Merge pull request #46 from jimsch/master
Let's do a warning removal pass
diff --git a/.travis.yml b/.travis.yml
index e9e1e40..62078ce 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -37,7 +37,7 @@
- cmake --version
- git clone --depth 1 git://github.com/cose-wg/Examples Examples
- mkdir build
- - cd build && cmake -Duse_context=$USE_CONTEXT -Dcoveralls_send=$COVERALL_SEND -Duse_embedtls=$USE_EMBEDTLS .. && make all test
+ - cd build && cmake -Duse_context=$USE_CONTEXT -Dcoveralls=$COVERALL_SEND -Dcoveralls_send=$COVERALL_SEND -Duse_embedtls=$USE_EMBEDTLS .. && make all test
after_success:
- make coveralls
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 7322d27..095270c 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -2,22 +2,27 @@
# compiling/installing sources for COSE-C
#
+if (use_embedtls)
+ set (cose_crypto mbedtls.c)
+else ()
+ set (cose_crypto openssl.c)
+endif()
+
set ( cose_sources
Cose.c
MacMessage.c
MacMessage0.c
- mbedtls.c
- openssl.c
Sign.c
Sign0.c
cbor.c
Encrypt.c
Encrypt0.c
- Message.c
Recipient.c
SignerInfo.c
+ ${cose_crypto}
)
+
if (use_context)
add_definitions(-DUSE_CBOR_CONTEXT)
endif()
diff --git a/src/Cose.c b/src/Cose.c
index a30dc10..f0552ba 100644
--- a/src/Cose.c
+++ b/src/Cose.c
@@ -221,6 +221,7 @@
bool _COSE_SetExternal(COSE * pcose, const byte * pbExternalData, size_t cbExternalData, cose_errback * perr)
{
+ (void) perr;
pcose->m_pbExternal = pbExternalData;
pcose->m_cbExternal = cbExternalData;
diff --git a/src/Encrypt.c b/src/Encrypt.c
index 089377a..903bb66 100644
--- a/src/Encrypt.c
+++ b/src/Encrypt.c
@@ -178,8 +178,8 @@
{
int alg;
const cn_cbor * cn = NULL;
-
- byte * pbKey = NULL;
+ byte * pbKeyNew = NULL;
+ const byte * pbKey = NULL;
size_t cbitKey = 0;
#ifdef USE_CBOR_CONTEXT
cn_cbor_context * context;
@@ -198,9 +198,9 @@
error:
errorReturn:
if (pbAuthData != NULL) COSE_FREE(pbAuthData, context);
- if ((pbKey != NULL) && (pbKeyIn == NULL)) {
- memset(pbKey, 0xff, cbitKey / 8);
- COSE_FREE(pbKey, context);
+ if (pbKeyNew != NULL) {
+ memset(pbKeyNew, 0xff, cbitKey / 8);
+ COSE_FREE(pbKeyNew, context);
}
return false;
}
@@ -290,9 +290,10 @@
else {
// Allocate the key if we have not already done so
- if (pbKey == NULL) {
- pbKey = COSE_CALLOC(cbitKey / 8, 1, context);
- CHECK_CONDITION(pbKey != NULL, COSE_ERR_OUT_OF_MEMORY);
+ if (pbKeyNew == NULL) {
+ pbKeyNew = COSE_CALLOC(cbitKey / 8, 1, context);
+ CHECK_CONDITION(pbKeyNew != NULL, COSE_ERR_OUT_OF_MEMORY);
+ pbKey = pbKeyNew;
}
// If there is a recipient - ask it for the key
@@ -302,18 +303,18 @@
for (pRecipX = pcose->m_recipientFirst; pRecipX != NULL; pRecipX = pRecipX->m_recipientNext) {
if (pRecipX == pRecip) {
- if (!_COSE_Recipient_decrypt(pRecipX, pRecip, alg, cbitKey, pbKey, perr)) goto errorReturn;
+ if (!_COSE_Recipient_decrypt(pRecipX, pRecip, alg, cbitKey, pbKeyNew, perr)) goto errorReturn;
break;
}
else if (pRecipX->m_encrypt.m_recipientFirst != NULL) {
- if (_COSE_Recipient_decrypt(pRecipX, pRecip, alg, cbitKey, pbKey, perr)) break;
+ if (_COSE_Recipient_decrypt(pRecipX, pRecip, alg, cbitKey, pbKeyNew, perr)) break;
}
}
CHECK_CONDITION(pRecipX != NULL, COSE_ERR_NO_RECIPIENT_FOUND);
}
else {
for (pRecip = pcose->m_recipientFirst; pRecip != NULL; pRecip = pRecip->m_recipientNext) {
- if (_COSE_Recipient_decrypt(pRecip, NULL, alg, cbitKey, pbKey, perr)) break;
+ if (_COSE_Recipient_decrypt(pRecip, NULL, alg, cbitKey, pbKeyNew, perr)) break;
}
CHECK_CONDITION(pRecip != NULL, COSE_ERR_NO_RECIPIENT_FOUND);
}
@@ -399,7 +400,7 @@
}
if (pbAuthData != NULL) COSE_FREE(pbAuthData, context);
- if ((pbKey != NULL) && (pbKeyIn == NULL)) COSE_FREE(pbKey, context);
+ if (pbKeyNew != NULL) COSE_FREE(pbKeyNew, context);
if (perr != NULL) perr->err = COSE_ERR_NONE;
return true;
@@ -430,7 +431,8 @@
cn_cbor_context * context = &pcose->m_message.m_allocContext;
#endif
bool fRet = false;
- byte * pbKey = NULL;
+ byte * pbKeyNew = NULL;
+ const byte * pbKey = NULL;
size_t cbKey = 0;
cn_Alg = _COSE_map_get_int(&pcose->m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
@@ -529,9 +531,9 @@
CHECK_CONDITION(pbKey == NULL, COSE_ERR_INVALID_PARAMETER);
t |= 1;
- pbKey = _COSE_RecipientInfo_generateKey(pri, alg, cbitKey, perr);
+ pbKeyNew = _COSE_RecipientInfo_generateKey(pri, alg, cbitKey, perr);
cbKey = cbitKey / 8;
- if (pbKey == NULL) goto errorReturn;
+ if (pbKeyNew == NULL) goto errorReturn;
}
else {
t |= 2;
@@ -540,11 +542,12 @@
CHECK_CONDITION(t != 3, COSE_ERR_INVALID_PARAMETER);
if (t == 2) {
- pbKey = (byte *)COSE_CALLOC(cbitKey / 8, 1, context);
- CHECK_CONDITION(pbKey != NULL, COSE_ERR_OUT_OF_MEMORY);
+ pbKeyNew = (byte *)COSE_CALLOC(cbitKey / 8, 1, context);
+ CHECK_CONDITION(pbKeyNew != NULL, COSE_ERR_OUT_OF_MEMORY);
cbKey = cbitKey / 8;
- rand_bytes(pbKey, cbKey);
+ rand_bytes(pbKeyNew, cbKey);
}
+ pbKey = pbKeyNew;
}
// Build protected headers
@@ -645,9 +648,9 @@
errorReturn:
if (pbAuthData != NULL) COSE_FREE(pbAuthData, context);
- if ((pbKey != NULL) && (pbKey != pbKeyIn)) {
- memset(pbKey, 0, cbKey);
- COSE_FREE(pbKey, context);
+ if (pbKeyNew != NULL) {
+ memset(pbKeyNew, 0, cbKey);
+ COSE_FREE(pbKeyNew, context);
}
return fRet;
}
diff --git a/src/MacMessage.c b/src/MacMessage.c
index 6fe434b..c638f6e 100644
--- a/src/MacMessage.c
+++ b/src/MacMessage.c
@@ -221,7 +221,7 @@
}
-bool _COSE_Mac_Build_AAD(COSE * pCose, char * szContext, byte ** ppbAuthData, size_t * pcbAuthData, CBOR_CONTEXT_COMMA cose_errback * perr)
+bool _COSE_Mac_Build_AAD(COSE * pCose, const char * szContext, byte ** ppbAuthData, size_t * pcbAuthData, CBOR_CONTEXT_COMMA cose_errback * perr)
{
cn_cbor * pAuthData = NULL;
bool fRet = false;
@@ -321,7 +321,8 @@
#endif
bool fRet = false;
size_t cbAuthData = 0;
- byte * pbKey = NULL;
+ const byte * pbKey = NULL;
+ byte * pbKeyNew = NULL;
size_t cbKey = 0;
cn_Alg = _COSE_map_get_int(&pcose->m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
@@ -400,9 +401,10 @@
CHECK_CONDITION(pbKey == NULL, COSE_ERR_INVALID_PARAMETER);
t |= 1;
- pbKey = _COSE_RecipientInfo_generateKey(pri, alg, cbitKey, perr);
+ pbKeyNew = _COSE_RecipientInfo_generateKey(pri, alg, cbitKey, perr);
cbKey = cbitKey / 8;
- CHECK_CONDITION(pbKey != NULL, COSE_ERR_OUT_OF_MEMORY);
+ CHECK_CONDITION(pbKeyNew != NULL, COSE_ERR_OUT_OF_MEMORY);
+ pbKey = pbKeyNew;
}
else {
t |= 2;
@@ -411,11 +413,11 @@
CHECK_CONDITION(t != 3, COSE_ERR_INVALID_PARAMETER);
if (t == 2) {
- pbKey = (byte *)COSE_CALLOC(cbitKey / 8, 1, context);
- CHECK_CONDITION(pbKey != NULL, COSE_ERR_OUT_OF_MEMORY);
-
+ pbKeyNew = (byte *)COSE_CALLOC(cbitKey / 8, 1, context);
+ CHECK_CONDITION(pbKeyNew != NULL, COSE_ERR_OUT_OF_MEMORY);
+ pbKey = pbKeyNew;
cbKey = cbitKey / 8;
- rand_bytes(pbKey, cbKey);
+ rand_bytes(pbKeyNew, cbKey);
}
}
@@ -490,9 +492,9 @@
fRet = true;
errorReturn:
- if ((pbKey != NULL) && (pbKeyIn != pbKey)) {
- memset(pbKey, 0, cbKey);
- COSE_FREE(pbKey, context);
+ if (pbKeyNew != NULL) {
+ memset(pbKeyNew, 0, cbKey);
+ COSE_FREE(pbKeyNew, context);
}
if (pbAuthData != NULL) COSE_FREE(pbAuthData, context);
return fRet;
@@ -514,13 +516,13 @@
bool _COSE_Mac_validate(COSE_MacMessage * pcose, COSE_RecipientInfo * pRecip, const byte * pbKeyIn, size_t cbKeyIn, const char * szContext, cose_errback * perr)
{
byte * pbAuthData = NULL;
- int cbitKey = 0;
+ size_t cbitKey = 0;
bool fRet = false;
int alg;
const cn_cbor * cn = NULL;
-
- byte * pbKey = NULL;
+ byte * pbKeyNew = NULL;
+ const byte * pbKey = NULL;
#ifdef USE_CBOR_CONTEXT
cn_cbor_context * context = &pcose->m_message.m_allocContext;
#endif
@@ -600,9 +602,10 @@
pbKey = pbKeyIn;
}
else {
- if (pbKey == NULL) {
- pbKey = COSE_CALLOC(cbitKey / 8, 1, context);
- CHECK_CONDITION(pbKey != NULL, COSE_ERR_OUT_OF_MEMORY);
+ if (pbKeyNew == NULL) {
+ pbKeyNew = COSE_CALLOC(cbitKey / 8, 1, context);
+ CHECK_CONDITION(pbKeyNew != NULL, COSE_ERR_OUT_OF_MEMORY);
+ pbKey = pbKeyNew;
}
// If there is a recipient - ask it for the key
@@ -612,18 +615,18 @@
for (pRecipX = pcose->m_recipientFirst; pRecipX != NULL; pRecipX = pRecipX->m_recipientNext) {
if (pRecip == pRecipX) {
- if (!_COSE_Recipient_decrypt(pRecipX, pRecip, alg, cbitKey, pbKey, perr)) goto errorReturn;
+ if (!_COSE_Recipient_decrypt(pRecipX, pRecip, alg, cbitKey, pbKeyNew, perr)) goto errorReturn;
break;
}
else if (pRecipX->m_encrypt.m_recipientFirst != NULL) {
- if (_COSE_Recipient_decrypt(pRecipX, pRecip, alg, cbitKey, pbKey, perr)) break;
+ if (_COSE_Recipient_decrypt(pRecipX, pRecip, alg, cbitKey, pbKeyNew, perr)) break;
}
}
CHECK_CONDITION(pRecipX != NULL, COSE_ERR_NO_RECIPIENT_FOUND);
}
else {
for (pRecip = pcose->m_recipientFirst; pRecip != NULL; pRecip = pRecip->m_recipientNext) {
- if (_COSE_Recipient_decrypt(pRecip, NULL, alg, cbitKey, pbKey, perr)) break;
+ if (_COSE_Recipient_decrypt(pRecip, NULL, alg, cbitKey, pbKeyNew, perr)) break;
}
CHECK_CONDITION(pRecip != NULL, COSE_ERR_NO_RECIPIENT_FOUND);
}
@@ -690,9 +693,9 @@
fRet = true;
errorReturn:
- if ((pbKey != NULL) && (pbKey != pbKeyIn)) {
- memset(pbKey, 0xff, cbitKey / 8);
- COSE_FREE(pbKey, context);
+ if (pbKeyNew != NULL) {
+ memset(pbKeyNew, 0xff, cbitKey / 8);
+ COSE_FREE(pbKeyNew, context);
}
return fRet;
diff --git a/src/Message.c b/src/Message.c
deleted file mode 100644
index 4b9ea25..0000000
--- a/src/Message.c
+++ /dev/null
@@ -1,9 +0,0 @@
-#include <stdlib.h>
-
-#include "cose.h"
-#include "cose_int.h"
-#include "configure.h"
-#include "crypto.h"
-
-
-
diff --git a/src/Recipient.c b/src/Recipient.c
index 92a7a08..8dcbf33 100644
--- a/src/Recipient.c
+++ b/src/Recipient.c
@@ -226,7 +226,7 @@
}
#endif // defined(USE_HKDF_SHA2) || defined(USE_HKDF_AES)
-bool _COSE_Recipient_decrypt(COSE_RecipientInfo * pRecip, COSE_RecipientInfo * pRecipUse, int algIn, int cbitKeyOut, byte * pbKeyOut, cose_errback * perr)
+bool _COSE_Recipient_decrypt(COSE_RecipientInfo * pRecip, COSE_RecipientInfo * pRecipUse, int algIn, size_t cbitKeyOut, byte * pbKeyOut, cose_errback * perr)
{
int alg;
const cn_cbor * cn = NULL;
@@ -239,14 +239,18 @@
COSE_Enveloped * pcose = &pRecip->m_encrypt;
cn_cbor * cnBody = NULL;
byte * pbContext = NULL;
- byte rgbKey[256 / 8];
byte * pbSecret = NULL;
int cbKey2;
byte * pbKeyX = NULL;
int cbitKeyX = 0;
+ byte rgbKey[256 / 8];
+
+ UNUSED(pcose);
#ifdef USE_CBOR_CONTEXT
context = &pcose->m_message.m_allocContext;
+#else
+ UNUSED(pcose);
#endif
cn = _COSE_map_get_int(&pRecip->m_encrypt.m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
diff --git a/src/Sign0.c b/src/Sign0.c
index be725d5..ca3b442 100644
--- a/src/Sign0.c
+++ b/src/Sign0.c
@@ -385,7 +385,6 @@
cn_cbor_context * context = NULL;
#endif
size_t cbToSign;
- cn_cbor * cnSignature = NULL;
bool fRet = false;
#ifdef USE_CBOR_CONTEXT
@@ -408,8 +407,6 @@
if (!CreateSign0AAD(pSign, &pbToSign, &cbToSign, "Signature1", perr)) goto errorReturn;
- cnSignature = _COSE_arrayget_int(&pSign->m_message, INDEX_SIGNATURE);
-
switch (alg) {
#ifdef USE_ECDSA_SHA_256
case COSE_Algorithm_ECDSA_SHA_256:
diff --git a/src/cose_int.h b/src/cose_int.h
index e9149af..129b7da 100644
--- a/src/cose_int.h
+++ b/src/cose_int.h
@@ -8,6 +8,8 @@
typedef struct _COSE_COUNTER_SIGN COSE_CounterSign;
#endif
+#define UNUSED(x) ((void) (x))
+
typedef struct _COSE {
COSE_INIT_FLAGS m_flags; // Not sure what goes here yet
int m_ownMsg; // Do I own the pointer @ m_cbor?
@@ -190,7 +192,7 @@
extern COSE_RecipientInfo * _COSE_Recipient_Init_From_Object(cn_cbor *, CBOR_CONTEXT_COMMA cose_errback * errp);
extern void _COSE_Recipient_Free(COSE_RecipientInfo *);
-extern bool _COSE_Recipient_decrypt(COSE_RecipientInfo * pRecip, COSE_RecipientInfo * pRecipUse, int algIn, int cbitKey, byte * pbKey, cose_errback * errp);
+extern bool _COSE_Recipient_decrypt(COSE_RecipientInfo * pRecip, COSE_RecipientInfo * pRecipUse, int algIn, size_t cbitKey, byte * pbKey, cose_errback * errp);
extern bool _COSE_Recipient_encrypt(COSE_RecipientInfo * pRecipient, const byte * pbContent, size_t cbContent, cose_errback * perr);
extern byte * _COSE_RecipientInfo_generateKey(COSE_RecipientInfo * pRecipient, int algIn, size_t cbitKeySize, cose_errback * perr);
@@ -215,7 +217,7 @@
// Mac-ed items
extern HCOSE_MAC _COSE_Mac_Init_From_Object(cn_cbor *, COSE_MacMessage * pIn, CBOR_CONTEXT_COMMA cose_errback * errp);
extern bool _COSE_Mac_Release(COSE_MacMessage * p);
-extern bool _COSE_Mac_Build_AAD(COSE * pCose, char * szContext, byte ** ppbAuthData, size_t * pcbAuthData, CBOR_CONTEXT_COMMA cose_errback * perr);
+extern bool _COSE_Mac_Build_AAD(COSE * pCose, const char * szContext, byte ** ppbAuthData, size_t * pcbAuthData, CBOR_CONTEXT_COMMA cose_errback * perr);
extern bool _COSE_Mac_compute(COSE_MacMessage * pcose, const byte * pbKeyIn, size_t cbKeyIn, const char * szContext, cose_errback * perr);
extern bool _COSE_Mac_validate(COSE_MacMessage * pcose, COSE_RecipientInfo * pRecip, const byte * pbKeyIn, size_t cbKeyIn, const char * szContext, cose_errback * perr);
diff --git a/src/mbedtls.c b/src/mbedtls.c
index d7c43f1..5108c6e 100644
--- a/src/mbedtls.c
+++ b/src/mbedtls.c
@@ -138,7 +138,6 @@
if (cbor_iv_t != NULL) COSE_FREE(cbor_iv_t, context);
if (rgbOut != NULL) COSE_FREE(rgbOut, context);
if (cnTmp != NULL) COSE_FREE(cnTmp, context);
- printf("errorReturn from OPENSSL\n");
mbedtls_ccm_free(&ctx);
return false;
}
@@ -702,7 +701,7 @@
rgbOut = COSE_CALLOC(mbedtls_md_get_size(info), 1, context);
CHECK_CONDITION(rgbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(!(mbedtls_md_hmac_starts (&contx, (char*)pbKey, cbKey)), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(!(mbedtls_md_hmac_starts (&contx, pbKey, cbKey)), COSE_ERR_CRYPTO_FAIL);
CHECK_CONDITION(!(mbedtls_md_hmac_update (&contx, pbAuthData, cbAuthData)), COSE_ERR_CRYPTO_FAIL);
CHECK_CONDITION(!(mbedtls_md_hmac_finish (&contx, rgbOut)), COSE_ERR_CRYPTO_FAIL);
@@ -741,7 +740,7 @@
rgbOut = COSE_CALLOC(cbOut, 1, context);
CHECK_CONDITION(rgbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(!(mbedtls_md_hmac_starts (&contx, (char*)pbKey, cbKey)), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(!(mbedtls_md_hmac_starts (&contx, pbKey, cbKey)), COSE_ERR_CRYPTO_FAIL);
CHECK_CONDITION(!(mbedtls_md_hmac_update (&contx, pbAuthData, cbAuthData)), COSE_ERR_CRYPTO_FAIL);
CHECK_CONDITION(!(mbedtls_md_hmac_finish (&contx, rgbOut)), COSE_ERR_CRYPTO_FAIL);
diff --git a/src/openssl.c b/src/openssl.c
index 82d5296..f00547d 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -554,6 +554,8 @@
int cbDigest = 0;
byte rgbOut[16];
+ UNUSED(pcose);
+
EVP_CIPHER_CTX_init(&ctx);
switch (cbitKey) {
@@ -644,11 +646,12 @@
HMAC_CTX ctx;
const EVP_MD * pmd = NULL;
size_t ib;
- int cbSalt;
unsigned int cbDigest = 0;
byte rgbDigest[EVP_MAX_MD_SIZE];
byte bCount = 1;
+ UNUSED(pcose);
+
HMAC_CTX_init(&ctx);
if (0) {
@@ -658,9 +661,9 @@
}
switch (cbitDigest) {
- case 256: pmd = EVP_sha256(); cbSalt = 256 / 8; break;
- case 384: pmd = EVP_sha384(); cbSalt = 384 / 8; break;
- case 512: pmd = EVP_sha512(); cbSalt = 512 / 8; break;
+ case 256: pmd = EVP_sha256(); break;
+ case 384: pmd = EVP_sha384(); break;
+ case 512: pmd = EVP_sha512(); break;
default: FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER); break;
}
@@ -1065,6 +1068,8 @@
byte rgbOut[512 / 8];
AES_KEY key;
+ UNUSED(pcose);
+
CHECK_CONDITION(AES_set_decrypt_key(pbKeyIn, (int)cbitKey, &key) == 0, COSE_ERR_CRYPTO_FAIL);
CHECK_CONDITION(AES_unwrap_key(&key, NULL, rgbOut, pbCipherText, (int) cbCipherText), COSE_ERR_CRYPTO_FAIL);