Cleanup compiler warnings, and switch to cross-platform data types

This commit is contained in:
Trevor Bentley
2017-09-12 12:52:55 +02:00
parent 97ecb75dd4
commit dfd2a9ef92
5 changed files with 29 additions and 26 deletions
+1 -1
View File
@@ -377,7 +377,7 @@ bool yk_des_is_weak_key(const unsigned char *key, const size_t cb_key) {
return false; return false;
} }
prng_rc prng_generate(unsigned char *buffer, const size_t cb_req) { prng_rc _ykpiv_prng_generate(unsigned char *buffer, const size_t cb_req) {
prng_rc rc = PRNG_OK; prng_rc rc = PRNG_OK;
#ifdef _WINDOWS #ifdef _WINDOWS
+6 -2
View File
@@ -130,9 +130,13 @@ des_rc des_import_key(const int type, const unsigned char* keyraw, const size_t
des_rc des_destroy_key(des_key* key); des_rc des_destroy_key(des_key* key);
des_rc des_encrypt(des_key* key, const unsigned char* in, const size_t inlen, unsigned char* out, size_t* outlen); des_rc des_encrypt(des_key* key, const unsigned char* in, const size_t inlen, unsigned char* out, size_t* outlen);
des_rc des_decrypt(des_key* key, const unsigned char* in, const size_t inlen, unsigned char* out, size_t* outlen); des_rc des_decrypt(des_key* key, const unsigned char* in, const size_t inlen, unsigned char* out, size_t* outlen);
bool yk_des_is_weak_key(const unsigned char *key, const size_t cb_key);
pkcs5_rc pkcs5_pbkdf2_sha1(const unsigned char* password, const size_t cb_password, const unsigned char* salt, const size_t cb_salt, unsigned long long iterations, unsigned char* key, const size_t cb_key); pkcs5_rc pkcs5_pbkdf2_sha1(const unsigned char* password, const size_t cb_password, const unsigned char* salt, const size_t cb_salt, unsigned long long iterations, unsigned char* key, const size_t cb_key);
prng_rc prng_generate(unsigned char *buffer, const size_t cb_req); bool yk_des_is_weak_key(const unsigned char *key, const size_t cb_key);
prng_rc _ykpiv_prng_generate(unsigned char *buffer, const size_t cb_req);
ykpiv_rc _ykpiv_begin_transaction(ykpiv_state *state);
ykpiv_rc _ykpiv_end_transaction(ykpiv_state *state);
ykpiv_rc _ykpiv_ensure_application_selected(ykpiv_state *state);
#ifdef __cplusplus #ifdef __cplusplus
} }
+3 -6
View File
@@ -117,9 +117,6 @@ void* _ykpiv_realloc(ykpiv_state *state, void *address, size_t size);
void _ykpiv_free(ykpiv_state *state, void *data); void _ykpiv_free(ykpiv_state *state, void *data);
int _ykpiv_set_length(unsigned char *buffer, size_t length); int _ykpiv_set_length(unsigned char *buffer, size_t length);
int _ykpiv_get_length(const unsigned char *buffer, size_t *len); int _ykpiv_get_length(const unsigned char *buffer, size_t *len);
ykpiv_rc _ykpiv_begin_transaction(ykpiv_state *state);
ykpiv_rc _ykpiv_end_transaction(ykpiv_state *state);
ykpiv_rc _ykpiv_ensure_application_selected(ykpiv_state *state);
static ykpiv_rc _read_metadata(ykpiv_state *state, uint8_t tag, uint8_t* data, size_t* pcb_data); static ykpiv_rc _read_metadata(ykpiv_state *state, uint8_t tag, uint8_t* data, size_t* pcb_data);
static ykpiv_rc _write_metadata(ykpiv_state *state, uint8_t tag, uint8_t *data, size_t cb_data); static ykpiv_rc _write_metadata(ykpiv_state *state, uint8_t tag, uint8_t *data, size_t cb_data);
@@ -165,7 +162,7 @@ ykpiv_rc ykpiv_util_set_cardid(ykpiv_state *state, const ykpiv_cardid *cardid) {
if (!state) return YKPIV_GENERIC_ERROR; if (!state) return YKPIV_GENERIC_ERROR;
if (!cardid) { if (!cardid) {
if (PRNG_OK != prng_generate(id, sizeof(id))) { if (PRNG_OK != _ykpiv_prng_generate(id, sizeof(id))) {
return YKPIV_RANDOMNESS_ERROR; return YKPIV_RANDOMNESS_ERROR;
} }
} }
@@ -384,7 +381,7 @@ ykpiv_rc ykpiv_util_block_puk(ykpiv_state *state) {
if (YKPIV_OK != (res = _ykpiv_ensure_application_selected(state))) goto Cleanup; if (YKPIV_OK != (res = _ykpiv_ensure_application_selected(state))) goto Cleanup;
while (tries != 0) { while (tries != 0) {
if (YKPIV_OK == (res = ykpiv_change_puk(state, puk, sizeof(puk), puk, sizeof(puk), &tries))) { if (YKPIV_OK == (res = ykpiv_change_puk(state, (const char*)puk, sizeof(puk), (const char*)puk, sizeof(puk), &tries))) {
/* did we accidentally choose the correct PUK?, change our puk and try again */ /* did we accidentally choose the correct PUK?, change our puk and try again */
puk[0]++; puk[0]++;
} }
@@ -1125,7 +1122,7 @@ ykpiv_rc ykpiv_util_set_protected_mgm(ykpiv_state *state, ykpiv_mgm *mgm) {
do { do {
if (fGenerate) { if (fGenerate) {
/* generate a new mgm key */ /* generate a new mgm key */
if (PRNG_OK != (prngrc = prng_generate(mgm_key, sizeof(mgm_key)))) { if (PRNG_OK != (prngrc = _ykpiv_prng_generate(mgm_key, sizeof(mgm_key)))) {
if (state->verbose) fprintf(stderr, "could not set generate new mgm, err = %d\n", prngrc); if (state->verbose) fprintf(stderr, "could not set generate new mgm, err = %d\n", prngrc);
res = YKPIV_RANDOMNESS_ERROR; res = YKPIV_RANDOMNESS_ERROR;
goto Cleanup; goto Cleanup;
+18 -16
View File
@@ -39,8 +39,10 @@
#define YKPIV_MGM_DEFAULT "\x01\x02\x03\x04\x05\x06\x07\x08\x01\x02\x03\x04\x05\x06\x07\x08\x01\x02\x03\x04\x05\x06\x07\x08" #define YKPIV_MGM_DEFAULT "\x01\x02\x03\x04\x05\x06\x07\x08\x01\x02\x03\x04\x05\x06\x07\x08\x01\x02\x03\x04\x05\x06\x07\x08"
static ykpiv_rc _cache_pin(ykpiv_state *state, const char *pin, size_t len);
static ykpiv_rc _send_data(ykpiv_state *state, APDU *apdu, static ykpiv_rc _send_data(ykpiv_state *state, APDU *apdu,
unsigned char *data, unsigned long *recv_len, int *sw); unsigned char *data, uint32_t *recv_len, int *sw);
unsigned const char aid[] = { unsigned const char aid[] = {
0xa0, 0x00, 0x00, 0x03, 0x08 0xa0, 0x00, 0x00, 0x03, 0x08
@@ -189,7 +191,7 @@ ykpiv_rc ykpiv_disconnect(ykpiv_state *state) {
ykpiv_rc _ykpiv_select_application(ykpiv_state *state) { ykpiv_rc _ykpiv_select_application(ykpiv_state *state) {
APDU apdu; APDU apdu;
unsigned char data[0xff]; unsigned char data[0xff];
unsigned long recv_len = sizeof(data); uint32_t recv_len = sizeof(data);
int sw; int sw;
ykpiv_rc res; ykpiv_rc res;
@@ -277,7 +279,7 @@ ykpiv_rc ykpiv_connect_with_card(ykpiv_state *state, uint64_t context, uint64_t
ykpiv_rc ykpiv_connect(ykpiv_state *state, const char *wanted) { ykpiv_rc ykpiv_connect(ykpiv_state *state, const char *wanted) {
// TREV TODO: use _connect_internal // TREV TODO: use _connect_internal
unsigned long active_protocol; uint32_t active_protocol;
char reader_buf[2048]; char reader_buf[2048];
size_t num_readers = sizeof(reader_buf); size_t num_readers = sizeof(reader_buf);
long rc; long rc;
@@ -330,7 +332,7 @@ ykpiv_rc ykpiv_connect(ykpiv_state *state, const char *wanted) {
} }
static ykpiv_rc reconnect(ykpiv_state *state) { static ykpiv_rc reconnect(ykpiv_state *state) {
unsigned long active_protocol; uint32_t active_protocol;
long rc; long rc;
ykpiv_rc res; ykpiv_rc res;
int tries; int tries;
@@ -355,7 +357,7 @@ static ykpiv_rc reconnect(ykpiv_state *state) {
} }
ykpiv_rc ykpiv_list_readers(ykpiv_state *state, char *readers, size_t *len) { ykpiv_rc ykpiv_list_readers(ykpiv_state *state, char *readers, size_t *len) {
unsigned long num_readers = 0; uint32_t num_readers = 0;
long rc; long rc;
if(SCardIsValidContext(state->context) != SCARD_S_SUCCESS) { if(SCardIsValidContext(state->context) != SCARD_S_SUCCESS) {
@@ -442,7 +444,7 @@ ykpiv_rc ykpiv_transfer_data(ykpiv_state *state, const unsigned char *templ,
do { do {
size_t this_size = 0xff; size_t this_size = 0xff;
unsigned char data[261]; unsigned char data[261];
unsigned long recv_len = sizeof(data); uint32_t recv_len = sizeof(data);
APDU apdu; APDU apdu;
memset(apdu.raw, 0, sizeof(apdu.raw)); memset(apdu.raw, 0, sizeof(apdu.raw));
@@ -481,7 +483,7 @@ ykpiv_rc ykpiv_transfer_data(ykpiv_state *state, const unsigned char *templ,
while(*sw >> 8 == 0x61) { while(*sw >> 8 == 0x61) {
APDU apdu; APDU apdu;
unsigned char data[261]; unsigned char data[261];
unsigned long recv_len = sizeof(data); uint32_t recv_len = sizeof(data);
if(state->verbose > 2) { if(state->verbose > 2) {
fprintf(stderr, "The card indicates there is %d bytes more data for us.\n", *sw & 0xff); fprintf(stderr, "The card indicates there is %d bytes more data for us.\n", *sw & 0xff);
@@ -509,7 +511,7 @@ ykpiv_rc ykpiv_transfer_data(ykpiv_state *state, const unsigned char *templ,
} }
static ykpiv_rc _send_data(ykpiv_state *state, APDU *apdu, static ykpiv_rc _send_data(ykpiv_state *state, APDU *apdu,
unsigned char *data, unsigned long *recv_len, int *sw) { unsigned char *data, uint32_t *recv_len, int *sw) {
long rc; long rc;
unsigned int send_len = (unsigned int)apdu->st.lc + 5; unsigned int send_len = (unsigned int)apdu->st.lc + 5;
@@ -543,7 +545,7 @@ ykpiv_rc ykpiv_authenticate(ykpiv_state *state, unsigned const char *key) {
APDU apdu; APDU apdu;
unsigned char data[261]; unsigned char data[261];
unsigned char challenge[8]; unsigned char challenge[8];
unsigned long recv_len = sizeof(data); uint32_t recv_len = sizeof(data);
int sw; int sw;
ykpiv_rc res; ykpiv_rc res;
des_key* mgm_key = NULL; des_key* mgm_key = NULL;
@@ -553,7 +555,7 @@ ykpiv_rc ykpiv_authenticate(ykpiv_state *state, unsigned const char *key) {
if (NULL == key) { if (NULL == key) {
/* use the derived mgm key to authenticate, if it hasn't been derived, use default */ /* use the derived mgm key to authenticate, if it hasn't been derived, use default */
key = YKPIV_MGM_DEFAULT; key = (unsigned const char*)YKPIV_MGM_DEFAULT;
} }
/* set up our key */ /* set up our key */
@@ -602,7 +604,7 @@ ykpiv_rc ykpiv_authenticate(ykpiv_state *state, unsigned const char *key) {
dataptr += 8; dataptr += 8;
*dataptr++ = 0x81; *dataptr++ = 0x81;
*dataptr++ = 8; *dataptr++ = 8;
if (PRNG_GENERAL_ERROR == prng_generate(dataptr, 8)) { if (PRNG_GENERAL_ERROR == _ykpiv_prng_generate(dataptr, 8)) {
if (state->verbose) { if (state->verbose) {
fprintf(stderr, "Failed getting randomness for authentication.\n"); fprintf(stderr, "Failed getting randomness for authentication.\n");
} }
@@ -650,7 +652,7 @@ ykpiv_rc ykpiv_set_mgmkey(ykpiv_state *state, const unsigned char *new_key) {
ykpiv_rc ykpiv_set_mgmkey2(ykpiv_state *state, const unsigned char *new_key, const unsigned char touch) { ykpiv_rc ykpiv_set_mgmkey2(ykpiv_state *state, const unsigned char *new_key, const unsigned char touch) {
APDU apdu; APDU apdu;
unsigned char data[261]; unsigned char data[261];
unsigned long recv_len = sizeof(data); uint32_t recv_len = sizeof(data);
int sw; int sw;
ykpiv_rc res = YKPIV_OK; ykpiv_rc res = YKPIV_OK;
@@ -868,7 +870,7 @@ Cleanup:
ykpiv_rc ykpiv_get_version(ykpiv_state *state, char *version, size_t len) { ykpiv_rc ykpiv_get_version(ykpiv_state *state, char *version, size_t len) {
APDU apdu; APDU apdu;
unsigned char data[261]; unsigned char data[261];
unsigned long recv_len = sizeof(data); uint32_t recv_len = sizeof(data);
int sw; int sw;
ykpiv_rc res; ykpiv_rc res;
@@ -887,7 +889,7 @@ ykpiv_rc ykpiv_get_version(ykpiv_state *state, char *version, size_t len) {
} }
} }
ykpiv_rc _cache_pin(ykpiv_state *state, const char *pin, size_t len) { static ykpiv_rc _cache_pin(ykpiv_state *state, const char *pin, size_t len) {
#ifdef DISABLE_PIN_CACHE #ifdef DISABLE_PIN_CACHE
// Some embedded applications of this library may not want to keep the PIN // Some embedded applications of this library may not want to keep the PIN
// data in RAM for security reasons. // data in RAM for security reasons.
@@ -914,7 +916,7 @@ ykpiv_rc ykpiv_verify(ykpiv_state *state, const char *pin, int *tries) {
// TREV TODO: pin len? // TREV TODO: pin len?
APDU apdu; APDU apdu;
unsigned char data[261]; unsigned char data[261];
unsigned long recv_len = sizeof(data); uint32_t recv_len = sizeof(data);
int sw; int sw;
size_t len = 0; size_t len = 0;
ykpiv_rc res; ykpiv_rc res;
@@ -1275,7 +1277,7 @@ ykpiv_rc ykpiv_done2(ykpiv_state *state, bool disconnect) {
return YKPIV_OK; return YKPIV_OK;
} }
ykpiv_rc ykpiv_verify_select(ykpiv_state *state, const uint8_t *pin, const size_t pin_len, int *tries, bool force_select) { ykpiv_rc ykpiv_verify_select(ykpiv_state *state, const char *pin, const size_t pin_len, int *tries, bool force_select) {
ykpiv_rc res = YKPIV_OK; ykpiv_rc res = YKPIV_OK;
if (YKPIV_OK != (res = _ykpiv_begin_transaction(state))) goto Cleanup; if (YKPIV_OK != (res = _ykpiv_begin_transaction(state))) goto Cleanup;
#if 0 #if 0
+1 -1
View File
@@ -456,7 +456,7 @@ extern "C"
// TREV TODO: remove // TREV TODO: remove
ykpiv_rc ykpiv_done2(ykpiv_state *state, bool disconnect); ykpiv_rc ykpiv_done2(ykpiv_state *state, bool disconnect);
ykpiv_rc ykpiv_verify_select(ykpiv_state *state, const uint8_t *pin, const size_t pin_len, int *tries, bool force_select); ykpiv_rc ykpiv_verify_select(ykpiv_state *state, const char *pin, const size_t pin_len, int *tries, bool force_select);
#ifdef __cplusplus #ifdef __cplusplus
} }