diff --git a/src/hsm/cmd_bip_slip.c b/src/hsm/cmd_bip_slip.c index 2a8aed7..95f8b30 100644 --- a/src/hsm/cmd_bip_slip.c +++ b/src/hsm/cmd_bip_slip.c @@ -265,7 +265,7 @@ int cmd_bip_slip() { } mbedtls_ecp_keypair ctx; uint8_t chain[32] = { 0 }, fgpt[4] = { 0 }, last_node[4] = { 0 }, key_type = 0, nodes = 0; - uint16_t olen = 0; + size_t olen = 0; int r = node_derive_path(apdu.data, apdu.nc, &ctx, chain, fgpt, &nodes, last_node, &key_type); if (r != CCID_OK) { @@ -287,11 +287,11 @@ int cmd_bip_slip() { mbedtls_ecp_point_write_binary(&ctx.grp, &ctx.Q, MBEDTLS_ECP_PF_COMPRESSED, - (size_t *)&olen, + &olen, pubkey, sizeof(pubkey)); memcpy(res_APDU + res_APDU_size, pubkey, olen); - res_APDU_size += olen; + res_APDU_size += (uint16_t)olen; } else if (key_type == 0x3) { sha256_sha256(chain, 32, chain); diff --git a/src/hsm/cmd_cipher_sym.c b/src/hsm/cmd_cipher_sym.c index a9aa86e..cacaac4 100644 --- a/src/hsm/cmd_cipher_sym.c +++ b/src/hsm/cmd_cipher_sym.c @@ -380,7 +380,7 @@ int cmd_cipher_sym() { if (r != 0) { return SW_EXEC_ERROR(); } - res_APDU_size = apdu.ne > 0 && apdu.ne < 65536 ? apdu.ne : mbedtls_md_get_size(md_info); + res_APDU_size = apdu.ne > 0 && apdu.ne < 65536 ? apdu.ne : (uint16_t)mbedtls_md_get_size(md_info); } else if (memcmp(oid, OID_PKCS5_PBKDF2, oid_len) == 0) { int iterations = 0; @@ -412,7 +412,7 @@ int cmd_cipher_sym() { res_APDU_size = keylen ? keylen : (apdu.ne > 0 && apdu.ne < 65536 ? apdu.ne : 32); } else if (memcmp(oid, OID_PKCS5_PBES2, oid_len) == 0) { - uint16_t olen = 0; + size_t olen = 0; mbedtls_asn1_buf params = {.p = aad, .len = aad_len, .tag = (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)}; int r = mbedtls_pkcs5_pbes2_ext(¶ms, @@ -421,12 +421,12 @@ int cmd_cipher_sym() { key_size, enc, enc_len, - res_APDU, 4096, (size_t *)&olen); + res_APDU, 4096, &olen); mbedtls_platform_zeroize(kdata, sizeof(kdata)); if (r != 0) { return SW_WRONG_DATA(); } - res_APDU_size = olen; + res_APDU_size = (uint16_t)olen; } else if (memcmp(oid, OID_KDF_X963, oid_len) == 0) { mbedtls_md_type_t md_type = MBEDTLS_MD_SHA1; diff --git a/src/hsm/cmd_decrypt_asym.c b/src/hsm/cmd_decrypt_asym.c index 4f4dc5b..c76ab8f 100644 --- a/src/hsm/cmd_decrypt_asym.c +++ b/src/hsm/cmd_decrypt_asym.c @@ -61,10 +61,10 @@ int cmd_decrypt_asym() { memset(apdu.data + apdu.nc, 0, key_size - apdu.nc); } if (p2 == ALGO_RSA_DECRYPT_PKCS1 || p2 == ALGO_RSA_DECRYPT_OEP) { - uint16_t olen = apdu.nc; - r = mbedtls_rsa_pkcs1_decrypt(&ctx, random_gen, NULL, (size_t *)&olen, apdu.data, res_APDU, 512); + size_t olen = apdu.nc; + r = mbedtls_rsa_pkcs1_decrypt(&ctx, random_gen, NULL, &olen, apdu.data, res_APDU, 512); if (r == 0) { - res_APDU_size = olen; + res_APDU_size = (uint16_t)olen; } } else { @@ -131,19 +131,19 @@ int cmd_decrypt_asym() { mbedtls_ecdh_free(&ctx); return SW_DATA_INVALID(); } - uint16_t olen = 0; + size_t olen = 0; // The SmartCard-HSM returns the point result of the DH operation // with a leading '04' res_APDU[0] = 0x04; r = - mbedtls_ecdh_calc_secret(&ctx, (size_t *)&olen, res_APDU + 1, MBEDTLS_ECP_MAX_BYTES, random_gen, + mbedtls_ecdh_calc_secret(&ctx, &olen, res_APDU + 1, MBEDTLS_ECP_MAX_BYTES, random_gen, NULL); mbedtls_ecdh_free(&ctx); if (r != 0) { return SW_EXEC_ERROR(); } if (p2 == ALGO_EC_DH) { - res_APDU_size = olen + 1; + res_APDU_size = (uint16_t)(olen + 1); } else { res_APDU_size = 0; diff --git a/src/hsm/cmd_extras.c b/src/hsm/cmd_extras.c index cddb33e..a5c4499 100644 --- a/src/hsm/cmd_extras.c +++ b/src/hsm/cmd_extras.c @@ -111,9 +111,9 @@ int cmd_extras() { memcpy(mse.Qpt, apdu.data, sizeof(mse.Qpt)); uint8_t buf[MBEDTLS_ECP_MAX_BYTES]; - uint16_t olen = 0; + size_t olen = 0; ret = mbedtls_ecdh_calc_secret(&hkey, - (size_t *)&olen, + &olen, buf, MBEDTLS_ECP_MAX_BYTES, random_gen, @@ -141,7 +141,7 @@ int cmd_extras() { ret = mbedtls_ecp_point_write_binary(&hkey.ctx.mbed_ecdh.grp, &hkey.ctx.mbed_ecdh.Q, MBEDTLS_ECP_PF_UNCOMPRESSED, - (size_t *)&olen, + &olen, res_APDU, 4096); mbedtls_ecdh_free(&hkey); @@ -149,7 +149,7 @@ int cmd_extras() { return SW_EXEC_ERROR(); } mse.init = true; - res_APDU_size = olen; + res_APDU_size = (uint16_t)olen; } else if (P2(apdu) == 0x02 || P2(apdu) == 0x03 || P2(apdu) == 0x04) { if (mse.init == false) { diff --git a/src/hsm/cmd_signature.c b/src/hsm/cmd_signature.c index 42a7272..8afb737 100644 --- a/src/hsm/cmd_signature.c +++ b/src/hsm/cmd_signature.c @@ -276,19 +276,19 @@ int cmd_signature() { } return SW_EXEC_ERROR(); } - uint16_t olen = 0; + size_t olen = 0; uint8_t buf[MBEDTLS_ECDSA_MAX_LEN]; if (mbedtls_ecdsa_write_signature(&ctx, md, apdu.data, apdu.nc, buf, MBEDTLS_ECDSA_MAX_LEN, - (size_t *)&olen, random_gen, NULL) != 0) { + &olen, random_gen, NULL) != 0) { mbedtls_ecdsa_free(&ctx); return SW_EXEC_ERROR(); } memcpy(res_APDU, buf, olen); - res_APDU_size = olen; + res_APDU_size = (uint16_t)olen; mbedtls_ecdsa_free(&ctx); } else if (p2 == ALGO_HD) { - uint16_t olen = 0; + size_t olen = 0; uint8_t buf[MBEDTLS_ECDSA_MAX_LEN]; if (hd_context.grp.id == MBEDTLS_ECP_DP_NONE) { return SW_CONDITIONS_NOT_SATISFIED(); @@ -299,12 +299,12 @@ int cmd_signature() { md = MBEDTLS_MD_SHA256; if (mbedtls_ecdsa_write_signature(&hd_context, md, apdu.data, apdu.nc, buf, MBEDTLS_ECDSA_MAX_LEN, - (size_t *)&olen, random_gen, NULL) != 0) { + &olen, random_gen, NULL) != 0) { mbedtls_ecdsa_free(&hd_context); return SW_EXEC_ERROR(); } memcpy(res_APDU, buf, olen); - res_APDU_size = olen; + res_APDU_size = (uint16_t)olen; mbedtls_ecdsa_free(&hd_context); hd_keytype = 0; } diff --git a/src/hsm/kek.c b/src/hsm/kek.c index 7f9dea6..4d317b8 100644 --- a/src/hsm/kek.c +++ b/src/hsm/kek.c @@ -387,15 +387,15 @@ int dkek_encode_key(uint8_t id, mbedtls_mpi_write_binary(&ecdsa->grp.N, kb + 8 + kb_len, mbedtls_mpi_size(&ecdsa->grp.N)); kb_len += (uint16_t)mbedtls_mpi_size(&ecdsa->grp.N); - uint16_t olen = 0; + size_t olen = 0; mbedtls_ecp_point_write_binary(&ecdsa->grp, &ecdsa->grp.G, MBEDTLS_ECP_PF_UNCOMPRESSED, - (size_t *)&olen, + &olen, kb + 8 + kb_len + 2, sizeof(kb) - 8 - kb_len - 2); - put_uint16_t(olen, kb + 8 + kb_len); - kb_len += 2 + olen; + put_uint16_t((uint16_t)olen, kb + 8 + kb_len); + kb_len += 2 + (uint16_t)olen; put_uint16_t((uint16_t)mbedtls_mpi_size(&ecdsa->d), kb + 8 + kb_len); kb_len += 2; mbedtls_mpi_write_binary(&ecdsa->d, kb + 8 + kb_len, mbedtls_mpi_size(&ecdsa->d)); @@ -404,11 +404,11 @@ int dkek_encode_key(uint8_t id, mbedtls_ecp_point_write_binary(&ecdsa->grp, &ecdsa->Q, MBEDTLS_ECP_PF_UNCOMPRESSED, - (size_t *)&olen, + &olen, kb + 8 + kb_len + 2, sizeof(kb) - 8 - kb_len - 2); - put_uint16_t(olen, kb + 8 + kb_len); - kb_len += 2 + olen; + put_uint16_t((uint16_t)olen, kb + 8 + kb_len); + kb_len += 2 + (uint16_t)olen; algo = (uint8_t *) "\x00\x0A\x04\x00\x7F\x00\x07\x02\x02\x02\x02\x03"; algo_len = 12;