Test-PR

CMakeLists.txt

@@ -82,7 +82,7 @@ if(CMAKE_GENERATOR MATCHES "Visual Studio")
         target_compile_options(tinydtls PRIVATE -WX)
      endif()
 elseif(NOT ZEPHYR_BASE)
-    target_compile_options(tinydtls PRIVATE -fPIC -pedantic -std=c99 -Wall -Wextra -Wformat-security -Winline -Wmissing-declarations -Wmissing-prototypes -Wnested-externs -Wpointer-arith -Wshadow -Wstrict-prototypes -Wswitch-default -Wswitch-enum -Wunused)
+    target_compile_options(tinydtls PRIVATE -fPIC -pedantic -std=c99 -Wall -Wextra -Wformat-security -Winline -Wmissing-declarations -Wmissing-prototypes -Wnested-externs -Wpointer-arith -Wshadow -Wstrict-prototypes -Wswitch-default -Wswitch-enum -Wunused -Wconversion -Wno-sign-conversion)
     if(${WARNING_TO_ERROR})
         target_compile_options(tinydtls PRIVATE -Werror)
     endif()

aes/rijndael.c

@@ -728,7 +728,7 @@ static const aes_u32 rcon[] = {
  * @return	the number of rounds for the given cipher key size.
  */
 int
-rijndaelKeySetupEnc(aes_u32 rk[/*4*(Nr + 1)*/], const aes_u8 cipherKey[], int keyBits)
+rijndaelKeySetupEnc(aes_u32 rk[/*4*(Nr + 1)*/], const aes_u8 cipherKey[], size_t keyBits)
 {
    	int i = 0;
 	aes_u32 temp;

aes/rijndael.h

@@ -29,6 +29,7 @@
 #define __RIJNDAEL_H
 
 #include <stdint.h>
+#include <sys/types.h>
 
 #define AES_MAXKEYBITS	(256)
 #define AES_MAXKEYBYTES	(AES_MAXKEYBITS/8)
@@ -55,11 +56,11 @@ typedef struct {
 } rijndael_ctx;
 
 int	 rijndael_set_key(rijndael_ctx *, const u_char *, int);
-int	 rijndael_set_key_enc_only(rijndael_ctx *, const u_char *, int);
+int	 rijndael_set_key_enc_only(rijndael_ctx *, const u_char *, size_t);
 void	 rijndael_decrypt(rijndael_ctx *, const u_char *, u_char *);
 void	 rijndael_encrypt(rijndael_ctx *, const u_char *, u_char *);
 
-int	rijndaelKeySetupEnc(aes_u32 rk[/*4*(Nr + 1)*/], const aes_u8 cipherKey[], int keyBits);
+int	rijndaelKeySetupEnc(aes_u32 rk[/*4*(Nr + 1)*/], const aes_u8 cipherKey[], size_t keyBits);
 int	rijndaelKeySetupDec(aes_u32 rk[/*4*(Nr + 1)*/], const aes_u8 cipherKey[], int keyBits);
 void	rijndaelEncrypt(const aes_u32 rk[/*4*(Nr + 1)*/], int Nr, const aes_u8 pt[16], aes_u8 ct[16]);
 #ifdef WITH_AES_DECRYPT

aes/rijndael_wrap.c

@@ -20,7 +20,7 @@
 
 /* setup key context for encryption only */
 int
-rijndael_set_key_enc_only(rijndael_ctx *ctx, const u_char *key, int bits)
+rijndael_set_key_enc_only(rijndael_ctx *ctx, const u_char *key, size_t bits)
 {
 	int rounds;
 

alert.h

@@ -77,7 +77,7 @@ dtls_alert_fatal_create(dtls_alert_t desc)
  * \return 0 (false), if not, not 0 (true), if it represents an alert.
  */
 static inline int
-dtls_is_alert(int err)
+dtls_is_alert(ssize_t err)
 {
   return (err < -(1 << 8) && err > -(3 << 8));
 }

ccm.c

@@ -16,6 +16,7 @@
  *******************************************************************************/
 
 #include <string.h>
+#include <sys/types.h>
 
 #include "tinydtls.h"
 #include "global.h"
@@ -35,7 +36,7 @@
     memset((A) + DTLS_CCM_BLOCKSIZE - (L), 0, (L));			\
     (C) = (cnt) & MASK_L(L);						\
     for (i_ = DTLS_CCM_BLOCKSIZE - 1; (C) && (i_ > (L)); --i_, (C) >>= 8) \
-      (A)[i_] |= (C) & 0xFF;						\
+      (A)[i_] |= (unsigned char) (C) & 0xFF;						\
   }
 
 static inline void 
@@ -47,7 +48,7 @@ block0(size_t M,       /* number of auth bytes */
        unsigned char *result) {
   unsigned int i;
 
-  result[0] = CCM_FLAGS(la, M, L);
+  result[0] = (unsigned char) CCM_FLAGS(la, M, L);
 
   /* copy the nonce */
   memcpy(result + 1, nonce, DTLS_CCM_BLOCKSIZE - L - 1);
@@ -88,11 +89,11 @@ add_auth_data(rijndael_ctx *ctx, const unsigned char *msg, uint64_t la,
 #ifndef WITH_CONTIKI
     if (la < 0xFF00) {		/* 2^16 - 2^8 */
       j = 2;
-      dtls_int_to_uint16(B, la);
+      dtls_int_to_uint16(B, (uint16_t) la);
   } else if (la <= UINT32_MAX) {
       j = 6;
       dtls_int_to_uint16(B, 0xFFFE);
-      dtls_int_to_uint32(B+2, la);
+      dtls_int_to_uint32(B+2, (uint32_t) la);
     } else {
       j = 10;
       dtls_int_to_uint16(B, 0xFFFF);
@@ -164,8 +165,8 @@ mac(rijndael_ctx *ctx,
 
 }
 
-long int
-dtls_ccm_encrypt_message(rijndael_ctx *ctx, size_t M, size_t L, 
+ssize_t
+dtls_ccm_encrypt_message(rijndael_ctx *ctx, size_t M, size_t L,
 			 const unsigned char nonce[DTLS_CCM_BLOCKSIZE],
 			 unsigned char *msg, size_t lm, 
 			 const unsigned char *aad, size_t la) {
@@ -184,7 +185,7 @@ dtls_ccm_encrypt_message(rijndael_ctx *ctx, size_t M, size_t L,
   add_auth_data(ctx, aad, la, B, X);
 
   /* initialize block template */
-  A[0] = L-1;
+  A[0] = (unsigned char) (L-1);
 
   /* copy the nonce */
   memcpy(A + 1, nonce, DTLS_CCM_BLOCKSIZE - L - 1);
@@ -228,7 +229,7 @@ dtls_ccm_encrypt_message(rijndael_ctx *ctx, size_t M, size_t L,
   return len + M;
 }
 
-long int
+ssize_t
 dtls_ccm_decrypt_message(rijndael_ctx *ctx, size_t M, size_t L,
 			 const unsigned char nonce[DTLS_CCM_BLOCKSIZE],
 			 unsigned char *msg, size_t lm, 
@@ -254,7 +255,7 @@ dtls_ccm_decrypt_message(rijndael_ctx *ctx, size_t M, size_t L,
   add_auth_data(ctx, aad, la, B, X);
 
   /* initialize block template */
-  A[0] = L-1;
+  A[0] = (unsigned char) (L-1);
 
   /* copy the nonce */
   memcpy(A + 1, nonce, DTLS_CCM_BLOCKSIZE - L - 1);
@@ -296,8 +297,8 @@ dtls_ccm_decrypt_message(rijndael_ctx *ctx, size_t M, size_t L,
 
   /* return length if MAC is valid, otherwise continue with error handling */
   if (equals(X, msg, M))
-    return len - M;
 
+    return len - M;
  error:
   return -1;
 }

ccm.h

@@ -18,6 +18,8 @@
 #ifndef _DTLS_CCM_H_
 #define _DTLS_CCM_H_
 
+#include <sys/types.h>
+
 #include "aes/rijndael.h"
 
 /* implementation of Counter Mode CBC-MAC, RFC 3610 */
@@ -46,14 +48,14 @@
  * \param la  The number of additional authentication octets (may be zero).
  * \return FIXME
  */
-long int
-dtls_ccm_encrypt_message(rijndael_ctx *ctx, size_t M, size_t L, 
+ssize_t
+dtls_ccm_encrypt_message(rijndael_ctx *ctx, size_t M, size_t L,
 			 const unsigned char nonce[DTLS_CCM_BLOCKSIZE],
 			 unsigned char *msg, size_t lm, 
 			 const unsigned char *aad, size_t la);
 
-long int
-dtls_ccm_decrypt_message(rijndael_ctx *ctx, size_t M, size_t L, 
+ssize_t
+dtls_ccm_decrypt_message(rijndael_ctx *ctx, size_t M, size_t L,
 			 const unsigned char nonce[DTLS_CCM_BLOCKSIZE],
 			 unsigned char *msg, size_t lm, 
 			 const unsigned char *aad, size_t la);

configure.ac

@@ -54,6 +54,8 @@ WARNING_CFLAGS="\
 -Wswitch-default \
 -Wswitch-enum \
 -Wunused \
+-Wconversion \
+-Wno-sign-conversion \
 "
 
 AC_SUBST([WARNING_CFLAGS])

crypto.c

@@ -258,7 +258,7 @@ dtls_p_hash(dtls_hashfunc_t h,
   return buflen;
 }
 
-size_t 
+size_t
 dtls_prf(const unsigned char *key, size_t keylen,
 	 const unsigned char *label, size_t labellen,
 	 const unsigned char *random1, size_t random1len,
@@ -281,7 +281,7 @@ dtls_mac(dtls_hmac_context_t *hmac_ctx,
 	 const unsigned char *packet, size_t length,
 	 unsigned char *buf) {
   uint16 L;
-  dtls_int_to_uint16(L, length);
+  dtls_int_to_uint16(L, (uint16_t) length);
 
   assert(hmac_ctx);
   dtls_hmac_update(hmac_ctx, record +3, sizeof(uint16) + sizeof(uint48));
@@ -297,7 +297,7 @@ dtls_ccm_encrypt(aes128_ccm_t *ccm_ctx, const unsigned char *src, size_t srclen,
 		 unsigned char *buf, 
 		 const unsigned char *nonce,
 		 const unsigned char *aad, size_t la) {
-  long int len;
+  size_t len;
   (void)src;
 
   assert(ccm_ctx);
@@ -311,12 +311,12 @@ dtls_ccm_encrypt(aes128_ccm_t *ccm_ctx, const unsigned char *src, size_t srclen,
   return len;
 }
 
-static size_t
+static ssize_t
 dtls_ccm_decrypt(aes128_ccm_t *ccm_ctx, const unsigned char *src,
 		 size_t srclen, unsigned char *buf,
 		 const unsigned char *nonce,
 		 const unsigned char *aad, size_t la) {
-  long int len;
+  ssize_t len;
   (void)src;
 
   assert(ccm_ctx);
@@ -331,7 +331,7 @@ dtls_ccm_decrypt(aes128_ccm_t *ccm_ctx, const unsigned char *src,
 }
 
 #ifdef DTLS_PSK
-int
+size_t
 dtls_psk_pre_master_secret(unsigned char *key, size_t keylen,
 			   unsigned char *result, size_t result_len) {
   unsigned char *p = result;
@@ -340,7 +340,7 @@ dtls_psk_pre_master_secret(unsigned char *key, size_t keylen,
     return -1;
   }
 
-  dtls_int_to_uint16(p, keylen);
+  dtls_int_to_uint16(p, (uint16_t) keylen);
   p += sizeof(uint16);
 
   memset(p, 0, keylen);
@@ -358,7 +358,7 @@ dtls_psk_pre_master_secret(unsigned char *key, size_t keylen,
 #ifdef DTLS_ECC
 static void dtls_ec_key_to_uint32(const unsigned char *key, size_t key_size,
 				  uint32_t *result) {
-  int i;
+  ssize_t i;
 
   for (i = (key_size / sizeof(uint32_t)) - 1; i >= 0 ; i--) {
     *result = dtls_uint32_to_int(&key[i * sizeof(uint32_t)]);
@@ -368,7 +368,7 @@ static void dtls_ec_key_to_uint32(const unsigned char *key, size_t key_size,
 
 static void dtls_ec_key_from_uint32(const uint32_t *key, size_t key_size,
 				    unsigned char *result) {
-  int i;
+  ssize_t i;
 
   for (i = (key_size / sizeof(uint32_t)) - 1; i >= 0 ; i--) {
     dtls_int_to_uint32(result, key[i]);
@@ -385,9 +385,9 @@ static void dtls_ec_key_from_uint32(const uint32_t *key, size_t key_size,
  * interpreted as a negative number. In order to prevent this, a zero in the
  * ASN.1 presentation is prepended if that bit 7 is set.
 */
-int dtls_ec_key_asn1_from_uint32(const uint32_t *key, size_t key_size,
+ssize_t dtls_ec_key_asn1_from_uint32(const uint32_t *key, ssize_t key_size,
 				 uint8_t *buf) {
-  int i = 0;
+  ssize_t i = 0;
   uint8_t *lptr;
 
   /* ASN.1 Integer r */
@@ -401,16 +401,16 @@ int dtls_ec_key_asn1_from_uint32(const uint32_t *key, size_t key_size,
   dtls_ec_key_from_uint32(key, key_size, buf);
 
   /* skip leading 0's */
-  while (i < (int)key_size && buf[i] == 0) {
+  while (i < key_size && buf[i] == 0) {
      ++i;
   }
-  assert(i != (int)key_size);
-  if (i == (int)key_size) {
+  assert(i != key_size);
+  if (i == key_size) {
       dtls_alert("ec key is all zero\n");
       return 0;
   }
   if (buf[i] >= 0x80) {
-    /* 
+    /*
      * Preserve unsigned by adding leading 0 (i may go negative which is
      * explicitely handled below with the assumption that buf is at least 33
      * bytes in size).
@@ -428,11 +428,11 @@ int dtls_ec_key_asn1_from_uint32(const uint32_t *key, size_t key_size,
       key_size++;
   }
   /* Update the length of positive ASN.1 integer */
-  dtls_int_to_uint8(lptr, key_size);
-  return key_size + 2; 
+  dtls_int_to_uint8(lptr, (uint8_t) key_size);
+  return key_size + 2;
 }
 
-int dtls_ecdh_pre_master_secret(unsigned char *priv_key,
+ssize_t dtls_ecdh_pre_master_secret(unsigned char *priv_key,
 				   unsigned char *pub_key_x,
                                    unsigned char *pub_key_y,
                                    size_t key_size,
@@ -557,13 +557,13 @@ dtls_ecdsa_verify_sig(const unsigned char *pub_key_x,
 }
 #endif /* DTLS_ECC */
 
-int
+ssize_t
 dtls_encrypt_params(const dtls_ccm_params_t *params,
                     const unsigned char *src, size_t length,
                     unsigned char *buf,
                     const unsigned char *key, size_t keylen,
                     const unsigned char *aad, size_t la) {
-  int ret;
+  ssize_t ret;
   struct dtls_cipher_context_t *ctx = dtls_cipher_context_get();
   ctx->data.tag_length = params->tag_length;
   ctx->data.l = params->l;
@@ -584,7 +584,7 @@ dtls_encrypt_params(const dtls_ccm_params_t *params,
   return ret;
 }
 
-int 
+ssize_t
 dtls_encrypt(const unsigned char *src, size_t length,
 	     unsigned char *buf,
 	     const unsigned char *nonce,
@@ -598,14 +598,14 @@ dtls_encrypt(const unsigned char *src, size_t length,
   return dtls_encrypt_params(&params, src, length, buf, key, keylen, aad, la);
 }
 
-int
+ssize_t
 dtls_decrypt_params(const dtls_ccm_params_t *params,
                     const unsigned char *src, size_t length,
                     unsigned char *buf,
                     const unsigned char *key, size_t keylen,
                     const unsigned char *aad, size_t la)
 {
-  int ret;
+  ssize_t ret;
   struct dtls_cipher_context_t *ctx = dtls_cipher_context_get();
   ctx->data.tag_length = params->tag_length;
   ctx->data.l = params->l;
@@ -626,7 +626,7 @@ dtls_decrypt_params(const dtls_ccm_params_t *params,
   return ret;
 }
 
-int
+ssize_t
 dtls_decrypt(const unsigned char *src, size_t length,
 	     unsigned char *buf,
 	     const unsigned char *nonce,