @@ cleanup:
/*
* Return the number of least significant bits
*/
-int mpi_lsb( const mpi *X )
+size_t mpi_lsb( const mpi *X )
{
- int i, j, count = 0;
+ size_t i, j, count = 0;
for( i = 0; i < X->n; i++ )
for( j = 0; j < (int) biL; j++, count++ )
@@ -202,25 +202,25 @@ int mpi_lsb( const mpi *X )
/*
* Return the number of most significant bits
*/
-int mpi_msb( const mpi *X )
+size_t mpi_msb( const mpi *X )
{
- int i, j;
+ size_t i, j;
for( i = X->n - 1; i > 0; i-- )
if( X->p[i] != 0 )
break;
- for( j = biL - 1; j >= 0; j-- )
- if( ( ( X->p[i] >> j ) & 1 ) != 0 )
+ for( j = biL; j > 0; j-- )
+ if( ( ( X->p[i] >> ( j - 1 ) ) & 1 ) != 0 )
break;
- return( ( i * biL ) + j + 1 );
+ return( ( i * biL ) + j );
}
/*
* Return the total size in bytes
*/
-int mpi_size( const mpi *X )
+size_t mpi_size( const mpi *X )
{
return( ( mpi_msb( X ) + 7 ) >> 3 );
}
@@ -247,7 +247,8 @@ static int mpi_get_digit( t_int *d, int radix, char c )
*/
int mpi_read_string( mpi *X, int radix, const char *s )
{
- int ret, i, j, n, slen;
+ int ret;
+ size_t i, j, slen, n;
t_int d;
mpi T;
@@ -265,15 +266,15 @@ int mpi_read_string( mpi *X, int radix, const char *s )
MPI_CHK( mpi_grow( X, n ) );
MPI_CHK( mpi_lset( X, 0 ) );
- for( i = slen - 1, j = 0; i >= 0; i--, j++ )
+ for( i = slen, j = 0; i > 0; i--, j++ )
{
- if( i == 0 && s[i] == '-' )
+ if( i == 1 && s[i - 1] == '-' )
{
X->s = -1;
break;
}
- MPI_CHK( mpi_get_digit( &d, radix, s[i] ) );
+ MPI_CHK( mpi_get_digit( &d, radix, s[i - 1] ) );
X->p[j / (2 * ciL)] |= d << ( (j % (2 * ciL)) << 2 );
}
}
@@ -340,9 +341,10 @@ cleanup:
/*
* Export into an ASCII string
*/
-int mpi_write_string( const mpi *X, int radix, char *s, int *slen )
+int mpi_write_string( const mpi *X, int radix, char *s, size_t *slen )
{
- int ret = 0, n;
+ int ret = 0;
+ size_t n;
char *p;
mpi T;
@@ -368,15 +370,16 @@ int mpi_write_string( const mpi *X, int radix, char *s, int *slen )
if( radix == 16 )
{
- int c, i, j, k;
+ int c;
+ size_t i, j, k;
- for( i = X->n - 1, k = 0; i >= 0; i-- )
+ for( i = X->n, k = 0; i > 0; i-- )
{
- for( j = ciL - 1; j >= 0; j-- )
+ for( j = ciL; j > 0; j-- )
{
- c = ( X->p[i] >> (j << 3) ) & 0xFF;
+ c = ( X->p[i - 1] >> ( ( j - 1 ) << 3) ) & 0xFF;
- if( c == 0 && k == 0 && (i + j) != 0 )
+ if( c == 0 && k == 0 && ( i + j + 3 ) != 0 )
continue;
p += sprintf( p, "%02X", c );
@@ -410,7 +413,7 @@ cleanup:
int mpi_read_file( mpi *X, int radix, FILE *fin )
{
t_int d;
- int slen;
+ size_t slen;
char *p;
char s[1024];
@@ -435,16 +438,15 @@ int mpi_read_file( mpi *X, int radix, FILE *fin )
*/
int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout )
{
- int n, ret;
- size_t slen;
- size_t plen;
+ int ret;
+ size_t n, slen, plen;
char s[2048];
n = sizeof( s );
memset( s, 0, n );
n -= 2;
- MPI_CHK( mpi_write_string( X, radix, s, (int *) &n ) );
+ MPI_CHK( mpi_write_string( X, radix, s, (size_t *) &n ) );
if( p == NULL ) p = "";
@@ -470,9 +472,10 @@ cleanup:
/*
* Import X from unsigned binary data, big endian
*/
-int mpi_read_binary( mpi *X, const unsigned char *buf, int buflen )
+int mpi_read_binary( mpi *X, const unsigned char *buf, size_t buflen )
{
- int ret, i, j, n;
+ int ret;
+ size_t i, j, n;
for( n = 0; n < buflen; n++ )
if( buf[n] != 0 )
@@ -481,8 +484,8 @@ int mpi_read_binary( mpi *X, const unsigned char *buf, int buflen )
MPI_CHK( mpi_grow( X, CHARS_TO_LIMBS( buflen - n ) ) );
MPI_CHK( mpi_lset( X, 0 ) );
- for( i = buflen - 1, j = 0; i >= n; i--, j++ )
- X->p[j / ciL] |= ((t_int) buf[i]) << ((j % ciL) << 3);
+ for( i = buflen, j = 0; i > n; i--, j++ )
+ X->p[j / ciL] |= ((t_int) buf[i - 1]) << ((j % ciL) << 3);
cleanup:
@@ -492,9 +495,9 @@ cleanup:
/*
* Export X into unsigned binary data, big endian
*/
-int mpi_write_binary( const mpi *X, unsigned char *buf, int buflen )
+int mpi_write_binary( const mpi *X, unsigned char *buf, size_t buflen )
{
- int i, j, n;
+ size_t i, j, n;
n = mpi_size( X );
@@ -512,9 +515,10 @@ int mpi_write_binary( const mpi *X, unsigned char *buf, int buflen )
/*
* Left-shift: X <<= count
*/
-int mpi_shift_l( mpi *X, int count )
+int mpi_shift_l( mpi *X, size_t count )
{
- int ret, i, v0, t1;
+ int ret;
+ size_t i, v0, t1;
t_int r0 = 0, r1;
v0 = count / (biL );
@@ -532,11 +536,11 @@ int mpi_shift_l( mpi *X, int count )
*/
if( v0 > 0 )
{
- for( i = X->n - 1; i >= v0; i-- )
- X->p[i] = X->p[i - v0];
+ for( i = X->n; i > v0; i-- )
+ X->p[i - 1] = X->p[i - v0 - 1];
- for( ; i >= 0; i-- )
- X->p[i] = 0;
+ for( ; i > 0; i-- )
+ X->p[i - 1] = 0;
}
/*
@@ -561,9 +565,9 @@ cleanup:
/*
* Right-shift: X >>= count
*/
-int mpi_shift_r( mpi *X, int count )
+int mpi_shift_r( mpi *X, size_t count )
{
- int i, v0, v1;
+ size_t i, v0, v1;
t_int r0 = 0, r1;
v0 = count / biL;
@@ -586,11 +590,11 @@ int mpi_shift_r( mpi *X, int count )
*/
if( v1 > 0 )
{
- for( i = X->n - 1; i >= 0; i-- )
+ for( i = X->n; i > 0; i-- )
{
- r1 = X->p[i] << (biL - v1);
- X->p[i] >>= v1;
- X->p[i] |= r0;
+ r1 = X->p[i - 1] << (biL - v1);
+ X->p[i - 1] >>= v1;
+ X->p[i - 1] |= r0;
r0 = r1;
}
}
@@ -603,26 +607,26 @@ int mpi_shift_r( mpi *X, int count )
*/
int mpi_cmp_abs( const mpi *X, const mpi *Y )
{
- int i, j;
+ size_t i, j;
- for( i = X->n - 1; i >= 0; i-- )
- if( X->p[i] != 0 )
+ for( i = X->n; i > 0; i-- )
+ if( X->p[i - 1] != 0 )
break;
- for( j = Y->n - 1; j >= 0; j-- )
- if( Y->p[j] != 0 )
+ for( j = Y->n; j > 0; j-- )
+ if( Y->p[j - 1] != 0 )
break;
- if( i < 0 && j < 0 )
+ if( i == 0 && j == 0 )
return( 0 );
if( i > j ) return( 1 );
if( j > i ) return( -1 );
- for( ; i >= 0; i-- )
+ for( ; i > 0; i-- )
{
- if( X->p[i] > Y->p[i] ) return( 1 );
- if( X->p[i] < Y->p[i] ) return( -1 );
+ if( X->p[i - 1] > Y->p[i - 1] ) return( 1 );
+ if( X->p[i - 1] < Y->p[i - 1] ) return( -1 );
}
return( 0 );
@@ -633,17 +637,17 @@ int mpi_cmp_abs( const mpi *X, const mpi *Y )
*/
int mpi_cmp_mpi( const mpi *X, const mpi *Y )
{
- int i, j;
+ size_t i, j;
- for( i = X->n - 1; i >= 0; i-- )
- if( X->p[i] != 0 )
+ for( i = X->n; i > 0; i-- )
+ if( X->p[i - 1] != 0 )
break;
- for( j = Y->n - 1; j >= 0; j-- )
- if( Y->p[j] != 0 )
+ for( j = Y->n; j > 0; j-- )
+ if( Y->p[j - 1] != 0 )
break;
- if( i < 0 && j < 0 )
+ if( i == 0 && j == 0 )
return( 0 );
if( i > j ) return( X->s );
@@ -652,10 +656,10 @@ int mpi_cmp_mpi( const mpi *X, const mpi *Y )
if( X->s > 0 && Y->s < 0 ) return( 1 );
if( Y->s > 0 && X->s < 0 ) return( -1 );
- for( ; i >= 0; i-- )
+ for( ; i > 0; i-- )
{
- if( X->p[i] > Y->p[i] ) return( X->s );
- if( X->p[i] < Y->p[i] ) return( -X->s );
+ if( X->p[i - 1] > Y->p[i - 1] ) return( X->s );
+ if( X->p[i - 1] < Y->p[i - 1] ) return( -X->s );
}
return( 0 );
@@ -664,7 +668,7 @@ int mpi_cmp_mpi( const mpi *X, const mpi *Y )
/*
* Compare signed values
*/
-int mpi_cmp_int( const mpi *X, int z )
+int mpi_cmp_int( const mpi *X, t_s_int z )
{
mpi Y;
t_int p[1];
@@ -682,7 +686,8 @@ int mpi_cmp_int( const mpi *X, int z )
*/
int mpi_add_abs( mpi *X, const mpi *A, const mpi *B )
{
- int ret, i, j;
+ int ret;
+ size_t i, j;
t_int *o, *p, c;
if( X == B )
@@ -698,15 +703,15 @@ int mpi_add_abs( mpi *X, const mpi *A, const mpi *B )
*/
X->s = 1;
- for( j = B->n - 1; j >= 0; j-- )
- if( B->p[j] != 0 )
+ for( j = B->n; j > 0; j-- )
+ if( B->p[j - 1] != 0 )
break;
- MPI_CHK( mpi_grow( X, j + 1 ) );
+ MPI_CHK( mpi_grow( X, j ) );
o = B->p; p = X->p; c = 0;
- for( i = 0; i <= j; i++, o++, p++ )
+ for( i = 0; i < j; i++, o++, p++ )
{
*p += c; c = ( *p < c );
*p += *o; c += ( *p < *o );
@@ -731,9 +736,9 @@ cleanup:
/*
* Helper for mpi substraction
*/
-static void mpi_sub_hlp( int n, t_int *s, t_int *d )
+static void mpi_sub_hlp( size_t n, t_int *s, t_int *d )
{
- int i;
+ size_t i;
t_int c, z;
for( i = c = 0; i < n; i++, s++, d++ )
@@ -755,7 +760,8 @@ static void mpi_sub_hlp( int n, t_int *s, t_int *d )
int mpi_sub_abs( mpi *X, const mpi *A, const mpi *B )
{
mpi TB;
- int ret, n;
+ int ret;
+ size_t n;
if( mpi_cmp_abs( A, B ) < 0 )
return( POLARSSL_ERR_MPI_NEGATIVE_VALUE );
@@ -778,11 +784,11 @@ int mpi_sub_abs( mpi *X, const mpi *A, const mpi *B )
ret = 0;
- for( n = B->n - 1; n >= 0; n-- )
- if( B->p[n] != 0 )
+ for( n = B->n; n > 0; n-- )
+ if( B->p[n - 1] != 0 )
break;
- mpi_sub_hlp( n + 1, B->p, X->p );
+ mpi_sub_hlp( n, B->p, X->p );
cleanup:
@@ -856,7 +862,7 @@ cleanup:
/*
* Signed addition: X = A + b
*/
-int mpi_add_int( mpi *X, const mpi *A, int b )
+int mpi_add_int( mpi *X, const mpi *A, t_s_int b )
{
mpi _B;
t_int p[1];
@@ -872,7 +878,7 @@ int mpi_add_int( mpi *X, const mpi *A, int b )
/*
* Signed substraction: X = A - b
*/
-int mpi_sub_int( mpi *X, const mpi *A, int b )
+int mpi_sub_int( mpi *X, const mpi *A, t_s_int b )
{
mpi _B;
t_int p[1];
@@ -888,7 +894,7 @@ int mpi_sub_int( mpi *X, const mpi *A, int b )
/*
* Helper for mpi multiplication
*/
-static void mpi_mul_hlp( int i, t_int *s, t_int *d, t_int b )
+static void mpi_mul_hlp( size_t i, t_int *s, t_int *d, t_int b )
{
t_int c = 0, t = 0;
@@ -954,7 +960,8 @@ static void mpi_mul_hlp( int i, t_int *s, t_int *d, t_int b )
*/
int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B )
{
- int ret, i, j;
+ int ret;
+ size_t i, j;
mpi TA, TB;
mpi_init( &TA, &TB, NULL );
@@ -962,19 +969,19 @@ int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B )
if( X == A ) { MPI_CHK( mpi_copy( &TA, A ) ); A = &TA; }
if( X == B ) { MPI_CHK( mpi_copy( &TB, B ) ); B = &TB; }
- for( i = A->n - 1; i >= 0; i-- )
- if( A->p[i] != 0 )
+ for( i = A->n; i > 0; i-- )
+ if( A->p[i - 1] != 0 )
break;
- for( j = B->n - 1; j >= 0; j-- )
- if( B->p[j] != 0 )
+ for( j = B->n; j > 0; j-- )
+ if( B->p[j - 1] != 0 )
break;
- MPI_CHK( mpi_grow( X, i + j + 2 ) );
+ MPI_CHK( mpi_grow( X, i + j ) );
MPI_CHK( mpi_lset( X, 0 ) );
- for( i++; j >= 0; j-- )
- mpi_mul_hlp( i, A->p, X->p + j, B->p[j] );
+ for( i++; j > 0; j-- )
+ mpi_mul_hlp( i - 1, A->p, X->p + j - 1, B->p[j - 1] );
X->s = A->s * B->s;
@@ -988,7 +995,7 @@ cleanup:
/*
* Baseline multiplication: X = A * b
*/
-int mpi_mul_int( mpi *X, const mpi *A, t_int b )
+int mpi_mul_int( mpi *X, const mpi *A, t_s_int b )
{
mpi _B;
t_int p[1];
@@ -1006,7 +1013,8 @@ int mpi_mul_int( mpi *X, const mpi *A, t_int b )
*/
int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B )
{
- int ret, i, n, t, k;
+ int ret;
+ size_t i, n, t, k;
mpi X, Y, Z, T1, T2;
if( mpi_cmp_int( B, 0 ) == 0 )
@@ -1169,7 +1177,7 @@ cleanup:
* 1 if memory allocation failed
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0
*/
-int mpi_div_int( mpi *Q, mpi *R, const mpi *A, int b )
+int mpi_div_int( mpi *Q, mpi *R, const mpi *A, t_s_int b )
{
mpi _B;
t_int p[1];
@@ -1208,9 +1216,9 @@ cleanup:
/*
* Modulo: r = A mod b
*/
-int mpi_mod_int( t_int *r, const mpi *A, int b )
+int mpi_mod_int( t_int *r, const mpi *A, t_s_int b )
{
- int i;
+ size_t i;
t_int x, y, z;
if( b == 0 )
@@ -1237,9 +1245,9 @@ int mpi_mod_int( t_int *r, const mpi *A, int b )
/*
* general case
*/
- for( i = A->n - 1, y = 0; i >= 0; i-- )
+ for( i = A->n, y = 0; i > 0; i-- )
{
- x = A->p[i];
+ x = A->p[i - 1];
y = ( y << biH ) | ( x >> biH );
z = y / b;
y -= z * b;
@@ -1285,7 +1293,7 @@ static void mpi_montg_init( t_int *mm, const mpi *N )
*/
static void mpi_montmul( mpi *A, const mpi *B, const mpi *N, t_int mm, const mpi *T )
{
- int i, n, m;
+ size_t i, n, m;
t_int u0, u1, *d;
memset( T->p, 0, T->n * ciL );
@@ -1336,8 +1344,10 @@ static void mpi_montred( mpi *A, const mpi *N, t_int mm, const mpi *T )
*/
int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR )
{
- int ret, i, j, wsize, wbits;
- int bufsize, nblimbs, nbits;
+ int ret;
+ size_t wbits, wsize, one = 1;
+ size_t i, j, nblimbs;
+ size_t bufsize, nbits;
t_int ei, mm, state;
mpi RR, T, W[64];
@@ -1396,7 +1406,7 @@ int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR )
/*
* W[1 << (wsize - 1)] = W[1] ^ (wsize - 1)
*/
- j = 1 << (wsize - 1);
+ j = one << (wsize - 1);
MPI_CHK( mpi_grow( &W[j], N->n + 1 ) );
MPI_CHK( mpi_copy( &W[j], &W[1] ) );
@@ -1407,7 +1417,7 @@ int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR )
/*
* W[i] = W[i - 1] * W[1]
*/
- for( i = j + 1; i < (1 << wsize); i++ )
+ for( i = j + 1; i < (one << wsize); i++ )
{
MPI_CHK( mpi_grow( &W[i], N->n + 1 ) );
MPI_CHK( mpi_copy( &W[i], &W[i - 1] ) );
@@ -1487,7 +1497,7 @@ int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR )
wbits <<= 1;
- if( (wbits & (1 << wsize)) != 0 )
+ if( (wbits & (one << wsize)) != 0 )
mpi_montmul( X, &W[1], N, mm, &T );
}
@@ -1498,7 +1508,7 @@ int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR )
cleanup:
- for( i = (1 << (wsize - 1)); i < (1 << wsize); i++ )
+ for( i = (one << (wsize - 1)); i < (one << wsize); i++ )
mpi_free( &W[i], NULL );
if( _RR != NULL )
@@ -1513,7 +1523,8 @@ cleanup:
*/
int mpi_gcd( mpi *G, const mpi *A, const mpi *B )
{
- int ret, lz, lzt;
+ int ret;
+ size_t lz, lzt;
mpi TG, TA, TB;
mpi_init( &TG, &TA, &TB, NULL );
@@ -1559,9 +1570,10 @@ cleanup:
return( ret );
}
-int mpi_fill_random( mpi *X, int size, int (*f_rng)(void *), void *p_rng )
+int mpi_fill_random( mpi *X, size_t size, int (*f_rng)(void *), void *p_rng )
{
- int ret, k;
+ int ret;
+ size_t k;
unsigned char *p;
MPI_CHK( mpi_grow( X, size ) );
@@ -1700,7 +1712,8 @@ static const int small_prime[] =
*/
int mpi_is_prime( mpi *X, int (*f_rng)(void *), void *p_rng )
{
- int ret, i, j, n, s, xs;
+ int ret, xs;
+ size_t i, j, n, s;
mpi W, R, T, A, RR;
if( mpi_cmp_int( X, 0 ) == 0 ||
@@ -1811,10 +1824,11 @@ cleanup:
/*
* Prime number generation
*/
-int mpi_gen_prime( mpi *X, int nbits, int dh_flag,
+int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag,
int (*f_rng)(void *), void *p_rng )
{
- int ret, k, n;
+ int ret;
+ size_t k, n;
mpi Y;
if( nbits < 3 )
@@ -1878,7 +1892,7 @@ cleanup:
#if defined(POLARSSL_SELF_TEST)
-#define GCD_PAIR_COUNT 3
+#define GCD_PAIR_COUNT 3
static const int gcd_pairs[GCD_PAIR_COUNT][3] =
{
@@ -2012,17 +2026,17 @@ int mpi_self_test( int verbose )
for ( i = 0; i < GCD_PAIR_COUNT; i++)
{
MPI_CHK( mpi_lset( &X, gcd_pairs[i][0] ) );
- MPI_CHK( mpi_lset( &Y, gcd_pairs[i][1] ) );
+ MPI_CHK( mpi_lset( &Y, gcd_pairs[i][1] ) );
- MPI_CHK( mpi_gcd( &A, &X, &Y ) );
+ MPI_CHK( mpi_gcd( &A, &X, &Y ) );
- if( mpi_cmp_int( &A, gcd_pairs[i][2] ) != 0 )
- {
- if( verbose != 0 )
- printf( "failed at %d\n", i );
+ if( mpi_cmp_int( &A, gcd_pairs[i][2] ) != 0 )
+ {
+ if( verbose != 0 )
+ printf( "failed at %d\n", i );
- return( 1 );
- }
+ return( 1 );
+ }
}
if( verbose != 0 )
diff --git a/library/camellia.c b/library/camellia.c
index 6624d175a..d725c1930 100644
--- a/library/camellia.c
+++ b/library/camellia.c
@@ -35,8 +35,6 @@
#include "polarssl/camellia.h"
-#include
-
/*
* 32-bit integer manipulation macros (big endian)
*/
@@ -309,9 +307,10 @@ static void camellia_feistel(const uint32_t x[2], const uint32_t k[2], uint32_t
/*
* Camellia key schedule (encryption)
*/
-int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, int keysize )
+int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, unsigned int keysize )
{
- int i, idx;
+ int idx;
+ size_t i;
uint32_t *RK;
unsigned char t[64];
uint32_t SIGMA[6][2];
@@ -412,9 +411,10 @@ int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, int ke
/*
* Camellia key schedule (decryption)
*/
-int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, int keysize )
+int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, unsigned int keysize )
{
- int i, idx;
+ int idx;
+ size_t i;
camellia_context cty;
uint32_t *RK;
uint32_t *SK;
@@ -526,7 +526,7 @@ int camellia_crypt_ecb( camellia_context *ctx,
*/
int camellia_crypt_cbc( camellia_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output )
@@ -579,7 +579,7 @@ int camellia_crypt_cbc( camellia_context *ctx,
*/
int camellia_crypt_cfb128( camellia_context *ctx,
int mode,
- int length,
+ size_t length,
int *iv_off,
unsigned char iv[16],
const unsigned char *input,
diff --git a/library/cipher.c b/library/cipher.c
index ee3cd45ac..56ac7c44f 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -34,7 +34,6 @@
#include "polarssl/cipher.h"
#include "polarssl/cipher_wrap.h"
-#include
#include
#if defined _MSC_VER && !defined strcasecmp
@@ -196,10 +195,10 @@ int cipher_reset( cipher_context_t *ctx, const unsigned char *iv )
return 0;
}
-int cipher_update( cipher_context_t *ctx, const unsigned char *input, int ilen,
- unsigned char *output, int *olen )
+int cipher_update( cipher_context_t *ctx, const unsigned char *input, size_t ilen,
+ unsigned char *output, size_t *olen )
{
- int copy_len = 0;
+ size_t copy_len = 0;
if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen ||
input == output )
@@ -286,18 +285,18 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input, int ilen,
return 1;
}
-static void add_pkcs_padding( unsigned char *output, unsigned char output_len,
- int data_len )
+static void add_pkcs_padding( unsigned char *output, size_t output_len,
+ size_t data_len )
{
- unsigned char padding_len = output_len - data_len;
+ size_t padding_len = output_len - data_len;
unsigned char i = 0;
for( i = 0; i < padding_len; i++ )
- output[data_len + i] = padding_len;
+ output[data_len + i] = (unsigned char) padding_len;
}
static int get_pkcs_padding( unsigned char *input, unsigned char input_len,
- int *data_len)
+ size_t *data_len)
{
int i = 0;
unsigned char padding_len = 0;
@@ -319,7 +318,7 @@ static int get_pkcs_padding( unsigned char *input, unsigned char input_len,
return 0;
}
-int cipher_finish( cipher_context_t *ctx, unsigned char *output, int *olen)
+int cipher_finish( cipher_context_t *ctx, unsigned char *output, size_t *olen)
{
if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen )
return 1;
diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c
index bfcfcb598..f1abf299a 100644
--- a/library/cipher_wrap.c
+++ b/library/cipher_wrap.c
@@ -36,23 +36,22 @@
#include "polarssl/camellia.h"
#include "polarssl/des.h"
-#include
#include
#if defined(POLARSSL_AES_C)
-int aes_crypt_cbc_wrap( void *ctx, operation_t operation, int length,
+int aes_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length,
unsigned char *iv, const unsigned char *input, unsigned char *output )
{
return aes_crypt_cbc( (aes_context *) ctx, operation, length, iv, input, output );
}
-int aes_setkey_dec_wrap( void *ctx, const unsigned char *key, int key_length )
+int aes_setkey_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length )
{
return aes_setkey_dec( (aes_context *) ctx, key, key_length );
}
-int aes_setkey_enc_wrap( void *ctx, const unsigned char *key, int key_length )
+int aes_setkey_enc_wrap( void *ctx, const unsigned char *key, unsigned int key_length )
{
return aes_setkey_enc( (aes_context *) ctx, key, key_length );
}
@@ -68,65 +67,65 @@ static void aes_ctx_free( void *ctx )
}
const cipher_info_t aes_128_cbc_info = {
- POLARSSL_CIPHER_AES_128_CBC,
- POLARSSL_CIPHER_ID_AES,
- POLARSSL_MODE_CBC,
- 128,
- "AES-128-CBC",
- 16,
- 16,
- aes_crypt_cbc_wrap,
- aes_setkey_enc_wrap,
- aes_setkey_dec_wrap,
- aes_ctx_alloc,
- aes_ctx_free
+ POLARSSL_CIPHER_AES_128_CBC,
+ POLARSSL_CIPHER_ID_AES,
+ POLARSSL_MODE_CBC,
+ 128,
+ "AES-128-CBC",
+ 16,
+ 16,
+ aes_crypt_cbc_wrap,
+ aes_setkey_enc_wrap,
+ aes_setkey_dec_wrap,
+ aes_ctx_alloc,
+ aes_ctx_free
};
const cipher_info_t aes_192_cbc_info = {
- POLARSSL_CIPHER_AES_192_CBC,
- POLARSSL_CIPHER_ID_AES,
- POLARSSL_MODE_CBC,
- 192,
- "AES-192-CBC",
- 16,
- 16,
- aes_crypt_cbc_wrap,
- aes_setkey_enc_wrap,
- aes_setkey_dec_wrap,
- aes_ctx_alloc,
- aes_ctx_free
+ POLARSSL_CIPHER_AES_192_CBC,
+ POLARSSL_CIPHER_ID_AES,
+ POLARSSL_MODE_CBC,
+ 192,
+ "AES-192-CBC",
+ 16,
+ 16,
+ aes_crypt_cbc_wrap,
+ aes_setkey_enc_wrap,
+ aes_setkey_dec_wrap,
+ aes_ctx_alloc,
+ aes_ctx_free
};
const cipher_info_t aes_256_cbc_info = {
- POLARSSL_CIPHER_AES_256_CBC,
- POLARSSL_CIPHER_ID_AES,
- POLARSSL_MODE_CBC,
- 256,
- "AES-256-CBC",
- 16,
- 16,
- aes_crypt_cbc_wrap,
- aes_setkey_enc_wrap,
- aes_setkey_dec_wrap,
- aes_ctx_alloc,
- aes_ctx_free
+ POLARSSL_CIPHER_AES_256_CBC,
+ POLARSSL_CIPHER_ID_AES,
+ POLARSSL_MODE_CBC,
+ 256,
+ "AES-256-CBC",
+ 16,
+ 16,
+ aes_crypt_cbc_wrap,
+ aes_setkey_enc_wrap,
+ aes_setkey_dec_wrap,
+ aes_ctx_alloc,
+ aes_ctx_free
};
#endif
#if defined(POLARSSL_CAMELLIA_C)
-int camellia_crypt_cbc_wrap( void *ctx, operation_t operation, int length,
+int camellia_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length,
unsigned char *iv, const unsigned char *input, unsigned char *output )
{
return camellia_crypt_cbc( (camellia_context *) ctx, operation, length, iv, input, output );
}
-int camellia_setkey_dec_wrap( void *ctx, const unsigned char *key, int key_length )
+int camellia_setkey_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length )
{
return camellia_setkey_dec( (camellia_context *) ctx, key, key_length );
}
-int camellia_setkey_enc_wrap( void *ctx, const unsigned char *key, int key_length )
+int camellia_setkey_enc_wrap( void *ctx, const unsigned char *key, unsigned int key_length )
{
return camellia_setkey_enc( (camellia_context *) ctx, key, key_length );
}
@@ -142,101 +141,101 @@ static void camellia_ctx_free( void *ctx )
}
const cipher_info_t camellia_128_cbc_info = {
- POLARSSL_CIPHER_CAMELLIA_128_CBC,
- POLARSSL_CIPHER_ID_CAMELLIA,
- POLARSSL_MODE_CBC,
- 128,
- "CAMELLIA-128-CBC",
- 16,
- 16,
- camellia_crypt_cbc_wrap,
- camellia_setkey_enc_wrap,
- camellia_setkey_dec_wrap,
- camellia_ctx_alloc,
- camellia_ctx_free
+ POLARSSL_CIPHER_CAMELLIA_128_CBC,
+ POLARSSL_CIPHER_ID_CAMELLIA,
+ POLARSSL_MODE_CBC,
+ 128,
+ "CAMELLIA-128-CBC",
+ 16,
+ 16,
+ camellia_crypt_cbc_wrap,
+ camellia_setkey_enc_wrap,
+ camellia_setkey_dec_wrap,
+ camellia_ctx_alloc,
+ camellia_ctx_free
};
const cipher_info_t camellia_192_cbc_info = {
- POLARSSL_CIPHER_CAMELLIA_192_CBC,
- POLARSSL_CIPHER_ID_CAMELLIA,
- POLARSSL_MODE_CBC,
- 192,
- "CAMELLIA-192-CBC",
- 16,
- 16,
- camellia_crypt_cbc_wrap,
- camellia_setkey_enc_wrap,
- camellia_setkey_dec_wrap,
- camellia_ctx_alloc,
- camellia_ctx_free
+ POLARSSL_CIPHER_CAMELLIA_192_CBC,
+ POLARSSL_CIPHER_ID_CAMELLIA,
+ POLARSSL_MODE_CBC,
+ 192,
+ "CAMELLIA-192-CBC",
+ 16,
+ 16,
+ camellia_crypt_cbc_wrap,
+ camellia_setkey_enc_wrap,
+ camellia_setkey_dec_wrap,
+ camellia_ctx_alloc,
+ camellia_ctx_free
};
const cipher_info_t camellia_256_cbc_info = {
- POLARSSL_CIPHER_CAMELLIA_256_CBC,
- POLARSSL_CIPHER_ID_CAMELLIA,
- POLARSSL_MODE_CBC,
- 256,
- "CAMELLIA-256-CBC",
- 16,
- 16,
- camellia_crypt_cbc_wrap,
- camellia_setkey_enc_wrap,
- camellia_setkey_dec_wrap,
- camellia_ctx_alloc,
- camellia_ctx_free
+ POLARSSL_CIPHER_CAMELLIA_256_CBC,
+ POLARSSL_CIPHER_ID_CAMELLIA,
+ POLARSSL_MODE_CBC,
+ 256,
+ "CAMELLIA-256-CBC",
+ 16,
+ 16,
+ camellia_crypt_cbc_wrap,
+ camellia_setkey_enc_wrap,
+ camellia_setkey_dec_wrap,
+ camellia_ctx_alloc,
+ camellia_ctx_free
};
#endif
#if defined(POLARSSL_DES_C)
-int des_crypt_cbc_wrap( void *ctx, operation_t operation, int length,
+int des_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length,
unsigned char *iv, const unsigned char *input, unsigned char *output )
{
return des_crypt_cbc( (des_context *) ctx, operation, length, iv, input, output );
}
-int des3_crypt_cbc_wrap( void *ctx, operation_t operation, int length,
+int des3_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length,
unsigned char *iv, const unsigned char *input, unsigned char *output )
{
return des3_crypt_cbc( (des3_context *) ctx, operation, length, iv, input, output );
}
-int des_setkey_dec_wrap( void *ctx, const unsigned char *key, int key_length )
+int des_setkey_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length )
{
((void) key_length);
return des_setkey_dec( (des_context *) ctx, key );
}
-int des_setkey_enc_wrap( void *ctx, const unsigned char *key, int key_length )
+int des_setkey_enc_wrap( void *ctx, const unsigned char *key, unsigned int key_length )
{
((void) key_length);
return des_setkey_enc( (des_context *) ctx, key );
}
-int des3_set2key_dec_wrap( void *ctx, const unsigned char *key, int key_length )
+int des3_set2key_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length )
{
((void) key_length);
return des3_set2key_dec( (des3_context *) ctx, key );
}
-int des3_set2key_enc_wrap( void *ctx, const unsigned char *key, int key_length )
+int des3_set2key_enc_wrap( void *ctx, const unsigned char *key, unsigned int key_length )
{
((void) key_length);
return des3_set2key_enc( (des3_context *) ctx, key );
}
-int des3_set3key_dec_wrap( void *ctx, const unsigned char *key, int key_length )
+int des3_set3key_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length )
{
((void) key_length);
return des3_set3key_dec( (des3_context *) ctx, key );
}
-int des3_set3key_enc_wrap( void *ctx, const unsigned char *key, int key_length )
+int des3_set3key_enc_wrap( void *ctx, const unsigned char *key, unsigned int key_length )
{
((void) key_length);
@@ -259,48 +258,48 @@ static void des_ctx_free( void *ctx )
}
const cipher_info_t des_cbc_info = {
- POLARSSL_CIPHER_DES_CBC,
- POLARSSL_CIPHER_ID_DES,
- POLARSSL_MODE_CBC,
- POLARSSL_KEY_LENGTH_DES,
- "DES-CBC",
- 8,
- 8,
- des_crypt_cbc_wrap,
- des_setkey_enc_wrap,
- des_setkey_dec_wrap,
- des_ctx_alloc,
- des_ctx_free
+ POLARSSL_CIPHER_DES_CBC,
+ POLARSSL_CIPHER_ID_DES,
+ POLARSSL_MODE_CBC,
+ POLARSSL_KEY_LENGTH_DES,
+ "DES-CBC",
+ 8,
+ 8,
+ des_crypt_cbc_wrap,
+ des_setkey_enc_wrap,
+ des_setkey_dec_wrap,
+ des_ctx_alloc,
+ des_ctx_free
};
const cipher_info_t des_ede_cbc_info = {
- POLARSSL_CIPHER_DES_EDE_CBC,
- POLARSSL_CIPHER_ID_DES,
- POLARSSL_MODE_CBC,
- POLARSSL_KEY_LENGTH_DES_EDE,
- "DES-EDE-CBC",
- 16,
- 16,
- des3_crypt_cbc_wrap,
- des3_set2key_enc_wrap,
- des3_set2key_dec_wrap,
- des3_ctx_alloc,
- des_ctx_free
+ POLARSSL_CIPHER_DES_EDE_CBC,
+ POLARSSL_CIPHER_ID_DES,
+ POLARSSL_MODE_CBC,
+ POLARSSL_KEY_LENGTH_DES_EDE,
+ "DES-EDE-CBC",
+ 16,
+ 16,
+ des3_crypt_cbc_wrap,
+ des3_set2key_enc_wrap,
+ des3_set2key_dec_wrap,
+ des3_ctx_alloc,
+ des_ctx_free
};
const cipher_info_t des_ede3_cbc_info = {
- POLARSSL_CIPHER_DES_EDE3_CBC,
- POLARSSL_CIPHER_ID_DES,
- POLARSSL_MODE_CBC,
- POLARSSL_KEY_LENGTH_DES_EDE3,
- "DES-EDE3-CBC",
- 8,
- 8,
- des3_crypt_cbc_wrap,
- des3_set3key_enc_wrap,
- des3_set3key_dec_wrap,
- des3_ctx_alloc,
- des_ctx_free
+ POLARSSL_CIPHER_DES_EDE3_CBC,
+ POLARSSL_CIPHER_ID_DES,
+ POLARSSL_MODE_CBC,
+ POLARSSL_KEY_LENGTH_DES_EDE3,
+ "DES-EDE3-CBC",
+ 8,
+ 8,
+ des3_crypt_cbc_wrap,
+ des3_set3key_enc_wrap,
+ des3_set3key_dec_wrap,
+ des3_ctx_alloc,
+ des_ctx_free
};
#endif
diff --git a/library/debug.c b/library/debug.c
index 6d4fd3153..1c8dbf523 100644
--- a/library/debug.c
+++ b/library/debug.c
@@ -87,12 +87,12 @@ void debug_print_ret( const ssl_context *ssl, int level,
void debug_print_buf( const ssl_context *ssl, int level,
const char *file, int line, const char *text,
- unsigned char *buf, int len )
+ unsigned char *buf, size_t len )
{
char str[512];
- int i, maxlen = sizeof( str ) - 1;
+ size_t i, maxlen = sizeof( str ) - 1;
- if( ssl->f_dbg == NULL || len < 0 )
+ if( ssl->f_dbg == NULL )
return;
snprintf( str, maxlen, "%s(%04d): dumping '%s' (%d bytes)\n",
@@ -132,7 +132,8 @@ void debug_print_mpi( const ssl_context *ssl, int level,
const char *text, const mpi *X )
{
char str[512];
- int i, j, k, n, maxlen = sizeof( str ) - 1, zeros = 1;
+ int j, k, maxlen = sizeof( str ) - 1, zeros = 1;
+ size_t i, n;
if( ssl->f_dbg == NULL || X == NULL )
return;
@@ -152,14 +153,14 @@ void debug_print_mpi( const ssl_context *ssl, int level,
str[maxlen] = '\0';
ssl->f_dbg( ssl->p_dbg, level, str );
- for( i = n, j = 0; i >= 0; i-- )
+ for( i = n + 1, j = 0; i > 0; i-- )
{
- if( zeros && X->p[i] == 0 )
+ if( zeros && X->p[i - 1] == 0 )
continue;
for( k = sizeof( t_int ) - 1; k >= 0; k-- )
{
- if( zeros && ( ( X->p[i] >> (k << 3) ) & 0xFF ) == 0 )
+ if( zeros && ( ( X->p[i - 1] >> (k << 3) ) & 0xFF ) == 0 )
continue;
else
zeros = 0;
@@ -176,7 +177,7 @@ void debug_print_mpi( const ssl_context *ssl, int level,
}
snprintf( str, maxlen, " %02x", (unsigned int)
- ( X->p[i] >> (k << 3) ) & 0xFF );
+ ( X->p[i - 1] >> (k << 3) ) & 0xFF );
str[maxlen] = '\0';
ssl->f_dbg( ssl->p_dbg, level, str );
diff --git a/library/des.c b/library/des.c
index 39ff216dc..303403082 100644
--- a/library/des.c
+++ b/library/des.c
@@ -35,8 +35,6 @@
#include "polarssl/des.h"
-#include
-
/*
* 32-bit integer manipulation macros (big endian)
*/
@@ -611,7 +609,7 @@ int des_crypt_ecb( des_context *ctx,
*/
int des_crypt_cbc( des_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[8],
const unsigned char *input,
unsigned char *output )
@@ -706,7 +704,7 @@ int des3_crypt_ecb( des3_context *ctx,
*/
int des3_crypt_cbc( des3_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[8],
const unsigned char *input,
unsigned char *output )
diff --git a/library/dhm.c b/library/dhm.c
index 4b78722d0..1a8211ee7 100644
--- a/library/dhm.c
+++ b/library/dhm.c
@@ -34,8 +34,6 @@
#include "polarssl/dhm.h"
-#include
-
/*
* helper to validate the mpi size and import it
*/
@@ -128,10 +126,11 @@ int dhm_read_params( dhm_context *ctx,
* Setup and write the ServerKeyExchange parameters
*/
int dhm_make_params( dhm_context *ctx, int x_size,
- unsigned char *output, int *olen,
+ unsigned char *output, size_t *olen,
int (*f_rng)(void *), void *p_rng )
{
- int ret, n, n1, n2, n3;
+ int ret, n;
+ size_t n1, n2, n3;
unsigned char *p;
/*
@@ -186,7 +185,7 @@ cleanup:
* Import the peer's public value G^Y
*/
int dhm_read_public( dhm_context *ctx,
- const unsigned char *input, int ilen )
+ const unsigned char *input, size_t ilen )
{
int ret;
@@ -203,7 +202,7 @@ int dhm_read_public( dhm_context *ctx,
* Create own private value X and export G^X
*/
int dhm_make_public( dhm_context *ctx, int x_size,
- unsigned char *output, int olen,
+ unsigned char *output, size_t olen,
int (*f_rng)(void *), void *p_rng )
{
int ret, n;
@@ -241,7 +240,7 @@ cleanup:
* Derive and export the shared secret (G^Y)^X mod P
*/
int dhm_calc_secret( dhm_context *ctx,
- unsigned char *output, int *olen )
+ unsigned char *output, size_t *olen )
{
int ret;
diff --git a/library/havege.c b/library/havege.c
index 499fe4f2b..11c3d289c 100644
--- a/library/havege.c
+++ b/library/havege.c
@@ -34,12 +34,12 @@
#if defined(POLARSSL_HAVEGE_C)
-#include
-#include
-
#include "polarssl/havege.h"
#include "polarssl/timing.h"
+#include
+#include
+
/* ------------------------------------------------------------------------
* On average, one iteration accesses two 8-word blocks in the havege WALK
* table, and generates 16 words in the RES array.
diff --git a/library/md.c b/library/md.c
index 62c3e45b9..dcdf7c9cb 100644
--- a/library/md.c
+++ b/library/md.c
@@ -34,7 +34,6 @@
#include "polarssl/md.h"
#include "polarssl/md_wrap.h"
-#include
#include
#if defined _MSC_VER && !defined strcasecmp
@@ -190,7 +189,7 @@ int md_starts( md_context_t *ctx )
return 0;
}
-int md_update( md_context_t *ctx, const unsigned char *input, int ilen )
+int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen )
{
if( ctx == NULL || ctx->md_info == NULL )
return 1;
@@ -210,7 +209,7 @@ int md_finish( md_context_t *ctx, unsigned char *output )
return 0;
}
-int md( const md_info_t *md_info, const unsigned char *input, int ilen,
+int md( const md_info_t *md_info, const unsigned char *input, size_t ilen,
unsigned char *output )
{
if ( md_info == NULL )
@@ -229,7 +228,7 @@ int md_file( const md_info_t *md_info, const char *path, unsigned char *output )
return md_info->file_func( path, output );
}
-int md_hmac_starts( md_context_t *ctx, const unsigned char *key, int keylen )
+int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen )
{
if( ctx == NULL || ctx->md_info == NULL )
return 1;
@@ -239,7 +238,7 @@ int md_hmac_starts( md_context_t *ctx, const unsigned char *key, int keylen )
return 0;
}
-int md_hmac_update( md_context_t *ctx, const unsigned char *input, int ilen )
+int md_hmac_update( md_context_t *ctx, const unsigned char *input, size_t ilen )
{
if( ctx == NULL || ctx->md_info == NULL )
return 1;
@@ -269,8 +268,8 @@ int md_hmac_reset( md_context_t *ctx )
return 0;
}
-int md_hmac( const md_info_t *md_info, const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char *output )
{
if( md_info == NULL )
diff --git a/library/md2.c b/library/md2.c
index 774103332..4daea580d 100644
--- a/library/md2.c
+++ b/library/md2.c
@@ -35,7 +35,6 @@
#include "polarssl/md2.h"
-#include
#include
static const unsigned char PI_SUBST[256] =
@@ -116,9 +115,9 @@ static void md2_process( md2_context *ctx )
/*
* MD2 process buffer
*/
-void md2_update( md2_context *ctx, const unsigned char *input, int ilen )
+void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen )
{
- int fill;
+ size_t fill;
while( ilen > 0 )
{
@@ -146,7 +145,7 @@ void md2_update( md2_context *ctx, const unsigned char *input, int ilen )
*/
void md2_finish( md2_context *ctx, unsigned char output[16] )
{
- int i;
+ size_t i;
unsigned char x;
x = (unsigned char)( 16 - ctx->left );
@@ -165,7 +164,7 @@ void md2_finish( md2_context *ctx, unsigned char output[16] )
/*
* output = MD2( input buffer )
*/
-void md2( const unsigned char *input, int ilen, unsigned char output[16] )
+void md2( const unsigned char *input, size_t ilen, unsigned char output[16] )
{
md2_context ctx;
@@ -211,9 +210,9 @@ int md2_file( const char *path, unsigned char output[16] )
/*
* MD2 HMAC context setup
*/
-void md2_hmac_starts( md2_context *ctx, const unsigned char *key, int keylen )
+void md2_hmac_starts( md2_context *ctx, const unsigned char *key, size_t keylen )
{
- int i;
+ size_t i;
unsigned char sum[16];
if( keylen > 64 )
@@ -241,7 +240,7 @@ void md2_hmac_starts( md2_context *ctx, const unsigned char *key, int keylen )
/*
* MD2 HMAC process buffer
*/
-void md2_hmac_update( md2_context *ctx, const unsigned char *input, int ilen )
+void md2_hmac_update( md2_context *ctx, const unsigned char *input, size_t ilen )
{
md2_update( ctx, input, ilen );
}
@@ -274,8 +273,8 @@ void md2_hmac_reset( md2_context *ctx )
/*
* output = HMAC-MD2( hmac key, input buffer )
*/
-void md2_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void md2_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[16] )
{
md2_context ctx;
diff --git a/library/md4.c b/library/md4.c
index 73cfbf87a..36948991c 100644
--- a/library/md4.c
+++ b/library/md4.c
@@ -35,7 +35,6 @@
#include "polarssl/md4.h"
-#include
#include
/*
@@ -181,9 +180,9 @@ static void md4_process( md4_context *ctx, const unsigned char data[64] )
/*
* MD4 process buffer
*/
-void md4_update( md4_context *ctx, const unsigned char *input, int ilen )
+void md4_update( md4_context *ctx, const unsigned char *input, size_t ilen )
{
- int fill;
+ size_t fill;
unsigned long left;
if( ilen <= 0 )
@@ -192,7 +191,7 @@ void md4_update( md4_context *ctx, const unsigned char *input, int ilen )
left = ctx->total[0] & 0x3F;
fill = 64 - left;
- ctx->total[0] += ilen;
+ ctx->total[0] += (unsigned long) ilen;
ctx->total[0] &= 0xFFFFFFFF;
if( ctx->total[0] < (unsigned long) ilen )
@@ -261,7 +260,7 @@ void md4_finish( md4_context *ctx, unsigned char output[16] )
/*
* output = MD4( input buffer )
*/
-void md4( const unsigned char *input, int ilen, unsigned char output[16] )
+void md4( const unsigned char *input, size_t ilen, unsigned char output[16] )
{
md4_context ctx;
@@ -307,9 +306,9 @@ int md4_file( const char *path, unsigned char output[16] )
/*
* MD4 HMAC context setup
*/
-void md4_hmac_starts( md4_context *ctx, const unsigned char *key, int keylen )
+void md4_hmac_starts( md4_context *ctx, const unsigned char *key, size_t keylen )
{
- int i;
+ size_t i;
unsigned char sum[16];
if( keylen > 64 )
@@ -337,7 +336,7 @@ void md4_hmac_starts( md4_context *ctx, const unsigned char *key, int keylen )
/*
* MD4 HMAC process buffer
*/
-void md4_hmac_update( md4_context *ctx, const unsigned char *input, int ilen )
+void md4_hmac_update( md4_context *ctx, const unsigned char *input, size_t ilen )
{
md4_update( ctx, input, ilen );
}
@@ -370,8 +369,8 @@ void md4_hmac_reset( md4_context *ctx )
/*
* output = HMAC-MD4( hmac key, input buffer )
*/
-void md4_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void md4_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[16] )
{
md4_context ctx;
diff --git a/library/md5.c b/library/md5.c
index 2984b1d22..f37999215 100644
--- a/library/md5.c
+++ b/library/md5.c
@@ -34,7 +34,6 @@
#include "polarssl/md5.h"
-#include
#include
/*
@@ -200,9 +199,9 @@ static void md5_process( md5_context *ctx, const unsigned char data[64] )
/*
* MD5 process buffer
*/
-void md5_update( md5_context *ctx, const unsigned char *input, int ilen )
+void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen )
{
- int fill;
+ size_t fill;
unsigned long left;
if( ilen <= 0 )
@@ -211,7 +210,7 @@ void md5_update( md5_context *ctx, const unsigned char *input, int ilen )
left = ctx->total[0] & 0x3F;
fill = 64 - left;
- ctx->total[0] += ilen;
+ ctx->total[0] += (unsigned long) ilen;
ctx->total[0] &= 0xFFFFFFFF;
if( ctx->total[0] < (unsigned long) ilen )
@@ -280,7 +279,7 @@ void md5_finish( md5_context *ctx, unsigned char output[16] )
/*
* output = MD5( input buffer )
*/
-void md5( const unsigned char *input, int ilen, unsigned char output[16] )
+void md5( const unsigned char *input, size_t ilen, unsigned char output[16] )
{
md5_context ctx;
@@ -326,9 +325,9 @@ int md5_file( const char *path, unsigned char output[16] )
/*
* MD5 HMAC context setup
*/
-void md5_hmac_starts( md5_context *ctx, const unsigned char *key, int keylen )
+void md5_hmac_starts( md5_context *ctx, const unsigned char *key, size_t keylen )
{
- int i;
+ size_t i;
unsigned char sum[16];
if( keylen > 64 )
@@ -356,7 +355,7 @@ void md5_hmac_starts( md5_context *ctx, const unsigned char *key, int keylen )
/*
* MD5 HMAC process buffer
*/
-void md5_hmac_update( md5_context *ctx, const unsigned char *input, int ilen )
+void md5_hmac_update( md5_context *ctx, const unsigned char *input, size_t ilen )
{
md5_update( ctx, input, ilen );
}
@@ -389,8 +388,8 @@ void md5_hmac_reset( md5_context *ctx )
/*
* output = HMAC-MD5( hmac key, input buffer )
*/
-void md5_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void md5_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[16] )
{
md5_context ctx;
diff --git a/library/md_wrap.c b/library/md_wrap.c
index 944a12a64..bb87c63b9 100644
--- a/library/md_wrap.c
+++ b/library/md_wrap.c
@@ -39,7 +39,6 @@
#include "polarssl/sha2.h"
#include "polarssl/sha4.h"
-#include
#include
#if defined(POLARSSL_MD2_C)
@@ -49,7 +48,7 @@ static void md2_starts_wrap( void *ctx )
md2_starts( (md2_context *) ctx );
}
-static void md2_update_wrap( void *ctx, const unsigned char *input, int ilen )
+static void md2_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
md2_update( (md2_context *) ctx, input, ilen );
}
@@ -59,12 +58,12 @@ static void md2_finish_wrap( void *ctx, unsigned char *output )
md2_finish( (md2_context *) ctx, output );
}
-static void md2_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen )
+static void md2_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
md2_hmac_starts( (md2_context *) ctx, key, keylen );
}
-static void md2_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen )
+static void md2_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
md2_hmac_update( (md2_context *) ctx, input, ilen );
}
@@ -90,21 +89,21 @@ static void md2_ctx_free( void *ctx )
}
const md_info_t md2_info = {
- POLARSSL_MD_MD2,
- "MD2",
- 16,
- md2_starts_wrap,
- md2_update_wrap,
- md2_finish_wrap,
- md2,
- md2_file,
- md2_hmac_starts_wrap,
- md2_hmac_update_wrap,
- md2_hmac_finish_wrap,
- md2_hmac_reset_wrap,
- md2_hmac,
- md2_ctx_alloc,
- md2_ctx_free,
+ POLARSSL_MD_MD2,
+ "MD2",
+ 16,
+ md2_starts_wrap,
+ md2_update_wrap,
+ md2_finish_wrap,
+ md2,
+ md2_file,
+ md2_hmac_starts_wrap,
+ md2_hmac_update_wrap,
+ md2_hmac_finish_wrap,
+ md2_hmac_reset_wrap,
+ md2_hmac,
+ md2_ctx_alloc,
+ md2_ctx_free,
};
#endif
@@ -116,7 +115,7 @@ void md4_starts_wrap( void *ctx )
md4_starts( (md4_context *) ctx );
}
-void md4_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void md4_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
md4_update( (md4_context *) ctx, input, ilen );
}
@@ -126,12 +125,12 @@ void md4_finish_wrap( void *ctx, unsigned char *output )
md4_finish( (md4_context *) ctx, output );
}
-void md4_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen )
+void md4_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
md4_hmac_starts( (md4_context *) ctx, key, keylen );
}
-void md4_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void md4_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
md4_hmac_update( (md4_context *) ctx, input, ilen );
}
@@ -157,21 +156,21 @@ void md4_ctx_free( void *ctx )
}
const md_info_t md4_info = {
- POLARSSL_MD_MD4,
- "MD4",
- 16,
- md4_starts_wrap,
- md4_update_wrap,
- md4_finish_wrap,
- md4,
- md4_file,
- md4_hmac_starts_wrap,
- md4_hmac_update_wrap,
- md4_hmac_finish_wrap,
- md4_hmac_reset_wrap,
- md4_hmac,
- md4_ctx_alloc,
- md4_ctx_free,
+ POLARSSL_MD_MD4,
+ "MD4",
+ 16,
+ md4_starts_wrap,
+ md4_update_wrap,
+ md4_finish_wrap,
+ md4,
+ md4_file,
+ md4_hmac_starts_wrap,
+ md4_hmac_update_wrap,
+ md4_hmac_finish_wrap,
+ md4_hmac_reset_wrap,
+ md4_hmac,
+ md4_ctx_alloc,
+ md4_ctx_free,
};
#endif
@@ -183,7 +182,7 @@ static void md5_starts_wrap( void *ctx )
md5_starts( (md5_context *) ctx );
}
-static void md5_update_wrap( void *ctx, const unsigned char *input, int ilen )
+static void md5_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
md5_update( (md5_context *) ctx, input, ilen );
}
@@ -193,12 +192,12 @@ static void md5_finish_wrap( void *ctx, unsigned char *output )
md5_finish( (md5_context *) ctx, output );
}
-static void md5_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen )
+static void md5_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
md5_hmac_starts( (md5_context *) ctx, key, keylen );
}
-static void md5_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen )
+static void md5_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
md5_hmac_update( (md5_context *) ctx, input, ilen );
}
@@ -224,21 +223,21 @@ static void md5_ctx_free( void *ctx )
}
const md_info_t md5_info = {
- POLARSSL_MD_MD5,
- "MD5",
- 16,
- md5_starts_wrap,
- md5_update_wrap,
- md5_finish_wrap,
- md5,
- md5_file,
- md5_hmac_starts_wrap,
- md5_hmac_update_wrap,
- md5_hmac_finish_wrap,
- md5_hmac_reset_wrap,
- md5_hmac,
- md5_ctx_alloc,
- md5_ctx_free,
+ POLARSSL_MD_MD5,
+ "MD5",
+ 16,
+ md5_starts_wrap,
+ md5_update_wrap,
+ md5_finish_wrap,
+ md5,
+ md5_file,
+ md5_hmac_starts_wrap,
+ md5_hmac_update_wrap,
+ md5_hmac_finish_wrap,
+ md5_hmac_reset_wrap,
+ md5_hmac,
+ md5_ctx_alloc,
+ md5_ctx_free,
};
#endif
@@ -250,7 +249,7 @@ void sha1_starts_wrap( void *ctx )
sha1_starts( (sha1_context *) ctx );
}
-void sha1_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void sha1_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha1_update( (sha1_context *) ctx, input, ilen );
}
@@ -260,12 +259,12 @@ void sha1_finish_wrap( void *ctx, unsigned char *output )
sha1_finish( (sha1_context *) ctx, output );
}
-void sha1_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen )
+void sha1_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
sha1_hmac_starts( (sha1_context *) ctx, key, keylen );
}
-void sha1_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void sha1_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha1_hmac_update( (sha1_context *) ctx, input, ilen );
}
@@ -291,21 +290,21 @@ void sha1_ctx_free( void *ctx )
}
const md_info_t sha1_info = {
- POLARSSL_MD_SHA1,
- "SHA1",
- 20,
- sha1_starts_wrap,
- sha1_update_wrap,
- sha1_finish_wrap,
- sha1,
- sha1_file,
- sha1_hmac_starts_wrap,
- sha1_hmac_update_wrap,
- sha1_hmac_finish_wrap,
- sha1_hmac_reset_wrap,
- sha1_hmac,
- sha1_ctx_alloc,
- sha1_ctx_free,
+ POLARSSL_MD_SHA1,
+ "SHA1",
+ 20,
+ sha1_starts_wrap,
+ sha1_update_wrap,
+ sha1_finish_wrap,
+ sha1,
+ sha1_file,
+ sha1_hmac_starts_wrap,
+ sha1_hmac_update_wrap,
+ sha1_hmac_finish_wrap,
+ sha1_hmac_reset_wrap,
+ sha1_hmac,
+ sha1_ctx_alloc,
+ sha1_ctx_free,
};
#endif
@@ -320,7 +319,7 @@ void sha224_starts_wrap( void *ctx )
sha2_starts( (sha2_context *) ctx, 1 );
}
-void sha224_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void sha224_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha2_update( (sha2_context *) ctx, input, ilen );
}
@@ -330,7 +329,7 @@ void sha224_finish_wrap( void *ctx, unsigned char *output )
sha2_finish( (sha2_context *) ctx, output );
}
-void sha224_wrap( const unsigned char *input, int ilen,
+void sha224_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha2( input, ilen, output, 1 );
@@ -341,12 +340,12 @@ int sha224_file_wrap( const char *path, unsigned char *output )
return sha2_file( path, output, 1 );
}
-void sha224_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen )
+void sha224_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
sha2_hmac_starts( (sha2_context *) ctx, key, keylen, 1 );
}
-void sha224_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void sha224_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha2_hmac_update( (sha2_context *) ctx, input, ilen );
}
@@ -361,8 +360,8 @@ void sha224_hmac_reset_wrap( void *ctx )
sha2_hmac_reset( (sha2_context *) ctx );
}
-void sha224_hmac_wrap( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void sha224_hmac_wrap( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha2_hmac( key, keylen, input, ilen, output, 1 );
@@ -379,21 +378,21 @@ void sha224_ctx_free( void *ctx )
}
const md_info_t sha224_info = {
- POLARSSL_MD_SHA224,
- "SHA224",
- 28,
- sha224_starts_wrap,
- sha224_update_wrap,
- sha224_finish_wrap,
- sha224_wrap,
- sha224_file_wrap,
- sha224_hmac_starts_wrap,
- sha224_hmac_update_wrap,
- sha224_hmac_finish_wrap,
- sha224_hmac_reset_wrap,
- sha224_hmac_wrap,
- sha224_ctx_alloc,
- sha224_ctx_free,
+ POLARSSL_MD_SHA224,
+ "SHA224",
+ 28,
+ sha224_starts_wrap,
+ sha224_update_wrap,
+ sha224_finish_wrap,
+ sha224_wrap,
+ sha224_file_wrap,
+ sha224_hmac_starts_wrap,
+ sha224_hmac_update_wrap,
+ sha224_hmac_finish_wrap,
+ sha224_hmac_reset_wrap,
+ sha224_hmac_wrap,
+ sha224_ctx_alloc,
+ sha224_ctx_free,
};
void sha256_starts_wrap( void *ctx )
@@ -401,7 +400,7 @@ void sha256_starts_wrap( void *ctx )
sha2_starts( (sha2_context *) ctx, 0 );
}
-void sha256_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void sha256_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha2_update( (sha2_context *) ctx, input, ilen );
}
@@ -411,7 +410,7 @@ void sha256_finish_wrap( void *ctx, unsigned char *output )
sha2_finish( (sha2_context *) ctx, output );
}
-void sha256_wrap( const unsigned char *input, int ilen,
+void sha256_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha2( input, ilen, output, 0 );
@@ -422,12 +421,12 @@ int sha256_file_wrap( const char *path, unsigned char *output )
return sha2_file( path, output, 0 );
}
-void sha256_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen )
+void sha256_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
sha2_hmac_starts( (sha2_context *) ctx, key, keylen, 0 );
}
-void sha256_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void sha256_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha2_hmac_update( (sha2_context *) ctx, input, ilen );
}
@@ -442,8 +441,8 @@ void sha256_hmac_reset_wrap( void *ctx )
sha2_hmac_reset( (sha2_context *) ctx );
}
-void sha256_hmac_wrap( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void sha256_hmac_wrap( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha2_hmac( key, keylen, input, ilen, output, 0 );
@@ -460,21 +459,21 @@ void sha256_ctx_free( void *ctx )
}
const md_info_t sha256_info = {
- POLARSSL_MD_SHA256,
- "SHA256",
- 32,
- sha256_starts_wrap,
- sha256_update_wrap,
- sha256_finish_wrap,
- sha256_wrap,
- sha256_file_wrap,
- sha256_hmac_starts_wrap,
- sha256_hmac_update_wrap,
- sha256_hmac_finish_wrap,
- sha256_hmac_reset_wrap,
- sha256_hmac_wrap,
- sha256_ctx_alloc,
- sha256_ctx_free,
+ POLARSSL_MD_SHA256,
+ "SHA256",
+ 32,
+ sha256_starts_wrap,
+ sha256_update_wrap,
+ sha256_finish_wrap,
+ sha256_wrap,
+ sha256_file_wrap,
+ sha256_hmac_starts_wrap,
+ sha256_hmac_update_wrap,
+ sha256_hmac_finish_wrap,
+ sha256_hmac_reset_wrap,
+ sha256_hmac_wrap,
+ sha256_ctx_alloc,
+ sha256_ctx_free,
};
#endif
@@ -486,7 +485,7 @@ void sha384_starts_wrap( void *ctx )
sha4_starts( (sha4_context *) ctx, 1 );
}
-void sha384_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void sha384_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha4_update( (sha4_context *) ctx, input, ilen );
}
@@ -496,7 +495,7 @@ void sha384_finish_wrap( void *ctx, unsigned char *output )
sha4_finish( (sha4_context *) ctx, output );
}
-void sha384_wrap( const unsigned char *input, int ilen,
+void sha384_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha4( input, ilen, output, 1 );
@@ -507,12 +506,12 @@ int sha384_file_wrap( const char *path, unsigned char *output )
return sha4_file( path, output, 1 );
}
-void sha384_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen )
+void sha384_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
sha4_hmac_starts( (sha4_context *) ctx, key, keylen, 1 );
}
-void sha384_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void sha384_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha4_hmac_update( (sha4_context *) ctx, input, ilen );
}
@@ -527,8 +526,8 @@ void sha384_hmac_reset_wrap( void *ctx )
sha4_hmac_reset( (sha4_context *) ctx );
}
-void sha384_hmac_wrap( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void sha384_hmac_wrap( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha4_hmac( key, keylen, input, ilen, output, 1 );
@@ -545,21 +544,21 @@ void sha384_ctx_free( void *ctx )
}
const md_info_t sha384_info = {
- POLARSSL_MD_SHA384,
- "SHA384",
- 48,
- sha384_starts_wrap,
- sha384_update_wrap,
- sha384_finish_wrap,
- sha384_wrap,
- sha384_file_wrap,
- sha384_hmac_starts_wrap,
- sha384_hmac_update_wrap,
- sha384_hmac_finish_wrap,
- sha384_hmac_reset_wrap,
- sha384_hmac_wrap,
- sha384_ctx_alloc,
- sha384_ctx_free,
+ POLARSSL_MD_SHA384,
+ "SHA384",
+ 48,
+ sha384_starts_wrap,
+ sha384_update_wrap,
+ sha384_finish_wrap,
+ sha384_wrap,
+ sha384_file_wrap,
+ sha384_hmac_starts_wrap,
+ sha384_hmac_update_wrap,
+ sha384_hmac_finish_wrap,
+ sha384_hmac_reset_wrap,
+ sha384_hmac_wrap,
+ sha384_ctx_alloc,
+ sha384_ctx_free,
};
void sha512_starts_wrap( void *ctx )
@@ -567,7 +566,7 @@ void sha512_starts_wrap( void *ctx )
sha4_starts( (sha4_context *) ctx, 0 );
}
-void sha512_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void sha512_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha4_update( (sha4_context *) ctx, input, ilen );
}
@@ -577,7 +576,7 @@ void sha512_finish_wrap( void *ctx, unsigned char *output )
sha4_finish( (sha4_context *) ctx, output );
}
-void sha512_wrap( const unsigned char *input, int ilen,
+void sha512_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha4( input, ilen, output, 0 );
@@ -588,12 +587,12 @@ int sha512_file_wrap( const char *path, unsigned char *output )
return sha4_file( path, output, 0 );
}
-void sha512_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen )
+void sha512_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
sha4_hmac_starts( (sha4_context *) ctx, key, keylen, 0 );
}
-void sha512_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void sha512_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha4_hmac_update( (sha4_context *) ctx, input, ilen );
}
@@ -608,8 +607,8 @@ void sha512_hmac_reset_wrap( void *ctx )
sha4_hmac_reset( (sha4_context *) ctx );
}
-void sha512_hmac_wrap( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void sha512_hmac_wrap( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha4_hmac( key, keylen, input, ilen, output, 0 );
@@ -626,21 +625,21 @@ void sha512_ctx_free( void *ctx )
}
const md_info_t sha512_info = {
- POLARSSL_MD_SHA512,
- "SHA512",
- 64,
- sha512_starts_wrap,
- sha512_update_wrap,
- sha512_finish_wrap,
- sha512_wrap,
- sha512_file_wrap,
- sha512_hmac_starts_wrap,
- sha512_hmac_update_wrap,
- sha512_hmac_finish_wrap,
- sha512_hmac_reset_wrap,
- sha512_hmac_wrap,
- sha512_ctx_alloc,
- sha512_ctx_free,
+ POLARSSL_MD_SHA512,
+ "SHA512",
+ 64,
+ sha512_starts_wrap,
+ sha512_update_wrap,
+ sha512_finish_wrap,
+ sha512_wrap,
+ sha512_file_wrap,
+ sha512_hmac_starts_wrap,
+ sha512_hmac_update_wrap,
+ sha512_hmac_finish_wrap,
+ sha512_hmac_reset_wrap,
+ sha512_hmac_wrap,
+ sha512_ctx_alloc,
+ sha512_ctx_free,
};
#endif
diff --git a/library/net.c b/library/net.c
index e884d56fc..378f7982d 100644
--- a/library/net.c
+++ b/library/net.c
@@ -40,8 +40,8 @@
#pragma comment( lib, "ws2_32.lib" )
#endif
-#define read(fd,buf,len) recv(fd,buf,len,0)
-#define write(fd,buf,len) send(fd,buf,len,0)
+#define read(fd,buf,len) recv(fd,buf,(int) len,0)
+#define write(fd,buf,len) send(fd,buf,(int) len,0)
#define close(fd) closesocket(fd)
static int wsa_init_done = 0;
@@ -69,7 +69,6 @@ static int wsa_init_done = 0;
#endif
-#include
#include
#include
#include
@@ -289,7 +288,7 @@ void net_usleep( unsigned long usec )
/*
* Read at most 'len' characters
*/
-int net_recv( void *ctx, unsigned char *buf, int len )
+int net_recv( void *ctx, unsigned char *buf, size_t len )
{
int ret = read( *((int *) ctx), buf, len );
@@ -321,7 +320,7 @@ int net_recv( void *ctx, unsigned char *buf, int len )
/*
* Write at most 'len' characters
*/
-int net_send( void *ctx, unsigned char *buf, int len )
+int net_send( void *ctx, unsigned char *buf, size_t len )
{
int ret = write( *((int *) ctx), buf, len );
diff --git a/library/padlock.c b/library/padlock.c
index d576544a8..2e2e4775f 100644
--- a/library/padlock.c
+++ b/library/padlock.c
@@ -33,13 +33,10 @@
#if defined(POLARSSL_PADLOCK_C)
-#include "polarssl/aes.h"
#include "polarssl/padlock.h"
#if defined(POLARSSL_HAVE_X86)
-#include
-
/*
* PadLock detection routine
*/
@@ -115,12 +112,13 @@ int padlock_xcryptecb( aes_context *ctx,
*/
int padlock_xcryptcbc( aes_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output )
{
- int ebx, count;
+ int ebx;
+ size_t count;
unsigned long *rk;
unsigned long *iw;
unsigned long *ctrl;
diff --git a/library/pem.c b/library/pem.c
index 6117f044e..bcfcdd2f9 100644
--- a/library/pem.c
+++ b/library/pem.c
@@ -35,7 +35,6 @@
#include "polarssl/cipher.h"
#include
-#include
void pem_init( pem_context *ctx )
{
@@ -46,9 +45,9 @@ void pem_init( pem_context *ctx )
/*
* Read a 16-byte hex string and convert it to binary
*/
-static int pem_get_iv( const unsigned char *s, unsigned char *iv, int iv_len )
+static int pem_get_iv( const unsigned char *s, unsigned char *iv, size_t iv_len )
{
- int i, j, k;
+ size_t i, j, k;
memset( iv, 0, iv_len );
@@ -67,13 +66,13 @@ static int pem_get_iv( const unsigned char *s, unsigned char *iv, int iv_len )
return( 0 );
}
-static void pem_pbkdf1( unsigned char *key, int keylen,
+static void pem_pbkdf1( unsigned char *key, size_t keylen,
unsigned char *iv,
- const unsigned char *pwd, int pwdlen )
+ const unsigned char *pwd, size_t pwdlen )
{
md5_context md5_ctx;
unsigned char md5sum[16];
- int use_len;
+ size_t use_len;
/*
* key[ 0..15] = MD5(pwd || IV)
@@ -118,8 +117,8 @@ static void pem_pbkdf1( unsigned char *key, int keylen,
* Decrypt with DES-CBC, using PBKDF1 for key derivation
*/
static void pem_des_decrypt( unsigned char des_iv[8],
- unsigned char *buf, int buflen,
- const unsigned char *pwd, int pwdlen )
+ unsigned char *buf, size_t buflen,
+ const unsigned char *pwd, size_t pwdlen )
{
des_context des_ctx;
unsigned char des_key[8];
@@ -138,8 +137,8 @@ static void pem_des_decrypt( unsigned char des_iv[8],
* Decrypt with 3DES-CBC, using PBKDF1 for key derivation
*/
static void pem_des3_decrypt( unsigned char des3_iv[8],
- unsigned char *buf, int buflen,
- const unsigned char *pwd, int pwdlen )
+ unsigned char *buf, size_t buflen,
+ const unsigned char *pwd, size_t pwdlen )
{
des3_context des3_ctx;
unsigned char des3_key[24];
@@ -159,9 +158,9 @@ static void pem_des3_decrypt( unsigned char des3_iv[8],
/*
* Decrypt with AES-XXX-CBC, using PBKDF1 for key derivation
*/
-static void pem_aes_decrypt( unsigned char aes_iv[16], int keylen,
- unsigned char *buf, int buflen,
- const unsigned char *pwd, int pwdlen )
+static void pem_aes_decrypt( unsigned char aes_iv[16], unsigned int keylen,
+ unsigned char *buf, size_t buflen,
+ const unsigned char *pwd, size_t pwdlen )
{
aes_context aes_ctx;
unsigned char aes_key[32];
@@ -179,9 +178,10 @@ static void pem_aes_decrypt( unsigned char aes_iv[16], int keylen,
#endif /* POLARSSL_MD5_C && (POLARSSL_AES_C || POLARSSL_DES_C) */
-int pem_read_buffer( pem_context *ctx, char *header, char *footer, const unsigned char *data, const unsigned char *pwd, int pwdlen, int *use_len )
+int pem_read_buffer( pem_context *ctx, char *header, char *footer, const unsigned char *data, const unsigned char *pwd, size_t pwdlen, size_t *use_len )
{
- int ret, len, enc;
+ int ret, enc;
+ size_t len;
unsigned char *buf;
unsigned char *s1, *s2;
#if defined(POLARSSL_MD5_C) && (defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C))
diff --git a/library/pkcs11.c b/library/pkcs11.c
index b4f478763..b71415a41 100644
--- a/library/pkcs11.c
+++ b/library/pkcs11.c
@@ -32,7 +32,6 @@
#if defined(POLARSSL_PKCS11_C)
#include
-#include
int pkcs11_x509_cert_init( x509_cert *cert, pkcs11h_certificate_t pkcs11_cert )
{
@@ -113,7 +112,7 @@ void pkcs11_priv_key_free( pkcs11_context *priv_key )
}
int pkcs11_decrypt( pkcs11_context *ctx,
- int mode, int *olen,
+ int mode, size_t *olen,
const unsigned char *input,
unsigned char *output,
unsigned int output_max_len )
@@ -153,7 +152,7 @@ int pkcs11_decrypt( pkcs11_context *ctx,
int pkcs11_sign( pkcs11_context *ctx,
int mode,
int hash_id,
- int hashlen,
+ unsigned int hashlen,
const unsigned char *hash,
unsigned char *sig )
{
diff --git a/library/rsa.c b/library/rsa.c
index a0f750ea2..4d3fc4c42 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -37,7 +37,6 @@
#include "polarssl/md.h"
#include
-#include
#include
/*
@@ -61,7 +60,7 @@ void rsa_init( rsa_context *ctx,
int rsa_gen_key( rsa_context *ctx,
int (*f_rng)(void *),
void *p_rng,
- int nbits, int exponent )
+ unsigned int nbits, int exponent )
{
int ret;
mpi P1, Q1, H, G;
@@ -206,7 +205,8 @@ int rsa_public( rsa_context *ctx,
const unsigned char *input,
unsigned char *output )
{
- int ret, olen;
+ int ret;
+ size_t olen;
mpi T;
mpi_init( &T, NULL );
@@ -240,7 +240,8 @@ int rsa_private( rsa_context *ctx,
const unsigned char *input,
unsigned char *output )
{
- int ret, olen;
+ int ret;
+ size_t olen;
mpi T, T1, T2;
mpi_init( &T, &T1, &T2, NULL );
@@ -301,15 +302,15 @@ cleanup:
* @param src source of the mask generation
* @param slen length of the source buffer
* @param md_ctx message digest context to use
- * @param hlen length of the digest result
*/
-static void mgf_mask( unsigned char *dst, int dlen, unsigned char *src, int slen,
+static void mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src, size_t slen,
md_context_t *md_ctx )
{
unsigned char mask[POLARSSL_MD_MAX_SIZE];
unsigned char counter[4];
unsigned char *p;
- int i, use_len, hlen;
+ unsigned int hlen;
+ size_t i, use_len;
memset( mask, 0, POLARSSL_MD_MAX_SIZE );
memset( counter, 0, 4 );
@@ -347,16 +348,16 @@ static void mgf_mask( unsigned char *dst, int dlen, unsigned char *src, int slen
int rsa_pkcs1_encrypt( rsa_context *ctx,
int (*f_rng)(void *),
void *p_rng,
- int mode, int ilen,
+ int mode, size_t ilen,
const unsigned char *input,
unsigned char *output )
{
- int nb_pad, olen;
+ size_t nb_pad, olen;
unsigned char *p = output;
#if defined(POLARSSL_PKCS1_V21)
+ unsigned int i, hlen;
const md_info_t *md_info;
md_context_t md_ctx;
- int i, hlen;
#endif
olen = ctx->len;
@@ -368,7 +369,7 @@ int rsa_pkcs1_encrypt( rsa_context *ctx,
{
case RSA_PKCS_V15:
- if( ilen < 0 || olen < ilen + 11 )
+ if( olen < ilen + 11 )
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
nb_pad = olen - 3 - ilen;
@@ -404,7 +405,7 @@ int rsa_pkcs1_encrypt( rsa_context *ctx,
hlen = md_get_size( md_info );
- if( ilen < 0 || olen < ilen + 2 * hlen + 2 || f_rng == NULL )
+ if( olen < ilen + 2 * hlen + 2 || f_rng == NULL )
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
memset( output, 0, olen );
@@ -453,19 +454,20 @@ int rsa_pkcs1_encrypt( rsa_context *ctx,
* Do an RSA operation, then remove the message padding
*/
int rsa_pkcs1_decrypt( rsa_context *ctx,
- int mode, int *olen,
+ int mode, size_t *olen,
const unsigned char *input,
unsigned char *output,
- int output_max_len)
+ size_t output_max_len)
{
- int ret, ilen;
+ int ret;
+ size_t ilen;
unsigned char *p;
unsigned char buf[1024];
#if defined(POLARSSL_PKCS1_V21)
unsigned char lhash[POLARSSL_MD_MAX_SIZE];
+ unsigned int hlen;
const md_info_t *md_info;
md_context_t md_ctx;
- int hlen;
#endif
ilen = ctx->len;
@@ -554,7 +556,7 @@ int rsa_pkcs1_decrypt( rsa_context *ctx,
}
if (ilen - (int)(p - buf) > output_max_len)
- return( POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE );
+ return( POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE );
*olen = ilen - (int)(p - buf);
memcpy( output, p, *olen );
@@ -570,17 +572,18 @@ int rsa_pkcs1_sign( rsa_context *ctx,
void *p_rng,
int mode,
int hash_id,
- int hashlen,
+ unsigned int hashlen,
const unsigned char *hash,
unsigned char *sig )
{
- int nb_pad, olen;
+ size_t nb_pad, olen;
unsigned char *p = sig;
#if defined(POLARSSL_PKCS1_V21)
unsigned char salt[POLARSSL_MD_MAX_SIZE];
+ unsigned int i, slen, hlen, offset = 0;
+ size_t msb;
const md_info_t *md_info;
md_context_t md_ctx;
- int i, slen, hlen, msb, offset = 0;
#else
(void) f_rng;
(void) p_rng;
@@ -796,18 +799,20 @@ int rsa_pkcs1_sign( rsa_context *ctx,
int rsa_pkcs1_verify( rsa_context *ctx,
int mode,
int hash_id,
- int hashlen,
+ unsigned int hashlen,
const unsigned char *hash,
unsigned char *sig )
{
- int ret, len, siglen;
+ int ret;
+ size_t len, siglen;
unsigned char *p, c;
unsigned char buf[1024];
#if defined(POLARSSL_PKCS1_V21)
unsigned char zeros[8];
+ unsigned int hlen;
+ size_t slen, msb;
const md_info_t *md_info;
md_context_t md_ctx;
- int slen, hlen, msb;
#endif
siglen = ctx->len;
@@ -1078,7 +1083,7 @@ static int myrand( void *rng_state )
*/
int rsa_self_test( int verbose )
{
- int len;
+ size_t len;
rsa_context rsa;
unsigned char sha1sum[20];
unsigned char rsa_plaintext[PT_LEN];
@@ -1128,7 +1133,7 @@ int rsa_self_test( int verbose )
if( rsa_pkcs1_decrypt( &rsa, RSA_PRIVATE, &len,
rsa_ciphertext, rsa_decrypted,
- sizeof(rsa_decrypted) ) != 0 )
+ sizeof(rsa_decrypted) ) != 0 )
{
if( verbose != 0 )
printf( "failed\n" );
diff --git a/library/sha1.c b/library/sha1.c
index f320c43e6..5f625839f 100644
--- a/library/sha1.c
+++ b/library/sha1.c
@@ -34,7 +34,6 @@
#include "polarssl/sha1.h"
-#include
#include
/*
@@ -234,9 +233,9 @@ static void sha1_process( sha1_context *ctx, const unsigned char data[64] )
/*
* SHA-1 process buffer
*/
-void sha1_update( sha1_context *ctx, const unsigned char *input, int ilen )
+void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen )
{
- int fill;
+ size_t fill;
unsigned long left;
if( ilen <= 0 )
@@ -245,7 +244,7 @@ void sha1_update( sha1_context *ctx, const unsigned char *input, int ilen )
left = ctx->total[0] & 0x3F;
fill = 64 - left;
- ctx->total[0] += ilen;
+ ctx->total[0] += (unsigned long) ilen;
ctx->total[0] &= 0xFFFFFFFF;
if( ctx->total[0] < (unsigned long) ilen )
@@ -315,7 +314,7 @@ void sha1_finish( sha1_context *ctx, unsigned char output[20] )
/*
* output = SHA-1( input buffer )
*/
-void sha1( const unsigned char *input, int ilen, unsigned char output[20] )
+void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] )
{
sha1_context ctx;
@@ -361,9 +360,9 @@ int sha1_file( const char *path, unsigned char output[20] )
/*
* SHA-1 HMAC context setup
*/
-void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, int keylen )
+void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, size_t keylen )
{
- int i;
+ size_t i;
unsigned char sum[20];
if( keylen > 64 )
@@ -391,7 +390,7 @@ void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, int keylen )
/*
* SHA-1 HMAC process buffer
*/
-void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, int ilen )
+void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, size_t ilen )
{
sha1_update( ctx, input, ilen );
}
@@ -424,8 +423,8 @@ void sha1_hmac_reset( sha1_context *ctx )
/*
* output = HMAC-SHA-1( hmac key, input buffer )
*/
-void sha1_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void sha1_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[20] )
{
sha1_context ctx;
diff --git a/library/sha2.c b/library/sha2.c
index dd5ae98a6..64ebc43d5 100644
--- a/library/sha2.c
+++ b/library/sha2.c
@@ -34,7 +34,6 @@
#include "polarssl/sha2.h"
-#include
#include
/*
@@ -230,9 +229,9 @@ static void sha2_process( sha2_context *ctx, const unsigned char data[64] )
/*
* SHA-256 process buffer
*/
-void sha2_update( sha2_context *ctx, const unsigned char *input, int ilen )
+void sha2_update( sha2_context *ctx, const unsigned char *input, size_t ilen )
{
- int fill;
+ size_t fill;
unsigned long left;
if( ilen <= 0 )
@@ -241,7 +240,7 @@ void sha2_update( sha2_context *ctx, const unsigned char *input, int ilen )
left = ctx->total[0] & 0x3F;
fill = 64 - left;
- ctx->total[0] += ilen;
+ ctx->total[0] += (unsigned long) ilen;
ctx->total[0] &= 0xFFFFFFFF;
if( ctx->total[0] < (unsigned long) ilen )
@@ -316,7 +315,7 @@ void sha2_finish( sha2_context *ctx, unsigned char output[32] )
/*
* output = SHA-256( input buffer )
*/
-void sha2( const unsigned char *input, int ilen,
+void sha2( const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 )
{
sha2_context ctx;
@@ -363,10 +362,10 @@ int sha2_file( const char *path, unsigned char output[32], int is224 )
/*
* SHA-256 HMAC context setup
*/
-void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, int keylen,
+void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, size_t keylen,
int is224 )
{
- int i;
+ size_t i;
unsigned char sum[32];
if( keylen > 64 )
@@ -394,7 +393,7 @@ void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, int keylen,
/*
* SHA-256 HMAC process buffer
*/
-void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, int ilen )
+void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, size_t ilen )
{
sha2_update( ctx, input, ilen );
}
@@ -431,8 +430,8 @@ void sha2_hmac_reset( sha2_context *ctx )
/*
* output = HMAC-SHA-256( hmac key, input buffer )
*/
-void sha2_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void sha2_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 )
{
sha2_context ctx;
diff --git a/library/sha4.c b/library/sha4.c
index cf20d0131..bbb3108f7 100644
--- a/library/sha4.c
+++ b/library/sha4.c
@@ -34,7 +34,6 @@
#include "polarssl/sha4.h"
-#include
#include
/*
@@ -223,9 +222,9 @@ static void sha4_process( sha4_context *ctx, const unsigned char data[128] )
/*
* SHA-512 process buffer
*/
-void sha4_update( sha4_context *ctx, const unsigned char *input, int ilen )
+void sha4_update( sha4_context *ctx, const unsigned char *input, size_t ilen )
{
- int fill;
+ size_t fill;
unsigned int64 left;
if( ilen <= 0 )
@@ -234,7 +233,7 @@ void sha4_update( sha4_context *ctx, const unsigned char *input, int ilen )
left = ctx->total[0] & 0x7F;
fill = (int)( 128 - left );
- ctx->total[0] += ilen;
+ ctx->total[0] += (unsigned int64) ilen;
if( ctx->total[0] < (unsigned int64) ilen )
ctx->total[1]++;
@@ -314,7 +313,7 @@ void sha4_finish( sha4_context *ctx, unsigned char output[64] )
/*
* output = SHA-512( input buffer )
*/
-void sha4( const unsigned char *input, int ilen,
+void sha4( const unsigned char *input, size_t ilen,
unsigned char output[64], int is384 )
{
sha4_context ctx;
@@ -361,10 +360,10 @@ int sha4_file( const char *path, unsigned char output[64], int is384 )
/*
* SHA-512 HMAC context setup
*/
-void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, int keylen,
+void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, size_t keylen,
int is384 )
{
- int i;
+ size_t i;
unsigned char sum[64];
if( keylen > 128 )
@@ -393,7 +392,7 @@ void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, int keylen,
* SHA-512 HMAC process buffer
*/
void sha4_hmac_update( sha4_context *ctx,
- const unsigned char *input, int ilen )
+ const unsigned char *input, size_t ilen )
{
sha4_update( ctx, input, ilen );
}
@@ -430,8 +429,8 @@ void sha4_hmac_reset( sha4_context *ctx )
/*
* output = HMAC-SHA-512( hmac key, input buffer )
*/
-void sha4_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void sha4_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[64], int is384 )
{
sha4_context ctx;
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 4b04efa43..d82f5cae2 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -34,14 +34,14 @@
#include "polarssl/pkcs11.h"
#endif /* defined(POLARSSL_PKCS11_C) */
-#include
#include
#include
#include
static int ssl_write_client_hello( ssl_context *ssl )
{
- int ret, i, n;
+ int ret;
+ size_t i, n;
unsigned char *buf;
unsigned char *p;
time_t t;
@@ -174,7 +174,8 @@ static int ssl_write_client_hello( ssl_context *ssl )
static int ssl_parse_server_hello( ssl_context *ssl )
{
time_t t;
- int ret, i, n;
+ int ret, i;
+ size_t n;
int ext_len;
unsigned char *buf;
@@ -240,7 +241,7 @@ static int ssl_parse_server_hello( ssl_context *ssl )
* 42+n . 43+n extensions length
* 44+n . 44+n+m extensions
*/
- if( n < 0 || n > 32 || ssl->in_hslen > 42 + n )
+ if( n > 32 || ssl->in_hslen > 42 + n )
{
ext_len = ( ( buf[42 + n] << 8 )
| ( buf[43 + n] ) ) + 2;
@@ -250,7 +251,7 @@ static int ssl_parse_server_hello( ssl_context *ssl )
ext_len = 0;
}
- if( n < 0 || n > 32 || ssl->in_hslen != 42 + n + ext_len )
+ if( n > 32 || ssl->in_hslen != 42 + n + ext_len )
{
SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO );
@@ -321,7 +322,8 @@ static int ssl_parse_server_hello( ssl_context *ssl )
static int ssl_parse_server_key_exchange( ssl_context *ssl )
{
- int ret, n;
+ int ret;
+ size_t n;
unsigned char *p, *end;
unsigned char hash[36];
md5_context md5;
@@ -333,7 +335,7 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
ssl->session->ciphersuite != SSL_EDH_RSA_AES_128_SHA &&
ssl->session->ciphersuite != SSL_EDH_RSA_AES_256_SHA &&
ssl->session->ciphersuite != SSL_EDH_RSA_CAMELLIA_128_SHA &&
- ssl->session->ciphersuite != SSL_EDH_RSA_CAMELLIA_256_SHA)
+ ssl->session->ciphersuite != SSL_EDH_RSA_CAMELLIA_256_SHA)
{
SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) );
ssl->state++;
@@ -380,7 +382,7 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
}
- if( (int)( end - p ) != ssl->peer_cert->rsa.len )
+ if( (unsigned int)( end - p ) != ssl->peer_cert->rsa.len )
{
SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
@@ -518,7 +520,8 @@ static int ssl_parse_server_hello_done( ssl_context *ssl )
static int ssl_write_client_key_exchange( ssl_context *ssl )
{
- int ret, i, n;
+ int ret;
+ size_t i, n;
SSL_DEBUG_MSG( 2, ( "=> write client key exchange" ) );
@@ -526,7 +529,7 @@ static int ssl_write_client_key_exchange( ssl_context *ssl )
ssl->session->ciphersuite == SSL_EDH_RSA_AES_128_SHA ||
ssl->session->ciphersuite == SSL_EDH_RSA_AES_256_SHA ||
ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA)
+ ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA)
{
#if !defined(POLARSSL_DHM_C)
SSL_DEBUG_MSG( 1, ( "support for dhm in not available" ) );
@@ -625,7 +628,8 @@ static int ssl_write_client_key_exchange( ssl_context *ssl )
static int ssl_write_certificate_verify( ssl_context *ssl )
{
- int ret = 0, n = 0;
+ int ret = 0;
+ size_t n = 0;
unsigned char hash[36];
SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) );
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index f875fbfe7..c626b4218 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -34,16 +34,17 @@
#include "polarssl/pkcs11.h"
#endif /* defined(POLARSSL_PKCS11_C) */
-#include
#include
#include
#include
static int ssl_parse_client_hello( ssl_context *ssl )
{
- int ret, i, j, n;
- int ciph_len, sess_len;
- int chal_len, comp_len;
+ int ret;
+ unsigned int i, j;
+ size_t n;
+ unsigned int ciph_len, sess_len;
+ unsigned int chal_len, comp_len;
unsigned char *buf, *p;
SSL_DEBUG_MSG( 2, ( "=> parse client hello" ) );
@@ -137,7 +138,7 @@ static int ssl_parse_client_hello( ssl_context *ssl )
return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO );
}
- if( sess_len < 0 || sess_len > 32 )
+ if( sess_len > 32 )
{
SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO );
@@ -273,7 +274,7 @@ static int ssl_parse_client_hello( ssl_context *ssl )
/*
* Check the handshake message length
*/
- if( buf[1] != 0 || n != 4 + ( ( buf[2] << 8 ) | buf[3] ) )
+ if( buf[1] != 0 || n != (unsigned int) 4 + ( ( buf[2] << 8 ) | buf[3] ) )
{
SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO );
@@ -284,7 +285,7 @@ static int ssl_parse_client_hello( ssl_context *ssl )
*/
sess_len = buf[38];
- if( sess_len < 0 || sess_len > 32 )
+ if( sess_len > 32 )
{
SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO );
@@ -460,7 +461,8 @@ static int ssl_write_server_hello( ssl_context *ssl )
static int ssl_write_certificate_request( ssl_context *ssl )
{
- int ret, n;
+ int ret;
+ size_t n;
unsigned char *buf, *p;
const x509_cert *crt;
@@ -525,7 +527,8 @@ static int ssl_write_certificate_request( ssl_context *ssl )
static int ssl_write_server_key_exchange( ssl_context *ssl )
{
- int ret, n, rsa_key_len = 0;
+ int ret;
+ size_t n, rsa_key_len = 0;
unsigned char hash[36];
md5_context md5;
sha1_context sha1;
@@ -536,7 +539,7 @@ static int ssl_write_server_key_exchange( ssl_context *ssl )
ssl->session->ciphersuite != SSL_EDH_RSA_AES_128_SHA &&
ssl->session->ciphersuite != SSL_EDH_RSA_AES_256_SHA &&
ssl->session->ciphersuite != SSL_EDH_RSA_CAMELLIA_128_SHA &&
- ssl->session->ciphersuite != SSL_EDH_RSA_CAMELLIA_256_SHA)
+ ssl->session->ciphersuite != SSL_EDH_RSA_CAMELLIA_256_SHA)
{
SSL_DEBUG_MSG( 2, ( "<= skip write server key exchange" ) );
ssl->state++;
@@ -681,7 +684,8 @@ static int ssl_write_server_hello_done( ssl_context *ssl )
static int ssl_parse_client_key_exchange( ssl_context *ssl )
{
- int ret, i, n = 0;
+ int ret;
+ size_t i, n = 0;
SSL_DEBUG_MSG( 2, ( "=> parse client key exchange" ) );
@@ -707,7 +711,7 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl )
ssl->session->ciphersuite == SSL_EDH_RSA_AES_128_SHA ||
ssl->session->ciphersuite == SSL_EDH_RSA_AES_256_SHA ||
ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA)
+ ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA)
{
#if !defined(POLARSSL_DHM_C)
SSL_DEBUG_MSG( 1, ( "support for dhm is not available" ) );
@@ -840,7 +844,8 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl )
static int ssl_parse_certificate_verify( ssl_context *ssl )
{
- int n1, n2, ret;
+ int ret;
+ size_t n1, n2;
unsigned char hash[36];
SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) );
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 3875e9994..8b87668f3 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -42,7 +42,6 @@
#include "polarssl/debug.h"
#include "polarssl/ssl.h"
-#include
#include
#include
@@ -53,12 +52,12 @@
/*
* Key material generation
*/
-static int tls1_prf( unsigned char *secret, int slen, char *label,
- unsigned char *random, int rlen,
- unsigned char *dstbuf, int dlen )
+static int tls1_prf( unsigned char *secret, size_t slen, char *label,
+ unsigned char *random, size_t rlen,
+ unsigned char *dstbuf, size_t dlen )
{
- int nb, hs;
- int i, j, k;
+ size_t nb, hs;
+ size_t i, j, k;
unsigned char *S1, *S2;
unsigned char tmp[128];
unsigned char h_i[20];
@@ -139,7 +138,7 @@ int ssl_derive_keys( ssl_context *ssl )
*/
if( ssl->resume == 0 )
{
- int len = ssl->pmslen;
+ size_t len = ssl->pmslen;
SSL_DEBUG_BUF( 3, "premaster secret", ssl->premaster, len );
@@ -431,7 +430,7 @@ void ssl_calc_verify( ssl_context *ssl, unsigned char hash[36] )
* SSLv3.0 MAC functions
*/
static void ssl_mac_md5( unsigned char *secret,
- unsigned char *buf, int len,
+ unsigned char *buf, size_t len,
unsigned char *ctr, int type )
{
unsigned char header[11];
@@ -460,7 +459,7 @@ static void ssl_mac_md5( unsigned char *secret,
}
static void ssl_mac_sha1( unsigned char *secret,
- unsigned char *buf, int len,
+ unsigned char *buf, size_t len,
unsigned char *ctr, int type )
{
unsigned char header[11];
@@ -493,7 +492,7 @@ static void ssl_mac_sha1( unsigned char *secret,
*/
static int ssl_encrypt_buf( ssl_context *ssl )
{
- int i, padlen;
+ size_t i, padlen;
SSL_DEBUG_MSG( 2, ( "=> encrypt buf" ) );
@@ -530,8 +529,8 @@ static int ssl_encrypt_buf( ssl_context *ssl )
ssl->out_msglen += ssl->maclen;
- for( i = 7; i >= 0; i-- )
- if( ++ssl->out_ctr[i] != 0 )
+ for( i = 8; i > 0; i-- )
+ if( ++ssl->out_ctr[i - 1] != 0 )
break;
if( ssl->ivlen == 0 )
@@ -556,7 +555,7 @@ static int ssl_encrypt_buf( ssl_context *ssl )
else
{
unsigned char *enc_msg;
- int enc_msglen;
+ size_t enc_msglen;
padlen = ssl->ivlen - ( ssl->out_msglen + 1 ) % ssl->ivlen;
if( padlen == ssl->ivlen )
@@ -615,29 +614,29 @@ static int ssl_encrypt_buf( ssl_context *ssl )
case 16:
#if defined(POLARSSL_AES_C)
- if ( ssl->session->ciphersuite == SSL_RSA_AES_128_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_AES_128_SHA ||
- ssl->session->ciphersuite == SSL_RSA_AES_256_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_AES_256_SHA)
- {
+ if ( ssl->session->ciphersuite == SSL_RSA_AES_128_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_AES_128_SHA ||
+ ssl->session->ciphersuite == SSL_RSA_AES_256_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_AES_256_SHA)
+ {
aes_crypt_cbc( (aes_context *) ssl->ctx_enc,
AES_ENCRYPT, enc_msglen,
ssl->iv_enc, enc_msg, enc_msg);
break;
- }
+ }
#endif
#if defined(POLARSSL_CAMELLIA_C)
- if ( ssl->session->ciphersuite == SSL_RSA_CAMELLIA_128_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA ||
- ssl->session->ciphersuite == SSL_RSA_CAMELLIA_256_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA)
- {
+ if ( ssl->session->ciphersuite == SSL_RSA_CAMELLIA_128_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA ||
+ ssl->session->ciphersuite == SSL_RSA_CAMELLIA_256_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA)
+ {
camellia_crypt_cbc( (camellia_context *) ssl->ctx_enc,
CAMELLIA_ENCRYPT, enc_msglen,
ssl->iv_enc, enc_msg, enc_msg );
break;
- }
+ }
#endif
default:
@@ -652,7 +651,7 @@ static int ssl_encrypt_buf( ssl_context *ssl )
static int ssl_decrypt_buf( ssl_context *ssl )
{
- int i, padlen;
+ size_t i, padlen;
unsigned char tmp[20];
SSL_DEBUG_MSG( 2, ( "=> decrypt buf" ) );
@@ -679,7 +678,7 @@ static int ssl_decrypt_buf( ssl_context *ssl )
{
unsigned char *dec_msg;
unsigned char *dec_msg_result;
- int dec_msglen;
+ size_t dec_msglen;
/*
* Decrypt and check the padding
@@ -720,29 +719,29 @@ static int ssl_decrypt_buf( ssl_context *ssl )
case 16:
#if defined(POLARSSL_AES_C)
- if ( ssl->session->ciphersuite == SSL_RSA_AES_128_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_AES_128_SHA ||
- ssl->session->ciphersuite == SSL_RSA_AES_256_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_AES_256_SHA)
- {
+ if ( ssl->session->ciphersuite == SSL_RSA_AES_128_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_AES_128_SHA ||
+ ssl->session->ciphersuite == SSL_RSA_AES_256_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_AES_256_SHA)
+ {
aes_crypt_cbc( (aes_context *) ssl->ctx_dec,
AES_DECRYPT, dec_msglen,
ssl->iv_dec, dec_msg, dec_msg_result );
break;
- }
+ }
#endif
#if defined(POLARSSL_CAMELLIA_C)
- if ( ssl->session->ciphersuite == SSL_RSA_CAMELLIA_128_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA ||
- ssl->session->ciphersuite == SSL_RSA_CAMELLIA_256_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA)
- {
+ if ( ssl->session->ciphersuite == SSL_RSA_CAMELLIA_128_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA ||
+ ssl->session->ciphersuite == SSL_RSA_CAMELLIA_256_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA)
+ {
camellia_crypt_cbc( (camellia_context *) ssl->ctx_dec,
CAMELLIA_DECRYPT, dec_msglen,
ssl->iv_dec, dec_msg, dec_msg_result );
break;
- }
+ }
#endif
default:
@@ -851,8 +850,8 @@ static int ssl_decrypt_buf( ssl_context *ssl )
else
ssl->nb_zero = 0;
- for( i = 7; i >= 0; i-- )
- if( ++ssl->in_ctr[i] != 0 )
+ for( i = 8; i > 0; i-- )
+ if( ++ssl->in_ctr[i - 1] != 0 )
break;
SSL_DEBUG_MSG( 2, ( "<= decrypt buf" ) );
@@ -863,9 +862,10 @@ static int ssl_decrypt_buf( ssl_context *ssl )
/*
* Fill the input message buffer
*/
-int ssl_fetch_input( ssl_context *ssl, int nb_want )
+int ssl_fetch_input( ssl_context *ssl, size_t nb_want )
{
- int ret, len;
+ int ret;
+ size_t len;
SSL_DEBUG_MSG( 2, ( "=> fetch input" ) );
@@ -924,7 +924,8 @@ int ssl_flush_output( ssl_context *ssl )
*/
int ssl_write_record( ssl_context *ssl )
{
- int ret, len = ssl->out_msglen;
+ int ret;
+ size_t len = ssl->out_msglen;
SSL_DEBUG_MSG( 2, ( "=> write record" ) );
@@ -1181,7 +1182,8 @@ int ssl_read_record( ssl_context *ssl )
*/
int ssl_write_certificate( ssl_context *ssl )
{
- int ret, i, n;
+ int ret;
+ size_t i, n;
const x509_cert *crt;
SSL_DEBUG_MSG( 2, ( "=> write certificate" ) );
@@ -1277,7 +1279,8 @@ write_msg:
int ssl_parse_certificate( ssl_context *ssl )
{
- int ret, i, n;
+ int ret;
+ size_t i, n;
SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) );
@@ -1621,10 +1624,11 @@ int ssl_write_finished( ssl_context *ssl )
int ssl_parse_finished( ssl_context *ssl )
{
- int ret, hash_len;
- md5_context md5;
- sha1_context sha1;
+ int ret;
+ unsigned int hash_len;
unsigned char buf[36];
+ md5_context md5;
+ sha1_context sha1;
SSL_DEBUG_MSG( 2, ( "=> parse finished" ) );
@@ -1758,8 +1762,8 @@ void ssl_set_dbg( ssl_context *ssl,
}
void ssl_set_bio( ssl_context *ssl,
- int (*f_recv)(void *, unsigned char *, int), void *p_recv,
- int (*f_send)(void *, unsigned char *, int), void *p_send )
+ int (*f_recv)(void *, unsigned char *, size_t), void *p_recv,
+ int (*f_send)(void *, unsigned char *, size_t), void *p_send )
{
ssl->f_recv = f_recv;
ssl->f_send = f_send;
@@ -1869,7 +1873,7 @@ int ssl_set_hostname( ssl_context *ssl, const char *hostname )
/*
* SSL get accessors
*/
-int ssl_get_bytes_avail( const ssl_context *ssl )
+size_t ssl_get_bytes_avail( const ssl_context *ssl )
{
return( ssl->in_offt == NULL ? 0 : ssl->in_msglen );
}
@@ -2064,9 +2068,10 @@ int ssl_handshake( ssl_context *ssl )
/*
* Receive application data decrypted from the SSL layer
*/
-int ssl_read( ssl_context *ssl, unsigned char *buf, int len )
+int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len )
{
- int ret, n;
+ int ret;
+ size_t n;
SSL_DEBUG_MSG( 2, ( "=> read" ) );
@@ -2124,15 +2129,16 @@ int ssl_read( ssl_context *ssl, unsigned char *buf, int len )
SSL_DEBUG_MSG( 2, ( "<= read" ) );
- return( n );
+ return( (int) n );
}
/*
* Send application data to be encrypted by the SSL layer
*/
-int ssl_write( ssl_context *ssl, const unsigned char *buf, int len )
+int ssl_write( ssl_context *ssl, const unsigned char *buf, size_t len )
{
- int ret, n;
+ int ret;
+ size_t n;
SSL_DEBUG_MSG( 2, ( "=> write" ) );
@@ -2169,7 +2175,7 @@ int ssl_write( ssl_context *ssl, const unsigned char *buf, int len )
SSL_DEBUG_MSG( 2, ( "<= write" ) );
- return( n );
+ return( (int) n );
}
/*
diff --git a/library/x509parse.c b/library/x509parse.c
index 9d0ebd294..ddbeb3888 100644
--- a/library/x509parse.c
+++ b/library/x509parse.c
@@ -59,7 +59,7 @@
*/
static int asn1_get_len( unsigned char **p,
const unsigned char *end,
- int *len )
+ size_t *len )
{
if( ( end - *p ) < 1 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
@@ -92,7 +92,7 @@ static int asn1_get_len( unsigned char **p,
}
}
- if( *len > (int) ( end - *p ) )
+ if( *len > (size_t) ( end - *p ) )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
return( 0 );
@@ -100,7 +100,7 @@ static int asn1_get_len( unsigned char **p,
static int asn1_get_tag( unsigned char **p,
const unsigned char *end,
- int *len, int tag )
+ size_t *len, int tag )
{
if( ( end - *p ) < 1 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
@@ -117,7 +117,8 @@ static int asn1_get_bool( unsigned char **p,
const unsigned char *end,
int *val )
{
- int ret, len;
+ int ret;
+ size_t len;
if( ( ret = asn1_get_tag( p, end, &len, ASN1_BOOLEAN ) ) != 0 )
return( ret );
@@ -135,7 +136,8 @@ static int asn1_get_int( unsigned char **p,
const unsigned char *end,
int *val )
{
- int ret, len;
+ int ret;
+ size_t len;
if( ( ret = asn1_get_tag( p, end, &len, ASN1_INTEGER ) ) != 0 )
return( ret );
@@ -158,7 +160,8 @@ static int asn1_get_mpi( unsigned char **p,
const unsigned char *end,
mpi *X )
{
- int ret, len;
+ int ret;
+ size_t len;
if( ( ret = asn1_get_tag( p, end, &len, ASN1_INTEGER ) ) != 0 )
return( ret );
@@ -209,7 +212,8 @@ static int asn1_get_sequence_of( unsigned char **p,
x509_sequence *cur,
int tag)
{
- int ret, len;
+ int ret;
+ size_t len;
x509_buf *buf;
/* Get main sequence tag */
@@ -260,7 +264,8 @@ static int x509_get_version( unsigned char **p,
const unsigned char *end,
int *ver )
{
- int ret, len;
+ int ret;
+ size_t len;
if( ( ret = asn1_get_tag( p, end, &len,
ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ) != 0 )
@@ -321,7 +326,8 @@ static int x509_get_alg( unsigned char **p,
const unsigned char *end,
x509_buf *alg )
{
- int ret, len;
+ int ret;
+ size_t len;
if( ( ret = asn1_get_tag( p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
@@ -365,7 +371,8 @@ static int x509_get_attr_type_value( unsigned char **p,
const unsigned char *end,
x509_name *cur )
{
- int ret, len;
+ int ret;
+ size_t len;
x509_buf *oid;
x509_buf *val;
@@ -422,7 +429,8 @@ static int x509_get_name( unsigned char **p,
const unsigned char *end,
x509_name *cur )
{
- int ret, len;
+ int ret;
+ size_t len;
const unsigned char *end2;
x509_name *use;
@@ -478,7 +486,8 @@ static int x509_get_time( unsigned char **p,
const unsigned char *end,
x509_time *time )
{
- int ret, len;
+ int ret;
+ size_t len;
char date[64];
unsigned char tag;
@@ -547,7 +556,8 @@ static int x509_get_dates( unsigned char **p,
x509_time *from,
x509_time *to )
{
- int ret, len;
+ int ret;
+ size_t len;
if( ( ret = asn1_get_tag( p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
@@ -578,7 +588,8 @@ static int x509_get_pubkey( unsigned char **p,
x509_buf *pk_alg_oid,
mpi *N, mpi *E )
{
- int ret, len, can_handle;
+ int ret, can_handle;
+ size_t len;
unsigned char *end2;
if( ( ret = x509_get_alg( p, end, pk_alg_oid ) ) != 0 )
@@ -651,7 +662,8 @@ static int x509_get_sig( unsigned char **p,
const unsigned char *end,
x509_buf *sig )
{
- int ret, len;
+ int ret;
+ size_t len;
sig->tag = **p;
@@ -707,7 +719,8 @@ static int x509_get_ext( unsigned char **p,
const unsigned char *end,
x509_buf *ext )
{
- int ret, len;
+ int ret;
+ size_t len;
if( *p == end )
return( 0 );
@@ -747,7 +760,8 @@ static int x509_get_crl_ext( unsigned char **p,
const unsigned char *end,
x509_buf *ext )
{
- int ret, len;
+ int ret;
+ size_t len;
if( ( ret = x509_get_ext( p, end, ext ) ) != 0 )
{
@@ -778,7 +792,8 @@ static int x509_get_basic_constraints( unsigned char **p,
int *ca_istrue,
int *max_pathlen )
{
- int ret, len;
+ int ret;
+ size_t len;
/*
* BasicConstraints ::= SEQUENCE {
@@ -893,7 +908,8 @@ static int x509_get_crt_ext( unsigned char **p,
const unsigned char *end,
x509_cert *crt )
{
- int ret, len;
+ int ret;
+ size_t len;
unsigned char *end_ext_data, *end_ext_octet;
if( ( ret = x509_get_ext( p, end, &crt->v3_ext ) ) != 0 )
@@ -1017,7 +1033,8 @@ static int x509_get_entries( unsigned char **p,
const unsigned char *end,
x509_crl_entry *entry )
{
- int ret, entry_len;
+ int ret;
+ size_t entry_len;
x509_crl_entry *cur_entry = entry;
if( *p == end )
@@ -1036,7 +1053,7 @@ static int x509_get_entries( unsigned char **p,
while( *p < end )
{
- int len2;
+ size_t len2;
if( ( ret = asn1_get_tag( p, end, &len2,
ASN1_SEQUENCE | ASN1_CONSTRUCTED ) ) != 0 )
@@ -1100,9 +1117,10 @@ static int x509_get_sig_alg( const x509_buf *sig_oid, int *sig_alg )
/*
* Parse one or more certificates and add them to the chained list
*/
-int x509parse_crt( x509_cert *chain, const unsigned char *buf, int buflen )
+int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen )
{
- int ret, len, use_len;
+ int ret;
+ size_t len, use_len;
unsigned char *p, *end;
x509_cert *crt;
#if defined(POLARSSL_PEM_C)
@@ -1207,7 +1225,7 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, int buflen )
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT );
}
- if( len != (int) ( end - p ) )
+ if( len != (size_t) ( end - p ) )
{
x509_free( crt );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT |
@@ -1436,9 +1454,10 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, int buflen )
/*
* Parse one or more CRLs and add them to the chained list
*/
-int x509parse_crl( x509_crl *chain, const unsigned char *buf, int buflen )
+int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen )
{
- int ret, len, use_len;
+ int ret;
+ size_t len, use_len;
unsigned char *p, *end;
x509_crl *crl;
#if defined(POLARSSL_PEM_C)
@@ -1543,7 +1562,7 @@ int x509parse_crl( x509_crl *chain, const unsigned char *buf, int buflen )
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT );
}
- if( len != (int) ( end - p ) )
+ if( len != (size_t) ( end - p ) )
{
x509_crl_free( crl );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT |
@@ -1794,10 +1813,11 @@ int x509parse_crlfile( x509_crl *chain, const char *path )
/*
* Parse a private RSA key
*/
-int x509parse_key( rsa_context *rsa, const unsigned char *key, int keylen,
- const unsigned char *pwd, int pwdlen )
+int x509parse_key( rsa_context *rsa, const unsigned char *key, size_t keylen,
+ const unsigned char *pwd, size_t pwdlen )
{
- int ret, len;
+ int ret;
+ size_t len;
unsigned char *p, *end;
#if defined(POLARSSL_PEM_C)
pem_context pem;
@@ -1942,9 +1962,10 @@ int x509parse_keyfile( rsa_context *rsa, const char *path, const char *pwd )
/*
* Parse a public RSA key
*/
-int x509parse_public_key( rsa_context *rsa, const unsigned char *key, int keylen )
+int x509parse_public_key( rsa_context *rsa, const unsigned char *key, size_t keylen )
{
- int ret, len;
+ int ret;
+ size_t len;
unsigned char *p, *end;
x509_buf alg_oid;
#if defined(POLARSSL_PEM_C)
@@ -2053,9 +2074,10 @@ int x509parse_public_keyfile( rsa_context *rsa, const char *path )
/*
* Parse DHM parameters
*/
-int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, int dhminlen )
+int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen )
{
- int ret, len;
+ int ret;
+ size_t len;
unsigned char *p, *end;
#if defined(POLARSSL_PEM_C)
pem_context pem;
@@ -2180,7 +2202,7 @@ int compat_snprintf(char *str, size_t size, const char *format, ...)
// No quick fix possible
if ( res < 0 )
- return( size + 20 );
+ return( (int) size + 20 );
return res;
}
@@ -2195,13 +2217,13 @@ int compat_snprintf(char *str, size_t size, const char *format, ...)
if( ret == -1 ) \
return( -1 ); \
\
- if ( ret > n ) { \
+ if ( (unsigned int) ret > n ) { \
p[n - 1] = '\0'; \
return POLARSSL_ERR_DEBUG_BUF_TOO_SMALL;\
} \
\
- n -= ret; \
- p += ret; \
+ n -= (unsigned int) ret; \
+ p += (unsigned int) ret; \
}
/*
@@ -2210,7 +2232,8 @@ int compat_snprintf(char *str, size_t size, const char *format, ...)
*/
int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn )
{
- int i, ret, n;
+ int ret;
+ size_t i, n;
unsigned char c;
const x509_name *name;
char s[128], *p;
@@ -2294,7 +2317,7 @@ int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn )
name = name->next;
}
- return( size - n );
+ return( (int) ( size - n ) );
}
/*
@@ -2303,7 +2326,8 @@ int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn )
*/
int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial )
{
- int i, ret, nr, n;
+ int ret;
+ size_t i, n, nr;
char *p;
p = buf;
@@ -2319,7 +2343,7 @@ int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial )
SAFE_SNPRINTF();
}
- return( size - n );
+ return( (int) ( size - n ) );
}
/*
@@ -2328,7 +2352,8 @@ int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial )
int x509parse_cert_info( char *buf, size_t size, const char *prefix,
const x509_cert *crt )
{
- int n, ret;
+ int ret;
+ size_t n;
char *p;
p = buf;
@@ -2389,7 +2414,7 @@ int x509parse_cert_info( char *buf, size_t size, const char *prefix,
crt->rsa.N.n * (int) sizeof( unsigned long ) * 8 );
SAFE_SNPRINTF();
- return( size - n );
+ return( (int) ( size - n ) );
}
/* Compare a given OID string with an OID x509_buf * */
@@ -2429,7 +2454,8 @@ const char *x509_oid_get_description( x509_buf *oid )
/* Return the x.y.z.... style numeric string for the given OID */
int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid )
{
- int ret, n, i;
+ int ret;
+ size_t i, n;
unsigned int value;
char *p;
@@ -2445,7 +2471,7 @@ int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid )
/* TODO: value can overflow in value. */
value = 0;
- for( i=1; i < oid->len; i++ )
+ for( i = 1; i < oid->len; i++ )
{
value <<= 7;
value += oid->p[i] & 0x7F;
@@ -2459,7 +2485,7 @@ int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid )
}
}
- return( size - n );
+ return( (int) ( size - n ) );
}
/*
@@ -2468,7 +2494,8 @@ int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid )
int x509parse_crl_info( char *buf, size_t size, const char *prefix,
const x509_crl *crl )
{
- int i, n, nr, ret;
+ int ret;
+ size_t i, n, nr;
char *p;
const x509_crl_entry *entry;
@@ -2550,7 +2577,7 @@ int x509parse_crl_info( char *buf, size_t size, const char *prefix,
ret = snprintf( p, n, "\n" );
SAFE_SNPRINTF();
- return( size - n );
+ return( (int) ( size - n ) );
}
/*
@@ -2627,7 +2654,7 @@ int x509parse_revoked( const x509_cert *crt, const x509_crl *crl )
*
* \param out Buffer to receive the hash (Should be at least 64 bytes)
*/
-static void x509_hash( const unsigned char *in, int len, int alg,
+static void x509_hash( const unsigned char *in, size_t len, int alg,
unsigned char *out )
{
switch( alg )
@@ -2731,7 +2758,7 @@ int x509parse_verify( x509_cert *crt,
int (*f_vrfy)(void *, x509_cert *, int, int),
void *p_vrfy )
{
- int cn_len;
+ size_t cn_len;
int hash_id;
int pathlen;
x509_cert *parent;
@@ -2999,7 +3026,9 @@ void x509_crl_free( x509_crl *crl )
int x509_self_test( int verbose )
{
#if defined(POLARSSL_MD5_C)
- int ret, i, j;
+ int ret;
+ int flags;
+ size_t i, j;
x509_cert cacert;
x509_cert clicert;
rsa_context rsa;
@@ -3053,10 +3082,10 @@ int x509_self_test( int verbose )
if( verbose != 0 )
printf( "passed\n X.509 signature verify: ");
- ret = x509parse_verify( &clicert, &cacert, NULL, "PolarSSL Client 2", &i, NULL, NULL );
+ ret = x509parse_verify( &clicert, &cacert, NULL, "PolarSSL Client 2", &flags, NULL, NULL );
if( ret != 0 )
{
- printf("%02x", i);
+ printf("%02x", flags);
if( verbose != 0 )
printf( "failed\n" );
diff --git a/library/xtea.c b/library/xtea.c
index 036948d04..bc473e527 100644
--- a/library/xtea.c
+++ b/library/xtea.c
@@ -29,8 +29,6 @@
#include "polarssl/xtea.h"
-#include
-
/*
* 32-bit integer manipulation macros (big endian)
*/
@@ -38,9 +36,9 @@
#define GET_ULONG_BE(n,b,i) \
{ \
(n) = ( (unsigned long) (b)[(i) ] << 24 ) \
- | ( (unsigned long) (b)[(i) + 1] << 16 ) \
- | ( (unsigned long) (b)[(i) + 2] << 8 ) \
- | ( (unsigned long) (b)[(i) + 3] ); \
+ | ( (unsigned long) (b)[(i) + 1] << 16 ) \
+ | ( (unsigned long) (b)[(i) + 2] << 8 ) \
+ | ( (unsigned long) (b)[(i) + 3] ); \
}
#endif
@@ -65,7 +63,7 @@ void xtea_setup( xtea_context *ctx, unsigned char key[16] )
for( i = 0; i < 4; i++ )
{
- GET_ULONG_BE( ctx->k[i], key, i << 2 );
+ GET_ULONG_BE( ctx->k[i], key, i << 2 );
}
}
@@ -84,25 +82,25 @@ int xtea_crypt_ecb( xtea_context *ctx, int mode, unsigned char input[8],
if( mode == XTEA_ENCRYPT )
{
- uint32_t sum = 0, delta = 0x9E3779B9;
+ uint32_t sum = 0, delta = 0x9E3779B9;
- for( i = 0; i < 32; i++ )
- {
- v0 += (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]);
- sum += delta;
- v1 += (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]);
- }
+ for( i = 0; i < 32; i++ )
+ {
+ v0 += (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]);
+ sum += delta;
+ v1 += (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]);
+ }
}
else /* XTEA_DECRYPT */
{
- uint32_t delta = 0x9E3779B9, sum = delta * 32;
+ uint32_t delta = 0x9E3779B9, sum = delta * 32;
- for( i = 0; i < 32; i++ )
- {
- v1 -= (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]);
- sum -= delta;
- v0 -= (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]);
- }
+ for( i = 0; i < 32; i++ )
+ {
+ v1 -= (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]);
+ sum -= delta;
+ v0 -= (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]);
+ }
}
PUT_ULONG_BE( v0, output, 0 );
@@ -116,7 +114,7 @@ int xtea_crypt_ecb( xtea_context *ctx, int mode, unsigned char input[8],
*/
int xtea_crypt_cbc( xtea_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[8],
unsigned char *input,
unsigned char *output)
diff --git a/programs/aes/aescrypt2.c b/programs/aes/aescrypt2.c
index e761554fc..59caf30a4 100644
--- a/programs/aes/aescrypt2.c
+++ b/programs/aes/aescrypt2.c
@@ -55,7 +55,8 @@
int main( int argc, char *argv[] )
{
int ret = 1, i, n;
- int keylen, mode, lastn;
+ int mode, lastn;
+ size_t keylen;
FILE *fkey, *fin = NULL, *fout = NULL;
char *p;
diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c
index 4f1b2eca2..afd85a75f 100644
--- a/programs/aes/crypt_and_hash.c
+++ b/programs/aes/crypt_and_hash.c
@@ -56,7 +56,8 @@
int main( int argc, char *argv[] )
{
int ret = 1, i, n;
- int keylen, mode, lastn, olen;
+ int mode, lastn;
+ size_t keylen, olen;
FILE *fkey, *fin = NULL, *fout = NULL;
char *p;
@@ -291,7 +292,7 @@ int main( int argc, char *argv[] )
for( offset = 0; offset < filesize; offset += cipher_get_block_size( &cipher_ctx ) )
{
n = ( filesize - offset > cipher_get_block_size( &cipher_ctx ) ) ?
- cipher_get_block_size( &cipher_ctx ) : (int) ( filesize - offset );
+ cipher_get_block_size( &cipher_ctx ) : (unsigned int) ( filesize - offset );
if( fread( buffer, 1, n, fin ) != (size_t) n )
{
diff --git a/programs/hash/generic_sum.c b/programs/hash/generic_sum.c
index add0ecd6e..9437ce844 100644
--- a/programs/hash/generic_sum.c
+++ b/programs/hash/generic_sum.c
@@ -83,7 +83,7 @@ static int generic_check( const md_info_t *md_info, char *filename )
n = sizeof( line );
- while( fgets( line, n - 1, f ) != NULL )
+ while( fgets( line, (int) n - 1, f ) != NULL )
{
n = strlen( line );
diff --git a/programs/hash/md5sum.c b/programs/hash/md5sum.c
index 0b9d0041c..2d72d9914 100644
--- a/programs/hash/md5sum.c
+++ b/programs/hash/md5sum.c
@@ -83,7 +83,7 @@ static int md5_check( char *filename )
n = sizeof( line );
- while( fgets( line, n - 1, f ) != NULL )
+ while( fgets( line, (int) n - 1, f ) != NULL )
{
n = strlen( line );
diff --git a/programs/hash/sha1sum.c b/programs/hash/sha1sum.c
index 954568b7a..03b7766ea 100644
--- a/programs/hash/sha1sum.c
+++ b/programs/hash/sha1sum.c
@@ -83,7 +83,7 @@ static int sha1_check( char *filename )
n = sizeof( line );
- while( fgets( line, n - 1, f ) != NULL )
+ while( fgets( line, (int) n - 1, f ) != NULL )
{
n = strlen( line );
diff --git a/programs/hash/sha2sum.c b/programs/hash/sha2sum.c
index 6d07f0d80..b36929535 100644
--- a/programs/hash/sha2sum.c
+++ b/programs/hash/sha2sum.c
@@ -83,7 +83,7 @@ static int sha2_check( char *filename )
n = sizeof( line );
- while( fgets( line, n - 1, f ) != NULL )
+ while( fgets( line, (int) n - 1, f ) != NULL )
{
n = strlen( line );
diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c
index 8b9ced4c7..20018982c 100644
--- a/programs/pkey/dh_client.c
+++ b/programs/pkey/dh_client.c
@@ -44,7 +44,8 @@ int main( void )
{
FILE *f;
- int ret, n, buflen;
+ int ret;
+ size_t n, buflen;
int server_fd = -1;
unsigned char *p, *end;
@@ -123,7 +124,7 @@ int main( void )
}
n = buflen = ( buf[0] << 8 ) | buf[1];
- if( buflen < 1 || buflen > (int) sizeof( buf ) )
+ if( buflen < 1 || buflen > sizeof( buf ) )
{
printf( " failed\n ! Got an invalid buffer length\n\n" );
goto exit;
@@ -134,7 +135,7 @@ int main( void )
*/
memset( buf, 0, sizeof( buf ) );
- if( ( ret = net_recv( &server_fd, buf, n ) ) != n )
+ if( ( ret = net_recv( &server_fd, buf, n ) ) != (int) n )
{
printf( " failed\n ! net_recv returned %d\n\n", ret );
goto exit;
@@ -162,7 +163,7 @@ int main( void )
printf( "\n . Verifying the server's RSA signature" );
fflush( stdout );
- if( ( n = (int)( end - p ) ) != rsa.len )
+ if( ( n = (size_t) ( end - p ) ) != rsa.len )
{
ret = 1;
printf( " failed\n ! Invalid RSA signature size\n\n" );
@@ -192,7 +193,7 @@ int main( void )
goto exit;
}
- if( ( ret = net_send( &server_fd, buf, n ) ) != n )
+ if( ( ret = net_send( &server_fd, buf, n ) ) != (int) n )
{
printf( " failed\n ! net_send returned %d\n\n", ret );
goto exit;
diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c
index f09357699..dd6b348d7 100644
--- a/programs/pkey/dh_server.c
+++ b/programs/pkey/dh_server.c
@@ -44,7 +44,8 @@ int main( void )
{
FILE *f;
- int ret, n, buflen;
+ int ret;
+ size_t n, buflen;
int listen_fd = -1;
int client_fd = -1;
@@ -177,7 +178,7 @@ int main( void )
buf2[1] = (unsigned char)( buflen );
if( ( ret = net_send( &client_fd, buf2, 2 ) ) != 2 ||
- ( ret = net_send( &client_fd, buf, buflen ) ) != buflen )
+ ( ret = net_send( &client_fd, buf, buflen ) ) != (int) buflen )
{
printf( " failed\n ! net_send returned %d\n\n", ret );
goto exit;
@@ -192,7 +193,7 @@ int main( void )
memset( buf, 0, sizeof( buf ) );
n = dhm.len;
- if( ( ret = net_recv( &client_fd, buf, n ) ) != n )
+ if( ( ret = net_recv( &client_fd, buf, n ) ) != (int) n )
{
printf( " failed\n ! net_recv returned %d\n\n", ret );
goto exit;
diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c
index 344d030e2..c283514cf 100644
--- a/programs/pkey/rsa_sign.c
+++ b/programs/pkey/rsa_sign.c
@@ -36,7 +36,8 @@
int main( int argc, char *argv[] )
{
FILE *f;
- int ret, i;
+ int ret;
+ size_t i;
rsa_context rsa;
unsigned char hash[20];
unsigned char buf[512];
diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c
index 84cb84e76..7f52a0985 100644
--- a/programs/pkey/rsa_verify.c
+++ b/programs/pkey/rsa_verify.c
@@ -36,7 +36,8 @@
int main( int argc, char *argv[] )
{
FILE *f;
- int ret, i, c;
+ int ret, c;
+ size_t i;
rsa_context rsa;
unsigned char hash[20];
unsigned char buf[512];
diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c
index ce07707d4..cde83c254 100644
--- a/programs/pkey/rsa_verify_pss.c
+++ b/programs/pkey/rsa_verify_pss.c
@@ -43,7 +43,8 @@
int main( int argc, char *argv[] )
{
FILE *f;
- int ret, i;
+ int ret;
+ size_t i;
rsa_context rsa;
unsigned char hash[20];
unsigned char buf[512];
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 15a0bb0a9..353c21cde 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -92,7 +92,8 @@ int main( int argc, char *argv[] )
x509_cert cacert;
x509_cert clicert;
rsa_context rsa;
- int i, j, n;
+ int i;
+ size_t j, n;
char *p, *q;
const int *list;
diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index 34c065ccf..de18c46a7 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -4,7 +4,7 @@ END_HEADER
BEGIN_CASE
enc_dec_buf:cipher_id:cipher_string:key_len:length:
- int length = {length};
+ size_t length = {length};
unsigned char key[32];
unsigned char iv[16];
@@ -16,8 +16,8 @@ enc_dec_buf:cipher_id:cipher_string:key_len:length:
unsigned char encbuf[64];
unsigned char decbuf[64];
- int outlen = 0;
- int enclen = 0;
+ size_t outlen = 0;
+ size_t enclen = 0;
memset( key, 0, 32 );
memset( iv , 0, 16 );
@@ -107,9 +107,9 @@ END_CASE
BEGIN_CASE
enc_dec_buf_multipart:cipher_id:key_len:first_length:second_length:
- int first_length = {first_length};
- int second_length = {second_length};
- int length = first_length + second_length;
+ size_t first_length = {first_length};
+ size_t second_length = {second_length};
+ size_t length = first_length + second_length;
unsigned char key[32];
unsigned char iv[16];
@@ -121,9 +121,9 @@ enc_dec_buf_multipart:cipher_id:key_len:first_length:second_length:
unsigned char encbuf[64];
unsigned char decbuf[64];
- int outlen = 0;
- int totaloutlen = 0;
- int enclen = 0;
+ size_t outlen = 0;
+ size_t totaloutlen = 0;
+ size_t enclen = 0;
memset( key, 0, 32 );
memset( iv , 0, 16 );