diff options
author | Conrad Meyer <cem@FreeBSD.org> | 2016-05-26 19:29:29 +0000 |
---|---|---|
committer | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2022-09-08 16:14:56 +0200 |
commit | 3a22e5d30f49090d95ebff0e157b19522a38be35 (patch) | |
tree | 8d76d7e97bfdb251821e89688794391ede575b16 | |
parent | Replace sys/crypto/sha2/sha2.c with lib/libmd/sha512c.c (diff) | |
download | rtems-3a22e5d30f49090d95ebff0e157b19522a38be35.tar.bz2 |
crypto routines: Hint minimum buffer sizes to the compiler
Use the C99 'static' keyword to hint to the compiler IVs and output digest
sizes. The keyword informs the compiler of the minimum valid size for a given
array. Obviously not every pointer can be validated (i.e., the compiler can
produce false negative but not false positive reports).
No functional change. No ABI change.
Sponsored by: EMC / Isilon Storage Division
-rw-r--r-- | cpukit/include/sha256.h | 2 | ||||
-rw-r--r-- | cpukit/include/sha384.h | 2 | ||||
-rw-r--r-- | cpukit/include/sha512.h | 2 | ||||
-rw-r--r-- | cpukit/libmd/sha256c.c | 5 | ||||
-rw-r--r-- | cpukit/libmd/sha512c.c | 8 |
5 files changed, 10 insertions, 9 deletions
diff --git a/cpukit/include/sha256.h b/cpukit/include/sha256.h index 9deed91255..4fe35935c0 100644 --- a/cpukit/include/sha256.h +++ b/cpukit/include/sha256.h @@ -47,7 +47,7 @@ __BEGIN_DECLS void SHA256_Init(SHA256_CTX *); void SHA256_Update(SHA256_CTX *, const void *, size_t); -void SHA256_Final(unsigned char [SHA256_DIGEST_LENGTH], SHA256_CTX *); +void SHA256_Final(unsigned char [static SHA256_DIGEST_LENGTH], SHA256_CTX *); #ifndef _KERNEL char *SHA256_End(SHA256_CTX *, char *); char *SHA256_Data(const void *, unsigned int, char *); diff --git a/cpukit/include/sha384.h b/cpukit/include/sha384.h index 2035d6ff54..52f69efc95 100644 --- a/cpukit/include/sha384.h +++ b/cpukit/include/sha384.h @@ -47,7 +47,7 @@ __BEGIN_DECLS void SHA384_Init(SHA384_CTX *); void SHA384_Update(SHA384_CTX *, const void *, size_t); -void SHA384_Final(unsigned char [SHA384_DIGEST_LENGTH], SHA384_CTX *); +void SHA384_Final(unsigned char [static SHA384_DIGEST_LENGTH], SHA384_CTX *); #ifndef _KERNEL char *SHA384_End(SHA384_CTX *, char *); char *SHA384_Data(const void *, unsigned int, char *); diff --git a/cpukit/include/sha512.h b/cpukit/include/sha512.h index 1964562160..de7d19abb3 100644 --- a/cpukit/include/sha512.h +++ b/cpukit/include/sha512.h @@ -47,7 +47,7 @@ __BEGIN_DECLS void SHA512_Init(SHA512_CTX *); void SHA512_Update(SHA512_CTX *, const void *, size_t); -void SHA512_Final(unsigned char [SHA512_DIGEST_LENGTH], SHA512_CTX *); +void SHA512_Final(unsigned char [static SHA512_DIGEST_LENGTH], SHA512_CTX *); #ifndef _KERNEL char *SHA512_End(SHA512_CTX *, char *); char *SHA512_Data(const void *, unsigned int, char *); diff --git a/cpukit/libmd/sha256c.c b/cpukit/libmd/sha256c.c index 4c0371dda7..f5a453e43b 100644 --- a/cpukit/libmd/sha256c.c +++ b/cpukit/libmd/sha256c.c @@ -283,7 +283,7 @@ SHA256_Update(SHA256_CTX * ctx, const void *in, size_t len) * and clears the context state. */ void -SHA256_Final(unsigned char digest[32], SHA256_CTX * ctx) +SHA256_Final(unsigned char digest[static SHA256_DIGEST_LENGTH], SHA256_CTX *ctx) { /* Add padding */ @@ -291,7 +291,8 @@ SHA256_Final(unsigned char digest[32], SHA256_CTX * ctx) /* Write the hash */ be32enc_vect(digest, ctx->state, 32); + be32enc_vect(digest, ctx->state, SHA256_DIGEST_LENGTH); /* Clear the context state */ - memset((void *)ctx, 0, sizeof(*ctx)); + memset(ctx, 0, sizeof(*ctx)); } diff --git a/cpukit/libmd/sha512c.c b/cpukit/libmd/sha512c.c index 7d0e875550..a93d8a44d8 100644 --- a/cpukit/libmd/sha512c.c +++ b/cpukit/libmd/sha512c.c @@ -307,7 +307,7 @@ SHA512_Update(SHA512_CTX * ctx, const void *in, size_t len) * and clears the context state. */ void -SHA512_Final(unsigned char digest[SHA512_DIGEST_LENGTH], SHA512_CTX * ctx) +SHA512_Final(unsigned char digest[static SHA512_DIGEST_LENGTH], SHA512_CTX *ctx) { /* Add padding */ @@ -317,7 +317,7 @@ SHA512_Final(unsigned char digest[SHA512_DIGEST_LENGTH], SHA512_CTX * ctx) be64enc_vect(digest, ctx->state, SHA512_DIGEST_LENGTH); /* Clear the context state */ - memset((void *)ctx, 0, sizeof(*ctx)); + memset(ctx, 0, sizeof(*ctx)); } /*** SHA-384: *********************************************************/ @@ -357,7 +357,7 @@ SHA384_Update(SHA384_CTX * ctx, const void *in, size_t len) * and clears the context state. */ void -SHA384_Final(unsigned char digest[SHA384_DIGEST_LENGTH], SHA384_CTX * ctx) +SHA384_Final(unsigned char digest[static SHA384_DIGEST_LENGTH], SHA384_CTX *ctx) { /* Add padding */ @@ -367,5 +367,5 @@ SHA384_Final(unsigned char digest[SHA384_DIGEST_LENGTH], SHA384_CTX * ctx) be64enc_vect(digest, ctx->state, SHA384_DIGEST_LENGTH); /* Clear the context state */ - memset((void *)ctx, 0, sizeof(*ctx)); + memset(ctx, 0, sizeof(*ctx)); } |