aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/cli/credentials.h6
-rw-r--r--src/cli/timing_tests.cpp4
-rw-r--r--src/cli/utils.cpp10
-rw-r--r--src/lib/asn1/asn1_oid.cpp6
-rw-r--r--src/lib/asn1/der_enc.cpp2
-rw-r--r--src/lib/block/cast/cast128.cpp6
-rw-r--r--src/lib/block/idea/idea.cpp2
-rw-r--r--src/lib/ffi/ffi_cipher.cpp2
-rw-r--r--src/lib/ffi/ffi_kdf.cpp4
-rw-r--r--src/lib/filters/pipe_io.cpp5
-rw-r--r--src/lib/hash/par_hash/par_hash.cpp2
-rw-r--r--src/lib/hash/streebog/streebog.cpp12
-rw-r--r--src/lib/mac/hmac/hmac.cpp7
-rw-r--r--src/lib/mac/siphash/siphash.cpp3
-rw-r--r--src/lib/math/numbertheory/powm_fw.cpp2
-rw-r--r--src/lib/math/numbertheory/powm_mnt.cpp2
-rw-r--r--src/lib/misc/rfc3394/rfc3394.cpp4
-rw-r--r--src/lib/modes/aead/ccm/ccm.cpp5
-rw-r--r--src/lib/modes/mode_pad/mode_pad.cpp12
-rw-r--r--src/lib/passhash/bcrypt/bcrypt.cpp2
-rw-r--r--src/lib/pbkdf/pgp_s2k/pgp_s2k.cpp4
-rw-r--r--src/lib/pubkey/dl_algo/dl_algo.cpp2
-rw-r--r--src/lib/pubkey/ecdh/ecdh.h2
-rw-r--r--src/lib/pubkey/mce/gf2m_small_m.h2
-rw-r--r--src/lib/pubkey/mce/mce_workfactor.cpp2
-rw-r--r--src/lib/pubkey/pbes2/pbes2.cpp4
-rw-r--r--src/lib/pubkey/xmss/xmss_address.h2
-rw-r--r--src/lib/pubkey/xmss/xmss_verification_operation.cpp2
-rw-r--r--src/lib/tls/tls_cbc/tls_cbc.cpp10
-rw-r--r--src/lib/tls/tls_policy.h4
-rw-r--r--src/lib/tls/tls_record.cpp7
-rw-r--r--src/lib/tls/tls_seq_numbers.h2
-rw-r--r--src/lib/utils/ct_utils.h2
-rw-r--r--src/lib/utils/data_src.cpp8
-rw-r--r--src/lib/utils/os_utils.cpp18
-rw-r--r--src/lib/utils/parsing.cpp45
-rw-r--r--src/lib/utils/parsing.h7
-rw-r--r--src/lib/x509/x509path.cpp4
-rw-r--r--src/tests/test_ffi.cpp4
-rw-r--r--src/tests/test_gf2m.cpp2
-rw-r--r--src/tests/test_pkcs11_high_level.cpp4
-rw-r--r--src/tests/test_tss.cpp2
42 files changed, 136 insertions, 101 deletions
diff --git a/src/cli/credentials.h b/src/cli/credentials.h
index 99733e42b..3b7a177fc 100644
--- a/src/cli/credentials.h
+++ b/src/cli/credentials.h
@@ -50,9 +50,8 @@ class Basic_Credentials_Manager : public Botan::Credentials_Manager
{
cert.certs.push_back(Botan::X509_Certificate(in));
}
- catch(std::exception& e)
+ catch(std::exception&)
{
-
}
}
@@ -74,9 +73,8 @@ class Basic_Credentials_Manager : public Botan::Credentials_Manager
m_certstores.push_back(cs);
}
}
- catch(std::exception& e)
+ catch(std::exception&)
{
- //std::cout << e.what() << "\n";
}
}
diff --git a/src/cli/timing_tests.cpp b/src/cli/timing_tests.cpp
index 4e90751ff..511eac8bc 100644
--- a/src/cli/timing_tests.cpp
+++ b/src/cli/timing_tests.cpp
@@ -156,7 +156,7 @@ class Manger_Timing_Test : public Timing_Test
{
m_dec.decrypt(input.data(), m_ctext_length);
}
- catch(Botan::Decoding_Error& e)
+ catch(Botan::Decoding_Error&)
{
}
ticks end = get_ticks();
@@ -229,7 +229,7 @@ ticks Lucky13_Timing_Test::measure_critical_function(std::vector<uint8_t> input)
{
m_dec.finish(data);
}
- catch(Botan::TLS::TLS_Exception& e)
+ catch(Botan::TLS::TLS_Exception&)
{
}
ticks end = get_ticks();
diff --git a/src/cli/utils.cpp b/src/cli/utils.cpp
index 2bf03c760..63e0fc7d6 100644
--- a/src/cli/utils.cpp
+++ b/src/cli/utils.cpp
@@ -328,7 +328,15 @@ class Generate_Bcrypt final : public Command
const std::string password = get_arg("password");
const size_t wf = get_arg_sz("work-factor");
- output() << Botan::generate_bcrypt(password, rng(), wf) << "\n";
+ if(wf < 4 || wf > 18)
+ {
+ error_output() << "Invalid bcrypt work factor\n";
+ }
+ else
+ {
+ const uint16_t wf16 = static_cast<uint16_t>(wf);
+ output() << Botan::generate_bcrypt(password, rng(), wf16) << "\n";
+ }
}
};
diff --git a/src/lib/asn1/asn1_oid.cpp b/src/lib/asn1/asn1_oid.cpp
index d9436e6d9..7c7161f47 100644
--- a/src/lib/asn1/asn1_oid.cpp
+++ b/src/lib/asn1/asn1_oid.cpp
@@ -130,7 +130,11 @@ void OID::encode_into(DER_Encoder& der) const
throw Invalid_Argument("OID::encode_into: OID is invalid");
std::vector<uint8_t> encoding;
- encoding.push_back(40 * m_id[0] + m_id[1]);
+
+ if(m_id[0] > 2 || m_id[1] >= 40)
+ throw Encoding_Error("Invalid OID prefix, cannot encode");
+
+ encoding.push_back(static_cast<uint8_t>(40 * m_id[0] + m_id[1]));
for(size_t i = 2; i != m_id.size(); ++i)
{
diff --git a/src/lib/asn1/der_enc.cpp b/src/lib/asn1/der_enc.cpp
index 071e330ff..31955e915 100644
--- a/src/lib/asn1/der_enc.cpp
+++ b/src/lib/asn1/der_enc.cpp
@@ -36,7 +36,7 @@ secure_vector<uint8_t> encode_tag(ASN1_Tag type_tag, ASN1_Tag class_tag)
BOTAN_ASSERT(blocks > 0, "Math works");
- encoded_tag.push_back(class_tag | 0x1F);
+ encoded_tag.push_back(static_cast<uint8_t>(class_tag | 0x1F));
for(size_t i = 0; i != blocks - 1; ++i)
encoded_tag.push_back(0x80 | ((type_tag >> 7*(blocks-i-1)) & 0x7F));
encoded_tag.push_back(type_tag & 0x7F);
diff --git a/src/lib/block/cast/cast128.cpp b/src/lib/block/cast/cast128.cpp
index d955dfeef..26076e128 100644
--- a/src/lib/block/cast/cast128.cpp
+++ b/src/lib/block/cast/cast128.cpp
@@ -323,7 +323,11 @@ void CAST_128::cast_ks(secure_vector<uint32_t>& K,
class ByteReader
{
public:
- uint8_t operator()(size_t i) { return (m_X[i/4] >> (8*(3 - (i%4)))); }
+ uint8_t operator()(size_t i) const
+ {
+ return static_cast<uint8_t>(m_X[i/4] >> (8*(3 - (i%4))));
+ }
+
explicit ByteReader(const uint32_t* x) : m_X(x) {}
private:
const uint32_t* m_X;
diff --git a/src/lib/block/idea/idea.cpp b/src/lib/block/idea/idea.cpp
index 2be15be2e..4795a126a 100644
--- a/src/lib/block/idea/idea.cpp
+++ b/src/lib/block/idea/idea.cpp
@@ -26,7 +26,7 @@ inline uint16_t mul(uint16_t x, uint16_t y)
const uint32_t P_hi = P >> 16;
const uint32_t P_lo = P & 0xFFFF;
- const uint16_t r_1 = (P_lo - P_hi) + (P_lo < P_hi);
+ const uint16_t r_1 = static_cast<uint16_t>((P_lo - P_hi) + (P_lo < P_hi));
const uint16_t r_2 = 1 - x - y;
return CT::select(Z_mask, r_1, r_2);
diff --git a/src/lib/ffi/ffi_cipher.cpp b/src/lib/ffi/ffi_cipher.cpp
index 6bb45dec8..72fa2eec8 100644
--- a/src/lib/ffi/ffi_cipher.cpp
+++ b/src/lib/ffi/ffi_cipher.cpp
@@ -100,7 +100,7 @@ int botan_cipher_update(botan_cipher_t cipher_obj,
{
cipher.finish(mbuf);
}
- catch(Integrity_Failure& e)
+ catch(Integrity_Failure&)
{
return BOTAN_FFI_ERROR_BAD_MAC;
}
diff --git a/src/lib/ffi/ffi_kdf.cpp b/src/lib/ffi/ffi_kdf.cpp
index 058c4c655..1a4c40893 100644
--- a/src/lib/ffi/ffi_kdf.cpp
+++ b/src/lib/ffi/ffi_kdf.cpp
@@ -72,11 +72,11 @@ int botan_bcrypt_generate(uint8_t* out, size_t* out_len,
if(flags != 0)
return BOTAN_FFI_ERROR_BAD_FLAG;
- if(wf < 2 || wf > 30)
+ if(wf < 4 || wf > 18)
throw FFI_Error("Bad bcrypt work factor " + std::to_string(wf));
Botan::RandomNumberGenerator& rng = safe_get(rng_obj);
- const std::string bcrypt = Botan::generate_bcrypt(pass, rng, wf);
+ const std::string bcrypt = Botan::generate_bcrypt(pass, rng, static_cast<uint16_t>(wf));
return write_str_output(out, out_len, bcrypt);
});
#else
diff --git a/src/lib/filters/pipe_io.cpp b/src/lib/filters/pipe_io.cpp
index b1787a5a8..5367acba9 100644
--- a/src/lib/filters/pipe_io.cpp
+++ b/src/lib/filters/pipe_io.cpp
@@ -18,7 +18,7 @@ std::ostream& operator<<(std::ostream& stream, Pipe& pipe)
secure_vector<uint8_t> buffer(DEFAULT_BUFFERSIZE);
while(stream.good() && pipe.remaining())
{
- size_t got = pipe.read(buffer.data(), buffer.size());
+ const size_t got = pipe.read(buffer.data(), buffer.size());
stream.write(reinterpret_cast<const char*>(buffer.data()), got);
}
if(!stream.good())
@@ -35,7 +35,8 @@ std::istream& operator>>(std::istream& stream, Pipe& pipe)
while(stream.good())
{
stream.read(reinterpret_cast<char*>(buffer.data()), buffer.size());
- pipe.write(buffer.data(), stream.gcount());
+ const size_t got = static_cast<size_t>(stream.gcount());
+ pipe.write(buffer.data(), got);
}
if(stream.bad() || (stream.fail() && !stream.eof()))
throw Stream_IO_Error("Pipe input operator (iostream) has failed");
diff --git a/src/lib/hash/par_hash/par_hash.cpp b/src/lib/hash/par_hash/par_hash.cpp
index af43d6d97..a0297dfe8 100644
--- a/src/lib/hash/par_hash/par_hash.cpp
+++ b/src/lib/hash/par_hash/par_hash.cpp
@@ -18,7 +18,7 @@ void Parallel::add_data(const uint8_t input[], size_t length)
void Parallel::final_result(uint8_t out[])
{
- uint32_t offset = 0;
+ size_t offset = 0;
for(auto&& hash : m_hashes)
{
diff --git a/src/lib/hash/streebog/streebog.cpp b/src/lib/hash/streebog/streebog.cpp
index c58320bca..ae2fe1fef 100644
--- a/src/lib/hash/streebog/streebog.cpp
+++ b/src/lib/hash/streebog/streebog.cpp
@@ -115,12 +115,10 @@ void Streebog::clear()
m_count = 0;
m_position = 0;
zeroise(m_buffer);
- if(m_output_bits == 256)
- { std::fill(m_h.begin(), m_h.end(), 0x0101010101010101ULL); }
- else
- { std::fill(m_h.begin(), m_h.end(), 0x0ULL); }
-
zeroise(m_S);
+
+ const uint64_t fill = (m_output_bits == 512) ? 0 : 0x0101010101010101;
+ std::fill(m_h.begin(), m_h.end(), fill);
}
/*
@@ -148,7 +146,9 @@ void Streebog::add_data(const uint8_t input[], size_t length)
void Streebog::final_result(uint8_t output[])
{
m_buffer[m_position++] = 0x01;
- std::fill(m_buffer.begin() + m_position, m_buffer.end(), 0x00);
+
+ if(m_position != m_buffer.size())
+ clear_mem(&m_buffer[m_position], m_buffer.size() - m_position);
compress(m_buffer.data());
m_count += (m_position - 1) * 8;
diff --git a/src/lib/mac/hmac/hmac.cpp b/src/lib/mac/hmac/hmac.cpp
index aeadf4520..32f62f0c2 100644
--- a/src/lib/mac/hmac/hmac.cpp
+++ b/src/lib/mac/hmac/hmac.cpp
@@ -40,8 +40,11 @@ void HMAC::key_schedule(const uint8_t key[], size_t length)
m_ikey.resize(m_hash->hash_block_size());
m_okey.resize(m_hash->hash_block_size());
- std::fill(m_ikey.begin(), m_ikey.end(), 0x36);
- std::fill(m_okey.begin(), m_okey.end(), 0x5C);
+ const uint8_t ipad = 0x36;
+ const uint8_t opad = 0x5C;
+
+ std::fill(m_ikey.begin(), m_ikey.end(), ipad);
+ std::fill(m_okey.begin(), m_okey.end(), opad);
if(length > m_hash->hash_block_size())
{
diff --git a/src/lib/mac/siphash/siphash.cpp b/src/lib/mac/siphash/siphash.cpp
index c6ef68889..54adcd5a5 100644
--- a/src/lib/mac/siphash/siphash.cpp
+++ b/src/lib/mac/siphash/siphash.cpp
@@ -39,7 +39,8 @@ void SipRounds(uint64_t M, secure_vector<uint64_t>& V, size_t r)
void SipHash::add_data(const uint8_t input[], size_t length)
{
- m_words += length;
+ // SipHash counts the message length mod 256
+ m_words += static_cast<uint8_t>(length);
if(m_mbuf_pos)
{
diff --git a/src/lib/math/numbertheory/powm_fw.cpp b/src/lib/math/numbertheory/powm_fw.cpp
index 770f345c6..ea3f5ecf0 100644
--- a/src/lib/math/numbertheory/powm_fw.cpp
+++ b/src/lib/math/numbertheory/powm_fw.cpp
@@ -26,7 +26,7 @@ void Fixed_Window_Exponentiator::set_base(const BigInt& base)
{
m_window_bits = Power_Mod::window_bits(m_exp.bits(), base.bits(), m_hints);
- m_g.resize((1 << m_window_bits));
+ m_g.resize((1U << m_window_bits));
m_g[0] = 1;
m_g[1] = base;
diff --git a/src/lib/math/numbertheory/powm_mnt.cpp b/src/lib/math/numbertheory/powm_mnt.cpp
index e45816950..7e5c0be55 100644
--- a/src/lib/math/numbertheory/powm_mnt.cpp
+++ b/src/lib/math/numbertheory/powm_mnt.cpp
@@ -28,7 +28,7 @@ void Montgomery_Exponentiator::set_base(const BigInt& base)
{
m_window_bits = Power_Mod::window_bits(m_exp.bits(), base.bits(), m_hints);
- m_g.resize((1 << m_window_bits));
+ m_g.resize((1U << m_window_bits));
BigInt z(BigInt::Positive, 2 * (m_mod_words + 1));
secure_vector<word> workspace(z.size());
diff --git a/src/lib/misc/rfc3394/rfc3394.cpp b/src/lib/misc/rfc3394/rfc3394.cpp
index 2ec49ac65..3bb792723 100644
--- a/src/lib/misc/rfc3394/rfc3394.cpp
+++ b/src/lib/misc/rfc3394/rfc3394.cpp
@@ -39,7 +39,7 @@ secure_vector<uint8_t> rfc3394_keywrap(const secure_vector<uint8_t>& key,
{
for(size_t i = 1; i <= n; ++i)
{
- const uint32_t t = (n * j) + i;
+ const uint32_t t = static_cast<uint32_t>((n * j) + i);
copy_mem(&A[8], &R[8*i], 8);
@@ -84,7 +84,7 @@ secure_vector<uint8_t> rfc3394_keyunwrap(const secure_vector<uint8_t>& key,
{
for(size_t i = n; i != 0; --i)
{
- const uint32_t t = (5 - j) * n + i;
+ const uint32_t t = static_cast<uint32_t>((5 - j) * n + i);
uint8_t t_buf[4] = { 0 };
store_be(t, t_buf);
diff --git a/src/lib/modes/aead/ccm/ccm.cpp b/src/lib/modes/aead/ccm/ccm.cpp
index db0d2d58b..b7f81e5ab 100644
--- a/src/lib/modes/aead/ccm/ccm.cpp
+++ b/src/lib/modes/aead/ccm/ccm.cpp
@@ -136,7 +136,8 @@ secure_vector<uint8_t> CCM_Mode::format_b0(size_t sz)
{
secure_vector<uint8_t> B0(CCM_BS);
- const uint8_t b_flags = (m_ad_buf.size() ? 64 : 0) + (((tag_size()/2)-1) << 3) + (L()-1);
+ const uint8_t b_flags =
+ static_cast<uint8_t>((m_ad_buf.size() ? 64 : 0) + (((tag_size()/2)-1) << 3) + (L()-1));
B0[0] = b_flags;
copy_mem(&B0[1], m_nonce.data(), m_nonce.size());
@@ -149,7 +150,7 @@ secure_vector<uint8_t> CCM_Mode::format_c0()
{
secure_vector<uint8_t> C(CCM_BS);
- const uint8_t a_flags = L()-1;
+ const uint8_t a_flags = static_cast<uint8_t>(L() - 1);
C[0] = a_flags;
copy_mem(&C[1], m_nonce.data(), m_nonce.size());
diff --git a/src/lib/modes/mode_pad/mode_pad.cpp b/src/lib/modes/mode_pad/mode_pad.cpp
index afcce786d..f93b2dccc 100644
--- a/src/lib/modes/mode_pad/mode_pad.cpp
+++ b/src/lib/modes/mode_pad/mode_pad.cpp
@@ -57,13 +57,13 @@ size_t PKCS7_Padding::unpad(const uint8_t block[], size_t size) const
size_t bad_input = 0;
const uint8_t last_byte = block[size-1];
- bad_input |= CT::expand_mask(last_byte > size);
+ bad_input |= CT::expand_mask<size_t>(last_byte > size);
size_t pad_pos = size - last_byte;
size_t i = size - 2;
while(i)
{
- bad_input |= ~CT::is_equal(block[i],last_byte) & CT::expand_mask(i >= pad_pos);
+ bad_input |= (~CT::is_equal(block[i],last_byte)) & CT::expand_mask<uint8_t>(i >= pad_pos);
--i;
}
@@ -98,13 +98,13 @@ size_t ANSI_X923_Padding::unpad(const uint8_t block[], size_t size) const
size_t bad_input = 0;
const size_t last_byte = block[size-1];
- bad_input |= CT::expand_mask(last_byte > size);
+ bad_input |= CT::expand_mask<size_t>(last_byte > size);
size_t pad_pos = size - last_byte;
size_t i = size - 2;
while(i)
{
- bad_input |= ~CT::is_zero(block[i]) & CT::expand_mask(i >= pad_pos);
+ bad_input |= (~CT::is_zero(block[i])) & CT::expand_mask<uint8_t>(i >= pad_pos);
--i;
}
CT::conditional_copy_mem(bad_input,&pad_pos,&size,&pad_pos,1);
@@ -177,13 +177,13 @@ size_t ESP_Padding::unpad(const uint8_t block[], size_t size) const
const size_t last_byte = block[size-1];
size_t bad_input = 0;
- bad_input |= CT::expand_mask(last_byte > size);
+ bad_input |= CT::expand_mask<size_t>(last_byte > size);
size_t pad_pos = size - last_byte;
size_t i = size - 1;
while(i)
{
- bad_input |= ~CT::is_equal<size_t>(size_t(block[i-1]),size_t(block[i])-1) & CT::expand_mask(i > pad_pos);
+ bad_input |= ~CT::is_equal<uint8_t>(size_t(block[i-1]),size_t(block[i])-1) & CT::expand_mask<uint8_t>(i > pad_pos);
--i;
}
CT::conditional_copy_mem(bad_input,&pad_pos,&size,&pad_pos,1);
diff --git a/src/lib/passhash/bcrypt/bcrypt.cpp b/src/lib/passhash/bcrypt/bcrypt.cpp
index 8cea34a97..4f3cda2ae 100644
--- a/src/lib/passhash/bcrypt/bcrypt.cpp
+++ b/src/lib/passhash/bcrypt/bcrypt.cpp
@@ -138,7 +138,7 @@ bool check_bcrypt(const std::string& pass, const std::string& hash)
return false;
}
- const uint16_t workfactor = to_u32bit(hash.substr(4, 2));
+ const uint16_t workfactor = to_uint16(hash.substr(4, 2));
const std::vector<uint8_t> salt = bcrypt_base64_decode(hash.substr(7, 22));
if(salt.size() != 16)
diff --git a/src/lib/pbkdf/pgp_s2k/pgp_s2k.cpp b/src/lib/pbkdf/pgp_s2k/pgp_s2k.cpp
index 21edb6afc..f298bb3e4 100644
--- a/src/lib/pbkdf/pgp_s2k/pgp_s2k.cpp
+++ b/src/lib/pbkdf/pgp_s2k/pgp_s2k.cpp
@@ -57,9 +57,9 @@ uint8_t OpenPGP_S2K::encode_count(size_t desired_iterations)
*/
for(size_t c = 0; c < 256; ++c)
{
- size_t decoded_iter = OPENPGP_S2K_ITERS[c];
+ const uint32_t decoded_iter = OPENPGP_S2K_ITERS[c];
if(decoded_iter >= desired_iterations)
- return c;
+ return static_cast<uint8_t>(c);
}
return 255;
diff --git a/src/lib/pubkey/dl_algo/dl_algo.cpp b/src/lib/pubkey/dl_algo/dl_algo.cpp
index 1c4fc5177..4f0e38e9f 100644
--- a/src/lib/pubkey/dl_algo/dl_algo.cpp
+++ b/src/lib/pubkey/dl_algo/dl_algo.cpp
@@ -76,7 +76,7 @@ bool DL_Scheme_PublicKey::check_key(RandomNumberGenerator& rng,
if(power_mod(m_y, q, p) != 1)
return false;
}
- catch(const Invalid_State& e)
+ catch(const Invalid_State&)
{
return true;
}
diff --git a/src/lib/pubkey/ecdh/ecdh.h b/src/lib/pubkey/ecdh/ecdh.h
index f6ffb0a6e..baa3f6f94 100644
--- a/src/lib/pubkey/ecdh/ecdh.h
+++ b/src/lib/pubkey/ecdh/ecdh.h
@@ -54,7 +54,7 @@ class BOTAN_DLL ECDH_PublicKey : public virtual EC_PublicKey
* @return public point value
*/
std::vector<uint8_t> public_value(PointGFp::Compression_Type type) const
- { return unlock(EC2OSP(public_point(), type)); }
+ { return unlock(EC2OSP(public_point(), static_cast<uint8_t>(type))); }
protected:
ECDH_PublicKey() = default;
diff --git a/src/lib/pubkey/mce/gf2m_small_m.h b/src/lib/pubkey/mce/gf2m_small_m.h
index d49325def..d8c5f5b8f 100644
--- a/src/lib/pubkey/mce/gf2m_small_m.h
+++ b/src/lib/pubkey/mce/gf2m_small_m.h
@@ -203,7 +203,7 @@ class BOTAN_DLL GF2m_Field
when 0 <= d < q, we get (d)
when q <= d < 2q-1, we get (d-q+1)
*/
- return (((d) & gf_ord()) + ((d) >> get_extension_degree()));
+ return static_cast<gf2m>(((d) & gf_ord()) + ((d) >> get_extension_degree()));
}
gf2m m_gf_extension_degree, m_gf_multiplicative_order;
diff --git a/src/lib/pubkey/mce/mce_workfactor.cpp b/src/lib/pubkey/mce/mce_workfactor.cpp
index 51cfcc269..f1dddeee9 100644
--- a/src/lib/pubkey/mce/mce_workfactor.cpp
+++ b/src/lib/pubkey/mce/mce_workfactor.cpp
@@ -106,7 +106,7 @@ size_t mceliece_work_factor(size_t n, size_t t)
min = std::min(min, lwf);
}
- return min;
+ return static_cast<size_t>(min);
}
}
diff --git a/src/lib/pubkey/pbes2/pbes2.cpp b/src/lib/pubkey/pbes2/pbes2.cpp
index b0a7f336d..6bc7a23c3 100644
--- a/src/lib/pubkey/pbes2/pbes2.cpp
+++ b/src/lib/pubkey/pbes2/pbes2.cpp
@@ -125,7 +125,7 @@ pbes2_encrypt(const secure_vector<uint8_t>& key_bits,
const std::string& digest,
RandomNumberGenerator& rng)
{
- size_t msec_in_iterations_out = msec.count();
+ size_t msec_in_iterations_out = static_cast<size_t>(msec.count());
return pbes2_encrypt_shared(key_bits, passphrase, &msec_in_iterations_out, 0, cipher, digest, rng);
// return value msec_in_iterations_out discarded
}
@@ -139,7 +139,7 @@ pbes2_encrypt_msec(const secure_vector<uint8_t>& key_bits,
const std::string& digest,
RandomNumberGenerator& rng)
{
- size_t msec_in_iterations_out = msec.count();
+ size_t msec_in_iterations_out = static_cast<size_t>(msec.count());
auto ret = pbes2_encrypt_shared(key_bits, passphrase, &msec_in_iterations_out, 0, cipher, digest, rng);
diff --git a/src/lib/pubkey/xmss/xmss_address.h b/src/lib/pubkey/xmss/xmss_address.h
index 8a53d4e80..0ae0092a9 100644
--- a/src/lib/pubkey/xmss/xmss_address.h
+++ b/src/lib/pubkey/xmss/xmss_address.h
@@ -113,7 +113,7 @@ class XMSS_Address
void set_type(Type type)
{
m_data[15] = static_cast<uint8_t>(type);
- std::fill(m_data.begin() + 16, m_data.end(), 0);
+ std::fill(m_data.begin() + 16, m_data.end(), static_cast<uint8_t>(0));
}
/**
diff --git a/src/lib/pubkey/xmss/xmss_verification_operation.cpp b/src/lib/pubkey/xmss/xmss_verification_operation.cpp
index fe712d4c8..5f8c3a721 100644
--- a/src/lib/pubkey/xmss/xmss_verification_operation.cpp
+++ b/src/lib/pubkey/xmss/xmss_verification_operation.cpp
@@ -117,7 +117,7 @@ bool XMSS_Verification_Operation::is_valid_signature(const uint8_t sig[],
m_msg_buf.clear();
return result;
}
- catch(Integrity_Failure& e)
+ catch(Integrity_Failure&)
{
m_msg_buf.clear();
return false;
diff --git a/src/lib/tls/tls_cbc/tls_cbc.cpp b/src/lib/tls/tls_cbc/tls_cbc.cpp
index 9e178a457..e63893d75 100644
--- a/src/lib/tls/tls_cbc/tls_cbc.cpp
+++ b/src/lib/tls/tls_cbc/tls_cbc.cpp
@@ -134,8 +134,8 @@ void TLS_CBC_HMAC_AEAD_Encryption::set_associated_data(const uint8_t ad[], size_
if(use_encrypt_then_mac())
{
// AAD hack for EtM
- size_t pt_size = make_uint16(assoc_data()[11], assoc_data()[12]);
- size_t enc_size = round_up(iv_size() + pt_size + 1, block_size());
+ const uint16_t pt_size = make_uint16(assoc_data()[11], assoc_data()[12]);
+ const uint16_t enc_size = round_up(iv_size() + pt_size + 1, block_size());
assoc_data()[11] = get_byte<uint16_t>(0, enc_size);
assoc_data()[12] = get_byte<uint16_t>(1, enc_size);
}
@@ -344,11 +344,11 @@ void TLS_CBC_HMAC_AEAD_Decryption::perform_additional_compressions(size_t plen,
max_bytes_in_first_block = 55;
}
// number of maximum MACed bytes
- const uint16_t L1 = 13 + plen - tag_size();
+ const uint16_t L1 = static_cast<uint16_t>(13 + plen - tag_size());
// number of current MACed bytes (L1 - padlen)
// Here the Lucky 13 paper is different because the padlen length in the paper
// does not count the last message byte.
- const uint16_t L2 = 13 + plen - padlen - tag_size();
+ const uint16_t L2 = static_cast<uint16_t>(13 + plen - padlen - tag_size());
// From the paper, for SHA-256/SHA-1 compute: ceil((L1-55)/64) and ceil((L2-55)/64)
// ceil((L1-55)/64) = floor((L1+64-1-55)/64)
// Here we compute number of compressions for SHA-* in general
@@ -416,7 +416,7 @@ void TLS_CBC_HMAC_AEAD_Decryption::finish(secure_vector<uint8_t>& buffer, size_t
}
const uint8_t* plaintext_block = &record_contents[0];
- const uint16_t plaintext_length = enc_size - pad_size;
+ const size_t plaintext_length = enc_size - pad_size;
buffer.insert(buffer.end(), plaintext_block, plaintext_block + plaintext_length);
}
diff --git a/src/lib/tls/tls_policy.h b/src/lib/tls/tls_policy.h
index 6ddfff749..35d439399 100644
--- a/src/lib/tls/tls_policy.h
+++ b/src/lib/tls/tls_policy.h
@@ -526,9 +526,9 @@ class BOTAN_DLL Text_Policy : public Policy
std::vector<uint16_t> srtp_profiles() const override
{
std::vector<uint16_t> r;
- for(auto&& p : get_list("srtp_profiles", std::vector<std::string>()))
+ for(std::string p : get_list("srtp_profiles", std::vector<std::string>()))
{
- r.push_back(to_u32bit(p));
+ r.push_back(to_uint16(p));
}
return r;
}
diff --git a/src/lib/tls/tls_record.cpp b/src/lib/tls/tls_record.cpp
index 71251398b..4986a7103 100644
--- a/src/lib/tls/tls_record.cpp
+++ b/src/lib/tls/tls_record.cpp
@@ -202,7 +202,7 @@ namespace {
inline void append_u16_len(secure_vector<uint8_t>& output, size_t len_field)
{
- const uint16_t len16 = len_field;
+ const uint16_t len16 = static_cast<uint16_t>(len_field);
BOTAN_ASSERT_EQUAL(len_field, len16, "No truncation");
output.push_back(get_byte(0, len16));
output.push_back(get_byte(1, len16));
@@ -305,7 +305,10 @@ void decrypt_record(secure_vector<uint8_t>& output,
const size_t ptext_size = aead->output_length(msg_length);
aead->set_associated_data_vec(
- cs.format_ad(record_sequence, record_type, record_version, static_cast<uint16_t>(ptext_size))
+ cs.format_ad(record_sequence,
+ static_cast<uint8_t>(record_type),
+ record_version,
+ static_cast<uint16_t>(ptext_size))
);
aead->start(nonce);
diff --git a/src/lib/tls/tls_seq_numbers.h b/src/lib/tls/tls_seq_numbers.h
index ece329494..c5741b998 100644
--- a/src/lib/tls/tls_seq_numbers.h
+++ b/src/lib/tls/tls_seq_numbers.h
@@ -102,7 +102,7 @@ class Datagram_Sequence_Numbers final : public Connection_Sequence_Numbers
if(sequence > m_window_highest)
{
- const size_t offset = sequence - m_window_highest;
+ const uint64_t offset = sequence - m_window_highest;
m_window_highest += offset;
if(offset >= window_size)
diff --git a/src/lib/utils/ct_utils.h b/src/lib/utils/ct_utils.h
index 68bd01c94..709b6d9e5 100644
--- a/src/lib/utils/ct_utils.h
+++ b/src/lib/utils/ct_utils.h
@@ -115,7 +115,7 @@ inline T is_zero(T x)
template<typename T>
inline T is_equal(T x, T y)
{
- return is_zero(x ^ y);
+ return is_zero<T>(x ^ y);
}
template<typename T>
diff --git a/src/lib/utils/data_src.cpp b/src/lib/utils/data_src.cpp
index 0e9fd0e33..078d3f2ea 100644
--- a/src/lib/utils/data_src.cpp
+++ b/src/lib/utils/data_src.cpp
@@ -110,7 +110,7 @@ size_t DataSource_Stream::read(uint8_t out[], size_t length)
if(m_source.bad())
throw Stream_IO_Error("DataSource_Stream::read: Source failure");
- size_t got = m_source.gcount();
+ const size_t got = static_cast<size_t>(m_source.gcount());
m_total_read += got;
return got;
}
@@ -119,7 +119,7 @@ bool DataSource_Stream::check_available(size_t n)
{
const std::streampos orig_pos = m_source.tellg();
m_source.seekg(0, std::ios::end);
- const size_t avail = m_source.tellg() - orig_pos;
+ const size_t avail = static_cast<size_t>(m_source.tellg() - orig_pos);
m_source.seekg(orig_pos);
return (avail >= n);
}
@@ -140,7 +140,7 @@ size_t DataSource_Stream::peek(uint8_t out[], size_t length, size_t offset) cons
m_source.read(reinterpret_cast<char*>(buf.data()), buf.size());
if(m_source.bad())
throw Stream_IO_Error("DataSource_Stream::peek: Source failure");
- got = m_source.gcount();
+ got = static_cast<size_t>(m_source.gcount());
}
if(got == offset)
@@ -148,7 +148,7 @@ size_t DataSource_Stream::peek(uint8_t out[], size_t length, size_t offset) cons
m_source.read(reinterpret_cast<char*>(out), length);
if(m_source.bad())
throw Stream_IO_Error("DataSource_Stream::peek: Source failure");
- got = m_source.gcount();
+ got = static_cast<size_t>(m_source.gcount());
}
if(m_source.eof())
diff --git a/src/lib/utils/os_utils.cpp b/src/lib/utils/os_utils.cpp
index 7bd9b842d..e887d6e76 100644
--- a/src/lib/utils/os_utils.cpp
+++ b/src/lib/utils/os_utils.cpp
@@ -51,12 +51,13 @@ uint64_t OS::get_processor_timestamp()
#elif defined(BOTAN_USE_GCC_INLINE_ASM)
#if defined(BOTAN_TARGET_CPU_IS_X86_FAMILY)
- if(CPUID::has_rdtsc()) // not available on all x86 CPUs
- {
- uint32_t rtc_low = 0, rtc_high = 0;
- asm volatile("rdtsc" : "=d" (rtc_high), "=a" (rtc_low));
- return (static_cast<uint64_t>(rtc_high) << 32) | rtc_low;
- }
+
+ if(CPUID::has_rdtsc() == false)
+ return 0;
+
+ uint32_t rtc_low = 0, rtc_high = 0;
+ asm volatile("rdtsc" : "=d" (rtc_high), "=a" (rtc_low));
+ return (static_cast<uint64_t>(rtc_high) << 32) | rtc_low;
#elif defined(BOTAN_TARGET_ARCH_IS_PPC64)
uint32_t rtc_low = 0, rtc_high = 0;
@@ -99,11 +100,12 @@ uint64_t OS::get_processor_timestamp()
#else
//#warning "OS::get_processor_timestamp not implemented"
+ return 0;
#endif
-#endif
-
+#else
return 0;
+#endif
}
uint64_t OS::get_high_resolution_clock()
diff --git a/src/lib/utils/parsing.cpp b/src/lib/utils/parsing.cpp
index 7583767f0..e0173443f 100644
--- a/src/lib/utils/parsing.cpp
+++ b/src/lib/utils/parsing.cpp
@@ -17,37 +17,40 @@
namespace Botan {
+uint16_t to_uint16(const std::string& str)
+ {
+ const uint32_t x = to_u32bit(str);
+
+ if(x >> 16)
+ throw Invalid_Argument("Integer value exceeds 16 bit range");
+
+ return static_cast<uint16_t>(x);
+ }
+
uint32_t to_u32bit(const std::string& str)
{
- try
+ // std::stoul is not strict enough. Ensure that str is digit only [0-9]*
+ for(const char chr : str)
{
- // std::stoul is not strict enough. Ensure that str is digit only [0-9]*
- for (const char chr : str)
+ if(chr < '0' || chr > '9')
{
- if (chr < '0' || chr > '9')
- {
- auto chrAsString = std::string(1, chr);
- throw Invalid_Argument("String contains non-digit char: " + chrAsString);
- }
+ std::string chrAsString(1, chr);
+ throw Invalid_Argument("String contains non-digit char: " + chrAsString);
}
+ }
- const auto integerValue = std::stoul(str);
+ const unsigned long int x = std::stoul(str);
- // integerValue might be uint64
- if (integerValue > std::numeric_limits<uint32_t>::max())
+ if(sizeof(unsigned long int) > 4)
+ {
+ // x might be uint64
+ if (x > std::numeric_limits<uint32_t>::max())
{
- throw Invalid_Argument("Integer value exceeds 32 bit range: " + std::to_string(integerValue));
+ throw Invalid_Argument("Integer value of " + str + " exceeds 32 bit range");
}
-
- return integerValue;
- }
- catch(std::exception& e)
- {
- auto message = std::string("Could not read '" + str + "' as decimal string");
- auto exceptionMessage = std::string(e.what());
- if (!exceptionMessage.empty()) message += ": " + exceptionMessage;
- throw Exception(message);
}
+
+ return static_cast<uint32_t>(x);
}
/*
diff --git a/src/lib/utils/parsing.h b/src/lib/utils/parsing.h
index 71f349126..f4936bd68 100644
--- a/src/lib/utils/parsing.h
+++ b/src/lib/utils/parsing.h
@@ -105,6 +105,13 @@ BOTAN_DLL bool x500_name_cmp(const std::string& name1,
BOTAN_DLL uint32_t to_u32bit(const std::string& str);
/**
+* Convert a string to a number
+* @param str the string to convert
+* @return number value of the string
+*/
+BOTAN_DLL uint16_t to_uint16(const std::string& str);
+
+/**
* Convert a time specification to a number
* @param timespec the time specification
* @return number of seconds represented by timespec
diff --git a/src/lib/x509/x509path.cpp b/src/lib/x509/x509path.cpp
index a06df2460..beb04ea07 100644
--- a/src/lib/x509/x509path.cpp
+++ b/src/lib/x509/x509path.cpp
@@ -183,7 +183,7 @@ PKIX::check_ocsp(const std::vector<std::shared_ptr<const X509_Certificate>>& cer
status.insert(ocsp_signature_status);
}
}
- catch(Exception& e)
+ catch(Exception&)
{
status.insert(Certificate_Status_Code::OCSP_RESPONSE_INVALID);
}
@@ -412,7 +412,7 @@ PKIX::check_crl_online(const std::vector<std::shared_ptr<const X509_Certificate>
crls[i] = future_crls[i].get();
}
}
- catch(std::exception& e)
+ catch(std::exception&)
{
// crls[i] left null
}
diff --git a/src/tests/test_ffi.cpp b/src/tests/test_ffi.cpp
index d94fae7ba..41fa3a044 100644
--- a/src/tests/test_ffi.cpp
+++ b/src/tests/test_ffi.cpp
@@ -816,7 +816,7 @@ class FFI_Unit_Tests : public Test
uint32_t x_32;
TEST_FFI_OK(botan_mp_to_uint32, (x, &x_32));
- result.test_eq("botan_mp_to_uint32", x, 0x103);
+ result.test_eq("botan_mp_to_uint32", x, static_cast<size_t>(0x103));
TEST_FFI_RC(1, botan_mp_get_bit, (x, 1));
TEST_FFI_RC(0, botan_mp_get_bit, (x, 87));
@@ -1444,7 +1444,7 @@ class FFI_Unit_Tests : public Test
TEST_FFI_OK(botan_pk_op_sign_destroy, (signer));
}
- botan_pk_op_verify_t verifier;
+ botan_pk_op_verify_t verifier = nullptr;
if(signature.size() > 0 && TEST_FFI_OK(botan_pk_op_verify_create, (&verifier, pub, sm2_ident.c_str(), 0)))
{
diff --git a/src/tests/test_gf2m.cpp b/src/tests/test_gf2m.cpp
index c8110034e..9bb572c4e 100644
--- a/src/tests/test_gf2m.cpp
+++ b/src/tests/test_gf2m.cpp
@@ -45,7 +45,7 @@ class GF2m_Tests : public Test
for(size_t i = 0; i <= field.gf_ord(); ++i)
{
- gf2m a = i;
+ gf2m a = static_cast<gf2m>(i);
result.test_eq("square vs multiply",
static_cast<size_t>(field.gf_square(a)),
diff --git a/src/tests/test_pkcs11_high_level.cpp b/src/tests/test_pkcs11_high_level.cpp
index ca15082bb..7422aed84 100644
--- a/src/tests/test_pkcs11_high_level.cpp
+++ b/src/tests/test_pkcs11_high_level.cpp
@@ -811,7 +811,7 @@ Test::Result test_rsa_encrypt_decrypt()
};
std::vector<uint8_t> plaintext(256);
- std::iota(std::begin(plaintext), std::end(plaintext), 0);
+ std::iota(std::begin(plaintext), std::end(plaintext), static_cast<uint8_t>(0));
encrypt_and_decrypt(plaintext, "Raw");
plaintext = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x00 };
@@ -834,7 +834,7 @@ Test::Result test_rsa_sign_verify()
PKCS11_RSA_KeyPair keypair = generate_rsa_keypair(test_session);
std::vector<uint8_t> plaintext(256);
- std::iota(std::begin(plaintext), std::end(plaintext), 0);
+ std::iota(std::begin(plaintext), std::end(plaintext), static_cast<uint8_t>(0));
auto sign_and_verify = [&keypair, &plaintext, &result](std::string const& emsa, bool multipart)
{
diff --git a/src/tests/test_tss.cpp b/src/tests/test_tss.cpp
index 01e0da92f..d9e860726 100644
--- a/src/tests/test_tss.cpp
+++ b/src/tests/test_tss.cpp
@@ -28,7 +28,7 @@ class TSS_Tests : public Test
Test::Result result("TSS");
uint8_t id[16];
- std::iota(id, id + sizeof(id), 0);
+ std::iota(id, id + sizeof(id), static_cast<uint8_t>(0));
const std::vector<uint8_t> S = Botan::hex_decode("7465737400");