Skip to content

Commit 344a375

Browse files
lsh123lsh123
authored
Fix build for AWS-LC and BoringSSL (part 2) (#895)
1 parent 2496979 commit 344a375

13 files changed

+143
-130
lines changed

docs/index.html

+1
Original file line numberDiff line numberDiff line change
@@ -74,6 +74,7 @@ <h1>XML Security Library</h1>
7474
<li>(xmlsec-core) Added signature result verification to the examples to demonstrate the need to ensure the correct data is actually signed.</li>
7575
<li>(xmlsec-core) Disabled old crypto algorithms (MD5, RIPEMD160) and the old crypto engines (MSCrypto, GCrypt) by default (use "--with-legacy-features" option to reenable everything).</li>
7676
<li>(xmlsec-openssl) Fixed excess padding in ECDSA signature generation.</li>
77+
<li>(xmlsec-openssl) Fixed build warnings for BoringSSL / AWS-LC.</li>
7778
<li>(xmlsec-nss) Fixed certificates search in NSS DB.</li>
7879
<li>(xmlsec-openssl, xmlsec-gnutls, xmlsec-mscng) Added an option to skip timestamp checks for certificates and CLRs.</li>
7980
<li>(xmlsec-windows) Disabled old crypto algorithms (MD5, RIPEMD160), made "mscng" the default crypto engine on Windows, and added support for "legacy-features" flag for "configure.js".</li>

docs/news.html

+1
Original file line numberDiff line numberDiff line change
@@ -55,6 +55,7 @@ <h1>XML Security Library News</h1>
5555
<li>(xmlsec-core) Added signature result verification to the examples to demonstrate the need to ensure the correct data is actually signed.</li>
5656
<li>(xmlsec-core) Disabled old crypto algorithms (MD5, RIPEMD160) and the old crypto engines (MSCrypto, GCrypt) by default (use "--with-legacy-features" option to reenable everything).</li>
5757
<li>(xmlsec-openssl) Fixed excess padding in ECDSA signature generation.</li>
58+
<li>(xmlsec-openssl) Fixed build warnings for BoringSSL / AWS-LC.</li>
5859
<li>(xmlsec-nss) Fixed certificates search in NSS DB.</li>
5960
<li>(xmlsec-openssl, xmlsec-gnutls, xmlsec-mscng) Added an option to skip timestamp checks for certificates and CLRs.</li>
6061
<li>(xmlsec-windows) Disabled old crypto algorithms (MD5, RIPEMD160), made "mscng" the default crypto engine on Windows, and added support for "legacy-features" flag for "configure.js".</li>

src/openssl/ciphers.c

+25-27
Original file line numberDiff line numberDiff line change
@@ -90,7 +90,7 @@ xmlSecOpenSSLEvpBlockCipherCtxInit(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
9090
int encrypt,
9191
const xmlChar* cipherName,
9292
xmlSecTransformCtxPtr transformCtx) {
93-
int ivLen;
93+
xmlSecOpenSSLUInt ivLen;
9494
xmlSecSize ivSize;
9595
int ret;
9696

@@ -110,21 +110,21 @@ xmlSecOpenSSLEvpBlockCipherCtxInit(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
110110
ivLen = XMLSEC_OPENSSL_AES_GCM_NONCE_SIZE;
111111
}
112112
xmlSecAssert2(ivLen > 0, -1);
113-
XMLSEC_SAFE_CAST_INT_TO_SIZE(ivLen, ivSize, return(-1), NULL);
113+
XMLSEC_OPENSSL_SAFE_CAST_UINT_TO_SIZE(ivLen, ivSize, return(-1), NULL);
114114

115115
xmlSecAssert2(ivSize <= sizeof(ctx->iv), -1);
116116
if(encrypt) {
117117
/* generate random iv */
118118
ret = RAND_priv_bytes_ex(xmlSecOpenSSLGetLibCtx(), ctx->iv, ivSize, XMLSEEC_OPENSSL_RAND_BYTES_STRENGTH);
119119
if(ret != 1) {
120-
xmlSecOpenSSLError2("RAND_priv_bytes_ex", cipherName, "size=%d", ivLen);
120+
xmlSecOpenSSLError2("RAND_priv_bytes_ex", cipherName, "size=" XMLSEC_SIZE_FMT, ivSize);
121121
return(-1);
122122
}
123123

124124
/* write iv to the output */
125125
ret = xmlSecBufferAppend(out, ctx->iv, ivSize);
126126
if(ret < 0) {
127-
xmlSecInternalError2("xmlSecBufferAppend", cipherName, "size=%d", ivLen);
127+
xmlSecInternalError2("xmlSecBufferAppend", cipherName, "size=" XMLSEC_SIZE_FMT, ivSize);
128128
return(-1);
129129
}
130130
} else {
@@ -141,7 +141,7 @@ xmlSecOpenSSLEvpBlockCipherCtxInit(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
141141
/* and remove from input */
142142
ret = xmlSecBufferRemoveHead(in, ivSize);
143143
if(ret < 0) {
144-
xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName, "size=%d", ivLen);
144+
xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName, "size=" XMLSEC_SIZE_FMT, ivSize);
145145
return(-1);
146146
}
147147
}
@@ -179,7 +179,7 @@ xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
179179
xmlSecByte *tagData) {
180180
xmlSecByte* outBuf;
181181
xmlSecSize outSize, outSize2, blockSize;
182-
int blockLen;
182+
xmlSecOpenSSLUInt blockLen;
183183
int inLen;
184184
int outLen = 0;
185185
int ret;
@@ -206,7 +206,7 @@ xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
206206
blockLen = EVP_CIPHER_block_size(ctx->cipher);
207207
xmlSecAssert2(blockLen > 0, -1);
208208

209-
XMLSEC_SAFE_CAST_INT_TO_SIZE(blockLen, blockSize, return(-1), NULL);
209+
XMLSEC_OPENSSL_SAFE_CAST_UINT_TO_SIZE(blockLen, blockSize, return(-1), NULL);
210210
xmlSecAssert2((inSize % blockSize) == 0, -1);
211211

212212
outSize = xmlSecBufferGetSize(out);
@@ -298,7 +298,7 @@ xmlSecOpenSSLEvpBlockCipherCtxUpdate(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
298298
const xmlChar* cipherName,
299299
xmlSecTransformCtxPtr transformCtx) {
300300
xmlSecSize inSize, blockSize, inBlocksSize;
301-
int blockLen;
301+
xmlSecOpenSSLUInt blockLen;
302302
xmlSecByte* inBuf;
303303
int ret;
304304

@@ -312,7 +312,7 @@ xmlSecOpenSSLEvpBlockCipherCtxUpdate(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
312312

313313
blockLen = EVP_CIPHER_block_size(ctx->cipher);
314314
xmlSecAssert2(blockLen > 0, -1);
315-
XMLSEC_SAFE_CAST_INT_TO_SIZE(blockLen, blockSize, return(-1), NULL);
315+
XMLSEC_OPENSSL_SAFE_CAST_UINT_TO_SIZE(blockLen, blockSize, return(-1), NULL);
316316

317317
inSize = xmlSecBufferGetSize(in);
318318
if(ctx->cbcMode) {
@@ -390,7 +390,7 @@ xmlSecOpenSSLEvpBlockCipherCBCCtxFinal(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
390390
xmlSecTransformCtxPtr transformCtx ATTRIBUTE_UNUSED)
391391
{
392392
xmlSecSize size, inSize, outSize;
393-
int inLen, outLen, padLen, blockLen;
393+
xmlSecOpenSSLUInt inLen, outLen, padLen, blockLen;
394394
xmlSecByte* inBuf;
395395
xmlSecByte* outBuf;
396396
int ret;
@@ -411,7 +411,7 @@ xmlSecOpenSSLEvpBlockCipherCBCCtxFinal(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
411411
/* not more than one block left */
412412
inSize = xmlSecBufferGetSize(in);
413413
inBuf = xmlSecBufferGetData(in);
414-
XMLSEC_SAFE_CAST_SIZE_TO_INT(inSize, inLen, return(-1), NULL);
414+
XMLSEC_OPENSSL_SAFE_CAST_SIZE_TO_UINT(inSize, inLen, return(-1), NULL);
415415
xmlSecAssert2(inLen <= blockLen, -1);
416416

417417
/*
@@ -432,13 +432,13 @@ xmlSecOpenSSLEvpBlockCipherCBCCtxFinal(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
432432

433433
/* we can have inLen == 0 if there were no data at all, otherwise -- copy the data */
434434
if(inLen > 0) {
435-
XMLSEC_SAFE_CAST_INT_TO_SIZE(inLen, size, return(-1), NULL);
435+
XMLSEC_OPENSSL_SAFE_CAST_UINT_TO_SIZE(inLen, size, return(-1), NULL);
436436
memcpy(ctx->pad, inBuf, size);
437437
}
438438

439439
/* generate random padding */
440440
if(padLen > 1) {
441-
XMLSEC_SAFE_CAST_INT_TO_SIZE(padLen, size, return(-1), NULL);
441+
XMLSEC_OPENSSL_SAFE_CAST_UINT_TO_SIZE(padLen, size, return(-1), NULL);
442442
ret = RAND_priv_bytes_ex(xmlSecOpenSSLGetLibCtx(), ctx->pad + inLen, size - 1,
443443
XMLSEEC_OPENSSL_RAND_BYTES_STRENGTH);
444444
if (ret != 1) {
@@ -449,10 +449,10 @@ xmlSecOpenSSLEvpBlockCipherCBCCtxFinal(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
449449

450450
/* set the last byte to the pad length */
451451
outLen = inLen + padLen;
452-
XMLSEC_SAFE_CAST_INT_TO_BYTE(padLen, ctx->pad[outLen - 1], return(-1), cipherName);
452+
XMLSEC_OPENSSL_SAFE_CAST_UINT_TO_BYTE(padLen, ctx->pad[outLen - 1], return(-1), cipherName);
453453

454454
/* update the last 1 or 2 blocks with padding */
455-
XMLSEC_SAFE_CAST_INT_TO_SIZE(outLen, outSize, return(-1), NULL);
455+
XMLSEC_OPENSSL_SAFE_CAST_UINT_TO_SIZE(outLen, outSize, return(-1), NULL);
456456
ret = xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(ctx, ctx->pad, outSize, out, cipherName, 1, NULL); /* final */
457457
if(ret < 0) {
458458
xmlSecInternalError("xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock", cipherName);
@@ -471,35 +471,33 @@ xmlSecOpenSSLEvpBlockCipherCBCCtxFinal(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
471471
/* we expect at least one block in the output -- the one we just decrypted */
472472
outBuf = xmlSecBufferGetData(out);
473473
outSize = xmlSecBufferGetSize(out);
474-
XMLSEC_SAFE_CAST_SIZE_TO_INT(outSize, outLen, return(-1), NULL);
474+
XMLSEC_OPENSSL_SAFE_CAST_SIZE_TO_UINT(outSize, outLen, return(-1), NULL);
475475
if(outLen < blockLen) {
476-
xmlSecInvalidIntegerDataError2("outLen", outLen, "blockLen", blockLen,
477-
"outLen >= blockLen", cipherName);
476+
xmlSecInvalidDataError("data length is less than block size for cipher", cipherName);
478477
return(-1);
479478
}
480479

481480
/* get the pad length from the last byte */
482481
padLen = outBuf[outLen - 1];
483482
if(padLen > blockLen) {
484-
xmlSecInvalidIntegerDataError2("padLen", padLen, "blockLen", blockLen,
485-
"padLen <= blockLen", cipherName);
483+
xmlSecInvalidDataError("padding length is greater than block size for cipher", cipherName);
486484
return(-1);
487485
}
488486
xmlSecAssert2(padLen <= outLen, -1);
489487

490488
/* remove the padding */
491-
XMLSEC_SAFE_CAST_INT_TO_SIZE(padLen, padSize, return(-1), NULL);
489+
XMLSEC_OPENSSL_SAFE_CAST_UINT_TO_SIZE(padLen, padSize, return(-1), NULL);
492490
ret = xmlSecBufferRemoveTail(out, padSize);
493491
if(ret < 0) {
494-
xmlSecInternalError2("xmlSecBufferRemoveTail", cipherName, "size=%d", padLen);
492+
xmlSecInternalError("xmlSecBufferRemoveTail", cipherName);
495493
return(-1);
496494
}
497495
}
498496

499497
/* remove the processed block from input */
500498
ret = xmlSecBufferRemoveHead(in, inSize);
501499
if(ret < 0) {
502-
xmlSecInternalError2("xmlSecBufferRemoveHead", cipherName, "size=%d", inLen);
500+
xmlSecInternalError("xmlSecBufferRemoveHead", cipherName);
503501
return(-1);
504502
}
505503

@@ -764,7 +762,7 @@ xmlSecOpenSSLEvpBlockCipherFinalize(xmlSecTransformPtr transform) {
764762
static int
765763
xmlSecOpenSSLEvpBlockCipherSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) {
766764
xmlSecOpenSSLEvpBlockCipherCtxPtr ctx;
767-
int cipherKeyLen, keyBitsLen;
765+
xmlSecOpenSSLUInt cipherKeyLen, keyBitsLen;
768766

769767
xmlSecAssert2(xmlSecOpenSSLEvpBlockCipherCheckId(transform), -1);
770768
xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
@@ -788,7 +786,7 @@ xmlSecOpenSSLEvpBlockCipherSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReq
788786
xmlSecAssert2(cipherKeyLen > 0, -1);
789787

790788
keyBitsLen = 8 * cipherKeyLen;
791-
XMLSEC_SAFE_CAST_INT_TO_SIZE(keyBitsLen, keyReq->keyBitsSize, return(-1), xmlSecTransformGetName(transform));
789+
XMLSEC_OPENSSL_SAFE_CAST_UINT_TO_SIZE(keyBitsLen, keyReq->keyBitsSize, return(-1), xmlSecTransformGetName(transform));
792790
return(0);
793791
}
794792

@@ -797,7 +795,7 @@ xmlSecOpenSSLEvpBlockCipherSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key
797795
xmlSecOpenSSLEvpBlockCipherCtxPtr ctx;
798796
xmlSecBufferPtr buffer;
799797
xmlSecSize cipherKeySize;
800-
int cipherKeyLen;
798+
xmlSecOpenSSLUInt cipherKeyLen;
801799

802800
xmlSecAssert2(xmlSecOpenSSLEvpBlockCipherCheckId(transform), -1);
803801
xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
@@ -813,7 +811,7 @@ xmlSecOpenSSLEvpBlockCipherSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key
813811

814812
cipherKeyLen = EVP_CIPHER_key_length(ctx->cipher);
815813
xmlSecAssert2(cipherKeyLen > 0, -1);
816-
XMLSEC_SAFE_CAST_INT_TO_SIZE(cipherKeyLen, cipherKeySize, return(-1), xmlSecTransformGetName(transform));
814+
XMLSEC_OPENSSL_SAFE_CAST_UINT_TO_SIZE(cipherKeyLen, cipherKeySize, return(-1), xmlSecTransformGetName(transform));
817815
xmlSecAssert2(cipherKeySize <= sizeof(ctx->key), -1);
818816

819817
buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));

src/openssl/digests.c

+6-6
Original file line numberDiff line numberDiff line change
@@ -444,16 +444,16 @@ xmlSecOpenSSLEvpDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTran
444444
}
445445
}
446446
if(last) {
447-
unsigned int dgstSize;
447+
xmlSecOpenSSLSizeT mdSize;
448448
xmlSecSize size;
449+
unsigned int dgstSize;
449450

450-
ret = EVP_MD_size(ctx->digest);
451-
if (ret < 0) {
452-
xmlSecOpenSSLError("EVP_MD_size",
453-
xmlSecTransformGetName(transform));
451+
mdSize = EVP_MD_size(ctx->digest);
452+
if (mdSize <= 0) {
453+
xmlSecOpenSSLError("EVP_MD_size", xmlSecTransformGetName(transform));
454454
return(-1);
455455
}
456-
XMLSEC_SAFE_CAST_INT_TO_SIZE(ret, size, return(-1), xmlSecTransformGetName(transform));
456+
XMLSEC_OPENSSL_SAFE_CAST_SIZE_T_TO_SIZE(mdSize, size, return(-1), xmlSecTransformGetName(transform));
457457
xmlSecAssert2(size <= sizeof(ctx->dgst), -1);
458458

459459
ret = EVP_DigestFinal(ctx->digestCtx, ctx->dgst, &dgstSize);

src/openssl/evp.c

+24-20
Original file line numberDiff line numberDiff line change
@@ -46,56 +46,56 @@ static int
4646
xmlSecOpenSSLGetBNValue(const xmlSecBufferPtr buf, BIGNUM **bigNum) {
4747
xmlSecByte* bufPtr;
4848
xmlSecSize bufSize;
49-
int bufLen;
49+
xmlSecOpenSSLSizeT bufLen;
5050

5151
xmlSecAssert2(buf != NULL, -1);
5252
xmlSecAssert2(bigNum!= NULL, -1);
5353

5454
bufPtr = xmlSecBufferGetData(buf);
5555
bufSize = xmlSecBufferGetSize(buf);
56-
XMLSEC_SAFE_CAST_SIZE_TO_INT(bufSize, bufLen, return(-1), NULL);
56+
XMLSEC_OPENSSL_SAFE_CAST_SIZE_TO_SIZE_T(bufSize, bufLen, return(-1), NULL);
5757

5858
(*bigNum) = BN_bin2bn(bufPtr, bufLen, (*bigNum));
5959
if((*bigNum) == NULL) {
60-
xmlSecOpenSSLError2("BN_bin2bn", NULL, "size=%d", bufLen);
60+
xmlSecOpenSSLError2("BN_bin2bn", NULL, "size=" XMLSEC_SIZE_FMT, bufSize);
6161
return(-1);
6262
}
6363
return(0);
6464
}
6565

6666
static int
6767
xmlSecOpenSSLSetBNValue(const BIGNUM *bigNum, xmlSecBufferPtr buf) {
68+
xmlSecOpenSSLUInt numBytes;
69+
xmlSecOpenSSLSizeT numBytes2;
6870
xmlSecSize size;
6971
int ret;
7072

7173
xmlSecAssert2(bigNum != NULL, -1);
7274
xmlSecAssert2(buf != NULL, -1);
7375

74-
ret = BN_num_bytes(bigNum);
75-
if(ret < 0) {
76+
numBytes = BN_num_bytes(bigNum);
77+
if(numBytes <= 0) {
7678
xmlSecOpenSSLError("BN_num_bytes", NULL);
7779
return(-1);
7880
}
79-
XMLSEC_SAFE_CAST_INT_TO_SIZE(ret, size, return(-1), NULL);
81+
XMLSEC_OPENSSL_SAFE_CAST_UINT_TO_SIZE(numBytes, size, return(-1), NULL);
8082

8183
ret = xmlSecBufferSetMaxSize(buf, size + 1);
8284
if(ret < 0) {
83-
xmlSecInternalError2("xmlSecBufferSetMaxSize", NULL,
84-
"size=" XMLSEC_SIZE_FMT, (size + 1));
85+
xmlSecInternalError2("xmlSecBufferSetMaxSize", NULL, "size=" XMLSEC_SIZE_FMT, (size + 1));
8586
return(-1);
8687
}
8788

88-
ret = BN_bn2bin(bigNum, xmlSecBufferGetData(buf));
89-
if(ret < 0) {
89+
numBytes2 = BN_bn2bin(bigNum, xmlSecBufferGetData(buf));
90+
if(numBytes2 <= 0) {
9091
xmlSecOpenSSLError("BN_bn2bin", NULL);
9192
return(-1);
9293
}
93-
XMLSEC_SAFE_CAST_INT_TO_SIZE(ret, size, return(-1), NULL);
94+
XMLSEC_OPENSSL_SAFE_CAST_SIZE_T_TO_SIZE(numBytes2, size, return(-1), NULL);
9495

9596
ret = xmlSecBufferSetSize(buf, size);
9697
if(ret < 0) {
97-
xmlSecInternalError2("xmlSecBufferSetSize", NULL,
98-
"size=" XMLSEC_SIZE_FMT, size);
98+
xmlSecInternalError2("xmlSecBufferSetSize", NULL, "size=" XMLSEC_SIZE_FMT, size);
9999
return(-1);
100100
}
101101

@@ -2775,9 +2775,9 @@ xmlSecOpenSSLKeyDataEcGetSize(xmlSecKeyDataPtr data) {
27752775
const EC_GROUP *group;
27762776
const EC_KEY *ecKey;
27772777
BIGNUM * order = NULL;
2778-
int numBits;
2779-
int ret;
2778+
xmlSecOpenSSLUInt numBits;
27802779
xmlSecSize res = 0;
2780+
int ret;
27812781

27822782
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataEcId), 0);
27832783

@@ -2805,11 +2805,15 @@ xmlSecOpenSSLKeyDataEcGetSize(xmlSecKeyDataPtr data) {
28052805
goto done;
28062806
}
28072807

2808-
numBits = BN_num_bytes(order);
2809-
if(numBits < 0) {
2808+
numBits = BN_num_bits(order);
2809+
if(numBits <= 0) {
28102810
xmlSecOpenSSLError("BN_num_bits", xmlSecKeyDataGetName(data));
28112811
goto done;
28122812
}
2813+
2814+
/* success */
2815+
XMLSEC_OPENSSL_SAFE_CAST_UINT_TO_SIZE(numBits, res, goto done, xmlSecKeyDataGetName(data));
2816+
28132817
done:
28142818
if(order != NULL) {
28152819
BN_clear_free(order);
@@ -3600,7 +3604,7 @@ static xmlSecSize
36003604
xmlSecOpenSSLKeyDataRsaGetSize(xmlSecKeyDataPtr data) {
36013605
RSA* rsa = NULL;
36023606
const BIGNUM* n = NULL;
3603-
int numBits;
3607+
xmlSecOpenSSLSizeT numBits;
36043608
xmlSecSize res;
36053609

36063610
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId), 0);
@@ -3618,12 +3622,12 @@ xmlSecOpenSSLKeyDataRsaGetSize(xmlSecKeyDataPtr data) {
36183622
}
36193623

36203624
numBits = BN_num_bits(n);
3621-
if(numBits < 0) {
3625+
if(numBits <= 0) {
36223626
xmlSecOpenSSLError("BN_num_bits", xmlSecKeyDataGetName(data));
36233627
return(0);
36243628
}
36253629

3626-
XMLSEC_SAFE_CAST_INT_TO_SIZE(numBits, res, return(0), xmlSecKeyDataGetName(data));
3630+
XMLSEC_OPENSSL_SAFE_CAST_SIZE_T_TO_SIZE(numBits, res, return(0), xmlSecKeyDataGetName(data));
36273631
return(res);
36283632
}
36293633

src/openssl/hmac.c

+2-2
Original file line numberDiff line numberDiff line change
@@ -326,7 +326,7 @@ xmlSecOpenSSLHmacSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq
326326
#ifndef XMLSEC_OPENSSL_API_300
327327
static int
328328
xmlSecOpenSSLHmacSetKeyImpl(xmlSecOpenSSLHmacCtxPtr ctx, const xmlSecByte* key, xmlSecSize keySize) {
329-
int keyLen;
329+
xmlSecOpenSSLSizeT keyLen;
330330
int ret;
331331

332332
xmlSecAssert2(ctx != NULL, -1);
@@ -335,7 +335,7 @@ xmlSecOpenSSLHmacSetKeyImpl(xmlSecOpenSSLHmacCtxPtr ctx, const xmlSecByte* key,
335335
xmlSecAssert2(key != NULL, -1);
336336
xmlSecAssert2(keySize > 0, -1);
337337

338-
XMLSEC_SAFE_CAST_SIZE_TO_INT(keySize, keyLen, return(-1), NULL);
338+
XMLSEC_OPENSSL_SAFE_CAST_SIZE_TO_SIZE_T(keySize, keyLen, return(-1), NULL);
339339
ret = HMAC_Init_ex(ctx->hmacCtx, key, keyLen, ctx->hmacDgst, NULL);
340340
if(ret != 1) {
341341
xmlSecOpenSSLError("HMAC_Init_ex", NULL);

0 commit comments

Comments
 (0)