aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/block/misty1/misty1.cpp4
-rw-r--r--src/lib/kdf/hkdf/hkdf.cpp8
-rw-r--r--src/lib/kdf/sp800_108/sp800_108.cpp208
-rw-r--r--src/lib/mac/gmac/gmac.cpp7
-rw-r--r--src/lib/modes/aead/ocb/ocb.cpp2
-rw-r--r--src/lib/utils/barrier.cpp4
-rw-r--r--src/lib/utils/barrier.h40
-rw-r--r--src/tests/test_rng.cpp2
8 files changed, 140 insertions, 135 deletions
diff --git a/src/lib/block/misty1/misty1.cpp b/src/lib/block/misty1/misty1.cpp
index 3e2677fce..d6ac5f9a9 100644
--- a/src/lib/block/misty1/misty1.cpp
+++ b/src/lib/block/misty1/misty1.cpp
@@ -119,7 +119,7 @@ void MISTY1::encrypt_n(const uint8_t in[], uint8_t out[], size_t blocks) const
B3 ^= B2 & RK[2];
B2 ^= B3 | RK[3];
- uint32_t T0, T1;
+ uint16_t T0, T1;
T0 = FI(B0 ^ RK[ 4], RK[ 5], RK[ 6]) ^ B1;
T1 = FI(B1 ^ RK[ 7], RK[ 8], RK[ 9]) ^ T0;
@@ -169,7 +169,7 @@ void MISTY1::decrypt_n(const uint8_t in[], uint8_t out[], size_t blocks) const
B0 ^= B1 | RK[2];
B1 ^= B0 & RK[3];
- uint32_t T0, T1;
+ uint16_t T0, T1;
T0 = FI(B2 ^ RK[ 4], RK[ 5], RK[ 6]) ^ B3;
T1 = FI(B3 ^ RK[ 7], RK[ 8], RK[ 9]) ^ T0;
diff --git a/src/lib/kdf/hkdf/hkdf.cpp b/src/lib/kdf/hkdf/hkdf.cpp
index d66847244..63085d191 100644
--- a/src/lib/kdf/hkdf/hkdf.cpp
+++ b/src/lib/kdf/hkdf/hkdf.cpp
@@ -87,17 +87,19 @@ hkdf_expand_label(const std::string& hash_fn,
if(hash_val_len > 0xFF)
throw Invalid_Argument("HKDF-Expand-Label hash too long");
+ const uint16_t length16 = static_cast<uint16_t>(length);
+
auto mac = MessageAuthenticationCode::create("HMAC(" + hash_fn + ")");
if(!mac)
throw Invalid_Argument("HKDF-Expand-Label with HMAC(" + hash_fn + ") not available");
HKDF_Expand hkdf(mac.release());
- secure_vector<uint8_t> output(length);
+ secure_vector<uint8_t> output(length16);
std::vector<uint8_t> prefix(3 + label.size() + 1);
- prefix[0] = get_byte<uint16_t>(0, length);
- prefix[1] = get_byte<uint16_t>(1, length);
+ prefix[0] = get_byte(0, length16);
+ prefix[1] = get_byte(1, length16);
prefix[2] = static_cast<uint8_t>(label.size());
copy_mem(prefix.data() + 3,
diff --git a/src/lib/kdf/sp800_108/sp800_108.cpp b/src/lib/kdf/sp800_108/sp800_108.cpp
index 0f9eed1f2..137ade106 100644
--- a/src/lib/kdf/sp800_108/sp800_108.cpp
+++ b/src/lib/kdf/sp800_108/sp800_108.cpp
@@ -16,39 +16,39 @@ size_t SP800_108_Counter::kdf(uint8_t key[], size_t key_len,
const uint8_t salt[], size_t salt_len,
const uint8_t label[], size_t label_len) const
{
- const std::size_t prf_len = m_prf->output_length();
- const uint8_t delim = 0;
- uint8_t *p = key;
- uint32_t counter = 1;
- uint32_t length = key_len * 8;
- uint8_t be_len[4] = { 0 };
- secure_vector<uint8_t> tmp;
+ const std::size_t prf_len = m_prf->output_length();
+ const uint8_t delim = 0;
+ const uint32_t length = static_cast<uint32_t>(key_len * 8);
- store_be(length, be_len);
- m_prf->set_key(secret, secret_len);
+ uint8_t *p = key;
+ uint32_t counter = 1;
+ uint8_t be_len[4] = { 0 };
+ secure_vector<uint8_t> tmp;
- while(p < key + key_len && counter != 0)
- {
- const std::size_t to_copy = std::min< std::size_t >(key + key_len - p, prf_len);
- uint8_t be_cnt[4] = { 0 };
+ store_be(length, be_len);
+ m_prf->set_key(secret, secret_len);
- store_be(counter, be_cnt);
+ while(p < key + key_len && counter != 0)
+ {
+ const std::size_t to_copy = std::min< std::size_t >(key + key_len - p, prf_len);
+ uint8_t be_cnt[4] = { 0 };
- m_prf->update(be_cnt,4);
- m_prf->update(label,label_len);
- m_prf->update(delim);
- m_prf->update(salt,salt_len);
- m_prf->update(be_len,4);
- m_prf->final(tmp);
+ store_be(counter, be_cnt);
- std::move(tmp.begin(), tmp.begin() + to_copy, p);
- ++counter;
+ m_prf->update(be_cnt,4);
+ m_prf->update(label,label_len);
+ m_prf->update(delim);
+ m_prf->update(salt,salt_len);
+ m_prf->update(be_len,4);
+ m_prf->final(tmp);
- if (counter == 0)
- throw Invalid_Argument("Can't process more than 4GB");
+ copy_mem(p, tmp.data(), to_copy);
+ p += to_copy;
- p += to_copy;
- }
+ ++counter;
+ if(counter == 0)
+ throw Invalid_Argument("Can't process more than 4GB");
+ }
return key_len;
}
@@ -58,98 +58,98 @@ size_t SP800_108_Feedback::kdf(uint8_t key[], size_t key_len,
const uint8_t salt[], size_t salt_len,
const uint8_t label[], size_t label_len) const
{
- const std::size_t prf_len = m_prf->output_length();
- const std::size_t iv_len = (salt_len >= prf_len ? prf_len : 0);
- const uint8_t delim = 0;
+ const uint32_t length = static_cast<uint32_t>(key_len * 8);
+ const std::size_t prf_len = m_prf->output_length();
+ const std::size_t iv_len = (salt_len >= prf_len ? prf_len : 0);
+ const uint8_t delim = 0;
- uint8_t *p = key;
- uint32_t counter = 1;
- uint32_t length = key_len * 8;
- uint8_t be_len[4] = { 0 };
- secure_vector< uint8_t > prev(salt, salt + iv_len);
- secure_vector< uint8_t > ctx(salt + iv_len, salt + salt_len);
+ uint8_t *p = key;
+ uint32_t counter = 1;
+ uint8_t be_len[4] = { 0 };
+ secure_vector< uint8_t > prev(salt, salt + iv_len);
+ secure_vector< uint8_t > ctx(salt + iv_len, salt + salt_len);
- store_be(length, be_len);
- m_prf->set_key(secret, secret_len);
+ store_be(length, be_len);
+ m_prf->set_key(secret, secret_len);
- while(p < key + key_len && counter != 0)
- {
- const std::size_t to_copy = std::min< std::size_t >(key + key_len - p, prf_len);
- uint8_t be_cnt[4] = { 0 };
+ while(p < key + key_len && counter != 0)
+ {
+ const std::size_t to_copy = std::min< std::size_t >(key + key_len - p, prf_len);
+ uint8_t be_cnt[4] = { 0 };
- store_be(counter, be_cnt);
+ store_be(counter, be_cnt);
- m_prf->update(prev);
- m_prf->update(be_cnt,4);
- m_prf->update(label,label_len);
- m_prf->update(delim);
- m_prf->update(ctx);
- m_prf->update(be_len,4);
- m_prf->final(prev);
+ m_prf->update(prev);
+ m_prf->update(be_cnt,4);
+ m_prf->update(label,label_len);
+ m_prf->update(delim);
+ m_prf->update(ctx);
+ m_prf->update(be_len,4);
+ m_prf->final(prev);
- std::copy(prev.begin(), prev.begin() + to_copy, p);
- ++counter;
+ copy_mem(p, prev.data(), to_copy);
+ p += to_copy;
- if (counter == 0)
- throw Invalid_Argument("Can't process more than 4GB");
+ ++counter;
- p += to_copy;
- }
+ if(counter == 0)
+ throw Invalid_Argument("Can't process more than 4GB");
+ }
return key_len;
}
size_t SP800_108_Pipeline::kdf(uint8_t key[], size_t key_len,
- const uint8_t secret[], size_t secret_len,
- const uint8_t salt[], size_t salt_len,
- const uint8_t label[], size_t label_len) const
+ const uint8_t secret[], size_t secret_len,
+ const uint8_t salt[], size_t salt_len,
+ const uint8_t label[], size_t label_len) const
{
- const std::size_t prf_len = m_prf->output_length();
- const uint8_t delim = 0;
-
- uint8_t *p = key;
- uint32_t counter = 1;
- uint32_t length = key_len * 8;
- uint8_t be_len[4] = { 0 };
- secure_vector<uint8_t> ai, ki;
-
- store_be(length, be_len);
- m_prf->set_key(secret,secret_len);
-
- // A(0)
- std::copy(label,label + label_len,std::back_inserter(ai));
- ai.emplace_back(delim);
- std::copy(salt,salt + salt_len,std::back_inserter(ai));
- std::copy(be_len,be_len + 4,std::back_inserter(ai));
-
- while(p < key + key_len && counter != 0)
- {
- // A(i)
- m_prf->update(ai);
- m_prf->final(ai);
-
- // K(i)
- const std::size_t to_copy = std::min< std::size_t >(key + key_len - p, prf_len);
- uint8_t be_cnt[4] = { 0 };
-
- store_be(counter, be_cnt);
-
- m_prf->update(ai);
- m_prf->update(be_cnt,4);
- m_prf->update(label, label_len);
- m_prf->update(delim);
- m_prf->update(salt, salt_len);
- m_prf->update(be_len,4);
- m_prf->final(ki);
-
- std::copy(ki.begin(), ki.begin() + to_copy, p);
- ++counter;
-
- if (counter == 0)
- throw Invalid_Argument("Can't process more than 4GB");
-
- p += to_copy;
- }
+ const uint32_t length = static_cast<uint32_t>(key_len * 8);
+ const std::size_t prf_len = m_prf->output_length();
+ const uint8_t delim = 0;
+
+ uint8_t *p = key;
+ uint32_t counter = 1;
+ uint8_t be_len[4] = { 0 };
+ secure_vector<uint8_t> ai, ki;
+
+ store_be(length, be_len);
+ m_prf->set_key(secret,secret_len);
+
+ // A(0)
+ std::copy(label,label + label_len,std::back_inserter(ai));
+ ai.emplace_back(delim);
+ std::copy(salt,salt + salt_len,std::back_inserter(ai));
+ std::copy(be_len,be_len + 4,std::back_inserter(ai));
+
+ while(p < key + key_len && counter != 0)
+ {
+ // A(i)
+ m_prf->update(ai);
+ m_prf->final(ai);
+
+ // K(i)
+ const std::size_t to_copy = std::min< std::size_t >(key + key_len - p, prf_len);
+ uint8_t be_cnt[4] = { 0 };
+
+ store_be(counter, be_cnt);
+
+ m_prf->update(ai);
+ m_prf->update(be_cnt,4);
+ m_prf->update(label, label_len);
+ m_prf->update(delim);
+ m_prf->update(salt, salt_len);
+ m_prf->update(be_len,4);
+ m_prf->final(ki);
+
+ copy_mem(p, ki.data(), to_copy);
+ p += to_copy;
+
+ ++counter;
+
+ if(counter == 0)
+ throw Invalid_Argument("Can't process more than 4GB");
+ }
return key_len;
}
diff --git a/src/lib/mac/gmac/gmac.cpp b/src/lib/mac/gmac/gmac.cpp
index 5e08a8827..7ce546ad5 100644
--- a/src/lib/mac/gmac/gmac.cpp
+++ b/src/lib/mac/gmac/gmac.cpp
@@ -90,9 +90,8 @@ void GMAC::final_result(uint8_t mac[])
// This ensures the GMAC computation has been initialized with a fresh
// nonce. The aim of this check is to prevent developers from re-using
// nonces (and potential nonce-reuse attacks).
- BOTAN_ASSERT(m_initialized,
- "The GMAC computation has not been initialized with a fresh "
- "nonce.");
+ BOTAN_ASSERT(m_initialized, "GMAC was used with a fresh nonce");
+
// process the rest of the aad buffer. Even if it is a partial block only
// ghash_update will process it properly.
if(m_aad_buf.size() > 0)
@@ -102,7 +101,7 @@ void GMAC::final_result(uint8_t mac[])
m_aad_buf.size());
}
secure_vector<uint8_t> result = GHASH::final();
- std::copy(result.begin(), result.end(), mac);
+ copy_mem(mac, result.data(), result.size());
clear();
}
diff --git a/src/lib/modes/aead/ocb/ocb.cpp b/src/lib/modes/aead/ocb/ocb.cpp
index e885eb5bc..9a7448161 100644
--- a/src/lib/modes/aead/ocb/ocb.cpp
+++ b/src/lib/modes/aead/ocb/ocb.cpp
@@ -211,7 +211,7 @@ OCB_Mode::update_nonce(const uint8_t nonce[], size_t nonce_len)
secure_vector<uint8_t> nonce_buf(BS);
copy_mem(&nonce_buf[BS - nonce_len], nonce, nonce_len);
- nonce_buf[0] = ((tag_size()*8) % (BS*8)) << (BS <= 16 ? 1 : 0);
+ nonce_buf[0] = static_cast<uint8_t>(((tag_size()*8) % (BS*8)) << (BS <= 16 ? 1 : 0));
nonce_buf[BS - nonce_len - 1] ^= 1;
diff --git a/src/lib/utils/barrier.cpp b/src/lib/utils/barrier.cpp
index 81c578b72..3c721d905 100644
--- a/src/lib/utils/barrier.cpp
+++ b/src/lib/utils/barrier.cpp
@@ -11,7 +11,7 @@
namespace Botan {
-void Barrier::wait(unsigned delta)
+void Barrier::wait(size_t delta)
{
lock_guard_type<mutex_type> lock(m_mutex);
m_value += delta;
@@ -23,7 +23,7 @@ void Barrier::sync()
--m_value;
if(m_value > 0)
{
- unsigned current_syncs = m_syncs;
+ const size_t current_syncs = m_syncs;
m_cond.wait(lock, [this, &current_syncs] { return m_syncs != current_syncs; });
}
else
diff --git a/src/lib/utils/barrier.h b/src/lib/utils/barrier.h
index 9b7fdd59d..943d10b0c 100644
--- a/src/lib/utils/barrier.h
+++ b/src/lib/utils/barrier.h
@@ -11,33 +11,37 @@
#include <botan/mutex.h>
#if defined(BOTAN_TARGET_OS_HAS_THREADS)
-#include <condition_variable>
+ #include <condition_variable>
#endif
namespace Botan {
#if defined(BOTAN_TARGET_OS_HAS_THREADS)
-// Barrier implements a barrier synchronization primitive. wait() will indicate
-// how many threads to synchronize; each thread needing synchronization should
-// call sync(). When sync() returns, the barrier is reset to zero, and the
-// m_syncs counter is incremented. m_syncs is a counter to ensure that wait()
-// can be called after a sync() even if the previously sleeping threads have
-// not awoken.)
+
+/**
+Barrier implements a barrier synchronization primitive. wait() will
+indicate how many threads to synchronize; each thread needing
+synchronization should call sync(). When sync() returns, the barrier
+is reset to zero, and the m_syncs counter is incremented. m_syncs is a
+counter to ensure that wait() can be called after a sync() even if the
+previously sleeping threads have not awoken.)
+*/
class Barrier final
- {
- public:
- explicit Barrier(int value = 0) : m_value(value), m_syncs(0) {}
+ {
+ public:
+ explicit Barrier(int value = 0) : m_value(value), m_syncs(0) {}
+
+ void wait(size_t delta);
- void wait(unsigned delta);
+ void sync();
- void sync();
+ private:
+ int m_value;
+ size_t m_syncs;
+ mutex_type m_mutex;
+ std::condition_variable m_cond;
+ };
- private:
- int m_value;
- unsigned m_syncs;
- mutex_type m_mutex;
- std::condition_variable m_cond;
- };
#endif
}
diff --git a/src/tests/test_rng.cpp b/src/tests/test_rng.cpp
index e018349c0..193a94379 100644
--- a/src/tests/test_rng.cpp
+++ b/src/tests/test_rng.cpp
@@ -761,7 +761,7 @@ class RDRAND_RNG_Tests final : public Test
an invalid ptr/length field to add_entropy. If it examined its
arguments, it would crash...
*/
- const uint8_t* invalid_ptr = reinterpret_cast<const uint8_t*>(0xDEADC0DE);
+ const uint8_t* invalid_ptr = reinterpret_cast<const uint8_t*>(static_cast<uintptr_t>(0xDEADC0DE));
const size_t invalid_ptr_len = 64*1024;
rng.add_entropy(invalid_ptr, invalid_ptr_len);