More warning cleanup
diff --git a/src/Encrypt.c b/src/Encrypt.c
index 089377a..903bb66 100644
--- a/src/Encrypt.c
+++ b/src/Encrypt.c
@@ -178,8 +178,8 @@
{
int alg;
const cn_cbor * cn = NULL;
-
- byte * pbKey = NULL;
+ byte * pbKeyNew = NULL;
+ const byte * pbKey = NULL;
size_t cbitKey = 0;
#ifdef USE_CBOR_CONTEXT
cn_cbor_context * context;
@@ -198,9 +198,9 @@
error:
errorReturn:
if (pbAuthData != NULL) COSE_FREE(pbAuthData, context);
- if ((pbKey != NULL) && (pbKeyIn == NULL)) {
- memset(pbKey, 0xff, cbitKey / 8);
- COSE_FREE(pbKey, context);
+ if (pbKeyNew != NULL) {
+ memset(pbKeyNew, 0xff, cbitKey / 8);
+ COSE_FREE(pbKeyNew, context);
}
return false;
}
@@ -290,9 +290,10 @@
else {
// Allocate the key if we have not already done so
- if (pbKey == NULL) {
- pbKey = COSE_CALLOC(cbitKey / 8, 1, context);
- CHECK_CONDITION(pbKey != NULL, COSE_ERR_OUT_OF_MEMORY);
+ if (pbKeyNew == NULL) {
+ pbKeyNew = COSE_CALLOC(cbitKey / 8, 1, context);
+ CHECK_CONDITION(pbKeyNew != NULL, COSE_ERR_OUT_OF_MEMORY);
+ pbKey = pbKeyNew;
}
// If there is a recipient - ask it for the key
@@ -302,18 +303,18 @@
for (pRecipX = pcose->m_recipientFirst; pRecipX != NULL; pRecipX = pRecipX->m_recipientNext) {
if (pRecipX == pRecip) {
- if (!_COSE_Recipient_decrypt(pRecipX, pRecip, alg, cbitKey, pbKey, perr)) goto errorReturn;
+ if (!_COSE_Recipient_decrypt(pRecipX, pRecip, alg, cbitKey, pbKeyNew, perr)) goto errorReturn;
break;
}
else if (pRecipX->m_encrypt.m_recipientFirst != NULL) {
- if (_COSE_Recipient_decrypt(pRecipX, pRecip, alg, cbitKey, pbKey, perr)) break;
+ if (_COSE_Recipient_decrypt(pRecipX, pRecip, alg, cbitKey, pbKeyNew, perr)) break;
}
}
CHECK_CONDITION(pRecipX != NULL, COSE_ERR_NO_RECIPIENT_FOUND);
}
else {
for (pRecip = pcose->m_recipientFirst; pRecip != NULL; pRecip = pRecip->m_recipientNext) {
- if (_COSE_Recipient_decrypt(pRecip, NULL, alg, cbitKey, pbKey, perr)) break;
+ if (_COSE_Recipient_decrypt(pRecip, NULL, alg, cbitKey, pbKeyNew, perr)) break;
}
CHECK_CONDITION(pRecip != NULL, COSE_ERR_NO_RECIPIENT_FOUND);
}
@@ -399,7 +400,7 @@
}
if (pbAuthData != NULL) COSE_FREE(pbAuthData, context);
- if ((pbKey != NULL) && (pbKeyIn == NULL)) COSE_FREE(pbKey, context);
+ if (pbKeyNew != NULL) COSE_FREE(pbKeyNew, context);
if (perr != NULL) perr->err = COSE_ERR_NONE;
return true;
@@ -430,7 +431,8 @@
cn_cbor_context * context = &pcose->m_message.m_allocContext;
#endif
bool fRet = false;
- byte * pbKey = NULL;
+ byte * pbKeyNew = NULL;
+ const byte * pbKey = NULL;
size_t cbKey = 0;
cn_Alg = _COSE_map_get_int(&pcose->m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
@@ -529,9 +531,9 @@
CHECK_CONDITION(pbKey == NULL, COSE_ERR_INVALID_PARAMETER);
t |= 1;
- pbKey = _COSE_RecipientInfo_generateKey(pri, alg, cbitKey, perr);
+ pbKeyNew = _COSE_RecipientInfo_generateKey(pri, alg, cbitKey, perr);
cbKey = cbitKey / 8;
- if (pbKey == NULL) goto errorReturn;
+ if (pbKeyNew == NULL) goto errorReturn;
}
else {
t |= 2;
@@ -540,11 +542,12 @@
CHECK_CONDITION(t != 3, COSE_ERR_INVALID_PARAMETER);
if (t == 2) {
- pbKey = (byte *)COSE_CALLOC(cbitKey / 8, 1, context);
- CHECK_CONDITION(pbKey != NULL, COSE_ERR_OUT_OF_MEMORY);
+ pbKeyNew = (byte *)COSE_CALLOC(cbitKey / 8, 1, context);
+ CHECK_CONDITION(pbKeyNew != NULL, COSE_ERR_OUT_OF_MEMORY);
cbKey = cbitKey / 8;
- rand_bytes(pbKey, cbKey);
+ rand_bytes(pbKeyNew, cbKey);
}
+ pbKey = pbKeyNew;
}
// Build protected headers
@@ -645,9 +648,9 @@
errorReturn:
if (pbAuthData != NULL) COSE_FREE(pbAuthData, context);
- if ((pbKey != NULL) && (pbKey != pbKeyIn)) {
- memset(pbKey, 0, cbKey);
- COSE_FREE(pbKey, context);
+ if (pbKeyNew != NULL) {
+ memset(pbKeyNew, 0, cbKey);
+ COSE_FREE(pbKeyNew, context);
}
return fRet;
}
diff --git a/src/MacMessage.c b/src/MacMessage.c
index c480290..c638f6e 100644
--- a/src/MacMessage.c
+++ b/src/MacMessage.c
@@ -516,7 +516,7 @@
bool _COSE_Mac_validate(COSE_MacMessage * pcose, COSE_RecipientInfo * pRecip, const byte * pbKeyIn, size_t cbKeyIn, const char * szContext, cose_errback * perr)
{
byte * pbAuthData = NULL;
- int cbitKey = 0;
+ size_t cbitKey = 0;
bool fRet = false;
int alg;
diff --git a/src/Recipient.c b/src/Recipient.c
index 92a7a08..de5d6f3 100644
--- a/src/Recipient.c
+++ b/src/Recipient.c
@@ -226,7 +226,7 @@
}
#endif // defined(USE_HKDF_SHA2) || defined(USE_HKDF_AES)
-bool _COSE_Recipient_decrypt(COSE_RecipientInfo * pRecip, COSE_RecipientInfo * pRecipUse, int algIn, int cbitKeyOut, byte * pbKeyOut, cose_errback * perr)
+bool _COSE_Recipient_decrypt(COSE_RecipientInfo * pRecip, COSE_RecipientInfo * pRecipUse, int algIn, size_t cbitKeyOut, byte * pbKeyOut, cose_errback * perr)
{
int alg;
const cn_cbor * cn = NULL;
@@ -239,14 +239,17 @@
COSE_Enveloped * pcose = &pRecip->m_encrypt;
cn_cbor * cnBody = NULL;
byte * pbContext = NULL;
- byte rgbKey[256 / 8];
byte * pbSecret = NULL;
int cbKey2;
byte * pbKeyX = NULL;
int cbitKeyX = 0;
+ UNUSED(pcose);
+
#ifdef USE_CBOR_CONTEXT
context = &pcose->m_message.m_allocContext;
+#else
+ UNUSED(pcose);
#endif
cn = _COSE_map_get_int(&pRecip->m_encrypt.m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
diff --git a/src/Sign0.c b/src/Sign0.c
index be725d5..ca3b442 100644
--- a/src/Sign0.c
+++ b/src/Sign0.c
@@ -385,7 +385,6 @@
cn_cbor_context * context = NULL;
#endif
size_t cbToSign;
- cn_cbor * cnSignature = NULL;
bool fRet = false;
#ifdef USE_CBOR_CONTEXT
@@ -408,8 +407,6 @@
if (!CreateSign0AAD(pSign, &pbToSign, &cbToSign, "Signature1", perr)) goto errorReturn;
- cnSignature = _COSE_arrayget_int(&pSign->m_message, INDEX_SIGNATURE);
-
switch (alg) {
#ifdef USE_ECDSA_SHA_256
case COSE_Algorithm_ECDSA_SHA_256:
diff --git a/src/cose_int.h b/src/cose_int.h
index d9f8057..129b7da 100644
--- a/src/cose_int.h
+++ b/src/cose_int.h
@@ -8,6 +8,8 @@
typedef struct _COSE_COUNTER_SIGN COSE_CounterSign;
#endif
+#define UNUSED(x) ((void) (x))
+
typedef struct _COSE {
COSE_INIT_FLAGS m_flags; // Not sure what goes here yet
int m_ownMsg; // Do I own the pointer @ m_cbor?
@@ -190,7 +192,7 @@
extern COSE_RecipientInfo * _COSE_Recipient_Init_From_Object(cn_cbor *, CBOR_CONTEXT_COMMA cose_errback * errp);
extern void _COSE_Recipient_Free(COSE_RecipientInfo *);
-extern bool _COSE_Recipient_decrypt(COSE_RecipientInfo * pRecip, COSE_RecipientInfo * pRecipUse, int algIn, int cbitKey, byte * pbKey, cose_errback * errp);
+extern bool _COSE_Recipient_decrypt(COSE_RecipientInfo * pRecip, COSE_RecipientInfo * pRecipUse, int algIn, size_t cbitKey, byte * pbKey, cose_errback * errp);
extern bool _COSE_Recipient_encrypt(COSE_RecipientInfo * pRecipient, const byte * pbContent, size_t cbContent, cose_errback * perr);
extern byte * _COSE_RecipientInfo_generateKey(COSE_RecipientInfo * pRecipient, int algIn, size_t cbitKeySize, cose_errback * perr);
diff --git a/src/mbedtls.c b/src/mbedtls.c
index d7c43f1..5108c6e 100644
--- a/src/mbedtls.c
+++ b/src/mbedtls.c
@@ -138,7 +138,6 @@
if (cbor_iv_t != NULL) COSE_FREE(cbor_iv_t, context);
if (rgbOut != NULL) COSE_FREE(rgbOut, context);
if (cnTmp != NULL) COSE_FREE(cnTmp, context);
- printf("errorReturn from OPENSSL\n");
mbedtls_ccm_free(&ctx);
return false;
}
@@ -702,7 +701,7 @@
rgbOut = COSE_CALLOC(mbedtls_md_get_size(info), 1, context);
CHECK_CONDITION(rgbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(!(mbedtls_md_hmac_starts (&contx, (char*)pbKey, cbKey)), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(!(mbedtls_md_hmac_starts (&contx, pbKey, cbKey)), COSE_ERR_CRYPTO_FAIL);
CHECK_CONDITION(!(mbedtls_md_hmac_update (&contx, pbAuthData, cbAuthData)), COSE_ERR_CRYPTO_FAIL);
CHECK_CONDITION(!(mbedtls_md_hmac_finish (&contx, rgbOut)), COSE_ERR_CRYPTO_FAIL);
@@ -741,7 +740,7 @@
rgbOut = COSE_CALLOC(cbOut, 1, context);
CHECK_CONDITION(rgbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(!(mbedtls_md_hmac_starts (&contx, (char*)pbKey, cbKey)), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(!(mbedtls_md_hmac_starts (&contx, pbKey, cbKey)), COSE_ERR_CRYPTO_FAIL);
CHECK_CONDITION(!(mbedtls_md_hmac_update (&contx, pbAuthData, cbAuthData)), COSE_ERR_CRYPTO_FAIL);
CHECK_CONDITION(!(mbedtls_md_hmac_finish (&contx, rgbOut)), COSE_ERR_CRYPTO_FAIL);
diff --git a/src/openssl.c b/src/openssl.c
index 82d5296..f00547d 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -554,6 +554,8 @@
int cbDigest = 0;
byte rgbOut[16];
+ UNUSED(pcose);
+
EVP_CIPHER_CTX_init(&ctx);
switch (cbitKey) {
@@ -644,11 +646,12 @@
HMAC_CTX ctx;
const EVP_MD * pmd = NULL;
size_t ib;
- int cbSalt;
unsigned int cbDigest = 0;
byte rgbDigest[EVP_MAX_MD_SIZE];
byte bCount = 1;
+ UNUSED(pcose);
+
HMAC_CTX_init(&ctx);
if (0) {
@@ -658,9 +661,9 @@
}
switch (cbitDigest) {
- case 256: pmd = EVP_sha256(); cbSalt = 256 / 8; break;
- case 384: pmd = EVP_sha384(); cbSalt = 384 / 8; break;
- case 512: pmd = EVP_sha512(); cbSalt = 512 / 8; break;
+ case 256: pmd = EVP_sha256(); break;
+ case 384: pmd = EVP_sha384(); break;
+ case 512: pmd = EVP_sha512(); break;
default: FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER); break;
}
@@ -1065,6 +1068,8 @@
byte rgbOut[512 / 8];
AES_KEY key;
+ UNUSED(pcose);
+
CHECK_CONDITION(AES_set_decrypt_key(pbKeyIn, (int)cbitKey, &key) == 0, COSE_ERR_CRYPTO_FAIL);
CHECK_CONDITION(AES_unwrap_key(&key, NULL, rgbOut, pbCipherText, (int) cbCipherText), COSE_ERR_CRYPTO_FAIL);