- Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops
diff --git a/ChangeLog b/ChangeLog
index e8a7f69..c797eb7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,11 @@
(AES CTR, Camellia CTR, XTEA CBC) including the option to
enable and disable individual modes when needed
+Changes
+ * Major argument / variable rewrite. Introduced use of size_t
+ instead of int for buffer lengths and loop variables for
+ better unsigned / signed use
+
= Version 0.99-pre4 released on 2011-04-01
Features
* Added support for PKCS#1 v2.1 encoding and thus support
diff --git a/include/polarssl/aes.h b/include/polarssl/aes.h
index 40b3a56..4b97568 100644
--- a/include/polarssl/aes.h
+++ b/include/polarssl/aes.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_AES_H
#define POLARSSL_AES_H
+#include <string.h>
+
#define AES_ENCRYPT 1
#define AES_DECRYPT 0
@@ -57,7 +59,7 @@
*
* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH
*/
-int aes_setkey_enc( aes_context *ctx, const unsigned char *key, int keysize );
+int aes_setkey_enc( aes_context *ctx, const unsigned char *key, unsigned int keysize );
/**
* \brief AES key schedule (decryption)
@@ -68,7 +70,7 @@
*
* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH
*/
-int aes_setkey_dec( aes_context *ctx, const unsigned char *key, int keysize );
+int aes_setkey_dec( aes_context *ctx, const unsigned char *key, unsigned int keysize );
/**
* \brief AES-ECB block encryption/decryption
@@ -101,7 +103,7 @@
*/
int aes_crypt_cbc( aes_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output );
@@ -121,7 +123,7 @@
*/
int aes_crypt_cfb128( aes_context *ctx,
int mode,
- int length,
+ size_t length,
int *iv_off,
unsigned char iv[16],
const unsigned char *input,
diff --git a/include/polarssl/arc4.h b/include/polarssl/arc4.h
index 2344c74..48ad60b 100644
--- a/include/polarssl/arc4.h
+++ b/include/polarssl/arc4.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_ARC4_H
#define POLARSSL_ARC4_H
+#include <string.h>
+
/**
* \brief ARC4 context structure
*/
@@ -49,7 +51,7 @@
* \param key the secret key
* \param keylen length of the key
*/
-void arc4_setup( arc4_context *ctx, const unsigned char *key, int keylen );
+void arc4_setup( arc4_context *ctx, const unsigned char *key, unsigned int keylen );
/**
* \brief ARC4 cipher function
@@ -61,7 +63,7 @@
*
* \return 0 if successful
*/
-int arc4_crypt( arc4_context *ctx, int length, const unsigned char *input,
+int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input,
unsigned char *output );
/*
diff --git a/include/polarssl/base64.h b/include/polarssl/base64.h
index 1c6498c..27ba685 100644
--- a/include/polarssl/base64.h
+++ b/include/polarssl/base64.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_BASE64_H
#define POLARSSL_BASE64_H
+#include <string.h>
+
#define POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL 0x0010
#define POLARSSL_ERR_BASE64_INVALID_CHARACTER 0x0012
@@ -49,8 +51,8 @@
* \note Call this function with *dlen = 0 to obtain the
* required buffer size in *dlen
*/
-int base64_encode( unsigned char *dst, int *dlen,
- const unsigned char *src, int slen );
+int base64_encode( unsigned char *dst, size_t *dlen,
+ const unsigned char *src, size_t slen );
/**
* \brief Decode a base64-formatted buffer
@@ -68,8 +70,8 @@
* \note Call this function with *dlen = 0 to obtain the
* required buffer size in *dlen
*/
-int base64_decode( unsigned char *dst, int *dlen,
- const unsigned char *src, int slen );
+int base64_decode( unsigned char *dst, size_t *dlen,
+ const unsigned char *src, size_t slen );
/**
* \brief Checkup routine
diff --git a/include/polarssl/bignum.h b/include/polarssl/bignum.h
index ebc1f8f..909df1d 100644
--- a/include/polarssl/bignum.h
+++ b/include/polarssl/bignum.h
@@ -28,6 +28,7 @@
#define POLARSSL_BIGNUM_H
#include <stdio.h>
+#include <string.h>
#define POLARSSL_ERR_MPI_FILE_IO_ERROR 0x0002
#define POLARSSL_ERR_MPI_BAD_INPUT_DATA 0x0004
@@ -43,13 +44,16 @@
* Define the base integer type, architecture-wise
*/
#if defined(POLARSSL_HAVE_INT8)
+typedef signed char t_s_int;
typedef unsigned char t_int;
typedef unsigned short t_dbl;
#else
#if defined(POLARSSL_HAVE_INT16)
+typedef signed short t_s_int;
typedef unsigned short t_int;
typedef unsigned long t_dbl;
#else
+ typedef signed long t_s_int;
typedef unsigned long t_int;
#if defined(_MSC_VER) && defined(_M_IX86)
typedef unsigned __int64 t_dbl;
@@ -73,7 +77,7 @@
typedef struct
{
int s; /*!< integer sign */
- int n; /*!< total # of limbs */
+ size_t n; /*!< total # of limbs */
t_int *p; /*!< pointer to limbs */
}
mpi;
@@ -101,7 +105,7 @@
* \return 0 if successful,
* 1 if memory allocation failed
*/
-int mpi_grow( mpi *X, int nblimbs );
+int mpi_grow( mpi *X, size_t nblimbs );
/**
* \brief Copy the contents of Y into X
@@ -131,28 +135,28 @@
* \return 0 if successful,
* 1 if memory allocation failed
*/
-int mpi_lset( mpi *X, int z );
+int mpi_lset( mpi *X, t_s_int z );
/**
* \brief Return the number of least significant bits
*
* \param X MPI to use
*/
-int mpi_lsb( const mpi *X );
+size_t mpi_lsb( const mpi *X );
/**
* \brief Return the number of most significant bits
*
* \param X MPI to use
*/
-int mpi_msb( const mpi *X );
+size_t mpi_msb( const mpi *X );
/**
* \brief Return the total size in bytes
*
* \param X MPI to use
*/
-int mpi_size( const mpi *X );
+size_t mpi_size( const mpi *X );
/**
* \brief Import from an ASCII string
@@ -180,7 +184,7 @@
* \note Call this function with *slen = 0 to obtain the
* minimum required buffer size in *slen.
*/
-int mpi_write_string( const mpi *X, int radix, char *s, int *slen );
+int mpi_write_string( const mpi *X, int radix, char *s, size_t *slen );
/**
* \brief Read X from an opened file
@@ -217,7 +221,7 @@
* \return 0 if successful,
* 1 if memory allocation failed
*/
-int mpi_read_binary( mpi *X, const unsigned char *buf, int buflen );
+int mpi_read_binary( mpi *X, const unsigned char *buf, size_t buflen );
/**
* \brief Export X into unsigned binary data, big endian
@@ -229,7 +233,7 @@
* \return 0 if successful,
* POLARSSL_ERR_MPI_BUFFER_TOO_SMALL if buf isn't large enough
*/
-int mpi_write_binary( const mpi *X, unsigned char *buf, int buflen );
+int mpi_write_binary( const mpi *X, unsigned char *buf, size_t buflen );
/**
* \brief Left-shift: X <<= count
@@ -240,7 +244,7 @@
* \return 0 if successful,
* 1 if memory allocation failed
*/
-int mpi_shift_l( mpi *X, int count );
+int mpi_shift_l( mpi *X, size_t count );
/**
* \brief Right-shift: X >>= count
@@ -251,7 +255,7 @@
* \return 0 if successful,
* 1 if memory allocation failed
*/
-int mpi_shift_r( mpi *X, int count );
+int mpi_shift_r( mpi *X, size_t count );
/**
* \brief Compare unsigned values
@@ -287,7 +291,7 @@
* -1 if X is lesser than z or
* 0 if X is equal to z
*/
-int mpi_cmp_int( const mpi *X, int z );
+int mpi_cmp_int( const mpi *X, t_s_int z );
/**
* \brief Unsigned addition: X = |A| + |B|
@@ -347,7 +351,7 @@
* \return 0 if successful,
* 1 if memory allocation failed
*/
-int mpi_add_int( mpi *X, const mpi *A, int b );
+int mpi_add_int( mpi *X, const mpi *A, t_s_int b );
/**
* \brief Signed substraction: X = A - b
@@ -359,7 +363,7 @@
* \return 0 if successful,
* 1 if memory allocation failed
*/
-int mpi_sub_int( mpi *X, const mpi *A, int b );
+int mpi_sub_int( mpi *X, const mpi *A, t_s_int b );
/**
* \brief Baseline multiplication: X = A * B
@@ -385,7 +389,7 @@
* \return 0 if successful,
* 1 if memory allocation failed
*/
-int mpi_mul_int( mpi *X, const mpi *A, t_int b );
+int mpi_mul_int( mpi *X, const mpi *A, t_s_int b );
/**
* \brief Division by mpi: A = Q * B + R
@@ -417,7 +421,7 @@
*
* \note Either Q or R can be NULL.
*/
-int mpi_div_int( mpi *Q, mpi *R, const mpi *A, int b );
+int mpi_div_int( mpi *Q, mpi *R, const mpi *A, t_s_int b );
/**
* \brief Modulo: R = A mod B
@@ -445,7 +449,7 @@
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0,
* POLARSSL_ERR_MPI_NEGATIVE_VALUE if b < 0
*/
-int mpi_mod_int( t_int *r, const mpi *A, int b );
+int mpi_mod_int( t_int *r, const mpi *A, t_s_int b );
/**
* \brief Sliding-window exponentiation: X = A^E mod N
@@ -477,7 +481,7 @@
* \return 0 if successful,
* 1 if memory allocation failed
*/
-int mpi_fill_random( mpi *X, int size, int (*f_rng)(void *), void *p_rng );
+int mpi_fill_random( mpi *X, size_t size, int (*f_rng)(void *), void *p_rng );
/**
* \brief Greatest common divisor: G = gcd(A, B)
@@ -531,7 +535,7 @@
* 1 if memory allocation failed,
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if nbits is < 3
*/
-int mpi_gen_prime( mpi *X, int nbits, int dh_flag,
+int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag,
int (*f_rng)(void *), void *p_rng );
/**
diff --git a/include/polarssl/camellia.h b/include/polarssl/camellia.h
index cebd677..4884fdc 100644
--- a/include/polarssl/camellia.h
+++ b/include/polarssl/camellia.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_CAMELLIA_H
#define POLARSSL_CAMELLIA_H
+#include <string.h>
+
#ifdef _MSC_VER
#include <basetsd.h>
typedef UINT32 uint32_t;
@@ -63,7 +65,7 @@
*
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH
*/
-int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, int keysize );
+int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, unsigned int keysize );
/**
* \brief CAMELLIA key schedule (decryption)
@@ -74,7 +76,7 @@
*
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH
*/
-int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, int keysize );
+int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, unsigned int keysize );
/**
* \brief CAMELLIA-ECB block encryption/decryption
@@ -107,7 +109,7 @@
*/
int camellia_crypt_cbc( camellia_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output );
@@ -127,7 +129,7 @@
*/
int camellia_crypt_cfb128( camellia_context *ctx,
int mode,
- int length,
+ size_t length,
int *iv_off,
unsigned char iv[16],
const unsigned char *input,
diff --git a/include/polarssl/cipher.h b/include/polarssl/cipher.h
index 5375559..67819da 100644
--- a/include/polarssl/cipher.h
+++ b/include/polarssl/cipher.h
@@ -96,26 +96,26 @@
cipher_mode_t mode;
/** Cipher key length, in bits (default length for variable sized ciphers) */
- int key_length;
+ unsigned int key_length;
/** Name of the cipher */
const char * name;
/** IV size, in bytes */
- int iv_size;
+ unsigned int iv_size;
/** block size, in bytes */
- int block_size;
+ unsigned int block_size;
/** Encrypt using CBC */
- int (*cbc_func)( void *ctx, operation_t mode, int length, unsigned char *iv,
+ int (*cbc_func)( void *ctx, operation_t mode, size_t length, unsigned char *iv,
const unsigned char *input, unsigned char *output );
/** Set key for encryption purposes */
- int (*setkey_enc_func)( void *ctx, const unsigned char *key, int key_length);
+ int (*setkey_enc_func)( void *ctx, const unsigned char *key, unsigned int key_length);
/** Set key for decryption purposes */
- int (*setkey_dec_func)( void *ctx, const unsigned char *key, int key_length);
+ int (*setkey_dec_func)( void *ctx, const unsigned char *key, unsigned int key_length);
/** Allocate a new context */
void * (*ctx_alloc_func)( void );
@@ -142,7 +142,7 @@
unsigned char unprocessed_data[POLARSSL_MAX_IV_LENGTH];
/** Number of bytes that still need processing */
- int unprocessed_len;
+ size_t unprocessed_len;
/** Current IV */
unsigned char iv[POLARSSL_MAX_IV_LENGTH];
@@ -167,7 +167,7 @@
* \brief Returns the cipher information structure associated
* with the given cipher name.
*
- * \param cipher_name Name of the cipher to search for.
+ * \param cipher_name Name of the cipher to search for.
*
* \return the cipher information structure associated with the
* given cipher_name, or NULL if not found.
@@ -215,7 +215,7 @@
* \return size of the cipher's blocks, or 0 if ctx has not been
* initialised.
*/
-static inline int cipher_get_block_size( const cipher_context_t *ctx )
+static inline unsigned int cipher_get_block_size( const cipher_context_t *ctx )
{
if( NULL == ctx || NULL == ctx->cipher_info )
return 0;
@@ -332,8 +332,8 @@
*
* \returns 0 on success, 1 if parameter verification fails.
*/
-int cipher_update( cipher_context_t *ctx, const unsigned char *input, int ilen,
- unsigned char *output, int *olen );
+int cipher_update( cipher_context_t *ctx, const unsigned char *input, size_t ilen,
+ unsigned char *output, size_t *olen );
/**
* \brief Generic cipher finalisation function. If data still
@@ -347,7 +347,7 @@
*
* \returns 0 on success, 1 if parameter verification fails.
*/
-int cipher_finish( cipher_context_t *ctx, unsigned char *output, int *olen);
+int cipher_finish( cipher_context_t *ctx, unsigned char *output, size_t *olen);
/**
diff --git a/include/polarssl/debug.h b/include/polarssl/debug.h
index c6f7406..e84f4b8 100644
--- a/include/polarssl/debug.h
+++ b/include/polarssl/debug.h
@@ -72,7 +72,7 @@
void debug_print_buf( const ssl_context *ssl, int level,
const char *file, int line, const char *text,
- unsigned char *buf, int len );
+ unsigned char *buf, size_t len );
void debug_print_mpi( const ssl_context *ssl, int level,
const char *file, int line,
diff --git a/include/polarssl/des.h b/include/polarssl/des.h
index 0d3493c..f9e8e60 100644
--- a/include/polarssl/des.h
+++ b/include/polarssl/des.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_DES_H
#define POLARSSL_DES_H
+#include <string.h>
+
#define DES_ENCRYPT 1
#define DES_DECRYPT 0
@@ -171,7 +173,7 @@
*/
int des_crypt_cbc( des_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[8],
const unsigned char *input,
unsigned char *output );
@@ -203,7 +205,7 @@
*/
int des3_crypt_cbc( des3_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[8],
const unsigned char *input,
unsigned char *output );
diff --git a/include/polarssl/dhm.h b/include/polarssl/dhm.h
index 4206b88..4a479d6 100644
--- a/include/polarssl/dhm.h
+++ b/include/polarssl/dhm.h
@@ -44,7 +44,7 @@
*/
typedef struct
{
- int len; /*!< size(P) in chars */
+ size_t len; /*!< size(P) in chars */
mpi P; /*!< prime modulus */
mpi G; /*!< generator */
mpi X; /*!< secret value */
@@ -89,7 +89,7 @@
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/
int dhm_make_params( dhm_context *ctx, int x_size,
- unsigned char *output, int *olen,
+ unsigned char *output, size_t *olen,
int (*f_rng)(void *), void *p_rng );
/**
@@ -102,7 +102,7 @@
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/
int dhm_read_public( dhm_context *ctx,
- const unsigned char *input, int ilen );
+ const unsigned char *input, size_t ilen );
/**
* \brief Create own private value X and export G^X
@@ -117,7 +117,7 @@
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/
int dhm_make_public( dhm_context *ctx, int x_size,
- unsigned char *output, int olen,
+ unsigned char *output, size_t olen,
int (*f_rng)(void *), void *p_rng );
/**
@@ -130,7 +130,7 @@
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/
int dhm_calc_secret( dhm_context *ctx,
- unsigned char *output, int *olen );
+ unsigned char *output, size_t *olen );
/*
* \brief Free the components of a DHM key
diff --git a/include/polarssl/md.h b/include/polarssl/md.h
index 4d4b835..9bda3ee 100644
--- a/include/polarssl/md.h
+++ b/include/polarssl/md.h
@@ -30,6 +30,8 @@
#ifndef POLARSSL_MD_H
#define POLARSSL_MD_H
+#include <string.h>
+
#ifdef _MSC_VER
#define inline _inline
#endif
@@ -66,23 +68,23 @@
void (*starts_func)( void *ctx );
/** Digest update function */
- void (*update_func)( void *ctx, const unsigned char *input, int ilen );
+ void (*update_func)( void *ctx, const unsigned char *input, size_t ilen );
/** Digest finalisation function */
void (*finish_func)( void *ctx, unsigned char *output );
/** Generic digest function */
- void (*digest_func)( const unsigned char *input, int ilen,
+ void (*digest_func)( const unsigned char *input, size_t ilen,
unsigned char *output );
/** Generic file digest function */
int (*file_func)( const char *path, unsigned char *output );
/** HMAC Initialisation function */
- void (*hmac_starts_func)( void *ctx, const unsigned char *key, int keylen );
+ void (*hmac_starts_func)( void *ctx, const unsigned char *key, size_t keylen );
/** HMAC update function */
- void (*hmac_update_func)( void *ctx, const unsigned char *input, int ilen );
+ void (*hmac_update_func)( void *ctx, const unsigned char *input, size_t ilen );
/** HMAC finalisation function */
void (*hmac_finish_func)( void *ctx, unsigned char *output);
@@ -91,8 +93,8 @@
void (*hmac_reset_func)( void *ctx );
/** Generic HMAC function */
- void (*hmac_func)( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+ void (*hmac_func)( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char *output );
/** Allocate a new context */
@@ -135,7 +137,7 @@
* \brief Returns the message digest information associated with the
* given digest name.
*
- * \param md_name Name of the digest to search for.
+ * \param md_name Name of the digest to search for.
*
* \return The message digest information associated with md_name or
* NULL if not found.
@@ -184,7 +186,7 @@
*
* \return size of the message digest output.
*/
-static inline unsigned char md_get_size ( const md_info_t *md_info)
+static inline unsigned char md_get_size( const md_info_t *md_info )
{
return md_info->size;
}
@@ -196,7 +198,7 @@
*
* \return type of the message digest output.
*/
-static inline md_type_t md_get_type ( const md_info_t *md_info )
+static inline md_type_t md_get_type( const md_info_t *md_info )
{
return md_info->type;
}
@@ -208,7 +210,7 @@
*
* \return name of the message digest output.
*/
-static inline const char *md_get_name ( const md_info_t *md_info )
+static inline const char *md_get_name( const md_info_t *md_info )
{
return md_info->name;
}
@@ -231,7 +233,7 @@
*
* \returns 0 on success, 1 if parameter verification fails.
*/
-int md_update( md_context_t *ctx, const unsigned char *input, int ilen );
+int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen );
/**
* \brief Generic message digest final digest
@@ -253,7 +255,7 @@
*
* \returns 0 on success, 1 if parameter verification fails.
*/
-int md( const md_info_t *md_info, const unsigned char *input, int ilen,
+int md( const md_info_t *md_info, const unsigned char *input, size_t ilen,
unsigned char *output );
/**
@@ -277,7 +279,7 @@
*
* \returns 0 on success, 1 if parameter verification fails.
*/
-int md_hmac_starts( md_context_t *ctx, const unsigned char *key, int keylen );
+int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen );
/**
* \brief Generic HMAC process buffer
@@ -288,7 +290,7 @@
*
* \returns 0 on success, 1 if parameter verification fails.
*/
-int md_hmac_update( md_context_t *ctx, const unsigned char *input, int ilen );
+int md_hmac_update( md_context_t *ctx, const unsigned char *input, size_t ilen );
/**
* \brief Generic HMAC final digest
@@ -321,8 +323,8 @@
*
* \returns 0 on success, 1 if parameter verification fails.
*/
-int md_hmac( const md_info_t *md_info, const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char *output );
#ifdef __cplusplus
diff --git a/include/polarssl/md2.h b/include/polarssl/md2.h
index bcda2e3..9a497f1 100644
--- a/include/polarssl/md2.h
+++ b/include/polarssl/md2.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_MD2_H
#define POLARSSL_MD2_H
+#include <string.h>
+
/**
* \brief MD2 context structure
*/
@@ -38,7 +40,7 @@
unsigned char ipad[64]; /*!< HMAC: inner padding */
unsigned char opad[64]; /*!< HMAC: outer padding */
- int left; /*!< amount of data in buffer */
+ size_t left; /*!< amount of data in buffer */
}
md2_context;
@@ -60,7 +62,7 @@
* \param input buffer holding the data
* \param ilen length of the input data
*/
-void md2_update( md2_context *ctx, const unsigned char *input, int ilen );
+void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief MD2 final digest
@@ -77,7 +79,7 @@
* \param ilen length of the input data
* \param output MD2 checksum result
*/
-void md2( const unsigned char *input, int ilen, unsigned char output[16] );
+void md2( const unsigned char *input, size_t ilen, unsigned char output[16] );
/**
* \brief Output = MD2( file contents )
@@ -97,7 +99,7 @@
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
-void md2_hmac_starts( md2_context *ctx, const unsigned char *key, int keylen );
+void md2_hmac_starts( md2_context *ctx, const unsigned char *key, size_t keylen );
/**
* \brief MD2 HMAC process buffer
@@ -106,7 +108,7 @@
* \param input buffer holding the data
* \param ilen length of the input data
*/
-void md2_hmac_update( md2_context *ctx, const unsigned char *input, int ilen );
+void md2_hmac_update( md2_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief MD2 HMAC final digest
@@ -132,8 +134,8 @@
* \param ilen length of the input data
* \param output HMAC-MD2 result
*/
-void md2_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void md2_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[16] );
/**
diff --git a/include/polarssl/md4.h b/include/polarssl/md4.h
index c3c5d7e..5a796ae 100644
--- a/include/polarssl/md4.h
+++ b/include/polarssl/md4.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_MD4_H
#define POLARSSL_MD4_H
+#include <string.h>
+
/**
* \brief MD4 context structure
*/
@@ -59,7 +61,7 @@
* \param input buffer holding the data
* \param ilen length of the input data
*/
-void md4_update( md4_context *ctx, const unsigned char *input, int ilen );
+void md4_update( md4_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief MD4 final digest
@@ -76,7 +78,7 @@
* \param ilen length of the input data
* \param output MD4 checksum result
*/
-void md4( const unsigned char *input, int ilen, unsigned char output[16] );
+void md4( const unsigned char *input, size_t ilen, unsigned char output[16] );
/**
* \brief Output = MD4( file contents )
@@ -96,7 +98,7 @@
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
-void md4_hmac_starts( md4_context *ctx, const unsigned char *key, int keylen );
+void md4_hmac_starts( md4_context *ctx, const unsigned char *key, size_t keylen );
/**
* \brief MD4 HMAC process buffer
@@ -105,7 +107,7 @@
* \param input buffer holding the data
* \param ilen length of the input data
*/
-void md4_hmac_update( md4_context *ctx, const unsigned char *input, int ilen );
+void md4_hmac_update( md4_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief MD4 HMAC final digest
@@ -131,8 +133,8 @@
* \param ilen length of the input data
* \param output HMAC-MD4 result
*/
-void md4_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void md4_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[16] );
/**
diff --git a/include/polarssl/md5.h b/include/polarssl/md5.h
index e728c38..cf0459d 100644
--- a/include/polarssl/md5.h
+++ b/include/polarssl/md5.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_MD5_H
#define POLARSSL_MD5_H
+#include <string.h>
+
/**
* \brief MD5 context structure
*/
@@ -59,7 +61,7 @@
* \param input buffer holding the data
* \param ilen length of the input data
*/
-void md5_update( md5_context *ctx, const unsigned char *input, int ilen );
+void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief MD5 final digest
@@ -76,7 +78,7 @@
* \param ilen length of the input data
* \param output MD5 checksum result
*/
-void md5( const unsigned char *input, int ilen, unsigned char output[16] );
+void md5( const unsigned char *input, size_t ilen, unsigned char output[16] );
/**
* \brief Output = MD5( file contents )
@@ -97,7 +99,7 @@
* \param keylen length of the HMAC key
*/
void md5_hmac_starts( md5_context *ctx,
- const unsigned char *key, int keylen );
+ const unsigned char *key, size_t keylen );
/**
* \brief MD5 HMAC process buffer
@@ -107,7 +109,7 @@
* \param ilen length of the input data
*/
void md5_hmac_update( md5_context *ctx,
- const unsigned char *input, int ilen );
+ const unsigned char *input, size_t ilen );
/**
* \brief MD5 HMAC final digest
@@ -133,8 +135,8 @@
* \param ilen length of the input data
* \param output HMAC-MD5 result
*/
-void md5_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void md5_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[16] );
/**
diff --git a/include/polarssl/net.h b/include/polarssl/net.h
index 188432e..3fa2161 100644
--- a/include/polarssl/net.h
+++ b/include/polarssl/net.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_NET_H
#define POLARSSL_NET_H
+#include <string.h>
+
#define POLARSSL_ERR_NET_UNKNOWN_HOST -0x0F00
#define POLARSSL_ERR_NET_SOCKET_FAILED -0x0F10
#define POLARSSL_ERR_NET_CONNECT_FAILED -0x0F20
@@ -124,7 +126,7 @@
* or a non-zero error code; POLARSSL_ERR_NET_TRY_AGAIN
* indicates read() is blocking.
*/
-int net_recv( void *ctx, unsigned char *buf, int len );
+int net_recv( void *ctx, unsigned char *buf, size_t len );
/**
* \brief Write at most 'len' characters. If no error occurs,
@@ -138,7 +140,7 @@
* or a non-zero error code; POLARSSL_ERR_NET_TRY_AGAIN
* indicates write() is blocking.
*/
-int net_send( void *ctx, unsigned char *buf, int len );
+int net_send( void *ctx, unsigned char *buf, size_t len );
/**
* \brief Gracefully shutdown the connection
diff --git a/include/polarssl/padlock.h b/include/polarssl/padlock.h
index 99ecfee..722c9b2 100644
--- a/include/polarssl/padlock.h
+++ b/include/polarssl/padlock.h
@@ -86,7 +86,7 @@
*/
int padlock_xcryptcbc( aes_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output );
diff --git a/include/polarssl/pem.h b/include/polarssl/pem.h
index dfb2f1e..509ed11 100644
--- a/include/polarssl/pem.h
+++ b/include/polarssl/pem.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_PEM_H
#define POLARSSL_PEM_H
+#include <string.h>
+
/**
* \name PEM Error codes
* These error codes are returned in case of errors reading the
@@ -49,7 +51,7 @@
typedef struct
{
unsigned char *buf; /*!< buffer for decoded data */
- int buflen; /*!< length of the buffer */
+ size_t buflen; /*!< length of the buffer */
unsigned char *info; /*!< buffer for extra header information */
}
pem_context;
@@ -82,7 +84,7 @@
int pem_read_buffer( pem_context *ctx, char *header, char *footer,
const unsigned char *data,
const unsigned char *pwd,
- int pwdlen, int *use_len );
+ size_t pwdlen, size_t *use_len );
/**
* \brief PEM context memory freeing
diff --git a/include/polarssl/pkcs11.h b/include/polarssl/pkcs11.h
index 5087e19..8e2a8ce 100644
--- a/include/polarssl/pkcs11.h
+++ b/include/polarssl/pkcs11.h
@@ -94,7 +94,7 @@
* an error is thrown.
*/
int pkcs11_decrypt( pkcs11_context *ctx,
- int mode, int *olen,
+ int mode, size_t *olen,
const unsigned char *input,
unsigned char *output,
unsigned int output_max_len );
@@ -118,7 +118,7 @@
int pkcs11_sign( pkcs11_context *ctx,
int mode,
int hash_id,
- int hashlen,
+ unsigned int hashlen,
const unsigned char *hash,
unsigned char *sig );
diff --git a/include/polarssl/rsa.h b/include/polarssl/rsa.h
index 509e24d..cb2420a 100644
--- a/include/polarssl/rsa.h
+++ b/include/polarssl/rsa.h
@@ -49,11 +49,11 @@
#define SIG_RSA_MD2 2
#define SIG_RSA_MD4 3
#define SIG_RSA_MD5 4
-#define SIG_RSA_SHA1 5
-#define SIG_RSA_SHA224 14
-#define SIG_RSA_SHA256 11
-#define SIG_RSA_SHA384 12
-#define SIG_RSA_SHA512 13
+#define SIG_RSA_SHA1 5
+#define SIG_RSA_SHA224 14
+#define SIG_RSA_SHA256 11
+#define SIG_RSA_SHA384 12
+#define SIG_RSA_SHA512 13
#define RSA_PUBLIC 0
#define RSA_PRIVATE 1
@@ -64,28 +64,28 @@
#define RSA_SIGN 1
#define RSA_CRYPT 2
-#define ASN1_STR_CONSTRUCTED_SEQUENCE "\x30"
-#define ASN1_STR_NULL "\x05"
-#define ASN1_STR_OID "\x06"
-#define ASN1_STR_OCTET_STRING "\x04"
+#define ASN1_STR_CONSTRUCTED_SEQUENCE "\x30"
+#define ASN1_STR_NULL "\x05"
+#define ASN1_STR_OID "\x06"
+#define ASN1_STR_OCTET_STRING "\x04"
-#define OID_DIGEST_ALG_MDX "\x2A\x86\x48\x86\xF7\x0D\x02\x00"
-#define OID_HASH_ALG_SHA1 "\x2b\x0e\x03\x02\x1a"
-#define OID_HASH_ALG_SHA2X "\x60\x86\x48\x01\x65\x03\x04\x02\x00"
+#define OID_DIGEST_ALG_MDX "\x2A\x86\x48\x86\xF7\x0D\x02\x00"
+#define OID_HASH_ALG_SHA1 "\x2b\x0e\x03\x02\x1a"
+#define OID_HASH_ALG_SHA2X "\x60\x86\x48\x01\x65\x03\x04\x02\x00"
-#define OID_ISO_MEMBER_BODIES "\x2a"
-#define OID_ISO_IDENTIFIED_ORG "\x2b"
+#define OID_ISO_MEMBER_BODIES "\x2a"
+#define OID_ISO_IDENTIFIED_ORG "\x2b"
/*
* ISO Member bodies OID parts
*/
-#define OID_COUNTRY_US "\x86\x48"
-#define OID_RSA_DATA_SECURITY "\x86\xf7\x0d"
+#define OID_COUNTRY_US "\x86\x48"
+#define OID_RSA_DATA_SECURITY "\x86\xf7\x0d"
/*
* ISO Identified organization OID parts
*/
-#define OID_OIW_SECSIG_SHA1 "\x0e\x03\x02\x1a"
+#define OID_OIW_SECSIG_SHA1 "\x0e\x03\x02\x1a"
/*
* DigestInfo ::= SEQUENCE {
@@ -96,30 +96,30 @@
*
* Digest ::= OCTET STRING
*/
-#define ASN1_HASH_MDX \
-( \
- ASN1_STR_CONSTRUCTED_SEQUENCE "\x20" \
- ASN1_STR_CONSTRUCTED_SEQUENCE "\x0C" \
- ASN1_STR_OID "\x08" \
- OID_DIGEST_ALG_MDX \
- ASN1_STR_NULL "\x00" \
- ASN1_STR_OCTET_STRING "\x10" \
+#define ASN1_HASH_MDX \
+( \
+ ASN1_STR_CONSTRUCTED_SEQUENCE "\x20" \
+ ASN1_STR_CONSTRUCTED_SEQUENCE "\x0C" \
+ ASN1_STR_OID "\x08" \
+ OID_DIGEST_ALG_MDX \
+ ASN1_STR_NULL "\x00" \
+ ASN1_STR_OCTET_STRING "\x10" \
)
-#define ASN1_HASH_SHA1 \
- ASN1_STR_CONSTRUCTED_SEQUENCE "\x21" \
- ASN1_STR_CONSTRUCTED_SEQUENCE "\x09" \
- ASN1_STR_OID "\x05" \
- OID_HASH_ALG_SHA1 \
- ASN1_STR_NULL "\x00" \
+#define ASN1_HASH_SHA1 \
+ ASN1_STR_CONSTRUCTED_SEQUENCE "\x21" \
+ ASN1_STR_CONSTRUCTED_SEQUENCE "\x09" \
+ ASN1_STR_OID "\x05" \
+ OID_HASH_ALG_SHA1 \
+ ASN1_STR_NULL "\x00" \
ASN1_STR_OCTET_STRING "\x14"
-#define ASN1_HASH_SHA2X \
- ASN1_STR_CONSTRUCTED_SEQUENCE "\x11" \
- ASN1_STR_CONSTRUCTED_SEQUENCE "\x0d" \
- ASN1_STR_OID "\x09" \
- OID_HASH_ALG_SHA2X \
- ASN1_STR_NULL "\x00" \
+#define ASN1_HASH_SHA2X \
+ ASN1_STR_CONSTRUCTED_SEQUENCE "\x11" \
+ ASN1_STR_CONSTRUCTED_SEQUENCE "\x0d" \
+ ASN1_STR_OID "\x09" \
+ OID_HASH_ALG_SHA2X \
+ ASN1_STR_NULL "\x00" \
ASN1_STR_OCTET_STRING "\x00"
/**
@@ -128,7 +128,7 @@
typedef struct
{
int ver; /*!< always 0 */
- int len; /*!< size(N) in chars */
+ size_t len; /*!< size(N) in chars */
mpi N; /*!< public modulus */
mpi E; /*!< public exponent */
@@ -188,7 +188,7 @@
int rsa_gen_key( rsa_context *ctx,
int (*f_rng)(void *),
void *p_rng,
- int nbits, int exponent );
+ unsigned int nbits, int exponent );
/**
* \brief Check a public RSA key
@@ -263,7 +263,7 @@
int rsa_pkcs1_encrypt( rsa_context *ctx,
int (*f_rng)(void *),
void *p_rng,
- int mode, int ilen,
+ int mode, size_t ilen,
const unsigned char *input,
unsigned char *output );
@@ -275,7 +275,7 @@
* \param input buffer holding the encrypted data
* \param output buffer that will hold the plaintext
* \param olen will contain the plaintext length
- * \param output_max_len maximum length of the output buffer
+ * \param output_max_len maximum length of the output buffer
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*
@@ -284,10 +284,10 @@
* an error is thrown.
*/
int rsa_pkcs1_decrypt( rsa_context *ctx,
- int mode, int *olen,
+ int mode, size_t *olen,
const unsigned char *input,
unsigned char *output,
- int output_max_len );
+ size_t output_max_len );
/**
* \brief Do a private RSA to sign a message digest
@@ -318,7 +318,7 @@
void *p_rng,
int mode,
int hash_id,
- int hashlen,
+ unsigned int hashlen,
const unsigned char *hash,
unsigned char *sig );
@@ -347,7 +347,7 @@
int rsa_pkcs1_verify( rsa_context *ctx,
int mode,
int hash_id,
- int hashlen,
+ unsigned int hashlen,
const unsigned char *hash,
unsigned char *sig );
diff --git a/include/polarssl/sha1.h b/include/polarssl/sha1.h
index 1d5cc25..76b369a 100644
--- a/include/polarssl/sha1.h
+++ b/include/polarssl/sha1.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_SHA1_H
#define POLARSSL_SHA1_H
+#include <string.h>
+
/**
* \brief SHA-1 context structure
*/
@@ -59,7 +61,7 @@
* \param input buffer holding the data
* \param ilen length of the input data
*/
-void sha1_update( sha1_context *ctx, const unsigned char *input, int ilen );
+void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief SHA-1 final digest
@@ -76,7 +78,7 @@
* \param ilen length of the input data
* \param output SHA-1 checksum result
*/
-void sha1( const unsigned char *input, int ilen, unsigned char output[20] );
+void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] );
/**
* \brief Output = SHA-1( file contents )
@@ -96,7 +98,7 @@
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
-void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, int keylen );
+void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, size_t keylen );
/**
* \brief SHA-1 HMAC process buffer
@@ -105,7 +107,7 @@
* \param input buffer holding the data
* \param ilen length of the input data
*/
-void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, int ilen );
+void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief SHA-1 HMAC final digest
@@ -131,8 +133,8 @@
* \param ilen length of the input data
* \param output HMAC-SHA-1 result
*/
-void sha1_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void sha1_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[20] );
/**
diff --git a/include/polarssl/sha2.h b/include/polarssl/sha2.h
index 5e2d907..c963ca1 100644
--- a/include/polarssl/sha2.h
+++ b/include/polarssl/sha2.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_SHA2_H
#define POLARSSL_SHA2_H
+#include <string.h>
+
/**
* \brief SHA-256 context structure
*/
@@ -61,7 +63,7 @@
* \param input buffer holding the data
* \param ilen length of the input data
*/
-void sha2_update( sha2_context *ctx, const unsigned char *input, int ilen );
+void sha2_update( sha2_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief SHA-256 final digest
@@ -79,7 +81,7 @@
* \param output SHA-224/256 checksum result
* \param is224 0 = use SHA256, 1 = use SHA224
*/
-void sha2( const unsigned char *input, int ilen,
+void sha2( const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 );
/**
@@ -102,7 +104,7 @@
* \param keylen length of the HMAC key
* \param is224 0 = use SHA256, 1 = use SHA224
*/
-void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, int keylen,
+void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, size_t keylen,
int is224 );
/**
@@ -112,7 +114,7 @@
* \param input buffer holding the data
* \param ilen length of the input data
*/
-void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, int ilen );
+void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief SHA-256 HMAC final digest
@@ -139,8 +141,8 @@
* \param output HMAC-SHA-224/256 result
* \param is224 0 = use SHA256, 1 = use SHA224
*/
-void sha2_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void sha2_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 );
/**
diff --git a/include/polarssl/sha4.h b/include/polarssl/sha4.h
index 5f980b9..81a69cd 100644
--- a/include/polarssl/sha4.h
+++ b/include/polarssl/sha4.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_SHA4_H
#define POLARSSL_SHA4_H
+#include <string.h>
+
#if defined(_MSC_VER) || defined(__WATCOMC__)
#define UL64(x) x##ui64
#define int64 __int64
@@ -69,7 +71,7 @@
* \param input buffer holding the data
* \param ilen length of the input data
*/
-void sha4_update( sha4_context *ctx, const unsigned char *input, int ilen );
+void sha4_update( sha4_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief SHA-512 final digest
@@ -87,7 +89,7 @@
* \param output SHA-384/512 checksum result
* \param is384 0 = use SHA512, 1 = use SHA384
*/
-void sha4( const unsigned char *input, int ilen,
+void sha4( const unsigned char *input, size_t ilen,
unsigned char output[64], int is384 );
/**
@@ -110,7 +112,7 @@
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
-void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, int keylen,
+void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, size_t keylen,
int is384 );
/**
@@ -120,7 +122,7 @@
* \param input buffer holding the data
* \param ilen length of the input data
*/
-void sha4_hmac_update( sha4_context *ctx, const unsigned char *input, int ilen );
+void sha4_hmac_update( sha4_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief SHA-512 HMAC final digest
@@ -147,8 +149,8 @@
* \param output HMAC-SHA-384/512 result
* \param is384 0 = use SHA512, 1 = use SHA384
*/
-void sha4_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void sha4_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[64], int is384 );
/**
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index 772bb55..15b595f 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -204,7 +204,7 @@
{
time_t start; /*!< starting time */
int ciphersuite; /*!< chosen ciphersuite */
- int length; /*!< session id length */
+ size_t length; /*!< session id length */
unsigned char id[32]; /*!< session identifier */
unsigned char master[48]; /*!< the master secret */
ssl_session *next; /*!< next session entry */
@@ -228,8 +228,8 @@
*/
int (*f_rng)(void *);
void (*f_dbg)(void *, int, const char *);
- int (*f_recv)(void *, unsigned char *, int);
- int (*f_send)(void *, unsigned char *, int);
+ int (*f_recv)(void *, unsigned char *, size_t);
+ int (*f_send)(void *, unsigned char *, size_t);
int (*f_vrfy)(void *, x509_cert *, int, int);
void *p_rng; /*!< context for the RNG function */
@@ -256,10 +256,10 @@
unsigned char *in_offt; /*!< read offset in application data */
int in_msgtype; /*!< record header: message type */
- int in_msglen; /*!< record header: message length */
- int in_left; /*!< amount of data read so far */
+ size_t in_msglen; /*!< record header: message length */
+ size_t in_left; /*!< amount of data read so far */
- int in_hslen; /*!< current handshake message length */
+ size_t in_hslen; /*!< current handshake message length */
int nb_zero; /*!< # of 0-length encrypted messages */
/*
@@ -270,8 +270,8 @@
unsigned char *out_msg; /*!< the message contents (out_hdr+5) */
int out_msgtype; /*!< record header: message type */
- int out_msglen; /*!< record header: message length */
- int out_left; /*!< amount of data not yet written */
+ size_t out_msglen; /*!< record header: message length */
+ size_t out_left; /*!< amount of data not yet written */
/*
* PKI layer
@@ -300,11 +300,11 @@
int do_crypt; /*!< en(de)cryption flag */
int *ciphersuites; /*!< allowed ciphersuites */
- int pmslen; /*!< premaster length */
- int keylen; /*!< symmetric key length */
- int minlen; /*!< min. ciphertext length */
- int ivlen; /*!< IV length */
- int maclen; /*!< MAC length */
+ size_t pmslen; /*!< premaster length */
+ unsigned int keylen; /*!< symmetric key length */
+ size_t minlen; /*!< min. ciphertext length */
+ size_t ivlen; /*!< IV length */
+ size_t maclen; /*!< MAC length */
unsigned char randbytes[64]; /*!< random bytes */
unsigned char premaster[256]; /*!< premaster secret */
@@ -322,7 +322,7 @@
* TLS extensions
*/
unsigned char *hostname;
- unsigned long hostname_len;
+ size_t hostname_len;
};
#ifdef __cplusplus
@@ -447,8 +447,8 @@
* \param p_send write parameter
*/
void ssl_set_bio( ssl_context *ssl,
- int (*f_recv)(void *, unsigned char *, int), void *p_recv,
- int (*f_send)(void *, unsigned char *, int), void *p_send );
+ int (*f_recv)(void *, unsigned char *, size_t), void *p_recv,
+ int (*f_send)(void *, unsigned char *, size_t), void *p_send );
/**
* \brief Set the session callbacks (server-side only)
@@ -556,7 +556,7 @@
*
* \return how many bytes are available in the read buffer
*/
-int ssl_get_bytes_avail( const ssl_context *ssl );
+size_t ssl_get_bytes_avail( const ssl_context *ssl );
/**
* \brief Return the result of the certificate verification
@@ -609,7 +609,7 @@
* \return This function returns the number of bytes read,
* or a negative error code.
*/
-int ssl_read( ssl_context *ssl, unsigned char *buf, int len );
+int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len );
/**
* \brief Write exactly 'len' application data bytes
@@ -625,7 +625,7 @@
* it must be called later with the *same* arguments,
* until it returns a positive value.
*/
-int ssl_write( ssl_context *ssl, const unsigned char *buf, int len );
+int ssl_write( ssl_context *ssl, const unsigned char *buf, size_t len );
/**
* \brief Notify the peer that the connection is being closed
@@ -651,7 +651,7 @@
void ssl_calc_verify( ssl_context *ssl, unsigned char hash[36] );
int ssl_read_record( ssl_context *ssl );
-int ssl_fetch_input( ssl_context *ssl, int nb_want );
+int ssl_fetch_input( ssl_context *ssl, size_t nb_want );
int ssl_write_record( ssl_context *ssl );
int ssl_flush_output( ssl_context *ssl );
diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h
index e6d0c34..731c186 100644
--- a/include/polarssl/x509.h
+++ b/include/polarssl/x509.h
@@ -284,7 +284,7 @@
typedef struct _x509_buf
{
int tag; /**< ASN1 type, e.g. ASN1_UTF8_STRING. */
- int len; /**< ASN1 length, e.g. in octets. */
+ size_t len; /**< ASN1 length, e.g. in octets. */
unsigned char *p; /**< ASN1 data, e.g. in ASCII. */
}
x509_buf;
@@ -294,7 +294,7 @@
*/
typedef struct _x509_bitstring
{
- int len; /**< ASN1 length, e.g. in octets. */
+ size_t len; /**< ASN1 length, e.g. in octets. */
unsigned char unused_bits; /**< Number of unused bits at the end of the string */
unsigned char *p; /**< Raw ASN1 data for the bit string */
}
@@ -483,7 +483,7 @@
*
* \return 0 if successful, or a specific X509 or PEM error code
*/
-int x509parse_crt( x509_cert *chain, const unsigned char *buf, int buflen );
+int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen );
/** \ingroup x509_module */
/**
@@ -508,7 +508,7 @@
*
* \return 0 if successful, or a specific X509 or PEM error code
*/
-int x509parse_crl( x509_crl *chain, const unsigned char *buf, int buflen );
+int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen );
/** \ingroup x509_module */
/**
@@ -535,8 +535,8 @@
* \return 0 if successful, or a specific X509 or PEM error code
*/
int x509parse_key( rsa_context *rsa,
- const unsigned char *key, int keylen,
- const unsigned char *pwd, int pwdlen );
+ const unsigned char *key, size_t keylen,
+ const unsigned char *pwd, size_t pwdlen );
/** \ingroup x509_module */
/**
@@ -562,7 +562,7 @@
* \return 0 if successful, or a specific X509 or PEM error code
*/
int x509parse_public_key( rsa_context *rsa,
- const unsigned char *key, int keylen );
+ const unsigned char *key, size_t keylen );
/** \ingroup x509_module */
/**
@@ -585,7 +585,7 @@
*
* \return 0 if successful, or a specific X509 or PEM error code
*/
-int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, int dhminlen );
+int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen );
/** \ingroup x509_module */
/**
diff --git a/include/polarssl/xtea.h b/include/polarssl/xtea.h
index feb1237..8f41d5d 100644
--- a/include/polarssl/xtea.h
+++ b/include/polarssl/xtea.h
@@ -27,6 +27,8 @@
#ifndef POLARSSL_XTEA_H
#define POLARSSL_XTEA_H
+#include <string.h>
+
#ifdef _MSC_VER
#include <basetsd.h>
typedef UINT32 uint32_t;
@@ -71,9 +73,9 @@
* \return 0 if successful
*/
int xtea_crypt_ecb( xtea_context *ctx,
- int mode,
- unsigned char input[8],
- unsigned char output[8] );
+ int mode,
+ unsigned char input[8],
+ unsigned char output[8] );
/**
* \brief XTEA CBC cipher function
@@ -90,7 +92,7 @@
*/
int xtea_crypt_cbc( xtea_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[8],
unsigned char *input,
unsigned char *output);
diff --git a/library/aes.c b/library/aes.c
index 7e768e0..ce418d6 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -36,8 +36,6 @@
#include "polarssl/aes.h"
#include "polarssl/padlock.h"
-#include <string.h>
-
/*
* 32-bit integer manipulation macros (little endian)
*/
@@ -441,9 +439,9 @@
/*
* AES key schedule (encryption)
*/
-int aes_setkey_enc( aes_context *ctx, const unsigned char *key, int keysize )
+int aes_setkey_enc( aes_context *ctx, const unsigned char *key, unsigned int keysize )
{
- int i;
+ unsigned int i;
unsigned long *RK;
#if !defined(POLARSSL_AES_ROM_TABLES)
@@ -546,7 +544,7 @@
/*
* AES key schedule (decryption)
*/
-int aes_setkey_dec( aes_context *ctx, const unsigned char *key, int keysize )
+int aes_setkey_dec( aes_context *ctx, const unsigned char *key, unsigned int keysize )
{
int i, j;
aes_context cty;
@@ -758,7 +756,7 @@
*/
int aes_crypt_cbc( aes_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output )
@@ -823,7 +821,7 @@
*/
int aes_crypt_cfb128( aes_context *ctx,
int mode,
- int length,
+ size_t length,
int *iv_off,
unsigned char iv[16],
const unsigned char *input,
diff --git a/library/arc4.c b/library/arc4.c
index c7725be..07665ad 100644
--- a/library/arc4.c
+++ b/library/arc4.c
@@ -37,9 +37,10 @@
/*
* ARC4 key schedule
*/
-void arc4_setup( arc4_context *ctx, const unsigned char *key, int keylen )
+void arc4_setup( arc4_context *ctx, const unsigned char *key, unsigned int keylen )
{
- int i, j, k, a;
+ int i, j, a;
+ unsigned int k;
unsigned char *m;
ctx->x = 0;
@@ -65,10 +66,11 @@
/*
* ARC4 cipher function
*/
-int arc4_crypt( arc4_context *ctx, int length, const unsigned char *input,
+int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input,
unsigned char *output )
{
- int i, x, y, a, b;
+ int x, y, a, b;
+ size_t i;
unsigned char *m;
x = ctx->x;
diff --git a/library/base64.c b/library/base64.c
index 8d49a81..8601c94 100644
--- a/library/base64.c
+++ b/library/base64.c
@@ -60,10 +60,10 @@
/*
* Encode a buffer into base64 format
*/
-int base64_encode( unsigned char *dst, int *dlen,
- const unsigned char *src, int slen )
+int base64_encode( unsigned char *dst, size_t *dlen,
+ const unsigned char *src, size_t slen )
{
- int i, n;
+ size_t i, n;
int C1, C2, C3;
unsigned char *p;
@@ -123,10 +123,10 @@
/*
* Decode a base64-formatted buffer
*/
-int base64_decode( unsigned char *dst, int *dlen,
- const unsigned char *src, int slen )
+int base64_decode( unsigned char *dst, size_t *dlen,
+ const unsigned char *src, size_t slen )
{
- int i, j, n;
+ size_t i, j, n;
unsigned long x;
unsigned char *p;
@@ -210,7 +210,7 @@
*/
int base64_self_test( int verbose )
{
- int len;
+ size_t len;
unsigned char *src, buffer[128];
if( verbose != 0 )
diff --git a/library/bignum.c b/library/bignum.c
index 8ae3921..3d8b383 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -37,7 +37,6 @@
#include "polarssl/bignum.h"
#include "polarssl/bn_mul.h"
-#include <string.h>
#include <stdlib.h>
#include <stdarg.h>
@@ -102,7 +101,7 @@
/*
* Enlarge to the specified number of limbs
*/
-int mpi_grow( mpi *X, int nblimbs )
+int mpi_grow( mpi *X, size_t nblimbs )
{
t_int *p;
@@ -132,7 +131,8 @@
*/
int mpi_copy( mpi *X, const mpi *Y )
{
- int ret, i;
+ int ret;
+ size_t i;
if( X == Y )
return( 0 );
@@ -169,7 +169,7 @@
/*
* Set value from integer
*/
-int mpi_lset( mpi *X, int z )
+int mpi_lset( mpi *X, t_s_int z )
{
int ret;
@@ -187,9 +187,9 @@
/*
* Return the number of least significant bits
*/
-int mpi_lsb( const mpi *X )
+size_t mpi_lsb( const mpi *X )
{
- int i, j, count = 0;
+ size_t i, j, count = 0;
for( i = 0; i < X->n; i++ )
for( j = 0; j < (int) biL; j++, count++ )
@@ -202,25 +202,25 @@
/*
* Return the number of most significant bits
*/
-int mpi_msb( const mpi *X )
+size_t mpi_msb( const mpi *X )
{
- int i, j;
+ size_t i, j;
for( i = X->n - 1; i > 0; i-- )
if( X->p[i] != 0 )
break;
- for( j = biL - 1; j >= 0; j-- )
- if( ( ( X->p[i] >> j ) & 1 ) != 0 )
+ for( j = biL; j > 0; j-- )
+ if( ( ( X->p[i] >> ( j - 1 ) ) & 1 ) != 0 )
break;
- return( ( i * biL ) + j + 1 );
+ return( ( i * biL ) + j );
}
/*
* Return the total size in bytes
*/
-int mpi_size( const mpi *X )
+size_t mpi_size( const mpi *X )
{
return( ( mpi_msb( X ) + 7 ) >> 3 );
}
@@ -247,7 +247,8 @@
*/
int mpi_read_string( mpi *X, int radix, const char *s )
{
- int ret, i, j, n, slen;
+ int ret;
+ size_t i, j, slen, n;
t_int d;
mpi T;
@@ -265,15 +266,15 @@
MPI_CHK( mpi_grow( X, n ) );
MPI_CHK( mpi_lset( X, 0 ) );
- for( i = slen - 1, j = 0; i >= 0; i--, j++ )
+ for( i = slen, j = 0; i > 0; i--, j++ )
{
- if( i == 0 && s[i] == '-' )
+ if( i == 1 && s[i - 1] == '-' )
{
X->s = -1;
break;
}
- MPI_CHK( mpi_get_digit( &d, radix, s[i] ) );
+ MPI_CHK( mpi_get_digit( &d, radix, s[i - 1] ) );
X->p[j / (2 * ciL)] |= d << ( (j % (2 * ciL)) << 2 );
}
}
@@ -340,9 +341,10 @@
/*
* Export into an ASCII string
*/
-int mpi_write_string( const mpi *X, int radix, char *s, int *slen )
+int mpi_write_string( const mpi *X, int radix, char *s, size_t *slen )
{
- int ret = 0, n;
+ int ret = 0;
+ size_t n;
char *p;
mpi T;
@@ -368,15 +370,16 @@
if( radix == 16 )
{
- int c, i, j, k;
+ int c;
+ size_t i, j, k;
- for( i = X->n - 1, k = 0; i >= 0; i-- )
+ for( i = X->n, k = 0; i > 0; i-- )
{
- for( j = ciL - 1; j >= 0; j-- )
+ for( j = ciL; j > 0; j-- )
{
- c = ( X->p[i] >> (j << 3) ) & 0xFF;
+ c = ( X->p[i - 1] >> ( ( j - 1 ) << 3) ) & 0xFF;
- if( c == 0 && k == 0 && (i + j) != 0 )
+ if( c == 0 && k == 0 && ( i + j + 3 ) != 0 )
continue;
p += sprintf( p, "%02X", c );
@@ -410,7 +413,7 @@
int mpi_read_file( mpi *X, int radix, FILE *fin )
{
t_int d;
- int slen;
+ size_t slen;
char *p;
char s[1024];
@@ -435,16 +438,15 @@
*/
int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout )
{
- int n, ret;
- size_t slen;
- size_t plen;
+ int ret;
+ size_t n, slen, plen;
char s[2048];
n = sizeof( s );
memset( s, 0, n );
n -= 2;
- MPI_CHK( mpi_write_string( X, radix, s, (int *) &n ) );
+ MPI_CHK( mpi_write_string( X, radix, s, (size_t *) &n ) );
if( p == NULL ) p = "";
@@ -470,9 +472,10 @@
/*
* Import X from unsigned binary data, big endian
*/
-int mpi_read_binary( mpi *X, const unsigned char *buf, int buflen )
+int mpi_read_binary( mpi *X, const unsigned char *buf, size_t buflen )
{
- int ret, i, j, n;
+ int ret;
+ size_t i, j, n;
for( n = 0; n < buflen; n++ )
if( buf[n] != 0 )
@@ -481,8 +484,8 @@
MPI_CHK( mpi_grow( X, CHARS_TO_LIMBS( buflen - n ) ) );
MPI_CHK( mpi_lset( X, 0 ) );
- for( i = buflen - 1, j = 0; i >= n; i--, j++ )
- X->p[j / ciL] |= ((t_int) buf[i]) << ((j % ciL) << 3);
+ for( i = buflen, j = 0; i > n; i--, j++ )
+ X->p[j / ciL] |= ((t_int) buf[i - 1]) << ((j % ciL) << 3);
cleanup:
@@ -492,9 +495,9 @@
/*
* Export X into unsigned binary data, big endian
*/
-int mpi_write_binary( const mpi *X, unsigned char *buf, int buflen )
+int mpi_write_binary( const mpi *X, unsigned char *buf, size_t buflen )
{
- int i, j, n;
+ size_t i, j, n;
n = mpi_size( X );
@@ -512,9 +515,10 @@
/*
* Left-shift: X <<= count
*/
-int mpi_shift_l( mpi *X, int count )
+int mpi_shift_l( mpi *X, size_t count )
{
- int ret, i, v0, t1;
+ int ret;
+ size_t i, v0, t1;
t_int r0 = 0, r1;
v0 = count / (biL );
@@ -532,11 +536,11 @@
*/
if( v0 > 0 )
{
- for( i = X->n - 1; i >= v0; i-- )
- X->p[i] = X->p[i - v0];
+ for( i = X->n; i > v0; i-- )
+ X->p[i - 1] = X->p[i - v0 - 1];
- for( ; i >= 0; i-- )
- X->p[i] = 0;
+ for( ; i > 0; i-- )
+ X->p[i - 1] = 0;
}
/*
@@ -561,9 +565,9 @@
/*
* Right-shift: X >>= count
*/
-int mpi_shift_r( mpi *X, int count )
+int mpi_shift_r( mpi *X, size_t count )
{
- int i, v0, v1;
+ size_t i, v0, v1;
t_int r0 = 0, r1;
v0 = count / biL;
@@ -586,11 +590,11 @@
*/
if( v1 > 0 )
{
- for( i = X->n - 1; i >= 0; i-- )
+ for( i = X->n; i > 0; i-- )
{
- r1 = X->p[i] << (biL - v1);
- X->p[i] >>= v1;
- X->p[i] |= r0;
+ r1 = X->p[i - 1] << (biL - v1);
+ X->p[i - 1] >>= v1;
+ X->p[i - 1] |= r0;
r0 = r1;
}
}
@@ -603,26 +607,26 @@
*/
int mpi_cmp_abs( const mpi *X, const mpi *Y )
{
- int i, j;
+ size_t i, j;
- for( i = X->n - 1; i >= 0; i-- )
- if( X->p[i] != 0 )
+ for( i = X->n; i > 0; i-- )
+ if( X->p[i - 1] != 0 )
break;
- for( j = Y->n - 1; j >= 0; j-- )
- if( Y->p[j] != 0 )
+ for( j = Y->n; j > 0; j-- )
+ if( Y->p[j - 1] != 0 )
break;
- if( i < 0 && j < 0 )
+ if( i == 0 && j == 0 )
return( 0 );
if( i > j ) return( 1 );
if( j > i ) return( -1 );
- for( ; i >= 0; i-- )
+ for( ; i > 0; i-- )
{
- if( X->p[i] > Y->p[i] ) return( 1 );
- if( X->p[i] < Y->p[i] ) return( -1 );
+ if( X->p[i - 1] > Y->p[i - 1] ) return( 1 );
+ if( X->p[i - 1] < Y->p[i - 1] ) return( -1 );
}
return( 0 );
@@ -633,17 +637,17 @@
*/
int mpi_cmp_mpi( const mpi *X, const mpi *Y )
{
- int i, j;
+ size_t i, j;
- for( i = X->n - 1; i >= 0; i-- )
- if( X->p[i] != 0 )
+ for( i = X->n; i > 0; i-- )
+ if( X->p[i - 1] != 0 )
break;
- for( j = Y->n - 1; j >= 0; j-- )
- if( Y->p[j] != 0 )
+ for( j = Y->n; j > 0; j-- )
+ if( Y->p[j - 1] != 0 )
break;
- if( i < 0 && j < 0 )
+ if( i == 0 && j == 0 )
return( 0 );
if( i > j ) return( X->s );
@@ -652,10 +656,10 @@
if( X->s > 0 && Y->s < 0 ) return( 1 );
if( Y->s > 0 && X->s < 0 ) return( -1 );
- for( ; i >= 0; i-- )
+ for( ; i > 0; i-- )
{
- if( X->p[i] > Y->p[i] ) return( X->s );
- if( X->p[i] < Y->p[i] ) return( -X->s );
+ if( X->p[i - 1] > Y->p[i - 1] ) return( X->s );
+ if( X->p[i - 1] < Y->p[i - 1] ) return( -X->s );
}
return( 0 );
@@ -664,7 +668,7 @@
/*
* Compare signed values
*/
-int mpi_cmp_int( const mpi *X, int z )
+int mpi_cmp_int( const mpi *X, t_s_int z )
{
mpi Y;
t_int p[1];
@@ -682,7 +686,8 @@
*/
int mpi_add_abs( mpi *X, const mpi *A, const mpi *B )
{
- int ret, i, j;
+ int ret;
+ size_t i, j;
t_int *o, *p, c;
if( X == B )
@@ -698,15 +703,15 @@
*/
X->s = 1;
- for( j = B->n - 1; j >= 0; j-- )
- if( B->p[j] != 0 )
+ for( j = B->n; j > 0; j-- )
+ if( B->p[j - 1] != 0 )
break;
- MPI_CHK( mpi_grow( X, j + 1 ) );
+ MPI_CHK( mpi_grow( X, j ) );
o = B->p; p = X->p; c = 0;
- for( i = 0; i <= j; i++, o++, p++ )
+ for( i = 0; i < j; i++, o++, p++ )
{
*p += c; c = ( *p < c );
*p += *o; c += ( *p < *o );
@@ -731,9 +736,9 @@
/*
* Helper for mpi substraction
*/
-static void mpi_sub_hlp( int n, t_int *s, t_int *d )
+static void mpi_sub_hlp( size_t n, t_int *s, t_int *d )
{
- int i;
+ size_t i;
t_int c, z;
for( i = c = 0; i < n; i++, s++, d++ )
@@ -755,7 +760,8 @@
int mpi_sub_abs( mpi *X, const mpi *A, const mpi *B )
{
mpi TB;
- int ret, n;
+ int ret;
+ size_t n;
if( mpi_cmp_abs( A, B ) < 0 )
return( POLARSSL_ERR_MPI_NEGATIVE_VALUE );
@@ -778,11 +784,11 @@
ret = 0;
- for( n = B->n - 1; n >= 0; n-- )
- if( B->p[n] != 0 )
+ for( n = B->n; n > 0; n-- )
+ if( B->p[n - 1] != 0 )
break;
- mpi_sub_hlp( n + 1, B->p, X->p );
+ mpi_sub_hlp( n, B->p, X->p );
cleanup:
@@ -856,7 +862,7 @@
/*
* Signed addition: X = A + b
*/
-int mpi_add_int( mpi *X, const mpi *A, int b )
+int mpi_add_int( mpi *X, const mpi *A, t_s_int b )
{
mpi _B;
t_int p[1];
@@ -872,7 +878,7 @@
/*
* Signed substraction: X = A - b
*/
-int mpi_sub_int( mpi *X, const mpi *A, int b )
+int mpi_sub_int( mpi *X, const mpi *A, t_s_int b )
{
mpi _B;
t_int p[1];
@@ -888,7 +894,7 @@
/*
* Helper for mpi multiplication
*/
-static void mpi_mul_hlp( int i, t_int *s, t_int *d, t_int b )
+static void mpi_mul_hlp( size_t i, t_int *s, t_int *d, t_int b )
{
t_int c = 0, t = 0;
@@ -954,7 +960,8 @@
*/
int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B )
{
- int ret, i, j;
+ int ret;
+ size_t i, j;
mpi TA, TB;
mpi_init( &TA, &TB, NULL );
@@ -962,19 +969,19 @@
if( X == A ) { MPI_CHK( mpi_copy( &TA, A ) ); A = &TA; }
if( X == B ) { MPI_CHK( mpi_copy( &TB, B ) ); B = &TB; }
- for( i = A->n - 1; i >= 0; i-- )
- if( A->p[i] != 0 )
+ for( i = A->n; i > 0; i-- )
+ if( A->p[i - 1] != 0 )
break;
- for( j = B->n - 1; j >= 0; j-- )
- if( B->p[j] != 0 )
+ for( j = B->n; j > 0; j-- )
+ if( B->p[j - 1] != 0 )
break;
- MPI_CHK( mpi_grow( X, i + j + 2 ) );
+ MPI_CHK( mpi_grow( X, i + j ) );
MPI_CHK( mpi_lset( X, 0 ) );
- for( i++; j >= 0; j-- )
- mpi_mul_hlp( i, A->p, X->p + j, B->p[j] );
+ for( i++; j > 0; j-- )
+ mpi_mul_hlp( i - 1, A->p, X->p + j - 1, B->p[j - 1] );
X->s = A->s * B->s;
@@ -988,7 +995,7 @@
/*
* Baseline multiplication: X = A * b
*/
-int mpi_mul_int( mpi *X, const mpi *A, t_int b )
+int mpi_mul_int( mpi *X, const mpi *A, t_s_int b )
{
mpi _B;
t_int p[1];
@@ -1006,7 +1013,8 @@
*/
int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B )
{
- int ret, i, n, t, k;
+ int ret;
+ size_t i, n, t, k;
mpi X, Y, Z, T1, T2;
if( mpi_cmp_int( B, 0 ) == 0 )
@@ -1169,7 +1177,7 @@
* 1 if memory allocation failed
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0
*/
-int mpi_div_int( mpi *Q, mpi *R, const mpi *A, int b )
+int mpi_div_int( mpi *Q, mpi *R, const mpi *A, t_s_int b )
{
mpi _B;
t_int p[1];
@@ -1208,9 +1216,9 @@
/*
* Modulo: r = A mod b
*/
-int mpi_mod_int( t_int *r, const mpi *A, int b )
+int mpi_mod_int( t_int *r, const mpi *A, t_s_int b )
{
- int i;
+ size_t i;
t_int x, y, z;
if( b == 0 )
@@ -1237,9 +1245,9 @@
/*
* general case
*/
- for( i = A->n - 1, y = 0; i >= 0; i-- )
+ for( i = A->n, y = 0; i > 0; i-- )
{
- x = A->p[i];
+ x = A->p[i - 1];
y = ( y << biH ) | ( x >> biH );
z = y / b;
y -= z * b;
@@ -1285,7 +1293,7 @@
*/
static void mpi_montmul( mpi *A, const mpi *B, const mpi *N, t_int mm, const mpi *T )
{
- int i, n, m;
+ size_t i, n, m;
t_int u0, u1, *d;
memset( T->p, 0, T->n * ciL );
@@ -1336,8 +1344,10 @@
*/
int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR )
{
- int ret, i, j, wsize, wbits;
- int bufsize, nblimbs, nbits;
+ int ret;
+ size_t wbits, wsize, one = 1;
+ size_t i, j, nblimbs;
+ size_t bufsize, nbits;
t_int ei, mm, state;
mpi RR, T, W[64];
@@ -1396,7 +1406,7 @@
/*
* W[1 << (wsize - 1)] = W[1] ^ (wsize - 1)
*/
- j = 1 << (wsize - 1);
+ j = one << (wsize - 1);
MPI_CHK( mpi_grow( &W[j], N->n + 1 ) );
MPI_CHK( mpi_copy( &W[j], &W[1] ) );
@@ -1407,7 +1417,7 @@
/*
* W[i] = W[i - 1] * W[1]
*/
- for( i = j + 1; i < (1 << wsize); i++ )
+ for( i = j + 1; i < (one << wsize); i++ )
{
MPI_CHK( mpi_grow( &W[i], N->n + 1 ) );
MPI_CHK( mpi_copy( &W[i], &W[i - 1] ) );
@@ -1487,7 +1497,7 @@
wbits <<= 1;
- if( (wbits & (1 << wsize)) != 0 )
+ if( (wbits & (one << wsize)) != 0 )
mpi_montmul( X, &W[1], N, mm, &T );
}
@@ -1498,7 +1508,7 @@
cleanup:
- for( i = (1 << (wsize - 1)); i < (1 << wsize); i++ )
+ for( i = (one << (wsize - 1)); i < (one << wsize); i++ )
mpi_free( &W[i], NULL );
if( _RR != NULL )
@@ -1513,7 +1523,8 @@
*/
int mpi_gcd( mpi *G, const mpi *A, const mpi *B )
{
- int ret, lz, lzt;
+ int ret;
+ size_t lz, lzt;
mpi TG, TA, TB;
mpi_init( &TG, &TA, &TB, NULL );
@@ -1559,9 +1570,10 @@
return( ret );
}
-int mpi_fill_random( mpi *X, int size, int (*f_rng)(void *), void *p_rng )
+int mpi_fill_random( mpi *X, size_t size, int (*f_rng)(void *), void *p_rng )
{
- int ret, k;
+ int ret;
+ size_t k;
unsigned char *p;
MPI_CHK( mpi_grow( X, size ) );
@@ -1700,7 +1712,8 @@
*/
int mpi_is_prime( mpi *X, int (*f_rng)(void *), void *p_rng )
{
- int ret, i, j, n, s, xs;
+ int ret, xs;
+ size_t i, j, n, s;
mpi W, R, T, A, RR;
if( mpi_cmp_int( X, 0 ) == 0 ||
@@ -1811,10 +1824,11 @@
/*
* Prime number generation
*/
-int mpi_gen_prime( mpi *X, int nbits, int dh_flag,
+int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag,
int (*f_rng)(void *), void *p_rng )
{
- int ret, k, n;
+ int ret;
+ size_t k, n;
mpi Y;
if( nbits < 3 )
@@ -1878,7 +1892,7 @@
#if defined(POLARSSL_SELF_TEST)
-#define GCD_PAIR_COUNT 3
+#define GCD_PAIR_COUNT 3
static const int gcd_pairs[GCD_PAIR_COUNT][3] =
{
@@ -2012,17 +2026,17 @@
for ( i = 0; i < GCD_PAIR_COUNT; i++)
{
MPI_CHK( mpi_lset( &X, gcd_pairs[i][0] ) );
- MPI_CHK( mpi_lset( &Y, gcd_pairs[i][1] ) );
+ MPI_CHK( mpi_lset( &Y, gcd_pairs[i][1] ) );
- MPI_CHK( mpi_gcd( &A, &X, &Y ) );
+ MPI_CHK( mpi_gcd( &A, &X, &Y ) );
- if( mpi_cmp_int( &A, gcd_pairs[i][2] ) != 0 )
- {
- if( verbose != 0 )
- printf( "failed at %d\n", i );
+ if( mpi_cmp_int( &A, gcd_pairs[i][2] ) != 0 )
+ {
+ if( verbose != 0 )
+ printf( "failed at %d\n", i );
- return( 1 );
- }
+ return( 1 );
+ }
}
if( verbose != 0 )
diff --git a/library/camellia.c b/library/camellia.c
index 6624d17..d725c19 100644
--- a/library/camellia.c
+++ b/library/camellia.c
@@ -35,8 +35,6 @@
#include "polarssl/camellia.h"
-#include <string.h>
-
/*
* 32-bit integer manipulation macros (big endian)
*/
@@ -309,9 +307,10 @@
/*
* Camellia key schedule (encryption)
*/
-int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, int keysize )
+int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, unsigned int keysize )
{
- int i, idx;
+ int idx;
+ size_t i;
uint32_t *RK;
unsigned char t[64];
uint32_t SIGMA[6][2];
@@ -412,9 +411,10 @@
/*
* Camellia key schedule (decryption)
*/
-int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, int keysize )
+int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, unsigned int keysize )
{
- int i, idx;
+ int idx;
+ size_t i;
camellia_context cty;
uint32_t *RK;
uint32_t *SK;
@@ -526,7 +526,7 @@
*/
int camellia_crypt_cbc( camellia_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output )
@@ -579,7 +579,7 @@
*/
int camellia_crypt_cfb128( camellia_context *ctx,
int mode,
- int length,
+ size_t length,
int *iv_off,
unsigned char iv[16],
const unsigned char *input,
diff --git a/library/cipher.c b/library/cipher.c
index ee3cd45..56ac7c4 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -34,7 +34,6 @@
#include "polarssl/cipher.h"
#include "polarssl/cipher_wrap.h"
-#include <string.h>
#include <stdlib.h>
#if defined _MSC_VER && !defined strcasecmp
@@ -196,10 +195,10 @@
return 0;
}
-int cipher_update( cipher_context_t *ctx, const unsigned char *input, int ilen,
- unsigned char *output, int *olen )
+int cipher_update( cipher_context_t *ctx, const unsigned char *input, size_t ilen,
+ unsigned char *output, size_t *olen )
{
- int copy_len = 0;
+ size_t copy_len = 0;
if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen ||
input == output )
@@ -286,18 +285,18 @@
return 1;
}
-static void add_pkcs_padding( unsigned char *output, unsigned char output_len,
- int data_len )
+static void add_pkcs_padding( unsigned char *output, size_t output_len,
+ size_t data_len )
{
- unsigned char padding_len = output_len - data_len;
+ size_t padding_len = output_len - data_len;
unsigned char i = 0;
for( i = 0; i < padding_len; i++ )
- output[data_len + i] = padding_len;
+ output[data_len + i] = (unsigned char) padding_len;
}
static int get_pkcs_padding( unsigned char *input, unsigned char input_len,
- int *data_len)
+ size_t *data_len)
{
int i = 0;
unsigned char padding_len = 0;
@@ -319,7 +318,7 @@
return 0;
}
-int cipher_finish( cipher_context_t *ctx, unsigned char *output, int *olen)
+int cipher_finish( cipher_context_t *ctx, unsigned char *output, size_t *olen)
{
if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen )
return 1;
diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c
index bfcfcb5..f1abf29 100644
--- a/library/cipher_wrap.c
+++ b/library/cipher_wrap.c
@@ -36,23 +36,22 @@
#include "polarssl/camellia.h"
#include "polarssl/des.h"
-#include <string.h>
#include <stdlib.h>
#if defined(POLARSSL_AES_C)
-int aes_crypt_cbc_wrap( void *ctx, operation_t operation, int length,
+int aes_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length,
unsigned char *iv, const unsigned char *input, unsigned char *output )
{
return aes_crypt_cbc( (aes_context *) ctx, operation, length, iv, input, output );
}
-int aes_setkey_dec_wrap( void *ctx, const unsigned char *key, int key_length )
+int aes_setkey_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length )
{
return aes_setkey_dec( (aes_context *) ctx, key, key_length );
}
-int aes_setkey_enc_wrap( void *ctx, const unsigned char *key, int key_length )
+int aes_setkey_enc_wrap( void *ctx, const unsigned char *key, unsigned int key_length )
{
return aes_setkey_enc( (aes_context *) ctx, key, key_length );
}
@@ -68,65 +67,65 @@
}
const cipher_info_t aes_128_cbc_info = {
- POLARSSL_CIPHER_AES_128_CBC,
- POLARSSL_CIPHER_ID_AES,
- POLARSSL_MODE_CBC,
- 128,
- "AES-128-CBC",
- 16,
- 16,
- aes_crypt_cbc_wrap,
- aes_setkey_enc_wrap,
- aes_setkey_dec_wrap,
- aes_ctx_alloc,
- aes_ctx_free
+ POLARSSL_CIPHER_AES_128_CBC,
+ POLARSSL_CIPHER_ID_AES,
+ POLARSSL_MODE_CBC,
+ 128,
+ "AES-128-CBC",
+ 16,
+ 16,
+ aes_crypt_cbc_wrap,
+ aes_setkey_enc_wrap,
+ aes_setkey_dec_wrap,
+ aes_ctx_alloc,
+ aes_ctx_free
};
const cipher_info_t aes_192_cbc_info = {
- POLARSSL_CIPHER_AES_192_CBC,
- POLARSSL_CIPHER_ID_AES,
- POLARSSL_MODE_CBC,
- 192,
- "AES-192-CBC",
- 16,
- 16,
- aes_crypt_cbc_wrap,
- aes_setkey_enc_wrap,
- aes_setkey_dec_wrap,
- aes_ctx_alloc,
- aes_ctx_free
+ POLARSSL_CIPHER_AES_192_CBC,
+ POLARSSL_CIPHER_ID_AES,
+ POLARSSL_MODE_CBC,
+ 192,
+ "AES-192-CBC",
+ 16,
+ 16,
+ aes_crypt_cbc_wrap,
+ aes_setkey_enc_wrap,
+ aes_setkey_dec_wrap,
+ aes_ctx_alloc,
+ aes_ctx_free
};
const cipher_info_t aes_256_cbc_info = {
- POLARSSL_CIPHER_AES_256_CBC,
- POLARSSL_CIPHER_ID_AES,
- POLARSSL_MODE_CBC,
- 256,
- "AES-256-CBC",
- 16,
- 16,
- aes_crypt_cbc_wrap,
- aes_setkey_enc_wrap,
- aes_setkey_dec_wrap,
- aes_ctx_alloc,
- aes_ctx_free
+ POLARSSL_CIPHER_AES_256_CBC,
+ POLARSSL_CIPHER_ID_AES,
+ POLARSSL_MODE_CBC,
+ 256,
+ "AES-256-CBC",
+ 16,
+ 16,
+ aes_crypt_cbc_wrap,
+ aes_setkey_enc_wrap,
+ aes_setkey_dec_wrap,
+ aes_ctx_alloc,
+ aes_ctx_free
};
#endif
#if defined(POLARSSL_CAMELLIA_C)
-int camellia_crypt_cbc_wrap( void *ctx, operation_t operation, int length,
+int camellia_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length,
unsigned char *iv, const unsigned char *input, unsigned char *output )
{
return camellia_crypt_cbc( (camellia_context *) ctx, operation, length, iv, input, output );
}
-int camellia_setkey_dec_wrap( void *ctx, const unsigned char *key, int key_length )
+int camellia_setkey_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length )
{
return camellia_setkey_dec( (camellia_context *) ctx, key, key_length );
}
-int camellia_setkey_enc_wrap( void *ctx, const unsigned char *key, int key_length )
+int camellia_setkey_enc_wrap( void *ctx, const unsigned char *key, unsigned int key_length )
{
return camellia_setkey_enc( (camellia_context *) ctx, key, key_length );
}
@@ -142,101 +141,101 @@
}
const cipher_info_t camellia_128_cbc_info = {
- POLARSSL_CIPHER_CAMELLIA_128_CBC,
- POLARSSL_CIPHER_ID_CAMELLIA,
- POLARSSL_MODE_CBC,
- 128,
- "CAMELLIA-128-CBC",
- 16,
- 16,
- camellia_crypt_cbc_wrap,
- camellia_setkey_enc_wrap,
- camellia_setkey_dec_wrap,
- camellia_ctx_alloc,
- camellia_ctx_free
+ POLARSSL_CIPHER_CAMELLIA_128_CBC,
+ POLARSSL_CIPHER_ID_CAMELLIA,
+ POLARSSL_MODE_CBC,
+ 128,
+ "CAMELLIA-128-CBC",
+ 16,
+ 16,
+ camellia_crypt_cbc_wrap,
+ camellia_setkey_enc_wrap,
+ camellia_setkey_dec_wrap,
+ camellia_ctx_alloc,
+ camellia_ctx_free
};
const cipher_info_t camellia_192_cbc_info = {
- POLARSSL_CIPHER_CAMELLIA_192_CBC,
- POLARSSL_CIPHER_ID_CAMELLIA,
- POLARSSL_MODE_CBC,
- 192,
- "CAMELLIA-192-CBC",
- 16,
- 16,
- camellia_crypt_cbc_wrap,
- camellia_setkey_enc_wrap,
- camellia_setkey_dec_wrap,
- camellia_ctx_alloc,
- camellia_ctx_free
+ POLARSSL_CIPHER_CAMELLIA_192_CBC,
+ POLARSSL_CIPHER_ID_CAMELLIA,
+ POLARSSL_MODE_CBC,
+ 192,
+ "CAMELLIA-192-CBC",
+ 16,
+ 16,
+ camellia_crypt_cbc_wrap,
+ camellia_setkey_enc_wrap,
+ camellia_setkey_dec_wrap,
+ camellia_ctx_alloc,
+ camellia_ctx_free
};
const cipher_info_t camellia_256_cbc_info = {
- POLARSSL_CIPHER_CAMELLIA_256_CBC,
- POLARSSL_CIPHER_ID_CAMELLIA,
- POLARSSL_MODE_CBC,
- 256,
- "CAMELLIA-256-CBC",
- 16,
- 16,
- camellia_crypt_cbc_wrap,
- camellia_setkey_enc_wrap,
- camellia_setkey_dec_wrap,
- camellia_ctx_alloc,
- camellia_ctx_free
+ POLARSSL_CIPHER_CAMELLIA_256_CBC,
+ POLARSSL_CIPHER_ID_CAMELLIA,
+ POLARSSL_MODE_CBC,
+ 256,
+ "CAMELLIA-256-CBC",
+ 16,
+ 16,
+ camellia_crypt_cbc_wrap,
+ camellia_setkey_enc_wrap,
+ camellia_setkey_dec_wrap,
+ camellia_ctx_alloc,
+ camellia_ctx_free
};
#endif
#if defined(POLARSSL_DES_C)
-int des_crypt_cbc_wrap( void *ctx, operation_t operation, int length,
+int des_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length,
unsigned char *iv, const unsigned char *input, unsigned char *output )
{
return des_crypt_cbc( (des_context *) ctx, operation, length, iv, input, output );
}
-int des3_crypt_cbc_wrap( void *ctx, operation_t operation, int length,
+int des3_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length,
unsigned char *iv, const unsigned char *input, unsigned char *output )
{
return des3_crypt_cbc( (des3_context *) ctx, operation, length, iv, input, output );
}
-int des_setkey_dec_wrap( void *ctx, const unsigned char *key, int key_length )
+int des_setkey_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length )
{
((void) key_length);
return des_setkey_dec( (des_context *) ctx, key );
}
-int des_setkey_enc_wrap( void *ctx, const unsigned char *key, int key_length )
+int des_setkey_enc_wrap( void *ctx, const unsigned char *key, unsigned int key_length )
{
((void) key_length);
return des_setkey_enc( (des_context *) ctx, key );
}
-int des3_set2key_dec_wrap( void *ctx, const unsigned char *key, int key_length )
+int des3_set2key_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length )
{
((void) key_length);
return des3_set2key_dec( (des3_context *) ctx, key );
}
-int des3_set2key_enc_wrap( void *ctx, const unsigned char *key, int key_length )
+int des3_set2key_enc_wrap( void *ctx, const unsigned char *key, unsigned int key_length )
{
((void) key_length);
return des3_set2key_enc( (des3_context *) ctx, key );
}
-int des3_set3key_dec_wrap( void *ctx, const unsigned char *key, int key_length )
+int des3_set3key_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length )
{
((void) key_length);
return des3_set3key_dec( (des3_context *) ctx, key );
}
-int des3_set3key_enc_wrap( void *ctx, const unsigned char *key, int key_length )
+int des3_set3key_enc_wrap( void *ctx, const unsigned char *key, unsigned int key_length )
{
((void) key_length);
@@ -259,48 +258,48 @@
}
const cipher_info_t des_cbc_info = {
- POLARSSL_CIPHER_DES_CBC,
- POLARSSL_CIPHER_ID_DES,
- POLARSSL_MODE_CBC,
- POLARSSL_KEY_LENGTH_DES,
- "DES-CBC",
- 8,
- 8,
- des_crypt_cbc_wrap,
- des_setkey_enc_wrap,
- des_setkey_dec_wrap,
- des_ctx_alloc,
- des_ctx_free
+ POLARSSL_CIPHER_DES_CBC,
+ POLARSSL_CIPHER_ID_DES,
+ POLARSSL_MODE_CBC,
+ POLARSSL_KEY_LENGTH_DES,
+ "DES-CBC",
+ 8,
+ 8,
+ des_crypt_cbc_wrap,
+ des_setkey_enc_wrap,
+ des_setkey_dec_wrap,
+ des_ctx_alloc,
+ des_ctx_free
};
const cipher_info_t des_ede_cbc_info = {
- POLARSSL_CIPHER_DES_EDE_CBC,
- POLARSSL_CIPHER_ID_DES,
- POLARSSL_MODE_CBC,
- POLARSSL_KEY_LENGTH_DES_EDE,
- "DES-EDE-CBC",
- 16,
- 16,
- des3_crypt_cbc_wrap,
- des3_set2key_enc_wrap,
- des3_set2key_dec_wrap,
- des3_ctx_alloc,
- des_ctx_free
+ POLARSSL_CIPHER_DES_EDE_CBC,
+ POLARSSL_CIPHER_ID_DES,
+ POLARSSL_MODE_CBC,
+ POLARSSL_KEY_LENGTH_DES_EDE,
+ "DES-EDE-CBC",
+ 16,
+ 16,
+ des3_crypt_cbc_wrap,
+ des3_set2key_enc_wrap,
+ des3_set2key_dec_wrap,
+ des3_ctx_alloc,
+ des_ctx_free
};
const cipher_info_t des_ede3_cbc_info = {
- POLARSSL_CIPHER_DES_EDE3_CBC,
- POLARSSL_CIPHER_ID_DES,
- POLARSSL_MODE_CBC,
- POLARSSL_KEY_LENGTH_DES_EDE3,
- "DES-EDE3-CBC",
- 8,
- 8,
- des3_crypt_cbc_wrap,
- des3_set3key_enc_wrap,
- des3_set3key_dec_wrap,
- des3_ctx_alloc,
- des_ctx_free
+ POLARSSL_CIPHER_DES_EDE3_CBC,
+ POLARSSL_CIPHER_ID_DES,
+ POLARSSL_MODE_CBC,
+ POLARSSL_KEY_LENGTH_DES_EDE3,
+ "DES-EDE3-CBC",
+ 8,
+ 8,
+ des3_crypt_cbc_wrap,
+ des3_set3key_enc_wrap,
+ des3_set3key_dec_wrap,
+ des3_ctx_alloc,
+ des_ctx_free
};
#endif
diff --git a/library/debug.c b/library/debug.c
index 6d4fd31..1c8dbf5 100644
--- a/library/debug.c
+++ b/library/debug.c
@@ -87,12 +87,12 @@
void debug_print_buf( const ssl_context *ssl, int level,
const char *file, int line, const char *text,
- unsigned char *buf, int len )
+ unsigned char *buf, size_t len )
{
char str[512];
- int i, maxlen = sizeof( str ) - 1;
+ size_t i, maxlen = sizeof( str ) - 1;
- if( ssl->f_dbg == NULL || len < 0 )
+ if( ssl->f_dbg == NULL )
return;
snprintf( str, maxlen, "%s(%04d): dumping '%s' (%d bytes)\n",
@@ -132,7 +132,8 @@
const char *text, const mpi *X )
{
char str[512];
- int i, j, k, n, maxlen = sizeof( str ) - 1, zeros = 1;
+ int j, k, maxlen = sizeof( str ) - 1, zeros = 1;
+ size_t i, n;
if( ssl->f_dbg == NULL || X == NULL )
return;
@@ -152,14 +153,14 @@
str[maxlen] = '\0';
ssl->f_dbg( ssl->p_dbg, level, str );
- for( i = n, j = 0; i >= 0; i-- )
+ for( i = n + 1, j = 0; i > 0; i-- )
{
- if( zeros && X->p[i] == 0 )
+ if( zeros && X->p[i - 1] == 0 )
continue;
for( k = sizeof( t_int ) - 1; k >= 0; k-- )
{
- if( zeros && ( ( X->p[i] >> (k << 3) ) & 0xFF ) == 0 )
+ if( zeros && ( ( X->p[i - 1] >> (k << 3) ) & 0xFF ) == 0 )
continue;
else
zeros = 0;
@@ -176,7 +177,7 @@
}
snprintf( str, maxlen, " %02x", (unsigned int)
- ( X->p[i] >> (k << 3) ) & 0xFF );
+ ( X->p[i - 1] >> (k << 3) ) & 0xFF );
str[maxlen] = '\0';
ssl->f_dbg( ssl->p_dbg, level, str );
diff --git a/library/des.c b/library/des.c
index 39ff216..3034030 100644
--- a/library/des.c
+++ b/library/des.c
@@ -35,8 +35,6 @@
#include "polarssl/des.h"
-#include <string.h>
-
/*
* 32-bit integer manipulation macros (big endian)
*/
@@ -611,7 +609,7 @@
*/
int des_crypt_cbc( des_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[8],
const unsigned char *input,
unsigned char *output )
@@ -706,7 +704,7 @@
*/
int des3_crypt_cbc( des3_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[8],
const unsigned char *input,
unsigned char *output )
diff --git a/library/dhm.c b/library/dhm.c
index 4b78722..1a8211e 100644
--- a/library/dhm.c
+++ b/library/dhm.c
@@ -34,8 +34,6 @@
#include "polarssl/dhm.h"
-#include <string.h>
-
/*
* helper to validate the mpi size and import it
*/
@@ -128,10 +126,11 @@
* Setup and write the ServerKeyExchange parameters
*/
int dhm_make_params( dhm_context *ctx, int x_size,
- unsigned char *output, int *olen,
+ unsigned char *output, size_t *olen,
int (*f_rng)(void *), void *p_rng )
{
- int ret, n, n1, n2, n3;
+ int ret, n;
+ size_t n1, n2, n3;
unsigned char *p;
/*
@@ -186,7 +185,7 @@
* Import the peer's public value G^Y
*/
int dhm_read_public( dhm_context *ctx,
- const unsigned char *input, int ilen )
+ const unsigned char *input, size_t ilen )
{
int ret;
@@ -203,7 +202,7 @@
* Create own private value X and export G^X
*/
int dhm_make_public( dhm_context *ctx, int x_size,
- unsigned char *output, int olen,
+ unsigned char *output, size_t olen,
int (*f_rng)(void *), void *p_rng )
{
int ret, n;
@@ -241,7 +240,7 @@
* Derive and export the shared secret (G^Y)^X mod P
*/
int dhm_calc_secret( dhm_context *ctx,
- unsigned char *output, int *olen )
+ unsigned char *output, size_t *olen )
{
int ret;
diff --git a/library/havege.c b/library/havege.c
index 499fe4f..11c3d28 100644
--- a/library/havege.c
+++ b/library/havege.c
@@ -34,12 +34,12 @@
#if defined(POLARSSL_HAVEGE_C)
-#include <string.h>
-#include <time.h>
-
#include "polarssl/havege.h"
#include "polarssl/timing.h"
+#include <string.h>
+#include <time.h>
+
/* ------------------------------------------------------------------------
* On average, one iteration accesses two 8-word blocks in the havege WALK
* table, and generates 16 words in the RES array.
diff --git a/library/md.c b/library/md.c
index 62c3e45..dcdf7c9 100644
--- a/library/md.c
+++ b/library/md.c
@@ -34,7 +34,6 @@
#include "polarssl/md.h"
#include "polarssl/md_wrap.h"
-#include <string.h>
#include <stdlib.h>
#if defined _MSC_VER && !defined strcasecmp
@@ -190,7 +189,7 @@
return 0;
}
-int md_update( md_context_t *ctx, const unsigned char *input, int ilen )
+int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen )
{
if( ctx == NULL || ctx->md_info == NULL )
return 1;
@@ -210,7 +209,7 @@
return 0;
}
-int md( const md_info_t *md_info, const unsigned char *input, int ilen,
+int md( const md_info_t *md_info, const unsigned char *input, size_t ilen,
unsigned char *output )
{
if ( md_info == NULL )
@@ -229,7 +228,7 @@
return md_info->file_func( path, output );
}
-int md_hmac_starts( md_context_t *ctx, const unsigned char *key, int keylen )
+int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen )
{
if( ctx == NULL || ctx->md_info == NULL )
return 1;
@@ -239,7 +238,7 @@
return 0;
}
-int md_hmac_update( md_context_t *ctx, const unsigned char *input, int ilen )
+int md_hmac_update( md_context_t *ctx, const unsigned char *input, size_t ilen )
{
if( ctx == NULL || ctx->md_info == NULL )
return 1;
@@ -269,8 +268,8 @@
return 0;
}
-int md_hmac( const md_info_t *md_info, const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char *output )
{
if( md_info == NULL )
diff --git a/library/md2.c b/library/md2.c
index 7741033..4daea58 100644
--- a/library/md2.c
+++ b/library/md2.c
@@ -35,7 +35,6 @@
#include "polarssl/md2.h"
-#include <string.h>
#include <stdio.h>
static const unsigned char PI_SUBST[256] =
@@ -116,9 +115,9 @@
/*
* MD2 process buffer
*/
-void md2_update( md2_context *ctx, const unsigned char *input, int ilen )
+void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen )
{
- int fill;
+ size_t fill;
while( ilen > 0 )
{
@@ -146,7 +145,7 @@
*/
void md2_finish( md2_context *ctx, unsigned char output[16] )
{
- int i;
+ size_t i;
unsigned char x;
x = (unsigned char)( 16 - ctx->left );
@@ -165,7 +164,7 @@
/*
* output = MD2( input buffer )
*/
-void md2( const unsigned char *input, int ilen, unsigned char output[16] )
+void md2( const unsigned char *input, size_t ilen, unsigned char output[16] )
{
md2_context ctx;
@@ -211,9 +210,9 @@
/*
* MD2 HMAC context setup
*/
-void md2_hmac_starts( md2_context *ctx, const unsigned char *key, int keylen )
+void md2_hmac_starts( md2_context *ctx, const unsigned char *key, size_t keylen )
{
- int i;
+ size_t i;
unsigned char sum[16];
if( keylen > 64 )
@@ -241,7 +240,7 @@
/*
* MD2 HMAC process buffer
*/
-void md2_hmac_update( md2_context *ctx, const unsigned char *input, int ilen )
+void md2_hmac_update( md2_context *ctx, const unsigned char *input, size_t ilen )
{
md2_update( ctx, input, ilen );
}
@@ -274,8 +273,8 @@
/*
* output = HMAC-MD2( hmac key, input buffer )
*/
-void md2_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void md2_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[16] )
{
md2_context ctx;
diff --git a/library/md4.c b/library/md4.c
index 73cfbf8..3694899 100644
--- a/library/md4.c
+++ b/library/md4.c
@@ -35,7 +35,6 @@
#include "polarssl/md4.h"
-#include <string.h>
#include <stdio.h>
/*
@@ -181,9 +180,9 @@
/*
* MD4 process buffer
*/
-void md4_update( md4_context *ctx, const unsigned char *input, int ilen )
+void md4_update( md4_context *ctx, const unsigned char *input, size_t ilen )
{
- int fill;
+ size_t fill;
unsigned long left;
if( ilen <= 0 )
@@ -192,7 +191,7 @@
left = ctx->total[0] & 0x3F;
fill = 64 - left;
- ctx->total[0] += ilen;
+ ctx->total[0] += (unsigned long) ilen;
ctx->total[0] &= 0xFFFFFFFF;
if( ctx->total[0] < (unsigned long) ilen )
@@ -261,7 +260,7 @@
/*
* output = MD4( input buffer )
*/
-void md4( const unsigned char *input, int ilen, unsigned char output[16] )
+void md4( const unsigned char *input, size_t ilen, unsigned char output[16] )
{
md4_context ctx;
@@ -307,9 +306,9 @@
/*
* MD4 HMAC context setup
*/
-void md4_hmac_starts( md4_context *ctx, const unsigned char *key, int keylen )
+void md4_hmac_starts( md4_context *ctx, const unsigned char *key, size_t keylen )
{
- int i;
+ size_t i;
unsigned char sum[16];
if( keylen > 64 )
@@ -337,7 +336,7 @@
/*
* MD4 HMAC process buffer
*/
-void md4_hmac_update( md4_context *ctx, const unsigned char *input, int ilen )
+void md4_hmac_update( md4_context *ctx, const unsigned char *input, size_t ilen )
{
md4_update( ctx, input, ilen );
}
@@ -370,8 +369,8 @@
/*
* output = HMAC-MD4( hmac key, input buffer )
*/
-void md4_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void md4_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[16] )
{
md4_context ctx;
diff --git a/library/md5.c b/library/md5.c
index 2984b1d..f379992 100644
--- a/library/md5.c
+++ b/library/md5.c
@@ -34,7 +34,6 @@
#include "polarssl/md5.h"
-#include <string.h>
#include <stdio.h>
/*
@@ -200,9 +199,9 @@
/*
* MD5 process buffer
*/
-void md5_update( md5_context *ctx, const unsigned char *input, int ilen )
+void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen )
{
- int fill;
+ size_t fill;
unsigned long left;
if( ilen <= 0 )
@@ -211,7 +210,7 @@
left = ctx->total[0] & 0x3F;
fill = 64 - left;
- ctx->total[0] += ilen;
+ ctx->total[0] += (unsigned long) ilen;
ctx->total[0] &= 0xFFFFFFFF;
if( ctx->total[0] < (unsigned long) ilen )
@@ -280,7 +279,7 @@
/*
* output = MD5( input buffer )
*/
-void md5( const unsigned char *input, int ilen, unsigned char output[16] )
+void md5( const unsigned char *input, size_t ilen, unsigned char output[16] )
{
md5_context ctx;
@@ -326,9 +325,9 @@
/*
* MD5 HMAC context setup
*/
-void md5_hmac_starts( md5_context *ctx, const unsigned char *key, int keylen )
+void md5_hmac_starts( md5_context *ctx, const unsigned char *key, size_t keylen )
{
- int i;
+ size_t i;
unsigned char sum[16];
if( keylen > 64 )
@@ -356,7 +355,7 @@
/*
* MD5 HMAC process buffer
*/
-void md5_hmac_update( md5_context *ctx, const unsigned char *input, int ilen )
+void md5_hmac_update( md5_context *ctx, const unsigned char *input, size_t ilen )
{
md5_update( ctx, input, ilen );
}
@@ -389,8 +388,8 @@
/*
* output = HMAC-MD5( hmac key, input buffer )
*/
-void md5_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void md5_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[16] )
{
md5_context ctx;
diff --git a/library/md_wrap.c b/library/md_wrap.c
index 944a12a..bb87c63 100644
--- a/library/md_wrap.c
+++ b/library/md_wrap.c
@@ -39,7 +39,6 @@
#include "polarssl/sha2.h"
#include "polarssl/sha4.h"
-#include <string.h>
#include <stdlib.h>
#if defined(POLARSSL_MD2_C)
@@ -49,7 +48,7 @@
md2_starts( (md2_context *) ctx );
}
-static void md2_update_wrap( void *ctx, const unsigned char *input, int ilen )
+static void md2_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
md2_update( (md2_context *) ctx, input, ilen );
}
@@ -59,12 +58,12 @@
md2_finish( (md2_context *) ctx, output );
}
-static void md2_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen )
+static void md2_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
md2_hmac_starts( (md2_context *) ctx, key, keylen );
}
-static void md2_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen )
+static void md2_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
md2_hmac_update( (md2_context *) ctx, input, ilen );
}
@@ -90,21 +89,21 @@
}
const md_info_t md2_info = {
- POLARSSL_MD_MD2,
- "MD2",
- 16,
- md2_starts_wrap,
- md2_update_wrap,
- md2_finish_wrap,
- md2,
- md2_file,
- md2_hmac_starts_wrap,
- md2_hmac_update_wrap,
- md2_hmac_finish_wrap,
- md2_hmac_reset_wrap,
- md2_hmac,
- md2_ctx_alloc,
- md2_ctx_free,
+ POLARSSL_MD_MD2,
+ "MD2",
+ 16,
+ md2_starts_wrap,
+ md2_update_wrap,
+ md2_finish_wrap,
+ md2,
+ md2_file,
+ md2_hmac_starts_wrap,
+ md2_hmac_update_wrap,
+ md2_hmac_finish_wrap,
+ md2_hmac_reset_wrap,
+ md2_hmac,
+ md2_ctx_alloc,
+ md2_ctx_free,
};
#endif
@@ -116,7 +115,7 @@
md4_starts( (md4_context *) ctx );
}
-void md4_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void md4_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
md4_update( (md4_context *) ctx, input, ilen );
}
@@ -126,12 +125,12 @@
md4_finish( (md4_context *) ctx, output );
}
-void md4_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen )
+void md4_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
md4_hmac_starts( (md4_context *) ctx, key, keylen );
}
-void md4_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void md4_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
md4_hmac_update( (md4_context *) ctx, input, ilen );
}
@@ -157,21 +156,21 @@
}
const md_info_t md4_info = {
- POLARSSL_MD_MD4,
- "MD4",
- 16,
- md4_starts_wrap,
- md4_update_wrap,
- md4_finish_wrap,
- md4,
- md4_file,
- md4_hmac_starts_wrap,
- md4_hmac_update_wrap,
- md4_hmac_finish_wrap,
- md4_hmac_reset_wrap,
- md4_hmac,
- md4_ctx_alloc,
- md4_ctx_free,
+ POLARSSL_MD_MD4,
+ "MD4",
+ 16,
+ md4_starts_wrap,
+ md4_update_wrap,
+ md4_finish_wrap,
+ md4,
+ md4_file,
+ md4_hmac_starts_wrap,
+ md4_hmac_update_wrap,
+ md4_hmac_finish_wrap,
+ md4_hmac_reset_wrap,
+ md4_hmac,
+ md4_ctx_alloc,
+ md4_ctx_free,
};
#endif
@@ -183,7 +182,7 @@
md5_starts( (md5_context *) ctx );
}
-static void md5_update_wrap( void *ctx, const unsigned char *input, int ilen )
+static void md5_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
md5_update( (md5_context *) ctx, input, ilen );
}
@@ -193,12 +192,12 @@
md5_finish( (md5_context *) ctx, output );
}
-static void md5_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen )
+static void md5_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
md5_hmac_starts( (md5_context *) ctx, key, keylen );
}
-static void md5_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen )
+static void md5_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
md5_hmac_update( (md5_context *) ctx, input, ilen );
}
@@ -224,21 +223,21 @@
}
const md_info_t md5_info = {
- POLARSSL_MD_MD5,
- "MD5",
- 16,
- md5_starts_wrap,
- md5_update_wrap,
- md5_finish_wrap,
- md5,
- md5_file,
- md5_hmac_starts_wrap,
- md5_hmac_update_wrap,
- md5_hmac_finish_wrap,
- md5_hmac_reset_wrap,
- md5_hmac,
- md5_ctx_alloc,
- md5_ctx_free,
+ POLARSSL_MD_MD5,
+ "MD5",
+ 16,
+ md5_starts_wrap,
+ md5_update_wrap,
+ md5_finish_wrap,
+ md5,
+ md5_file,
+ md5_hmac_starts_wrap,
+ md5_hmac_update_wrap,
+ md5_hmac_finish_wrap,
+ md5_hmac_reset_wrap,
+ md5_hmac,
+ md5_ctx_alloc,
+ md5_ctx_free,
};
#endif
@@ -250,7 +249,7 @@
sha1_starts( (sha1_context *) ctx );
}
-void sha1_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void sha1_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha1_update( (sha1_context *) ctx, input, ilen );
}
@@ -260,12 +259,12 @@
sha1_finish( (sha1_context *) ctx, output );
}
-void sha1_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen )
+void sha1_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
sha1_hmac_starts( (sha1_context *) ctx, key, keylen );
}
-void sha1_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void sha1_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha1_hmac_update( (sha1_context *) ctx, input, ilen );
}
@@ -291,21 +290,21 @@
}
const md_info_t sha1_info = {
- POLARSSL_MD_SHA1,
- "SHA1",
- 20,
- sha1_starts_wrap,
- sha1_update_wrap,
- sha1_finish_wrap,
- sha1,
- sha1_file,
- sha1_hmac_starts_wrap,
- sha1_hmac_update_wrap,
- sha1_hmac_finish_wrap,
- sha1_hmac_reset_wrap,
- sha1_hmac,
- sha1_ctx_alloc,
- sha1_ctx_free,
+ POLARSSL_MD_SHA1,
+ "SHA1",
+ 20,
+ sha1_starts_wrap,
+ sha1_update_wrap,
+ sha1_finish_wrap,
+ sha1,
+ sha1_file,
+ sha1_hmac_starts_wrap,
+ sha1_hmac_update_wrap,
+ sha1_hmac_finish_wrap,
+ sha1_hmac_reset_wrap,
+ sha1_hmac,
+ sha1_ctx_alloc,
+ sha1_ctx_free,
};
#endif
@@ -320,7 +319,7 @@
sha2_starts( (sha2_context *) ctx, 1 );
}
-void sha224_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void sha224_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha2_update( (sha2_context *) ctx, input, ilen );
}
@@ -330,7 +329,7 @@
sha2_finish( (sha2_context *) ctx, output );
}
-void sha224_wrap( const unsigned char *input, int ilen,
+void sha224_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha2( input, ilen, output, 1 );
@@ -341,12 +340,12 @@
return sha2_file( path, output, 1 );
}
-void sha224_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen )
+void sha224_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
sha2_hmac_starts( (sha2_context *) ctx, key, keylen, 1 );
}
-void sha224_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void sha224_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha2_hmac_update( (sha2_context *) ctx, input, ilen );
}
@@ -361,8 +360,8 @@
sha2_hmac_reset( (sha2_context *) ctx );
}
-void sha224_hmac_wrap( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void sha224_hmac_wrap( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha2_hmac( key, keylen, input, ilen, output, 1 );
@@ -379,21 +378,21 @@
}
const md_info_t sha224_info = {
- POLARSSL_MD_SHA224,
- "SHA224",
- 28,
- sha224_starts_wrap,
- sha224_update_wrap,
- sha224_finish_wrap,
- sha224_wrap,
- sha224_file_wrap,
- sha224_hmac_starts_wrap,
- sha224_hmac_update_wrap,
- sha224_hmac_finish_wrap,
- sha224_hmac_reset_wrap,
- sha224_hmac_wrap,
- sha224_ctx_alloc,
- sha224_ctx_free,
+ POLARSSL_MD_SHA224,
+ "SHA224",
+ 28,
+ sha224_starts_wrap,
+ sha224_update_wrap,
+ sha224_finish_wrap,
+ sha224_wrap,
+ sha224_file_wrap,
+ sha224_hmac_starts_wrap,
+ sha224_hmac_update_wrap,
+ sha224_hmac_finish_wrap,
+ sha224_hmac_reset_wrap,
+ sha224_hmac_wrap,
+ sha224_ctx_alloc,
+ sha224_ctx_free,
};
void sha256_starts_wrap( void *ctx )
@@ -401,7 +400,7 @@
sha2_starts( (sha2_context *) ctx, 0 );
}
-void sha256_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void sha256_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha2_update( (sha2_context *) ctx, input, ilen );
}
@@ -411,7 +410,7 @@
sha2_finish( (sha2_context *) ctx, output );
}
-void sha256_wrap( const unsigned char *input, int ilen,
+void sha256_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha2( input, ilen, output, 0 );
@@ -422,12 +421,12 @@
return sha2_file( path, output, 0 );
}
-void sha256_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen )
+void sha256_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
sha2_hmac_starts( (sha2_context *) ctx, key, keylen, 0 );
}
-void sha256_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void sha256_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha2_hmac_update( (sha2_context *) ctx, input, ilen );
}
@@ -442,8 +441,8 @@
sha2_hmac_reset( (sha2_context *) ctx );
}
-void sha256_hmac_wrap( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void sha256_hmac_wrap( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha2_hmac( key, keylen, input, ilen, output, 0 );
@@ -460,21 +459,21 @@
}
const md_info_t sha256_info = {
- POLARSSL_MD_SHA256,
- "SHA256",
- 32,
- sha256_starts_wrap,
- sha256_update_wrap,
- sha256_finish_wrap,
- sha256_wrap,
- sha256_file_wrap,
- sha256_hmac_starts_wrap,
- sha256_hmac_update_wrap,
- sha256_hmac_finish_wrap,
- sha256_hmac_reset_wrap,
- sha256_hmac_wrap,
- sha256_ctx_alloc,
- sha256_ctx_free,
+ POLARSSL_MD_SHA256,
+ "SHA256",
+ 32,
+ sha256_starts_wrap,
+ sha256_update_wrap,
+ sha256_finish_wrap,
+ sha256_wrap,
+ sha256_file_wrap,
+ sha256_hmac_starts_wrap,
+ sha256_hmac_update_wrap,
+ sha256_hmac_finish_wrap,
+ sha256_hmac_reset_wrap,
+ sha256_hmac_wrap,
+ sha256_ctx_alloc,
+ sha256_ctx_free,
};
#endif
@@ -486,7 +485,7 @@
sha4_starts( (sha4_context *) ctx, 1 );
}
-void sha384_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void sha384_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha4_update( (sha4_context *) ctx, input, ilen );
}
@@ -496,7 +495,7 @@
sha4_finish( (sha4_context *) ctx, output );
}
-void sha384_wrap( const unsigned char *input, int ilen,
+void sha384_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha4( input, ilen, output, 1 );
@@ -507,12 +506,12 @@
return sha4_file( path, output, 1 );
}
-void sha384_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen )
+void sha384_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
sha4_hmac_starts( (sha4_context *) ctx, key, keylen, 1 );
}
-void sha384_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void sha384_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha4_hmac_update( (sha4_context *) ctx, input, ilen );
}
@@ -527,8 +526,8 @@
sha4_hmac_reset( (sha4_context *) ctx );
}
-void sha384_hmac_wrap( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void sha384_hmac_wrap( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha4_hmac( key, keylen, input, ilen, output, 1 );
@@ -545,21 +544,21 @@
}
const md_info_t sha384_info = {
- POLARSSL_MD_SHA384,
- "SHA384",
- 48,
- sha384_starts_wrap,
- sha384_update_wrap,
- sha384_finish_wrap,
- sha384_wrap,
- sha384_file_wrap,
- sha384_hmac_starts_wrap,
- sha384_hmac_update_wrap,
- sha384_hmac_finish_wrap,
- sha384_hmac_reset_wrap,
- sha384_hmac_wrap,
- sha384_ctx_alloc,
- sha384_ctx_free,
+ POLARSSL_MD_SHA384,
+ "SHA384",
+ 48,
+ sha384_starts_wrap,
+ sha384_update_wrap,
+ sha384_finish_wrap,
+ sha384_wrap,
+ sha384_file_wrap,
+ sha384_hmac_starts_wrap,
+ sha384_hmac_update_wrap,
+ sha384_hmac_finish_wrap,
+ sha384_hmac_reset_wrap,
+ sha384_hmac_wrap,
+ sha384_ctx_alloc,
+ sha384_ctx_free,
};
void sha512_starts_wrap( void *ctx )
@@ -567,7 +566,7 @@
sha4_starts( (sha4_context *) ctx, 0 );
}
-void sha512_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void sha512_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha4_update( (sha4_context *) ctx, input, ilen );
}
@@ -577,7 +576,7 @@
sha4_finish( (sha4_context *) ctx, output );
}
-void sha512_wrap( const unsigned char *input, int ilen,
+void sha512_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha4( input, ilen, output, 0 );
@@ -588,12 +587,12 @@
return sha4_file( path, output, 0 );
}
-void sha512_hmac_starts_wrap( void *ctx, const unsigned char *key, int keylen )
+void sha512_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
sha4_hmac_starts( (sha4_context *) ctx, key, keylen, 0 );
}
-void sha512_hmac_update_wrap( void *ctx, const unsigned char *input, int ilen )
+void sha512_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha4_hmac_update( (sha4_context *) ctx, input, ilen );
}
@@ -608,8 +607,8 @@
sha4_hmac_reset( (sha4_context *) ctx );
}
-void sha512_hmac_wrap( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void sha512_hmac_wrap( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha4_hmac( key, keylen, input, ilen, output, 0 );
@@ -626,21 +625,21 @@
}
const md_info_t sha512_info = {
- POLARSSL_MD_SHA512,
- "SHA512",
- 64,
- sha512_starts_wrap,
- sha512_update_wrap,
- sha512_finish_wrap,
- sha512_wrap,
- sha512_file_wrap,
- sha512_hmac_starts_wrap,
- sha512_hmac_update_wrap,
- sha512_hmac_finish_wrap,
- sha512_hmac_reset_wrap,
- sha512_hmac_wrap,
- sha512_ctx_alloc,
- sha512_ctx_free,
+ POLARSSL_MD_SHA512,
+ "SHA512",
+ 64,
+ sha512_starts_wrap,
+ sha512_update_wrap,
+ sha512_finish_wrap,
+ sha512_wrap,
+ sha512_file_wrap,
+ sha512_hmac_starts_wrap,
+ sha512_hmac_update_wrap,
+ sha512_hmac_finish_wrap,
+ sha512_hmac_reset_wrap,
+ sha512_hmac_wrap,
+ sha512_ctx_alloc,
+ sha512_ctx_free,
};
#endif
diff --git a/library/net.c b/library/net.c
index e884d56..378f798 100644
--- a/library/net.c
+++ b/library/net.c
@@ -40,8 +40,8 @@
#pragma comment( lib, "ws2_32.lib" )
#endif
-#define read(fd,buf,len) recv(fd,buf,len,0)
-#define write(fd,buf,len) send(fd,buf,len,0)
+#define read(fd,buf,len) recv(fd,buf,(int) len,0)
+#define write(fd,buf,len) send(fd,buf,(int) len,0)
#define close(fd) closesocket(fd)
static int wsa_init_done = 0;
@@ -69,7 +69,6 @@
#endif
-#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#include <time.h>
@@ -289,7 +288,7 @@
/*
* Read at most 'len' characters
*/
-int net_recv( void *ctx, unsigned char *buf, int len )
+int net_recv( void *ctx, unsigned char *buf, size_t len )
{
int ret = read( *((int *) ctx), buf, len );
@@ -321,7 +320,7 @@
/*
* Write at most 'len' characters
*/
-int net_send( void *ctx, unsigned char *buf, int len )
+int net_send( void *ctx, unsigned char *buf, size_t len )
{
int ret = write( *((int *) ctx), buf, len );
diff --git a/library/padlock.c b/library/padlock.c
index d576544..2e2e477 100644
--- a/library/padlock.c
+++ b/library/padlock.c
@@ -33,13 +33,10 @@
#if defined(POLARSSL_PADLOCK_C)
-#include "polarssl/aes.h"
#include "polarssl/padlock.h"
#if defined(POLARSSL_HAVE_X86)
-#include <string.h>
-
/*
* PadLock detection routine
*/
@@ -115,12 +112,13 @@
*/
int padlock_xcryptcbc( aes_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output )
{
- int ebx, count;
+ int ebx;
+ size_t count;
unsigned long *rk;
unsigned long *iw;
unsigned long *ctrl;
diff --git a/library/pem.c b/library/pem.c
index 6117f04..bcfcdd2 100644
--- a/library/pem.c
+++ b/library/pem.c
@@ -35,7 +35,6 @@
#include "polarssl/cipher.h"
#include <stdlib.h>
-#include <string.h>
void pem_init( pem_context *ctx )
{
@@ -46,9 +45,9 @@
/*
* Read a 16-byte hex string and convert it to binary
*/
-static int pem_get_iv( const unsigned char *s, unsigned char *iv, int iv_len )
+static int pem_get_iv( const unsigned char *s, unsigned char *iv, size_t iv_len )
{
- int i, j, k;
+ size_t i, j, k;
memset( iv, 0, iv_len );
@@ -67,13 +66,13 @@
return( 0 );
}
-static void pem_pbkdf1( unsigned char *key, int keylen,
+static void pem_pbkdf1( unsigned char *key, size_t keylen,
unsigned char *iv,
- const unsigned char *pwd, int pwdlen )
+ const unsigned char *pwd, size_t pwdlen )
{
md5_context md5_ctx;
unsigned char md5sum[16];
- int use_len;
+ size_t use_len;
/*
* key[ 0..15] = MD5(pwd || IV)
@@ -118,8 +117,8 @@
* Decrypt with DES-CBC, using PBKDF1 for key derivation
*/
static void pem_des_decrypt( unsigned char des_iv[8],
- unsigned char *buf, int buflen,
- const unsigned char *pwd, int pwdlen )
+ unsigned char *buf, size_t buflen,
+ const unsigned char *pwd, size_t pwdlen )
{
des_context des_ctx;
unsigned char des_key[8];
@@ -138,8 +137,8 @@
* Decrypt with 3DES-CBC, using PBKDF1 for key derivation
*/
static void pem_des3_decrypt( unsigned char des3_iv[8],
- unsigned char *buf, int buflen,
- const unsigned char *pwd, int pwdlen )
+ unsigned char *buf, size_t buflen,
+ const unsigned char *pwd, size_t pwdlen )
{
des3_context des3_ctx;
unsigned char des3_key[24];
@@ -159,9 +158,9 @@
/*
* Decrypt with AES-XXX-CBC, using PBKDF1 for key derivation
*/
-static void pem_aes_decrypt( unsigned char aes_iv[16], int keylen,
- unsigned char *buf, int buflen,
- const unsigned char *pwd, int pwdlen )
+static void pem_aes_decrypt( unsigned char aes_iv[16], unsigned int keylen,
+ unsigned char *buf, size_t buflen,
+ const unsigned char *pwd, size_t pwdlen )
{
aes_context aes_ctx;
unsigned char aes_key[32];
@@ -179,9 +178,10 @@
#endif /* POLARSSL_MD5_C && (POLARSSL_AES_C || POLARSSL_DES_C) */
-int pem_read_buffer( pem_context *ctx, char *header, char *footer, const unsigned char *data, const unsigned char *pwd, int pwdlen, int *use_len )
+int pem_read_buffer( pem_context *ctx, char *header, char *footer, const unsigned char *data, const unsigned char *pwd, size_t pwdlen, size_t *use_len )
{
- int ret, len, enc;
+ int ret, enc;
+ size_t len;
unsigned char *buf;
unsigned char *s1, *s2;
#if defined(POLARSSL_MD5_C) && (defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C))
diff --git a/library/pkcs11.c b/library/pkcs11.c
index b4f4787..b71415a 100644
--- a/library/pkcs11.c
+++ b/library/pkcs11.c
@@ -32,7 +32,6 @@
#if defined(POLARSSL_PKCS11_C)
#include <stdlib.h>
-#include <string.h>
int pkcs11_x509_cert_init( x509_cert *cert, pkcs11h_certificate_t pkcs11_cert )
{
@@ -113,7 +112,7 @@
}
int pkcs11_decrypt( pkcs11_context *ctx,
- int mode, int *olen,
+ int mode, size_t *olen,
const unsigned char *input,
unsigned char *output,
unsigned int output_max_len )
@@ -153,7 +152,7 @@
int pkcs11_sign( pkcs11_context *ctx,
int mode,
int hash_id,
- int hashlen,
+ unsigned int hashlen,
const unsigned char *hash,
unsigned char *sig )
{
diff --git a/library/rsa.c b/library/rsa.c
index a0f750e..4d3fc4c 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -37,7 +37,6 @@
#include "polarssl/md.h"
#include <stdlib.h>
-#include <string.h>
#include <stdio.h>
/*
@@ -61,7 +60,7 @@
int rsa_gen_key( rsa_context *ctx,
int (*f_rng)(void *),
void *p_rng,
- int nbits, int exponent )
+ unsigned int nbits, int exponent )
{
int ret;
mpi P1, Q1, H, G;
@@ -206,7 +205,8 @@
const unsigned char *input,
unsigned char *output )
{
- int ret, olen;
+ int ret;
+ size_t olen;
mpi T;
mpi_init( &T, NULL );
@@ -240,7 +240,8 @@
const unsigned char *input,
unsigned char *output )
{
- int ret, olen;
+ int ret;
+ size_t olen;
mpi T, T1, T2;
mpi_init( &T, &T1, &T2, NULL );
@@ -301,15 +302,15 @@
* @param src source of the mask generation
* @param slen length of the source buffer
* @param md_ctx message digest context to use
- * @param hlen length of the digest result
*/
-static void mgf_mask( unsigned char *dst, int dlen, unsigned char *src, int slen,
+static void mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src, size_t slen,
md_context_t *md_ctx )
{
unsigned char mask[POLARSSL_MD_MAX_SIZE];
unsigned char counter[4];
unsigned char *p;
- int i, use_len, hlen;
+ unsigned int hlen;
+ size_t i, use_len;
memset( mask, 0, POLARSSL_MD_MAX_SIZE );
memset( counter, 0, 4 );
@@ -347,16 +348,16 @@
int rsa_pkcs1_encrypt( rsa_context *ctx,
int (*f_rng)(void *),
void *p_rng,
- int mode, int ilen,
+ int mode, size_t ilen,
const unsigned char *input,
unsigned char *output )
{
- int nb_pad, olen;
+ size_t nb_pad, olen;
unsigned char *p = output;
#if defined(POLARSSL_PKCS1_V21)
+ unsigned int i, hlen;
const md_info_t *md_info;
md_context_t md_ctx;
- int i, hlen;
#endif
olen = ctx->len;
@@ -368,7 +369,7 @@
{
case RSA_PKCS_V15:
- if( ilen < 0 || olen < ilen + 11 )
+ if( olen < ilen + 11 )
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
nb_pad = olen - 3 - ilen;
@@ -404,7 +405,7 @@
hlen = md_get_size( md_info );
- if( ilen < 0 || olen < ilen + 2 * hlen + 2 || f_rng == NULL )
+ if( olen < ilen + 2 * hlen + 2 || f_rng == NULL )
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
memset( output, 0, olen );
@@ -453,19 +454,20 @@
* Do an RSA operation, then remove the message padding
*/
int rsa_pkcs1_decrypt( rsa_context *ctx,
- int mode, int *olen,
+ int mode, size_t *olen,
const unsigned char *input,
unsigned char *output,
- int output_max_len)
+ size_t output_max_len)
{
- int ret, ilen;
+ int ret;
+ size_t ilen;
unsigned char *p;
unsigned char buf[1024];
#if defined(POLARSSL_PKCS1_V21)
unsigned char lhash[POLARSSL_MD_MAX_SIZE];
+ unsigned int hlen;
const md_info_t *md_info;
md_context_t md_ctx;
- int hlen;
#endif
ilen = ctx->len;
@@ -554,7 +556,7 @@
}
if (ilen - (int)(p - buf) > output_max_len)
- return( POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE );
+ return( POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE );
*olen = ilen - (int)(p - buf);
memcpy( output, p, *olen );
@@ -570,17 +572,18 @@
void *p_rng,
int mode,
int hash_id,
- int hashlen,
+ unsigned int hashlen,
const unsigned char *hash,
unsigned char *sig )
{
- int nb_pad, olen;
+ size_t nb_pad, olen;
unsigned char *p = sig;
#if defined(POLARSSL_PKCS1_V21)
unsigned char salt[POLARSSL_MD_MAX_SIZE];
+ unsigned int i, slen, hlen, offset = 0;
+ size_t msb;
const md_info_t *md_info;
md_context_t md_ctx;
- int i, slen, hlen, msb, offset = 0;
#else
(void) f_rng;
(void) p_rng;
@@ -796,18 +799,20 @@
int rsa_pkcs1_verify( rsa_context *ctx,
int mode,
int hash_id,
- int hashlen,
+ unsigned int hashlen,
const unsigned char *hash,
unsigned char *sig )
{
- int ret, len, siglen;
+ int ret;
+ size_t len, siglen;
unsigned char *p, c;
unsigned char buf[1024];
#if defined(POLARSSL_PKCS1_V21)
unsigned char zeros[8];
+ unsigned int hlen;
+ size_t slen, msb;
const md_info_t *md_info;
md_context_t md_ctx;
- int slen, hlen, msb;
#endif
siglen = ctx->len;
@@ -1078,7 +1083,7 @@
*/
int rsa_self_test( int verbose )
{
- int len;
+ size_t len;
rsa_context rsa;
unsigned char sha1sum[20];
unsigned char rsa_plaintext[PT_LEN];
@@ -1128,7 +1133,7 @@
if( rsa_pkcs1_decrypt( &rsa, RSA_PRIVATE, &len,
rsa_ciphertext, rsa_decrypted,
- sizeof(rsa_decrypted) ) != 0 )
+ sizeof(rsa_decrypted) ) != 0 )
{
if( verbose != 0 )
printf( "failed\n" );
diff --git a/library/sha1.c b/library/sha1.c
index f320c43..5f62583 100644
--- a/library/sha1.c
+++ b/library/sha1.c
@@ -34,7 +34,6 @@
#include "polarssl/sha1.h"
-#include <string.h>
#include <stdio.h>
/*
@@ -234,9 +233,9 @@
/*
* SHA-1 process buffer
*/
-void sha1_update( sha1_context *ctx, const unsigned char *input, int ilen )
+void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen )
{
- int fill;
+ size_t fill;
unsigned long left;
if( ilen <= 0 )
@@ -245,7 +244,7 @@
left = ctx->total[0] & 0x3F;
fill = 64 - left;
- ctx->total[0] += ilen;
+ ctx->total[0] += (unsigned long) ilen;
ctx->total[0] &= 0xFFFFFFFF;
if( ctx->total[0] < (unsigned long) ilen )
@@ -315,7 +314,7 @@
/*
* output = SHA-1( input buffer )
*/
-void sha1( const unsigned char *input, int ilen, unsigned char output[20] )
+void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] )
{
sha1_context ctx;
@@ -361,9 +360,9 @@
/*
* SHA-1 HMAC context setup
*/
-void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, int keylen )
+void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, size_t keylen )
{
- int i;
+ size_t i;
unsigned char sum[20];
if( keylen > 64 )
@@ -391,7 +390,7 @@
/*
* SHA-1 HMAC process buffer
*/
-void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, int ilen )
+void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, size_t ilen )
{
sha1_update( ctx, input, ilen );
}
@@ -424,8 +423,8 @@
/*
* output = HMAC-SHA-1( hmac key, input buffer )
*/
-void sha1_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void sha1_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[20] )
{
sha1_context ctx;
diff --git a/library/sha2.c b/library/sha2.c
index dd5ae98..64ebc43 100644
--- a/library/sha2.c
+++ b/library/sha2.c
@@ -34,7 +34,6 @@
#include "polarssl/sha2.h"
-#include <string.h>
#include <stdio.h>
/*
@@ -230,9 +229,9 @@
/*
* SHA-256 process buffer
*/
-void sha2_update( sha2_context *ctx, const unsigned char *input, int ilen )
+void sha2_update( sha2_context *ctx, const unsigned char *input, size_t ilen )
{
- int fill;
+ size_t fill;
unsigned long left;
if( ilen <= 0 )
@@ -241,7 +240,7 @@
left = ctx->total[0] & 0x3F;
fill = 64 - left;
- ctx->total[0] += ilen;
+ ctx->total[0] += (unsigned long) ilen;
ctx->total[0] &= 0xFFFFFFFF;
if( ctx->total[0] < (unsigned long) ilen )
@@ -316,7 +315,7 @@
/*
* output = SHA-256( input buffer )
*/
-void sha2( const unsigned char *input, int ilen,
+void sha2( const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 )
{
sha2_context ctx;
@@ -363,10 +362,10 @@
/*
* SHA-256 HMAC context setup
*/
-void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, int keylen,
+void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, size_t keylen,
int is224 )
{
- int i;
+ size_t i;
unsigned char sum[32];
if( keylen > 64 )
@@ -394,7 +393,7 @@
/*
* SHA-256 HMAC process buffer
*/
-void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, int ilen )
+void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, size_t ilen )
{
sha2_update( ctx, input, ilen );
}
@@ -431,8 +430,8 @@
/*
* output = HMAC-SHA-256( hmac key, input buffer )
*/
-void sha2_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void sha2_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 )
{
sha2_context ctx;
diff --git a/library/sha4.c b/library/sha4.c
index cf20d01..bbb3108 100644
--- a/library/sha4.c
+++ b/library/sha4.c
@@ -34,7 +34,6 @@
#include "polarssl/sha4.h"
-#include <string.h>
#include <stdio.h>
/*
@@ -223,9 +222,9 @@
/*
* SHA-512 process buffer
*/
-void sha4_update( sha4_context *ctx, const unsigned char *input, int ilen )
+void sha4_update( sha4_context *ctx, const unsigned char *input, size_t ilen )
{
- int fill;
+ size_t fill;
unsigned int64 left;
if( ilen <= 0 )
@@ -234,7 +233,7 @@
left = ctx->total[0] & 0x7F;
fill = (int)( 128 - left );
- ctx->total[0] += ilen;
+ ctx->total[0] += (unsigned int64) ilen;
if( ctx->total[0] < (unsigned int64) ilen )
ctx->total[1]++;
@@ -314,7 +313,7 @@
/*
* output = SHA-512( input buffer )
*/
-void sha4( const unsigned char *input, int ilen,
+void sha4( const unsigned char *input, size_t ilen,
unsigned char output[64], int is384 )
{
sha4_context ctx;
@@ -361,10 +360,10 @@
/*
* SHA-512 HMAC context setup
*/
-void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, int keylen,
+void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, size_t keylen,
int is384 )
{
- int i;
+ size_t i;
unsigned char sum[64];
if( keylen > 128 )
@@ -393,7 +392,7 @@
* SHA-512 HMAC process buffer
*/
void sha4_hmac_update( sha4_context *ctx,
- const unsigned char *input, int ilen )
+ const unsigned char *input, size_t ilen )
{
sha4_update( ctx, input, ilen );
}
@@ -430,8 +429,8 @@
/*
* output = HMAC-SHA-512( hmac key, input buffer )
*/
-void sha4_hmac( const unsigned char *key, int keylen,
- const unsigned char *input, int ilen,
+void sha4_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
unsigned char output[64], int is384 )
{
sha4_context ctx;
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 4b04efa..d82f5ca 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -34,14 +34,14 @@
#include "polarssl/pkcs11.h"
#endif /* defined(POLARSSL_PKCS11_C) */
-#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#include <time.h>
static int ssl_write_client_hello( ssl_context *ssl )
{
- int ret, i, n;
+ int ret;
+ size_t i, n;
unsigned char *buf;
unsigned char *p;
time_t t;
@@ -174,7 +174,8 @@
static int ssl_parse_server_hello( ssl_context *ssl )
{
time_t t;
- int ret, i, n;
+ int ret, i;
+ size_t n;
int ext_len;
unsigned char *buf;
@@ -240,7 +241,7 @@
* 42+n . 43+n extensions length
* 44+n . 44+n+m extensions
*/
- if( n < 0 || n > 32 || ssl->in_hslen > 42 + n )
+ if( n > 32 || ssl->in_hslen > 42 + n )
{
ext_len = ( ( buf[42 + n] << 8 )
| ( buf[43 + n] ) ) + 2;
@@ -250,7 +251,7 @@
ext_len = 0;
}
- if( n < 0 || n > 32 || ssl->in_hslen != 42 + n + ext_len )
+ if( n > 32 || ssl->in_hslen != 42 + n + ext_len )
{
SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO );
@@ -321,7 +322,8 @@
static int ssl_parse_server_key_exchange( ssl_context *ssl )
{
- int ret, n;
+ int ret;
+ size_t n;
unsigned char *p, *end;
unsigned char hash[36];
md5_context md5;
@@ -333,7 +335,7 @@
ssl->session->ciphersuite != SSL_EDH_RSA_AES_128_SHA &&
ssl->session->ciphersuite != SSL_EDH_RSA_AES_256_SHA &&
ssl->session->ciphersuite != SSL_EDH_RSA_CAMELLIA_128_SHA &&
- ssl->session->ciphersuite != SSL_EDH_RSA_CAMELLIA_256_SHA)
+ ssl->session->ciphersuite != SSL_EDH_RSA_CAMELLIA_256_SHA)
{
SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) );
ssl->state++;
@@ -380,7 +382,7 @@
return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
}
- if( (int)( end - p ) != ssl->peer_cert->rsa.len )
+ if( (unsigned int)( end - p ) != ssl->peer_cert->rsa.len )
{
SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
@@ -518,7 +520,8 @@
static int ssl_write_client_key_exchange( ssl_context *ssl )
{
- int ret, i, n;
+ int ret;
+ size_t i, n;
SSL_DEBUG_MSG( 2, ( "=> write client key exchange" ) );
@@ -526,7 +529,7 @@
ssl->session->ciphersuite == SSL_EDH_RSA_AES_128_SHA ||
ssl->session->ciphersuite == SSL_EDH_RSA_AES_256_SHA ||
ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA)
+ ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA)
{
#if !defined(POLARSSL_DHM_C)
SSL_DEBUG_MSG( 1, ( "support for dhm in not available" ) );
@@ -625,7 +628,8 @@
static int ssl_write_certificate_verify( ssl_context *ssl )
{
- int ret = 0, n = 0;
+ int ret = 0;
+ size_t n = 0;
unsigned char hash[36];
SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) );
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index f875fbf..c626b42 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -34,16 +34,17 @@
#include "polarssl/pkcs11.h"
#endif /* defined(POLARSSL_PKCS11_C) */
-#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#include <time.h>
static int ssl_parse_client_hello( ssl_context *ssl )
{
- int ret, i, j, n;
- int ciph_len, sess_len;
- int chal_len, comp_len;
+ int ret;
+ unsigned int i, j;
+ size_t n;
+ unsigned int ciph_len, sess_len;
+ unsigned int chal_len, comp_len;
unsigned char *buf, *p;
SSL_DEBUG_MSG( 2, ( "=> parse client hello" ) );
@@ -137,7 +138,7 @@
return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO );
}
- if( sess_len < 0 || sess_len > 32 )
+ if( sess_len > 32 )
{
SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO );
@@ -273,7 +274,7 @@
/*
* Check the handshake message length
*/
- if( buf[1] != 0 || n != 4 + ( ( buf[2] << 8 ) | buf[3] ) )
+ if( buf[1] != 0 || n != (unsigned int) 4 + ( ( buf[2] << 8 ) | buf[3] ) )
{
SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO );
@@ -284,7 +285,7 @@
*/
sess_len = buf[38];
- if( sess_len < 0 || sess_len > 32 )
+ if( sess_len > 32 )
{
SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO );
@@ -460,7 +461,8 @@
static int ssl_write_certificate_request( ssl_context *ssl )
{
- int ret, n;
+ int ret;
+ size_t n;
unsigned char *buf, *p;
const x509_cert *crt;
@@ -525,7 +527,8 @@
static int ssl_write_server_key_exchange( ssl_context *ssl )
{
- int ret, n, rsa_key_len = 0;
+ int ret;
+ size_t n, rsa_key_len = 0;
unsigned char hash[36];
md5_context md5;
sha1_context sha1;
@@ -536,7 +539,7 @@
ssl->session->ciphersuite != SSL_EDH_RSA_AES_128_SHA &&
ssl->session->ciphersuite != SSL_EDH_RSA_AES_256_SHA &&
ssl->session->ciphersuite != SSL_EDH_RSA_CAMELLIA_128_SHA &&
- ssl->session->ciphersuite != SSL_EDH_RSA_CAMELLIA_256_SHA)
+ ssl->session->ciphersuite != SSL_EDH_RSA_CAMELLIA_256_SHA)
{
SSL_DEBUG_MSG( 2, ( "<= skip write server key exchange" ) );
ssl->state++;
@@ -681,7 +684,8 @@
static int ssl_parse_client_key_exchange( ssl_context *ssl )
{
- int ret, i, n = 0;
+ int ret;
+ size_t i, n = 0;
SSL_DEBUG_MSG( 2, ( "=> parse client key exchange" ) );
@@ -707,7 +711,7 @@
ssl->session->ciphersuite == SSL_EDH_RSA_AES_128_SHA ||
ssl->session->ciphersuite == SSL_EDH_RSA_AES_256_SHA ||
ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA)
+ ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA)
{
#if !defined(POLARSSL_DHM_C)
SSL_DEBUG_MSG( 1, ( "support for dhm is not available" ) );
@@ -840,7 +844,8 @@
static int ssl_parse_certificate_verify( ssl_context *ssl )
{
- int n1, n2, ret;
+ int ret;
+ size_t n1, n2;
unsigned char hash[36];
SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) );
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 3875e99..8b87668 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -42,7 +42,6 @@
#include "polarssl/debug.h"
#include "polarssl/ssl.h"
-#include <string.h>
#include <stdlib.h>
#include <time.h>
@@ -53,12 +52,12 @@
/*
* Key material generation
*/
-static int tls1_prf( unsigned char *secret, int slen, char *label,
- unsigned char *random, int rlen,
- unsigned char *dstbuf, int dlen )
+static int tls1_prf( unsigned char *secret, size_t slen, char *label,
+ unsigned char *random, size_t rlen,
+ unsigned char *dstbuf, size_t dlen )
{
- int nb, hs;
- int i, j, k;
+ size_t nb, hs;
+ size_t i, j, k;
unsigned char *S1, *S2;
unsigned char tmp[128];
unsigned char h_i[20];
@@ -139,7 +138,7 @@
*/
if( ssl->resume == 0 )
{
- int len = ssl->pmslen;
+ size_t len = ssl->pmslen;
SSL_DEBUG_BUF( 3, "premaster secret", ssl->premaster, len );
@@ -431,7 +430,7 @@
* SSLv3.0 MAC functions
*/
static void ssl_mac_md5( unsigned char *secret,
- unsigned char *buf, int len,
+ unsigned char *buf, size_t len,
unsigned char *ctr, int type )
{
unsigned char header[11];
@@ -460,7 +459,7 @@
}
static void ssl_mac_sha1( unsigned char *secret,
- unsigned char *buf, int len,
+ unsigned char *buf, size_t len,
unsigned char *ctr, int type )
{
unsigned char header[11];
@@ -493,7 +492,7 @@
*/
static int ssl_encrypt_buf( ssl_context *ssl )
{
- int i, padlen;
+ size_t i, padlen;
SSL_DEBUG_MSG( 2, ( "=> encrypt buf" ) );
@@ -530,8 +529,8 @@
ssl->out_msglen += ssl->maclen;
- for( i = 7; i >= 0; i-- )
- if( ++ssl->out_ctr[i] != 0 )
+ for( i = 8; i > 0; i-- )
+ if( ++ssl->out_ctr[i - 1] != 0 )
break;
if( ssl->ivlen == 0 )
@@ -556,7 +555,7 @@
else
{
unsigned char *enc_msg;
- int enc_msglen;
+ size_t enc_msglen;
padlen = ssl->ivlen - ( ssl->out_msglen + 1 ) % ssl->ivlen;
if( padlen == ssl->ivlen )
@@ -615,29 +614,29 @@
case 16:
#if defined(POLARSSL_AES_C)
- if ( ssl->session->ciphersuite == SSL_RSA_AES_128_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_AES_128_SHA ||
- ssl->session->ciphersuite == SSL_RSA_AES_256_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_AES_256_SHA)
- {
+ if ( ssl->session->ciphersuite == SSL_RSA_AES_128_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_AES_128_SHA ||
+ ssl->session->ciphersuite == SSL_RSA_AES_256_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_AES_256_SHA)
+ {
aes_crypt_cbc( (aes_context *) ssl->ctx_enc,
AES_ENCRYPT, enc_msglen,
ssl->iv_enc, enc_msg, enc_msg);
break;
- }
+ }
#endif
#if defined(POLARSSL_CAMELLIA_C)
- if ( ssl->session->ciphersuite == SSL_RSA_CAMELLIA_128_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA ||
- ssl->session->ciphersuite == SSL_RSA_CAMELLIA_256_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA)
- {
+ if ( ssl->session->ciphersuite == SSL_RSA_CAMELLIA_128_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA ||
+ ssl->session->ciphersuite == SSL_RSA_CAMELLIA_256_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA)
+ {
camellia_crypt_cbc( (camellia_context *) ssl->ctx_enc,
CAMELLIA_ENCRYPT, enc_msglen,
ssl->iv_enc, enc_msg, enc_msg );
break;
- }
+ }
#endif
default:
@@ -652,7 +651,7 @@
static int ssl_decrypt_buf( ssl_context *ssl )
{
- int i, padlen;
+ size_t i, padlen;
unsigned char tmp[20];
SSL_DEBUG_MSG( 2, ( "=> decrypt buf" ) );
@@ -679,7 +678,7 @@
{
unsigned char *dec_msg;
unsigned char *dec_msg_result;
- int dec_msglen;
+ size_t dec_msglen;
/*
* Decrypt and check the padding
@@ -720,29 +719,29 @@
case 16:
#if defined(POLARSSL_AES_C)
- if ( ssl->session->ciphersuite == SSL_RSA_AES_128_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_AES_128_SHA ||
- ssl->session->ciphersuite == SSL_RSA_AES_256_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_AES_256_SHA)
- {
+ if ( ssl->session->ciphersuite == SSL_RSA_AES_128_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_AES_128_SHA ||
+ ssl->session->ciphersuite == SSL_RSA_AES_256_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_AES_256_SHA)
+ {
aes_crypt_cbc( (aes_context *) ssl->ctx_dec,
AES_DECRYPT, dec_msglen,
ssl->iv_dec, dec_msg, dec_msg_result );
break;
- }
+ }
#endif
#if defined(POLARSSL_CAMELLIA_C)
- if ( ssl->session->ciphersuite == SSL_RSA_CAMELLIA_128_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA ||
- ssl->session->ciphersuite == SSL_RSA_CAMELLIA_256_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA)
- {
+ if ( ssl->session->ciphersuite == SSL_RSA_CAMELLIA_128_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA ||
+ ssl->session->ciphersuite == SSL_RSA_CAMELLIA_256_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA)
+ {
camellia_crypt_cbc( (camellia_context *) ssl->ctx_dec,
CAMELLIA_DECRYPT, dec_msglen,
ssl->iv_dec, dec_msg, dec_msg_result );
break;
- }
+ }
#endif
default:
@@ -851,8 +850,8 @@
else
ssl->nb_zero = 0;
- for( i = 7; i >= 0; i-- )
- if( ++ssl->in_ctr[i] != 0 )
+ for( i = 8; i > 0; i-- )
+ if( ++ssl->in_ctr[i - 1] != 0 )
break;
SSL_DEBUG_MSG( 2, ( "<= decrypt buf" ) );
@@ -863,9 +862,10 @@
/*
* Fill the input message buffer
*/
-int ssl_fetch_input( ssl_context *ssl, int nb_want )
+int ssl_fetch_input( ssl_context *ssl, size_t nb_want )
{
- int ret, len;
+ int ret;
+ size_t len;
SSL_DEBUG_MSG( 2, ( "=> fetch input" ) );
@@ -924,7 +924,8 @@
*/
int ssl_write_record( ssl_context *ssl )
{
- int ret, len = ssl->out_msglen;
+ int ret;
+ size_t len = ssl->out_msglen;
SSL_DEBUG_MSG( 2, ( "=> write record" ) );
@@ -1181,7 +1182,8 @@
*/
int ssl_write_certificate( ssl_context *ssl )
{
- int ret, i, n;
+ int ret;
+ size_t i, n;
const x509_cert *crt;
SSL_DEBUG_MSG( 2, ( "=> write certificate" ) );
@@ -1277,7 +1279,8 @@
int ssl_parse_certificate( ssl_context *ssl )
{
- int ret, i, n;
+ int ret;
+ size_t i, n;
SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) );
@@ -1621,10 +1624,11 @@
int ssl_parse_finished( ssl_context *ssl )
{
- int ret, hash_len;
- md5_context md5;
- sha1_context sha1;
+ int ret;
+ unsigned int hash_len;
unsigned char buf[36];
+ md5_context md5;
+ sha1_context sha1;
SSL_DEBUG_MSG( 2, ( "=> parse finished" ) );
@@ -1758,8 +1762,8 @@
}
void ssl_set_bio( ssl_context *ssl,
- int (*f_recv)(void *, unsigned char *, int), void *p_recv,
- int (*f_send)(void *, unsigned char *, int), void *p_send )
+ int (*f_recv)(void *, unsigned char *, size_t), void *p_recv,
+ int (*f_send)(void *, unsigned char *, size_t), void *p_send )
{
ssl->f_recv = f_recv;
ssl->f_send = f_send;
@@ -1869,7 +1873,7 @@
/*
* SSL get accessors
*/
-int ssl_get_bytes_avail( const ssl_context *ssl )
+size_t ssl_get_bytes_avail( const ssl_context *ssl )
{
return( ssl->in_offt == NULL ? 0 : ssl->in_msglen );
}
@@ -2064,9 +2068,10 @@
/*
* Receive application data decrypted from the SSL layer
*/
-int ssl_read( ssl_context *ssl, unsigned char *buf, int len )
+int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len )
{
- int ret, n;
+ int ret;
+ size_t n;
SSL_DEBUG_MSG( 2, ( "=> read" ) );
@@ -2124,15 +2129,16 @@
SSL_DEBUG_MSG( 2, ( "<= read" ) );
- return( n );
+ return( (int) n );
}
/*
* Send application data to be encrypted by the SSL layer
*/
-int ssl_write( ssl_context *ssl, const unsigned char *buf, int len )
+int ssl_write( ssl_context *ssl, const unsigned char *buf, size_t len )
{
- int ret, n;
+ int ret;
+ size_t n;
SSL_DEBUG_MSG( 2, ( "=> write" ) );
@@ -2169,7 +2175,7 @@
SSL_DEBUG_MSG( 2, ( "<= write" ) );
- return( n );
+ return( (int) n );
}
/*
diff --git a/library/x509parse.c b/library/x509parse.c
index 9d0ebd2..ddbeb38 100644
--- a/library/x509parse.c
+++ b/library/x509parse.c
@@ -59,7 +59,7 @@
*/
static int asn1_get_len( unsigned char **p,
const unsigned char *end,
- int *len )
+ size_t *len )
{
if( ( end - *p ) < 1 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
@@ -92,7 +92,7 @@
}
}
- if( *len > (int) ( end - *p ) )
+ if( *len > (size_t) ( end - *p ) )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
return( 0 );
@@ -100,7 +100,7 @@
static int asn1_get_tag( unsigned char **p,
const unsigned char *end,
- int *len, int tag )
+ size_t *len, int tag )
{
if( ( end - *p ) < 1 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
@@ -117,7 +117,8 @@
const unsigned char *end,
int *val )
{
- int ret, len;
+ int ret;
+ size_t len;
if( ( ret = asn1_get_tag( p, end, &len, ASN1_BOOLEAN ) ) != 0 )
return( ret );
@@ -135,7 +136,8 @@
const unsigned char *end,
int *val )
{
- int ret, len;
+ int ret;
+ size_t len;
if( ( ret = asn1_get_tag( p, end, &len, ASN1_INTEGER ) ) != 0 )
return( ret );
@@ -158,7 +160,8 @@
const unsigned char *end,
mpi *X )
{
- int ret, len;
+ int ret;
+ size_t len;
if( ( ret = asn1_get_tag( p, end, &len, ASN1_INTEGER ) ) != 0 )
return( ret );
@@ -209,7 +212,8 @@
x509_sequence *cur,
int tag)
{
- int ret, len;
+ int ret;
+ size_t len;
x509_buf *buf;
/* Get main sequence tag */
@@ -260,7 +264,8 @@
const unsigned char *end,
int *ver )
{
- int ret, len;
+ int ret;
+ size_t len;
if( ( ret = asn1_get_tag( p, end, &len,
ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ) != 0 )
@@ -321,7 +326,8 @@
const unsigned char *end,
x509_buf *alg )
{
- int ret, len;
+ int ret;
+ size_t len;
if( ( ret = asn1_get_tag( p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
@@ -365,7 +371,8 @@
const unsigned char *end,
x509_name *cur )
{
- int ret, len;
+ int ret;
+ size_t len;
x509_buf *oid;
x509_buf *val;
@@ -422,7 +429,8 @@
const unsigned char *end,
x509_name *cur )
{
- int ret, len;
+ int ret;
+ size_t len;
const unsigned char *end2;
x509_name *use;
@@ -478,7 +486,8 @@
const unsigned char *end,
x509_time *time )
{
- int ret, len;
+ int ret;
+ size_t len;
char date[64];
unsigned char tag;
@@ -547,7 +556,8 @@
x509_time *from,
x509_time *to )
{
- int ret, len;
+ int ret;
+ size_t len;
if( ( ret = asn1_get_tag( p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
@@ -578,7 +588,8 @@
x509_buf *pk_alg_oid,
mpi *N, mpi *E )
{
- int ret, len, can_handle;
+ int ret, can_handle;
+ size_t len;
unsigned char *end2;
if( ( ret = x509_get_alg( p, end, pk_alg_oid ) ) != 0 )
@@ -651,7 +662,8 @@
const unsigned char *end,
x509_buf *sig )
{
- int ret, len;
+ int ret;
+ size_t len;
sig->tag = **p;
@@ -707,7 +719,8 @@
const unsigned char *end,
x509_buf *ext )
{
- int ret, len;
+ int ret;
+ size_t len;
if( *p == end )
return( 0 );
@@ -747,7 +760,8 @@
const unsigned char *end,
x509_buf *ext )
{
- int ret, len;
+ int ret;
+ size_t len;
if( ( ret = x509_get_ext( p, end, ext ) ) != 0 )
{
@@ -778,7 +792,8 @@
int *ca_istrue,
int *max_pathlen )
{
- int ret, len;
+ int ret;
+ size_t len;
/*
* BasicConstraints ::= SEQUENCE {
@@ -893,7 +908,8 @@
const unsigned char *end,
x509_cert *crt )
{
- int ret, len;
+ int ret;
+ size_t len;
unsigned char *end_ext_data, *end_ext_octet;
if( ( ret = x509_get_ext( p, end, &crt->v3_ext ) ) != 0 )
@@ -1017,7 +1033,8 @@
const unsigned char *end,
x509_crl_entry *entry )
{
- int ret, entry_len;
+ int ret;
+ size_t entry_len;
x509_crl_entry *cur_entry = entry;
if( *p == end )
@@ -1036,7 +1053,7 @@
while( *p < end )
{
- int len2;
+ size_t len2;
if( ( ret = asn1_get_tag( p, end, &len2,
ASN1_SEQUENCE | ASN1_CONSTRUCTED ) ) != 0 )
@@ -1100,9 +1117,10 @@
/*
* Parse one or more certificates and add them to the chained list
*/
-int x509parse_crt( x509_cert *chain, const unsigned char *buf, int buflen )
+int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen )
{
- int ret, len, use_len;
+ int ret;
+ size_t len, use_len;
unsigned char *p, *end;
x509_cert *crt;
#if defined(POLARSSL_PEM_C)
@@ -1207,7 +1225,7 @@
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT );
}
- if( len != (int) ( end - p ) )
+ if( len != (size_t) ( end - p ) )
{
x509_free( crt );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT |
@@ -1436,9 +1454,10 @@
/*
* Parse one or more CRLs and add them to the chained list
*/
-int x509parse_crl( x509_crl *chain, const unsigned char *buf, int buflen )
+int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen )
{
- int ret, len, use_len;
+ int ret;
+ size_t len, use_len;
unsigned char *p, *end;
x509_crl *crl;
#if defined(POLARSSL_PEM_C)
@@ -1543,7 +1562,7 @@
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT );
}
- if( len != (int) ( end - p ) )
+ if( len != (size_t) ( end - p ) )
{
x509_crl_free( crl );
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT |
@@ -1794,10 +1813,11 @@
/*
* Parse a private RSA key
*/
-int x509parse_key( rsa_context *rsa, const unsigned char *key, int keylen,
- const unsigned char *pwd, int pwdlen )
+int x509parse_key( rsa_context *rsa, const unsigned char *key, size_t keylen,
+ const unsigned char *pwd, size_t pwdlen )
{
- int ret, len;
+ int ret;
+ size_t len;
unsigned char *p, *end;
#if defined(POLARSSL_PEM_C)
pem_context pem;
@@ -1942,9 +1962,10 @@
/*
* Parse a public RSA key
*/
-int x509parse_public_key( rsa_context *rsa, const unsigned char *key, int keylen )
+int x509parse_public_key( rsa_context *rsa, const unsigned char *key, size_t keylen )
{
- int ret, len;
+ int ret;
+ size_t len;
unsigned char *p, *end;
x509_buf alg_oid;
#if defined(POLARSSL_PEM_C)
@@ -2053,9 +2074,10 @@
/*
* Parse DHM parameters
*/
-int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, int dhminlen )
+int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen )
{
- int ret, len;
+ int ret;
+ size_t len;
unsigned char *p, *end;
#if defined(POLARSSL_PEM_C)
pem_context pem;
@@ -2180,7 +2202,7 @@
// No quick fix possible
if ( res < 0 )
- return( size + 20 );
+ return( (int) size + 20 );
return res;
}
@@ -2195,13 +2217,13 @@
if( ret == -1 ) \
return( -1 ); \
\
- if ( ret > n ) { \
+ if ( (unsigned int) ret > n ) { \
p[n - 1] = '\0'; \
return POLARSSL_ERR_DEBUG_BUF_TOO_SMALL;\
} \
\
- n -= ret; \
- p += ret; \
+ n -= (unsigned int) ret; \
+ p += (unsigned int) ret; \
}
/*
@@ -2210,7 +2232,8 @@
*/
int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn )
{
- int i, ret, n;
+ int ret;
+ size_t i, n;
unsigned char c;
const x509_name *name;
char s[128], *p;
@@ -2294,7 +2317,7 @@
name = name->next;
}
- return( size - n );
+ return( (int) ( size - n ) );
}
/*
@@ -2303,7 +2326,8 @@
*/
int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial )
{
- int i, ret, nr, n;
+ int ret;
+ size_t i, n, nr;
char *p;
p = buf;
@@ -2319,7 +2343,7 @@
SAFE_SNPRINTF();
}
- return( size - n );
+ return( (int) ( size - n ) );
}
/*
@@ -2328,7 +2352,8 @@
int x509parse_cert_info( char *buf, size_t size, const char *prefix,
const x509_cert *crt )
{
- int n, ret;
+ int ret;
+ size_t n;
char *p;
p = buf;
@@ -2389,7 +2414,7 @@
crt->rsa.N.n * (int) sizeof( unsigned long ) * 8 );
SAFE_SNPRINTF();
- return( size - n );
+ return( (int) ( size - n ) );
}
/* Compare a given OID string with an OID x509_buf * */
@@ -2429,7 +2454,8 @@
/* Return the x.y.z.... style numeric string for the given OID */
int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid )
{
- int ret, n, i;
+ int ret;
+ size_t i, n;
unsigned int value;
char *p;
@@ -2445,7 +2471,7 @@
/* TODO: value can overflow in value. */
value = 0;
- for( i=1; i < oid->len; i++ )
+ for( i = 1; i < oid->len; i++ )
{
value <<= 7;
value += oid->p[i] & 0x7F;
@@ -2459,7 +2485,7 @@
}
}
- return( size - n );
+ return( (int) ( size - n ) );
}
/*
@@ -2468,7 +2494,8 @@
int x509parse_crl_info( char *buf, size_t size, const char *prefix,
const x509_crl *crl )
{
- int i, n, nr, ret;
+ int ret;
+ size_t i, n, nr;
char *p;
const x509_crl_entry *entry;
@@ -2550,7 +2577,7 @@
ret = snprintf( p, n, "\n" );
SAFE_SNPRINTF();
- return( size - n );
+ return( (int) ( size - n ) );
}
/*
@@ -2627,7 +2654,7 @@
*
* \param out Buffer to receive the hash (Should be at least 64 bytes)
*/
-static void x509_hash( const unsigned char *in, int len, int alg,
+static void x509_hash( const unsigned char *in, size_t len, int alg,
unsigned char *out )
{
switch( alg )
@@ -2731,7 +2758,7 @@
int (*f_vrfy)(void *, x509_cert *, int, int),
void *p_vrfy )
{
- int cn_len;
+ size_t cn_len;
int hash_id;
int pathlen;
x509_cert *parent;
@@ -2999,7 +3026,9 @@
int x509_self_test( int verbose )
{
#if defined(POLARSSL_MD5_C)
- int ret, i, j;
+ int ret;
+ int flags;
+ size_t i, j;
x509_cert cacert;
x509_cert clicert;
rsa_context rsa;
@@ -3053,10 +3082,10 @@
if( verbose != 0 )
printf( "passed\n X.509 signature verify: ");
- ret = x509parse_verify( &clicert, &cacert, NULL, "PolarSSL Client 2", &i, NULL, NULL );
+ ret = x509parse_verify( &clicert, &cacert, NULL, "PolarSSL Client 2", &flags, NULL, NULL );
if( ret != 0 )
{
- printf("%02x", i);
+ printf("%02x", flags);
if( verbose != 0 )
printf( "failed\n" );
diff --git a/library/xtea.c b/library/xtea.c
index 036948d..bc473e5 100644
--- a/library/xtea.c
+++ b/library/xtea.c
@@ -29,8 +29,6 @@
#include "polarssl/xtea.h"
-#include <string.h>
-
/*
* 32-bit integer manipulation macros (big endian)
*/
@@ -38,9 +36,9 @@
#define GET_ULONG_BE(n,b,i) \
{ \
(n) = ( (unsigned long) (b)[(i) ] << 24 ) \
- | ( (unsigned long) (b)[(i) + 1] << 16 ) \
- | ( (unsigned long) (b)[(i) + 2] << 8 ) \
- | ( (unsigned long) (b)[(i) + 3] ); \
+ | ( (unsigned long) (b)[(i) + 1] << 16 ) \
+ | ( (unsigned long) (b)[(i) + 2] << 8 ) \
+ | ( (unsigned long) (b)[(i) + 3] ); \
}
#endif
@@ -65,7 +63,7 @@
for( i = 0; i < 4; i++ )
{
- GET_ULONG_BE( ctx->k[i], key, i << 2 );
+ GET_ULONG_BE( ctx->k[i], key, i << 2 );
}
}
@@ -84,25 +82,25 @@
if( mode == XTEA_ENCRYPT )
{
- uint32_t sum = 0, delta = 0x9E3779B9;
+ uint32_t sum = 0, delta = 0x9E3779B9;
- for( i = 0; i < 32; i++ )
- {
- v0 += (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]);
- sum += delta;
- v1 += (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]);
- }
+ for( i = 0; i < 32; i++ )
+ {
+ v0 += (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]);
+ sum += delta;
+ v1 += (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]);
+ }
}
else /* XTEA_DECRYPT */
{
- uint32_t delta = 0x9E3779B9, sum = delta * 32;
+ uint32_t delta = 0x9E3779B9, sum = delta * 32;
- for( i = 0; i < 32; i++ )
- {
- v1 -= (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]);
- sum -= delta;
- v0 -= (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]);
- }
+ for( i = 0; i < 32; i++ )
+ {
+ v1 -= (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]);
+ sum -= delta;
+ v0 -= (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]);
+ }
}
PUT_ULONG_BE( v0, output, 0 );
@@ -116,7 +114,7 @@
*/
int xtea_crypt_cbc( xtea_context *ctx,
int mode,
- int length,
+ size_t length,
unsigned char iv[8],
unsigned char *input,
unsigned char *output)
diff --git a/programs/aes/aescrypt2.c b/programs/aes/aescrypt2.c
index e761554..59caf30 100644
--- a/programs/aes/aescrypt2.c
+++ b/programs/aes/aescrypt2.c
@@ -55,7 +55,8 @@
int main( int argc, char *argv[] )
{
int ret = 1, i, n;
- int keylen, mode, lastn;
+ int mode, lastn;
+ size_t keylen;
FILE *fkey, *fin = NULL, *fout = NULL;
char *p;
diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c
index 4f1b2ec..afd85a7 100644
--- a/programs/aes/crypt_and_hash.c
+++ b/programs/aes/crypt_and_hash.c
@@ -56,7 +56,8 @@
int main( int argc, char *argv[] )
{
int ret = 1, i, n;
- int keylen, mode, lastn, olen;
+ int mode, lastn;
+ size_t keylen, olen;
FILE *fkey, *fin = NULL, *fout = NULL;
char *p;
@@ -291,7 +292,7 @@
for( offset = 0; offset < filesize; offset += cipher_get_block_size( &cipher_ctx ) )
{
n = ( filesize - offset > cipher_get_block_size( &cipher_ctx ) ) ?
- cipher_get_block_size( &cipher_ctx ) : (int) ( filesize - offset );
+ cipher_get_block_size( &cipher_ctx ) : (unsigned int) ( filesize - offset );
if( fread( buffer, 1, n, fin ) != (size_t) n )
{
diff --git a/programs/hash/generic_sum.c b/programs/hash/generic_sum.c
index add0ecd..9437ce8 100644
--- a/programs/hash/generic_sum.c
+++ b/programs/hash/generic_sum.c
@@ -83,7 +83,7 @@
n = sizeof( line );
- while( fgets( line, n - 1, f ) != NULL )
+ while( fgets( line, (int) n - 1, f ) != NULL )
{
n = strlen( line );
diff --git a/programs/hash/md5sum.c b/programs/hash/md5sum.c
index 0b9d004..2d72d99 100644
--- a/programs/hash/md5sum.c
+++ b/programs/hash/md5sum.c
@@ -83,7 +83,7 @@
n = sizeof( line );
- while( fgets( line, n - 1, f ) != NULL )
+ while( fgets( line, (int) n - 1, f ) != NULL )
{
n = strlen( line );
diff --git a/programs/hash/sha1sum.c b/programs/hash/sha1sum.c
index 954568b..03b7766 100644
--- a/programs/hash/sha1sum.c
+++ b/programs/hash/sha1sum.c
@@ -83,7 +83,7 @@
n = sizeof( line );
- while( fgets( line, n - 1, f ) != NULL )
+ while( fgets( line, (int) n - 1, f ) != NULL )
{
n = strlen( line );
diff --git a/programs/hash/sha2sum.c b/programs/hash/sha2sum.c
index 6d07f0d..b369295 100644
--- a/programs/hash/sha2sum.c
+++ b/programs/hash/sha2sum.c
@@ -83,7 +83,7 @@
n = sizeof( line );
- while( fgets( line, n - 1, f ) != NULL )
+ while( fgets( line, (int) n - 1, f ) != NULL )
{
n = strlen( line );
diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c
index 8b9ced4..2001898 100644
--- a/programs/pkey/dh_client.c
+++ b/programs/pkey/dh_client.c
@@ -44,7 +44,8 @@
{
FILE *f;
- int ret, n, buflen;
+ int ret;
+ size_t n, buflen;
int server_fd = -1;
unsigned char *p, *end;
@@ -123,7 +124,7 @@
}
n = buflen = ( buf[0] << 8 ) | buf[1];
- if( buflen < 1 || buflen > (int) sizeof( buf ) )
+ if( buflen < 1 || buflen > sizeof( buf ) )
{
printf( " failed\n ! Got an invalid buffer length\n\n" );
goto exit;
@@ -134,7 +135,7 @@
*/
memset( buf, 0, sizeof( buf ) );
- if( ( ret = net_recv( &server_fd, buf, n ) ) != n )
+ if( ( ret = net_recv( &server_fd, buf, n ) ) != (int) n )
{
printf( " failed\n ! net_recv returned %d\n\n", ret );
goto exit;
@@ -162,7 +163,7 @@
printf( "\n . Verifying the server's RSA signature" );
fflush( stdout );
- if( ( n = (int)( end - p ) ) != rsa.len )
+ if( ( n = (size_t) ( end - p ) ) != rsa.len )
{
ret = 1;
printf( " failed\n ! Invalid RSA signature size\n\n" );
@@ -192,7 +193,7 @@
goto exit;
}
- if( ( ret = net_send( &server_fd, buf, n ) ) != n )
+ if( ( ret = net_send( &server_fd, buf, n ) ) != (int) n )
{
printf( " failed\n ! net_send returned %d\n\n", ret );
goto exit;
diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c
index f093576..dd6b348 100644
--- a/programs/pkey/dh_server.c
+++ b/programs/pkey/dh_server.c
@@ -44,7 +44,8 @@
{
FILE *f;
- int ret, n, buflen;
+ int ret;
+ size_t n, buflen;
int listen_fd = -1;
int client_fd = -1;
@@ -177,7 +178,7 @@
buf2[1] = (unsigned char)( buflen );
if( ( ret = net_send( &client_fd, buf2, 2 ) ) != 2 ||
- ( ret = net_send( &client_fd, buf, buflen ) ) != buflen )
+ ( ret = net_send( &client_fd, buf, buflen ) ) != (int) buflen )
{
printf( " failed\n ! net_send returned %d\n\n", ret );
goto exit;
@@ -192,7 +193,7 @@
memset( buf, 0, sizeof( buf ) );
n = dhm.len;
- if( ( ret = net_recv( &client_fd, buf, n ) ) != n )
+ if( ( ret = net_recv( &client_fd, buf, n ) ) != (int) n )
{
printf( " failed\n ! net_recv returned %d\n\n", ret );
goto exit;
diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c
index 344d030..c283514 100644
--- a/programs/pkey/rsa_sign.c
+++ b/programs/pkey/rsa_sign.c
@@ -36,7 +36,8 @@
int main( int argc, char *argv[] )
{
FILE *f;
- int ret, i;
+ int ret;
+ size_t i;
rsa_context rsa;
unsigned char hash[20];
unsigned char buf[512];
diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c
index 84cb84e..7f52a09 100644
--- a/programs/pkey/rsa_verify.c
+++ b/programs/pkey/rsa_verify.c
@@ -36,7 +36,8 @@
int main( int argc, char *argv[] )
{
FILE *f;
- int ret, i, c;
+ int ret, c;
+ size_t i;
rsa_context rsa;
unsigned char hash[20];
unsigned char buf[512];
diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c
index ce07707..cde83c2 100644
--- a/programs/pkey/rsa_verify_pss.c
+++ b/programs/pkey/rsa_verify_pss.c
@@ -43,7 +43,8 @@
int main( int argc, char *argv[] )
{
FILE *f;
- int ret, i;
+ int ret;
+ size_t i;
rsa_context rsa;
unsigned char hash[20];
unsigned char buf[512];
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 15a0bb0..353c21c 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -92,7 +92,8 @@
x509_cert cacert;
x509_cert clicert;
rsa_context rsa;
- int i, j, n;
+ int i;
+ size_t j, n;
char *p, *q;
const int *list;
diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index 34c065c..de18c46 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -4,7 +4,7 @@
BEGIN_CASE
enc_dec_buf:cipher_id:cipher_string:key_len:length:
- int length = {length};
+ size_t length = {length};
unsigned char key[32];
unsigned char iv[16];
@@ -16,8 +16,8 @@
unsigned char encbuf[64];
unsigned char decbuf[64];
- int outlen = 0;
- int enclen = 0;
+ size_t outlen = 0;
+ size_t enclen = 0;
memset( key, 0, 32 );
memset( iv , 0, 16 );
@@ -107,9 +107,9 @@
BEGIN_CASE
enc_dec_buf_multipart:cipher_id:key_len:first_length:second_length:
- int first_length = {first_length};
- int second_length = {second_length};
- int length = first_length + second_length;
+ size_t first_length = {first_length};
+ size_t second_length = {second_length};
+ size_t length = first_length + second_length;
unsigned char key[32];
unsigned char iv[16];
@@ -121,9 +121,9 @@
unsigned char encbuf[64];
unsigned char decbuf[64];
- int outlen = 0;
- int totaloutlen = 0;
- int enclen = 0;
+ size_t outlen = 0;
+ size_t totaloutlen = 0;
+ size_t enclen = 0;
memset( key, 0, 32 );
memset( iv , 0, 16 );
