diff options
| author | Jack Lloyd <[email protected]> | 2020-06-08 14:40:07 -0400 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2020-11-08 05:01:54 -0500 |
| commit | c8ad260b6d1d06bfc68e9b4f84a1ca019fd16b08 (patch) | |
| tree | 2ac0c990e025e80ee232fa181b0c14f9a3ad38f3 /src/lib/prov/openssl | |
| parent | 9ebdba973c9c86c53e42cc2636e6f373d5e5bc98 (diff) | |
Add -Wshorten-64-to-32 for Clang
See #2365
Diffstat (limited to 'src/lib/prov/openssl')
| -rw-r--r-- | src/lib/prov/openssl/openssl.h | 6 | ||||
| -rw-r--r-- | src/lib/prov/openssl/openssl_block.cpp | 14 | ||||
| -rw-r--r-- | src/lib/prov/openssl/openssl_ec.cpp | 15 | ||||
| -rw-r--r-- | src/lib/prov/openssl/openssl_mode.cpp | 8 | ||||
| -rw-r--r-- | src/lib/prov/openssl/openssl_rc4.cpp | 2 | ||||
| -rw-r--r-- | src/lib/prov/openssl/openssl_rsa.cpp | 18 |
6 files changed, 34 insertions, 29 deletions
diff --git a/src/lib/prov/openssl/openssl.h b/src/lib/prov/openssl/openssl.h index a68dda5af..17bbf650d 100644 --- a/src/lib/prov/openssl/openssl.h +++ b/src/lib/prov/openssl/openssl.h @@ -33,16 +33,16 @@ enum Cipher_Dir : int; class BOTAN_PUBLIC_API(2,0) OpenSSL_Error final : public Exception { public: - OpenSSL_Error(const std::string& what, int err) : + OpenSSL_Error(const std::string& what, unsigned long err) : Exception(what + " failed: " + ERR_error_string(err, nullptr)), m_err(err) {} ErrorType error_type() const noexcept override { return ErrorType::OpenSSLError; } - int error_code() const noexcept override { return m_err; } + int error_code() const noexcept override { return static_cast<int>(m_err); } private: - int m_err; + unsigned long m_err; }; /* Block Ciphers */ diff --git a/src/lib/prov/openssl/openssl_block.cpp b/src/lib/prov/openssl/openssl_block.cpp index fdded7285..138f9f9e1 100644 --- a/src/lib/prov/openssl/openssl_block.cpp +++ b/src/lib/prov/openssl/openssl_block.cpp @@ -6,6 +6,7 @@ */ #include <botan/block_cipher.h> +#include <botan/internal/safeint.h> #include <botan/internal/openssl.h> #include <openssl/evp.h> @@ -38,7 +39,9 @@ class OpenSSL_BlockCipher final : public BlockCipher { verify_key_set(m_key_set); int out_len = 0; - if(!EVP_EncryptUpdate(m_encrypt, out, &out_len, in, blocks * m_block_sz)) + const size_t total_bytes = blocks * m_block_sz; + const int itotal_bytes = checked_cast_to<int>(total_bytes); + if(!EVP_EncryptUpdate(m_encrypt, out, &out_len, in, itotal_bytes)) throw OpenSSL_Error("EVP_EncryptUpdate", ERR_get_error()); } @@ -46,7 +49,9 @@ class OpenSSL_BlockCipher final : public BlockCipher { verify_key_set(m_key_set); int out_len = 0; - if(!EVP_DecryptUpdate(m_decrypt, out, &out_len, in, blocks * m_block_sz)) + const size_t total_bytes = blocks * m_block_sz; + const int itotal_bytes = checked_cast_to<int>(total_bytes); + if(!EVP_DecryptUpdate(m_decrypt, out, &out_len, in, itotal_bytes)) throw OpenSSL_Error("EVP_DecryptUpdate", ERR_get_error()); } @@ -143,8 +148,9 @@ void OpenSSL_BlockCipher::key_schedule(const uint8_t key[], size_t length) } else { - if(EVP_CIPHER_CTX_set_key_length(m_encrypt, length) == 0 || - EVP_CIPHER_CTX_set_key_length(m_decrypt, length) == 0) + const int ilength = checked_cast_to<int>(length); + if(EVP_CIPHER_CTX_set_key_length(m_encrypt, ilength) == 0 || + EVP_CIPHER_CTX_set_key_length(m_decrypt, ilength) == 0) throw Invalid_Argument("OpenSSL_BlockCipher: Bad key length for " + m_cipher_name); } diff --git a/src/lib/prov/openssl/openssl_ec.cpp b/src/lib/prov/openssl/openssl_ec.cpp index 3f691f68a..1bbd613a0 100644 --- a/src/lib/prov/openssl/openssl_ec.cpp +++ b/src/lib/prov/openssl/openssl_ec.cpp @@ -170,22 +170,17 @@ class OpenSSL_ECDSA_Verification_Operation final : public PK_Ops::Verification_w std::unique_ptr<ECDSA_SIG, std::function<void (ECDSA_SIG*)>> sig(nullptr, ECDSA_SIG_free); sig.reset(::ECDSA_SIG_new()); -#if OPENSSL_VERSION_NUMBER < 0x10100000L - sig->r = BN_bin2bn(sig_bytes , sig_len / 2, sig->r); - sig->s = BN_bin2bn(sig_bytes + sig_len / 2, sig_len / 2, sig->s); -#else - BIGNUM* r = BN_bin2bn(sig_bytes , sig_len / 2, nullptr); - BIGNUM* s = BN_bin2bn(sig_bytes + sig_len / 2, sig_len / 2, nullptr); + BIGNUM* r = BN_bin2bn(sig_bytes , static_cast<int>(sig_len / 2), nullptr); + BIGNUM* s = BN_bin2bn(sig_bytes + sig_len / 2, static_cast<int>(sig_len / 2), nullptr); if(r == nullptr || s == nullptr) throw OpenSSL_Error("BN_bin2bn sig s", ERR_get_error()); ECDSA_SIG_set0(sig.get(), r, s); -#endif - const int res = ECDSA_do_verify(msg, msg_len, sig.get(), m_ossl_ec.get()); + const int res = ECDSA_do_verify(msg, static_cast<int>(msg_len), sig.get(), m_ossl_ec.get()); if(res < 0) { - int err = ERR_get_error(); + auto err = ERR_get_error(); bool hard_error = true; @@ -237,7 +232,7 @@ class OpenSSL_ECDSA_Signing_Operation final : public PK_Ops::Signature_with_EMSA RandomNumberGenerator&) override { std::unique_ptr<ECDSA_SIG, std::function<void (ECDSA_SIG*)>> sig(nullptr, ECDSA_SIG_free); - sig.reset(::ECDSA_do_sign(msg, msg_len, m_ossl_ec.get())); + sig.reset(::ECDSA_do_sign(msg, static_cast<int>(msg_len), m_ossl_ec.get())); if(!sig) throw OpenSSL_Error("ECDSA_do_sign", ERR_get_error()); diff --git a/src/lib/prov/openssl/openssl_mode.cpp b/src/lib/prov/openssl/openssl_mode.cpp index 81f8413a2..bdb2f0ca7 100644 --- a/src/lib/prov/openssl/openssl_mode.cpp +++ b/src/lib/prov/openssl/openssl_mode.cpp @@ -112,10 +112,10 @@ size_t OpenSSL_Cipher_Mode::process(uint8_t msg[], size_t msg_len) return 0; if(msg_len > INT_MAX) throw Internal_Error("msg_len overflow"); - int outl = msg_len; + int outl = static_cast<int>(msg_len); secure_vector<uint8_t> out(outl); - if(!EVP_CipherUpdate(m_cipher, out.data(), &outl, msg, msg_len)) + if(!EVP_CipherUpdate(m_cipher, out.data(), &outl, msg, outl)) throw OpenSSL_Error("EVP_CipherUpdate", ERR_get_error()); copy_mem(msg, out.data(), outl); return outl; @@ -132,7 +132,7 @@ void OpenSSL_Cipher_Mode::finish(secure_vector<uint8_t>& buffer, const size_t buf_size = buffer.size() - offset; size_t written = process(buf, buf_size); - int outl = buf_size - written; + int outl = static_cast<int>(buf_size - written); secure_vector<uint8_t> out(outl); if(!EVP_CipherFinal_ex(m_cipher, out.data(), &outl)) @@ -201,7 +201,7 @@ Key_Length_Specification OpenSSL_Cipher_Mode::key_spec() const void OpenSSL_Cipher_Mode::key_schedule(const uint8_t key[], size_t length) { - if(!EVP_CIPHER_CTX_set_key_length(m_cipher, length)) + if(!EVP_CIPHER_CTX_set_key_length(m_cipher, static_cast<int>(length))) throw OpenSSL_Error("EVP_CIPHER_CTX_set_key_length", ERR_get_error()); if(!EVP_CipherInit_ex(m_cipher, nullptr, nullptr, key, nullptr, -1)) throw OpenSSL_Error("EVP_CipherInit_ex key", ERR_get_error()); diff --git a/src/lib/prov/openssl/openssl_rc4.cpp b/src/lib/prov/openssl/openssl_rc4.cpp index 882ef4516..748e31cbb 100644 --- a/src/lib/prov/openssl/openssl_rc4.cpp +++ b/src/lib/prov/openssl/openssl_rc4.cpp @@ -67,7 +67,7 @@ class OpenSSL_RC4 final : public StreamCipher void key_schedule(const uint8_t key[], size_t length) override { - ::RC4_set_key(&m_rc4, length, key); + ::RC4_set_key(&m_rc4, static_cast<int>(length), key); uint8_t d = 0; for(size_t i = 0; i != m_skip; ++i) ::RC4(&m_rc4, 1, &d, &d); diff --git a/src/lib/prov/openssl/openssl_rsa.cpp b/src/lib/prov/openssl/openssl_rsa.cpp index 8fbfa6b5d..05f8c8bed 100644 --- a/src/lib/prov/openssl/openssl_rsa.cpp +++ b/src/lib/prov/openssl/openssl_rsa.cpp @@ -83,7 +83,8 @@ class OpenSSL_RSA_Encryption_Operation final : public PK_Ops::Encryption inbuf.assign(msg, msg + msg_len); } - int rc = ::RSA_public_encrypt(inbuf.size(), inbuf.data(), outbuf.data(), + int rc = ::RSA_public_encrypt(static_cast<int>(inbuf.size()), inbuf.data(), + outbuf.data(), m_openssl_rsa.get(), m_padding); if(rc < 0) throw OpenSSL_Error("RSA_public_encrypt", ERR_get_error()); @@ -118,7 +119,8 @@ class OpenSSL_RSA_Decryption_Operation final : public PK_Ops::Decryption const uint8_t msg[], size_t msg_len) override { secure_vector<uint8_t> buf(::RSA_size(m_openssl_rsa.get())); - int rc = ::RSA_private_decrypt(msg_len, msg, buf.data(), m_openssl_rsa.get(), m_padding); + int rc = ::RSA_private_decrypt(static_cast<int>(msg_len), msg, + buf.data(), m_openssl_rsa.get(), m_padding); if(rc < 0 || static_cast<size_t>(rc) > buf.size()) { valid_mask = 0; @@ -183,7 +185,8 @@ class OpenSSL_RSA_Verification_Operation final : public PK_Ops::Verification_wit secure_vector<uint8_t> outbuf(mod_sz); - int rc = ::RSA_public_decrypt(inbuf.size(), inbuf.data(), outbuf.data(), + int rc = ::RSA_public_decrypt(static_cast<int>(inbuf.size()), inbuf.data(), + outbuf.data(), m_openssl_rsa.get(), RSA_NO_PADDING); if(rc < 0) throw Invalid_Argument("RSA_public_decrypt"); @@ -224,7 +227,8 @@ class OpenSSL_RSA_Signing_Operation final : public PK_Ops::Signature_with_EMSA secure_vector<uint8_t> outbuf(mod_sz); - int rc = ::RSA_private_encrypt(inbuf.size(), inbuf.data(), outbuf.data(), + int rc = ::RSA_private_encrypt(static_cast<int>(inbuf.size()), inbuf.data(), + outbuf.data(), m_openssl_rsa.get(), RSA_NO_PADDING); if(rc < 0) throw OpenSSL_Error("RSA_private_encrypt", ERR_get_error()); @@ -280,9 +284,9 @@ make_openssl_rsa_private_key(RandomNumberGenerator& rng, size_t rsa_bits) if (rsa_bits > INT_MAX) throw Internal_Error("rsa_bits overflow"); - secure_vector<uint8_t> seed(BOTAN_SYSTEM_RNG_POLL_REQUEST); + secure_vector<uint8_t> seed(128); rng.randomize(seed.data(), seed.size()); - RAND_seed(seed.data(), seed.size()); + RAND_seed(seed.data(), static_cast<int>(seed.size())); std::unique_ptr<BIGNUM, std::function<void (BIGNUM*)>> bn(BN_new(), BN_free); if(!bn) @@ -293,7 +297,7 @@ make_openssl_rsa_private_key(RandomNumberGenerator& rng, size_t rsa_bits) std::unique_ptr<RSA, std::function<void (RSA*)>> rsa(RSA_new(), RSA_free); if(!rsa) throw OpenSSL_Error("RSA_new", ERR_get_error()); - if(!RSA_generate_key_ex(rsa.get(), rsa_bits, bn.get(), nullptr)) + if(!RSA_generate_key_ex(rsa.get(), static_cast<int>(rsa_bits), bn.get(), nullptr)) throw OpenSSL_Error("RSA_generate_key_ex", ERR_get_error()); uint8_t* der = nullptr; |