diff options
42 files changed, 136 insertions, 101 deletions
diff --git a/src/cli/credentials.h b/src/cli/credentials.h index 99733e42b..3b7a177fc 100644 --- a/src/cli/credentials.h +++ b/src/cli/credentials.h @@ -50,9 +50,8 @@ class Basic_Credentials_Manager : public Botan::Credentials_Manager { cert.certs.push_back(Botan::X509_Certificate(in)); } - catch(std::exception& e) + catch(std::exception&) { - } } @@ -74,9 +73,8 @@ class Basic_Credentials_Manager : public Botan::Credentials_Manager m_certstores.push_back(cs); } } - catch(std::exception& e) + catch(std::exception&) { - //std::cout << e.what() << "\n"; } } diff --git a/src/cli/timing_tests.cpp b/src/cli/timing_tests.cpp index 4e90751ff..511eac8bc 100644 --- a/src/cli/timing_tests.cpp +++ b/src/cli/timing_tests.cpp @@ -156,7 +156,7 @@ class Manger_Timing_Test : public Timing_Test { m_dec.decrypt(input.data(), m_ctext_length); } - catch(Botan::Decoding_Error& e) + catch(Botan::Decoding_Error&) { } ticks end = get_ticks(); @@ -229,7 +229,7 @@ ticks Lucky13_Timing_Test::measure_critical_function(std::vector<uint8_t> input) { m_dec.finish(data); } - catch(Botan::TLS::TLS_Exception& e) + catch(Botan::TLS::TLS_Exception&) { } ticks end = get_ticks(); diff --git a/src/cli/utils.cpp b/src/cli/utils.cpp index 2bf03c760..63e0fc7d6 100644 --- a/src/cli/utils.cpp +++ b/src/cli/utils.cpp @@ -328,7 +328,15 @@ class Generate_Bcrypt final : public Command const std::string password = get_arg("password"); const size_t wf = get_arg_sz("work-factor"); - output() << Botan::generate_bcrypt(password, rng(), wf) << "\n"; + if(wf < 4 || wf > 18) + { + error_output() << "Invalid bcrypt work factor\n"; + } + else + { + const uint16_t wf16 = static_cast<uint16_t>(wf); + output() << Botan::generate_bcrypt(password, rng(), wf16) << "\n"; + } } }; diff --git a/src/lib/asn1/asn1_oid.cpp b/src/lib/asn1/asn1_oid.cpp index d9436e6d9..7c7161f47 100644 --- a/src/lib/asn1/asn1_oid.cpp +++ b/src/lib/asn1/asn1_oid.cpp @@ -130,7 +130,11 @@ void OID::encode_into(DER_Encoder& der) const throw Invalid_Argument("OID::encode_into: OID is invalid"); std::vector<uint8_t> encoding; - encoding.push_back(40 * m_id[0] + m_id[1]); + + if(m_id[0] > 2 || m_id[1] >= 40) + throw Encoding_Error("Invalid OID prefix, cannot encode"); + + encoding.push_back(static_cast<uint8_t>(40 * m_id[0] + m_id[1])); for(size_t i = 2; i != m_id.size(); ++i) { diff --git a/src/lib/asn1/der_enc.cpp b/src/lib/asn1/der_enc.cpp index 071e330ff..31955e915 100644 --- a/src/lib/asn1/der_enc.cpp +++ b/src/lib/asn1/der_enc.cpp @@ -36,7 +36,7 @@ secure_vector<uint8_t> encode_tag(ASN1_Tag type_tag, ASN1_Tag class_tag) BOTAN_ASSERT(blocks > 0, "Math works"); - encoded_tag.push_back(class_tag | 0x1F); + encoded_tag.push_back(static_cast<uint8_t>(class_tag | 0x1F)); for(size_t i = 0; i != blocks - 1; ++i) encoded_tag.push_back(0x80 | ((type_tag >> 7*(blocks-i-1)) & 0x7F)); encoded_tag.push_back(type_tag & 0x7F); diff --git a/src/lib/block/cast/cast128.cpp b/src/lib/block/cast/cast128.cpp index d955dfeef..26076e128 100644 --- a/src/lib/block/cast/cast128.cpp +++ b/src/lib/block/cast/cast128.cpp @@ -323,7 +323,11 @@ void CAST_128::cast_ks(secure_vector<uint32_t>& K, class ByteReader { public: - uint8_t operator()(size_t i) { return (m_X[i/4] >> (8*(3 - (i%4)))); } + uint8_t operator()(size_t i) const + { + return static_cast<uint8_t>(m_X[i/4] >> (8*(3 - (i%4)))); + } + explicit ByteReader(const uint32_t* x) : m_X(x) {} private: const uint32_t* m_X; diff --git a/src/lib/block/idea/idea.cpp b/src/lib/block/idea/idea.cpp index 2be15be2e..4795a126a 100644 --- a/src/lib/block/idea/idea.cpp +++ b/src/lib/block/idea/idea.cpp @@ -26,7 +26,7 @@ inline uint16_t mul(uint16_t x, uint16_t y) const uint32_t P_hi = P >> 16; const uint32_t P_lo = P & 0xFFFF; - const uint16_t r_1 = (P_lo - P_hi) + (P_lo < P_hi); + const uint16_t r_1 = static_cast<uint16_t>((P_lo - P_hi) + (P_lo < P_hi)); const uint16_t r_2 = 1 - x - y; return CT::select(Z_mask, r_1, r_2); diff --git a/src/lib/ffi/ffi_cipher.cpp b/src/lib/ffi/ffi_cipher.cpp index 6bb45dec8..72fa2eec8 100644 --- a/src/lib/ffi/ffi_cipher.cpp +++ b/src/lib/ffi/ffi_cipher.cpp @@ -100,7 +100,7 @@ int botan_cipher_update(botan_cipher_t cipher_obj, { cipher.finish(mbuf); } - catch(Integrity_Failure& e) + catch(Integrity_Failure&) { return BOTAN_FFI_ERROR_BAD_MAC; } diff --git a/src/lib/ffi/ffi_kdf.cpp b/src/lib/ffi/ffi_kdf.cpp index 058c4c655..1a4c40893 100644 --- a/src/lib/ffi/ffi_kdf.cpp +++ b/src/lib/ffi/ffi_kdf.cpp @@ -72,11 +72,11 @@ int botan_bcrypt_generate(uint8_t* out, size_t* out_len, if(flags != 0) return BOTAN_FFI_ERROR_BAD_FLAG; - if(wf < 2 || wf > 30) + if(wf < 4 || wf > 18) throw FFI_Error("Bad bcrypt work factor " + std::to_string(wf)); Botan::RandomNumberGenerator& rng = safe_get(rng_obj); - const std::string bcrypt = Botan::generate_bcrypt(pass, rng, wf); + const std::string bcrypt = Botan::generate_bcrypt(pass, rng, static_cast<uint16_t>(wf)); return write_str_output(out, out_len, bcrypt); }); #else diff --git a/src/lib/filters/pipe_io.cpp b/src/lib/filters/pipe_io.cpp index b1787a5a8..5367acba9 100644 --- a/src/lib/filters/pipe_io.cpp +++ b/src/lib/filters/pipe_io.cpp @@ -18,7 +18,7 @@ std::ostream& operator<<(std::ostream& stream, Pipe& pipe) secure_vector<uint8_t> buffer(DEFAULT_BUFFERSIZE); while(stream.good() && pipe.remaining()) { - size_t got = pipe.read(buffer.data(), buffer.size()); + const size_t got = pipe.read(buffer.data(), buffer.size()); stream.write(reinterpret_cast<const char*>(buffer.data()), got); } if(!stream.good()) @@ -35,7 +35,8 @@ std::istream& operator>>(std::istream& stream, Pipe& pipe) while(stream.good()) { stream.read(reinterpret_cast<char*>(buffer.data()), buffer.size()); - pipe.write(buffer.data(), stream.gcount()); + const size_t got = static_cast<size_t>(stream.gcount()); + pipe.write(buffer.data(), got); } if(stream.bad() || (stream.fail() && !stream.eof())) throw Stream_IO_Error("Pipe input operator (iostream) has failed"); diff --git a/src/lib/hash/par_hash/par_hash.cpp b/src/lib/hash/par_hash/par_hash.cpp index af43d6d97..a0297dfe8 100644 --- a/src/lib/hash/par_hash/par_hash.cpp +++ b/src/lib/hash/par_hash/par_hash.cpp @@ -18,7 +18,7 @@ void Parallel::add_data(const uint8_t input[], size_t length) void Parallel::final_result(uint8_t out[]) { - uint32_t offset = 0; + size_t offset = 0; for(auto&& hash : m_hashes) { diff --git a/src/lib/hash/streebog/streebog.cpp b/src/lib/hash/streebog/streebog.cpp index c58320bca..ae2fe1fef 100644 --- a/src/lib/hash/streebog/streebog.cpp +++ b/src/lib/hash/streebog/streebog.cpp @@ -115,12 +115,10 @@ void Streebog::clear() m_count = 0; m_position = 0; zeroise(m_buffer); - if(m_output_bits == 256) - { std::fill(m_h.begin(), m_h.end(), 0x0101010101010101ULL); } - else - { std::fill(m_h.begin(), m_h.end(), 0x0ULL); } - zeroise(m_S); + + const uint64_t fill = (m_output_bits == 512) ? 0 : 0x0101010101010101; + std::fill(m_h.begin(), m_h.end(), fill); } /* @@ -148,7 +146,9 @@ void Streebog::add_data(const uint8_t input[], size_t length) void Streebog::final_result(uint8_t output[]) { m_buffer[m_position++] = 0x01; - std::fill(m_buffer.begin() + m_position, m_buffer.end(), 0x00); + + if(m_position != m_buffer.size()) + clear_mem(&m_buffer[m_position], m_buffer.size() - m_position); compress(m_buffer.data()); m_count += (m_position - 1) * 8; diff --git a/src/lib/mac/hmac/hmac.cpp b/src/lib/mac/hmac/hmac.cpp index aeadf4520..32f62f0c2 100644 --- a/src/lib/mac/hmac/hmac.cpp +++ b/src/lib/mac/hmac/hmac.cpp @@ -40,8 +40,11 @@ void HMAC::key_schedule(const uint8_t key[], size_t length) m_ikey.resize(m_hash->hash_block_size()); m_okey.resize(m_hash->hash_block_size()); - std::fill(m_ikey.begin(), m_ikey.end(), 0x36); - std::fill(m_okey.begin(), m_okey.end(), 0x5C); + const uint8_t ipad = 0x36; + const uint8_t opad = 0x5C; + + std::fill(m_ikey.begin(), m_ikey.end(), ipad); + std::fill(m_okey.begin(), m_okey.end(), opad); if(length > m_hash->hash_block_size()) { diff --git a/src/lib/mac/siphash/siphash.cpp b/src/lib/mac/siphash/siphash.cpp index c6ef68889..54adcd5a5 100644 --- a/src/lib/mac/siphash/siphash.cpp +++ b/src/lib/mac/siphash/siphash.cpp @@ -39,7 +39,8 @@ void SipRounds(uint64_t M, secure_vector<uint64_t>& V, size_t r) void SipHash::add_data(const uint8_t input[], size_t length) { - m_words += length; + // SipHash counts the message length mod 256 + m_words += static_cast<uint8_t>(length); if(m_mbuf_pos) { diff --git a/src/lib/math/numbertheory/powm_fw.cpp b/src/lib/math/numbertheory/powm_fw.cpp index 770f345c6..ea3f5ecf0 100644 --- a/src/lib/math/numbertheory/powm_fw.cpp +++ b/src/lib/math/numbertheory/powm_fw.cpp @@ -26,7 +26,7 @@ void Fixed_Window_Exponentiator::set_base(const BigInt& base) { m_window_bits = Power_Mod::window_bits(m_exp.bits(), base.bits(), m_hints); - m_g.resize((1 << m_window_bits)); + m_g.resize((1U << m_window_bits)); m_g[0] = 1; m_g[1] = base; diff --git a/src/lib/math/numbertheory/powm_mnt.cpp b/src/lib/math/numbertheory/powm_mnt.cpp index e45816950..7e5c0be55 100644 --- a/src/lib/math/numbertheory/powm_mnt.cpp +++ b/src/lib/math/numbertheory/powm_mnt.cpp @@ -28,7 +28,7 @@ void Montgomery_Exponentiator::set_base(const BigInt& base) { m_window_bits = Power_Mod::window_bits(m_exp.bits(), base.bits(), m_hints); - m_g.resize((1 << m_window_bits)); + m_g.resize((1U << m_window_bits)); BigInt z(BigInt::Positive, 2 * (m_mod_words + 1)); secure_vector<word> workspace(z.size()); diff --git a/src/lib/misc/rfc3394/rfc3394.cpp b/src/lib/misc/rfc3394/rfc3394.cpp index 2ec49ac65..3bb792723 100644 --- a/src/lib/misc/rfc3394/rfc3394.cpp +++ b/src/lib/misc/rfc3394/rfc3394.cpp @@ -39,7 +39,7 @@ secure_vector<uint8_t> rfc3394_keywrap(const secure_vector<uint8_t>& key, { for(size_t i = 1; i <= n; ++i) { - const uint32_t t = (n * j) + i; + const uint32_t t = static_cast<uint32_t>((n * j) + i); copy_mem(&A[8], &R[8*i], 8); @@ -84,7 +84,7 @@ secure_vector<uint8_t> rfc3394_keyunwrap(const secure_vector<uint8_t>& key, { for(size_t i = n; i != 0; --i) { - const uint32_t t = (5 - j) * n + i; + const uint32_t t = static_cast<uint32_t>((5 - j) * n + i); uint8_t t_buf[4] = { 0 }; store_be(t, t_buf); diff --git a/src/lib/modes/aead/ccm/ccm.cpp b/src/lib/modes/aead/ccm/ccm.cpp index db0d2d58b..b7f81e5ab 100644 --- a/src/lib/modes/aead/ccm/ccm.cpp +++ b/src/lib/modes/aead/ccm/ccm.cpp @@ -136,7 +136,8 @@ secure_vector<uint8_t> CCM_Mode::format_b0(size_t sz) { secure_vector<uint8_t> B0(CCM_BS); - const uint8_t b_flags = (m_ad_buf.size() ? 64 : 0) + (((tag_size()/2)-1) << 3) + (L()-1); + const uint8_t b_flags = + static_cast<uint8_t>((m_ad_buf.size() ? 64 : 0) + (((tag_size()/2)-1) << 3) + (L()-1)); B0[0] = b_flags; copy_mem(&B0[1], m_nonce.data(), m_nonce.size()); @@ -149,7 +150,7 @@ secure_vector<uint8_t> CCM_Mode::format_c0() { secure_vector<uint8_t> C(CCM_BS); - const uint8_t a_flags = L()-1; + const uint8_t a_flags = static_cast<uint8_t>(L() - 1); C[0] = a_flags; copy_mem(&C[1], m_nonce.data(), m_nonce.size()); diff --git a/src/lib/modes/mode_pad/mode_pad.cpp b/src/lib/modes/mode_pad/mode_pad.cpp index afcce786d..f93b2dccc 100644 --- a/src/lib/modes/mode_pad/mode_pad.cpp +++ b/src/lib/modes/mode_pad/mode_pad.cpp @@ -57,13 +57,13 @@ size_t PKCS7_Padding::unpad(const uint8_t block[], size_t size) const size_t bad_input = 0; const uint8_t last_byte = block[size-1]; - bad_input |= CT::expand_mask(last_byte > size); + bad_input |= CT::expand_mask<size_t>(last_byte > size); size_t pad_pos = size - last_byte; size_t i = size - 2; while(i) { - bad_input |= ~CT::is_equal(block[i],last_byte) & CT::expand_mask(i >= pad_pos); + bad_input |= (~CT::is_equal(block[i],last_byte)) & CT::expand_mask<uint8_t>(i >= pad_pos); --i; } @@ -98,13 +98,13 @@ size_t ANSI_X923_Padding::unpad(const uint8_t block[], size_t size) const size_t bad_input = 0; const size_t last_byte = block[size-1]; - bad_input |= CT::expand_mask(last_byte > size); + bad_input |= CT::expand_mask<size_t>(last_byte > size); size_t pad_pos = size - last_byte; size_t i = size - 2; while(i) { - bad_input |= ~CT::is_zero(block[i]) & CT::expand_mask(i >= pad_pos); + bad_input |= (~CT::is_zero(block[i])) & CT::expand_mask<uint8_t>(i >= pad_pos); --i; } CT::conditional_copy_mem(bad_input,&pad_pos,&size,&pad_pos,1); @@ -177,13 +177,13 @@ size_t ESP_Padding::unpad(const uint8_t block[], size_t size) const const size_t last_byte = block[size-1]; size_t bad_input = 0; - bad_input |= CT::expand_mask(last_byte > size); + bad_input |= CT::expand_mask<size_t>(last_byte > size); size_t pad_pos = size - last_byte; size_t i = size - 1; while(i) { - bad_input |= ~CT::is_equal<size_t>(size_t(block[i-1]),size_t(block[i])-1) & CT::expand_mask(i > pad_pos); + bad_input |= ~CT::is_equal<uint8_t>(size_t(block[i-1]),size_t(block[i])-1) & CT::expand_mask<uint8_t>(i > pad_pos); --i; } CT::conditional_copy_mem(bad_input,&pad_pos,&size,&pad_pos,1); diff --git a/src/lib/passhash/bcrypt/bcrypt.cpp b/src/lib/passhash/bcrypt/bcrypt.cpp index 8cea34a97..4f3cda2ae 100644 --- a/src/lib/passhash/bcrypt/bcrypt.cpp +++ b/src/lib/passhash/bcrypt/bcrypt.cpp @@ -138,7 +138,7 @@ bool check_bcrypt(const std::string& pass, const std::string& hash) return false; } - const uint16_t workfactor = to_u32bit(hash.substr(4, 2)); + const uint16_t workfactor = to_uint16(hash.substr(4, 2)); const std::vector<uint8_t> salt = bcrypt_base64_decode(hash.substr(7, 22)); if(salt.size() != 16) diff --git a/src/lib/pbkdf/pgp_s2k/pgp_s2k.cpp b/src/lib/pbkdf/pgp_s2k/pgp_s2k.cpp index 21edb6afc..f298bb3e4 100644 --- a/src/lib/pbkdf/pgp_s2k/pgp_s2k.cpp +++ b/src/lib/pbkdf/pgp_s2k/pgp_s2k.cpp @@ -57,9 +57,9 @@ uint8_t OpenPGP_S2K::encode_count(size_t desired_iterations) */ for(size_t c = 0; c < 256; ++c) { - size_t decoded_iter = OPENPGP_S2K_ITERS[c]; + const uint32_t decoded_iter = OPENPGP_S2K_ITERS[c]; if(decoded_iter >= desired_iterations) - return c; + return static_cast<uint8_t>(c); } return 255; diff --git a/src/lib/pubkey/dl_algo/dl_algo.cpp b/src/lib/pubkey/dl_algo/dl_algo.cpp index 1c4fc5177..4f0e38e9f 100644 --- a/src/lib/pubkey/dl_algo/dl_algo.cpp +++ b/src/lib/pubkey/dl_algo/dl_algo.cpp @@ -76,7 +76,7 @@ bool DL_Scheme_PublicKey::check_key(RandomNumberGenerator& rng, if(power_mod(m_y, q, p) != 1) return false; } - catch(const Invalid_State& e) + catch(const Invalid_State&) { return true; } diff --git a/src/lib/pubkey/ecdh/ecdh.h b/src/lib/pubkey/ecdh/ecdh.h index f6ffb0a6e..baa3f6f94 100644 --- a/src/lib/pubkey/ecdh/ecdh.h +++ b/src/lib/pubkey/ecdh/ecdh.h @@ -54,7 +54,7 @@ class BOTAN_DLL ECDH_PublicKey : public virtual EC_PublicKey * @return public point value */ std::vector<uint8_t> public_value(PointGFp::Compression_Type type) const - { return unlock(EC2OSP(public_point(), type)); } + { return unlock(EC2OSP(public_point(), static_cast<uint8_t>(type))); } protected: ECDH_PublicKey() = default; diff --git a/src/lib/pubkey/mce/gf2m_small_m.h b/src/lib/pubkey/mce/gf2m_small_m.h index d49325def..d8c5f5b8f 100644 --- a/src/lib/pubkey/mce/gf2m_small_m.h +++ b/src/lib/pubkey/mce/gf2m_small_m.h @@ -203,7 +203,7 @@ class BOTAN_DLL GF2m_Field when 0 <= d < q, we get (d) when q <= d < 2q-1, we get (d-q+1) */ - return (((d) & gf_ord()) + ((d) >> get_extension_degree())); + return static_cast<gf2m>(((d) & gf_ord()) + ((d) >> get_extension_degree())); } gf2m m_gf_extension_degree, m_gf_multiplicative_order; diff --git a/src/lib/pubkey/mce/mce_workfactor.cpp b/src/lib/pubkey/mce/mce_workfactor.cpp index 51cfcc269..f1dddeee9 100644 --- a/src/lib/pubkey/mce/mce_workfactor.cpp +++ b/src/lib/pubkey/mce/mce_workfactor.cpp @@ -106,7 +106,7 @@ size_t mceliece_work_factor(size_t n, size_t t) min = std::min(min, lwf); } - return min; + return static_cast<size_t>(min); } } diff --git a/src/lib/pubkey/pbes2/pbes2.cpp b/src/lib/pubkey/pbes2/pbes2.cpp index b0a7f336d..6bc7a23c3 100644 --- a/src/lib/pubkey/pbes2/pbes2.cpp +++ b/src/lib/pubkey/pbes2/pbes2.cpp @@ -125,7 +125,7 @@ pbes2_encrypt(const secure_vector<uint8_t>& key_bits, const std::string& digest, RandomNumberGenerator& rng) { - size_t msec_in_iterations_out = msec.count(); + size_t msec_in_iterations_out = static_cast<size_t>(msec.count()); return pbes2_encrypt_shared(key_bits, passphrase, &msec_in_iterations_out, 0, cipher, digest, rng); // return value msec_in_iterations_out discarded } @@ -139,7 +139,7 @@ pbes2_encrypt_msec(const secure_vector<uint8_t>& key_bits, const std::string& digest, RandomNumberGenerator& rng) { - size_t msec_in_iterations_out = msec.count(); + size_t msec_in_iterations_out = static_cast<size_t>(msec.count()); auto ret = pbes2_encrypt_shared(key_bits, passphrase, &msec_in_iterations_out, 0, cipher, digest, rng); diff --git a/src/lib/pubkey/xmss/xmss_address.h b/src/lib/pubkey/xmss/xmss_address.h index 8a53d4e80..0ae0092a9 100644 --- a/src/lib/pubkey/xmss/xmss_address.h +++ b/src/lib/pubkey/xmss/xmss_address.h @@ -113,7 +113,7 @@ class XMSS_Address void set_type(Type type) { m_data[15] = static_cast<uint8_t>(type); - std::fill(m_data.begin() + 16, m_data.end(), 0); + std::fill(m_data.begin() + 16, m_data.end(), static_cast<uint8_t>(0)); } /** diff --git a/src/lib/pubkey/xmss/xmss_verification_operation.cpp b/src/lib/pubkey/xmss/xmss_verification_operation.cpp index fe712d4c8..5f8c3a721 100644 --- a/src/lib/pubkey/xmss/xmss_verification_operation.cpp +++ b/src/lib/pubkey/xmss/xmss_verification_operation.cpp @@ -117,7 +117,7 @@ bool XMSS_Verification_Operation::is_valid_signature(const uint8_t sig[], m_msg_buf.clear(); return result; } - catch(Integrity_Failure& e) + catch(Integrity_Failure&) { m_msg_buf.clear(); return false; diff --git a/src/lib/tls/tls_cbc/tls_cbc.cpp b/src/lib/tls/tls_cbc/tls_cbc.cpp index 9e178a457..e63893d75 100644 --- a/src/lib/tls/tls_cbc/tls_cbc.cpp +++ b/src/lib/tls/tls_cbc/tls_cbc.cpp @@ -134,8 +134,8 @@ void TLS_CBC_HMAC_AEAD_Encryption::set_associated_data(const uint8_t ad[], size_ if(use_encrypt_then_mac()) { // AAD hack for EtM - size_t pt_size = make_uint16(assoc_data()[11], assoc_data()[12]); - size_t enc_size = round_up(iv_size() + pt_size + 1, block_size()); + const uint16_t pt_size = make_uint16(assoc_data()[11], assoc_data()[12]); + const uint16_t enc_size = round_up(iv_size() + pt_size + 1, block_size()); assoc_data()[11] = get_byte<uint16_t>(0, enc_size); assoc_data()[12] = get_byte<uint16_t>(1, enc_size); } @@ -344,11 +344,11 @@ void TLS_CBC_HMAC_AEAD_Decryption::perform_additional_compressions(size_t plen, max_bytes_in_first_block = 55; } // number of maximum MACed bytes - const uint16_t L1 = 13 + plen - tag_size(); + const uint16_t L1 = static_cast<uint16_t>(13 + plen - tag_size()); // number of current MACed bytes (L1 - padlen) // Here the Lucky 13 paper is different because the padlen length in the paper // does not count the last message byte. - const uint16_t L2 = 13 + plen - padlen - tag_size(); + const uint16_t L2 = static_cast<uint16_t>(13 + plen - padlen - tag_size()); // From the paper, for SHA-256/SHA-1 compute: ceil((L1-55)/64) and ceil((L2-55)/64) // ceil((L1-55)/64) = floor((L1+64-1-55)/64) // Here we compute number of compressions for SHA-* in general @@ -416,7 +416,7 @@ void TLS_CBC_HMAC_AEAD_Decryption::finish(secure_vector<uint8_t>& buffer, size_t } const uint8_t* plaintext_block = &record_contents[0]; - const uint16_t plaintext_length = enc_size - pad_size; + const size_t plaintext_length = enc_size - pad_size; buffer.insert(buffer.end(), plaintext_block, plaintext_block + plaintext_length); } diff --git a/src/lib/tls/tls_policy.h b/src/lib/tls/tls_policy.h index 6ddfff749..35d439399 100644 --- a/src/lib/tls/tls_policy.h +++ b/src/lib/tls/tls_policy.h @@ -526,9 +526,9 @@ class BOTAN_DLL Text_Policy : public Policy std::vector<uint16_t> srtp_profiles() const override { std::vector<uint16_t> r; - for(auto&& p : get_list("srtp_profiles", std::vector<std::string>())) + for(std::string p : get_list("srtp_profiles", std::vector<std::string>())) { - r.push_back(to_u32bit(p)); + r.push_back(to_uint16(p)); } return r; } diff --git a/src/lib/tls/tls_record.cpp b/src/lib/tls/tls_record.cpp index 71251398b..4986a7103 100644 --- a/src/lib/tls/tls_record.cpp +++ b/src/lib/tls/tls_record.cpp @@ -202,7 +202,7 @@ namespace { inline void append_u16_len(secure_vector<uint8_t>& output, size_t len_field) { - const uint16_t len16 = len_field; + const uint16_t len16 = static_cast<uint16_t>(len_field); BOTAN_ASSERT_EQUAL(len_field, len16, "No truncation"); output.push_back(get_byte(0, len16)); output.push_back(get_byte(1, len16)); @@ -305,7 +305,10 @@ void decrypt_record(secure_vector<uint8_t>& output, const size_t ptext_size = aead->output_length(msg_length); aead->set_associated_data_vec( - cs.format_ad(record_sequence, record_type, record_version, static_cast<uint16_t>(ptext_size)) + cs.format_ad(record_sequence, + static_cast<uint8_t>(record_type), + record_version, + static_cast<uint16_t>(ptext_size)) ); aead->start(nonce); diff --git a/src/lib/tls/tls_seq_numbers.h b/src/lib/tls/tls_seq_numbers.h index ece329494..c5741b998 100644 --- a/src/lib/tls/tls_seq_numbers.h +++ b/src/lib/tls/tls_seq_numbers.h @@ -102,7 +102,7 @@ class Datagram_Sequence_Numbers final : public Connection_Sequence_Numbers if(sequence > m_window_highest) { - const size_t offset = sequence - m_window_highest; + const uint64_t offset = sequence - m_window_highest; m_window_highest += offset; if(offset >= window_size) diff --git a/src/lib/utils/ct_utils.h b/src/lib/utils/ct_utils.h index 68bd01c94..709b6d9e5 100644 --- a/src/lib/utils/ct_utils.h +++ b/src/lib/utils/ct_utils.h @@ -115,7 +115,7 @@ inline T is_zero(T x) template<typename T> inline T is_equal(T x, T y) { - return is_zero(x ^ y); + return is_zero<T>(x ^ y); } template<typename T> diff --git a/src/lib/utils/data_src.cpp b/src/lib/utils/data_src.cpp index 0e9fd0e33..078d3f2ea 100644 --- a/src/lib/utils/data_src.cpp +++ b/src/lib/utils/data_src.cpp @@ -110,7 +110,7 @@ size_t DataSource_Stream::read(uint8_t out[], size_t length) if(m_source.bad()) throw Stream_IO_Error("DataSource_Stream::read: Source failure"); - size_t got = m_source.gcount(); + const size_t got = static_cast<size_t>(m_source.gcount()); m_total_read += got; return got; } @@ -119,7 +119,7 @@ bool DataSource_Stream::check_available(size_t n) { const std::streampos orig_pos = m_source.tellg(); m_source.seekg(0, std::ios::end); - const size_t avail = m_source.tellg() - orig_pos; + const size_t avail = static_cast<size_t>(m_source.tellg() - orig_pos); m_source.seekg(orig_pos); return (avail >= n); } @@ -140,7 +140,7 @@ size_t DataSource_Stream::peek(uint8_t out[], size_t length, size_t offset) cons m_source.read(reinterpret_cast<char*>(buf.data()), buf.size()); if(m_source.bad()) throw Stream_IO_Error("DataSource_Stream::peek: Source failure"); - got = m_source.gcount(); + got = static_cast<size_t>(m_source.gcount()); } if(got == offset) @@ -148,7 +148,7 @@ size_t DataSource_Stream::peek(uint8_t out[], size_t length, size_t offset) cons m_source.read(reinterpret_cast<char*>(out), length); if(m_source.bad()) throw Stream_IO_Error("DataSource_Stream::peek: Source failure"); - got = m_source.gcount(); + got = static_cast<size_t>(m_source.gcount()); } if(m_source.eof()) diff --git a/src/lib/utils/os_utils.cpp b/src/lib/utils/os_utils.cpp index 7bd9b842d..e887d6e76 100644 --- a/src/lib/utils/os_utils.cpp +++ b/src/lib/utils/os_utils.cpp @@ -51,12 +51,13 @@ uint64_t OS::get_processor_timestamp() #elif defined(BOTAN_USE_GCC_INLINE_ASM) #if defined(BOTAN_TARGET_CPU_IS_X86_FAMILY) - if(CPUID::has_rdtsc()) // not available on all x86 CPUs - { - uint32_t rtc_low = 0, rtc_high = 0; - asm volatile("rdtsc" : "=d" (rtc_high), "=a" (rtc_low)); - return (static_cast<uint64_t>(rtc_high) << 32) | rtc_low; - } + + if(CPUID::has_rdtsc() == false) + return 0; + + uint32_t rtc_low = 0, rtc_high = 0; + asm volatile("rdtsc" : "=d" (rtc_high), "=a" (rtc_low)); + return (static_cast<uint64_t>(rtc_high) << 32) | rtc_low; #elif defined(BOTAN_TARGET_ARCH_IS_PPC64) uint32_t rtc_low = 0, rtc_high = 0; @@ -99,11 +100,12 @@ uint64_t OS::get_processor_timestamp() #else //#warning "OS::get_processor_timestamp not implemented" + return 0; #endif -#endif - +#else return 0; +#endif } uint64_t OS::get_high_resolution_clock() diff --git a/src/lib/utils/parsing.cpp b/src/lib/utils/parsing.cpp index 7583767f0..e0173443f 100644 --- a/src/lib/utils/parsing.cpp +++ b/src/lib/utils/parsing.cpp @@ -17,37 +17,40 @@ namespace Botan { +uint16_t to_uint16(const std::string& str) + { + const uint32_t x = to_u32bit(str); + + if(x >> 16) + throw Invalid_Argument("Integer value exceeds 16 bit range"); + + return static_cast<uint16_t>(x); + } + uint32_t to_u32bit(const std::string& str) { - try + // std::stoul is not strict enough. Ensure that str is digit only [0-9]* + for(const char chr : str) { - // std::stoul is not strict enough. Ensure that str is digit only [0-9]* - for (const char chr : str) + if(chr < '0' || chr > '9') { - if (chr < '0' || chr > '9') - { - auto chrAsString = std::string(1, chr); - throw Invalid_Argument("String contains non-digit char: " + chrAsString); - } + std::string chrAsString(1, chr); + throw Invalid_Argument("String contains non-digit char: " + chrAsString); } + } - const auto integerValue = std::stoul(str); + const unsigned long int x = std::stoul(str); - // integerValue might be uint64 - if (integerValue > std::numeric_limits<uint32_t>::max()) + if(sizeof(unsigned long int) > 4) + { + // x might be uint64 + if (x > std::numeric_limits<uint32_t>::max()) { - throw Invalid_Argument("Integer value exceeds 32 bit range: " + std::to_string(integerValue)); + throw Invalid_Argument("Integer value of " + str + " exceeds 32 bit range"); } - - return integerValue; - } - catch(std::exception& e) - { - auto message = std::string("Could not read '" + str + "' as decimal string"); - auto exceptionMessage = std::string(e.what()); - if (!exceptionMessage.empty()) message += ": " + exceptionMessage; - throw Exception(message); } + + return static_cast<uint32_t>(x); } /* diff --git a/src/lib/utils/parsing.h b/src/lib/utils/parsing.h index 71f349126..f4936bd68 100644 --- a/src/lib/utils/parsing.h +++ b/src/lib/utils/parsing.h @@ -105,6 +105,13 @@ BOTAN_DLL bool x500_name_cmp(const std::string& name1, BOTAN_DLL uint32_t to_u32bit(const std::string& str); /** +* Convert a string to a number +* @param str the string to convert +* @return number value of the string +*/ +BOTAN_DLL uint16_t to_uint16(const std::string& str); + +/** * Convert a time specification to a number * @param timespec the time specification * @return number of seconds represented by timespec diff --git a/src/lib/x509/x509path.cpp b/src/lib/x509/x509path.cpp index a06df2460..beb04ea07 100644 --- a/src/lib/x509/x509path.cpp +++ b/src/lib/x509/x509path.cpp @@ -183,7 +183,7 @@ PKIX::check_ocsp(const std::vector<std::shared_ptr<const X509_Certificate>>& cer status.insert(ocsp_signature_status); } } - catch(Exception& e) + catch(Exception&) { status.insert(Certificate_Status_Code::OCSP_RESPONSE_INVALID); } @@ -412,7 +412,7 @@ PKIX::check_crl_online(const std::vector<std::shared_ptr<const X509_Certificate> crls[i] = future_crls[i].get(); } } - catch(std::exception& e) + catch(std::exception&) { // crls[i] left null } diff --git a/src/tests/test_ffi.cpp b/src/tests/test_ffi.cpp index d94fae7ba..41fa3a044 100644 --- a/src/tests/test_ffi.cpp +++ b/src/tests/test_ffi.cpp @@ -816,7 +816,7 @@ class FFI_Unit_Tests : public Test uint32_t x_32; TEST_FFI_OK(botan_mp_to_uint32, (x, &x_32)); - result.test_eq("botan_mp_to_uint32", x, 0x103); + result.test_eq("botan_mp_to_uint32", x, static_cast<size_t>(0x103)); TEST_FFI_RC(1, botan_mp_get_bit, (x, 1)); TEST_FFI_RC(0, botan_mp_get_bit, (x, 87)); @@ -1444,7 +1444,7 @@ class FFI_Unit_Tests : public Test TEST_FFI_OK(botan_pk_op_sign_destroy, (signer)); } - botan_pk_op_verify_t verifier; + botan_pk_op_verify_t verifier = nullptr; if(signature.size() > 0 && TEST_FFI_OK(botan_pk_op_verify_create, (&verifier, pub, sm2_ident.c_str(), 0))) { diff --git a/src/tests/test_gf2m.cpp b/src/tests/test_gf2m.cpp index c8110034e..9bb572c4e 100644 --- a/src/tests/test_gf2m.cpp +++ b/src/tests/test_gf2m.cpp @@ -45,7 +45,7 @@ class GF2m_Tests : public Test for(size_t i = 0; i <= field.gf_ord(); ++i) { - gf2m a = i; + gf2m a = static_cast<gf2m>(i); result.test_eq("square vs multiply", static_cast<size_t>(field.gf_square(a)), diff --git a/src/tests/test_pkcs11_high_level.cpp b/src/tests/test_pkcs11_high_level.cpp index ca15082bb..7422aed84 100644 --- a/src/tests/test_pkcs11_high_level.cpp +++ b/src/tests/test_pkcs11_high_level.cpp @@ -811,7 +811,7 @@ Test::Result test_rsa_encrypt_decrypt() }; std::vector<uint8_t> plaintext(256); - std::iota(std::begin(plaintext), std::end(plaintext), 0); + std::iota(std::begin(plaintext), std::end(plaintext), static_cast<uint8_t>(0)); encrypt_and_decrypt(plaintext, "Raw"); plaintext = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x00 }; @@ -834,7 +834,7 @@ Test::Result test_rsa_sign_verify() PKCS11_RSA_KeyPair keypair = generate_rsa_keypair(test_session); std::vector<uint8_t> plaintext(256); - std::iota(std::begin(plaintext), std::end(plaintext), 0); + std::iota(std::begin(plaintext), std::end(plaintext), static_cast<uint8_t>(0)); auto sign_and_verify = [&keypair, &plaintext, &result](std::string const& emsa, bool multipart) { diff --git a/src/tests/test_tss.cpp b/src/tests/test_tss.cpp index 01e0da92f..d9e860726 100644 --- a/src/tests/test_tss.cpp +++ b/src/tests/test_tss.cpp @@ -28,7 +28,7 @@ class TSS_Tests : public Test Test::Result result("TSS"); uint8_t id[16]; - std::iota(id, id + sizeof(id), 0); + std::iota(id, id + sizeof(id), static_cast<uint8_t>(0)); const std::vector<uint8_t> S = Botan::hex_decode("7465737400"); |