From ca84af553cbaae45b17cce04d457b2e61cc4277c Mon Sep 17 00:00:00 2001 From: Paul Selkirk Date: Mon, 23 Oct 2017 18:05:31 -0400 Subject: Cleanup signed/unsigned mismatches, mostly in loop counters --- aes_keywrap.c | 16 ++++++------- asn1.c | 16 ++++++------- core.c | 2 +- ecdsa.c | 12 +++++----- hash.c | 12 +++++----- ks.c | 61 +++++++++++++++++++++++++---------------------- ks_attribute.c | 4 ++-- ks_index.c | 4 ++-- ks_token.c | 8 +++---- ks_volatile.c | 2 +- pbkdf2.c | 10 +------- rpc_api.c | 2 +- rpc_hash.c | 6 ++--- rpc_misc.c | 10 ++++---- rpc_pkey.c | 8 +++---- rpc_server.c | 22 ++++++++--------- rsa.c | 8 +++---- slip.c | 2 +- tests/test-aes-key-wrap.c | 2 +- tests/test-ecdsa.c | 2 +- tests/test-hash.c | 2 +- tests/test-pbkdf2.c | 2 +- tests/test-rsa.c | 4 ++-- utils/cores.c | 2 +- xdr.c | 9 +++---- 25 files changed, 112 insertions(+), 116 deletions(-) diff --git a/aes_keywrap.c b/aes_keywrap.c index d7701f0..355cb0b 100644 --- a/aes_keywrap.c +++ b/aes_keywrap.c @@ -165,8 +165,7 @@ hal_error_t hal_aes_keywrap(hal_core_t *core, { const size_t calculated_C_len = hal_aes_keywrap_ciphertext_length(m); hal_error_t err; - uint32_t n; - long i, j; + size_t n; assert(calculated_C_len % 8 == 0); @@ -202,8 +201,8 @@ hal_error_t hal_aes_keywrap(hal_core_t *core, } else { - for (j = 0; j <= 5; j++) { - for (i = 1; i <= n; i++) { + for (size_t j = 0; j <= 5; j++) { + for (size_t i = 1; i <= n; i++) { uint32_t t = n * j + i; if ((err = do_block(core, C, C + i * 8)) != HAL_OK) goto out; @@ -235,8 +234,7 @@ hal_error_t hal_aes_keyunwrap(hal_core_t * core, size_t *Q_len) { hal_error_t err; - uint32_t n; - long i, j; + size_t n; size_t m; if (C == NULL || Q == NULL || C_len % 8 != 0 || C_len < 16 || Q_len == NULL || *Q_len < C_len) @@ -259,8 +257,8 @@ hal_error_t hal_aes_keyunwrap(hal_core_t * core, } else { - for (j = 5; j >= 0; j--) { - for (i = n; i >= 1; i--) { + for (long j = 5; j >= 0; j--) { + for (size_t i = n; i >= 1; i--) { uint32_t t = n * j + i; Q[7] ^= t & 0xFF; t >>= 8; Q[6] ^= t & 0xFF; t >>= 8; @@ -285,7 +283,7 @@ hal_error_t hal_aes_keyunwrap(hal_core_t * core, } if (m % 8 != 0) - for (i = m + 8; i < 8 * (n + 1); i++) + for (size_t i = m + 8; i < 8 * (n + 1); i++) if (Q[i] != 0x00) { err = HAL_ERROR_KEYWRAP_BAD_PADDING; goto out; diff --git a/asn1.c b/asn1.c index 73e34b6..a653b45 100644 --- a/asn1.c +++ b/asn1.c @@ -517,7 +517,7 @@ hal_error_t hal_asn1_decode_spki(const uint8_t **alg_oid, size_t *alg_oid_len, if ((err = hal_asn1_decode_header(ASN1_OBJECT_IDENTIFIER, d, algid_end - d, &hlen, &vlen)) != HAL_OK) return err; d += hlen; - if (vlen > algid_end - d) + if (vlen > (size_t)(algid_end - d)) return HAL_ERROR_ASN1_PARSE_FAILED; if (alg_oid != NULL) *alg_oid = d; @@ -537,7 +537,7 @@ hal_error_t hal_asn1_decode_spki(const uint8_t **alg_oid, size_t *alg_oid_len, if ((err = hal_asn1_decode_header(ASN1_OBJECT_IDENTIFIER, d, algid_end - d, &hlen, &vlen)) != HAL_OK) return err; d += hlen; - if (vlen > algid_end - d) + if (vlen > (size_t)(algid_end - d)) return HAL_ERROR_ASN1_PARSE_FAILED; if (curve_oid != NULL) *curve_oid = d; @@ -564,7 +564,7 @@ hal_error_t hal_asn1_decode_spki(const uint8_t **alg_oid, size_t *alg_oid_len, if ((err = hal_asn1_decode_header(ASN1_BIT_STRING, d, der_end - d, &hlen, &vlen)) != HAL_OK) return err; d += hlen; - if (vlen >= algid_end - d || vlen == 0 || *d != 0x00) + if (vlen >= (size_t)(algid_end - d) || vlen == 0 || *d != 0x00) return HAL_ERROR_ASN1_PARSE_FAILED; ++d; --vlen; if (pubkey != NULL) @@ -620,7 +620,7 @@ hal_error_t hal_asn1_decode_pkcs8_privatekeyinfo(const uint8_t **alg_oid, size if ((err = hal_asn1_decode_header(ASN1_OBJECT_IDENTIFIER, d, algid_end - d, &hlen, &vlen)) != HAL_OK) return err; d += hlen; - if (vlen > algid_end - d) + if (vlen > (size_t)(algid_end - d)) return HAL_ERROR_ASN1_PARSE_FAILED; if (alg_oid != NULL) *alg_oid = d; @@ -640,7 +640,7 @@ hal_error_t hal_asn1_decode_pkcs8_privatekeyinfo(const uint8_t **alg_oid, size if ((err = hal_asn1_decode_header(ASN1_OBJECT_IDENTIFIER, d, algid_end - d, &hlen, &vlen)) != HAL_OK) return err; d += hlen; - if (vlen > algid_end - d) + if (vlen > (size_t)(algid_end - d)) return HAL_ERROR_ASN1_PARSE_FAILED; if (curve_oid != NULL) *curve_oid = d; @@ -667,7 +667,7 @@ hal_error_t hal_asn1_decode_pkcs8_privatekeyinfo(const uint8_t **alg_oid, size if ((err = hal_asn1_decode_header(ASN1_OCTET_STRING, d, der_end - d, &hlen, &vlen)) != HAL_OK) return err; d += hlen; - if (vlen >= algid_end - d) + if (vlen >= (size_t)(algid_end - d)) return HAL_ERROR_ASN1_PARSE_FAILED; if (privkey != NULL) *privkey = d; @@ -714,7 +714,7 @@ hal_error_t hal_asn1_decode_pkcs8_encryptedprivatekeyinfo(const uint8_t **alg_oi if ((err = hal_asn1_decode_header(ASN1_OBJECT_IDENTIFIER, d, algid_end - d, &hlen, &vlen)) != HAL_OK) return err; d += hlen; - if (vlen > algid_end - d) + if (vlen > (size_t)(algid_end - d)) return HAL_ERROR_ASN1_PARSE_FAILED; if (alg_oid != NULL) *alg_oid = d; @@ -736,7 +736,7 @@ hal_error_t hal_asn1_decode_pkcs8_encryptedprivatekeyinfo(const uint8_t **alg_oi if ((err = hal_asn1_decode_header(ASN1_OCTET_STRING, d, der_end - d, &hlen, &vlen)) != HAL_OK) return err; d += hlen; - if (vlen >= algid_end - d) + if (vlen >= (size_t)(algid_end - d)) return HAL_ERROR_ASN1_PARSE_FAILED; if (data != NULL) *data = d; diff --git a/core.c b/core.c index 931de5e..f80735c 100644 --- a/core.c +++ b/core.c @@ -135,7 +135,7 @@ static hal_core_t *probe_cores(void) if (core->info.name[0] == 0x00 || core->info.name[0] == 0xff) continue; - for (int i = 0; i < sizeof(gaps)/sizeof(*gaps); i++) { + for (size_t i = 0; i < sizeof(gaps)/sizeof(*gaps); i++) { if (name_matches(core, gaps[i].name)) { addr += gaps[i].extra; break; diff --git a/ecdsa.c b/ecdsa.c index 170a24c..28cfa02 100644 --- a/ecdsa.c +++ b/ecdsa.c @@ -805,18 +805,18 @@ static hal_error_t verilog_point_pick_random(const verilog_ecdsa_driver_t * cons memset(b, 0, sizeof(b)); fp_to_unsigned_bin(k, b + sizeof(b) - len); - for (int i = 0; i < sizeof(b); i += 4) + for (size_t i = 0; i < sizeof(b); i += 4) check(hal_io_write(core, driver->k_addr + i/4, &b[sizeof(b) - 4 - i], 4)); check(hal_io_write(core, ADDR_CTRL, zero, sizeof(zero))); check(hal_io_next(core)); check(hal_io_wait_valid(core)); - for (int i = 0; i < sizeof(b); i += 4) + for (size_t i = 0; i < sizeof(b); i += 4) check(hal_io_read(core, driver->x_addr + i/4, &b[sizeof(b) - 4 - i], 4)); fp_read_unsigned_bin(P->x, b, sizeof(b)); - for (int i = 0; i < sizeof(b); i += 4) + for (size_t i = 0; i < sizeof(b); i += 4) check(hal_io_read(core, driver->y_addr + i/4, &b[sizeof(b) - 4 - i], 4)); fp_read_unsigned_bin(P->y, b, sizeof(b)); @@ -1421,7 +1421,7 @@ hal_error_t hal_ecdsa_private_key_from_der(hal_ecdsa_key_t **key_, if ((err = hal_asn1_decode_header(ASN1_EXPLICIT_1, d, der_end - d, &hlen, &vlen)) != HAL_OK) goto fail; d += hlen; - if (vlen > der_end - d) + if (vlen > (size_t)(der_end - d)) lose(HAL_ERROR_ASN1_PARSE_FAILED); if ((err = hal_asn1_decode_header(ASN1_BIT_STRING, d, vlen, &hlen, &vlen)) != HAL_OK) goto fail; @@ -1529,7 +1529,7 @@ hal_error_t hal_ecdsa_public_key_from_der(hal_ecdsa_key_t **key_, memcmp(alg_oid, hal_asn1_oid_ecPublicKey, alg_oid_len) != 0 || hal_ecdsa_oid_to_curve(&key->curve, curve_oid, curve_oid_len) != HAL_OK || pubkey_len < 3 || (pubkey_len & 1) == 0 || pubkey[0] != 0x04 || - pubkey_len / 2 != fp_unsigned_bin_size(unconst_fp_int(get_curve(key->curve)->q))) + pubkey_len / 2 != (size_t)(fp_unsigned_bin_size(unconst_fp_int(get_curve(key->curve)->q)))) return HAL_ERROR_ASN1_PARSE_FAILED; const uint8_t * const Qx = pubkey + 1; @@ -1595,7 +1595,7 @@ static hal_error_t decode_signature_pkcs11(const ecdsa_curve_t * const curve, const size_t n_len = signature_len / 2; - if (n_len > fp_unsigned_bin_size(unconst_fp_int(curve->n))) + if (n_len > (size_t)(fp_unsigned_bin_size(unconst_fp_int(curve->n)))) return HAL_ERROR_BAD_ARGUMENTS; fp_read_unsigned_bin(r, unconst_uint8_t(signature) + 0 * n_len, n_len); diff --git a/hash.c b/hash.c index fa30b60..d1e55ff 100644 --- a/hash.c +++ b/hash.c @@ -302,7 +302,7 @@ static inline hal_hash_state_t *alloc_static_hash_state(void) #if HAL_STATIC_HASH_STATE_BLOCKS > 0 - for (int i = 0; i < sizeof(static_hash_state)/sizeof(*static_hash_state); i++) + for (size_t i = 0; i < sizeof(static_hash_state)/sizeof(*static_hash_state); i++) if ((static_hash_state[i].flags & STATE_FLAG_STATE_ALLOCATED) == 0) return &static_hash_state[i]; @@ -316,7 +316,7 @@ static inline hal_hmac_state_t *alloc_static_hmac_state(void) #if HAL_STATIC_HMAC_STATE_BLOCKS > 0 - for (int i = 0; i < sizeof(static_hmac_state)/sizeof(*static_hmac_state); i++) + for (size_t i = 0; i < sizeof(static_hmac_state)/sizeof(*static_hmac_state); i++) if ((static_hmac_state[i].hash_state.flags & STATE_FLAG_STATE_ALLOCATED) == 0) return &static_hmac_state[i]; @@ -347,8 +347,8 @@ static inline void swytebop(void *out_, const void * const in_, const size_t n, return; case 0x04030201: - for (int i = 0; i < n; i += w) - for (int j = 0; j < w && i + j < n; j++) + for (size_t i = 0; i < n; i += w) + for (size_t j = 0; j < w && i + j < n; j++) out[i + j] = in[i + w - j - 1]; return; @@ -647,7 +647,7 @@ hal_error_t hal_hash_finalize(hal_hash_state_t *state, /* Opaqu hal_error_t err; uint8_t *p; size_t n; - int i; + size_t i; if (state == NULL || digest_buffer == NULL) return HAL_ERROR_BAD_ARGUMENTS; @@ -745,7 +745,7 @@ hal_error_t hal_hmac_initialize(hal_core_t *core, const hal_hash_driver_t * const driver = check_driver(descriptor); hal_hmac_state_t *state = state_buffer; hal_error_t err; - int i; + size_t i; if (descriptor == NULL || driver == NULL || state_ == NULL) return HAL_ERROR_BAD_ARGUMENTS; diff --git a/ks.c b/ks.c index a4e7498..000e109 100644 --- a/ks.c +++ b/ks.c @@ -54,14 +54,19 @@ const hal_uuid_t hal_ks_pin_uuid = {{0}}; * result, leave the lru values alone and the right thing will happen. */ +#define BLOCK_UNUSED ((unsigned) -1) +/* Previous code used one's-complement ~0, which is exactly equal to + * two's-complement -1, but more obscure. + */ + hal_ks_block_t *hal_ks_cache_pick_lru(hal_ks_t *ks) { uint32_t best_delta = 0; int best_index = 0; - for (int i = 0; i < ks->cache_size; i++) { + for (unsigned i = 0; i < ks->cache_size; i++) { - if (ks->cache[i].blockno == ~0) + if (ks->cache[i].blockno == BLOCK_UNUSED) return &ks->cache[i].block; const unsigned delta = ks->cache_lru - ks->cache[i].lru; @@ -72,7 +77,7 @@ hal_ks_block_t *hal_ks_cache_pick_lru(hal_ks_t *ks) } - ks->cache[best_index].blockno = ~0; + ks->cache[best_index].blockno = BLOCK_UNUSED; return &ks->cache[best_index].block; } @@ -82,7 +87,7 @@ hal_ks_block_t *hal_ks_cache_pick_lru(hal_ks_t *ks) hal_ks_block_t *hal_ks_cache_find_block(const hal_ks_t * const ks, const unsigned blockno) { - for (int i = 0; i < ks->cache_size; i++) + for (unsigned i = 0; i < ks->cache_size; i++) if (ks->cache[i].blockno == blockno) return &ks->cache[i].block; return NULL; @@ -94,7 +99,7 @@ hal_ks_block_t *hal_ks_cache_find_block(const hal_ks_t * const ks, const unsigne void hal_ks_cache_mark_used(hal_ks_t *ks, const hal_ks_block_t * const block, const unsigned blockno) { - for (int i = 0; i < ks->cache_size; i++) { + for (unsigned i = 0; i < ks->cache_size; i++) { if (&ks->cache[i].block == block) { ks->cache[i].blockno = blockno; ks->cache[i].lru = ++ks->cache_lru; @@ -110,7 +115,7 @@ void hal_ks_cache_mark_used(hal_ks_t *ks, const hal_ks_block_t * const block, co void hal_ks_cache_release(hal_ks_t *ks, const hal_ks_block_t * const block) { if (block != NULL) - hal_ks_cache_mark_used(ks, block, ~0); + hal_ks_cache_mark_used(ks, block, BLOCK_UNUSED); } /* @@ -283,8 +288,8 @@ hal_error_t hal_ks_init_common(hal_ks_t *ks) ks->used = 0; - for (int i = 0; i < ks->cache_size; i++) - ks->cache[i].blockno = ~0; + for (unsigned i = 0; i < ks->cache_size; i++) + ks->cache[i].blockno = BLOCK_UNUSED; /* * Scan existing content of keystore to figure out what we've got. @@ -295,14 +300,14 @@ hal_error_t hal_ks_init_common(hal_ks_t *ks) hal_ks_block_type_t block_types[ks->size]; hal_ks_block_status_t block_status[ks->size]; hal_ks_block_t *block = hal_ks_cache_pick_lru(ks); - int first_erased = -1; + unsigned first_erased = BLOCK_UNUSED; hal_error_t err; uint16_t n = 0; if (block == NULL) return HAL_ERROR_IMPOSSIBLE; - for (int i = 0; i < ks->size; i++) { + for (unsigned i = 0; i < ks->size; i++) { /* * Read one block. If the CRC is bad or the block type is @@ -340,7 +345,7 @@ hal_error_t hal_ks_init_common(hal_ks_t *ks) * First erased block we see is head of the free list. */ - if (block_types[i] == HAL_KS_BLOCK_TYPE_ERASED && first_erased < 0) + if (block_types[i] == HAL_KS_BLOCK_TYPE_ERASED && first_erased == BLOCK_UNUSED) first_erased = i; /* @@ -378,22 +383,22 @@ hal_error_t hal_ks_init_common(hal_ks_t *ks) */ if (n < ks->size) - for (int i = 0; i < ks->size; i++) + for (unsigned i = 0; i < ks->size; i++) if (block_types[i] == HAL_KS_BLOCK_TYPE_ERASED) ks->index[n++] = i; - if (n < ks->size) - for (int i = first_erased; i < ks->size; i++) + if (n < ks->size && first_erased != BLOCK_UNUSED) + for (unsigned i = first_erased; i < ks->size; i++) if (block_types[i] == HAL_KS_BLOCK_TYPE_ZEROED) ks->index[n++] = i; - if (n < ks->size) - for (int i = 0; i < first_erased; i++) + if (n < ks->size && first_erased != BLOCK_UNUSED) + for (unsigned i = 0; i < first_erased; i++) if (block_types[i] == HAL_KS_BLOCK_TYPE_ZEROED) ks->index[n++] = i; if (n < ks->size) - for (int i = 0; i < ks->size; i++) + for (unsigned i = 0; i < ks->size; i++) if (block_types[i] == HAL_KS_BLOCK_TYPE_UNKNOWN) ks->index[n++] = i; @@ -427,16 +432,16 @@ hal_error_t hal_ks_init_common(hal_ks_t *ks) return err; if (b_tomb != ks->index[where]) { - if (ks->used > where + 1 && b_tomb == ks->index[where + 1]) + if ((int)ks->used > where + 1 && b_tomb == ks->index[where + 1]) where = where + 1; - else if (0 <= where - 1 && b_tomb == ks->index[where - 1]) + else if (0 <= where - 1 && b_tomb == ks->index[where - 1]) where = where - 1; else return HAL_ERROR_IMPOSSIBLE; } - const int matches_next = where + 1 < ks->used && !hal_uuid_cmp(&name, &ks->names[ks->index[where + 1]]); - const int matches_prev = where - 1 >= 0 && !hal_uuid_cmp(&name, &ks->names[ks->index[where - 1]]); + const int matches_next = where + 1 < (int)ks->used && !hal_uuid_cmp(&name, &ks->names[ks->index[where + 1]]); + const int matches_prev = where - 1 >= 0 && !hal_uuid_cmp(&name, &ks->names[ks->index[where - 1]]); if ((matches_prev && matches_next) || (matches_prev && block_status[ks->index[b_tomb - 1]] != HAL_KS_BLOCK_STATUS_LIVE) || @@ -720,7 +725,7 @@ hal_error_t hal_ks_match(hal_ks_t *ks, else if (err != HAL_OK) goto done; - while (*result_len < result_max && ++i < ks->used) { + while (*result_len < result_max && ++i < (int)ks->used) { unsigned b = ks->index[i]; @@ -756,7 +761,7 @@ hal_error_t hal_ks_match(hal_ks_t *ks, if ((err = hal_ks_attribute_scan(bytes, bytes_len, attrs, *attrs_len, NULL)) != HAL_OK) goto done; - for (int j = 0; possible && j < attributes_len; j++) { + for (unsigned j = 0; possible && j < attributes_len; j++) { if (!need_attr[j]) continue; @@ -822,7 +827,7 @@ hal_error_t hal_ks_set_attributes(hal_ks_t *ks, if ((err = hal_ks_attribute_scan(bytes, bytes_len, attrs, *attrs_len, &total)) != HAL_OK) goto done; - for (int i = 0; err == HAL_OK && i < attributes_len; i++) + for (unsigned i = 0; err == HAL_OK && i < attributes_len; i++) if (attributes[i].length == HAL_PKEY_ATTRIBUTE_NIL) err = hal_ks_attribute_delete(bytes, bytes_len, attrs, attrs_len, &total, attributes[i].type); @@ -854,7 +859,7 @@ hal_error_t hal_ks_get_attributes(hal_ks_t *ks, attributes_buffer == NULL) return HAL_ERROR_BAD_ARGUMENTS; - for (int i = 0; i < attributes_len; i++) { + for (unsigned i = 0; i < attributes_len; i++) { attributes[i].length = 0; attributes[i].value = NULL; } @@ -892,12 +897,12 @@ hal_error_t hal_ks_get_attributes(hal_ks_t *ks, if ((err = hal_ks_attribute_scan(bytes, bytes_len, attrs, *attrs_len, NULL)) != HAL_OK) goto done; - for (int i = 0; i < attributes_len; i++) { + for (unsigned i = 0; i < attributes_len; i++) { if (attributes[i].length > 0) continue; - int j = 0; + unsigned j = 0; while (j < *attrs_len && attrs[j].type != attributes[i].type) j++; if (j >= *attrs_len) @@ -909,7 +914,7 @@ hal_error_t hal_ks_get_attributes(hal_ks_t *ks, if (attributes_buffer_len == 0) continue; - if (attrs[j].length > attributes_buffer + attributes_buffer_len - abuf) { + if (attrs[j].length > (size_t)(attributes_buffer + attributes_buffer_len - abuf)) { err = HAL_ERROR_RESULT_TOO_LONG; goto done; } diff --git a/ks_attribute.c b/ks_attribute.c index ec674f5..1eefefb 100644 --- a/ks_attribute.c +++ b/ks_attribute.c @@ -89,7 +89,7 @@ hal_error_t hal_ks_attribute_scan(const uint8_t * const bytes, const size_t byte const uint8_t *b = bytes; const uint8_t * const end = bytes + bytes_len; - for (int i = 0; i < attributes_len; i++) { + for (unsigned i = 0; i < attributes_len; i++) { uint32_t type; size_t length; hal_error_t err = read_header(b, end - b, &type, &length); @@ -125,7 +125,7 @@ hal_error_t hal_ks_attribute_delete(uint8_t *bytes, const size_t bytes_len, * attribute of any given type. */ - int i = 0; + unsigned i = 0; while (i < *attributes_len && attributes[i].type != type) i++; diff --git a/ks_index.c b/ks_index.c index 644aecf..dcc0fe0 100644 --- a/ks_index.c +++ b/ks_index.c @@ -55,7 +55,7 @@ static int ks_find(const hal_ks_t * const ks, if (ks == NULL || ks->index == NULL || ks->names == NULL || uuid == NULL || where == NULL) return 0; - if (hint != NULL && *hint >= 0 && *hint < ks->used && + if (hint != NULL && *hint >= 0 && *hint < (int)ks->used && hal_uuid_cmp(uuid, &ks->names[ks->index[*hint]]) == 0) { *where = *hint; return 1; @@ -153,7 +153,7 @@ hal_error_t hal_ks_index_fsck(hal_ks_t *ks) ks->size == 0 || ks->used > ks->size) return HAL_ERROR_BAD_ARGUMENTS; - for (int i = 1; i < ks->used; i++) + for (unsigned i = 1; i < ks->used; i++) if (hal_uuid_cmp(&ks->names[ks->index[i - 1]], &ks->names[ks->index[i]]) >= 0) return HAL_ERROR_KS_INDEX_UUID_MISORDERED; diff --git a/ks_token.c b/ks_token.c index b96d279..4950f0b 100644 --- a/ks_token.c +++ b/ks_token.c @@ -404,7 +404,7 @@ hal_ks_t * const hal_ks_token = &_db.ks; void hal_ks_init_read_only_pins_only(void) { - unsigned b, best_seen = ~0; + unsigned b, best_seen = NUM_FLASH_BLOCKS; hal_ks_block_t block[1]; hal_ks_lock(); @@ -418,11 +418,11 @@ void hal_ks_init_read_only_pins_only(void) break; } - if (b != best_seen && best_seen != ~0 && + if (b != best_seen && best_seen != NUM_FLASH_BLOCKS && hal_ks_block_read(hal_ks_token, best_seen, block) != HAL_OK) - best_seen = ~0; + best_seen = NUM_FLASH_BLOCKS; - if (best_seen == ~0) { + if (best_seen == NUM_FLASH_BLOCKS) { memset(block, 0xFF, sizeof(*block)); block->pin.wheel_pin = hal_last_gasp_pin; } diff --git a/ks_volatile.c b/ks_volatile.c index 1586f3d..2d0abd4 100644 --- a/ks_volatile.c +++ b/ks_volatile.c @@ -227,7 +227,7 @@ static hal_error_t ks_volatile_logout(hal_ks_t *ks, if (ks != hal_ks_volatile || client.handle == HAL_HANDLE_NONE) return HAL_ERROR_IMPOSSIBLE; - for (int i = 0; i < ks->used; i++) { + for (unsigned i = 0; i < ks->used; i++) { unsigned b = ks->index[i]; hal_error_t err; int hint = i; diff --git a/pbkdf2.c b/pbkdf2.c index 690831f..0a1e57e 100644 --- a/pbkdf2.c +++ b/pbkdf2.c @@ -90,7 +90,6 @@ hal_error_t hal_pbkdf2(hal_core_t *core, unsigned iteration; hal_error_t err; uint32_t block; - int i; if (descriptor == NULL || password == NULL || salt == NULL || derived_key == NULL || derived_key_length == 0 || @@ -108,13 +107,6 @@ hal_error_t hal_pbkdf2(hal_core_t *core, memset(result, 0, sizeof(result)); memset(mac, 0, sizeof(mac)); -#if 1 - /* HACK - find the second sha256 core, to avoid interfering with rpc. - */ - core = hal_core_find(descriptor->core_name, NULL); - core = hal_core_find(descriptor->core_name, core); -#endif - /* * We probably should check here to see whether the password is * longer than the HMAC block size, and, if so, we should hash the @@ -153,7 +145,7 @@ hal_error_t hal_pbkdf2(hal_core_t *core, 0, mac, sizeof(mac))) != HAL_OK) return err; - for (i = 0; i < descriptor->digest_length; i++) + for (size_t i = 0; i < descriptor->digest_length; i++) result[i] ^= mac[i]; } diff --git a/rpc_api.c b/rpc_api.c index 1a2d268..1dc8869 100644 --- a/rpc_api.c +++ b/rpc_api.c @@ -352,7 +352,7 @@ hal_error_t hal_rpc_pkey_match(const hal_client_handle_t client, return HAL_ERROR_BAD_ARGUMENTS; if (attributes != NULL) - for (int i = 0; i < attributes_len; i++) + for (size_t i = 0; i < attributes_len; i++) if (attributes[i].value == NULL) return HAL_ERROR_BAD_ARGUMENTS; diff --git a/rpc_hash.c b/rpc_hash.c index 0811e81..13b6891 100644 --- a/rpc_hash.c +++ b/rpc_hash.c @@ -93,7 +93,7 @@ static inline handle_slot_t *alloc_handle(const int is_hmac) #if HAL_STATIC_HASH_STATE_BLOCKS > 0 if (!is_hmac) { - for (int i = 0; i < sizeof(hash_handle)/sizeof(*hash_handle); i++) { + for (size_t i = 0; i < sizeof(hash_handle)/sizeof(*hash_handle); i++) { if (hash_handle[i].state.hash != NULL) continue; hash_handle[i].hash_handle.handle = i | glop; @@ -104,7 +104,7 @@ static inline handle_slot_t *alloc_handle(const int is_hmac) #if HAL_STATIC_HMAC_STATE_BLOCKS > 0 if (is_hmac) { - for (int i = 0; i < sizeof(hmac_handle)/sizeof(*hmac_handle); i++) { + for (size_t i = 0; i < sizeof(hmac_handle)/sizeof(*hmac_handle); i++) { if (hmac_handle[i].state.hmac != NULL) continue; hmac_handle[i].hash_handle.handle = i | glop | HANDLE_FLAG_HMAC; @@ -124,7 +124,7 @@ static inline handle_slot_t *alloc_handle(const int is_hmac) static inline handle_slot_t *find_handle(const hal_hash_handle_t handle) { #if HAL_STATIC_HASH_STATE_BLOCKS > 0 || HAL_STATIC_HMAC_STATE_BLOCKS > 0 - const int i = (int) (handle.handle & 0xFFFF); + const size_t i = (size_t) (handle.handle & 0xFFFF); const int is_hmac = (handle.handle & HANDLE_FLAG_HMAC) != 0; #endif diff --git a/rpc_misc.c b/rpc_misc.c index 6e64af2..c27913c 100644 --- a/rpc_misc.c +++ b/rpc_misc.c @@ -116,12 +116,12 @@ static inline hal_error_t alloc_slot(const hal_client_handle_t client, #if HAL_STATIC_CLIENT_STATE_BLOCKS > 0 - for (int i = 0; slot == NULL && i < sizeof(client_handle)/sizeof(*client_handle); i++) + for (size_t i = 0; slot == NULL && i < sizeof(client_handle)/sizeof(*client_handle); i++) if (client_handle[i].logged_in != HAL_USER_NONE && client_handle[i].handle.handle == client.handle) slot = &client_handle[i]; - for (int i = 0; slot == NULL && i < sizeof(client_handle)/sizeof(*client_handle); i++) + for (size_t i = 0; slot == NULL && i < sizeof(client_handle)/sizeof(*client_handle); i++) if (client_handle[i].logged_in == HAL_USER_NONE) slot = &client_handle[i]; @@ -161,7 +161,7 @@ static inline client_slot_t *find_handle(const hal_client_handle_t handle) hal_critical_section_start(); #if HAL_STATIC_CLIENT_STATE_BLOCKS > 0 - for (int i = 0; slot == NULL && i < sizeof(client_handle)/sizeof(*client_handle); i++) + for (size_t i = 0; slot == NULL && i < sizeof(client_handle)/sizeof(*client_handle); i++) if (client_handle[i].logged_in != HAL_USER_NONE && client_handle[i].handle.handle == handle.handle) slot = &client_handle[i]; #endif @@ -191,7 +191,7 @@ static hal_error_t login(const hal_client_handle_t client, return err; unsigned diff = 0; - for (int i = 0; i < sizeof(buf); i++) + for (size_t i = 0; i < sizeof(buf); i++) diff |= buf[i] ^ p->pin[i]; if (diff != 0) { @@ -227,7 +227,7 @@ static hal_error_t logout_all(void) client_slot_t *slot; hal_error_t err; - int i = 0; + size_t i = 0; do { diff --git a/rpc_pkey.c b/rpc_pkey.c index 3d4a379..55cc054 100644 --- a/rpc_pkey.c +++ b/rpc_pkey.c @@ -78,7 +78,7 @@ static inline hal_pkey_slot_t *alloc_slot(const hal_key_flags_t flags) if ((flags & HAL_KEY_FLAG_TOKEN) != 0) glop |= HAL_PKEY_HANDLE_TOKEN_FLAG; - for (int i = 0; slot == NULL && i < sizeof(pkey_slot)/sizeof(*pkey_slot); i++) { + for (size_t i = 0; slot == NULL && i < sizeof(pkey_slot)/sizeof(*pkey_slot); i++) { if (pkey_slot[i].pkey.handle != HAL_HANDLE_NONE) continue; memset(&pkey_slot[i], 0, sizeof(pkey_slot[i])); @@ -118,7 +118,7 @@ static inline hal_pkey_slot_t *find_handle(const hal_pkey_handle_t handle) hal_critical_section_start(); #if HAL_STATIC_PKEY_STATE_BLOCKS > 0 - const int i = (int) (handle.handle & 0xFFFF); + const size_t i = handle.handle & 0xFFFF; if (i < sizeof(pkey_slot)/sizeof(*pkey_slot) && pkey_slot[i].pkey.handle == handle.handle) slot = &pkey_slot[i]; @@ -145,7 +145,7 @@ hal_error_t hal_pkey_logout(const hal_client_handle_t client) hal_critical_section_start(); - for (int i = 0; i < sizeof(pkey_slot)/sizeof(*pkey_slot); i++) + for (size_t i = 0; i < sizeof(pkey_slot)/sizeof(*pkey_slot); i++) if (pkey_slot[i].pkey.handle == client.handle) memset(&pkey_slot[i], 0, sizeof(pkey_slot[i])); @@ -894,7 +894,7 @@ static hal_error_t pkey_local_verify_rsa(uint8_t *keybuf, const size_t keybuf_le return err; unsigned diff = 0; - for (int i = 0; i < signature_len; i++) + for (size_t i = 0; i < signature_len; i++) diff |= expected[i] ^ received[i + sizeof(received) - sizeof(expected)]; if (diff != 0) diff --git a/rpc_server.c b/rpc_server.c index f64d7d6..4a5fa4c 100644 --- a/rpc_server.c +++ b/rpc_server.c @@ -74,7 +74,7 @@ static hal_error_t get_random(const uint8_t **iptr, const uint8_t * const ilimit check(hal_xdr_decode_int(iptr, ilimit, &client.handle)); check(hal_xdr_decode_int(iptr, ilimit, &length)); /* sanity check length */ - if (length == 0 || length > olimit - *optr - 4) + if (length == 0 || length > (uint32_t)(olimit - *optr - 4)) return HAL_ERROR_RPC_PACKET_OVERFLOW; /* call the local function */ @@ -206,7 +206,7 @@ static hal_error_t hash_get_digest_algorithm_id(const uint8_t **iptr, const uint check(hal_xdr_decode_int(iptr, ilimit, &alg)); check(hal_xdr_decode_int(iptr, ilimit, &len_max)); /* sanity check len_max */ - if (len_max > olimit - *optr - 4) + if (len_max > (uint32_t)(olimit - *optr - 4)) return HAL_ERROR_RPC_PACKET_OVERFLOW; /* call the local function */ @@ -301,7 +301,7 @@ static hal_error_t hash_finalize(const uint8_t **iptr, const uint8_t * const ili check(hal_xdr_decode_int(iptr, ilimit, &hash.handle)); check(hal_xdr_decode_int(iptr, ilimit, &length)); /* sanity check length */ - if (length == 0 || length > olimit - *optr - 4) + if (length == 0 || length > (uint32_t)(olimit - *optr - 4)) return HAL_ERROR_RPC_PACKET_OVERFLOW; /* call the local function */ @@ -559,7 +559,7 @@ static hal_error_t pkey_get_public_key(const uint8_t **iptr, const uint8_t * con check(hal_xdr_decode_int(iptr, ilimit, &pkey.handle)); check(hal_xdr_decode_int(iptr, ilimit, &len_max)); /* sanity check len_max */ - if (len_max > olimit - *optr - 4) + if (len_max > (uint32_t)(olimit - *optr - 4)) return HAL_ERROR_RPC_PACKET_OVERFLOW; /* call the local function */ @@ -597,7 +597,7 @@ static hal_error_t pkey_sign(const uint8_t **iptr, const uint8_t * const ilimit, check(hal_xdr_decode_buffer_in_place(iptr, ilimit, &input, &input_len)); check(hal_xdr_decode_int(iptr, ilimit, &sig_max)); /* sanity check sig_max */ - if (sig_max > olimit - *optr - 4) + if (sig_max > (uint32_t)(olimit - *optr - 4)) return HAL_ERROR_RPC_PACKET_OVERFLOW; /* call the local function */ @@ -657,7 +657,7 @@ static hal_error_t pkey_match(const uint8_t **iptr, const uint8_t * const ilimit hal_pkey_attribute_t attributes[attributes_len > 0 ? attributes_len : 1]; - for (int i = 0; i < attributes_len; i++) { + for (size_t i = 0; i < attributes_len; i++) { hal_pkey_attribute_t *a = &attributes[i]; const uint8_t *value; uint32_t value_len; @@ -690,7 +690,7 @@ static hal_error_t pkey_match(const uint8_t **iptr, const uint8_t * const ilimit if (ret == HAL_OK) ret = hal_xdr_encode_int(optr, olimit, result_len); - for (int i = 0; ret == HAL_OK && i < result_len; ++i) + for (size_t i = 0; ret == HAL_OK && i < result_len; ++i) ret = hal_xdr_encode_buffer(optr, olimit, result[i].uuid, sizeof(result[i].uuid)); if (ret != HAL_OK) @@ -713,7 +713,7 @@ static hal_error_t pkey_set_attributes(const uint8_t **iptr, const uint8_t * con hal_pkey_attribute_t attributes[attributes_len > 0 ? attributes_len : 1]; - for (int i = 0; i < attributes_len; i++) { + for (size_t i = 0; i < attributes_len; i++) { hal_pkey_attribute_t *a = &attributes[i]; check(hal_xdr_decode_int(iptr, ilimit, &a->type)); const uint8_t *iptr_prior_to_decoding_length = *iptr; @@ -749,14 +749,14 @@ static hal_error_t pkey_get_attributes(const uint8_t **iptr, const uint8_t * con hal_pkey_attribute_t attributes[attributes_len > 0 ? attributes_len : 1]; - for (int i = 0; i < attributes_len; i++) + for (size_t i = 0; i < attributes_len; i++) check(hal_xdr_decode_int(iptr, ilimit, &attributes[i].type)); check(hal_xdr_decode_int(iptr, ilimit, &u32)); const size_t attributes_buffer_len = u32; - if (nargs(1 + 2 * attributes_len) + attributes_buffer_len > olimit - *optr) + if (nargs(1 + 2 * attributes_len) + attributes_buffer_len > (uint32_t)(olimit - *optr)) return HAL_ERROR_RPC_PACKET_OVERFLOW; uint8_t attributes_buffer[attributes_buffer_len > 0 ? attributes_buffer_len : 1]; @@ -766,7 +766,7 @@ static hal_error_t pkey_get_attributes(const uint8_t **iptr, const uint8_t * con if (ret == HAL_OK) { ret = hal_xdr_encode_int(optr, olimit, attributes_len); - for (int i = 0; ret == HAL_OK && i < attributes_len; i++) { + for (size_t i = 0; ret == HAL_OK && i < attributes_len; i++) { ret = hal_xdr_encode_int(optr, olimit, attributes[i].type); if (ret != HAL_OK) break; diff --git a/rsa.c b/rsa.c index eeb611c..9af67d3 100644 --- a/rsa.c +++ b/rsa.c @@ -677,7 +677,7 @@ static hal_error_t find_prime(const unsigned prime_length, fp_read_unsigned_bin(result, buffer, sizeof(buffer)); - for (int i = 0; i < sizeof(small_prime)/sizeof(*small_prime); i++) { + for (size_t i = 0; i < sizeof(small_prime)/sizeof(*small_prime); i++) { fp_digit d; fp_mod_d(result, small_prime[i], &d); remainder[i] = d; @@ -686,10 +686,10 @@ static hal_error_t find_prime(const unsigned prime_length, for (;;) { int possible = 1; - for (int i = 0; i < sizeof(small_prime)/sizeof(*small_prime); i++) + for (size_t i = 0; i < sizeof(small_prime)/sizeof(*small_prime); i++) possible &= remainder[i] != 0; - for (int i = 0; possible && i < HAL_RSA_MILLER_RABIN_TESTS; i++) { + for (size_t i = 0; possible && i < HAL_RSA_MILLER_RABIN_TESTS; i++) { fp_set(t, small_prime[i]); fp_prime_miller_rabin(result, t, &possible); } @@ -707,7 +707,7 @@ static hal_error_t find_prime(const unsigned prime_length, fp_add_d(result, 2, result); - for (int i = 0; i < sizeof(small_prime)/sizeof(*small_prime); i++) + for (size_t i = 0; i < sizeof(small_prime)/sizeof(*small_prime); i++) if ((remainder[i] += 2) >= small_prime[i]) remainder[i] -= small_prime[i]; } diff --git a/slip.c b/slip.c index b28b7e1..b53d54c 100644 --- a/slip.c +++ b/slip.c @@ -85,7 +85,7 @@ hal_error_t hal_slip_send(const uint8_t * const buf, const size_t len) /* for each byte in the packet, send the appropriate character * sequence */ - for (int i = 0; i < len; ++i) { + for (size_t i = 0; i < len; ++i) { hal_error_t ret; if ((ret = hal_slip_send_char(buf[i])) != HAL_OK) return ret; diff --git a/tests/test-aes-key-wrap.c b/tests/test-aes-key-wrap.c index 5ecd46d..aa894cc 100644 --- a/tests/test-aes-key-wrap.c +++ b/tests/test-aes-key-wrap.c @@ -163,7 +163,7 @@ static int run_test(hal_core_t *core, return ok1 && ok2; } -int main (int argc, char *argv[]) +int main(void) { int failures = 0; diff --git a/tests/test-ecdsa.c b/tests/test-ecdsa.c index da2b367..fe04a87 100644 --- a/tests/test-ecdsa.c +++ b/tests/test-ecdsa.c @@ -359,7 +359,7 @@ static void show_core(const hal_core_t *core, const char *whinge) printf("%s core not present\n", whinge); } -int main(int argc, char *argv[]) +int main(void) { const hal_core_t *sha256_core = hal_core_find(SHA256_NAME, NULL); const hal_core_t *sha512_core = hal_core_find(SHA512_NAME, NULL); diff --git a/tests/test-hash.c b/tests/test-hash.c index 4e78243..20bd446 100644 --- a/tests/test-hash.c +++ b/tests/test-hash.c @@ -652,7 +652,7 @@ static void show_core(hal_core_t *core, const char *whinge) printf("%s core not present\n", whinge); } -int main (int argc, char *argv[]) +int main(void) { hal_core_t * const sha1_core = hal_core_find(SHA1_NAME, NULL); hal_core_t * const sha256_core = hal_core_find(SHA256_NAME, NULL); diff --git a/tests/test-pbkdf2.c b/tests/test-pbkdf2.c index f3072a7..603a833 100644 --- a/tests/test-pbkdf2.c +++ b/tests/test-pbkdf2.c @@ -196,7 +196,7 @@ static int _test_pbkdf2(hal_core_t *core, pbkdf2_tc_##_n_##_DK, sizeof(pbkdf2_tc_##_n_##_DK), \ pbkdf2_tc_##_n_##_count, #_n_) -int main (int argc, char *argv[]) +int main(void) { hal_core_t *core = hal_core_find(SHA1_NAME, NULL); int ok = 1; diff --git a/tests/test-rsa.c b/tests/test-rsa.c index 57037c0..f4e7a8f 100644 --- a/tests/test-rsa.c +++ b/tests/test-rsa.c @@ -296,7 +296,7 @@ static int test_rsa(hal_core_t *core, const rsa_tc_t * const tc) return ok; } -int main(int argc, char *argv[]) +int main(void) { hal_core_t *core = hal_core_find(MODEXPS6_NAME, NULL); if (core == NULL) @@ -314,7 +314,7 @@ int main(int argc, char *argv[]) /* Normal test */ - for (int i = 0; i < (sizeof(rsa_tc)/sizeof(*rsa_tc)); i++) + for (size_t i = 0; i < (sizeof(rsa_tc)/sizeof(*rsa_tc)); i++) if (!test_rsa(core, &rsa_tc[i])) return 1; diff --git a/utils/cores.c b/utils/cores.c index b055dea..1126e85 100644 --- a/utils/cores.c +++ b/utils/cores.c @@ -42,7 +42,7 @@ #include #include -int main(int argc, char *argv[]) +int main(void) { hal_core_t *core; const hal_core_info_t *info; diff --git a/xdr.c b/xdr.c index 0f172fb..e7c81b2 100644 --- a/xdr.c +++ b/xdr.c @@ -34,6 +34,7 @@ #include #include +#include /* ptrdiff_t */ #include /* memcpy, memset */ #include "hal.h" @@ -52,7 +53,7 @@ hal_error_t hal_xdr_encode_int(uint8_t ** const outbuf, const uint8_t * const li return HAL_ERROR_BAD_ARGUMENTS; /* buffer overflow check */ - if (limit - *outbuf < sizeof(value)) + if (limit - *outbuf < (ptrdiff_t)sizeof(value)) return HAL_ERROR_XDR_BUFFER_OVERFLOW; **(uint32_t **)outbuf = htonl(value); @@ -67,7 +68,7 @@ hal_error_t hal_xdr_decode_int(const uint8_t ** const inbuf, const uint8_t * con return HAL_ERROR_BAD_ARGUMENTS; /* buffer overflow check */ - if (limit - *inbuf < sizeof(*value)) + if (limit - *inbuf < (ptrdiff_t)sizeof(*value)) return HAL_ERROR_XDR_BUFFER_OVERFLOW; *value = ntohl(**(uint32_t **)inbuf); @@ -101,7 +102,7 @@ hal_error_t hal_xdr_encode_buffer(uint8_t **outbuf, const uint8_t * const limit, return HAL_ERROR_BAD_ARGUMENTS; /* buffer overflow check */ - if ((limit - *outbuf) < (((len + 3) & ~3) + sizeof(len))) + if (limit - *outbuf < (ptrdiff_t)(((len + 3) & ~3) + sizeof(len))) return HAL_ERROR_XDR_BUFFER_OVERFLOW; /* encode length */ @@ -144,7 +145,7 @@ hal_error_t hal_xdr_decode_buffer_in_place(const uint8_t **inbuf, const uint8_t /* decoded length is past the end of the input buffer; * we're probably out of sync, but nothing we can do now */ - if (limit - *inbuf < xdr_len) { + if (limit - *inbuf < (ptrdiff_t)xdr_len) { /* undo read of length */ *inbuf = orig_inbuf; return HAL_ERROR_XDR_BUFFER_OVERFLOW; -- cgit v1.2.3