Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix various warnings. #480

Merged
merged 2 commits into from
Aug 18, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion CMakeLists.txt
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
if (WIN32)
cmake_minimum_required(VERSION 3.20 FATAL_ERROR)
else()
cmake_minimum_required(VERSION 3.0 FATAL_ERROR)
cmake_minimum_required(VERSION 3.5 FATAL_ERROR)
endif()
project(oqs-provider LANGUAGES C)
set(OQSPROVIDER_VERSION_TEXT "0.6.2-dev")
Expand Down
7 changes: 4 additions & 3 deletions oqsprov/oqs_encode_key2any.c
Original file line number Diff line number Diff line change
Expand Up @@ -703,8 +703,8 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder) {
nid =
oqsxkey->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype;
if (nid == EVP_PKEY_RSA) { // get the RSA real key size
unsigned char *enc_len =
OPENSSL_strndup(oqsxkey->comp_privkey[i], 4);
unsigned char *enc_len = (unsigned char *)OPENSSL_strndup(
oqsxkey->comp_privkey[i], 4);
OPENSSL_cleanse(enc_len, 2);
DECODE_UINT32(buflen, enc_len);
buflen += 4;
Expand Down Expand Up @@ -1684,7 +1684,8 @@ static int oqsx_to_text(BIO *out, const void *key, int selection) {
->keytype ==
EVP_PKEY_RSA) { // get the RSA real key size
unsigned char *enc_len =
OPENSSL_strndup(okey->comp_privkey[i], 4);
(unsigned char *)OPENSSL_strndup(
okey->comp_privkey[i], 4);
OPENSSL_cleanse(enc_len, 2);
DECODE_UINT32(privlen, enc_len);
privlen += 4;
Expand Down
147 changes: 106 additions & 41 deletions oqsprov/oqs_sig.c
Original file line number Diff line number Diff line change
Expand Up @@ -210,38 +210,101 @@ static int oqs_sig_verify_init(void *vpoqs_sigctx, void *voqssig,
// this list need to be in order of the last number on the OID from the
// composite, the len of each value is COMPOSITE_OID_PREFIX_LEN
static const unsigned char *composite_OID_prefix[] = {
"060B6086480186FA6B50080101", // mldsa44_pss2048
// id-MLDSA44-RSA2048-PSS-SHA256
"060B6086480186FA6B50080102", // mldsa44_rsa2048
// id-MLDSA44-RSA2048-PKCS15-SHA256
"060B6086480186FA6B50080103", // mldsa44_ed25519
// id-MLDSA44-Ed25519-SHA512
"060B6086480186FA6B50080104", // mldsa44_p256
// id-MLDSA44-ECDSA-P256-SHA256
"060B6086480186FA6B50080105", // mldsa44_bp256
// id-MLDSA44-ECDSA-brainpoolP256r1-SHA256
"060B6086480186FA6B50080106", // mldsa65_pss3072
// id-MLDSA65-RSA3072-PSS-SHA512
"060B6086480186FA6B50080107", // mldsa65_rsa3072
// id-MLDSA65-RSA3072-PKCS15-SHA512
"060B6086480186FA6B50080108", // mldsa65_p256
// id-MLDSA65-ECDSA-P256-SHA512
"060B6086480186FA6B50080109", // mldsa65_bp256
// id-MLDSA65-ECDSA-brainpoolP256r1-SHA512
"060B6086480186FA6B5008010A", // mldsa65_ed25519
// id-MLDSA65-Ed25519-SHA512
"060B6086480186FA6B5008010B", // mldsa87_p384
// id-MLDSA87-ECDSA-P384-SHA512
"060B6086480186FA6B5008010C", // mldsa87_bp384
// id-MLDSA87-ECDSA-brainpoolP384r1-SHA512
"060B6086480186FA6B5008010D", // mldsa87_ed448 id-MLDSA87-Ed448-SHA512
"060B6086480186FA6B5008010E", // falcon512_p256
// id-Falon512-ECDSA-P256-SHA256
"060B6086480186FA6B5008010F", // falcon512_bp256
// id-Falcon512-ECDSA-brainpoolP256r1-SHA256
"060B6086480186FA6B50080110", // falcon512_ed25519
// id-Falcon512-Ed25519-SHA512
/*
* mldsa44_pss2048
* id-MLDSA44-RSA2048-PSS-SHA256
*/
(const unsigned char *)"060B6086480186FA6B50080101",

/*
* mldsa44_rsa2048
* id-MLDSA44-RSA2048-PKCS15-SHA256
*/
(const unsigned char *)"060B6086480186FA6B50080102",

/*
* mldsa44_ed25519
* id-MLDSA44-Ed25519-SHA512
*/
(const unsigned char *)"060B6086480186FA6B50080103",

/*
* mldsa44_p256
* id-MLDSA44-ECDSA-P256-SHA256
*/
(const unsigned char *)"060B6086480186FA6B50080104",

/*
* mldsa44_bp256
* id-MLDSA44-ECDSA-brainpoolP256r1-SHA256
*/
(const unsigned char *)"060B6086480186FA6B50080105",

/*
* mldsa65_pss3072
* id-MLDSA65-RSA3072-PSS-SHA512
*/
(const unsigned char *)"060B6086480186FA6B50080106",

/*
* mldsa65_rsa3072
* id-MLDSA65-RSA3072-PKCS15-SHA512
*/
(const unsigned char *)"060B6086480186FA6B50080107",

/*
* mldsa65_p256
* id-MLDSA65-ECDSA-P256-SHA512
*/
(const unsigned char *)"060B6086480186FA6B50080108",

/*
* mldsa65_bp256
* id-MLDSA65-ECDSA-brainpoolP256r1-SHA512
*/
(const unsigned char *)"060B6086480186FA6B50080109",

/*
* mldsa65_ed25519
* id-MLDSA65-Ed25519-SHA512
*/
(const unsigned char *)"060B6086480186FA6B5008010A",

/*
* mldsa87_p384
* id-MLDSA87-ECDSA-P384-SHA512
*/
(const unsigned char *)"060B6086480186FA6B5008010B",

/*
* mldsa87_bp384
* id-MLDSA87-ECDSA-brainpoolP384r1-SHA512
*/
(const unsigned char *)"060B6086480186FA6B5008010C",

/*
* mldsa87_ed448
* id-MLDSA87-Ed448-SHA512
*/
(const unsigned char *)"060B6086480186FA6B5008010D",

/*
* falcon512_p256
* id-Falon512-ECDSA-P256-SHA256
*/
(const unsigned char *)"060B6086480186FA6B5008010E",

/*
* falcon512_p256
* id-Falcon512-ECDSA-brainpoolP256r1-SHA256
*/
(const unsigned char *)"060B6086480186FA6B5008010F",

/*
* falcon512_ed25519
* id-Falcon512-Ed25519-SHA512
*/
(const unsigned char *)"060B6086480186FA6B50080110",
};

/*put the chars on in into memory on out*/
Expand Down Expand Up @@ -454,8 +517,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen,
oqs_sig_len = oqsxkey->oqsx_provider_ctx.oqsx_qs_ctx.sig
->length_signature;
buf = OPENSSL_malloc(oqs_sig_len);
if (OQS_SIG_sign(oqs_key, buf, &oqs_sig_len, final_tbs,
final_tbslen,
if (OQS_SIG_sign(oqs_key, buf, &oqs_sig_len,
(const unsigned char *)final_tbs, final_tbslen,
oqsxkey->comp_privkey[i]) != OQS_SUCCESS) {
ERR_raise(ERR_LIB_USER, OQSPROV_R_SIGNING_FAILED);
CompositeSignature_free(compsig);
Expand All @@ -478,7 +541,8 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen,
EVP_MD_CTX *evp_ctx = EVP_MD_CTX_new();
if ((EVP_DigestSignInit(evp_ctx, NULL, NULL, NULL,
oqs_key_classic) <= 0) ||
(EVP_DigestSign(evp_ctx, buf, &oqs_sig_len, final_tbs,
(EVP_DigestSign(evp_ctx, buf, &oqs_sig_len,
(const unsigned char *)final_tbs,
final_tbslen) <= 0)) {
ERR_raise(ERR_LIB_USER, ERR_R_FATAL);
CompositeSignature_free(compsig);
Expand Down Expand Up @@ -549,12 +613,12 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen,
if (comp_idx < 6) {
classical_md = EVP_sha256();
digest_len = SHA256_DIGEST_LENGTH;
SHA256(final_tbs, final_tbslen,
SHA256((const unsigned char *)final_tbs, final_tbslen,
(unsigned char *)&digest);
} else {
classical_md = EVP_sha512();
digest_len = SHA512_DIGEST_LENGTH;
SHA512(final_tbs, final_tbslen,
SHA512((const unsigned char *)final_tbs, final_tbslen,
(unsigned char *)&digest);
}

Expand Down Expand Up @@ -814,8 +878,8 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig,
}

if (get_oqsname_fromtls(name)) {
if (OQS_SIG_verify(oqs_key, final_tbs, final_tbslen, buf,
buf_len,
if (OQS_SIG_verify(oqs_key, (const unsigned char *)final_tbs,
final_tbslen, buf, buf_len,
oqsxkey->comp_pubkey[i]) != OQS_SUCCESS) {
ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR);
OPENSSL_free(name);
Expand All @@ -834,7 +898,8 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig,
EVP_MD_CTX *evp_ctx = EVP_MD_CTX_new();
if ((EVP_DigestVerifyInit(evp_ctx, NULL, NULL, NULL,
oqsxkey->classical_pkey) <= 0) ||
(EVP_DigestVerify(evp_ctx, buf, buf_len, final_tbs,
(EVP_DigestVerify(evp_ctx, buf, buf_len,
(const unsigned char *)final_tbs,
final_tbslen) <= 0)) {
ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR);
OPENSSL_free(name);
Expand Down Expand Up @@ -898,12 +963,12 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig,
if (comp_idx < 6) {
classical_md = EVP_sha256();
digest_len = SHA256_DIGEST_LENGTH;
SHA256(final_tbs, final_tbslen,
SHA256((const unsigned char *)final_tbs, final_tbslen,
(unsigned char *)&digest);
} else {
classical_md = EVP_sha512();
digest_len = SHA512_DIGEST_LENGTH;
SHA512(final_tbs, final_tbslen,
SHA512((const unsigned char *)final_tbs, final_tbslen,
(unsigned char *)&digest);
}

Expand Down
15 changes: 9 additions & 6 deletions oqsprov/oqsprov_keys.c
Original file line number Diff line number Diff line change
Expand Up @@ -397,10 +397,10 @@ EVP_PKEY *setECParams(EVP_PKEY *eck, int nid) {
0x04, 0x00, 0x22};
const unsigned char p521params[] = {0x06, 0x05, 0x2b, 0x81,
0x04, 0x00, 0x23};
const char bp256params[] = {0x06, 0x09, 0x2b, 0x24, 0x03, 0x03,
0x02, 0x08, 0x01, 0x01, 0x07};
const char bp384params[] = {0x06, 0x09, 0x2b, 0x24, 0x03, 0x03,
0x02, 0x08, 0x01, 0x01, 0x0b};
const unsigned char bp256params[] = {0x06, 0x09, 0x2b, 0x24, 0x03, 0x03,
0x02, 0x08, 0x01, 0x01, 0x07};
const unsigned char bp384params[] = {0x06, 0x09, 0x2b, 0x24, 0x03, 0x03,
0x02, 0x08, 0x01, 0x01, 0x0b};

const unsigned char *params;
switch (nid) {
Expand Down Expand Up @@ -702,8 +702,11 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p,
ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING);
goto err_key_op;
}
unsigned char *enc_len = OPENSSL_strndup(
p + previous_privlen + previous_publen, 4);
unsigned char *enc_len =
(unsigned char *)OPENSSL_strndup(
(const char *)(p + previous_privlen +
previous_publen),
4);
OPENSSL_cleanse(enc_len, 2);
DECODE_UINT32(privlen, enc_len);
privlen += 4;
Expand Down
Loading