Merge pull request #7988 from gasbytes/fix-conversion

Fix Wconversion in the tls* and api/test* files
wolfSSL · Oct 2, 2024 · 24d1b11 · 24d1b11
2 parents 925fbf3 + ea852c1
commit 24d1b11
Show file tree

Hide file tree

Showing 5 changed files with 144 additions and 125 deletions.
diff --git a/src/tls.c b/src/tls.c
@@ -939,7 +939,7 @@ static int Hmac_UpdateFinal_CT(Hmac* hmac, byte* digest, const byte* in,
     int          blockBits, blockMask;
     int          lastBlockLen, extraLen, eocIndex;
     int          blocks, safeBlocks, lenBlock, eocBlock;
-    unsigned int maxLen;
+    word32       maxLen;
     int          blockSz, padSz;
     int          ret;
     word32       realLen;
@@ -992,29 +992,30 @@ static int Hmac_UpdateFinal_CT(Hmac* hmac, byte* digest, const byte* in,
     blockMask = blockSz - 1;
 
     /* Size of data to HMAC if padding length byte is zero. */
-    maxLen = headerSz + sz - 1 - macLen;
+    maxLen = WOLFSSL_TLS_HMAC_INNER_SZ + sz - 1 - (word32)macLen;
+
     /* Complete data (including padding) has block for EOC and/or length. */
-    extraBlock = ctSetLTE((maxLen + padSz) & blockMask, padSz);
+    extraBlock = ctSetLTE(((int)maxLen + padSz) & blockMask, padSz);
     /* Total number of blocks for data including padding. */
-    blocks = ((maxLen + blockSz - 1) >> blockBits) + extraBlock;
+    blocks = ((int)(maxLen + (word32)blockSz - 1) >> blockBits) + extraBlock;
     /* Up to last 6 blocks can be hashed safely. */
     safeBlocks = blocks - 6;
 
     /* Length of message data. */
     realLen = maxLen - in[sz - 1];
     /* Number of message bytes in last block. */
-    lastBlockLen = realLen & blockMask;
+    lastBlockLen = (int)realLen & blockMask;
     /* Number of padding bytes in last block. */
     extraLen = ((blockSz * 2 - padSz - lastBlockLen) & blockMask) + 1;
     /* Number of blocks to create for hash. */
-    lenBlock = (realLen + extraLen) >> blockBits;
+    lenBlock = ((int)realLen + extraLen) >> blockBits;
     /* Block containing EOC byte. */
-    eocBlock = realLen >> blockBits;
+    eocBlock = (int)(realLen >> (word32)blockBits);
     /* Index of EOC byte in block. */
-    eocIndex = realLen & blockMask;
+    eocIndex = (int)(realLen & (word32)blockMask);
 
     /* Add length of hmac's ipad to total length. */
-    realLen += blockSz;
+    realLen += (word32)blockSz;
     /* Length as bits - 8 bytes bigendian. */
     c32toa(realLen >> ((sizeof(word32) * 8) - 3), lenBytes);
     c32toa(realLen << 3, lenBytes + sizeof(word32));
@@ -1029,7 +1030,9 @@ static int Hmac_UpdateFinal_CT(Hmac* hmac, byte* digest, const byte* in,
         ret = Hmac_HashUpdate(hmac, header, headerSz);
         if (ret != 0)
             return ret;
-        ret = Hmac_HashUpdate(hmac, in, safeBlocks * blockSz - headerSz);
+        ret = Hmac_HashUpdate(hmac, in, (word32)(safeBlocks * blockSz -
+                                WOLFSSL_TLS_HMAC_INNER_SZ));
+
         if (ret != 0)
             return ret;
     }
@@ -1341,7 +1344,9 @@ int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, int padSz,
     #endif
             {
                 ret = Hmac_UpdateFinal_CT(&hmac, digest, in,
-                        sz + hashSz + padSz + 1, hashSz, myInner, innerSz);
+                                      (sz + hashSz + (word32)padSz + 1),
+                                      (int)hashSz, myInner, innerSz);
+
             }
 #else
             ret = Hmac_UpdateFinal(&hmac, digest, in, sz + hashSz + padSz + 1,
@@ -7726,7 +7731,7 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
         #endif
             {
                 /* set curve info for EccMakeKey "peer" info */
-                ret = wc_ecc_set_curve(eccKey, kse->keyLen, curveId);
+                ret = wc_ecc_set_curve(eccKey, (int)kse->keyLen, curveId);
                 if (ret == 0) {
             #ifdef WOLFSSL_ASYNC_CRYPT
                     /* Detect when private key generation is done */
@@ -12572,7 +12577,7 @@ static int TLSX_GetSize(TLSX* list, byte* semaphore, byte msgType,
             continue; /* skip! */
 
         /* ssl level extensions are expected to override ctx level ones. */
-        if (!IS_OFF(semaphore, TLSX_ToSemaphore(extension->type)))
+        if (!IS_OFF(semaphore, TLSX_ToSemaphore((word16)extension->type)))
             continue; /* skip! */
 
         /* extension type + extension data length. */
@@ -12741,7 +12746,7 @@ static int TLSX_GetSize(TLSX* list, byte* semaphore, byte msgType,
 
         /* marks the extension as processed so ctx level */
         /* extensions don't overlap with ssl level ones. */
-        TURN_ON(semaphore, TLSX_ToSemaphore(extension->type));
+        TURN_ON(semaphore, TLSX_ToSemaphore((word16)extension->type));
     }
 
     *pLength += length;
@@ -12768,11 +12773,11 @@ static int TLSX_Write(TLSX* list, byte* output, byte* semaphore,
             continue; /* skip! */
 
         /* ssl level extensions are expected to override ctx level ones. */
-        if (!IS_OFF(semaphore, TLSX_ToSemaphore(extension->type)))
+        if (!IS_OFF(semaphore, TLSX_ToSemaphore((word16)extension->type)))
             continue; /* skip! */
 
         /* writes extension type. */
-        c16toa(extension->type, output + offset);
+        c16toa((word16)extension->type, output + offset);
         offset += HELLO_EXT_TYPE_SZ + OPAQUE16_LEN;
         length_offset = offset;
 
@@ -12995,7 +13000,7 @@ static int TLSX_Write(TLSX* list, byte* output, byte* semaphore,
 
         /* marks the extension as processed so ctx level */
         /* extensions don't overlap with ssl level ones. */
-        TURN_ON(semaphore, TLSX_ToSemaphore(extension->type));
+        TURN_ON(semaphore, TLSX_ToSemaphore((word16)extension->type));
 
         /* if we encountered an error propagate it */
         if (ret != 0)

diff --git a/src/tls13.c b/src/tls13.c
@@ -7028,7 +7028,7 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
     if (ret != 0)
         goto exit_dch;
 #else
-    if ((ret = HashInput(ssl, input + args->begin, helloSz)) != 0)
+    if ((ret = HashInput(ssl, input + args->begin, (int)helloSz)) != 0)
         goto exit_dch;
 #endif
 
@@ -7472,7 +7472,7 @@ int SendTls13ServerHello(WOLFSSL* ssl, byte extMsgType)
     }
 #endif /* WOLFSSL_DTLS13 */
 
-    ssl->buffers.outputBuffer.length += sendSz;
+    ssl->buffers.outputBuffer.length += (word32)sendSz;
 
     if (!ssl->options.groupMessages || extMsgType != server_hello)
         ret = SendBuffered(ssl);
@@ -7620,11 +7620,12 @@ static int SendTls13EncryptedExtensions(WOLFSSL* ssl)
 
     /* This handshake message is always encrypted. */
     sendSz = BuildTls13Message(ssl, output, sendSz, output + RECORD_HEADER_SZ,
-                               idx - RECORD_HEADER_SZ, handshake, 1, 0, 0);
+                               (int)(idx - RECORD_HEADER_SZ),
+                               handshake, 1, 0, 0);
     if (sendSz < 0)
         return sendSz;
 
-    ssl->buffers.outputBuffer.length += sendSz;
+    ssl->buffers.outputBuffer.length += (word32)sendSz;
     ssl->options.buildingMsg = 0;
     ssl->options.serverState = SERVER_ENCRYPTED_EXTENSIONS_COMPLETE;
 
@@ -7650,7 +7651,7 @@ static int SendTls13EncryptedExtensions(WOLFSSL* ssl)
  * returns 0 on success, otherwise failure.
  */
 static int SendTls13CertificateRequest(WOLFSSL* ssl, byte* reqCtx,
-                                       int reqCtxLen)
+                                       word32 reqCtxLen)
 {
     byte*   output;
     int    ret;
@@ -7738,7 +7739,7 @@ static int SendTls13CertificateRequest(WOLFSSL* ssl, byte* reqCtx,
 
     /* Always encrypted. */
     sendSz = BuildTls13Message(ssl, output, sendSz, output + RECORD_HEADER_SZ,
-                               i - RECORD_HEADER_SZ, handshake, 1, 0, 0);
+                               (int)(i - RECORD_HEADER_SZ), handshake, 1, 0, 0);
     if (sendSz < 0)
         return sendSz;
 
@@ -7753,7 +7754,7 @@ static int SendTls13CertificateRequest(WOLFSSL* ssl, byte* reqCtx,
         }
     #endif
 
-    ssl->buffers.outputBuffer.length += sendSz;
+    ssl->buffers.outputBuffer.length += (word32)sendSz;
     ssl->options.buildingMsg = 0;
     if (!ssl->options.groupMessages)
         ret = SendBuffered(ssl);
@@ -8524,7 +8525,7 @@ static int SendTls13Certificate(WOLFSSL* ssl)
         certSz = 0;
         certChainSz = 0;
         headerSz = OPAQUE8_LEN + certReqCtxLen + CERT_HEADER_SZ;
-        length = headerSz;
+        length = (sword32)headerSz;
         listSz = 0;
     }
     else {
@@ -8556,7 +8557,7 @@ static int SendTls13Certificate(WOLFSSL* ssl)
         }
 
         /* Length of message data with one certificate and extensions. */
-        length = headerSz + certSz + extSz;
+        length = (sword32)(headerSz + certSz + extSz);
         /* Length of list data with one certificate and extensions. */
         listSz = CERT_HEADER_SZ + certSz + extSz;
 
@@ -8565,15 +8566,15 @@ static int SendTls13Certificate(WOLFSSL* ssl)
             p = ssl->buffers.certChain->buffer;
             /* Chain length including extensions. */
             certChainSz = ssl->buffers.certChain->length +
-                          OPAQUE16_LEN * ssl->buffers.certChainCnt;
+                          OPAQUE16_LEN * (word32)ssl->buffers.certChainCnt;
             length += certChainSz;
             listSz += certChainSz;
         }
         else
             certChainSz = 0;
     }
 
-    payloadSz = length;
+    payloadSz = (word32)length;
 
     if (ssl->fragOffset != 0)
         length -= (ssl->fragOffset + headerSz);
@@ -8717,7 +8718,8 @@ static int SendTls13Certificate(WOLFSSL* ssl)
         {
             /* This message is always encrypted. */
             sendSz = BuildTls13Message(ssl, output, sendSz,
-                output + RECORD_HEADER_SZ, i - RECORD_HEADER_SZ, handshake, 1,
+                output + RECORD_HEADER_SZ, (int)(i - RECORD_HEADER_SZ),
+                handshake, 1,
                 0, 0);
             if (sendSz < 0)
                 return sendSz;
@@ -8733,7 +8735,7 @@ static int SendTls13Certificate(WOLFSSL* ssl)
             }
 #endif
 
-            ssl->buffers.outputBuffer.length += sendSz;
+            ssl->buffers.outputBuffer.length += (word32)sendSz;
             ssl->options.buildingMsg = 0;
             if (!ssl->options.groupMessages)
                 ret = SendBuffered(ssl);
@@ -9168,7 +9170,8 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
         #endif /* !NO_RSA */
         #ifdef HAVE_ECC
             if (ssl->hsType == DYNAMIC_TYPE_ECC) {
-                args->sigLen = args->sendSz - args->idx - HASH_SIG_SIZE -
+                args->sigLen = (word32)args->sendSz - args->idx -
+                               HASH_SIG_SIZE -
                                VERIFY_HEADER;
             #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
                 if (ssl->buffers.keyType != sm2_sa_algo)
@@ -9593,7 +9596,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
             }
         #endif
 
-            ssl->buffers.outputBuffer.length += args->sendSz;
+            ssl->buffers.outputBuffer.length += (word32)args->sendSz;
             ssl->options.buildingMsg = 0;
             if (!ssl->options.groupMessages)
                 ret = SendBuffered(ssl);
@@ -10884,7 +10887,8 @@ static int SendTls13Finished(WOLFSSL* ssl)
         input = output + Dtls13GetRlHeaderLength(ssl, 1);
 #endif /* WOLFSSL_DTLS13 */
 
-    AddTls13HandShakeHeader(input, (word32)finishedSz, 0, finishedSz, finished, ssl);
+    AddTls13HandShakeHeader(input, (word32)finishedSz, 0, (word32)finishedSz,
+            finished, ssl);
 
 #if defined(WOLFSSL_RENESAS_TSIP_TLS)
     if (ssl->options.side == WOLFSSL_CLIENT_END) {
@@ -10969,7 +10973,7 @@ static int SendTls13Finished(WOLFSSL* ssl)
             }
         #endif
 
-        ssl->buffers.outputBuffer.length += sendSz;
+        ssl->buffers.outputBuffer.length += (word32)sendSz;
         ssl->options.buildingMsg = 0;
     }
 
@@ -11178,7 +11182,7 @@ static int SendTls13KeyUpdate(WOLFSSL* ssl)
             }
         #endif
 
-        ssl->buffers.outputBuffer.length += sendSz;
+        ssl->buffers.outputBuffer.length += (word32)sendSz;
 
         ret = SendBuffered(ssl);