diff --git a/src/hsm/cmd_bip_slip.c b/src/hsm/cmd_bip_slip.c index 95f8b30..13db1f2 100644 --- a/src/hsm/cmd_bip_slip.c +++ b/src/hsm/cmd_bip_slip.c @@ -267,7 +267,7 @@ int cmd_bip_slip() { uint8_t chain[32] = { 0 }, fgpt[4] = { 0 }, last_node[4] = { 0 }, key_type = 0, nodes = 0; size_t olen = 0; int r = - node_derive_path(apdu.data, apdu.nc, &ctx, chain, fgpt, &nodes, last_node, &key_type); + node_derive_path(apdu.data, (uint16_t)apdu.nc, &ctx, chain, fgpt, &nodes, last_node, &key_type); if (r != CCID_OK) { mbedtls_ecp_keypair_free(&ctx); return SW_EXEC_ERROR(); @@ -307,7 +307,7 @@ int cmd_bip_slip() { else if (p1 == 0x10) { uint8_t chain[32] = { 0 }, fgpt[4] = { 0 }, last_node[4] = { 0 }, nodes = 0; int r = node_derive_path(apdu.data, - apdu.nc, + (uint16_t)apdu.nc, &hd_context, chain, fgpt, diff --git a/src/hsm/cmd_change_pin.c b/src/hsm/cmd_change_pin.c index 0da02a1..7a2ba98 100644 --- a/src/hsm/cmd_change_pin.c +++ b/src/hsm/cmd_change_pin.c @@ -48,11 +48,11 @@ int cmd_change_pin() { //encrypt MKEK with new pin if (P2(apdu) == 0x81) { - hash_multi(apdu.data + pin_len, apdu.nc - pin_len, session_pin); + hash_multi(apdu.data + pin_len, (uint16_t)(apdu.nc - pin_len), session_pin); has_session_pin = true; } else if (P2(apdu) == 0x88) { - hash_multi(apdu.data + pin_len, apdu.nc - pin_len, session_sopin); + hash_multi(apdu.data + pin_len, (uint16_t)(apdu.nc - pin_len), session_sopin); has_session_sopin = true; } r = store_mkek(mkek); @@ -62,7 +62,7 @@ int cmd_change_pin() { } uint8_t dhash[33]; dhash[0] = (uint8_t)apdu.nc - pin_len; - double_hash_pin(apdu.data + pin_len, apdu.nc - pin_len, dhash + 1); + double_hash_pin(apdu.data + pin_len, (uint16_t)(apdu.nc - pin_len), dhash + 1); flash_write_data_to_file(file_pin, dhash, sizeof(dhash)); low_flash_available(); return SW_OK(); diff --git a/src/hsm/cmd_cipher_sym.c b/src/hsm/cmd_cipher_sym.c index cacaac4..c816c63 100644 --- a/src/hsm/cmd_cipher_sym.c +++ b/src/hsm/cmd_cipher_sym.c @@ -228,7 +228,7 @@ int cmd_cipher_sym() { return SW_EXEC_ERROR(); } } - res_APDU_size = apdu.nc; + res_APDU_size = (uint16_t)apdu.nc; } else if (algo == ALGO_AES_CMAC) { const mbedtls_cipher_info_t *cipher_info; @@ -266,19 +266,19 @@ int cmd_cipher_sym() { if (r != 0) { return SW_EXEC_ERROR(); } - res_APDU_size = apdu.nc; + res_APDU_size = (uint16_t)apdu.nc; } else if (algo == ALGO_EXT_CIPHER_ENCRYPT || algo == ALGO_EXT_CIPHER_DECRYPT) { uint16_t oid_len = 0, aad_len = 0, iv_len = 0, enc_len = 0; uint8_t *oid = NULL, *aad = NULL, *iv = NULL, *enc = NULL; - if (!asn1_find_tag(apdu.data, apdu.nc, 0x6, &oid_len, + if (!asn1_find_tag(apdu.data, (uint16_t)apdu.nc, 0x6, &oid_len, &oid) || oid_len == 0 || oid == NULL) { mbedtls_platform_zeroize(kdata, sizeof(kdata)); return SW_WRONG_DATA(); } - asn1_find_tag(apdu.data, apdu.nc, 0x81, &enc_len, &enc); - asn1_find_tag(apdu.data, apdu.nc, 0x82, &iv_len, &iv); - asn1_find_tag(apdu.data, apdu.nc, 0x83, &aad_len, &aad); + asn1_find_tag(apdu.data, (uint16_t)apdu.nc, 0x81, &enc_len, &enc); + asn1_find_tag(apdu.data, (uint16_t)apdu.nc, 0x82, &iv_len, &iv); + asn1_find_tag(apdu.data, (uint16_t)apdu.nc, 0x83, &aad_len, &aad); uint8_t tmp_iv[16]; memset(tmp_iv, 0, sizeof(tmp_iv)); if (memcmp(oid, OID_CHACHA20_POLY1305, oid_len) == 0) { @@ -380,7 +380,7 @@ int cmd_cipher_sym() { if (r != 0) { return SW_EXEC_ERROR(); } - res_APDU_size = apdu.ne > 0 && apdu.ne < 65536 ? apdu.ne : (uint16_t)mbedtls_md_get_size(md_info); + res_APDU_size = apdu.ne > 0 && apdu.ne < 65536 ? (uint16_t)apdu.ne : (uint16_t)mbedtls_md_get_size(md_info); } else if (memcmp(oid, OID_PKCS5_PBKDF2, oid_len) == 0) { int iterations = 0; @@ -409,7 +409,7 @@ int cmd_cipher_sym() { if (r != 0) { return SW_EXEC_ERROR(); } - res_APDU_size = keylen ? keylen : (apdu.ne > 0 && apdu.ne < 65536 ? apdu.ne : 32); + res_APDU_size = keylen ? keylen : (apdu.ne > 0 && apdu.ne < 65536 ? (uint16_t)apdu.ne : 32); } else if (memcmp(oid, OID_PKCS5_PBES2, oid_len) == 0) { size_t olen = 0; @@ -450,13 +450,13 @@ int cmd_cipher_sym() { kdata, aad_len, aad, - apdu.ne > 0 && apdu.ne < 65536 ? apdu.ne : 32, + apdu.ne > 0 && apdu.ne < 65536 ? (uint16_t)apdu.ne : 32, res_APDU); mbedtls_platform_zeroize(kdata, sizeof(kdata)); if (r != 0) { return SW_WRONG_DATA(); } - res_APDU_size = apdu.ne > 0 && apdu.ne < 65536 ? apdu.ne : 32; + res_APDU_size = apdu.ne > 0 && apdu.ne < 65536 ? (uint16_t)apdu.ne : 32; } else if (memcmp(oid, OID_NIST_AES, 8) == 0) { if (oid_len != 9) { diff --git a/src/hsm/cmd_decrypt_asym.c b/src/hsm/cmd_decrypt_asym.c index c76ab8f..55880a2 100644 --- a/src/hsm/cmd_decrypt_asym.c +++ b/src/hsm/cmd_decrypt_asym.c @@ -116,7 +116,7 @@ int cmd_decrypt_asym() { } else if (p2 == ALGO_EC_DH_XKEK) { uint16_t pub_len = 0; - const uint8_t *pub = cvc_get_pub(apdu.data, apdu.nc, &pub_len); + const uint8_t *pub = cvc_get_pub(apdu.data, (uint16_t)apdu.nc, &pub_len); if (pub) { uint16_t t86_len = 0; const uint8_t *t86 = cvc_get_field(pub, pub_len, &t86_len, 0x86); @@ -149,7 +149,7 @@ int cmd_decrypt_asym() { res_APDU_size = 0; uint16_t ext_len = 0; const uint8_t *ext = NULL; - if ((ext = cvc_get_ext(apdu.data, apdu.nc, &ext_len)) == NULL) { + if ((ext = cvc_get_ext(apdu.data, (uint16_t)apdu.nc, &ext_len)) == NULL) { return SW_WRONG_DATA(); } uint8_t *p = NULL, *tag_data = NULL, *kdom_uid = NULL; diff --git a/src/hsm/cmd_general_authenticate.c b/src/hsm/cmd_general_authenticate.c index a666305..c27e2c9 100644 --- a/src/hsm/cmd_general_authenticate.c +++ b/src/hsm/cmd_general_authenticate.c @@ -33,7 +33,7 @@ int cmd_general_authenticate() { uint16_t tag = 0x0; uint8_t *tag_data = NULL, *p = NULL; uint16_t tag_len = 0; - while (walk_tlv(apdu.data + 2, apdu.nc - 2, &p, &tag, &tag_len, &tag_data)) { + while (walk_tlv(apdu.data + 2, (uint16_t)(apdu.nc - 2), &p, &tag, &tag_len, &tag_data)) { if (tag == 0x80) { pubkey = tag_data - 1; //mbedtls ecdh starts reading one pos before pubkey_len = tag_len + 1; diff --git a/src/hsm/cmd_pso.c b/src/hsm/cmd_pso.c index fe513a5..f2ee8e7 100644 --- a/src/hsm/cmd_pso.c +++ b/src/hsm/cmd_pso.c @@ -33,13 +33,13 @@ int cmd_pso() { return SW_REFERENCE_NOT_FOUND(); } if (apdu.data[0] != 0x7F || apdu.data[1] != 0x21) { - uint8_t tlv_len = 2 + format_tlv_len(apdu.nc, NULL); + uint8_t tlv_len = 2 + format_tlv_len((uint16_t)apdu.nc, NULL); memmove(apdu.data + tlv_len, apdu.data, apdu.nc); memcpy(apdu.data, "\x7F\x21", 2); - format_tlv_len(apdu.nc, apdu.data + 2); + format_tlv_len((uint16_t)apdu.nc, apdu.data + 2); apdu.nc += tlv_len; } - int r = cvc_verify(apdu.data, apdu.nc, current_puk->cvcert, current_puk->cvcert_len); + int r = cvc_verify(apdu.data, (uint16_t)apdu.nc, current_puk->cvcert, current_puk->cvcert_len); if (r != CCID_OK) { if (r == CCID_WRONG_DATA) { return SW_DATA_INVALID(); @@ -54,19 +54,19 @@ int cmd_pso() { file_t *ca_ef = search_dynamic_file(fid); if (!ca_ef) { ca_ef = file_new(fid); - flash_write_data_to_file(ca_ef, apdu.data, apdu.nc); + flash_write_data_to_file(ca_ef, apdu.data, (uint16_t)apdu.nc); if (add_cert_puk_store(file_get_data(ca_ef), file_get_size(ca_ef), false) != CCID_OK) { return SW_FILE_FULL(); } uint16_t chr_len = 0; - const uint8_t *chr = cvc_get_chr(apdu.data, apdu.nc, &chr_len); + const uint8_t *chr = cvc_get_chr(apdu.data, (uint16_t)apdu.nc, &chr_len); if (chr == NULL) { return SW_WRONG_DATA(); } uint16_t puk_len = 0, puk_bin_len = 0; - const uint8_t *puk = cvc_get_pub(apdu.data, apdu.nc, &puk_len), *puk_bin = NULL; + const uint8_t *puk = cvc_get_pub(apdu.data, (uint16_t)apdu.nc, &puk_len), *puk_bin = NULL; if (puk == NULL) { return SW_WRONG_DATA(); } @@ -82,7 +82,7 @@ int cmd_pso() { } } else if (memcmp(oid, OID_ID_TA_ECDSA, 9) == 0) { //ECC - mbedtls_ecp_group_id ec_id = cvc_inherite_ec_group(apdu.data, apdu.nc); + mbedtls_ecp_group_id ec_id = cvc_inherite_ec_group(apdu.data, (uint16_t)apdu.nc); mbedtls_ecp_group grp; mbedtls_ecp_group_init(&grp); if (mbedtls_ecp_group_load(&grp, ec_id) != 0) { diff --git a/src/hsm/cmd_puk_auth.c b/src/hsm/cmd_puk_auth.c index 2457003..a6ff158 100644 --- a/src/hsm/cmd_puk_auth.c +++ b/src/hsm/cmd_puk_auth.c @@ -61,7 +61,7 @@ int cmd_puk_auth() { return SW_MEMORY_FAILURE(); } } - flash_write_data_to_file(ef, apdu.data, apdu.nc); + flash_write_data_to_file(ef, apdu.data, (uint16_t)apdu.nc); low_flash_available(); } else { diff --git a/src/hsm/cmd_signature.c b/src/hsm/cmd_signature.c index 8afb737..db928ee 100644 --- a/src/hsm/cmd_signature.c +++ b/src/hsm/cmd_signature.c @@ -153,10 +153,10 @@ int cmd_signature() { return SW_EXEC_ERROR(); } uint8_t *hash = apdu.data; - uint16_t hash_len = apdu.nc; + uint16_t hash_len = (uint16_t)apdu.nc; if (p2 == ALGO_RSA_PKCS1) { //DigestInfo attached - uint16_t nc = apdu.nc; - if (pkcs1_strip_digest_info_prefix(&md, apdu.data, apdu.nc, apdu.data, + uint16_t nc = (uint16_t)apdu.nc; + if (pkcs1_strip_digest_info_prefix(&md, apdu.data, (uint16_t)apdu.nc, apdu.data, &nc) != CCID_OK) { //gets the MD algo id and strips it off return SW_EXEC_ERROR(); } @@ -166,7 +166,7 @@ int cmd_signature() { //sc_asn1_print_tags(apdu.data, apdu.nc); uint16_t tout = 0, oid_len = 0; uint8_t *p = NULL, *oid = NULL; - if (asn1_find_tag(apdu.data, apdu.nc, 0x30, &tout, &p) && tout > 0 && p != NULL) { + if (asn1_find_tag(apdu.data, (uint16_t)apdu.nc, 0x30, &tout, &p) && tout > 0 && p != NULL) { uint16_t tout30 = 0; uint8_t *c30 = NULL; if (asn1_find_tag(p, tout, 0x30, &tout30, &c30) && tout30 > 0 && c30 != NULL) { diff --git a/src/hsm/cvc.c b/src/hsm/cvc.c index fbdc925..40c03a2 100644 --- a/src/hsm/cvc.c +++ b/src/hsm/cvc.c @@ -112,27 +112,27 @@ uint16_t asn1_cvc_public_key_ecdsa(mbedtls_ecdsa_context *ecdsa, uint8_t *buf, u p += sizeof(oid_ecdsa); if (mbedtls_ecp_get_type(&ecdsa->grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { //p - *p++ = 0x81; p += format_tlv_len(p_size, p); mbedtls_mpi_write_binary(&ecdsa->grp.P, p, p_size); + *p++ = 0x81; p += format_tlv_len((uint16_t)p_size, p); mbedtls_mpi_write_binary(&ecdsa->grp.P, p, p_size); p += p_size; //order - *p++ = 0x82; p += format_tlv_len(o_size, p); mbedtls_mpi_write_binary(&ecdsa->grp.N, p, o_size); + *p++ = 0x82; p += format_tlv_len((uint16_t)o_size, p); mbedtls_mpi_write_binary(&ecdsa->grp.N, p, o_size); p += o_size; //G - *p++ = 0x83; p += format_tlv_len(g_size, p); memcpy(p, G_buf, g_size); p += g_size; + *p++ = 0x83; p += format_tlv_len((uint16_t)g_size, p); memcpy(p, G_buf, g_size); p += g_size; //Y - *p++ = 0x84; p += format_tlv_len(y_size, p); memcpy(p, Y_buf, y_size); p += y_size; + *p++ = 0x84; p += format_tlv_len((uint16_t)y_size, p); memcpy(p, Y_buf, y_size); p += y_size; } else { //p - *p++ = 0x81; p += format_tlv_len(p_size, p); mbedtls_mpi_write_binary(&ecdsa->grp.P, p, p_size); + *p++ = 0x81; p += format_tlv_len((uint16_t)p_size, p); mbedtls_mpi_write_binary(&ecdsa->grp.P, p, p_size); p += p_size; //A if (a_size) { - *p++ = 0x82; p += format_tlv_len(a_size, p); mbedtls_mpi_write_binary(&ecdsa->grp.A, p, a_size); p += a_size; + *p++ = 0x82; p += format_tlv_len((uint16_t)a_size, p); mbedtls_mpi_write_binary(&ecdsa->grp.A, p, a_size); p += a_size; } else { //mbedtls does not set point A for some curves if (pointA[ecdsa->grp.id] && ecdsa->grp.id < 6) { - *p++ = 0x82; p += format_tlv_len(p_size, p); memcpy(p, pointA[ecdsa->grp.id], p_size); + *p++ = 0x82; p += format_tlv_len((uint16_t)p_size, p); memcpy(p, pointA[ecdsa->grp.id], p_size); p += p_size; } else { @@ -141,15 +141,15 @@ uint16_t asn1_cvc_public_key_ecdsa(mbedtls_ecdsa_context *ecdsa, uint8_t *buf, u } } //B - *p++ = 0x83; p += format_tlv_len(b_size, p); mbedtls_mpi_write_binary(&ecdsa->grp.B, p, b_size); + *p++ = 0x83; p += format_tlv_len((uint16_t)b_size, p); mbedtls_mpi_write_binary(&ecdsa->grp.B, p, b_size); p += b_size; //G - *p++ = 0x84; p += format_tlv_len(g_size, p); memcpy(p, G_buf, g_size); p += g_size; + *p++ = 0x84; p += format_tlv_len((uint16_t)g_size, p); memcpy(p, G_buf, g_size); p += g_size; //order - *p++ = 0x85; p += format_tlv_len(o_size, p); mbedtls_mpi_write_binary(&ecdsa->grp.N, p, o_size); + *p++ = 0x85; p += format_tlv_len((uint16_t)o_size, p); mbedtls_mpi_write_binary(&ecdsa->grp.N, p, o_size); p += o_size; //Y - *p++ = 0x86; p += format_tlv_len(y_size, p); memcpy(p, Y_buf, y_size); p += y_size; + *p++ = 0x86; p += format_tlv_len((uint16_t)y_size, p); memcpy(p, Y_buf, y_size); p += y_size; //cofactor *p++ = 0x87; p += format_tlv_len(c_size, p); *p++ = 1; @@ -185,7 +185,7 @@ uint16_t asn1_cvc_cert_body(void *rsa_ecdsa, uint8_t *car = NULL, *chr = NULL; uint16_t lencar = 0, lenchr = 0; - if (asn1_find_tag(apdu.data, apdu.nc, 0x42, &lencar, + if (asn1_find_tag(apdu.data, (uint16_t)apdu.nc, 0x42, &lencar, &car) == false || lencar == 0 || car == NULL) { car = (uint8_t *) dev_name; lencar = dev_name_len; @@ -194,7 +194,7 @@ uint16_t asn1_cvc_cert_body(void *rsa_ecdsa, lencar = (uint16_t)strlen((const char *)car); } } - if (asn1_find_tag(apdu.data, apdu.nc, 0x5f20, &lenchr, + if (asn1_find_tag(apdu.data, (uint16_t)apdu.nc, 0x5f20, &lenchr, &chr) == false || lenchr == 0 || chr == NULL) { chr = (uint8_t *) dev_name; lenchr = dev_name_len;