diff --git a/lib/ykpiv.c b/lib/ykpiv.c index 3921f48..beaceab 100644 --- a/lib/ykpiv.c +++ b/lib/ykpiv.c @@ -61,7 +61,7 @@ static int set_length(unsigned char *buffer, int length) { } } -static int get_length(unsigned char *buffer, int *len) { +static int get_length(unsigned char *buffer, size_t *len) { if(buffer[0] < 0x81) { *len = buffer[0]; return 1; @@ -69,7 +69,8 @@ static int get_length(unsigned char *buffer, int *len) { *len = buffer[1]; return 2; } else if((*buffer & 0x7f) == 2) { - *len = (buffer[1] << 8) + buffer[2]; + size_t tmp = buffer[1]; + *len = (tmp << 8) + buffer[2]; return 3; } return 0; @@ -461,7 +462,7 @@ ykpiv_rc ykpiv_parse_key(ykpiv_state *state, ykpiv_rc ykpiv_sign_data(ykpiv_state *state, const unsigned char *sign_in, int in_len, - unsigned char *sign_out, int *out_len, + unsigned char *sign_out, size_t *out_len, unsigned char algorithm, unsigned char key) { unsigned char indata[1024]; @@ -471,7 +472,7 @@ ykpiv_rc ykpiv_sign_data(ykpiv_state *state, unsigned long recv_len = sizeof(data); int sw; int bytes; - int len = 0; + size_t len = 0; ykpiv_rc res; if(in_len > 1000) { diff --git a/lib/ykpiv.h b/lib/ykpiv.h index 6c4dc54..b093051 100644 --- a/lib/ykpiv.h +++ b/lib/ykpiv.h @@ -74,7 +74,7 @@ extern "C" ykpiv_rc ykpiv_parse_key(ykpiv_state *state, const char *key_in, unsigned char *key_out); ykpiv_rc ykpiv_sign_data(ykpiv_state *state, const unsigned char *sign_in, - int in_len,unsigned char *sign_out, int *out_len, + int in_len,unsigned char *sign_out, size_t *out_len, unsigned char algorithm, unsigned char key); ykpiv_rc ykpiv_get_version(ykpiv_state *state, char *version, size_t len); ykpiv_rc ykpiv_verify(ykpiv_state *state, const char *pin, int *tries); diff --git a/tool/yubico-piv-tool.c b/tool/yubico-piv-tool.c index 95c2c7c..aafa811 100644 --- a/tool/yubico-piv-tool.c +++ b/tool/yubico-piv-tool.c @@ -601,7 +601,7 @@ static bool request_certificate(ykpiv_state *state, enum enum_key_format key_for } { unsigned char signature[1024]; - int sig_len = sizeof(signature); + size_t sig_len = sizeof(signature); if(ykpiv_sign_data(state, signinput, len, signature, &sig_len, algorithm, key) != YKPIV_OK) { goto request_out; @@ -737,7 +737,7 @@ static bool selfsign_certificate(ykpiv_state *state, enum enum_key_format key_fo } { unsigned char signature[1024]; - int sig_len = sizeof(signature); + size_t sig_len = sizeof(signature); if(ykpiv_sign_data(state, signinput, len, signature, &sig_len, algorithm, key) != YKPIV_OK) { goto selfsign_out;