diff options
| -rw-r--r-- | src/lib/codec/base58/base58.cpp | 2 | ||||
| -rw-r--r-- | src/lib/hash/mdx_hash/mdx_hash.cpp | 2 | ||||
| -rw-r--r-- | src/lib/modes/mode_pad/mode_pad.cpp | 11 | ||||
| -rw-r--r-- | src/lib/tls/tls_cbc/tls_cbc.cpp | 12 | ||||
| -rw-r--r-- | src/lib/tls/tls_handshake_io.cpp | 4 | ||||
| -rw-r--r-- | src/tests/test_ffi.cpp | 4 | ||||
| -rw-r--r-- | src/tests/test_otp.cpp | 8 | ||||
| -rw-r--r-- | src/tests/test_runner.cpp | 4 | ||||
| -rw-r--r-- | src/tests/test_tls.cpp | 5 | ||||
| -rw-r--r-- | src/tests/test_tls_messages.cpp | 4 | ||||
| -rw-r--r-- | src/tests/test_tss.cpp | 3 | ||||
| -rw-r--r-- | src/tests/unit_x509.cpp | 2 |
12 files changed, 35 insertions, 26 deletions
diff --git a/src/lib/codec/base58/base58.cpp b/src/lib/codec/base58/base58.cpp index 199dc3872..ba974f96a 100644 --- a/src/lib/codec/base58/base58.cpp +++ b/src/lib/codec/base58/base58.cpp @@ -53,7 +53,7 @@ class Character_Table { const uint8_t b = static_cast<uint8_t>(m_alphabet[i]); BOTAN_ASSERT(m_tab[b] == 0x80, "No duplicate chars"); - m_tab[b] = i; + m_tab[b] = static_cast<uint8_t>(i); } } diff --git a/src/lib/hash/mdx_hash/mdx_hash.cpp b/src/lib/hash/mdx_hash/mdx_hash.cpp index 64ae516a8..1dd631d04 100644 --- a/src/lib/hash/mdx_hash/mdx_hash.cpp +++ b/src/lib/hash/mdx_hash/mdx_hash.cpp @@ -21,7 +21,7 @@ MDx_HashFunction::MDx_HashFunction(size_t block_len, uint8_t cnt_size) : m_pad_char(bit_big_endian == true ? 0x80 : 0x01), m_counter_size(cnt_size), - m_block_bits(ceil_log2(block_len)), + m_block_bits(static_cast<size_t>(ceil_log2(block_len))), m_count_big_endian(byte_big_endian), m_count(0), m_buffer(block_len), diff --git a/src/lib/modes/mode_pad/mode_pad.cpp b/src/lib/modes/mode_pad/mode_pad.cpp index 19a2f15f8..1df6abfeb 100644 --- a/src/lib/modes/mode_pad/mode_pad.cpp +++ b/src/lib/modes/mode_pad/mode_pad.cpp @@ -199,13 +199,14 @@ size_t ESP_Padding::unpad(const uint8_t input[], size_t input_length) const CT::poison(input, input_length); - const size_t last_byte = input[input_length-1]; + const uint8_t input_length_8 = static_cast<uint8_t>(input_length); + const uint8_t last_byte = input[input_length-1]; auto bad_input = CT::Mask<uint8_t>::is_zero(last_byte) | - CT::Mask<uint8_t>::is_gt(last_byte, static_cast<uint8_t>(input_length)); + CT::Mask<uint8_t>::is_gt(last_byte, input_length_8); - const size_t pad_pos = input_length - last_byte; - size_t i = input_length - 1; + const uint8_t pad_pos = input_length_8 - last_byte; + size_t i = input_length_8 - 1; while(i) { const auto in_range = CT::Mask<size_t>::is_gt(i, pad_pos); @@ -216,7 +217,7 @@ size_t ESP_Padding::unpad(const uint8_t input[], size_t input_length) const } CT::unpoison(input, input_length); - return bad_input.select_and_unpoison(input_length, pad_pos); + return bad_input.select_and_unpoison(input_length_8, pad_pos); } diff --git a/src/lib/tls/tls_cbc/tls_cbc.cpp b/src/lib/tls/tls_cbc/tls_cbc.cpp index f7f3ebc8f..7f67c400b 100644 --- a/src/lib/tls/tls_cbc/tls_cbc.cpp +++ b/src/lib/tls/tls_cbc/tls_cbc.cpp @@ -337,7 +337,7 @@ void TLS_CBC_HMAC_AEAD_Decryption::perform_additional_compressions(size_t plen, const uint16_t current_compressions = ((L2 + block_size - 1 - max_bytes_in_first_block) / block_size); // number of additional compressions we have to perform const uint16_t add_compressions = max_compresssions - current_compressions; - const uint8_t equal = CT::Mask<uint16_t>::is_equal(max_compresssions, current_compressions).if_set_return(1); + const uint16_t equal = CT::Mask<uint16_t>::is_equal(max_compresssions, current_compressions).if_set_return(1); // We compute the data length we need to achieve the number of compressions. // If there are no compressions, we just add 55/111 dummy bytes so that no // compression is performed. @@ -365,8 +365,11 @@ void TLS_CBC_HMAC_AEAD_Decryption::finish(secure_vector<uint8_t>& buffer, size_t if(use_encrypt_then_mac()) { const size_t enc_size = record_len - tag_size(); + const size_t enc_iv_size = enc_size + iv_size(); - mac().update(assoc_data_with_len(iv_size() + enc_size)); + BOTAN_ASSERT_NOMSG(enc_iv_size <= 0xFFFF); + + mac().update(assoc_data_with_len(enc_iv_size)); if(iv_size() > 0) { mac().update(cbc_state()); @@ -418,7 +421,10 @@ void TLS_CBC_HMAC_AEAD_Decryption::finish(secure_vector<uint8_t>& buffer, size_t (sending empty records, instead of 1/(n-1) splitting) */ - const auto size_ok_mask = CT::Mask<uint16_t>::is_lte(tag_size() + pad_size, record_len); + // We know the cast cannot overflow as pad_size <= 256 && tag_size <= 32 + const auto size_ok_mask = CT::Mask<uint16_t>::is_lte( + static_cast<uint16_t>(tag_size() + pad_size), record_len); + pad_size = size_ok_mask.if_set_return(pad_size); CT::unpoison(record_contents, record_len); diff --git a/src/lib/tls/tls_handshake_io.cpp b/src/lib/tls/tls_handshake_io.cpp index af97c2545..47a9ad6d2 100644 --- a/src/lib/tls/tls_handshake_io.cpp +++ b/src/lib/tls/tls_handshake_io.cpp @@ -109,7 +109,7 @@ Stream_Handshake_IO::format(const std::vector<uint8_t>& msg, const size_t buf_size = msg.size(); - send_buf[0] = type; + send_buf[0] = static_cast<uint8_t>(type); store_be24(&send_buf[1], buf_size); @@ -354,7 +354,7 @@ Datagram_Handshake_IO::format_fragment(const uint8_t fragment[], { std::vector<uint8_t> send_buf(12 + frag_len); - send_buf[0] = type; + send_buf[0] = static_cast<uint8_t>(type); store_be24(&send_buf[1], msg_len); diff --git a/src/tests/test_ffi.cpp b/src/tests/test_ffi.cpp index fddc9874d..58b491a9a 100644 --- a/src/tests/test_ffi.cpp +++ b/src/tests/test_ffi.cpp @@ -1902,7 +1902,7 @@ class FFI_Unit_Tests final : public Test TEST_FFI_OK(botan_pk_op_sign_destroy, (signer)); } - botan_pk_op_verify_t verifier; + botan_pk_op_verify_t verifier = nullptr; if(signature.size() > 0 && TEST_FFI_OK(botan_pk_op_verify_create, (&verifier, pub, "EMSA1(SHA-256)", 0))) { @@ -2008,7 +2008,7 @@ class FFI_Unit_Tests final : public Test TEST_FFI_OK(botan_pk_op_sign_destroy, (signer)); } - botan_pk_op_verify_t verifier; + botan_pk_op_verify_t verifier = nullptr; if(signature.size() > 0 && TEST_FFI_OK(botan_pk_op_verify_create, (&verifier, pub, "EMSA1(SHA-384)", 0))) { diff --git a/src/tests/test_otp.cpp b/src/tests/test_otp.cpp index 15cd2a9fb..5ded1a74c 100644 --- a/src/tests/test_otp.cpp +++ b/src/tests/test_otp.cpp @@ -41,13 +41,13 @@ class HOTP_KAT_Tests final : public Text_Based_Test return {result}; const std::vector<uint8_t> key = vars.get_req_bin("Key"); - const size_t otp = vars.get_req_sz("OTP"); + const uint32_t otp = static_cast<uint32_t>(vars.get_req_sz("OTP")); const uint64_t counter = vars.get_req_sz("Counter"); const size_t digits = vars.get_req_sz("Digits"); Botan::HOTP hotp(key, hash_algo, digits); - result.test_eq("OTP", hotp.generate_hotp(counter), otp); + result.test_int_eq("OTP", hotp.generate_hotp(counter), otp); std::pair<bool, uint64_t> otp_res = hotp.verify_hotp(otp, counter, 0); result.test_eq("OTP verify result", otp_res.first, true); @@ -96,7 +96,7 @@ class TOTP_KAT_Tests final : public Text_Based_Test return {result}; const std::vector<uint8_t> key = vars.get_req_bin("Key"); - const size_t otp = vars.get_req_sz("OTP"); + const uint32_t otp = static_cast<uint32_t>(vars.get_req_sz("OTP")); const size_t digits = vars.get_req_sz("Digits"); const size_t timestep = vars.get_req_sz("Timestep"); const std::string timestamp = vars.get_req_str("Timestamp"); @@ -107,7 +107,7 @@ class TOTP_KAT_Tests final : public Text_Based_Test std::chrono::system_clock::time_point later_time = time + std::chrono::seconds(timestep); std::chrono::system_clock::time_point too_late = time + std::chrono::seconds(2*timestep); - result.test_eq("TOTP generate", totp.generate_totp(time), otp); + result.test_int_eq("TOTP generate", totp.generate_totp(time), otp); result.test_eq("TOTP verify valid", totp.verify_totp(otp, time, 0), true); result.test_eq("TOTP verify invalid", totp.verify_totp(otp ^ 1, time, 0), false); diff --git a/src/tests/test_runner.cpp b/src/tests/test_runner.cpp index 8d3f9b72c..e7862e90d 100644 --- a/src/tests/test_runner.cpp +++ b/src/tests/test_runner.cpp @@ -71,7 +71,7 @@ class Testsuite_RNG final : public Botan::RandomNumberGenerator for(size_t i = 0; i != ROUNDS; ++i) { - m_a += i; + m_a += static_cast<uint32_t>(i); m_a = Botan::rotl<9>(m_a); m_b ^= m_a; @@ -184,7 +184,7 @@ int Test_Runner::run(const Test_Options& opts) const size_t failed = run_tests(req, i, opts.test_runs()); if(failed > 0) - return failed; + return static_cast<int>(failed); } return 0; diff --git a/src/tests/test_tls.cpp b/src/tests/test_tls.cpp index 8a327b652..9b734bdea 100644 --- a/src/tests/test_tls.cpp +++ b/src/tests/test_tls.cpp @@ -358,11 +358,12 @@ class Test_TLS_Ciphersuites : public Test for(size_t csuite_id = 0; csuite_id <= 0xFFFF; ++csuite_id) { - Botan::TLS::Ciphersuite ciphersuite = Botan::TLS::Ciphersuite::by_id(csuite_id); + const uint16_t csuite_id16 = static_cast<uint16_t>(csuite_id); + Botan::TLS::Ciphersuite ciphersuite = Botan::TLS::Ciphersuite::by_id(csuite_id16); if(ciphersuite.valid()) { - result.test_eq("Valid Ciphersuite is not SCSV", Botan::TLS::Ciphersuite::is_scsv(csuite_id), false); + result.test_eq("Valid Ciphersuite is not SCSV", Botan::TLS::Ciphersuite::is_scsv(csuite_id16), false); if(ciphersuite.cbc_ciphersuite() == false) { diff --git a/src/tests/test_tls_messages.cpp b/src/tests/test_tls_messages.cpp index 038b79085..364fdc0bf 100644 --- a/src/tests/test_tls_messages.cpp +++ b/src/tests/test_tls_messages.cpp @@ -78,7 +78,7 @@ class TLS_Message_Parsing_Test final : public Text_Based_Test std::vector<uint8_t> buf; for(Botan::TLS::Handshake_Extension_Type const& type : message.extension_types()) { - uint16_t u16type = type; + uint16_t u16type = static_cast<uint16_t>(type); buf.push_back(Botan::get_byte(0, u16type)); buf.push_back(Botan::get_byte(1, u16type)); } @@ -107,7 +107,7 @@ class TLS_Message_Parsing_Test final : public Text_Based_Test std::vector<uint8_t> buf; for(Botan::TLS::Handshake_Extension_Type const& type : message.extension_types()) { - uint16_t u16type = type; + uint16_t u16type = static_cast<uint16_t>(type); buf.push_back(Botan::get_byte(0, u16type)); buf.push_back(Botan::get_byte(1, u16type)); } diff --git a/src/tests/test_tss.cpp b/src/tests/test_tss.cpp index a4aed6b47..52c952b3a 100644 --- a/src/tests/test_tss.cpp +++ b/src/tests/test_tss.cpp @@ -118,7 +118,8 @@ class TSS_Generation_Tests final : public Text_Based_Test Fixed_Output_RNG fixed_rng(rng_data); std::vector<Botan::RTSS_Share> shares = - Botan::RTSS_Share::split(M, N, input.data(), input.size(), id, hash, fixed_rng); + Botan::RTSS_Share::split(M, N, input.data(), static_cast<uint16_t>(input.size()), + id, hash, fixed_rng); result.test_eq("Expected number of shares", shares.size(), N); diff --git a/src/tests/unit_x509.cpp b/src/tests/unit_x509.cpp index b0a5da23a..03f5d928c 100644 --- a/src/tests/unit_x509.cpp +++ b/src/tests/unit_x509.cpp @@ -33,7 +33,7 @@ Botan::X509_Time from_date(const int y, const int m, const int d) { const size_t this_year = Botan::calendar_value(std::chrono::system_clock::now()).get_year(); - Botan::calendar_point t(this_year + y, m, d, 0, 0, 0); + Botan::calendar_point t(static_cast<uint32_t>(this_year + y), m, d, 0, 0, 0); return Botan::X509_Time(t.to_std_timepoint()); } |