Skip to content

Commit

Permalink
Fix various warnings. (open-quantum-safe#480)
Browse files Browse the repository at this point in the history
* Fix various warnings.

Signed-off-by: Norman Ashley <[email protected]>
  • Loading branch information
ashman-p authored Aug 18, 2024
1 parent 88aca9b commit e547338
Show file tree
Hide file tree
Showing 4 changed files with 120 additions and 51 deletions.
2 changes: 1 addition & 1 deletion CMakeLists.txt
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
if (WIN32)
cmake_minimum_required(VERSION 3.20 FATAL_ERROR)
else()
cmake_minimum_required(VERSION 3.0 FATAL_ERROR)
cmake_minimum_required(VERSION 3.5 FATAL_ERROR)
endif()
project(oqs-provider LANGUAGES C)
set(OQSPROVIDER_VERSION_TEXT "0.6.2-dev")
Expand Down
7 changes: 4 additions & 3 deletions oqsprov/oqs_encode_key2any.c
Original file line number Diff line number Diff line change
Expand Up @@ -703,8 +703,8 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) {
nid =
oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype;
if (nid == EVP_PKEY_RSA) { // get the RSA real key size
unsigned char *enc_len =
OPENSSL_strndup(oqsxkey->comp_privkey[i], 4);
unsigned char *enc_len = (unsigned char *)OPENSSL_strndup(
oqsxkey->comp_privkey[i], 4);
OPENSSL_cleanse(enc_len, 2);
DECODE_UINT32(buflen, enc_len);
buflen += 4;
Expand Down Expand Up @@ -1684,7 +1684,8 @@ static int oqsx_to_text(BIO *out, const void *key, int selection) {
->keytype ==
EVP_PKEY_RSA) { // get the RSA real key size
unsigned char *enc_len =
OPENSSL_strndup(okey->comp_privkey[i], 4);
(unsigned char *)OPENSSL_strndup(
okey->comp_privkey[i], 4);
OPENSSL_cleanse(enc_len, 2);
DECODE_UINT32(privlen, enc_len);
privlen += 4;
Expand Down
147 changes: 106 additions & 41 deletions oqsprov/oqs_sig.c
Original file line number Diff line number Diff line change
Expand Up @@ -210,38 +210,101 @@ static int oqs_sig_verify_init(void *vpoqs_sigctx, void *voqssig,
// this list need to be in order of the last number on the OID from the
// composite, the len of each value is COMPOSITE_OID_PREFIX_LEN
static const unsigned char *composite_OID_prefix[] = {
"060B6086480186FA6B50080101", // mldsa44_pss2048
// id-MLDSA44-RSA2048-PSS-SHA256
"060B6086480186FA6B50080102", // mldsa44_rsa2048
// id-MLDSA44-RSA2048-PKCS15-SHA256
"060B6086480186FA6B50080103", // mldsa44_ed25519
// id-MLDSA44-Ed25519-SHA512
"060B6086480186FA6B50080104", // mldsa44_p256
// id-MLDSA44-ECDSA-P256-SHA256
"060B6086480186FA6B50080105", // mldsa44_bp256
// id-MLDSA44-ECDSA-brainpoolP256r1-SHA256
"060B6086480186FA6B50080106", // mldsa65_pss3072
// id-MLDSA65-RSA3072-PSS-SHA512
"060B6086480186FA6B50080107", // mldsa65_rsa3072
// id-MLDSA65-RSA3072-PKCS15-SHA512
"060B6086480186FA6B50080108", // mldsa65_p256
// id-MLDSA65-ECDSA-P256-SHA512
"060B6086480186FA6B50080109", // mldsa65_bp256
// id-MLDSA65-ECDSA-brainpoolP256r1-SHA512
"060B6086480186FA6B5008010A", // mldsa65_ed25519
// id-MLDSA65-Ed25519-SHA512
"060B6086480186FA6B5008010B", // mldsa87_p384
// id-MLDSA87-ECDSA-P384-SHA512
"060B6086480186FA6B5008010C", // mldsa87_bp384
// id-MLDSA87-ECDSA-brainpoolP384r1-SHA512
"060B6086480186FA6B5008010D", // mldsa87_ed448 id-MLDSA87-Ed448-SHA512
"060B6086480186FA6B5008010E", // falcon512_p256
// id-Falon512-ECDSA-P256-SHA256
"060B6086480186FA6B5008010F", // falcon512_bp256
// id-Falcon512-ECDSA-brainpoolP256r1-SHA256
"060B6086480186FA6B50080110", // falcon512_ed25519
// id-Falcon512-Ed25519-SHA512
/*
* mldsa44_pss2048
* id-MLDSA44-RSA2048-PSS-SHA256
*/
(const unsigned char *)"060B6086480186FA6B50080101",

/*
* mldsa44_rsa2048
* id-MLDSA44-RSA2048-PKCS15-SHA256
*/
(const unsigned char *)"060B6086480186FA6B50080102",

/*
* mldsa44_ed25519
* id-MLDSA44-Ed25519-SHA512
*/
(const unsigned char *)"060B6086480186FA6B50080103",

/*
* mldsa44_p256
* id-MLDSA44-ECDSA-P256-SHA256
*/
(const unsigned char *)"060B6086480186FA6B50080104",

/*
* mldsa44_bp256
* id-MLDSA44-ECDSA-brainpoolP256r1-SHA256
*/
(const unsigned char *)"060B6086480186FA6B50080105",

/*
* mldsa65_pss3072
* id-MLDSA65-RSA3072-PSS-SHA512
*/
(const unsigned char *)"060B6086480186FA6B50080106",

/*
* mldsa65_rsa3072
* id-MLDSA65-RSA3072-PKCS15-SHA512
*/
(const unsigned char *)"060B6086480186FA6B50080107",

/*
* mldsa65_p256
* id-MLDSA65-ECDSA-P256-SHA512
*/
(const unsigned char *)"060B6086480186FA6B50080108",

/*
* mldsa65_bp256
* id-MLDSA65-ECDSA-brainpoolP256r1-SHA512
*/
(const unsigned char *)"060B6086480186FA6B50080109",

/*
* mldsa65_ed25519
* id-MLDSA65-Ed25519-SHA512
*/
(const unsigned char *)"060B6086480186FA6B5008010A",

/*
* mldsa87_p384
* id-MLDSA87-ECDSA-P384-SHA512
*/
(const unsigned char *)"060B6086480186FA6B5008010B",

/*
* mldsa87_bp384
* id-MLDSA87-ECDSA-brainpoolP384r1-SHA512
*/
(const unsigned char *)"060B6086480186FA6B5008010C",

/*
* mldsa87_ed448
* id-MLDSA87-Ed448-SHA512
*/
(const unsigned char *)"060B6086480186FA6B5008010D",

/*
* falcon512_p256
* id-Falon512-ECDSA-P256-SHA256
*/
(const unsigned char *)"060B6086480186FA6B5008010E",

/*
* falcon512_p256
* id-Falcon512-ECDSA-brainpoolP256r1-SHA256
*/
(const unsigned char *)"060B6086480186FA6B5008010F",

/*
* falcon512_ed25519
* id-Falcon512-Ed25519-SHA512
*/
(const unsigned char *)"060B6086480186FA6B50080110",
};

/*put the chars on in into memory on out*/
Expand Down Expand Up @@ -454,8 +517,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen,
oqs_sig_len = oqsxkey->oqsx_provider_ctx.oqsx_qs_ctx.sig
->length_signature;
buf = OPENSSL_malloc(oqs_sig_len);
if (OQS_SIG_sign(oqs_key, buf, &oqs_sig_len, final_tbs,
final_tbslen,
if (OQS_SIG_sign(oqs_key, buf, &oqs_sig_len,
(const unsigned char *)final_tbs, final_tbslen,
oqsxkey->comp_privkey[i]) != OQS_SUCCESS) {
ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED);
CompositeSignature_free(compsig);
Expand All @@ -478,7 +541,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen,
EVP_MD_CTX *evp_ctx = EVP_MD_CTX_new();
if ((EVP_DigestSignInit(evp_ctx, NULL, NULL, NULL,
oqs_key_classic) <= 0) ||
(EVP_DigestSign(evp_ctx, buf, &oqs_sig_len, final_tbs,
(EVP_DigestSign(evp_ctx, buf, &oqs_sig_len,
(const unsigned char *)final_tbs,
final_tbslen) <= 0)) {
ERR_raise(ERR_LIB_USER, ERR_R_FATAL);
CompositeSignature_free(compsig);
Expand Down Expand Up @@ -549,12 +613,12 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen,
if (comp_idx < 6) {
classical_md = EVP_sha256();
digest_len = SHA256_DIGEST_LENGTH;
SHA256(final_tbs, final_tbslen,
SHA256((const unsigned char *)final_tbs, final_tbslen,
(unsigned char *)&digest);
} else {
classical_md = EVP_sha512();
digest_len = SHA512_DIGEST_LENGTH;
SHA512(final_tbs, final_tbslen,
SHA512((const unsigned char *)final_tbs, final_tbslen,
(unsigned char *)&digest);
}

Expand Down Expand Up @@ -814,8 +878,8 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig,
}

if (get_oqsname_fromtls(name)) {
if (OQS_SIG_verify(oqs_key, final_tbs, final_tbslen, buf,
buf_len,
if (OQS_SIG_verify(oqs_key, (const unsigned char *)final_tbs,
final_tbslen, buf, buf_len,
oqsxkey->comp_pubkey[i]) != OQS_SUCCESS) {
ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR);
OPENSSL_free(name);
Expand All @@ -834,7 +898,8 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig,
EVP_MD_CTX *evp_ctx = EVP_MD_CTX_new();
if ((EVP_DigestVerifyInit(evp_ctx, NULL, NULL, NULL,
oqsxkey->classical_pkey) <= 0) ||
(EVP_DigestVerify(evp_ctx, buf, buf_len, final_tbs,
(EVP_DigestVerify(evp_ctx, buf, buf_len,
(const unsigned char *)final_tbs,
final_tbslen) <= 0)) {
ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR);
OPENSSL_free(name);
Expand Down Expand Up @@ -898,12 +963,12 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig,
if (comp_idx < 6) {
classical_md = EVP_sha256();
digest_len = SHA256_DIGEST_LENGTH;
SHA256(final_tbs, final_tbslen,
SHA256((const unsigned char *)final_tbs, final_tbslen,
(unsigned char *)&digest);
} else {
classical_md = EVP_sha512();
digest_len = SHA512_DIGEST_LENGTH;
SHA512(final_tbs, final_tbslen,
SHA512((const unsigned char *)final_tbs, final_tbslen,
(unsigned char *)&digest);
}

Expand Down
15 changes: 9 additions & 6 deletions oqsprov/oqsprov_keys.c
Original file line number Diff line number Diff line change
Expand Up @@ -397,10 +397,10 @@ EVP_PKEY *setECParams(EVP_PKEY *eck, int nid) {
0x04, 0x00, 0x22};
const unsigned char p521params[] = {0x06, 0x05, 0x2b, 0x81,
0x04, 0x00, 0x23};
const char bp256params[] = {0x06, 0x09, 0x2b, 0x24, 0x03, 0x03,
0x02, 0x08, 0x01, 0x01, 0x07};
const char bp384params[] = {0x06, 0x09, 0x2b, 0x24, 0x03, 0x03,
0x02, 0x08, 0x01, 0x01, 0x0b};
const unsigned char bp256params[] = {0x06, 0x09, 0x2b, 0x24, 0x03, 0x03,
0x02, 0x08, 0x01, 0x01, 0x07};
const unsigned char bp384params[] = {0x06, 0x09, 0x2b, 0x24, 0x03, 0x03,
0x02, 0x08, 0x01, 0x01, 0x0b};

const unsigned char *params;
switch (nid) {
Expand Down Expand Up @@ -702,8 +702,11 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p,
ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING);
goto err_key_op;
}
unsigned char *enc_len = OPENSSL_strndup(
p + previous_privlen + previous_publen, 4);
unsigned char *enc_len =
(unsigned char *)OPENSSL_strndup(
(const char *)(p + previous_privlen +
previous_publen),
4);
OPENSSL_cleanse(enc_len, 2);
DECODE_UINT32(privlen, enc_len);
privlen += 4;
Expand Down

0 comments on commit e547338

Please sign in to comment.