diff --git a/src/des.c b/src/des.c index 408b331e..0aab160c 100644 --- a/src/des.c +++ b/src/des.c @@ -175,7 +175,7 @@ void des_set_encrypt_key(DES_KEY *key, const unsigned char user_key[8]) K = GETU64(user_key); K = permute(PC1, sizeof(PC1), K); - L = K >> 28; + L = (K >> 28) & 0xffffffff; R = K & 0x0fffffff; for (i = 0; i < 16; i++) { @@ -217,7 +217,7 @@ void des_encrypt(DES_KEY *key, const unsigned char in[DES_BLOCK_SIZE], T ^= L; L = R; - R = T; + R = T & 0xffffffff; } T = ((uint64_t)L << 32) | R; diff --git a/src/pkcs8.c b/src/pkcs8.c index 636ec774..8ff193ba 100644 --- a/src/pkcs8.c +++ b/src/pkcs8.c @@ -353,7 +353,6 @@ int pbes2_algor_from_der( int ret; const uint8_t *d; size_t dlen; - int oid; uint32_t nodes[32]; size_t nodes_cnt; diff --git a/src/skf/skf.c b/src/skf/skf.c index d9c0f1ae..08fed460 100755 --- a/src/skf/skf.c +++ b/src/skf/skf.c @@ -536,8 +536,8 @@ int skf_import_object(SKF_DEVICE *dev, const char *appname, const char *pin, error_print(); return -1; } - if (SKF_CreateFile(hApp, (LPSTR)objname, datalen, ulReadRights, ulWriteRights) != SAR_OK - || SKF_WriteFile(hApp, (LPSTR)objname, 0, (BYTE *)data, datalen) != SAR_OK) { + if (SKF_CreateFile(hApp, (LPSTR)objname, (ULONG)datalen, ulReadRights, ulWriteRights) != SAR_OK + || SKF_WriteFile(hApp, (LPSTR)objname, 0, (BYTE *)data, (ULONG)datalen) != SAR_OK) { error_print(); goto end; } @@ -554,7 +554,6 @@ int skf_export_object(SKF_DEVICE *dev, const char *appname, const char *pin, HAPPLICATION hApp = NULL; FILEATTRIBUTE fileInfo; ULONG ulen; - int len; if (!dev || !appname || !pin || !objname || !outlen) { error_print(); diff --git a/src/skf/skf_dummy.c b/src/skf/skf_dummy.c index 3d1e88b6..d84b10f3 100755 --- a/src/skf/skf_dummy.c +++ b/src/skf/skf_dummy.c @@ -1,12 +1,12 @@ -/* - * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the License); you may - * not use this file except in compliance with the License. - * - * http://www.apache.org/licenses/LICENSE-2.0 - */ - +/* + * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the License); you may + * not use this file except in compliance with the License. + * + * http://www.apache.org/licenses/LICENSE-2.0 + */ + #include #include @@ -434,7 +434,7 @@ ULONG DEVAPI SKF_ExportCertificate( BYTE *pbCert, ULONG *pulCertLen) { - *pulCertLen = strlen(sm2cert_pemstr); + *pulCertLen = (ULONG)strlen(sm2cert_pemstr); memcpy(pbCert, sm2cert_pemstr, *pulCertLen); return SAR_OK; diff --git a/src/sm2_lib.c b/src/sm2_lib.c index 27ffd46e..8557d466 100644 --- a/src/sm2_lib.c +++ b/src/sm2_lib.c @@ -492,13 +492,12 @@ int sm2_do_encrypt(const SM2_KEY *key, const uint8_t *in, size_t inlen, SM2_CIPH int sm2_do_decrypt(const SM2_KEY *key, const SM2_CIPHERTEXT *in, uint8_t *out, size_t *outlen) { - uint32_t inlen; + uint32_t inlen, i; SM2_BN d; SM2_JACOBIAN_POINT _P, *P = &_P; SM3_CTX sm3_ctx; uint8_t buf[64]; uint8_t hash[32]; - int i; // FIXME: check SM2_CIPHERTEXT format diff --git a/src/sm9_alg.c b/src/sm9_alg.c index 6a21dfc0..735a4ccb 100644 --- a/src/sm9_alg.c +++ b/src/sm9_alg.c @@ -126,7 +126,7 @@ void sm9_bn_to_bits(const sm9_bn_t a, char bits[256]) { int i, j; for (i = 7; i >= 0; i--) { - uint32_t w = a[i]; + uint32_t w = (uint32_t)a[i]; for (j = 0; j < 32; j++) { *bits++ = (w & 0x80000000) ? '1' : '0'; w <<= 1; diff --git a/src/tls.c b/src/tls.c index 3a31fa79..206f0976 100644 --- a/src/tls.c +++ b/src/tls.c @@ -1483,7 +1483,11 @@ int tls_record_send(const uint8_t *record, size_t recordlen, int sock) error_print(); return -1; } +#ifdef WIN32 + if ((r = send(sock, record, (int)recordlen, 0)) < 0) { +#else if ((r = send(sock, record, recordlen, 0)) < 0) { +#endif perror("tls_record_send"); error_print(); return -1; @@ -1509,7 +1513,11 @@ int tls_record_do_recv(uint8_t *record, size_t *recordlen, int sock) len = 5; while (len) { +#ifdef WIN32 + if ((r = recv(sock, record + 5 - len, (int)len, 0)) < 0) { +#else if ((r = recv(sock, record + 5 - len, len, 0)) < 0) { +#endif perror("tls_record_do_recv"); error_print(); return -1; @@ -1538,7 +1546,11 @@ int tls_record_do_recv(uint8_t *record, size_t *recordlen, int sock) return -1; } while (len) { +#ifdef WIN32 + if ((r = recv(sock, record + *recordlen - len, (int)len, 0)) < 0) { +#else if ((r = recv(sock, record + *recordlen - len, len, 0)) < 0) { +#endif perror("tls_record_do_recv"); error_print(); return -1; diff --git a/src/tls_ext.c b/src/tls_ext.c index db84a17d..9f1ae0ac 100644 --- a/src/tls_ext.c +++ b/src/tls_ext.c @@ -502,7 +502,6 @@ int tls13_process_client_supported_versions(const uint8_t *ext_data, size_t ext_ const uint8_t *versions; size_t versions_len; int selected_version = -1; - size_t len; if (tls_uint8array_from_bytes(&versions, &versions_len, &ext_data, &ext_datalen) != 1 || tls_length_is_zero(ext_datalen) != 1) { @@ -644,7 +643,7 @@ int tls13_server_key_share_ext_to_bytes(const SM2_POINT *point, uint8_t **out, s } tls13_key_share_entry_to_bytes(point, NULL, &ext_datalen); tls_uint16_to_bytes(ext_type, out, outlen); - tls_uint16_to_bytes(ext_datalen, out, outlen); + tls_uint16_to_bytes((uint16_t)ext_datalen, out, outlen); tls13_key_share_entry_to_bytes(point, out, outlen); return 1; } @@ -694,8 +693,8 @@ int tls13_client_key_share_ext_to_bytes(const SM2_POINT *point, uint8_t **out, s ext_datalen = tls_uint16_size() + client_shares_len; tls_uint16_to_bytes(ext_type, out, outlen); - tls_uint16_to_bytes(ext_datalen, out, outlen); - tls_uint16_to_bytes(client_shares_len, out, outlen); + tls_uint16_to_bytes((uint16_t)ext_datalen, out, outlen); // FIXME: do we need to check length < UINT16_MAX? + tls_uint16_to_bytes((uint16_t)client_shares_len, out, outlen); tls13_key_share_entry_to_bytes(point, out, outlen); return 1; } @@ -791,8 +790,8 @@ int tls13_certificate_authorities_ext_to_bytes(const uint8_t *ca_names, size_t c ext_datalen = tls_uint16_size() + authorities_len; tls_uint16_to_bytes(ext_type, out, outlen); - tls_uint16_to_bytes(ext_datalen, out, outlen); - tls_uint16_to_bytes(authorities_len, out, outlen); + tls_uint16_to_bytes((uint16_t)ext_datalen, out, outlen); + tls_uint16_to_bytes((uint16_t)authorities_len, out, outlen); while (ca_names_len) { x509_name_from_der(&name, &namelen, &ca_names, &ca_names_len); tls_uint16array_to_bytes(name, namelen, out, outlen); diff --git a/src/tls_trace.c b/src/tls_trace.c index 31c210f0..c9a95430 100644 --- a/src/tls_trace.c +++ b/src/tls_trace.c @@ -325,7 +325,6 @@ const char *tls_signature_scheme_name(int scheme) int tls_random_print(FILE *fp, const uint8_t random[32], int format, int indent) { - int i; time_t gmt_unix_time = 0; const uint8_t *cp = random; size_t len = 4; @@ -590,7 +589,6 @@ int tls_server_hello_print(FILE *fp, const uint8_t *data, size_t datalen, int fo uint8_t comp_meth; const uint8_t *exts; size_t session_id_len, cipher_suites_len, comp_meths_len, exts_len; - size_t i; format_print(fp, format, indent, "ServerHello\n"); indent += 4; if (tls_uint16_from_bytes(&protocol, &data, &datalen) != 1) goto bad; @@ -620,7 +618,6 @@ bad: int tls_certificate_print(FILE *fp, const uint8_t *data, size_t datalen, int format, int indent) { - int ret; const uint8_t *certs; size_t certslen; const uint8_t *der; @@ -752,7 +749,7 @@ int tls_certificate_request_print(FILE *fp, const uint8_t *data, size_t datalen, { const uint8_t *cert_types; const uint8_t *ca_names; - size_t cert_types_len, ca_names_len, i; + size_t cert_types_len, ca_names_len; format_print(fp, format, indent, "CertificateRequest\n"); indent += 4; if (tls_uint8array_from_bytes(&cert_types, &cert_types_len, &data, &datalen) != 1) goto bad; diff --git a/tests/chacha20test.c b/tests/chacha20test.c index b6a105d4..e88eebb0 100644 --- a/tests/chacha20test.c +++ b/tests/chacha20test.c @@ -18,7 +18,6 @@ int main(void) { int err = 0; - int i; const unsigned char key[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, diff --git a/tests/pkcs8test.c b/tests/pkcs8test.c index f1c59d54..dd02647f 100644 --- a/tests/pkcs8test.c +++ b/tests/pkcs8test.c @@ -375,8 +375,6 @@ static int test_pkcs8_pem(void) char *pass = "password"; SM2_KEY sm2_key; SM2_KEY sm2_buf; - const uint8_t *attrs; - size_t attrs_len; FILE *fp; sm2_key_generate(&sm2_key); diff --git a/tests/sm3test.c b/tests/sm3test.c index f67d2ba3..66dad8cd 100644 --- a/tests/sm3test.c +++ b/tests/sm3test.c @@ -141,7 +141,6 @@ static int test_sm3(void) }; int err = 0; - char *p; uint8_t testbuf[sizeof(testhex)/2 + 1000]; uint8_t dgstbuf[32]; size_t testbuflen, dgstbuflen; @@ -156,7 +155,7 @@ static int test_sm3(void) if (memcmp(dgstbuf, dgst, sizeof(dgst)) != 0) { int n; - fprintf(stderr, "sm3 test %lu failed\n", i+1); + fprintf(stderr, "sm3 test %zu failed\n", i+1); fprintf(stderr, "error calculating SM3 on %s\n", testhex[i]); fprintf(stderr, " digest(corret) = "); for (n = 0; n < sizeof(dgst); n++) { diff --git a/tests/sm4test.c b/tests/sm4test.c index 58bf8a11..4f5c08b0 100644 --- a/tests/sm4test.c +++ b/tests/sm4test.c @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may diff --git a/tests/zuctest.c b/tests/zuctest.c index f58c2cea..1bcd5b22 100644 --- a/tests/zuctest.c +++ b/tests/zuctest.c @@ -421,7 +421,7 @@ int zuc256_mac_test(void) {0xa35bb274,0xb567c48b,0x28319f11,0x1af34fbd}, {0x3a83b554,0xbe408ca5,0x494124ed,0x9d473205}, }; - int i, j; + unsigned int i, j; bswap_buf((uint32_t *)tag32, sizeof(tag32)/4); bswap_buf((uint32_t *)tag64, sizeof(tag64)/4); diff --git a/tools/tlcp_client.c b/tools/tlcp_client.c index e4961c2d..a53cd22b 100644 --- a/tools/tlcp_client.c +++ b/tools/tlcp_client.c @@ -59,7 +59,6 @@ int tlcp_client_main(int argc, char *argv[]) char buf[1024] = {0}; size_t len = sizeof(buf); char send_buf[1024] = {0}; - size_t send_len; argc--; argv++; @@ -161,7 +160,8 @@ bad: FD_SET(conn.sock, &fds); FD_SET(fileno(stdin), &fds); //FD_SET(STDIN_FILENO, &fds); - if (select(conn.sock + 1, &fds, NULL, NULL, NULL) < 0) { + if (select((int)(conn.sock + 1), // WinSock2 select() ignore this arg + &fds, NULL, NULL, NULL) < 0) { fprintf(stderr, "%s: select failed\n", prog); goto end; } diff --git a/tools/tls12_client.c b/tools/tls12_client.c index 2f2df760..4ac0e16e 100644 --- a/tools/tls12_client.c +++ b/tools/tls12_client.c @@ -161,7 +161,7 @@ bad: FD_SET(conn.sock, &fds); FD_SET(fileno(stdin), &fds); - if (select(conn.sock + 1, &fds, NULL, NULL, NULL) < 0) { + if (select((int)(conn.sock + 1), &fds, NULL, NULL, NULL) < 0) { fprintf(stderr, "%s: select failed\n", prog); goto end; } diff --git a/tools/tls12_server.c b/tools/tls12_server.c index 48f96840..d983021a 100644 --- a/tools/tls12_server.c +++ b/tools/tls12_server.c @@ -40,7 +40,6 @@ int tls12_server_main(int argc , char **argv) char *cacertfile = NULL; int server_ciphers[] = { TLS_cipher_ecdhe_sm4_cbc_sm3, }; - uint8_t verify_buf[4096]; TLS_CTX ctx; TLS_CONNECT conn; diff --git a/tools/tls13_client.c b/tools/tls13_client.c index 66cdf330..b6e9767e 100644 --- a/tools/tls13_client.c +++ b/tools/tls13_client.c @@ -59,7 +59,6 @@ int tls13_client_main(int argc, char *argv[]) char buf[1024] = {0}; size_t len = sizeof(buf); char send_buf[1024] = {0}; - size_t send_len; argc--; argv++; @@ -158,7 +157,8 @@ bad: FD_SET(conn.sock, &fds); FD_SET(fileno(stdin), &fds); - if (select(conn.sock + 1, &fds, NULL, NULL, NULL) < 0) { + if (select((int)(conn.sock + 1), // In WinSock2, select() ignore the this arg + &fds, NULL, NULL, NULL) < 0) { fprintf(stderr, "%s: select failed\n", prog); goto end; } diff --git a/tools/tls13_server.c b/tools/tls13_server.c index 60219269..ca0ff93d 100644 --- a/tools/tls13_server.c +++ b/tools/tls13_server.c @@ -40,8 +40,7 @@ int tls13_server_main(int argc , char **argv) char *cacertfile = NULL; int server_ciphers[] = { TLS_cipher_sm4_gcm_sm3, }; - uint8_t verify_buf[4096]; - + TLS_CTX ctx; TLS_CONNECT conn; char buf[1600] = {0};