Fixed const correctness issues that have no impact on the ABI

This commit is contained in:
Paul Bakker 2013-06-06 12:35:54 +02:00
parent f92263021c
commit eae09db9e5
14 changed files with 65 additions and 76 deletions

View File

@ -5,6 +5,7 @@ Bugfix
* Secure renegotiation extension should only be sent in case client * Secure renegotiation extension should only be sent in case client
supports secure renegotiation supports secure renegotiation
* Fixed offset for cert_type list in ssl_parse_certificate_request() * Fixed offset for cert_type list in ssl_parse_certificate_request()
* Fixed const correctness issues that have no impact on the ABI
= Version 1.2.7 released 2013-04-13 = Version 1.2.7 released 2013-04-13
Features Features

View File

@ -27,6 +27,8 @@
#ifndef POLARSSL_ERROR_H #ifndef POLARSSL_ERROR_H
#define POLARSSL_ERROR_H #define POLARSSL_ERROR_H
#include <string.h>
/** /**
* Error code layout. * Error code layout.
* *

View File

@ -143,7 +143,7 @@ int arc4_self_test( int verbose )
memcpy( ibuf, arc4_test_pt[i], 8 ); memcpy( ibuf, arc4_test_pt[i], 8 );
arc4_setup( &ctx, (unsigned char *) arc4_test_key[i], 8 ); arc4_setup( &ctx, arc4_test_key[i], 8 );
arc4_crypt( &ctx, 8, ibuf, obuf ); arc4_crypt( &ctx, 8, ibuf, obuf );
if( memcmp( obuf, arc4_test_ct[i], 8 ) != 0 ) if( memcmp( obuf, arc4_test_ct[i], 8 ) != 0 )

View File

@ -218,13 +218,14 @@ static const unsigned char base64_test_enc[] =
int base64_self_test( int verbose ) int base64_self_test( int verbose )
{ {
size_t len; size_t len;
unsigned char *src, buffer[128]; const unsigned char *src;
unsigned char buffer[128];
if( verbose != 0 ) if( verbose != 0 )
printf( " Base64 encoding test: " ); printf( " Base64 encoding test: " );
len = sizeof( buffer ); len = sizeof( buffer );
src = (unsigned char *) base64_test_dec; src = base64_test_dec;
if( base64_encode( buffer, &len, src, 64 ) != 0 || if( base64_encode( buffer, &len, src, 64 ) != 0 ||
memcmp( base64_test_enc, buffer, 88 ) != 0 ) memcmp( base64_test_enc, buffer, 88 ) != 0 )
@ -239,7 +240,7 @@ int base64_self_test( int verbose )
printf( "passed\n Base64 decoding test: " ); printf( "passed\n Base64 decoding test: " );
len = sizeof( buffer ); len = sizeof( buffer );
src = (unsigned char *) base64_test_enc; src = base64_test_enc;
if( base64_decode( buffer, &len, src, 88 ) != 0 || if( base64_decode( buffer, &len, src, 88 ) != 0 ||
memcmp( base64_test_dec, buffer, 64 ) != 0 ) memcmp( base64_test_dec, buffer, 64 ) != 0 )

View File

@ -838,27 +838,27 @@ int des_self_test( int verbose )
switch( i ) switch( i )
{ {
case 0: case 0:
des_setkey_dec( &ctx, (unsigned char *) des3_test_keys ); des_setkey_dec( &ctx, des3_test_keys );
break; break;
case 1: case 1:
des_setkey_enc( &ctx, (unsigned char *) des3_test_keys ); des_setkey_enc( &ctx, des3_test_keys );
break; break;
case 2: case 2:
des3_set2key_dec( &ctx3, (unsigned char *) des3_test_keys ); des3_set2key_dec( &ctx3, des3_test_keys );
break; break;
case 3: case 3:
des3_set2key_enc( &ctx3, (unsigned char *) des3_test_keys ); des3_set2key_enc( &ctx3, des3_test_keys );
break; break;
case 4: case 4:
des3_set3key_dec( &ctx3, (unsigned char *) des3_test_keys ); des3_set3key_dec( &ctx3, des3_test_keys );
break; break;
case 5: case 5:
des3_set3key_enc( &ctx3, (unsigned char *) des3_test_keys ); des3_set3key_enc( &ctx3, des3_test_keys );
break; break;
default: default:
@ -911,27 +911,27 @@ int des_self_test( int verbose )
switch( i ) switch( i )
{ {
case 0: case 0:
des_setkey_dec( &ctx, (unsigned char *) des3_test_keys ); des_setkey_dec( &ctx, des3_test_keys );
break; break;
case 1: case 1:
des_setkey_enc( &ctx, (unsigned char *) des3_test_keys ); des_setkey_enc( &ctx, des3_test_keys );
break; break;
case 2: case 2:
des3_set2key_dec( &ctx3, (unsigned char *) des3_test_keys ); des3_set2key_dec( &ctx3, des3_test_keys );
break; break;
case 3: case 3:
des3_set2key_enc( &ctx3, (unsigned char *) des3_test_keys ); des3_set2key_enc( &ctx3, des3_test_keys );
break; break;
case 4: case 4:
des3_set3key_dec( &ctx3, (unsigned char *) des3_test_keys ); des3_set3key_dec( &ctx3, des3_test_keys );
break; break;
case 5: case 5:
des3_set3key_enc( &ctx3, (unsigned char *) des3_test_keys ); des3_set3key_enc( &ctx3, des3_test_keys );
break; break;
default: default:

View File

@ -27,6 +27,8 @@
#if defined(POLARSSL_ERROR_C) #if defined(POLARSSL_ERROR_C)
#include "polarssl/error.h"
#if defined(POLARSSL_AES_C) #if defined(POLARSSL_AES_C)
#include "polarssl/aes.h" #include "polarssl/aes.h"
#endif #endif

View File

@ -191,7 +191,6 @@ int gcm_crypt_and_tag( gcm_context *ctx,
size_t use_len; size_t use_len;
uint64_t orig_len = length * 8; uint64_t orig_len = length * 8;
uint64_t orig_add_len = add_len * 8; uint64_t orig_add_len = add_len * 8;
unsigned char **xor_p;
memset( y, 0x00, 16 ); memset( y, 0x00, 16 );
memset( work_buf, 0x00, 16 ); memset( work_buf, 0x00, 16 );
@ -204,11 +203,6 @@ int gcm_crypt_and_tag( gcm_context *ctx,
return( POLARSSL_ERR_GCM_BAD_INPUT ); return( POLARSSL_ERR_GCM_BAD_INPUT );
} }
if( mode == GCM_ENCRYPT )
xor_p = (unsigned char **) &out_p;
else
xor_p = (unsigned char **) &p;
if( iv_len == 12 ) if( iv_len == 12 )
{ {
memcpy( y, iv, iv_len ); memcpy( y, iv, iv_len );
@ -270,7 +264,10 @@ int gcm_crypt_and_tag( gcm_context *ctx,
for( i = 0; i < use_len; i++ ) for( i = 0; i < use_len; i++ )
{ {
out_p[i] = ectr[i] ^ p[i]; out_p[i] = ectr[i] ^ p[i];
buf[i] ^= (*xor_p)[i]; if( mode == GCM_ENCRYPT )
buf[i] ^= out_p[i];
else
buf[i] ^= p[i];
} }
gcm_mult( ctx, buf, buf ); gcm_mult( ctx, buf, buf );

View File

@ -220,8 +220,7 @@ void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen )
if( left && ilen >= fill ) if( left && ilen >= fill )
{ {
memcpy( (void *) (ctx->buffer + left), memcpy( (void *) (ctx->buffer + left), input, fill );
(void *) input, fill );
md5_process( ctx, ctx->buffer ); md5_process( ctx, ctx->buffer );
input += fill; input += fill;
ilen -= fill; ilen -= fill;
@ -237,8 +236,7 @@ void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen )
if( ilen > 0 ) if( ilen > 0 )
{ {
memcpy( (void *) (ctx->buffer + left), memcpy( (void *) (ctx->buffer + left), input, ilen );
(void *) input, ilen );
} }
} }
@ -269,7 +267,7 @@ void md5_finish( md5_context *ctx, unsigned char output[16] )
last = ctx->total[0] & 0x3F; last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
md5_update( ctx, (unsigned char *) md5_padding, padn ); md5_update( ctx, md5_padding, padn );
md5_update( ctx, msglen, 8 ); md5_update( ctx, msglen, 8 );
PUT_UINT32_LE( ctx->state[0], output, 0 ); PUT_UINT32_LE( ctx->state[0], output, 0 );

View File

@ -195,12 +195,12 @@ int pem_read_buffer( pem_context *ctx, char *header, char *footer, const unsigne
if( ctx == NULL ) if( ctx == NULL )
return( POLARSSL_ERR_PEM_INVALID_DATA ); return( POLARSSL_ERR_PEM_INVALID_DATA );
s1 = (unsigned char *) strstr( (char *) data, header ); s1 = (unsigned char *) strstr( (const char *) data, header );
if( s1 == NULL ) if( s1 == NULL )
return( POLARSSL_ERR_PEM_NO_HEADER_PRESENT ); return( POLARSSL_ERR_PEM_NO_HEADER_PRESENT );
s2 = (unsigned char *) strstr( (char *) data, footer ); s2 = (unsigned char *) strstr( (const char *) data, footer );
if( s2 == NULL || s2 <= s1 ) if( s2 == NULL || s2 <= s1 )
return( POLARSSL_ERR_PEM_INVALID_DATA ); return( POLARSSL_ERR_PEM_INVALID_DATA );

View File

@ -254,8 +254,7 @@ void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen )
if( left && ilen >= fill ) if( left && ilen >= fill )
{ {
memcpy( (void *) (ctx->buffer + left), memcpy( (void *) (ctx->buffer + left), input, fill );
(void *) input, fill );
sha1_process( ctx, ctx->buffer ); sha1_process( ctx, ctx->buffer );
input += fill; input += fill;
ilen -= fill; ilen -= fill;
@ -270,10 +269,7 @@ void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen )
} }
if( ilen > 0 ) if( ilen > 0 )
{ memcpy( (void *) (ctx->buffer + left), input, ilen );
memcpy( (void *) (ctx->buffer + left),
(void *) input, ilen );
}
} }
static const unsigned char sha1_padding[64] = static const unsigned char sha1_padding[64] =
@ -303,7 +299,7 @@ void sha1_finish( sha1_context *ctx, unsigned char output[20] )
last = ctx->total[0] & 0x3F; last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
sha1_update( ctx, (unsigned char *) sha1_padding, padn ); sha1_update( ctx, sha1_padding, padn );
sha1_update( ctx, msglen, 8 ); sha1_update( ctx, msglen, 8 );
PUT_UINT32_BE( ctx->state[0], output, 0 ); PUT_UINT32_BE( ctx->state[0], output, 0 );

View File

@ -250,8 +250,7 @@ void sha2_update( sha2_context *ctx, const unsigned char *input, size_t ilen )
if( left && ilen >= fill ) if( left && ilen >= fill )
{ {
memcpy( (void *) (ctx->buffer + left), memcpy( (void *) (ctx->buffer + left), input, fill );
(void *) input, fill );
sha2_process( ctx, ctx->buffer ); sha2_process( ctx, ctx->buffer );
input += fill; input += fill;
ilen -= fill; ilen -= fill;
@ -266,10 +265,7 @@ void sha2_update( sha2_context *ctx, const unsigned char *input, size_t ilen )
} }
if( ilen > 0 ) if( ilen > 0 )
{ memcpy( (void *) (ctx->buffer + left), input, ilen );
memcpy( (void *) (ctx->buffer + left),
(void *) input, ilen );
}
} }
static const unsigned char sha2_padding[64] = static const unsigned char sha2_padding[64] =
@ -299,7 +295,7 @@ void sha2_finish( sha2_context *ctx, unsigned char output[32] )
last = ctx->total[0] & 0x3F; last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
sha2_update( ctx, (unsigned char *) sha2_padding, padn ); sha2_update( ctx, sha2_padding, padn );
sha2_update( ctx, msglen, 8 ); sha2_update( ctx, msglen, 8 );
PUT_UINT32_BE( ctx->state[0], output, 0 ); PUT_UINT32_BE( ctx->state[0], output, 0 );

View File

@ -242,8 +242,7 @@ void sha4_update( sha4_context *ctx, const unsigned char *input, size_t ilen )
if( left && ilen >= fill ) if( left && ilen >= fill )
{ {
memcpy( (void *) (ctx->buffer + left), memcpy( (void *) (ctx->buffer + left), input, fill );
(void *) input, fill );
sha4_process( ctx, ctx->buffer ); sha4_process( ctx, ctx->buffer );
input += fill; input += fill;
ilen -= fill; ilen -= fill;
@ -258,10 +257,7 @@ void sha4_update( sha4_context *ctx, const unsigned char *input, size_t ilen )
} }
if( ilen > 0 ) if( ilen > 0 )
{ memcpy( (void *) (ctx->buffer + left), input, ilen );
memcpy( (void *) (ctx->buffer + left),
(void *) input, ilen );
}
} }
static const unsigned char sha4_padding[128] = static const unsigned char sha4_padding[128] =
@ -295,7 +291,7 @@ void sha4_finish( sha4_context *ctx, unsigned char output[64] )
last = (size_t)( ctx->total[0] & 0x7F ); last = (size_t)( ctx->total[0] & 0x7F );
padn = ( last < 112 ) ? ( 112 - last ) : ( 240 - last ); padn = ( last < 112 ) ? ( 112 - last ) : ( 240 - last );
sha4_update( ctx, (unsigned char *) sha4_padding, padn ); sha4_update( ctx, sha4_padding, padn );
sha4_update( ctx, msglen, 16 ); sha4_update( ctx, msglen, 16 );
PUT_UINT64_BE( ctx->state[0], output, 0 ); PUT_UINT64_BE( ctx->state[0], output, 0 );

View File

@ -2521,7 +2521,7 @@ static void ssl_update_checksum_sha384( ssl_context *ssl, unsigned char *buf,
static void ssl_calc_finished_ssl( static void ssl_calc_finished_ssl(
ssl_context *ssl, unsigned char *buf, int from ) ssl_context *ssl, unsigned char *buf, int from )
{ {
char *sender; const char *sender;
md5_context md5; md5_context md5;
sha1_context sha1; sha1_context sha1;
@ -2553,17 +2553,17 @@ static void ssl_calc_finished_ssl(
SSL_DEBUG_BUF( 4, "finished sha1 state", (unsigned char *) SSL_DEBUG_BUF( 4, "finished sha1 state", (unsigned char *)
sha1.state, sizeof( sha1.state ) ); sha1.state, sizeof( sha1.state ) );
sender = ( from == SSL_IS_CLIENT ) ? (char *) "CLNT" sender = ( from == SSL_IS_CLIENT ) ? "CLNT"
: (char *) "SRVR"; : "SRVR";
memset( padbuf, 0x36, 48 ); memset( padbuf, 0x36, 48 );
md5_update( &md5, (unsigned char *) sender, 4 ); md5_update( &md5, (const unsigned char *) sender, 4 );
md5_update( &md5, session->master, 48 ); md5_update( &md5, session->master, 48 );
md5_update( &md5, padbuf, 48 ); md5_update( &md5, padbuf, 48 );
md5_finish( &md5, md5sum ); md5_finish( &md5, md5sum );
sha1_update( &sha1, (unsigned char *) sender, 4 ); sha1_update( &sha1, (const unsigned char *) sender, 4 );
sha1_update( &sha1, session->master, 48 ); sha1_update( &sha1, session->master, 48 );
sha1_update( &sha1, padbuf, 40 ); sha1_update( &sha1, padbuf, 40 );
sha1_finish( &sha1, sha1sum ); sha1_finish( &sha1, sha1sum );
@ -2598,7 +2598,7 @@ static void ssl_calc_finished_tls(
ssl_context *ssl, unsigned char *buf, int from ) ssl_context *ssl, unsigned char *buf, int from )
{ {
int len = 12; int len = 12;
char *sender; const char *sender;
md5_context md5; md5_context md5;
sha1_context sha1; sha1_context sha1;
unsigned char padbuf[36]; unsigned char padbuf[36];
@ -2625,13 +2625,13 @@ static void ssl_calc_finished_tls(
sha1.state, sizeof( sha1.state ) ); sha1.state, sizeof( sha1.state ) );
sender = ( from == SSL_IS_CLIENT ) sender = ( from == SSL_IS_CLIENT )
? (char *) "client finished" ? "client finished"
: (char *) "server finished"; : "server finished";
md5_finish( &md5, padbuf ); md5_finish( &md5, padbuf );
sha1_finish( &sha1, padbuf + 16 ); sha1_finish( &sha1, padbuf + 16 );
ssl->handshake->tls_prf( session->master, 48, sender, ssl->handshake->tls_prf( session->master, 48, (char *) sender,
padbuf, 36, buf, len ); padbuf, 36, buf, len );
SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
@ -2648,7 +2648,7 @@ static void ssl_calc_finished_tls_sha256(
ssl_context *ssl, unsigned char *buf, int from ) ssl_context *ssl, unsigned char *buf, int from )
{ {
int len = 12; int len = 12;
char *sender; const char *sender;
sha2_context sha2; sha2_context sha2;
unsigned char padbuf[32]; unsigned char padbuf[32];
@ -2670,12 +2670,12 @@ static void ssl_calc_finished_tls_sha256(
sha2.state, sizeof( sha2.state ) ); sha2.state, sizeof( sha2.state ) );
sender = ( from == SSL_IS_CLIENT ) sender = ( from == SSL_IS_CLIENT )
? (char *) "client finished" ? "client finished"
: (char *) "server finished"; : "server finished";
sha2_finish( &sha2, padbuf ); sha2_finish( &sha2, padbuf );
ssl->handshake->tls_prf( session->master, 48, sender, ssl->handshake->tls_prf( session->master, 48, (char *) sender,
padbuf, 32, buf, len ); padbuf, 32, buf, len );
SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
@ -2692,7 +2692,7 @@ static void ssl_calc_finished_tls_sha384(
ssl_context *ssl, unsigned char *buf, int from ) ssl_context *ssl, unsigned char *buf, int from )
{ {
int len = 12; int len = 12;
char *sender; const char *sender;
sha4_context sha4; sha4_context sha4;
unsigned char padbuf[48]; unsigned char padbuf[48];
@ -2714,12 +2714,12 @@ static void ssl_calc_finished_tls_sha384(
sha4.state, sizeof( sha4.state ) ); sha4.state, sizeof( sha4.state ) );
sender = ( from == SSL_IS_CLIENT ) sender = ( from == SSL_IS_CLIENT )
? (char *) "client finished" ? "client finished"
: (char *) "server finished"; : "server finished";
sha4_finish( &sha4, padbuf ); sha4_finish( &sha4, padbuf );
ssl->handshake->tls_prf( session->master, 48, sender, ssl->handshake->tls_prf( session->master, 48, (char *) sender,
padbuf, 48, buf, len ); padbuf, 48, buf, len );
SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
@ -3232,7 +3232,7 @@ int ssl_set_hostname( ssl_context *ssl, const char *hostname )
if( ssl->hostname == NULL ) if( ssl->hostname == NULL )
return( POLARSSL_ERR_SSL_MALLOC_FAILED ); return( POLARSSL_ERR_SSL_MALLOC_FAILED );
memcpy( ssl->hostname, (unsigned char *) hostname, memcpy( ssl->hostname, (const unsigned char *) hostname,
ssl->hostname_len ); ssl->hostname_len );
ssl->hostname[ssl->hostname_len] = '\0'; ssl->hostname[ssl->hostname_len] = '\0';

View File

@ -1433,7 +1433,7 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen )
* one or more PEM certificates. * one or more PEM certificates.
*/ */
#if defined(POLARSSL_PEM_C) #if defined(POLARSSL_PEM_C)
if( strstr( (char *) buf, "-----BEGIN CERTIFICATE-----" ) != NULL ) if( strstr( (const char *) buf, "-----BEGIN CERTIFICATE-----" ) != NULL )
buf_format = X509_FORMAT_PEM; buf_format = X509_FORMAT_PEM;
#endif #endif
@ -3563,7 +3563,7 @@ int x509_self_test( int verbose )
memset( &clicert, 0, sizeof( x509_cert ) ); memset( &clicert, 0, sizeof( x509_cert ) );
ret = x509parse_crt( &clicert, (unsigned char *) test_cli_crt, ret = x509parse_crt( &clicert, (const unsigned char *) test_cli_crt,
strlen( test_cli_crt ) ); strlen( test_cli_crt ) );
if( ret != 0 ) if( ret != 0 )
{ {
@ -3575,7 +3575,7 @@ int x509_self_test( int verbose )
memset( &cacert, 0, sizeof( x509_cert ) ); memset( &cacert, 0, sizeof( x509_cert ) );
ret = x509parse_crt( &cacert, (unsigned char *) test_ca_crt, ret = x509parse_crt( &cacert, (const unsigned char *) test_ca_crt,
strlen( test_ca_crt ) ); strlen( test_ca_crt ) );
if( ret != 0 ) if( ret != 0 )
{ {
@ -3594,8 +3594,8 @@ int x509_self_test( int verbose )
rsa_init( &rsa, RSA_PKCS_V15, 0 ); rsa_init( &rsa, RSA_PKCS_V15, 0 );
if( ( ret = x509parse_key( &rsa, if( ( ret = x509parse_key( &rsa,
(unsigned char *) test_ca_key, i, (const unsigned char *) test_ca_key, i,
(unsigned char *) test_ca_pwd, j ) ) != 0 ) (const unsigned char *) test_ca_pwd, j ) ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
printf( "failed\n" ); printf( "failed\n" );
@ -3623,7 +3623,7 @@ int x509_self_test( int verbose )
i = strlen( test_dhm_params ); i = strlen( test_dhm_params );
j = strlen( test_ca_pwd ); j = strlen( test_ca_pwd );
if( ( ret = x509parse_dhm( &dhm, (unsigned char *) test_dhm_params, i ) ) != 0 ) if( ( ret = x509parse_dhm( &dhm, (const unsigned char *) test_dhm_params, i ) ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
printf( "failed\n" ); printf( "failed\n" );