giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fixed warnings about precision loss

This commit is contained in:
Frank Morgner 2018-10-31 13:10:12 +01:00
parent 5c7b7bb0b1
commit 54cb1099a0
10 changed files with 133 additions and 121 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

96
src/pkcs11/framework-pkcs15.c
View File

@ -424,10 +424,13 @@ pkcs15_init_token_info(struct sc_pkcs15_card *p15card, CK_TOKEN_INFO_PTR pToken)
* will assure that the serial within each type of card will be
* unique in pkcs11 (at least for the first 8^16 cards :-) */
if (p15card->tokeninfo->serial_number != NULL) {
int sn_start = strlen(p15card->tokeninfo->serial_number) - 16;
size_t sn_start = strlen(p15card->tokeninfo->serial_number);
if (sn_start < 0)
if (sn_start <= 16)
sn_start = 0;
else
sn_start -= 16;
strcpy_bp(pToken->serialNumber, p15card->tokeninfo->serial_number + sn_start, 16);
}
@ -450,7 +453,7 @@ static char *
set_cka_label(CK_ATTRIBUTE_PTR attr, char *label)
{
char *l = (char *)attr->pValue;
int len = attr->ulValueLen;
unsigned long len = attr->ulValueLen;
if (len >= SC_PKCS15_MAX_LABEL_SIZE)
len = SC_PKCS15_MAX_LABEL_SIZE-1;
@ -1122,7 +1125,7 @@ pkcs15_create_slot(struct sc_pkcs11_card *p11card, struct pkcs15_fw_data *fw_dat
struct sc_pkcs11_slot **out)
{
struct sc_pkcs11_slot *slot = NULL;
int rv;
CK_RV rv;
sc_log(context, "Create slot (p11card %p, fw_data %p, auth %p, app_info %p)", p11card, fw_data, auth, app_info);
rv = slot_allocate(&slot, p11card);
@ -1401,7 +1404,8 @@ pkcs15_create_tokens(struct sc_pkcs11_card *p11card, struct sc_app_info *app_inf
struct sc_pkcs15_object *auth_user_pin = NULL, *auth_sign_pin = NULL;
struct sc_pkcs11_slot *slot = NULL, *sign_slot = NULL;
unsigned int cs_flags = sc_pkcs11_conf.create_slots_flags;
int i, rv, idx;
CK_RV rv;
int rc, i, idx;
sc_log(context, "create PKCS#15 tokens; fws:%p,%p,%p", p11card->fws_data[0], p11card->fws_data[1], p11card->fws_data[2]);
sc_log(context, "create slots flags 0x%X", cs_flags);
@ -1422,9 +1426,9 @@ pkcs15_create_tokens(struct sc_pkcs11_card *p11card, struct sc_app_info *app_inf
sc_log(context, "Flags:0x%X; Auth User/Sign PINs %p/%p", cs_flags, auth_user_pin, auth_sign_pin);
/* Add PKCS#15 objects of the known types to the framework data */
rv = _pkcs15_create_typed_objects(fw_data);
if (rv < 0)
return sc_to_cryptoki_error(rv, NULL);
rc = _pkcs15_create_typed_objects(fw_data);
if (rc < 0)
return sc_to_cryptoki_error(rc, NULL);
sc_log(context, "Found %d FW objects objects", fw_data->num_objects);
/* Create slots for all non-unblock, non-so PINs if:
@ -1437,10 +1441,10 @@ pkcs15_create_tokens(struct sc_pkcs11_card *p11card, struct sc_app_info *app_inf
memset(auths, 0, sizeof(auths));
/* Get authentication PKCS#15 objects present in the associated on-card application */
rv = sc_pkcs15_get_objects(fw_data->p15_card, SC_PKCS15_TYPE_AUTH_PIN, auths, SC_PKCS15_MAX_PINS);
if (rv < 0)
return sc_to_cryptoki_error(rv, NULL);
auth_count = rv;
rc = sc_pkcs15_get_objects(fw_data->p15_card, SC_PKCS15_TYPE_AUTH_PIN, auths, SC_PKCS15_MAX_PINS);
if (rc < 0)
return sc_to_cryptoki_error(rc, NULL);
auth_count = rc;
sc_log(context, "Found %d authentication objects", auth_count);
for (i = 0; i < auth_count; i++) {
@ -1556,7 +1560,7 @@ pkcs15_login(struct sc_pkcs11_slot *slot, CK_USER_TYPE userType,
if (sc_pkcs11_conf.pin_unblock_style == SC_PKCS11_PIN_UNBLOCK_SO_LOGGED_INITPIN) {
if (ulPinLen && ulPinLen < sizeof(fw_data->user_puk)) {
memcpy(fw_data->user_puk, pPin, ulPinLen);
fw_data->user_puk_len = ulPinLen;
fw_data->user_puk_len = (unsigned int) ulPinLen;
}
}
@ -2054,7 +2058,8 @@ pkcs15_create_private_key(struct sc_pkcs11_slot *slot, struct sc_profile *profil
CK_KEY_TYPE key_type;
struct sc_pkcs15_prkey_rsa *rsa = NULL;
struct sc_pkcs15_prkey_gostr3410 *gost = NULL;
int rc, rv;
int rc;
CK_RV rv;
char label[SC_PKCS15_MAX_LABEL_SIZE];
memset(&args, 0, sizeof(args));
@ -2207,7 +2212,7 @@ pkcs15_create_secret_key(struct sc_pkcs11_slot *slot, struct sc_profile *profile
struct sc_pkcs15_skey_info *skey_info;
CK_KEY_TYPE key_type;
CK_BBOOL _token = FALSE;
int rv;
CK_RV rv;
char label[SC_PKCS15_MAX_LABEL_SIZE];
memset(&args, 0, sizeof(args));
@ -2309,7 +2314,7 @@ pkcs15_create_secret_key(struct sc_pkcs11_slot *slot, struct sc_profile *profile
goto out;
}
key_obj->data = skey_info;
skey_info->usage = args.usage;
skey_info->usage = (unsigned int) args.usage;
skey_info->native = 0; /* card can not use this */
skey_info->access_flags = 0; /* looks like not needed */
skey_info->key_type = key_type; /* PKCS#11 CKK_* */
@ -2358,7 +2363,8 @@ pkcs15_create_public_key(struct sc_pkcs11_slot *slot, struct sc_profile *profile
struct sc_pkcs15_auth_info *pin = NULL;
CK_KEY_TYPE key_type;
struct sc_pkcs15_pubkey_rsa *rsa = NULL;
int rc, rv;
int rc;
CK_RV rv;
char label[SC_PKCS15_MAX_LABEL_SIZE];
memset(&args, 0, sizeof(args));
@ -2463,7 +2469,8 @@ pkcs15_create_certificate(struct sc_pkcs11_slot *slot,
struct sc_pkcs15_object *cert_obj = NULL;
CK_CERTIFICATE_TYPE cert_type;
CK_BBOOL bValue;
int rc, rv;
int rc;
CK_RV rv;
char label[SC_PKCS15_MAX_LABEL_SIZE];
memset(&args, 0, sizeof(args));
@ -2544,7 +2551,8 @@ pkcs15_create_data(struct sc_pkcs11_slot *slot, struct sc_profile *profile,
struct sc_pkcs15_object *data_obj = NULL;
struct sc_pkcs15_auth_info *pin = NULL;
CK_BBOOL bValue;
int rc, rv;
int rc;
CK_RV rv;
char label[SC_PKCS15_MAX_LABEL_SIZE];
memset(&args, 0, sizeof(args));
@ -2624,7 +2632,8 @@ pkcs15_create_object(struct sc_pkcs11_slot *slot, CK_ATTRIBUTE_PTR pTemplate, CK
struct sc_profile *profile = NULL;
CK_OBJECT_CLASS _class;
CK_BBOOL _token = FALSE;
int rv, rc;
CK_RV rv;
int rc;
fw_data = (struct pkcs15_fw_data *) p11card->fws_data[slot->fw_data_idx];
if (!fw_data)
@ -2875,7 +2884,8 @@ pkcs15_gen_keypair(struct sc_pkcs11_slot *slot, CK_MECHANISM_PTR pMechanism,
CK_ULONG keybits = 0;
char pub_label[SC_PKCS15_MAX_LABEL_SIZE];
char priv_label[SC_PKCS15_MAX_LABEL_SIZE];
int rc, rv = CKR_OK;
int rc;
CK_RV rv = CKR_OK;
sc_log(context, "Keypair generation, mech = 0x%0lx",
pMechanism->mechanism);
@ -2996,7 +3006,7 @@ pkcs15_gen_keypair(struct sc_pkcs11_slot *slot, CK_MECHANISM_PTR pMechanism,
sc_pkcs15init_set_p15card(profile, fw_data->p15_card);
sc_log(context, "Try on-card key pair generation");
rc = sc_pkcs15init_generate_key(fw_data->p15_card, profile, &keygen_args, keybits, &priv_key_obj);
rc = sc_pkcs15init_generate_key(fw_data->p15_card, profile, &keygen_args, (unsigned int) keybits, &priv_key_obj);
if (rc >= 0) {
id = ((struct sc_pkcs15_prkey_info *) priv_key_obj->data)->id;
rc = sc_pkcs15_find_pubkey_by_id(fw_data->p15_card, &id, &pub_key_obj);
@ -3245,7 +3255,7 @@ pkcs15_set_attrib(struct sc_pkcs11_session *session, struct sc_pkcs15_object *p1
switch(attr->type) {
case CKA_LABEL:
rv = sc_pkcs15init_change_attrib(fw_data->p15_card, profile, p15_object,
P15_ATTR_TYPE_LABEL, attr->pValue, attr->ulValueLen);
P15_ATTR_TYPE_LABEL, attr->pValue, (unsigned int) attr->ulValueLen);
break;
case CKA_ID:
if (attr->ulValueLen > SC_PKCS15_MAX_ID_SIZE) {
@ -3266,7 +3276,7 @@ pkcs15_set_attrib(struct sc_pkcs11_session *session, struct sc_pkcs15_object *p1
goto set_attr_done;
}
rv = sc_pkcs15init_change_attrib(fw_data->p15_card, profile, p15_object,
P15_ATTR_TYPE_VALUE, attr->pValue, attr->ulValueLen);
P15_ATTR_TYPE_VALUE, attr->pValue, (unsigned int) attr->ulValueLen);
break;
default:
ck_rv = CKR_ATTRIBUTE_READ_ONLY;
@ -3407,7 +3417,7 @@ pkcs15_cert_get_attribute(struct sc_pkcs11_session *session, void *object, CK_AT
#define ASN1_SET_TAG (SC_ASN1_SET | SC_ASN1_TAG_CONSTRUCTED)
#define ASN1_SEQ_TAG (SC_ASN1_SEQUENCE | SC_ASN1_TAG_CONSTRUCTED)
static int
static CK_RV
pkcs15_cert_cmp_attribute(struct sc_pkcs11_session *session,
void *object, CK_ATTRIBUTE_PTR attr)
{
@ -3751,7 +3761,8 @@ pkcs15_prkey_sign(struct sc_pkcs11_session *session, void *obj,
struct pkcs15_prkey_object *prkey = (struct pkcs15_prkey_object *) obj;
struct sc_pkcs11_card *p11card = session->slot->p11card;
struct pkcs15_fw_data *fw_data = NULL;
int rv, flags = 0, prkey_has_path = 0;
CK_RV rv;
int flags = 0, prkey_has_path = 0, rc;
unsigned sign_flags = SC_PKCS15_PRKEY_USAGE_SIGN | SC_PKCS15_PRKEY_USAGE_SIGNRECOVER
| SC_PKCS15_PRKEY_USAGE_NONREPUDIATION;
@ -3876,16 +3887,16 @@ pkcs15_prkey_sign(struct sc_pkcs11_session *session, void *obj,
return CKR_MECHANISM_INVALID;
}
rv = sc_lock(p11card->card);
if (rv < 0)
return sc_to_cryptoki_error(rv, "C_Sign");
rc = sc_lock(p11card->card);
if (rc < 0)
return sc_to_cryptoki_error(rc, "C_Sign");
sc_log(context,
"Selected flags %X. Now computing signature for %lu bytes. %lu bytes reserved.",
flags, ulDataLen, *pulDataLen);
rv = sc_pkcs15_compute_signature(fw_data->p15_card, prkey->prv_p15obj, flags,
rc = sc_pkcs15_compute_signature(fw_data->p15_card, prkey->prv_p15obj, flags,
pData, ulDataLen, pSignature, *pulDataLen);
if (rv < 0 && !sc_pkcs11_conf.lock_login && !prkey_has_path) {
if (rc < 0 && !sc_pkcs11_conf.lock_login && !prkey_has_path) {
/* If private key PKCS#15 object do not have 'path' attribute,
* and if PKCS#11 login session is not locked,
* the compute signature could fail because of concurrent access to the card
@ -3893,20 +3904,20 @@ pkcs15_prkey_sign(struct sc_pkcs11_session *session, void *obj,
* In this particular case try to 'reselect' application DF.
*/
if (reselect_app_df(fw_data->p15_card) == SC_SUCCESS)
rv = sc_pkcs15_compute_signature(fw_data->p15_card, prkey->prv_p15obj, flags,
rc = sc_pkcs15_compute_signature(fw_data->p15_card, prkey->prv_p15obj, flags,
pData, ulDataLen, pSignature, *pulDataLen);
}
sc_unlock(p11card->card);
sc_log(context, "Sign complete. Result %d.", rv);
sc_log(context, "Sign complete. Result %d.", rc);
if (rv > 0) {
*pulDataLen = rv;
if (rc > 0) {
*pulDataLen = rc;
return CKR_OK;
}
return sc_to_cryptoki_error(rv, "C_Sign");
return sc_to_cryptoki_error(rc, "C_Sign");
}
@ -4447,7 +4458,7 @@ pkcs15_dobj_set_attribute(struct sc_pkcs11_session *session,
}
static int
static CK_RV
pkcs15_dobj_get_value(struct sc_pkcs11_session *session,
struct pkcs15_data_object *dobj,
struct sc_pkcs15_data **out_data)
@ -4930,12 +4941,12 @@ get_usage_bit(unsigned int usage, CK_ATTRIBUTE_PTR attr)
}
static int
static CK_RV
register_gost_mechanisms(struct sc_pkcs11_card *p11card, int flags)
{
CK_MECHANISM_INFO mech_info;
sc_pkcs11_mechanism_type_t *mt;
int rc;
CK_RV rc;
mech_info.flags = CKF_HW | CKF_SIGN | CKF_DECRYPT;
#ifdef ENABLE_OPENSSL
@ -4978,13 +4989,13 @@ register_gost_mechanisms(struct sc_pkcs11_card *p11card, int flags)
}
static int register_ec_mechanisms(struct sc_pkcs11_card *p11card, int flags,
static CK_RV register_ec_mechanisms(struct sc_pkcs11_card *p11card, int flags,
unsigned long ext_flags, CK_ULONG min_key_size, CK_ULONG max_key_size)
{
CK_MECHANISM_INFO mech_info;
sc_pkcs11_mechanism_type_t *mt;
CK_FLAGS ec_flags = 0;
int rc;
CK_RV rc;
if (ext_flags & SC_ALGORITHM_EXT_EC_F_P)
ec_flags |= CKF_EC_F_P;
@ -5074,7 +5085,8 @@ register_mechanisms(struct sc_pkcs11_card *p11card)
unsigned long ec_ext_flags;
sc_pkcs11_mechanism_type_t *mt;
unsigned int num;
int rc, rsa_flags = 0, ec_flags = 0, gostr_flags = 0;
int rsa_flags = 0, ec_flags = 0, gostr_flags = 0;
CK_RV rc;
/* Register generic mechanisms */
sc_pkcs11_register_generic_mechanisms(p11card);

5
src/pkcs11/framework-pkcs15init.c
View File

@ -57,7 +57,7 @@ pkcs15init_create_tokens(struct sc_pkcs11_card *p11card, struct sc_app_info *app
{
struct sc_profile *profile;
struct sc_pkcs11_slot *slot;
int rc;
CK_RV rc;
profile = (struct sc_profile *) p11card->fws_data[0];
@ -130,7 +130,8 @@ pkcs15init_initialize(struct sc_pkcs11_slot *pslot, void *ptr,
struct sc_profile *profile = (struct sc_profile *) p11card->fws_data[0];
struct sc_pkcs15init_initargs args;
struct sc_pkcs11_slot *slot;
int rc, rv, id;
CK_RV rv;
int rc, id;
memset(&args, 0, sizeof(args));
args.so_pin = pPin;

83
src/pkcs11/mechanism.c
View File

@ -40,7 +40,7 @@ struct signature_data {
struct hash_signature_info *info;
sc_pkcs11_operation_t * md;
CK_BYTE buffer[4096/8];
unsigned int buffer_len;
unsigned int buffer_len;
};
/*
@ -95,7 +95,7 @@ sc_pkcs11_get_mechanism_list(struct sc_pkcs11_card *p11card,
{
sc_pkcs11_mechanism_type_t *mt;
unsigned int n, count = 0;
int rv;
CK_RV rv;
if (!p11card)
return CKR_TOKEN_NOT_PRESENT;
@ -166,7 +166,7 @@ sc_pkcs11_md_init(struct sc_pkcs11_session *session,
struct sc_pkcs11_card *p11card;
sc_pkcs11_operation_t *operation;
sc_pkcs11_mechanism_type_t *mt;
int rv;
CK_RV rv;
LOG_FUNC_CALLED(context);
if (!session || !session->slot || !(p11card = session->slot->p11card))
@ -179,7 +179,7 @@ sc_pkcs11_md_init(struct sc_pkcs11_session *session,
rv = session_start_operation(session, SC_PKCS11_OPERATION_DIGEST, mt, &operation);
if (rv != CKR_OK)
LOG_FUNC_RETURN(context, rv);
LOG_FUNC_RETURN(context, (int) rv);
memcpy(&operation->mechanism, pMechanism, sizeof(CK_MECHANISM));
@ -188,7 +188,7 @@ sc_pkcs11_md_init(struct sc_pkcs11_session *session,
if (rv != CKR_OK)
session_stop_operation(session, SC_PKCS11_OPERATION_DIGEST);
LOG_FUNC_RETURN(context, rv);
LOG_FUNC_RETURN(context, (int) rv);
}
CK_RV
@ -196,7 +196,7 @@ sc_pkcs11_md_update(struct sc_pkcs11_session *session,
CK_BYTE_PTR pData, CK_ULONG ulDataLen)
{
sc_pkcs11_operation_t *op;
int rv;
CK_RV rv;
rv = session_get_operation(session, SC_PKCS11_OPERATION_DIGEST, &op);
if (rv != CKR_OK)
@ -208,7 +208,7 @@ done:
if (rv != CKR_OK)
session_stop_operation(session, SC_PKCS11_OPERATION_DIGEST);
LOG_FUNC_RETURN(context, rv);
LOG_FUNC_RETURN(context, (int) rv);
}
CK_RV
@ -220,7 +220,7 @@ sc_pkcs11_md_final(struct sc_pkcs11_session *session,
rv = session_get_operation(session, SC_PKCS11_OPERATION_DIGEST, &op);
if (rv != CKR_OK)
LOG_FUNC_RETURN(context, rv);
LOG_FUNC_RETURN(context, (int) rv);
/* This is a request for the digest length */
if (pData == NULL)
@ -231,7 +231,7 @@ sc_pkcs11_md_final(struct sc_pkcs11_session *session,
LOG_FUNC_RETURN(context, pData == NULL ? CKR_OK : CKR_BUFFER_TOO_SMALL);
session_stop_operation(session, SC_PKCS11_OPERATION_DIGEST);
LOG_FUNC_RETURN(context, rv);
LOG_FUNC_RETURN(context, (int) rv);
}
/*
@ -245,7 +245,7 @@ sc_pkcs11_sign_init(struct sc_pkcs11_session *session, CK_MECHANISM_PTR pMechani
struct sc_pkcs11_card *p11card;
sc_pkcs11_operation_t *operation;
sc_pkcs11_mechanism_type_t *mt;
int rv;
CK_RV rv;
LOG_FUNC_CALLED(context);
if (!session || !session->slot || !(p11card = session->slot->p11card))
@ -268,7 +268,7 @@ sc_pkcs11_sign_init(struct sc_pkcs11_session *session, CK_MECHANISM_PTR pMechani
rv = session_start_operation(session, SC_PKCS11_OPERATION_SIGN, mt, &operation);
if (rv != CKR_OK)
LOG_FUNC_RETURN(context, rv);
LOG_FUNC_RETURN(context, (int) rv);
memcpy(&operation->mechanism, pMechanism, sizeof(CK_MECHANISM));
if (pMechanism->pParameter) {
@ -280,7 +280,7 @@ sc_pkcs11_sign_init(struct sc_pkcs11_session *session, CK_MECHANISM_PTR pMechani
if (rv != CKR_OK)
session_stop_operation(session, SC_PKCS11_OPERATION_SIGN);
LOG_FUNC_RETURN(context, rv);
LOG_FUNC_RETURN(context, (int) rv);
}
CK_RV
@ -288,12 +288,12 @@ sc_pkcs11_sign_update(struct sc_pkcs11_session *session,
CK_BYTE_PTR pData, CK_ULONG ulDataLen)
{
sc_pkcs11_operation_t *op;
int rv;
CK_RV rv;
LOG_FUNC_CALLED(context);
rv = session_get_operation(session, SC_PKCS11_OPERATION_SIGN, &op);
if (rv != CKR_OK)
LOG_FUNC_RETURN(context, rv);
LOG_FUNC_RETURN(context, (int) rv);
if (op->type->sign_update == NULL) {
rv = CKR_KEY_TYPE_INCONSISTENT;
@ -306,7 +306,7 @@ done:
if (rv != CKR_OK)
session_stop_operation(session, SC_PKCS11_OPERATION_SIGN);
LOG_FUNC_RETURN(context, rv);
LOG_FUNC_RETURN(context, (int) rv);
}
CK_RV
@ -314,12 +314,12 @@ sc_pkcs11_sign_final(struct sc_pkcs11_session *session,
CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen)
{
sc_pkcs11_operation_t *op;
int rv;
CK_RV rv;
LOG_FUNC_CALLED(context);
rv = session_get_operation(session, SC_PKCS11_OPERATION_SIGN, &op);
if (rv != CKR_OK)
LOG_FUNC_RETURN(context, rv);
LOG_FUNC_RETURN(context, (int) rv);
/* Bail out for signature mechanisms that don't do hashing */
if (op->type->sign_final == NULL) {
@ -333,18 +333,18 @@ done:
if (rv != CKR_BUFFER_TOO_SMALL && pSignature != NULL)
session_stop_operation(session, SC_PKCS11_OPERATION_SIGN);
LOG_FUNC_RETURN(context, rv);
LOG_FUNC_RETURN(context, (int) rv);
}
CK_RV
sc_pkcs11_sign_size(struct sc_pkcs11_session *session, CK_ULONG_PTR pLength)
{
sc_pkcs11_operation_t *op;
int rv;
CK_RV rv;
rv = session_get_operation(session, SC_PKCS11_OPERATION_SIGN, &op);
if (rv != CKR_OK)
LOG_FUNC_RETURN(context, rv);
LOG_FUNC_RETURN(context, (int) rv);
/* Bail out for signature mechanisms that don't do hashing */
if (op->type->sign_size == NULL) {
@ -358,7 +358,7 @@ done:
if (rv != CKR_OK)
session_stop_operation(session, SC_PKCS11_OPERATION_SIGN);
LOG_FUNC_RETURN(context, rv);
LOG_FUNC_RETURN(context, (int) rv);
}
/*
@ -392,7 +392,7 @@ sc_pkcs11_signature_init(sc_pkcs11_operation_t *operation,
else {
/* Mechanism recognised but cannot be performed by pkcs#15 card, or some general error. */
free(data);
LOG_FUNC_RETURN(context, rv);
LOG_FUNC_RETURN(context, (int) rv);
}
}
@ -402,7 +402,7 @@ sc_pkcs11_signature_init(sc_pkcs11_operation_t *operation,
if (rv != CKR_OK) {
/* Probably bad arguments */
free(data);
LOG_FUNC_RETURN(context, rv);
LOG_FUNC_RETURN(context, (int) rv);
}
}
@ -421,7 +421,7 @@ sc_pkcs11_signature_init(sc_pkcs11_operation_t *operation,
if (rv != CKR_OK) {
sc_pkcs11_release_operation(&data->md);
free(data);
LOG_FUNC_RETURN(context, rv);
LOG_FUNC_RETURN(context, (int) rv);
}
data->info = info;
}
@ -441,7 +441,7 @@ sc_pkcs11_signature_update(sc_pkcs11_operation_t *operation,
data = (struct signature_data *) operation->priv_data;
if (data->md) {
CK_RV rv = data->md->type->md_update(data->md, pPart, ulPartLen);
LOG_FUNC_RETURN(context, rv);
LOG_FUNC_RETURN(context, (int) rv);
}
/* This signature mechanism operates on the raw data */
@ -449,7 +449,6 @@ sc_pkcs11_signature_update(sc_pkcs11_operation_t *operation,
LOG_FUNC_RETURN(context, CKR_DATA_LEN_RANGE);
memcpy(data->buffer + data->buffer_len, pPart, ulPartLen);
data->buffer_len += ulPartLen;
sc_log(context, "data length %u", data->buffer_len);
LOG_FUNC_RETURN(context, CKR_OK);
}
@ -462,7 +461,6 @@ sc_pkcs11_signature_final(sc_pkcs11_operation_t *operation,
LOG_FUNC_CALLED(context);
data = (struct signature_data *) operation->priv_data;
sc_log(context, "data length %u", data->buffer_len);
if (data->md) {
sc_pkcs11_operation_t *md = data->md;
CK_ULONG len = sizeof(data->buffer);
@ -471,14 +469,13 @@ sc_pkcs11_signature_final(sc_pkcs11_operation_t *operation,
if (rv == CKR_BUFFER_TOO_SMALL)
rv = CKR_FUNCTION_FAILED;
if (rv != CKR_OK)
LOG_FUNC_RETURN(context, rv);
data->buffer_len = len;
LOG_FUNC_RETURN(context, (int) rv);
data->buffer_len = (unsigned int) len;
}
sc_log(context, "%u bytes to sign", data->buffer_len);
rv = data->key->ops->sign(operation->session, data->key, &operation->mechanism,
data->buffer, data->buffer_len, pSignature, pulSignatureLen);
LOG_FUNC_RETURN(context, rv);
LOG_FUNC_RETURN(context, (int) rv);
}
static CK_RV
@ -521,7 +518,7 @@ sc_pkcs11_signature_size(sc_pkcs11_operation_t *operation, CK_ULONG_PTR pLength)
}
}
LOG_FUNC_RETURN(context, rv);
LOG_FUNC_RETURN(context, (int) rv);
}
static void
@ -549,7 +546,7 @@ sc_pkcs11_verif_init(struct sc_pkcs11_session *session, CK_MECHANISM_PTR pMechan
struct sc_pkcs11_card *p11card;
sc_pkcs11_operation_t *operation;
sc_pkcs11_mechanism_type_t *mt;
int rv;
CK_RV rv;
if (!session || !session->slot
|| !(p11card = session->slot->p11card))
@ -583,7 +580,7 @@ sc_pkcs11_verif_update(struct sc_pkcs11_session *session,
CK_BYTE_PTR pData, CK_ULONG ulDataLen)
{
sc_pkcs11_operation_t *op;
int rv;
CK_RV rv;
rv = session_get_operation(session, SC_PKCS11_OPERATION_VERIFY, &op);
if (rv != CKR_OK)
@ -608,7 +605,7 @@ sc_pkcs11_verif_final(struct sc_pkcs11_session *session,
CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
{
sc_pkcs11_operation_t *op;
int rv;
CK_RV rv;
rv = session_get_operation(session, SC_PKCS11_OPERATION_VERIFY, &op);
if (rv != CKR_OK)
@ -635,7 +632,7 @@ sc_pkcs11_verify_init(sc_pkcs11_operation_t *operation,
{
struct hash_signature_info *info;
struct signature_data *data;
int rv;
CK_RV rv;
if (!(data = calloc(1, sizeof(*data))))
return CKR_HOST_MEMORY;
@ -651,7 +648,7 @@ sc_pkcs11_verify_init(sc_pkcs11_operation_t *operation,
else {
/* Mechanism cannot be performed by pkcs#15 card, or some general error. */
free(data);
LOG_FUNC_RETURN(context, rv);
LOG_FUNC_RETURN(context, (int) rv);
}
}
@ -661,7 +658,7 @@ sc_pkcs11_verify_init(sc_pkcs11_operation_t *operation,
if (rv != CKR_OK) {
/* Probably bad arguments */
free(data);
LOG_FUNC_RETURN(context, rv);
LOG_FUNC_RETURN(context, (int) rv);
}
}
@ -721,7 +718,7 @@ sc_pkcs11_verify_final(sc_pkcs11_operation_t *operation,
CK_ATTRIBUTE attr = {CKA_VALUE, NULL, 0};
CK_ATTRIBUTE attr_key_type = {CKA_KEY_TYPE, &key_type, sizeof(key_type)};
CK_ATTRIBUTE attr_key_params = {CKA_GOSTR3410_PARAMS, &params, sizeof(params)};
int rv;
CK_RV rv;
data = (struct signature_data *) operation->priv_data;
@ -756,10 +753,10 @@ sc_pkcs11_verify_final(sc_pkcs11_operation_t *operation,
goto done;
}
rv = sc_pkcs11_verify_data(pubkey_value, attr.ulValueLen,
rv = sc_pkcs11_verify_data(pubkey_value, (unsigned int) attr.ulValueLen,
params, sizeof(params),
&operation->mechanism, data->md,
data->buffer, data->buffer_len, pSignature, ulSignatureLen);
data->buffer, data->buffer_len, pSignature, (unsigned int) ulSignatureLen);
done:
free(pubkey_value);
@ -815,7 +812,7 @@ sc_pkcs11_decr(struct sc_pkcs11_session *session,
CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
{
sc_pkcs11_operation_t *op;
int rv;
CK_RV rv;
rv = session_get_operation(session, SC_PKCS11_OPERATION_DECRYPT, &op);
if (rv != CKR_OK)
@ -951,7 +948,7 @@ sc_pkcs11_decrypt_init(sc_pkcs11_operation_t *operation,
else {
/* Mechanism cannot be performed by pkcs#15 card, or some general error. */
free(data);
LOG_FUNC_RETURN(context, rv);
LOG_FUNC_RETURN(context, (int) rv);
}
}

2
src/pkcs11/misc.c
View File

@ -305,7 +305,7 @@ CK_RV session_stop_operation(struct sc_pkcs11_session * session, int type)
CK_RV attr_extract(CK_ATTRIBUTE_PTR pAttr, void *ptr, size_t * sizep)
{
unsigned int size;
size_t size;
if (sizep) {
size = *sizep;

24
src/pkcs11/openssl.c
View File

@ -336,10 +336,10 @@ static void reverse(unsigned char *buf, size_t len)
}
}
static CK_RV gostr3410_verify_data(const unsigned char *pubkey, int pubkey_len,
const unsigned char *params, int params_len,
unsigned char *data, int data_len,
unsigned char *signat, int signat_len)
static CK_RV gostr3410_verify_data(const unsigned char *pubkey, unsigned int pubkey_len,
const unsigned char *params, unsigned int params_len,
unsigned char *data, unsigned int data_len,
unsigned char *signat, unsigned int signat_len)
{
EVP_PKEY *pkey;
EVP_PKEY_CTX *pkey_ctx = NULL;
@ -413,11 +413,11 @@ static CK_RV gostr3410_verify_data(const unsigned char *pubkey, int pubkey_len,
* If a hash function was used, we can make a big shortcut by
* finishing with EVP_VerifyFinal().
*/
CK_RV sc_pkcs11_verify_data(const unsigned char *pubkey, int pubkey_len,
const unsigned char *pubkey_params, int pubkey_params_len,
CK_RV sc_pkcs11_verify_data(const unsigned char *pubkey, unsigned int pubkey_len,
const unsigned char *pubkey_params, unsigned int pubkey_params_len,
CK_MECHANISM_PTR mech, sc_pkcs11_operation_t *md,
unsigned char *data, int data_len,
unsigned char *signat, int signat_len)
unsigned char *data, unsigned int data_len,
unsigned char *signat, unsigned int signat_len)
{
int res;
CK_RV rv = CKR_GENERAL_ERROR;
@ -598,9 +598,9 @@ CK_RV sc_pkcs11_verify_data(const unsigned char *pubkey, int pubkey_len,
data_len = tmp_len;
}
rv = CKR_SIGNATURE_INVALID;
if (data_len == EVP_MD_size(pss_md) &&
RSA_verify_PKCS1_PSS_mgf1(rsa, data, pss_md, mgf_md,
rsa_out, EVP_MD_size(pss_md)/*sLen*/) == 1)
if (data_len == (unsigned int) EVP_MD_size(pss_md)
&& RSA_verify_PKCS1_PSS_mgf1(rsa, data, pss_md, mgf_md,
rsa_out, EVP_MD_size(pss_md)/*sLen*/) == 1)
rv = CKR_OK;
RSA_free(rsa);
free(rsa_out);
@ -609,7 +609,7 @@ CK_RV sc_pkcs11_verify_data(const unsigned char *pubkey, int pubkey_len,
}
RSA_free(rsa);
if (rsa_outlen == data_len && memcmp(rsa_out, data, data_len) == 0)
if ((unsigned int) rsa_outlen == data_len && memcmp(rsa_out, data, data_len) == 0)
rv = CKR_OK;
else
rv = CKR_SIGNATURE_INVALID;

23
src/pkcs11/pkcs11-object.c
View File

@ -128,7 +128,8 @@ CK_RV sc_create_object_int(CK_SESSION_HANDLE hSession, /* the session's handle *
out:
if (use_lock)
sc_pkcs11_unlock();
LOG_FUNC_RETURN(context, rv);
return rv;
}
@ -210,7 +211,7 @@ C_GetAttributeValue(CK_SESSION_HANDLE hSession, /* the session's handle */
CK_ATTRIBUTE_PTR pTemplate, /* specifies attributes, gets values */
CK_ULONG ulCount) /* attributes in template */
{
static int precedence[] = {
static CK_RV precedence[] = {
CKR_OK,
CKR_BUFFER_TOO_SMALL,
CKR_ATTRIBUTE_TYPE_INVALID,
@ -218,11 +219,12 @@ C_GetAttributeValue(CK_SESSION_HANDLE hSession, /* the session's handle */
-1
};
char object_name[64];
int j;
CK_RV j;
CK_RV rv;
struct sc_pkcs11_session *session;
struct sc_pkcs11_object *object;
int res, res_type;
CK_RV res;
CK_RV res_type;
unsigned int i;
if (pTemplate == NULL_PTR || ulCount == 0)
@ -256,7 +258,7 @@ C_GetAttributeValue(CK_SESSION_HANDLE hSession, /* the session's handle */
* should be handled - we give them highest
* precedence
*/
for (j = 0; precedence[j] != -1; j++) {
for (j = 0; precedence[j] != (CK_RV) -1; j++) {
if (precedence[j] == res)
break;
}
@ -1325,14 +1327,13 @@ CK_RV C_VerifyRecover(CK_SESSION_HANDLE hSession, /* the session's handle */
/*
* Helper function to compare attributes on any sort of object
*/
int sc_pkcs11_any_cmp_attribute(struct sc_pkcs11_session *session, void *ptr, CK_ATTRIBUTE_PTR attr)
CK_RV sc_pkcs11_any_cmp_attribute(struct sc_pkcs11_session *session, void *ptr, CK_ATTRIBUTE_PTR attr)
{
int rv;
CK_RV rv;
struct sc_pkcs11_object *object;
u8 temp1[1024];
u8 *temp2 = NULL; /* dynamic allocation for large attributes */
CK_ATTRIBUTE temp_attr;
int res;
object = (struct sc_pkcs11_object *)ptr;
temp_attr.type = attr->type;
@ -1356,7 +1357,7 @@ int sc_pkcs11_any_cmp_attribute(struct sc_pkcs11_session *session, void *ptr, CK
/* Get the attribute */
rv = object->ops->get_attribute(session, object, &temp_attr);
if (rv != CKR_OK) {
res = 0;
rv = 0;
goto done;
}
#ifdef DEBUG
@ -1367,12 +1368,12 @@ int sc_pkcs11_any_cmp_attribute(struct sc_pkcs11_session *session, void *ptr, CK
dump_template(SC_LOG_DEBUG_NORMAL, foo, &temp_attr, 1);
}
#endif
res = temp_attr.ulValueLen == attr->ulValueLen
rv = temp_attr.ulValueLen == attr->ulValueLen
&& !memcmp(temp_attr.pValue, attr->pValue, attr->ulValueLen);
done:
if (temp2 != NULL)
free(temp2);
return res;
return rv;
}

2
src/pkcs11/pkcs11-session.c
View File

@ -313,7 +313,7 @@ CK_RV C_Login(CK_SESSION_HANDLE hSession, /* the session's handle */
if (rv == CKR_OK)
rv = push_login_state(slot, userType, pPin, ulPinLen);
if (rv == CKR_OK) {
slot->login_user = userType;
slot->login_user = (int) userType;
}
rv = reset_login_state(slot, rv);
}

2
src/pkcs11/pkcs11-spy.c
View File

@ -55,7 +55,7 @@ static CK_RV
init_spy(void)
{
const char *output, *module;
int rv = CKR_OK;
CK_RV rv = CKR_OK;
#ifdef _WIN32
char temp_path[PATH_MAX], expanded_path[PATH_MAX];
DWORD temp_len, expanded_len;

12
src/pkcs11/sc-pkcs11.h
View File

@ -91,7 +91,7 @@ struct sc_pkcs11_object_ops {
/* Management methods */
CK_RV (*set_attribute)(struct sc_pkcs11_session *, void *, CK_ATTRIBUTE_PTR);
CK_RV (*get_attribute)(struct sc_pkcs11_session *, void *, CK_ATTRIBUTE_PTR);
int (*cmp_attribute)(struct sc_pkcs11_session *, void *, CK_ATTRIBUTE_PTR);
CK_RV (*cmp_attribute)(struct sc_pkcs11_session *, void *, CK_ATTRIBUTE_PTR);
CK_RV (*destroy_object)(struct sc_pkcs11_session *, void *);
CK_RV (*get_size)(struct sc_pkcs11_session *, void *);
@ -382,7 +382,7 @@ CK_RV sc_pkcs11_create_secret_key(struct sc_pkcs11_session *,
CK_ATTRIBUTE_PTR, CK_ULONG,
struct sc_pkcs11_object **);
/* Generic object handling */
int sc_pkcs11_any_cmp_attribute(struct sc_pkcs11_session *,
CK_RV sc_pkcs11_any_cmp_attribute(struct sc_pkcs11_session *,
void *, CK_ATTRIBUTE_PTR);
/* Get attributes from template (misc.c) */
@ -439,11 +439,11 @@ CK_RV sc_pkcs11_register_sign_and_hash_mechanism(struct sc_pkcs11_card *,
sc_pkcs11_mechanism_type_t *);
#ifdef ENABLE_OPENSSL
CK_RV sc_pkcs11_verify_data(const unsigned char *pubkey, int pubkey_len,
const unsigned char *pubkey_params, int pubkey_params_len,
CK_RV sc_pkcs11_verify_data(const unsigned char *pubkey, unsigned int pubkey_len,
const unsigned char *pubkey_params, unsigned int pubkey_params_len,
CK_MECHANISM_PTR mech, sc_pkcs11_operation_t *md,
unsigned char *inp, int inp_len,
unsigned char *signat, int signat_len);
unsigned char *inp, unsigned int inp_len,
unsigned char *signat, unsigned int signat_len);
#endif
/* Load configuration defaults */

5
src/pkcs11/slot.c
View File

@ -447,7 +447,7 @@ CK_RV slot_get_slot(CK_SLOT_ID id, struct sc_pkcs11_slot ** slot)
CK_RV slot_get_token(CK_SLOT_ID id, struct sc_pkcs11_slot ** slot)
{
int rv;
CK_RV rv;
sc_log(context, "Slot(id=0x%lX): get token", id);
rv = slot_get_slot(id, slot);
@ -473,7 +473,8 @@ CK_RV slot_get_token(CK_SLOT_ID id, struct sc_pkcs11_slot ** slot)
CK_RV slot_token_removed(CK_SLOT_ID id)
{
int rv, token_was_present;
CK_RV rv;
int token_was_present;
struct sc_pkcs11_slot *slot;
struct sc_pkcs11_object *object;