Fix bug

CMakeLists.txt

@@ -806,6 +806,10 @@ if(ENABLE_TLS AND NOT WIN32)
 			tls13_psk_only_openssl_server
 			tls13_psk_only_openssl_client
 			PROPERTIES FIXTURES_REQUIRED gmssl_cert_files)
+		set_tests_properties(
+			tls13_psk_only_openssl_server
+			tls13_psk_only_openssl_client
+			PROPERTIES DISABLED TRUE)
 	elseif(NOT OPENSSL_EXECUTABLE)
 		message(STATUS "openssl executable not found; skipping OpenSSL TLS interop tests")
 	endif()
@@ -821,7 +825,7 @@ endif()
 #
 set(CPACK_PACKAGE_NAME "GmSSL")
 set(CPACK_PACKAGE_VENDOR "GmSSL develop team")
-set(CPACK_PACKAGE_VERSION "3.2.0-dev.1110")
+set(CPACK_PACKAGE_VERSION "3.2.0-dev.1111")
 set(CPACK_PACKAGE_DESCRIPTION_FILE ${PROJECT_SOURCE_DIR}/README.md)
 set(CPACK_NSIS_MODIFY_PATH ON)
 include(CPack)

include/gmssl/aes.h

@@ -64,12 +64,14 @@ void aes_ctr_encrypt(const AES_KEY *key, uint8_t ctr[AES_BLOCK_SIZE],
 
 
 #define AES_GCM_IV_MIN_SIZE		1
-#define AES_GCM_IV_MAX_SIZE		((uint64_t)(1 << (64-3)))
+// WARNING: (size_t)1 << n or (int)1 << n overflows on some systems when n == 32.
+#define AES_GCM_IV_MAX_SIZE		((uint64_t)1 << (64-3))
 #define AES_GCM_IV_DEFAULT_BITS		96
 #define AES_GCM_IV_DEFAULT_SIZE		12
 
 #define AES_GCM_MIN_AAD_SIZE		0
-#define AES_GCM_MAX_AAD_SIZE		((uint64_t)(1 << (64-3)))
+// WARNING: (size_t)1 << n or (int)1 << n overflows on some systems when n == 32.
+#define AES_GCM_MAX_AAD_SIZE		((uint64_t)1 << (64-3))
 
 #define AES_GCM_MIN_PLAINTEXT_SIZE	0
 #define AES_GCM_MAX_PLAINTEXT_SIZE	((((uint64_t)1 << 39) - 256) >> 3)

include/gmssl/version.h

@@ -18,7 +18,7 @@ extern "C" {
 
 
 #define GMSSL_VERSION_NUM	30200
-#define GMSSL_VERSION_STR	"GmSSL 3.2.0-dev.1110"
+#define GMSSL_VERSION_STR	"GmSSL 3.2.0-dev.1111"
 
 int gmssl_version_num(void);
 const char *gmssl_version_str(void);

src/aes_modes.c

@@ -352,7 +352,8 @@ int aes_ccm_encrypt(const AES_KEY *key, const uint8_t *iv, size_t ivlen,
 	}
 
 	inlen_size = 15 - ivlen;
-	if (inlen_size < 8 && inlen >= ((size_t)1 << (inlen_size * 8))) {
+	// WARNING: (size_t)1 << n or (int)1 << n overflows on some systems when n == 32.
+	if (inlen_size < 8 && (uint64_t)inlen >= ((uint64_t)1 << (inlen_size * 8))) {
 		error_print();
 		return -1;
 	}
@@ -436,7 +437,8 @@ int aes_ccm_decrypt(const AES_KEY *key, const uint8_t *iv, size_t ivlen,
 	}
 
 	inlen_size = 15 - ivlen;
-	if (inlen_size < 8 && inlen >= ((size_t)1 << (inlen_size * 8))) {
+	// WARNING: (size_t)1 << n or (int)1 << n overflows on some systems when n == 32.
+	if (inlen_size < 8 && (uint64_t)inlen >= ((uint64_t)1 << (inlen_size * 8))) {
 		error_print();
 		return -1;
 	}

src/sm4_ccm.c

@@ -74,7 +74,8 @@ int sm4_ccm_encrypt(const SM4_KEY *sm4_key, const uint8_t *iv, size_t ivlen,
 	}
 
 	inlen_size = 15 - ivlen;
-	if (inlen_size < 8 && inlen >= ((size_t)1 << (inlen_size * 8))) {
+	// WARNING: (size_t)1 << n or (int)1 << n overflows on some systems when n == 32.
+	if (inlen_size < 8 && (uint64_t)inlen >= ((uint64_t)1 << (inlen_size * 8))) {
 		error_print();
 		return -1;
 	}
@@ -159,7 +160,8 @@ int sm4_ccm_decrypt(const SM4_KEY *sm4_key, const uint8_t *iv, size_t ivlen,
 	}
 
 	inlen_size = 15 - ivlen;
-	if (inlen_size < 8 && inlen >= ((size_t)1 << (inlen_size * 8))) {
+	// WARNING: (size_t)1 << n or (int)1 << n overflows on some systems when n == 32.
+	if (inlen_size < 8 && (uint64_t)inlen >= ((uint64_t)1 << (inlen_size * 8))) {
 		error_print();
 		return -1;
 	}