From 122502e2b10ec6ca5db281376d52b060cc5c9d1d Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Wed, 18 Dec 2024 11:51:06 -0600 Subject: [PATCH] wolfCrypt -Wconversion expansion: fix numerous warnings, all benign, from -Warith-conversion -Wenum-conversion -Wfloat-conversion -Wsign-conversion. --- wolfcrypt/src/aes.c | 78 ++-- wolfcrypt/src/asn.c | 21 +- wolfcrypt/src/coding.c | 16 +- wolfcrypt/src/ecc.c | 8 +- wolfcrypt/src/fe_x25519_128.h | 18 +- wolfcrypt/src/ge_448.c | 750 +++++++++++++++++----------------- wolfcrypt/src/ge_operations.c | 15 +- wolfcrypt/src/kdf.c | 6 +- wolfcrypt/src/misc.c | 12 +- wolfcrypt/src/pkcs12.c | 16 +- wolfcrypt/src/pkcs7.c | 8 +- wolfcrypt/src/pwdbased.c | 4 +- wolfcrypt/src/random.c | 4 +- wolfcrypt/src/sha3.c | 22 +- wolfcrypt/src/siphash.c | 6 +- wolfcrypt/src/sp_arm64.c | 20 +- wolfcrypt/src/sp_c32.c | 8 +- wolfcrypt/src/sp_c64.c | 8 +- wolfcrypt/src/sp_int.c | 132 +++--- wolfcrypt/src/sp_x86_64.c | 26 +- wolfcrypt/src/wc_port.c | 8 +- 21 files changed, 598 insertions(+), 588 deletions(-) diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index 154416dde5..cf500649e5 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -6509,7 +6509,7 @@ static WC_INLINE void RIGHTSHIFTX(byte* x) { int i; int carryIn = 0; - byte borrow = (0x00 - (x[15] & 0x01)) & 0xE1; + byte borrow = (byte)((0x00U - (x[15] & 0x01U)) & 0xE1U); for (i = 0; i < WC_AES_BLOCK_SIZE; i++) { int carryOut = (x[i] & 0x01) << 7; @@ -8037,13 +8037,13 @@ static void GHASH_UPDATE(Aes* aes, const byte* a, word32 aSz, const byte* c, /* Check if we have unprocessed data. */ if (aes->aOver > 0) { /* Calculate amount we can use - fill up the block. */ - byte sz = WC_AES_BLOCK_SIZE - aes->aOver; + byte sz = (byte)(WC_AES_BLOCK_SIZE - aes->aOver); if (sz > aSz) { sz = (byte)aSz; } /* Copy extra into last GHASH block array and update count. */ XMEMCPY(AES_LASTGBLOCK(aes) + aes->aOver, a, sz); - aes->aOver += sz; + aes->aOver = (byte)(aes->aOver + sz); if (aes->aOver == WC_AES_BLOCK_SIZE) { /* We have filled up the block and can process. */ GHASH_ONE_BLOCK(aes, AES_LASTGBLOCK(aes)); @@ -8072,7 +8072,7 @@ static void GHASH_UPDATE(Aes* aes, const byte* a, word32 aSz, const byte* c, if (aes->aOver > 0 && cSz > 0 && c != NULL) { /* No more AAD coming and we have a partial block. */ /* Fill the rest of the block with zeros. */ - byte sz = WC_AES_BLOCK_SIZE - aes->aOver; + byte sz = (byte)(WC_AES_BLOCK_SIZE - aes->aOver); XMEMSET(AES_LASTGBLOCK(aes) + aes->aOver, 0, sz); /* GHASH last AAD block. */ GHASH_ONE_BLOCK(aes, AES_LASTGBLOCK(aes)); @@ -8086,13 +8086,13 @@ static void GHASH_UPDATE(Aes* aes, const byte* a, word32 aSz, const byte* c, aes->cSz += cSz; if (aes->cOver > 0) { /* Calculate amount we can use - fill up the block. */ - byte sz = WC_AES_BLOCK_SIZE - aes->cOver; + byte sz = (byte)(WC_AES_BLOCK_SIZE - aes->cOver); if (sz > cSz) { sz = (byte)cSz; } XMEMCPY(AES_LASTGBLOCK(aes) + aes->cOver, c, sz); /* Update count of unused encrypted counter. */ - aes->cOver += sz; + aes->cOver = (byte)(aes->cOver + sz); if (aes->cOver == WC_AES_BLOCK_SIZE) { /* We have filled up the block and can process. */ GHASH_ONE_BLOCK(aes, AES_LASTGBLOCK(aes)); @@ -8139,7 +8139,7 @@ static void GHASH_FINAL(Aes* aes, byte* s, word32 sSz) } if (over > 0) { /* Zeroize the unused part of the block. */ - XMEMSET(AES_LASTGBLOCK(aes) + over, 0, WC_AES_BLOCK_SIZE - over); + XMEMSET(AES_LASTGBLOCK(aes) + over, 0, (size_t)WC_AES_BLOCK_SIZE - over); /* Hash the last block of cipher text. */ GHASH_ONE_BLOCK(aes, AES_LASTGBLOCK(aes)); } @@ -9352,7 +9352,7 @@ static WARN_UNUSED_RESULT int AesGcmCryptUpdate_C( /* Check if previous encrypted block was not used up. */ if (aes->over > 0) { - byte pSz = WC_AES_BLOCK_SIZE - aes->over; + byte pSz = (byte)(WC_AES_BLOCK_SIZE - aes->over); if (pSz > sz) pSz = (byte)sz; /* Use some/all of last encrypted block. */ @@ -9579,13 +9579,13 @@ static WARN_UNUSED_RESULT int AesGcmAadUpdate_aesni( /* Check if we have unprocessed data. */ if (aes->aOver > 0) { /* Calculate amount we can use - fill up the block. */ - byte sz = WC_AES_BLOCK_SIZE - aes->aOver; + byte sz = (byte)(WC_AES_BLOCK_SIZE - aes->aOver); if (sz > aSz) { sz = (byte)aSz; } /* Copy extra into last GHASH block array and update count. */ XMEMCPY(AES_LASTGBLOCK(aes) + aes->aOver, a, sz); - aes->aOver += sz; + aes->aOver = (byte)(aes->aOver + sz); if (aes->aOver == WC_AES_BLOCK_SIZE) { /* We have filled up the block and can process. */ #ifdef HAVE_INTEL_AVX2 @@ -9650,7 +9650,7 @@ static WARN_UNUSED_RESULT int AesGcmAadUpdate_aesni( /* No more AAD coming and we have a partial block. */ /* Fill the rest of the block with zeros. */ XMEMSET(AES_LASTGBLOCK(aes) + aes->aOver, 0, - WC_AES_BLOCK_SIZE - aes->aOver); + (size_t)WC_AES_BLOCK_SIZE - aes->aOver); /* GHASH last AAD block. */ #ifdef HAVE_INTEL_AVX2 if (IS_INTEL_AVX2(intel_flags)) { @@ -9708,7 +9708,7 @@ static WARN_UNUSED_RESULT int AesGcmEncryptUpdate_aesni( aes->cSz += cSz; if (aes->cOver > 0) { /* Calculate amount we can use - fill up the block. */ - byte sz = WC_AES_BLOCK_SIZE - aes->cOver; + byte sz = (byte)(WC_AES_BLOCK_SIZE - aes->cOver); if (sz > cSz) { sz = (byte)cSz; } @@ -9716,7 +9716,7 @@ static WARN_UNUSED_RESULT int AesGcmEncryptUpdate_aesni( xorbuf(AES_LASTGBLOCK(aes) + aes->cOver, p, sz); XMEMCPY(c, AES_LASTGBLOCK(aes) + aes->cOver, sz); /* Update count of unused encrypted counter. */ - aes->cOver += sz; + aes->cOver = (byte)(aes->cOver + sz); if (aes->cOver == WC_AES_BLOCK_SIZE) { /* We have filled up the block and can process. */ #ifdef HAVE_INTEL_AVX2 @@ -9832,7 +9832,7 @@ static WARN_UNUSED_RESULT int AesGcmEncryptFinal_aesni( } if (over > 0) { /* Fill the rest of the block with zeros. */ - XMEMSET(AES_LASTGBLOCK(aes) + over, 0, WC_AES_BLOCK_SIZE - over); + XMEMSET(AES_LASTGBLOCK(aes) + over, 0, (size_t)WC_AES_BLOCK_SIZE - over); /* GHASH last cipher block. */ #ifdef HAVE_INTEL_AVX2 if (IS_INTEL_AVX2(intel_flags)) { @@ -9939,7 +9939,7 @@ static WARN_UNUSED_RESULT int AesGcmDecryptUpdate_aesni( aes->cSz += cSz; if (aes->cOver > 0) { /* Calculate amount we can use - fill up the block. */ - byte sz = WC_AES_BLOCK_SIZE - aes->cOver; + byte sz = (byte)(WC_AES_BLOCK_SIZE - aes->cOver); if (sz > cSz) { sz = (byte)cSz; } @@ -9949,7 +9949,7 @@ static WARN_UNUSED_RESULT int AesGcmDecryptUpdate_aesni( xorbuf(AES_LASTGBLOCK(aes) + aes->cOver, c, sz); XMEMCPY(p, AES_LASTGBLOCK(aes) + aes->cOver, sz); /* Update count of unused encrypted counter. */ - aes->cOver += sz; + aes->cOver = (byte)(aes->cOver + sz); if (aes->cOver == WC_AES_BLOCK_SIZE) { /* We have filled up the block and can process. */ #ifdef HAVE_INTEL_AVX2 @@ -10072,7 +10072,7 @@ static WARN_UNUSED_RESULT int AesGcmDecryptFinal_aesni( } if (over > 0) { /* Zeroize the unused part of the block. */ - XMEMSET(lastBlock + over, 0, WC_AES_BLOCK_SIZE - over); + XMEMSET(lastBlock + over, 0, (size_t)WC_AES_BLOCK_SIZE - over); /* Hash the last block of cipher text. */ #ifdef HAVE_INTEL_AVX2 if (IS_INTEL_AVX2(intel_flags)) { @@ -11044,14 +11044,14 @@ static WC_INLINE void AesCcmCtrIncSet4(byte* B, word32 lenSz) for (i = 0; i < lenSz; i++) { if (++B[WC_AES_BLOCK_SIZE * 2 - 1 - i] != 0) break; } - B[WC_AES_BLOCK_SIZE * 3 - 1] += 2; - if (B[WC_AES_BLOCK_SIZE * 3 - 1] < 2) { + B[WC_AES_BLOCK_SIZE * 3 - 1] = (byte)(B[WC_AES_BLOCK_SIZE * 3 - 1] + 2U); + if (B[WC_AES_BLOCK_SIZE * 3 - 1] < 2U) { for (i = 1; i < lenSz; i++) { if (++B[WC_AES_BLOCK_SIZE * 3 - 1 - i] != 0) break; } } - B[WC_AES_BLOCK_SIZE * 4 - 1] += 3; - if (B[WC_AES_BLOCK_SIZE * 4 - 1] < 3) { + B[WC_AES_BLOCK_SIZE * 4 - 1] = (byte)(B[WC_AES_BLOCK_SIZE * 4 - 1] + 3U); + if (B[WC_AES_BLOCK_SIZE * 4 - 1] < 3U) { for (i = 1; i < lenSz; i++) { if (++B[WC_AES_BLOCK_SIZE * 4 - 1 - i] != 0) break; } @@ -11062,8 +11062,8 @@ static WC_INLINE void AesCcmCtrInc4(byte* B, word32 lenSz) { word32 i; - B[WC_AES_BLOCK_SIZE - 1] += 4; - if (B[WC_AES_BLOCK_SIZE - 1] < 4) { + B[WC_AES_BLOCK_SIZE - 1] = (byte)(B[WC_AES_BLOCK_SIZE - 1] + 4U); + if (B[WC_AES_BLOCK_SIZE - 1] < 4U) { for (i = 1; i < lenSz; i++) { if (++B[WC_AES_BLOCK_SIZE - 1 - i] != 0) break; } @@ -11123,7 +11123,7 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz, XMEMSET(A, 0, sizeof(A)); XMEMCPY(B+1, nonce, nonceSz); - lenSz = WC_AES_BLOCK_SIZE - 1 - (byte)nonceSz; + lenSz = (byte)(WC_AES_BLOCK_SIZE - 1U - nonceSz); B[0] = (byte)((authInSz > 0 ? 64 : 0) + (8 * (((byte)authTagSz - 2) / 2)) + (lenSz - 1)); @@ -11153,7 +11153,7 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz, if (ret == 0) { XMEMCPY(authTag, A, authTagSz); - B[0] = lenSz - 1; + B[0] = (byte)(lenSz - 1U); for (i = 0; i < lenSz; i++) B[WC_AES_BLOCK_SIZE - 1 - i] = 0; ret = wc_AesEncrypt(aes, B, A); @@ -11272,9 +11272,9 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz, oSz = inSz; XMEMSET(A, 0, sizeof A); XMEMCPY(B+1, nonce, nonceSz); - lenSz = WC_AES_BLOCK_SIZE - 1 - (byte)nonceSz; + lenSz = (byte)(WC_AES_BLOCK_SIZE - 1U - nonceSz); - B[0] = lenSz - 1; + B[0] = (byte)(lenSz - 1U); for (i = 0; i < lenSz; i++) B[WC_AES_BLOCK_SIZE - 1 - i] = 0; B[15] = 1; @@ -11353,7 +11353,7 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz, ret = roll_x(aes, o, oSz, A); if (ret == 0) { - B[0] = lenSz - 1; + B[0] = (byte)(lenSz - 1U); for (i = 0; i < lenSz; i++) B[WC_AES_BLOCK_SIZE - 1 - i] = 0; ret = wc_AesEncrypt(aes, B, B); @@ -12175,11 +12175,11 @@ static void shiftLeftArray(byte* ary, byte shift) else { /* shifting over by 7 or less bits */ for (i = 0; i < WC_AES_BLOCK_SIZE - 1; i++) { - byte carry = ary[i+1] & (0XFF << (WOLFSSL_BIT_SIZE - shift)); - carry >>= (WOLFSSL_BIT_SIZE - shift); + byte carry = (byte)(ary[i+1] & (0XFF << (WOLFSSL_BIT_SIZE - shift))); + carry = (byte)(carry >> (WOLFSSL_BIT_SIZE - shift)); ary[i] = (byte)((ary[i] << shift) + carry); } - ary[i] = ary[i] << shift; + ary[i] = (byte)(ary[i] << shift); } } @@ -12265,19 +12265,19 @@ static WARN_UNUSED_RESULT int wc_AesFeedbackCFB1( pt = (byte*)aes->reg; /* LSB + CAT */ - tmp = (0X01 << bit) & in[0]; - tmp = tmp >> bit; + tmp = (byte)((0X01U << bit) & in[0]); + tmp = (byte)(tmp >> bit); tmp &= 0x01; shiftLeftArray((byte*)aes->reg, 1); pt[WC_AES_BLOCK_SIZE - 1] |= tmp; } /* MSB + XOR */ - tmp = (0X01 << bit) & in[0]; + tmp = (byte)((0X01U << bit) & in[0]); pt = (byte*)aes->tmp; - tmp = (pt[0] >> 7) ^ (tmp >> bit); + tmp = (byte)((pt[0] >> 7) ^ (tmp >> bit)); tmp &= 0x01; - cur |= (tmp << bit); + cur = (byte)(cur | (tmp << bit)); if (dir == AES_ENCRYPTION) { @@ -12294,7 +12294,7 @@ static WARN_UNUSED_RESULT int wc_AesFeedbackCFB1( out += 1; in += 1; sz -= 1; - bit = 7; + bit = 7U; cur = 0; } else { @@ -14062,7 +14062,7 @@ static WARN_UNUSED_RESULT int S2V( if (ret != 0) break; xorbuf(tmp[1-tmpi], tmp[tmpi], WC_AES_BLOCK_SIZE); - tmpi = 1 - tmpi; + tmpi = (byte)(1 - tmpi); } /* Add nonce as final AD. See RFC 5297 Section 3. */ @@ -14073,7 +14073,7 @@ static WARN_UNUSED_RESULT int S2V( if (ret == 0) { xorbuf(tmp[1-tmpi], tmp[tmpi], WC_AES_BLOCK_SIZE); } - tmpi = 1 - tmpi; + tmpi = (byte)(1U - tmpi); } /* For simplicity of the remaining code, make sure the "final" result diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 57261aeea3..6335df305e 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -1273,8 +1273,8 @@ static int GetASN_StoreData(const ASNItem* asn, ASNGetData* data, /* Fill number with all of data. */ *data->data.u16 = 0; for (i = 0; i < len; i++) { - *data->data.u16 <<= 8; - *data->data.u16 |= input[idx + (word32)i] ; + *data->data.u16 = (word16)(*data->data.u16 << 8U); + *data->data.u16 = (word16)(*data->data.u16 | input[idx + (word32)i]); } break; case ASN_DATA_TYPE_WORD32: @@ -8640,12 +8640,12 @@ int wc_EncryptPKCS8Key(byte* key, word32 keySz, byte* out, word32* outSz, pbeOidBuf = pbes2; pbeOidBufSz = sizeof(pbes2); /* kdf = OBJ pbkdf2 [ SEQ innerLen ] */ - kdfLen = 2 + sizeof(pbkdf2Oid) + 2 + innerLen; + kdfLen = 2U + (word32)sizeof(pbkdf2Oid) + 2U + innerLen; /* enc = OBJ enc_alg OCT iv */ - encLen = 2 + (word32)encOidSz + 2 + (word32)blockSz; + encLen = 2U + (word32)encOidSz + 2U + (word32)blockSz; /* pbe = OBJ pbse2 SEQ [ SEQ [ kdf ] SEQ [ enc ] ] */ - pbeLen = (word32)(2 + sizeof(pbes2) + 2 + 2 + (size_t)kdfLen + 2 + - (size_t)encLen); + pbeLen = 2U + (word32)sizeof(pbes2) + 2U + 2U + kdfLen + 2U + + encLen; ret = wc_RNG_GenerateBlock(rng, cbcIv, (word32)blockSz); } @@ -8715,7 +8715,7 @@ int wc_EncryptPKCS8Key(byte* key, word32 keySz, byte* out, word32* outSz, idx += SetSequence(kdfLen, out + idx); idx += (word32)SetObjectId((int)sizeof(pbkdf2Oid), out + idx); XMEMCPY(out + idx, pbkdf2Oid, sizeof(pbkdf2Oid)); - idx += sizeof(pbkdf2Oid); + idx += (word32)sizeof(pbkdf2Oid); } idx += SetSequence(innerLen, out + idx); idx += SetOctetString(saltSz, out + idx); @@ -24085,7 +24085,7 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm, Signer } } else { - cert->maxPathLen = (byte)min(cert->ca->maxPathLen - 1, + cert->maxPathLen = (byte)min(cert->ca->maxPathLen - 1U, cert->maxPathLen); } } @@ -27020,7 +27020,7 @@ static int wc_SetCert_LoadDer(Cert* cert, const byte* der, word32 derSz, #ifndef NO_ASN_TIME static WC_INLINE byte itob(int number) { - return (byte)number + 0x30; + return (byte)(number + 0x30); } @@ -33432,7 +33432,8 @@ int EncodePolicyOID(byte *out, word32 *outSz, const char *in, void* heap) return BUFFER_E; } - out[idx++] += (byte)val; + out[idx] = (byte)(out[idx] + val); + ++idx; } else { word32 tb = 0; diff --git a/wolfcrypt/src/coding.c b/wolfcrypt/src/coding.c index aa87ae7949..8681a5ee06 100644 --- a/wolfcrypt/src/coding.c +++ b/wolfcrypt/src/coding.c @@ -99,7 +99,7 @@ static WC_INLINE byte Base64_Char2Val(byte c) byte v; byte mask; - c -= BASE64_MIN; + c = (byte)(c - BASE64_MIN); mask = (byte)((((byte)(0x3f - c)) >> 7) - 1); /* Load a value from the first cache line and use when mask set. */ v = (byte)(base64Decode[ c & 0x3f ] & mask); @@ -507,7 +507,7 @@ int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen) return BAD_FUNC_ARG; if (inLen == 1 && *outLen && in) { - byte b = in[inIdx++] - BASE16_MIN; /* 0 starts at 0x30 */ + byte b = (byte)(in[inIdx++] - BASE16_MIN); /* 0 starts at 0x30 */ /* sanity check */ if (b >= sizeof(hexDecode)/sizeof(hexDecode[0])) @@ -531,8 +531,8 @@ int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen) return BAD_FUNC_ARG; while (inLen) { - byte b = in[inIdx++] - BASE16_MIN; /* 0 starts at 0x30 */ - byte b2 = in[inIdx++] - BASE16_MIN; + byte b = (byte)(in[inIdx++] - BASE16_MIN); /* 0 starts at 0x30 */ + byte b2 = (byte)(in[inIdx++] - BASE16_MIN); /* sanity checks */ if (b >= sizeof(hexDecode)/sizeof(hexDecode[0])) @@ -570,14 +570,14 @@ int Base16_Encode(const byte* in, word32 inLen, byte* out, word32* outLen) byte lb = in[i] & 0x0f; /* ASCII value */ - hb += '0'; + hb = (byte)(hb + '0'); if (hb > '9') - hb += 7; + hb = (byte)(hb + 7U); /* ASCII value */ - lb += '0'; + lb = (byte)(lb + '0'); if (lb>'9') - lb += 7; + lb = (byte)(lb + 7U); out[outIdx++] = hb; out[outIdx++] = lb; diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 9044c0b6f3..ef87516d10 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -1642,7 +1642,7 @@ static void wc_ecc_curve_cache_free_spec_item(ecc_curve_spec* curve, mp_int* ite #endif mp_clear(item); } - curve->load_mask &= ~mask; + curve->load_mask = (byte)(curve->load_mask & ~mask); } static void wc_ecc_curve_cache_free_spec(ecc_curve_spec* curve) { @@ -12811,7 +12811,7 @@ static int accel_fp_mul(int idx, const mp_int* k, ecc_point *R, mp_int* a, by x bits from the start */ bitpos = (unsigned)x; for (y = z = 0; y < FP_LUT; y++) { - z |= ((kb[bitpos>>3] >> (bitpos&7)) & 1) << y; + z |= (((word32)kb[bitpos>>3U] >> (bitpos&7U)) & 1U) << y; bitpos += lut_gap; /* it's y*lut_gap + x, but here we can avoid the mult in each loop */ } @@ -13064,8 +13064,8 @@ static int accel_fp_mul2add(int idx1, int idx2, offset by x bits from the start */ bitpos = (unsigned)x; for (y = zA = zB = 0; y < FP_LUT; y++) { - zA |= ((kb[0][bitpos>>3] >> (bitpos&7)) & 1) << y; - zB |= ((kb[1][bitpos>>3] >> (bitpos&7)) & 1) << y; + zA |= (((word32)kb[0][bitpos>>3U] >> (bitpos&7U)) & 1U) << y; + zB |= (((word32)kb[1][bitpos>>3U] >> (bitpos&7U)) & 1U) << y; bitpos += lut_gap; /* it's y*lut_gap + x, but here we can avoid the mult in each loop */ } diff --git a/wolfcrypt/src/fe_x25519_128.h b/wolfcrypt/src/fe_x25519_128.h index 3ddc41aba9..5e00983541 100644 --- a/wolfcrypt/src/fe_x25519_128.h +++ b/wolfcrypt/src/fe_x25519_128.h @@ -120,30 +120,30 @@ void fe_tobytes(unsigned char *out, const fe n) out[ 3] = (((byte)((in[0] >> 24) )) ); out[ 4] = (((byte)((in[0] >> 32) )) ); out[ 5] = (((byte)((in[0] >> 40) )) ); - out[ 6] = (((byte)((in[0] >> 48) & 0x07)) ) - | (((byte)((in[1] ) & 0x1f)) << 3); + out[ 6] = (byte)((((byte)((in[0] >> 48) & 0x07))) + | (((byte)((in[1] ) & 0x1f)) << 3)); out[ 7] = (((byte)((in[1] >> 5) )) ); out[ 8] = (((byte)((in[1] >> 13) )) ); out[ 9] = (((byte)((in[1] >> 21) )) ); out[10] = (((byte)((in[1] >> 29) )) ); out[11] = (((byte)((in[1] >> 37) )) ); - out[12] = (((byte)((in[1] >> 45) & 0x3f)) ) - | (((byte)((in[2] ) & 0x03)) << 6); + out[12] = (byte)((((byte)((in[1] >> 45) & 0x3f))) + | (((byte)((in[2] ) & 0x03)) << 6)); out[13] = (((byte)((in[2] >> 2) )) ); out[14] = (((byte)((in[2] >> 10) )) ); out[15] = (((byte)((in[2] >> 18) )) ); out[16] = (((byte)((in[2] >> 26) )) ); out[17] = (((byte)((in[2] >> 34) )) ); out[18] = (((byte)((in[2] >> 42) )) ); - out[19] = (((byte)((in[2] >> 50) & 0x01)) ) - | (((byte)((in[3] ) & 0x7f)) << 1); + out[19] = (byte)((((byte)((in[2] >> 50) & 0x01))) + | (((byte)((in[3] ) & 0x7f)) << 1)); out[20] = (((byte)((in[3] >> 7) )) ); out[21] = (((byte)((in[3] >> 15) )) ); out[22] = (((byte)((in[3] >> 23) )) ); out[23] = (((byte)((in[3] >> 31) )) ); out[24] = (((byte)((in[3] >> 39) )) ); - out[25] = (((byte)((in[3] >> 47) & 0x0f)) ) - | (((byte)((in[4] ) & 0x0f)) << 4); + out[25] = (byte)((((byte)((in[3] >> 47) & 0x0f))) + | (((byte)((in[4] ) & 0x0f)) << 4)); out[26] = (((byte)((in[4] >> 4) )) ); out[27] = (((byte)((in[4] >> 12) )) ); out[28] = (((byte)((in[4] >> 20) )) ); @@ -427,7 +427,7 @@ int curve25519(byte* r, const byte* n, const byte* a) swap = 0; for (pos = 254;pos >= 0;--pos) { - b = n[pos / 8] >> (pos & 7); + b = (unsigned int)(n[pos / 8] >> (pos & 7)); b &= 1; swap ^= b; fe_cswap(x2, x3, (int)swap); diff --git a/wolfcrypt/src/ge_448.c b/wolfcrypt/src/ge_448.c index 8c0982ba4d..81f9c57240 100644 --- a/wolfcrypt/src/ge_448.c +++ b/wolfcrypt/src/ge_448.c @@ -464,120 +464,120 @@ void sc448_reduce(byte* b) word64 o; /* Load from bytes */ - t[ 0] = ((sword64) (b[ 0]) << 0) - | ((sword64) (b[ 1]) << 8) - | ((sword64) (b[ 2]) << 16) - | ((sword64) (b[ 3]) << 24) - | ((sword64) (b[ 4]) << 32) - | ((sword64) (b[ 5]) << 40) - | ((sword64) (b[ 6]) << 48); - t[ 1] = ((sword64) (b[ 7]) << 0) - | ((sword64) (b[ 8]) << 8) - | ((sword64) (b[ 9]) << 16) - | ((sword64) (b[10]) << 24) - | ((sword64) (b[11]) << 32) - | ((sword64) (b[12]) << 40) - | ((sword64) (b[13]) << 48); - t[ 2] = ((sword64) (b[14]) << 0) - | ((sword64) (b[15]) << 8) - | ((sword64) (b[16]) << 16) - | ((sword64) (b[17]) << 24) - | ((sword64) (b[18]) << 32) - | ((sword64) (b[19]) << 40) - | ((sword64) (b[20]) << 48); - t[ 3] = ((sword64) (b[21]) << 0) - | ((sword64) (b[22]) << 8) - | ((sword64) (b[23]) << 16) - | ((sword64) (b[24]) << 24) - | ((sword64) (b[25]) << 32) - | ((sword64) (b[26]) << 40) - | ((sword64) (b[27]) << 48); - t[ 4] = ((sword64) (b[28]) << 0) - | ((sword64) (b[29]) << 8) - | ((sword64) (b[30]) << 16) - | ((sword64) (b[31]) << 24) - | ((sword64) (b[32]) << 32) - | ((sword64) (b[33]) << 40) - | ((sword64) (b[34]) << 48); - t[ 5] = ((sword64) (b[35]) << 0) - | ((sword64) (b[36]) << 8) - | ((sword64) (b[37]) << 16) - | ((sword64) (b[38]) << 24) - | ((sword64) (b[39]) << 32) - | ((sword64) (b[40]) << 40) - | ((sword64) (b[41]) << 48); - t[ 6] = ((sword64) (b[42]) << 0) - | ((sword64) (b[43]) << 8) - | ((sword64) (b[44]) << 16) - | ((sword64) (b[45]) << 24) - | ((sword64) (b[46]) << 32) - | ((sword64) (b[47]) << 40) - | ((sword64) (b[48]) << 48); - t[ 7] = ((sword64) (b[49]) << 0) - | ((sword64) (b[50]) << 8) - | ((sword64) (b[51]) << 16) - | ((sword64) (b[52]) << 24) - | ((sword64) (b[53]) << 32) - | ((sword64) (b[54]) << 40) - | ((sword64) (b[55]) << 48); - t[ 8] = ((sword64) (b[56]) << 0) - | ((sword64) (b[57]) << 8) - | ((sword64) (b[58]) << 16) - | ((sword64) (b[59]) << 24) - | ((sword64) (b[60]) << 32) - | ((sword64) (b[61]) << 40) - | ((sword64) (b[62]) << 48); - t[ 9] = ((sword64) (b[63]) << 0) - | ((sword64) (b[64]) << 8) - | ((sword64) (b[65]) << 16) - | ((sword64) (b[66]) << 24) - | ((sword64) (b[67]) << 32) - | ((sword64) (b[68]) << 40) - | ((sword64) (b[69]) << 48); - t[10] = ((sword64) (b[70]) << 0) - | ((sword64) (b[71]) << 8) - | ((sword64) (b[72]) << 16) - | ((sword64) (b[73]) << 24) - | ((sword64) (b[74]) << 32) - | ((sword64) (b[75]) << 40) - | ((sword64) (b[76]) << 48); - t[11] = ((sword64) (b[77]) << 0) - | ((sword64) (b[78]) << 8) - | ((sword64) (b[79]) << 16) - | ((sword64) (b[80]) << 24) - | ((sword64) (b[81]) << 32) - | ((sword64) (b[82]) << 40) - | ((sword64) (b[83]) << 48); - t[12] = ((sword64) (b[84]) << 0) - | ((sword64) (b[85]) << 8) - | ((sword64) (b[86]) << 16) - | ((sword64) (b[87]) << 24) - | ((sword64) (b[88]) << 32) - | ((sword64) (b[89]) << 40) - | ((sword64) (b[90]) << 48); - t[13] = ((sword64) (b[91]) << 0) - | ((sword64) (b[92]) << 8) - | ((sword64) (b[93]) << 16) - | ((sword64) (b[94]) << 24) - | ((sword64) (b[95]) << 32) - | ((sword64) (b[96]) << 40) - | ((sword64) (b[97]) << 48); - t[14] = ((sword64) (b[98]) << 0) - | ((sword64) (b[99]) << 8) - | ((sword64) (b[100]) << 16) - | ((sword64) (b[101]) << 24) - | ((sword64) (b[102]) << 32) - | ((sword64) (b[103]) << 40) - | ((sword64) (b[104]) << 48); - t[15] = ((sword64) (b[105]) << 0) - | ((sword64) (b[106]) << 8) - | ((sword64) (b[107]) << 16) - | ((sword64) (b[108]) << 24) - | ((sword64) (b[109]) << 32) - | ((sword64) (b[110]) << 40) - | ((sword64) (b[111]) << 48); - t[16] = ((sword64) (b[112]) << 0) - | ((sword64) (b[113]) << 8); + t[ 0] = (word64)((sword64) (b[ 0]) << 0) + | (word64)((sword64) (b[ 1]) << 8) + | (word64)((sword64) (b[ 2]) << 16) + | (word64)((sword64) (b[ 3]) << 24) + | (word64)((sword64) (b[ 4]) << 32) + | (word64)((sword64) (b[ 5]) << 40) + | (word64)((sword64) (b[ 6]) << 48); + t[ 1] = (word64)((sword64) (b[ 7]) << 0) + | (word64)((sword64) (b[ 8]) << 8) + | (word64)((sword64) (b[ 9]) << 16) + | (word64)((sword64) (b[10]) << 24) + | (word64)((sword64) (b[11]) << 32) + | (word64)((sword64) (b[12]) << 40) + | (word64)((sword64) (b[13]) << 48); + t[ 2] = (word64)((sword64) (b[14]) << 0) + | (word64)((sword64) (b[15]) << 8) + | (word64)((sword64) (b[16]) << 16) + | (word64)((sword64) (b[17]) << 24) + | (word64)((sword64) (b[18]) << 32) + | (word64)((sword64) (b[19]) << 40) + | (word64)((sword64) (b[20]) << 48); + t[ 3] = (word64)((sword64) (b[21]) << 0) + | (word64)((sword64) (b[22]) << 8) + | (word64)((sword64) (b[23]) << 16) + | (word64)((sword64) (b[24]) << 24) + | (word64)((sword64) (b[25]) << 32) + | (word64)((sword64) (b[26]) << 40) + | (word64)((sword64) (b[27]) << 48); + t[ 4] = (word64)((sword64) (b[28]) << 0) + | (word64)((sword64) (b[29]) << 8) + | (word64)((sword64) (b[30]) << 16) + | (word64)((sword64) (b[31]) << 24) + | (word64)((sword64) (b[32]) << 32) + | (word64)((sword64) (b[33]) << 40) + | (word64)((sword64) (b[34]) << 48); + t[ 5] = (word64)((sword64) (b[35]) << 0) + | (word64)((sword64) (b[36]) << 8) + | (word64)((sword64) (b[37]) << 16) + | (word64)((sword64) (b[38]) << 24) + | (word64)((sword64) (b[39]) << 32) + | (word64)((sword64) (b[40]) << 40) + | (word64)((sword64) (b[41]) << 48); + t[ 6] = (word64)((sword64) (b[42]) << 0) + | (word64)((sword64) (b[43]) << 8) + | (word64)((sword64) (b[44]) << 16) + | (word64)((sword64) (b[45]) << 24) + | (word64)((sword64) (b[46]) << 32) + | (word64)((sword64) (b[47]) << 40) + | (word64)((sword64) (b[48]) << 48); + t[ 7] = (word64)((sword64) (b[49]) << 0) + | (word64)((sword64) (b[50]) << 8) + | (word64)((sword64) (b[51]) << 16) + | (word64)((sword64) (b[52]) << 24) + | (word64)((sword64) (b[53]) << 32) + | (word64)((sword64) (b[54]) << 40) + | (word64)((sword64) (b[55]) << 48); + t[ 8] = (word64)((sword64) (b[56]) << 0) + | (word64)((sword64) (b[57]) << 8) + | (word64)((sword64) (b[58]) << 16) + | (word64)((sword64) (b[59]) << 24) + | (word64)((sword64) (b[60]) << 32) + | (word64)((sword64) (b[61]) << 40) + | (word64)((sword64) (b[62]) << 48); + t[ 9] = (word64)((sword64) (b[63]) << 0) + | (word64)((sword64) (b[64]) << 8) + | (word64)((sword64) (b[65]) << 16) + | (word64)((sword64) (b[66]) << 24) + | (word64)((sword64) (b[67]) << 32) + | (word64)((sword64) (b[68]) << 40) + | (word64)((sword64) (b[69]) << 48); + t[10] = (word64)((sword64) (b[70]) << 0) + | (word64)((sword64) (b[71]) << 8) + | (word64)((sword64) (b[72]) << 16) + | (word64)((sword64) (b[73]) << 24) + | (word64)((sword64) (b[74]) << 32) + | (word64)((sword64) (b[75]) << 40) + | (word64)((sword64) (b[76]) << 48); + t[11] = (word64)((sword64) (b[77]) << 0) + | (word64)((sword64) (b[78]) << 8) + | (word64)((sword64) (b[79]) << 16) + | (word64)((sword64) (b[80]) << 24) + | (word64)((sword64) (b[81]) << 32) + | (word64)((sword64) (b[82]) << 40) + | (word64)((sword64) (b[83]) << 48); + t[12] = (word64)((sword64) (b[84]) << 0) + | (word64)((sword64) (b[85]) << 8) + | (word64)((sword64) (b[86]) << 16) + | (word64)((sword64) (b[87]) << 24) + | (word64)((sword64) (b[88]) << 32) + | (word64)((sword64) (b[89]) << 40) + | (word64)((sword64) (b[90]) << 48); + t[13] = (word64)((sword64) (b[91]) << 0) + | (word64)((sword64) (b[92]) << 8) + | (word64)((sword64) (b[93]) << 16) + | (word64)((sword64) (b[94]) << 24) + | (word64)((sword64) (b[95]) << 32) + | (word64)((sword64) (b[96]) << 40) + | (word64)((sword64) (b[97]) << 48); + t[14] = (word64)((sword64) (b[98]) << 0) + | (word64)((sword64) (b[99]) << 8) + | (word64)((sword64) (b[100]) << 16) + | (word64)((sword64) (b[101]) << 24) + | (word64)((sword64) (b[102]) << 32) + | (word64)((sword64) (b[103]) << 40) + | (word64)((sword64) (b[104]) << 48); + t[15] = (word64)((sword64) (b[105]) << 0) + | (word64)((sword64) (b[106]) << 8) + | (word64)((sword64) (b[107]) << 16) + | (word64)((sword64) (b[108]) << 24) + | (word64)((sword64) (b[109]) << 32) + | (word64)((sword64) (b[110]) << 40) + | (word64)((sword64) (b[111]) << 48); + t[16] = (word64)((sword64) (b[112]) << 0) + | (word64)((sword64) (b[113]) << 8); /* Mod curve order */ /* 2^446 - 0x8335dc163bb124b65129c96fde933d8d723a70aadc873d6d54a7bb0d */ @@ -747,241 +747,241 @@ void sc448_muladd(byte* r, const byte* a, const byte* b, const byte* d) sword64 u; /* Load from bytes */ - ad[ 0] = ((sword64) (a[ 0]) << 0) - | ((sword64) (a[ 1]) << 8) - | ((sword64) (a[ 2]) << 16) - | ((sword64) (a[ 3]) << 24) - | ((sword64) (a[ 4]) << 32) - | ((sword64) (a[ 5]) << 40) - | ((sword64) (a[ 6]) << 48); - ad[ 1] = ((sword64) (a[ 7]) << 0) - | ((sword64) (a[ 8]) << 8) - | ((sword64) (a[ 9]) << 16) - | ((sword64) (a[10]) << 24) - | ((sword64) (a[11]) << 32) - | ((sword64) (a[12]) << 40) - | ((sword64) (a[13]) << 48); - ad[ 2] = ((sword64) (a[14]) << 0) - | ((sword64) (a[15]) << 8) - | ((sword64) (a[16]) << 16) - | ((sword64) (a[17]) << 24) - | ((sword64) (a[18]) << 32) - | ((sword64) (a[19]) << 40) - | ((sword64) (a[20]) << 48); - ad[ 3] = ((sword64) (a[21]) << 0) - | ((sword64) (a[22]) << 8) - | ((sword64) (a[23]) << 16) - | ((sword64) (a[24]) << 24) - | ((sword64) (a[25]) << 32) - | ((sword64) (a[26]) << 40) - | ((sword64) (a[27]) << 48); - ad[ 4] = ((sword64) (a[28]) << 0) - | ((sword64) (a[29]) << 8) - | ((sword64) (a[30]) << 16) - | ((sword64) (a[31]) << 24) - | ((sword64) (a[32]) << 32) - | ((sword64) (a[33]) << 40) - | ((sword64) (a[34]) << 48); - ad[ 5] = ((sword64) (a[35]) << 0) - | ((sword64) (a[36]) << 8) - | ((sword64) (a[37]) << 16) - | ((sword64) (a[38]) << 24) - | ((sword64) (a[39]) << 32) - | ((sword64) (a[40]) << 40) - | ((sword64) (a[41]) << 48); - ad[ 6] = ((sword64) (a[42]) << 0) - | ((sword64) (a[43]) << 8) - | ((sword64) (a[44]) << 16) - | ((sword64) (a[45]) << 24) - | ((sword64) (a[46]) << 32) - | ((sword64) (a[47]) << 40) - | ((sword64) (a[48]) << 48); - ad[ 7] = ((sword64) (a[49]) << 0) - | ((sword64) (a[50]) << 8) - | ((sword64) (a[51]) << 16) - | ((sword64) (a[52]) << 24) - | ((sword64) (a[53]) << 32) - | ((sword64) (a[54]) << 40) - | ((sword64) (a[55]) << 48); + ad[ 0] = (word64)((sword64) (a[ 0]) << 0) + | (word64)((sword64) (a[ 1]) << 8) + | (word64)((sword64) (a[ 2]) << 16) + | (word64)((sword64) (a[ 3]) << 24) + | (word64)((sword64) (a[ 4]) << 32) + | (word64)((sword64) (a[ 5]) << 40) + | (word64)((sword64) (a[ 6]) << 48); + ad[ 1] = (word64)((sword64) (a[ 7]) << 0) + | (word64)((sword64) (a[ 8]) << 8) + | (word64)((sword64) (a[ 9]) << 16) + | (word64)((sword64) (a[10]) << 24) + | (word64)((sword64) (a[11]) << 32) + | (word64)((sword64) (a[12]) << 40) + | (word64)((sword64) (a[13]) << 48); + ad[ 2] = (word64)((sword64) (a[14]) << 0) + | (word64)((sword64) (a[15]) << 8) + | (word64)((sword64) (a[16]) << 16) + | (word64)((sword64) (a[17]) << 24) + | (word64)((sword64) (a[18]) << 32) + | (word64)((sword64) (a[19]) << 40) + | (word64)((sword64) (a[20]) << 48); + ad[ 3] = (word64)((sword64) (a[21]) << 0) + | (word64)((sword64) (a[22]) << 8) + | (word64)((sword64) (a[23]) << 16) + | (word64)((sword64) (a[24]) << 24) + | (word64)((sword64) (a[25]) << 32) + | (word64)((sword64) (a[26]) << 40) + | (word64)((sword64) (a[27]) << 48); + ad[ 4] = (word64)((sword64) (a[28]) << 0) + | (word64)((sword64) (a[29]) << 8) + | (word64)((sword64) (a[30]) << 16) + | (word64)((sword64) (a[31]) << 24) + | (word64)((sword64) (a[32]) << 32) + | (word64)((sword64) (a[33]) << 40) + | (word64)((sword64) (a[34]) << 48); + ad[ 5] = (word64)((sword64) (a[35]) << 0) + | (word64)((sword64) (a[36]) << 8) + | (word64)((sword64) (a[37]) << 16) + | (word64)((sword64) (a[38]) << 24) + | (word64)((sword64) (a[39]) << 32) + | (word64)((sword64) (a[40]) << 40) + | (word64)((sword64) (a[41]) << 48); + ad[ 6] = (word64)((sword64) (a[42]) << 0) + | (word64)((sword64) (a[43]) << 8) + | (word64)((sword64) (a[44]) << 16) + | (word64)((sword64) (a[45]) << 24) + | (word64)((sword64) (a[46]) << 32) + | (word64)((sword64) (a[47]) << 40) + | (word64)((sword64) (a[48]) << 48); + ad[ 7] = (word64)((sword64) (a[49]) << 0) + | (word64)((sword64) (a[50]) << 8) + | (word64)((sword64) (a[51]) << 16) + | (word64)((sword64) (a[52]) << 24) + | (word64)((sword64) (a[53]) << 32) + | (word64)((sword64) (a[54]) << 40) + | (word64)((sword64) (a[55]) << 48); /* Load from bytes */ - bd[ 0] = ((sword64) (b[ 0]) << 0) - | ((sword64) (b[ 1]) << 8) - | ((sword64) (b[ 2]) << 16) - | ((sword64) (b[ 3]) << 24) - | ((sword64) (b[ 4]) << 32) - | ((sword64) (b[ 5]) << 40) - | ((sword64) (b[ 6]) << 48); - bd[ 1] = ((sword64) (b[ 7]) << 0) - | ((sword64) (b[ 8]) << 8) - | ((sword64) (b[ 9]) << 16) - | ((sword64) (b[10]) << 24) - | ((sword64) (b[11]) << 32) - | ((sword64) (b[12]) << 40) - | ((sword64) (b[13]) << 48); - bd[ 2] = ((sword64) (b[14]) << 0) - | ((sword64) (b[15]) << 8) - | ((sword64) (b[16]) << 16) - | ((sword64) (b[17]) << 24) - | ((sword64) (b[18]) << 32) - | ((sword64) (b[19]) << 40) - | ((sword64) (b[20]) << 48); - bd[ 3] = ((sword64) (b[21]) << 0) - | ((sword64) (b[22]) << 8) - | ((sword64) (b[23]) << 16) - | ((sword64) (b[24]) << 24) - | ((sword64) (b[25]) << 32) - | ((sword64) (b[26]) << 40) - | ((sword64) (b[27]) << 48); - bd[ 4] = ((sword64) (b[28]) << 0) - | ((sword64) (b[29]) << 8) - | ((sword64) (b[30]) << 16) - | ((sword64) (b[31]) << 24) - | ((sword64) (b[32]) << 32) - | ((sword64) (b[33]) << 40) - | ((sword64) (b[34]) << 48); - bd[ 5] = ((sword64) (b[35]) << 0) - | ((sword64) (b[36]) << 8) - | ((sword64) (b[37]) << 16) - | ((sword64) (b[38]) << 24) - | ((sword64) (b[39]) << 32) - | ((sword64) (b[40]) << 40) - | ((sword64) (b[41]) << 48); - bd[ 6] = ((sword64) (b[42]) << 0) - | ((sword64) (b[43]) << 8) - | ((sword64) (b[44]) << 16) - | ((sword64) (b[45]) << 24) - | ((sword64) (b[46]) << 32) - | ((sword64) (b[47]) << 40) - | ((sword64) (b[48]) << 48); - bd[ 7] = ((sword64) (b[49]) << 0) - | ((sword64) (b[50]) << 8) - | ((sword64) (b[51]) << 16) - | ((sword64) (b[52]) << 24) - | ((sword64) (b[53]) << 32) - | ((sword64) (b[54]) << 40) - | ((sword64) (b[55]) << 48); + bd[ 0] = (word64)((sword64) (b[ 0]) << 0) + | (word64)((sword64) (b[ 1]) << 8) + | (word64)((sword64) (b[ 2]) << 16) + | (word64)((sword64) (b[ 3]) << 24) + | (word64)((sword64) (b[ 4]) << 32) + | (word64)((sword64) (b[ 5]) << 40) + | (word64)((sword64) (b[ 6]) << 48); + bd[ 1] = (word64)((sword64) (b[ 7]) << 0) + | (word64)((sword64) (b[ 8]) << 8) + | (word64)((sword64) (b[ 9]) << 16) + | (word64)((sword64) (b[10]) << 24) + | (word64)((sword64) (b[11]) << 32) + | (word64)((sword64) (b[12]) << 40) + | (word64)((sword64) (b[13]) << 48); + bd[ 2] = (word64)((sword64) (b[14]) << 0) + | (word64)((sword64) (b[15]) << 8) + | (word64)((sword64) (b[16]) << 16) + | (word64)((sword64) (b[17]) << 24) + | (word64)((sword64) (b[18]) << 32) + | (word64)((sword64) (b[19]) << 40) + | (word64)((sword64) (b[20]) << 48); + bd[ 3] = (word64)((sword64) (b[21]) << 0) + | (word64)((sword64) (b[22]) << 8) + | (word64)((sword64) (b[23]) << 16) + | (word64)((sword64) (b[24]) << 24) + | (word64)((sword64) (b[25]) << 32) + | (word64)((sword64) (b[26]) << 40) + | (word64)((sword64) (b[27]) << 48); + bd[ 4] = (word64)((sword64) (b[28]) << 0) + | (word64)((sword64) (b[29]) << 8) + | (word64)((sword64) (b[30]) << 16) + | (word64)((sword64) (b[31]) << 24) + | (word64)((sword64) (b[32]) << 32) + | (word64)((sword64) (b[33]) << 40) + | (word64)((sword64) (b[34]) << 48); + bd[ 5] = (word64)((sword64) (b[35]) << 0) + | (word64)((sword64) (b[36]) << 8) + | (word64)((sword64) (b[37]) << 16) + | (word64)((sword64) (b[38]) << 24) + | (word64)((sword64) (b[39]) << 32) + | (word64)((sword64) (b[40]) << 40) + | (word64)((sword64) (b[41]) << 48); + bd[ 6] = (word64)((sword64) (b[42]) << 0) + | (word64)((sword64) (b[43]) << 8) + | (word64)((sword64) (b[44]) << 16) + | (word64)((sword64) (b[45]) << 24) + | (word64)((sword64) (b[46]) << 32) + | (word64)((sword64) (b[47]) << 40) + | (word64)((sword64) (b[48]) << 48); + bd[ 7] = (word64)((sword64) (b[49]) << 0) + | (word64)((sword64) (b[50]) << 8) + | (word64)((sword64) (b[51]) << 16) + | (word64)((sword64) (b[52]) << 24) + | (word64)((sword64) (b[53]) << 32) + | (word64)((sword64) (b[54]) << 40) + | (word64)((sword64) (b[55]) << 48); /* Load from bytes */ - dd[ 0] = ((sword64) (d[ 0]) << 0) - | ((sword64) (d[ 1]) << 8) - | ((sword64) (d[ 2]) << 16) - | ((sword64) (d[ 3]) << 24) - | ((sword64) (d[ 4]) << 32) - | ((sword64) (d[ 5]) << 40) - | ((sword64) (d[ 6]) << 48); - dd[ 1] = ((sword64) (d[ 7]) << 0) - | ((sword64) (d[ 8]) << 8) - | ((sword64) (d[ 9]) << 16) - | ((sword64) (d[10]) << 24) - | ((sword64) (d[11]) << 32) - | ((sword64) (d[12]) << 40) - | ((sword64) (d[13]) << 48); - dd[ 2] = ((sword64) (d[14]) << 0) - | ((sword64) (d[15]) << 8) - | ((sword64) (d[16]) << 16) - | ((sword64) (d[17]) << 24) - | ((sword64) (d[18]) << 32) - | ((sword64) (d[19]) << 40) - | ((sword64) (d[20]) << 48); - dd[ 3] = ((sword64) (d[21]) << 0) - | ((sword64) (d[22]) << 8) - | ((sword64) (d[23]) << 16) - | ((sword64) (d[24]) << 24) - | ((sword64) (d[25]) << 32) - | ((sword64) (d[26]) << 40) - | ((sword64) (d[27]) << 48); - dd[ 4] = ((sword64) (d[28]) << 0) - | ((sword64) (d[29]) << 8) - | ((sword64) (d[30]) << 16) - | ((sword64) (d[31]) << 24) - | ((sword64) (d[32]) << 32) - | ((sword64) (d[33]) << 40) - | ((sword64) (d[34]) << 48); - dd[ 5] = ((sword64) (d[35]) << 0) - | ((sword64) (d[36]) << 8) - | ((sword64) (d[37]) << 16) - | ((sword64) (d[38]) << 24) - | ((sword64) (d[39]) << 32) - | ((sword64) (d[40]) << 40) - | ((sword64) (d[41]) << 48); - dd[ 6] = ((sword64) (d[42]) << 0) - | ((sword64) (d[43]) << 8) - | ((sword64) (d[44]) << 16) - | ((sword64) (d[45]) << 24) - | ((sword64) (d[46]) << 32) - | ((sword64) (d[47]) << 40) - | ((sword64) (d[48]) << 48); - dd[ 7] = ((sword64) (d[49]) << 0) - | ((sword64) (d[50]) << 8) - | ((sword64) (d[51]) << 16) - | ((sword64) (d[52]) << 24) - | ((sword64) (d[53]) << 32) - | ((sword64) (d[54]) << 40) - | ((sword64) (d[55]) << 48); + dd[ 0] = (word64)((sword64) (d[ 0]) << 0) + | (word64)((sword64) (d[ 1]) << 8) + | (word64)((sword64) (d[ 2]) << 16) + | (word64)((sword64) (d[ 3]) << 24) + | (word64)((sword64) (d[ 4]) << 32) + | (word64)((sword64) (d[ 5]) << 40) + | (word64)((sword64) (d[ 6]) << 48); + dd[ 1] = (word64)((sword64) (d[ 7]) << 0) + | (word64)((sword64) (d[ 8]) << 8) + | (word64)((sword64) (d[ 9]) << 16) + | (word64)((sword64) (d[10]) << 24) + | (word64)((sword64) (d[11]) << 32) + | (word64)((sword64) (d[12]) << 40) + | (word64)((sword64) (d[13]) << 48); + dd[ 2] = (word64)((sword64) (d[14]) << 0) + | (word64)((sword64) (d[15]) << 8) + | (word64)((sword64) (d[16]) << 16) + | (word64)((sword64) (d[17]) << 24) + | (word64)((sword64) (d[18]) << 32) + | (word64)((sword64) (d[19]) << 40) + | (word64)((sword64) (d[20]) << 48); + dd[ 3] = (word64)((sword64) (d[21]) << 0) + | (word64)((sword64) (d[22]) << 8) + | (word64)((sword64) (d[23]) << 16) + | (word64)((sword64) (d[24]) << 24) + | (word64)((sword64) (d[25]) << 32) + | (word64)((sword64) (d[26]) << 40) + | (word64)((sword64) (d[27]) << 48); + dd[ 4] = (word64)((sword64) (d[28]) << 0) + | (word64)((sword64) (d[29]) << 8) + | (word64)((sword64) (d[30]) << 16) + | (word64)((sword64) (d[31]) << 24) + | (word64)((sword64) (d[32]) << 32) + | (word64)((sword64) (d[33]) << 40) + | (word64)((sword64) (d[34]) << 48); + dd[ 5] = (word64)((sword64) (d[35]) << 0) + | (word64)((sword64) (d[36]) << 8) + | (word64)((sword64) (d[37]) << 16) + | (word64)((sword64) (d[38]) << 24) + | (word64)((sword64) (d[39]) << 32) + | (word64)((sword64) (d[40]) << 40) + | (word64)((sword64) (d[41]) << 48); + dd[ 6] = (word64)((sword64) (d[42]) << 0) + | (word64)((sword64) (d[43]) << 8) + | (word64)((sword64) (d[44]) << 16) + | (word64)((sword64) (d[45]) << 24) + | (word64)((sword64) (d[46]) << 32) + | (word64)((sword64) (d[47]) << 40) + | (word64)((sword64) (d[48]) << 48); + dd[ 7] = (word64)((sword64) (d[49]) << 0) + | (word64)((sword64) (d[50]) << 8) + | (word64)((sword64) (d[51]) << 16) + | (word64)((sword64) (d[52]) << 24) + | (word64)((sword64) (d[53]) << 32) + | (word64)((sword64) (d[54]) << 40) + | (word64)((sword64) (d[55]) << 48); /* a * b + d */ - t[ 0] = (word128)dd[ 0] + (sword128)ad[ 0] * bd[ 0]; - t[ 1] = (word128)dd[ 1] + (sword128)ad[ 0] * bd[ 1] - + (sword128)ad[ 1] * bd[ 0]; - t[ 2] = (word128)dd[ 2] + (sword128)ad[ 0] * bd[ 2] - + (sword128)ad[ 1] * bd[ 1] - + (sword128)ad[ 2] * bd[ 0]; - t[ 3] = (word128)dd[ 3] + (sword128)ad[ 0] * bd[ 3] - + (sword128)ad[ 1] * bd[ 2] - + (sword128)ad[ 2] * bd[ 1] - + (sword128)ad[ 3] * bd[ 0]; - t[ 4] = (word128)dd[ 4] + (sword128)ad[ 0] * bd[ 4] + t[ 0] = (word128)dd[ 0] + (word128)((sword128)ad[ 0] * bd[ 0]); + t[ 1] = (word128)dd[ 1] + (word128)((sword128)ad[ 0] * bd[ 1] + + (sword128)ad[ 1] * bd[ 0]); + t[ 2] = (word128)dd[ 2] + (word128)((sword128)ad[ 0] * bd[ 2] + + (sword128)ad[ 1] * bd[ 1] + + (sword128)ad[ 2] * bd[ 0]); + t[ 3] = (word128)dd[ 3] + (word128)((sword128)ad[ 0] * bd[ 3] + + (sword128)ad[ 1] * bd[ 2] + + (sword128)ad[ 2] * bd[ 1] + + (sword128)ad[ 3] * bd[ 0]); + t[ 4] = (word128)dd[ 4] + (word128)((sword128)ad[ 0] * bd[ 4] + (sword128)ad[ 1] * bd[ 3] + (sword128)ad[ 2] * bd[ 2] + (sword128)ad[ 3] * bd[ 1] - + (sword128)ad[ 4] * bd[ 0]; - t[ 5] = (word128)dd[ 5] + (sword128)ad[ 0] * bd[ 5] + + (sword128)ad[ 4] * bd[ 0]); + t[ 5] = (word128)dd[ 5] + (word128)((sword128)ad[ 0] * bd[ 5] + (sword128)ad[ 1] * bd[ 4] + (sword128)ad[ 2] * bd[ 3] + (sword128)ad[ 3] * bd[ 2] + (sword128)ad[ 4] * bd[ 1] - + (sword128)ad[ 5] * bd[ 0]; - t[ 6] = (word128)dd[ 6] + (sword128)ad[ 0] * bd[ 6] + + (sword128)ad[ 5] * bd[ 0]); + t[ 6] = (word128)dd[ 6] + (word128)((sword128)ad[ 0] * bd[ 6] + (sword128)ad[ 1] * bd[ 5] + (sword128)ad[ 2] * bd[ 4] + (sword128)ad[ 3] * bd[ 3] + (sword128)ad[ 4] * bd[ 2] + (sword128)ad[ 5] * bd[ 1] - + (sword128)ad[ 6] * bd[ 0]; - t[ 7] = (word128)dd[ 7] + (sword128)ad[ 0] * bd[ 7] + + (sword128)ad[ 6] * bd[ 0]); + t[ 7] = (word128)dd[ 7] + (word128)((sword128)ad[ 0] * bd[ 7] + (sword128)ad[ 1] * bd[ 6] + (sword128)ad[ 2] * bd[ 5] + (sword128)ad[ 3] * bd[ 4] + (sword128)ad[ 4] * bd[ 3] + (sword128)ad[ 5] * bd[ 2] + (sword128)ad[ 6] * bd[ 1] - + (sword128)ad[ 7] * bd[ 0]; - t[ 8] = (word128) (sword128)ad[ 1] * bd[ 7] + + (sword128)ad[ 7] * bd[ 0]); + t[ 8] = (word128) ((sword128)ad[ 1] * bd[ 7] + (sword128)ad[ 2] * bd[ 6] + (sword128)ad[ 3] * bd[ 5] + (sword128)ad[ 4] * bd[ 4] + (sword128)ad[ 5] * bd[ 3] + (sword128)ad[ 6] * bd[ 2] - + (sword128)ad[ 7] * bd[ 1]; - t[ 9] = (word128) (sword128)ad[ 2] * bd[ 7] + + (sword128)ad[ 7] * bd[ 1]); + t[ 9] = (word128) ((sword128)ad[ 2] * bd[ 7] + (sword128)ad[ 3] * bd[ 6] + (sword128)ad[ 4] * bd[ 5] + (sword128)ad[ 5] * bd[ 4] + (sword128)ad[ 6] * bd[ 3] - + (sword128)ad[ 7] * bd[ 2]; - t[10] = (word128) (sword128)ad[ 3] * bd[ 7] + + (sword128)ad[ 7] * bd[ 2]); + t[10] = (word128) ((sword128)ad[ 3] * bd[ 7] + (sword128)ad[ 4] * bd[ 6] + (sword128)ad[ 5] * bd[ 5] + (sword128)ad[ 6] * bd[ 4] - + (sword128)ad[ 7] * bd[ 3]; - t[11] = (word128) (sword128)ad[ 4] * bd[ 7] + + (sword128)ad[ 7] * bd[ 3]); + t[11] = (word128) ((sword128)ad[ 4] * bd[ 7] + (sword128)ad[ 5] * bd[ 6] + (sword128)ad[ 6] * bd[ 5] - + (sword128)ad[ 7] * bd[ 4]; - t[12] = (word128) (sword128)ad[ 5] * bd[ 7] + + (sword128)ad[ 7] * bd[ 4]); + t[12] = (word128) ((sword128)ad[ 5] * bd[ 7] + (sword128)ad[ 6] * bd[ 6] - + (sword128)ad[ 7] * bd[ 5]; - t[13] = (word128) (sword128)ad[ 6] * bd[ 7] - + (sword128)ad[ 7] * bd[ 6]; + + (sword128)ad[ 7] * bd[ 5]); + t[13] = (word128) ((sword128)ad[ 6] * bd[ 7] + + (sword128)ad[ 7] * bd[ 6]); t[14] = (word128) (sword128)ad[ 7] * bd[ 7]; t[15] = 0; @@ -1070,31 +1070,39 @@ void sc448_muladd(byte* r, const byte* a, const byte* b, const byte* d) o = rd[ 6] >> 56; rd[ 7] += o; rd[ 6] = rd[ 6] & 0xffffffffffffff; /* Reduce to mod order. */ u = 0; - u += rd[0] - (sword64)0x078c292ab5844f3L; u >>= 56; - u += rd[1] - (sword64)0x0c2728dc58f5523L; u >>= 56; - u += rd[2] - (sword64)0x049aed63690216cL; u >>= 56; - u += rd[3] - (sword64)0x07cca23e9c44edbL; u >>= 56; - u += rd[4] - (sword64)0x0ffffffffffffffL; u >>= 56; - u += rd[5] - (sword64)0x0ffffffffffffffL; u >>= 56; - u += rd[6] - (sword64)0x0ffffffffffffffL; u >>= 56; - u += rd[7] - (sword64)0x03fffffffffffffL; u >>= 56; + u += (sword64)rd[0] - (sword64)0x078c292ab5844f3L; u >>= 56; + u += (sword64)rd[1] - (sword64)0x0c2728dc58f5523L; u >>= 56; + u += (sword64)rd[2] - (sword64)0x049aed63690216cL; u >>= 56; + u += (sword64)rd[3] - (sword64)0x07cca23e9c44edbL; u >>= 56; + u += (sword64)rd[4] - (sword64)0x0ffffffffffffffL; u >>= 56; + u += (sword64)rd[5] - (sword64)0x0ffffffffffffffL; u >>= 56; + u += (sword64)rd[6] - (sword64)0x0ffffffffffffffL; u >>= 56; + u += (sword64)rd[7] - (sword64)0x03fffffffffffffL; u >>= 56; o = (word64)0 - (u >= 0); u = 0; - u += rd[0] - ((word64)0x078c292ab5844f3L & o); rd[0] = u & 0xffffffffffffff; + u += (sword64)rd[0] - (sword64)((word64)0x078c292ab5844f3L & o); + rd[0] = u & 0xffffffffffffff; u >>= 56; - u += rd[1] - ((word64)0x0c2728dc58f5523L & o); rd[1] = u & 0xffffffffffffff; + u += (sword64)rd[1] - (sword64)((word64)0x0c2728dc58f5523L & o); + rd[1] = u & 0xffffffffffffff; u >>= 56; - u += rd[2] - ((word64)0x049aed63690216cL & o); rd[2] = u & 0xffffffffffffff; + u += (sword64)rd[2] - (sword64)((word64)0x049aed63690216cL & o); + rd[2] = u & 0xffffffffffffff; u >>= 56; - u += rd[3] - ((word64)0x07cca23e9c44edbL & o); rd[3] = u & 0xffffffffffffff; + u += (sword64)rd[3] - (sword64)((word64)0x07cca23e9c44edbL & o); + rd[3] = u & 0xffffffffffffff; u >>= 56; - u += rd[4] - ((word64)0x0ffffffffffffffL & o); rd[4] = u & 0xffffffffffffff; + u += (sword64)rd[4] - (sword64)((word64)0x0ffffffffffffffL & o); + rd[4] = u & 0xffffffffffffff; u >>= 56; - u += rd[5] - ((word64)0x0ffffffffffffffL & o); rd[5] = u & 0xffffffffffffff; + u += (sword64)rd[5] - (sword64)((word64)0x0ffffffffffffffL & o); + rd[5] = u & 0xffffffffffffff; u >>= 56; - u += rd[6] - ((word64)0x0ffffffffffffffL & o); rd[6] = u & 0xffffffffffffff; + u += (sword64)rd[6] - (sword64)((word64)0x0ffffffffffffffL & o); + rd[6] = u & 0xffffffffffffff; u >>= 56; - u += rd[7] - ((word64)0x03fffffffffffffL & o); rd[7] = u & 0xffffffffffffff; + u += (sword64)rd[7] - (sword64)((word64)0x03fffffffffffffL & o); + rd[7] = u & 0xffffffffffffff; /* Convert to bytes */ r[ 0] = (byte)(rd[0 ] >> 0); @@ -6257,55 +6265,55 @@ void sc448_muladd(byte* r, const byte* a, const byte* b, const byte* d) o = rd[14] >> 28; rd[15] += o; rd[14] = rd[14] & 0xfffffff; /* Reduce to mod order. */ u = 0; - u += rd[0] - (sword32)0x0b5844f3L; u >>= 28; - u += rd[1] - (sword32)0x078c292aL; u >>= 28; - u += rd[2] - (sword32)0x058f5523L; u >>= 28; - u += rd[3] - (sword32)0x0c2728dcL; u >>= 28; - u += rd[4] - (sword32)0x0690216cL; u >>= 28; - u += rd[5] - (sword32)0x049aed63L; u >>= 28; - u += rd[6] - (sword32)0x09c44edbL; u >>= 28; - u += rd[7] - (sword32)0x07cca23eL; u >>= 28; - u += rd[8] - (sword32)0x0fffffffL; u >>= 28; - u += rd[9] - (sword32)0x0fffffffL; u >>= 28; - u += rd[10] - (sword32)0x0fffffffL; u >>= 28; - u += rd[11] - (sword32)0x0fffffffL; u >>= 28; - u += rd[12] - (sword32)0x0fffffffL; u >>= 28; - u += rd[13] - (sword32)0x0fffffffL; u >>= 28; - u += rd[14] - (sword32)0x0fffffffL; u >>= 28; - u += rd[15] - (sword32)0x03ffffffL; u >>= 28; + u += (sword32)(rd[0] - (sword32)0x0b5844f3L); u >>= 28; + u += (sword32)(rd[1] - (sword32)0x078c292aL); u >>= 28; + u += (sword32)(rd[2] - (sword32)0x058f5523L); u >>= 28; + u += (sword32)(rd[3] - (sword32)0x0c2728dcL); u >>= 28; + u += (sword32)(rd[4] - (sword32)0x0690216cL); u >>= 28; + u += (sword32)(rd[5] - (sword32)0x049aed63L); u >>= 28; + u += (sword32)(rd[6] - (sword32)0x09c44edbL); u >>= 28; + u += (sword32)(rd[7] - (sword32)0x07cca23eL); u >>= 28; + u += (sword32)(rd[8] - (sword32)0x0fffffffL); u >>= 28; + u += (sword32)(rd[9] - (sword32)0x0fffffffL); u >>= 28; + u += (sword32)(rd[10] - (sword32)0x0fffffffL); u >>= 28; + u += (sword32)(rd[11] - (sword32)0x0fffffffL); u >>= 28; + u += (sword32)(rd[12] - (sword32)0x0fffffffL); u >>= 28; + u += (sword32)(rd[13] - (sword32)0x0fffffffL); u >>= 28; + u += (sword32)(rd[14] - (sword32)0x0fffffffL); u >>= 28; + u += (sword32)(rd[15] - (sword32)0x03ffffffL); u >>= 28; o = (word32)0 - (u >= 0); u = 0; - u += rd[0] - ((word32)0x0b5844f3L & o); rd[0] = u & 0xfffffff; + u += (sword32)(rd[0] - ((word32)0x0b5844f3L & o)); rd[0] = u & 0xfffffff; u >>= 28; - u += rd[1] - ((word32)0x078c292aL & o); rd[1] = u & 0xfffffff; + u += (sword32)(rd[1] - ((word32)0x078c292aL & o)); rd[1] = u & 0xfffffff; u >>= 28; - u += rd[2] - ((word32)0x058f5523L & o); rd[2] = u & 0xfffffff; + u += (sword32)(rd[2] - ((word32)0x058f5523L & o)); rd[2] = u & 0xfffffff; u >>= 28; - u += rd[3] - ((word32)0x0c2728dcL & o); rd[3] = u & 0xfffffff; + u += (sword32)(rd[3] - ((word32)0x0c2728dcL & o)); rd[3] = u & 0xfffffff; u >>= 28; - u += rd[4] - ((word32)0x0690216cL & o); rd[4] = u & 0xfffffff; + u += (sword32)(rd[4] - ((word32)0x0690216cL & o)); rd[4] = u & 0xfffffff; u >>= 28; - u += rd[5] - ((word32)0x049aed63L & o); rd[5] = u & 0xfffffff; + u += (sword32)(rd[5] - ((word32)0x049aed63L & o)); rd[5] = u & 0xfffffff; u >>= 28; - u += rd[6] - ((word32)0x09c44edbL & o); rd[6] = u & 0xfffffff; + u += (sword32)(rd[6] - ((word32)0x09c44edbL & o)); rd[6] = u & 0xfffffff; u >>= 28; - u += rd[7] - ((word32)0x07cca23eL & o); rd[7] = u & 0xfffffff; + u += (sword32)(rd[7] - ((word32)0x07cca23eL & o)); rd[7] = u & 0xfffffff; u >>= 28; - u += rd[8] - ((word32)0x0fffffffL & o); rd[8] = u & 0xfffffff; + u += (sword32)(rd[8] - ((word32)0x0fffffffL & o)); rd[8] = u & 0xfffffff; u >>= 28; - u += rd[9] - ((word32)0x0fffffffL & o); rd[9] = u & 0xfffffff; + u += (sword32)(rd[9] - ((word32)0x0fffffffL & o)); rd[9] = u & 0xfffffff; u >>= 28; - u += rd[10] - ((word32)0x0fffffffL & o); rd[10] = u & 0xfffffff; + u += (sword32)(rd[10] - ((word32)0x0fffffffL & o)); rd[10] = u & 0xfffffff; u >>= 28; - u += rd[11] - ((word32)0x0fffffffL & o); rd[11] = u & 0xfffffff; + u += (sword32)(rd[11] - ((word32)0x0fffffffL & o)); rd[11] = u & 0xfffffff; u >>= 28; - u += rd[12] - ((word32)0x0fffffffL & o); rd[12] = u & 0xfffffff; + u += (sword32)(rd[12] - ((word32)0x0fffffffL & o)); rd[12] = u & 0xfffffff; u >>= 28; - u += rd[13] - ((word32)0x0fffffffL & o); rd[13] = u & 0xfffffff; + u += (sword32)(rd[13] - ((word32)0x0fffffffL & o)); rd[13] = u & 0xfffffff; u >>= 28; - u += rd[14] - ((word32)0x0fffffffL & o); rd[14] = u & 0xfffffff; + u += (sword32)(rd[14] - ((word32)0x0fffffffL & o)); rd[14] = u & 0xfffffff; u >>= 28; - u += rd[15] - ((word32)0x03ffffffL & o); rd[15] = u & 0xfffffff; + u += (sword32)(rd[15] - ((word32)0x03ffffffL & o)); rd[15] = u & 0xfffffff; /* Convert to bytes */ r[ 0] = (byte)(rd[0 ] >> 0); @@ -10561,7 +10569,7 @@ void ge448_to_bytes(byte *b, const ge448_p2 *p) fe448_mul(x, p->X, recip); fe448_mul(y, p->Y, recip); fe448_to_bytes(b, y); - b[56] = (byte)fe448_isnegative(x) << 7; + b[56] = (byte)((byte)fe448_isnegative(x) << 7); } /* Convert point to byte array assuming z is 1. @@ -10572,7 +10580,7 @@ void ge448_to_bytes(byte *b, const ge448_p2 *p) static void ge448_p2z1_to_bytes(byte *b, const ge448_p2 *p) { fe448_to_bytes(b, p->Y); - b[56] = (byte)fe448_isnegative(p->X) << 7; + b[56] = (byte)((byte)fe448_isnegative(p->X) << 7); } /* Compress the point to y-ordinate and negative bit. @@ -10694,15 +10702,15 @@ int ge448_scalarmult_base(ge448_p2* r, const byte* a) carry = 0; for (i = 0; i < 56; ++i) { - e[2 * i + 0] = ((a[i] >> 0) & 0xf) + carry; - carry = e[2 * i + 0] + 8; + e[2 * i + 0] = (byte)(((a[i] >> 0) & 0xf) + carry); + carry = (byte)(e[2 * i + 0] + 8); carry >>= 4; - e[2 * i + 0] -= (byte)(carry << 4); + e[2 * i + 0] = (byte)(e[2 * i + 0] - (byte)(carry << 4)); - e[2 * i + 1] = ((a[i] >> 4) & 0xf) + carry; - carry = e[2 * i + 1] + 8; - carry >>= 4; - e[2 * i + 1] -= (byte)(carry << 4); + e[2 * i + 1] = (byte)(((a[i] >> 4) & 0xf) + carry); + carry = (byte)(e[2 * i + 1] + 8); + carry = (byte)(carry >> 4); + e[2 * i + 1] = (byte)(e[2 * i + 1] - (carry << 4)); } e[112] = carry; /* each e[i] is between -8 and 8 */ @@ -10762,11 +10770,11 @@ static void slide(sword8 *r, const byte *a) } if (r[i] + (r[i + b] << b) <= 31) { - r[i] += (sword8)(r[i + b] << b); + r[i] = (sword8)(r[i] + (r[i + b] << b)); r[i + b] = 0; } else if (r[i] - (r[i + b] << b) >= -31) { - r[i] -= (sword8)(r[i + b] << b); + r[i] = (sword8)(r[i] - (r[i + b] << b)); for (k = i + b; k < 448; ++k) { if (!r[k]) { r[k] = 1; diff --git a/wolfcrypt/src/ge_operations.c b/wolfcrypt/src/ge_operations.c index bcf9d354b5..a565b61849 100644 --- a/wolfcrypt/src/ge_operations.c +++ b/wolfcrypt/src/ge_operations.c @@ -9125,12 +9125,12 @@ void ge_scalarmult_base(ge_p3 *h,const unsigned char *a) carry = 0; for (i = 0;i < 63;++i) { - e[i] += carry; - carry = e[i] + 8; - carry >>= 4; - e[i] -= (signed char)(carry << 4); + e[i] = (signed char)(e[i] + carry); + carry = (signed char)(e[i] + 8); + carry = (signed char)(carry >> 4); + e[i] = (signed char)(e[i] - (carry << 4)); } - e[63] += carry; + e[63] = (signed char)(e[63] + carry); /* each e[i] is between -8 and 8 */ #ifndef CURVED25519_ASM @@ -9190,9 +9190,10 @@ static void slide(signed char *r,const unsigned char *a) for (b = 1;b <= 6 && i + b < SLIDE_SIZE;++b) { if (r[i + b]) { if (r[i] + (r[i + b] << b) <= 15) { - r[i] += (signed char)(r[i + b] << b); r[i + b] = 0; + r[i] = (signed char)(r[i] + (r[i + b] << b)); + r[i + b] = 0; } else if (r[i] - (r[i + b] << b) >= -15) { - r[i] -= (signed char)(r[i + b] << b); + r[i] = (signed char)(r[i] - (r[i + b] << b)); for (k = i + b;k < SLIDE_SIZE;++k) { if (!r[k]) { r[k] = 1; diff --git a/wolfcrypt/src/kdf.c b/wolfcrypt/src/kdf.c index cec79076d7..c45c63563b 100644 --- a/wolfcrypt/src/kdf.c +++ b/wolfcrypt/src/kdf.c @@ -942,11 +942,11 @@ static void wc_srtp_kdf_first_block(const byte* salt, word32 saltSz, int kdrIdx, } else { /* XOR in as bit shifted index. */ - block[WC_SRTP_MAX_SALT - indexSz] ^= index[0] >> bits; + block[WC_SRTP_MAX_SALT - indexSz] ^= (byte)(index[0] >> bits); for (i = 1; i < indexSz; i++) { block[i + WC_SRTP_MAX_SALT - indexSz] ^= - (index[i-1] << (8 - bits)) | - (index[i+0] >> bits ); + (byte)((index[i-1] << (8 - bits)) | + (index[i+0] >> bits )); } } } diff --git a/wolfcrypt/src/misc.c b/wolfcrypt/src/misc.c index 55477dfd1b..c37e2dc258 100644 --- a/wolfcrypt/src/misc.c +++ b/wolfcrypt/src/misc.c @@ -118,14 +118,14 @@ masking and clearing memory logic. /* This routine performs a left circular arithmetic shift of by value */ WC_MISC_STATIC WC_INLINE word16 rotlFixed16(word16 x, word16 y) { - return (x << y) | (x >> (sizeof(x) * 8 - y)); + return (word16)((x << y) | (x >> (sizeof(x) * 8U - y))); } /* This routine performs a right circular arithmetic shift of by value */ WC_MISC_STATIC WC_INLINE word16 rotrFixed16(word16 x, word16 y) { - return (x >> y) | (x << (sizeof(x) * 8 - y)); + return (word16)((x >> y) | (x << (sizeof(x) * 8U - y))); } /* This routine performs a byte swap of 32-bit word value. */ @@ -196,7 +196,7 @@ WC_MISC_STATIC WC_INLINE void ByteReverseWords(word32* out, const word32* in, byteCount &= ~0x3U; - for (i = 0; i < byteCount; i += sizeof(word32)) { + for (i = 0; i < byteCount; i += (word32)sizeof(word32)) { XMEMCPY(&scratch, in_bytes + i, sizeof(scratch)); scratch = ByteReverseWord32(scratch); XMEMCPY(out_bytes + i, &scratch, sizeof(scratch)); @@ -619,11 +619,11 @@ WC_MISC_STATIC WC_INLINE signed char HexCharToByte(char ch) { signed char ret = (signed char)ch; if (ret >= '0' && ret <= '9') - ret -= '0'; + ret = (signed char)(ret - '0'); else if (ret >= 'A' && ret <= 'F') - ret -= 'A' - 10; + ret = (signed char)(ret - ('A' - 10)); else if (ret >= 'a' && ret <= 'f') - ret -= 'a' - 10; + ret = (signed char)(ret - ('a' - 10)); else ret = -1; /* error case - return code must be signed */ return ret; diff --git a/wolfcrypt/src/pkcs12.c b/wolfcrypt/src/pkcs12.c index e8cc11e9eb..07ff1ad24b 100644 --- a/wolfcrypt/src/pkcs12.c +++ b/wolfcrypt/src/pkcs12.c @@ -978,7 +978,7 @@ int wc_i2d_PKCS12(WC_PKCS12* pkcs12, byte** der, int* derSz) totalSz += 4; /* Element */ - totalSz += 2 + sizeof(WC_PKCS12_DATA_OID); + totalSz += 2U + (word32)sizeof(WC_PKCS12_DATA_OID); totalSz += 4; /* Seq */ @@ -1037,7 +1037,7 @@ int wc_i2d_PKCS12(WC_PKCS12* pkcs12, byte** der, int* derSz) /* OID */ idx += (word32)SetObjectId(sizeof(WC_PKCS12_DATA_OID), &buf[idx]); XMEMCPY(&buf[idx], WC_PKCS12_DATA_OID, sizeof(WC_PKCS12_DATA_OID)); - idx += sizeof(WC_PKCS12_DATA_OID); + idx += (word32)sizeof(WC_PKCS12_DATA_OID); /* Element */ buf[idx++] = ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC; @@ -2080,12 +2080,12 @@ static int wc_PKCS12_encrypt_content(WC_PKCS12* pkcs12, WC_RNG* rng, /* calculate size */ totalSz = (word32)SetObjectId(sizeof(WC_PKCS12_ENCRYPTED_OID), seq); - totalSz += sizeof(WC_PKCS12_ENCRYPTED_OID); + totalSz += (word32)sizeof(WC_PKCS12_ENCRYPTED_OID); totalSz += ASN_TAG_SZ; length = (word32)SetMyVersion(0, seq, 0); tmpSz = (word32)SetObjectId(sizeof(WC_PKCS12_DATA_OID), seq); - tmpSz += sizeof(WC_PKCS12_DATA_OID); + tmpSz += (word32)sizeof(WC_PKCS12_DATA_OID); tmpSz += encSz; length += SetSequence(tmpSz, seq) + tmpSz; outerSz = SetSequence(length, seq) + length; @@ -2108,7 +2108,7 @@ static int wc_PKCS12_encrypt_content(WC_PKCS12* pkcs12, WC_RNG* rng, } XMEMCPY(out + idx, WC_PKCS12_ENCRYPTED_OID, sizeof(WC_PKCS12_ENCRYPTED_OID)); - idx += sizeof(WC_PKCS12_ENCRYPTED_OID); + idx += (word32)sizeof(WC_PKCS12_ENCRYPTED_OID); if (idx + 1 > *outSz){ return BUFFER_E; @@ -2149,7 +2149,7 @@ static int wc_PKCS12_encrypt_content(WC_PKCS12* pkcs12, WC_RNG* rng, return BUFFER_E; } XMEMCPY(out + idx, WC_PKCS12_DATA_OID, sizeof(WC_PKCS12_DATA_OID)); - idx += sizeof(WC_PKCS12_DATA_OID); + idx += (word32)sizeof(WC_PKCS12_DATA_OID); /* copy over encrypted data */ if (idx + encSz > *outSz){ @@ -2171,7 +2171,7 @@ static int wc_PKCS12_encrypt_content(WC_PKCS12* pkcs12, WC_RNG* rng, if (type == WC_PKCS12_DATA) { /* calculate size */ totalSz = (word32)SetObjectId(sizeof(WC_PKCS12_DATA_OID), seq); - totalSz += sizeof(WC_PKCS12_DATA_OID); + totalSz += (word32)sizeof(WC_PKCS12_DATA_OID); totalSz += ASN_TAG_SZ; length = SetOctetString(contentSz, seq); @@ -2197,7 +2197,7 @@ static int wc_PKCS12_encrypt_content(WC_PKCS12* pkcs12, WC_RNG* rng, return BUFFER_E; } XMEMCPY(out + idx, WC_PKCS12_DATA_OID, sizeof(WC_PKCS12_DATA_OID)); - idx += sizeof(WC_PKCS12_DATA_OID); + idx += (word32)sizeof(WC_PKCS12_DATA_OID); if (idx + 1 > *outSz){ return BUFFER_E; diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index f3cbfbfc28..a96f53718e 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -7127,7 +7127,7 @@ static int wc_PKCS7_KariGenerateSharedInfo(WC_PKCS7_KARI* kari, int keyWrapOID) /* suppPubInfo */ suppPubInfoSeqSz = (int)SetImplicit(ASN_SEQUENCE, 2, - (word32)kekOctetSz + sizeof(word32), + (word32)kekOctetSz + (word32)sizeof(word32), suppPubInfoSeq, 0); sharedInfoSz += suppPubInfoSeqSz; @@ -8911,9 +8911,9 @@ static int wc_PKCS7_PwriKek_KeyWrap(wc_PKCS7* pkcs7, const byte* kek, word32 kek return BUFFER_E; out[0] = (byte)cekSz; - out[1] = ~cek[0]; - out[2] = ~cek[1]; - out[3] = ~cek[2]; + out[1] = (byte)~cek[0]; + out[2] = (byte)~cek[1]; + out[3] = (byte)~cek[2]; XMEMCPY(out + 4, cek, cekSz); /* random padding of size padSz */ diff --git a/wolfcrypt/src/pwdbased.c b/wolfcrypt/src/pwdbased.c index fb06dcef6e..208f6675a9 100644 --- a/wolfcrypt/src/pwdbased.c +++ b/wolfcrypt/src/pwdbased.c @@ -826,7 +826,7 @@ int wc_scrypt(byte* output, const byte* passwd, int passLen, goto end; } /* Temporary for scryptROMix. */ - v = (byte*)XMALLOC((size_t)((1 << cost) * bSz), NULL, + v = (byte*)XMALLOC((size_t)((1U << cost) * bSz), NULL, DYNAMIC_TYPE_TMP_BUFFER); if (v == NULL) { ret = MEMORY_E; @@ -848,7 +848,7 @@ int wc_scrypt(byte* output, const byte* passwd, int passLen, /* Step 2. */ for (i = 0; i < parallel; i++) - scryptROMix(blocks + i * (int)bSz, v, y, (int)blockSize, 1 << cost); + scryptROMix(blocks + i * (int)bSz, v, y, (int)blockSize, 1U << cost); /* Step 3. */ ret = wc_PBKDF2(output, passwd, passLen, blocks, (int)blocksSz, 1, dkLen, diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c index 80afe25af8..febc29243f 100644 --- a/wolfcrypt/src/random.c +++ b/wolfcrypt/src/random.c @@ -598,14 +598,14 @@ static WC_INLINE void array_add(byte* d, word32 dLen, const byte* s, word32 sLen dIdx = (int)dLen - 1; for (sIdx = (int)sLen - 1; sIdx >= 0; sIdx--) { - carry += (word16)((word16)d[dIdx] + (word16)s[sIdx]); + carry = (word16)(carry + d[dIdx] + s[sIdx]); d[dIdx] = (byte)carry; carry >>= 8; dIdx--; } for (; dIdx >= 0; dIdx--) { - carry += (word16)d[dIdx]; + carry = (word16)(carry + d[dIdx]); d[dIdx] = (byte)carry; carry >>= 8; } diff --git a/wolfcrypt/src/sha3.c b/wolfcrypt/src/sha3.c index f6b8c2f03f..29f17434fc 100644 --- a/wolfcrypt/src/sha3.c +++ b/wolfcrypt/src/sha3.c @@ -550,7 +550,7 @@ void BlockSha3(word64* s) #ifndef SHA3_BY_SPEC word64 t1; #endif - byte i; + word32 i; for (i = 0; i < 24; i += 2) { @@ -694,7 +694,7 @@ static int Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p) } data += i; len -= i; - sha3->i += (byte) i; + sha3->i = (byte)(sha3->i + i); if (sha3->i == p * 8) { for (i = 0; i < p; i++) { @@ -708,12 +708,12 @@ static int Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p) sha3->i = 0; } } - blocks = len / (p * 8); + blocks = len / (p * 8U); #ifdef USE_INTEL_SPEEDUP if ((SHA3_BLOCK_N != NULL) && (blocks > 0)) { - (*SHA3_BLOCK_N)(sha3->s, data, blocks, p * 8); - len -= blocks * (p * 8); - data += blocks * (p * 8); + (*SHA3_BLOCK_N)(sha3->s, data, blocks, p * 8U); + len -= blocks * (p * 8U); + data += blocks * (p * 8U); blocks = 0; } #endif @@ -726,15 +726,15 @@ static int Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p) #else BlockSha3(sha3->s); #endif - len -= p * 8; - data += p * 8; + len -= p * 8U; + data += p * 8U; } #if defined(WOLFSSL_LINUXKM) && defined(USE_INTEL_SPEEDUP) if (SHA3_BLOCK == sha3_block_avx2) RESTORE_VECTOR_REGISTERS(); #endif XMEMCPY(sha3->t, data, len); - sha3->i += (byte)len; + sha3->i = (byte)(sha3->i + len); return 0; } @@ -749,7 +749,7 @@ static int Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p) */ static int Sha3Final(wc_Sha3* sha3, byte padChar, byte* hash, byte p, word32 l) { - word32 rate = p * 8; + word32 rate = p * 8U; word32 j; word32 i; @@ -761,7 +761,7 @@ static int Sha3Final(wc_Sha3* sha3, byte padChar, byte* hash, byte p, word32 l) sha3->t[sha3->i ] = padChar; sha3->t[rate - 1] |= 0x80; if (rate - 1 > (word32)sha3->i + 1) { - XMEMSET(sha3->t + sha3->i + 1, 0, rate - 1 - (sha3->i + 1)); + XMEMSET(sha3->t + sha3->i + 1, 0, rate - 1U - (sha3->i + 1U)); } for (i = 0; i < p; i++) { sha3->s[i] ^= Load64BitBigEndian(sha3->t + 8 * i); diff --git a/wolfcrypt/src/siphash.c b/wolfcrypt/src/siphash.c index d455c663ec..b7c63c3625 100644 --- a/wolfcrypt/src/siphash.c +++ b/wolfcrypt/src/siphash.c @@ -256,14 +256,14 @@ int wc_SipHashUpdate(SipHash* sipHash, const unsigned char* in, word32 inSz) if ((ret == 0) && (inSz > 0)) { /* Add to cache if already started. */ if (sipHash->cacheCnt > 0) { - byte len = SIPHASH_BLOCK_SIZE - sipHash->cacheCnt; + byte len = (byte)(SIPHASH_BLOCK_SIZE - sipHash->cacheCnt); if (len > inSz) { len = (byte)inSz; } XMEMCPY(sipHash->cache + sipHash->cacheCnt, in, len); in += len; inSz -= len; - sipHash->cacheCnt += len; + sipHash->cacheCnt = (byte)(sipHash->cacheCnt + len); if (sipHash->cacheCnt == SIPHASH_BLOCK_SIZE) { /* Compress the block from the cache. */ @@ -331,7 +331,7 @@ int wc_SipHashFinal(SipHash* sipHash, unsigned char* out, unsigned char outSz) if (ret == 0) { /* Put in remaining cached message bytes. */ - XMEMSET(sipHash->cache + sipHash->cacheCnt, 0, 7 - sipHash->cacheCnt); + XMEMSET(sipHash->cache + sipHash->cacheCnt, 0, 7U - sipHash->cacheCnt); sipHash->cache[7] = (byte)(sipHash->inCnt + sipHash->cacheCnt); SipHashCompress(sipHash, sipHash->cache); diff --git a/wolfcrypt/src/sp_arm64.c b/wolfcrypt/src/sp_arm64.c index dcfbddec51..282504239c 100644 --- a/wolfcrypt/src/sp_arm64.c +++ b/wolfcrypt/src/sp_arm64.c @@ -24258,7 +24258,7 @@ static void sp_256_ecc_recode_6_4(const sp_digit* k, ecc_recode_256* v) n >>= o; } - y += (word8)carry; + y = (word8)(y + carry); v[i].i = recode_index_4_6[y]; v[i].neg = recode_neg_4_6[y]; carry = (y >> 6) + v[i].neg; @@ -27341,7 +27341,7 @@ static void sp_256_ecc_recode_7_4(const sp_digit* k, ecc_recode_256* v) n >>= o; } - y += (word8)carry; + y = (word8)(y + carry); v[i].i = recode_index_4_7[y]; v[i].neg = recode_neg_4_7[y]; carry = (y >> 7) + v[i].neg; @@ -39445,7 +39445,7 @@ static int sp_256_ecc_mulmod_add_only_4(sp_point_256* r, const sp_point_256* g, p->infinity = !v[i].i; sp_256_sub_4(negy, p256_mod, p->y); sp_256_norm_4(negy); - sp_256_cond_copy_4(p->y, negy, 0 - v[i].neg); + sp_256_cond_copy_4(p->y, negy, (sp_digit)(0 - v[i].neg)); sp_256_proj_point_add_qz1_4(rt, rt, p, tmp); } if (map != 0) { @@ -45220,7 +45220,7 @@ static void sp_384_ecc_recode_6_6(const sp_digit* k, ecc_recode_384* v) n >>= o; } - y += (word8)carry; + y = (word8)(y + carry); v[i].i = recode_index_6_6[y]; v[i].neg = recode_neg_6_6[y]; carry = (y >> 6) + v[i].neg; @@ -48267,7 +48267,7 @@ static void sp_384_ecc_recode_7_6(const sp_digit* k, ecc_recode_384* v) n >>= o; } - y += (word8)carry; + y = (word8)(y + carry); v[i].i = recode_index_6_7[y]; v[i].neg = recode_neg_6_7[y]; carry = (y >> 7) + v[i].neg; @@ -66185,7 +66185,7 @@ static int sp_384_ecc_mulmod_add_only_6(sp_point_384* r, const sp_point_384* g, p->infinity = !v[i].i; sp_384_sub_6(negy, p384_mod, p->y); sp_384_norm_6(negy); - sp_384_cond_copy_6(p->y, negy, 0 - v[i].neg); + sp_384_cond_copy_6(p->y, negy, (sp_digit)(0 - v[i].neg)); sp_384_proj_point_add_qz1_6(rt, rt, p, tmp); } if (map != 0) { @@ -73577,7 +73577,7 @@ static void sp_521_ecc_recode_6_9(const sp_digit* k, ecc_recode_521* v) n >>= o; } - y += (word8)carry; + y = (word8)(y + carry); v[i].i = recode_index_9_6[y]; v[i].neg = recode_neg_9_6[y]; carry = (y >> 6) + v[i].neg; @@ -77323,7 +77323,7 @@ static void sp_521_ecc_recode_7_9(const sp_digit* k, ecc_recode_521* v) n >>= o; } - y += (word8)carry; + y = (word8)(y + carry); v[i].i = recode_index_9_7[y]; v[i].neg = recode_neg_9_7[y]; carry = (y >> 7) + v[i].neg; @@ -111319,7 +111319,7 @@ static int sp_521_ecc_mulmod_add_only_9(sp_point_521* r, const sp_point_521* g, p->infinity = !v[i].i; sp_521_sub_9(negy, p521_mod, p->y); sp_521_norm_9(negy); - sp_521_cond_copy_9(p->y, negy, 0 - v[i].neg); + sp_521_cond_copy_9(p->y, negy, (sp_digit)(0 - v[i].neg)); sp_521_proj_point_add_qz1_9(rt, rt, p, tmp); } if (map != 0) { @@ -117664,7 +117664,7 @@ static void sp_1024_ecc_recode_7_16(const sp_digit* k, ecc_recode_1024* v) n >>= o; } - y += (word8)carry; + y = (word8)(y + carry); v[i].i = recode_index_16_7[y]; v[i].neg = recode_neg_16_7[y]; carry = (y >> 7) + v[i].neg; diff --git a/wolfcrypt/src/sp_c32.c b/wolfcrypt/src/sp_c32.c index 419bccfe2b..a1f0eb277d 100644 --- a/wolfcrypt/src/sp_c32.c +++ b/wolfcrypt/src/sp_c32.c @@ -22446,7 +22446,7 @@ static void sp_256_ecc_recode_6_9(const sp_digit* k, ecc_recode_256* v) n >>= o; } - y += (word8)carry; + y = (word8)(y + carry); v[i].i = recode_index_9_6[y]; v[i].neg = recode_neg_9_6[y]; carry = (y >> 6) + v[i].neg; @@ -29915,7 +29915,7 @@ static void sp_384_ecc_recode_6_15(const sp_digit* k, ecc_recode_384* v) n >>= o; } - y += (word8)carry; + y = (word8)(y + carry); v[i].i = recode_index_15_6[y]; v[i].neg = recode_neg_15_6[y]; carry = (y >> 6) + v[i].neg; @@ -37434,7 +37434,7 @@ static void sp_521_ecc_recode_6_21(const sp_digit* k, ecc_recode_521* v) n >>= o; } - y += (word8)carry; + y = (word8)(y + carry); v[i].i = recode_index_21_6[y]; v[i].neg = recode_neg_21_6[y]; carry = (y >> 6) + v[i].neg; @@ -46251,7 +46251,7 @@ static void sp_1024_ecc_recode_7_42(const sp_digit* k, ecc_recode_1024* v) n >>= o; } - y += (word8)carry; + y = (word8)(y + carry); v[i].i = recode_index_42_7[y]; v[i].neg = recode_neg_42_7[y]; carry = (y >> 7) + v[i].neg; diff --git a/wolfcrypt/src/sp_c64.c b/wolfcrypt/src/sp_c64.c index cb1f19803c..0a77db8618 100644 --- a/wolfcrypt/src/sp_c64.c +++ b/wolfcrypt/src/sp_c64.c @@ -23382,7 +23382,7 @@ static void sp_256_ecc_recode_6_5(const sp_digit* k, ecc_recode_256* v) n >>= o; } - y += (word8)carry; + y = (word8)(y + carry); v[i].i = recode_index_5_6[y]; v[i].neg = recode_neg_5_6[y]; carry = (y >> 6) + v[i].neg; @@ -30318,7 +30318,7 @@ static void sp_384_ecc_recode_6_7(const sp_digit* k, ecc_recode_384* v) n >>= o; } - y += (word8)carry; + y = (word8)(y + carry); v[i].i = recode_index_7_6[y]; v[i].neg = recode_neg_7_6[y]; carry = (y >> 6) + v[i].neg; @@ -37715,7 +37715,7 @@ static void sp_521_ecc_recode_6_9(const sp_digit* k, ecc_recode_521* v) n >>= o; } - y += (word8)carry; + y = (word8)(y + carry); v[i].i = recode_index_9_6[y]; v[i].neg = recode_neg_9_6[y]; carry = (y >> 6) + v[i].neg; @@ -45594,7 +45594,7 @@ static void sp_1024_ecc_recode_7_18(const sp_digit* k, ecc_recode_1024* v) n >>= o; } - y += (word8)carry; + y = (word8)(y + carry); v[i].i = recode_index_18_7[y]; v[i].neg = recode_neg_18_7[y]; carry = (y >> 7) + v[i].neg; diff --git a/wolfcrypt/src/sp_int.c b/wolfcrypt/src/sp_int.c index 529e540dde..00b3607e36 100644 --- a/wolfcrypt/src/sp_int.c +++ b/wolfcrypt/src/sp_int.c @@ -176,7 +176,7 @@ This library provides single precision (SP) integer math functions. /* Array declared on stack - check size is valid. */ #define ALLOC_SP_INT(n, s, err, h) \ do { \ - if (((err) == MP_OKAY) && ((s) > SP_INT_DIGITS)) { \ + if (((err) == MP_OKAY) && ((s) > (int)SP_INT_DIGITS)) { \ (err) = MP_VAL; \ } \ } \ @@ -5306,7 +5306,7 @@ void sp_forcezero(sp_int* a) /* Zeroize when a vald pointer passed in. */ if (a != NULL) { /* Ensure all data zeroized - data not zeroed when used decreases. */ - ForceZero(a->dp, a->size * SP_WORD_SIZEOF); + ForceZero(a->dp, a->size * (word32)SP_WORD_SIZEOF); /* Set back to zero. */ #ifdef HAVE_WOLF_BIGINT /* Zeroize the raw data as well. */ @@ -5333,7 +5333,7 @@ static void _sp_copy(const sp_int* a, sp_int* r) r->dp[0] = 0; } else { - XMEMCPY(r->dp, a->dp, a->used * SP_WORD_SIZEOF); + XMEMCPY(r->dp, a->dp, a->used * (word32)SP_WORD_SIZEOF); } /* Set number of used words in result. */ r->used = a->used; @@ -6072,7 +6072,7 @@ int sp_set_bit(sp_int* a, int i) a->dp[w] |= (sp_int_digit)1 << s; /* Update used if necessary */ if (a->used <= w) { - a->used = w + 1; + a->used = (sp_size_t)(w + 1U); } } @@ -7317,7 +7317,7 @@ static void _sp_div_2(const sp_int* a, sp_int* r) /* Last word only needs to be shifted down. */ r->dp[i] = a->dp[i] >> 1; /* Set used to be all words seen. */ - r->used = (sp_size_t)i + 1; + r->used = (sp_size_t)(i + 1); /* Remove leading zeros. */ sp_clamp(r); #ifdef WOLFSSL_SP_INT_NEGATIVE @@ -7438,7 +7438,7 @@ int sp_div_2_mod_ct(const sp_int* a, const sp_int* m, sp_int* r) r->dp[i] = l; #endif /* Used includes carry - set or not. */ - r->used = i + 1; + r->used = (sp_size_t)(i + 1); #ifdef WOLFSSL_SP_INT_NEGATIVE r->sign = MP_ZPOS; #endif @@ -7826,7 +7826,7 @@ static int _sp_addmod(const sp_int* a, const sp_int* b, const sp_int* m, { int err = MP_OKAY; /* Calculate used based on digits used in a and b. */ - sp_size_t used = ((a->used >= b->used) ? a->used + 1 : b->used + 1); + sp_size_t used = (sp_size_t)(((a->used >= b->used) ? a->used + 1U : b->used + 1U)); DECL_SP_INT(t, used); /* Allocate a temporary SP int to hold sum. */ @@ -7914,8 +7914,8 @@ static int _sp_submod(const sp_int* a, const sp_int* b, const sp_int* m, int err = MP_OKAY; #ifndef WOLFSSL_SP_INT_NEGATIVE unsigned int used = ((a->used >= m->used) ? - ((a->used >= b->used) ? (a->used + 1) : (b->used + 1)) : - ((b->used >= m->used)) ? (b->used + 1) : (m->used + 1)); + ((a->used >= b->used) ? (a->used + 1U) : (b->used + 1U)) : + ((b->used >= m->used)) ? (b->used + 1U) : (m->used + 1U)); DECL_SP_INT_ARRAY(t, used, 2); ALLOC_SP_INT_ARRAY(t, used, 2, err, NULL); @@ -8406,11 +8406,11 @@ int sp_lshd(sp_int* a, int s) } if (err == MP_OKAY) { /* Move up digits. */ - XMEMMOVE(a->dp + s, a->dp, a->used * SP_WORD_SIZEOF); + XMEMMOVE(a->dp + s, a->dp, a->used * (word32)SP_WORD_SIZEOF); /* Back fill with zeros. */ XMEMSET(a->dp, 0, (size_t)s * SP_WORD_SIZEOF); /* Update used. */ - a->used += (sp_size_t)s; + a->used = (sp_size_t)(a->used + s); /* Remove leading zeros. */ sp_clamp(a); } @@ -8447,7 +8447,7 @@ static int sp_lshb(sp_int* a, int n) } if (err == MP_OKAY) { /* Get count of bits to move in digit. */ - n &= SP_WORD_MASK; + n &= (int)SP_WORD_MASK; /* Check whether this is a complicated case. */ if (n != 0) { unsigned int i; @@ -8456,7 +8456,7 @@ static int sp_lshb(sp_int* a, int n) /* Get new most significant digit. */ sp_int_digit v = a->dp[a->used - 1] >> (SP_WORD_SIZE - n); /* Shift up each digit. */ - for (i = a->used - 1; i >= 1; i--) { + for (i = a->used - 1U; i >= 1U; i--) { a->dp[i + s] = (a->dp[i] << n) | (a->dp[i - 1] >> (SP_WORD_SIZE - n)); } @@ -8471,13 +8471,13 @@ static int sp_lshb(sp_int* a, int n) /* Only digits to move and ensure not zero. */ else if (s > 0) { /* Move up digits. */ - XMEMMOVE(a->dp + s, a->dp, a->used * SP_WORD_SIZEOF); + XMEMMOVE(a->dp + s, a->dp, a->used * (word32)SP_WORD_SIZEOF); } /* Update used digit count. */ - a->used += s; + a->used = (sp_size_t)(a->used + s); /* Back fill with zeros. */ - XMEMSET(a->dp, 0, SP_WORD_SIZEOF * s); + XMEMSET(a->dp, 0, (word32)SP_WORD_SIZEOF * s); } } @@ -8504,7 +8504,7 @@ void sp_rshd(sp_int* a, int c) sp_size_t i; /* Update used digits count. */ - a->used -= (sp_size_t)c; + a->used = (sp_size_t)(a->used - c); /* Move digits down. */ for (i = 0; i < a->used; i++, c++) { a->dp[i] = a->dp[c]; @@ -8548,13 +8548,13 @@ int sp_rshb(const sp_int* a, int n, sp_int* r) /* Handle simple case. */ if (n == 0) { /* Set the count of used digits. */ - r->used = a->used - i; + r->used = (sp_size_t)(a->used - i); /* Move digits down. */ if (r == a) { - XMEMMOVE(r->dp, r->dp + i, SP_WORD_SIZEOF * r->used); + XMEMMOVE(r->dp, r->dp + i, (word32)SP_WORD_SIZEOF * r->used); } else { - XMEMCPY(r->dp, a->dp + i, SP_WORD_SIZEOF * r->used); + XMEMCPY(r->dp, a->dp + i, (word32)SP_WORD_SIZEOF * r->used); } } else { @@ -8591,7 +8591,7 @@ static void _sp_div_same_size(sp_int* a, const sp_int* d, sp_int* r) sp_size_t i; /* Compare top digits of dividend with those of divisor up to last. */ - for (i = d->used - 1; i > 0; i--) { + for (i = (sp_size_t)(d->used - 1U); i > 0; i--) { /* Break if top divisor is not equal to dividend. */ if (a->dp[a->used - d->used + i] != d->dp[i]) { break; @@ -8604,7 +8604,7 @@ static void _sp_div_same_size(sp_int* a, const sp_int* d, sp_int* r) /* Get 'used' to restore - ensure zeros put into quotient. */ i = a->used; /* Subtract d from top of a. */ - _sp_sub_off(a, d, a, a->used - d->used); + _sp_sub_off(a, d, a, (sp_size_t)(a->used - d->used)); /* Restore 'used' on remainder. */ a->used = i; } @@ -8661,7 +8661,7 @@ static int _sp_div_impl(sp_int* a, const sp_int* d, sp_int* r, sp_int* trial) /* Keep subtracting multiples of d as long as the digit count of a is * greater than equal to d. */ - for (i = a->used - 1; i >= d->used; i--) { + for (i = (sp_size_t)(a->used - 1U); i >= d->used; i--) { /* When top digits equal, guestimate maximum multiplier. * Worst case, multiplier is actually SP_DIGIT_MAX - 1. * That is, for w (word size in bits) > 1, n > 1, let: @@ -8715,7 +8715,7 @@ static int _sp_div_impl(sp_int* a, const sp_int* d, sp_int* r, sp_int* trial) } #else /* Index of lowest digit trial is subtracted from. */ - o = i - d->used; + o = (sp_size_t)(i - d->used); do { #ifndef SQR_MUL_ASM sp_int_word tw = 0; @@ -8784,7 +8784,7 @@ static int _sp_div_impl(sp_int* a, const sp_int* d, sp_int* r, sp_int* trial) #endif /* WOLFSSL_SP_SMALL */ } /* Update used. */ - a->used = i + 1; + a->used = (sp_size_t)(i + 1U); if (a->used == d->used) { /* Finish div now that length of dividend is same as divisor. */ _sp_div_same_size(a, d, r); @@ -8918,12 +8918,12 @@ static int _sp_div(const sp_int* a, const sp_int* d, sp_int* r, sp_int* rem, trial = td[1]; /* Initialize sizes to minimal values. */ - _sp_init_size(sd, d->used + 1); + _sp_init_size(sd, (sp_size_t)(d->used + 1U)); _sp_init_size(trial, used); /* Move divisor to top of word. Adjust dividend as well. */ s = sp_count_bits(d); - s = SP_WORD_SIZE - (s & SP_WORD_MASK); + s = SP_WORD_SIZE - (s & (int)SP_WORD_MASK); _sp_copy(a, sa); /* Only shift if top bit of divisor no set. */ if (s != SP_WORD_SIZE) { @@ -9012,7 +9012,7 @@ int sp_div(const sp_int* a, const sp_int* d, sp_int* r, sp_int* rem) /* May need to shift number being divided left into a new word. */ int bits = SP_WORD_SIZE - (sp_count_bits(d) % SP_WORD_SIZE); if ((bits != SP_WORD_SIZE) && - (sp_count_bits(a) + bits > SP_INT_DIGITS * SP_WORD_SIZE)) { + (sp_count_bits(a) + bits > (int)(SP_INT_DIGITS * SP_WORD_SIZE))) { err = MP_VAL; } else { @@ -9020,7 +9020,7 @@ int sp_div(const sp_int* a, const sp_int* d, sp_int* r, sp_int* rem) } } else { - used = a->used + 1; + used = (sp_size_t)(a->used + 1U); } } @@ -9282,7 +9282,7 @@ static int _sp_mul(const sp_int* a, const sp_int* b, sp_int* r) } for (; k <= (sp_size_t)((a->used - 1) + (b->used - 1)); k++) { j = (int)(b->used - 1); - i = k - (sp_size_t)j; + i = (sp_size_t)(k - (sp_size_t)j); for (; (i < a->used) && (j >= 0); i++, j--) { SP_ASM_MUL_ADD(l, h, o, a->dp[i], b->dp[j]); } @@ -9350,7 +9350,7 @@ static int _sp_mul(const sp_int* a, const sp_int* b, sp_int* r) o = 0; #endif for (k = 1; (int)k <= ((int)a->used - 1) + ((int)b->used - 1); k++) { - i = k - (sp_size_t)(b->used - 1); + i = (sp_size_t)(k - (b->used - 1)); i &= (sp_size_t)(((unsigned int)i >> (sizeof(i) * 8 - 1)) - 1U); j = (int)(k - i); for (; (i < a->used) && (j >= 0); i++, j--) { @@ -12152,7 +12152,7 @@ static int _sp_mulmod_tmp(const sp_int* a, const sp_int* b, const sp_int* m, ALLOC_SP_INT(t, a->used + b->used, err, NULL); if (err == MP_OKAY) { - err = sp_init_size(t, a->used + b->used); + err = sp_init_size(t, (sp_size_t)(a->used + b->used)); } /* Multiply and reduce. */ @@ -12388,7 +12388,7 @@ static int _sp_invmod_div(const sp_int* a, const sp_int* m, sp_int* x, ALLOC_SP_INT(d, m->used + 1, err, NULL); if (err == MP_OKAY) { - err = sp_init_size(d, m->used + 1); + err = sp_init_size(d, (sp_size_t)(m->used + 1U)); } if (err == MP_OKAY) { @@ -12532,7 +12532,7 @@ static int _sp_invmod(const sp_int* a, const sp_int* m, sp_int* r) * - x3 one word larger than modulus * - x1 one word longer than twice modulus used */ - ALLOC_SP_INT_ARRAY(t, m->used + 1, 3, err, NULL); + ALLOC_SP_INT_ARRAY(t, m->used + 1U, 3, err, NULL); ALLOC_SP_INT(c, 2 * m->used + 1, err, NULL); if (err == MP_OKAY) { u = t[0]; @@ -12543,16 +12543,16 @@ static int _sp_invmod(const sp_int* a, const sp_int* m, sp_int* r) /* Initialize intermediate values with minimal sizes. */ if (err == MP_OKAY) { - err = sp_init_size(u, m->used + 1); + err = sp_init_size(u, (sp_size_t)(m->used + 1U)); } if (err == MP_OKAY) { - err = sp_init_size(v, m->used + 1); + err = sp_init_size(v, (sp_size_t)(m->used + 1U)); } if (err == MP_OKAY) { - err = sp_init_size(b, m->used + 1); + err = sp_init_size(b, (sp_size_t)(m->used + 1U)); } if (err == MP_OKAY) { - err = sp_init_size(c, (sp_size_t)(2 * m->used + 1)); + err = sp_init_size(c, (sp_size_t)(2U * m->used + 1U)); } if (err == MP_OKAY) { @@ -12747,10 +12747,10 @@ static int _sp_invmod_mont_ct(const sp_int* a, const sp_int* m, sp_int* r, #endif #ifndef WOLFSSL_SP_NO_MALLOC - ALLOC_DYN_SP_INT_ARRAY(pre, m->used * 2 + 1, CT_INV_MOD_PRE_CNT + 2, err, + ALLOC_DYN_SP_INT_ARRAY(pre, m->used * 2U + 1U, CT_INV_MOD_PRE_CNT + 2, err, NULL); #else - ALLOC_SP_INT_ARRAY(pre, m->used * 2 + 1, CT_INV_MOD_PRE_CNT + 2, err, NULL); + ALLOC_SP_INT_ARRAY(pre, m->used * 2U + 1U, CT_INV_MOD_PRE_CNT + 2, err, NULL); #endif if (err == MP_OKAY) { t = pre[CT_INV_MOD_PRE_CNT + 0]; @@ -12994,7 +12994,7 @@ static int _sp_exptmod_ex(const sp_int* b, const sp_int* e, int bits, ALLOC_SP_INT_ARRAY(t, 2 * m->used + 1, 2, err, NULL); #else /* Working SP int needed when cache resistant. */ - ALLOC_SP_INT_ARRAY(t, 2 * m->used + 1, 3, err, NULL); + ALLOC_SP_INT_ARRAY(t, 2U * m->used + 1U, 3, err, NULL); #endif if (err == MP_OKAY) { /* Initialize temporaries. */ @@ -13054,7 +13054,7 @@ static int _sp_exptmod_ex(const sp_int* b, const sp_int* e, int bits, if (err == MP_OKAY) { /* 4.2. y = e[i] */ - int y = (int)((e->dp[i >> SP_WORD_SHIFT] >> (i & SP_WORD_MASK)) & 1); + int y = (int)((e->dp[i >> SP_WORD_SHIFT] >> (i & (int)SP_WORD_MASK)) & 1); /* 4.3. j = y & s */ int j = y & s; /* 4.4 s = s | y */ @@ -13226,7 +13226,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits, DECL_SP_INT_ARRAY(t, m->used * 2 + 1, 4); /* Allocate temporaries. */ - ALLOC_SP_INT_ARRAY(t, m->used * 2 + 1, 4, err, NULL); + ALLOC_SP_INT_ARRAY(t, m->used * 2U + 1U, 4, err, NULL); if (err == MP_OKAY) { /* Initialize temporaries. */ _sp_init_size(t[0], (sp_size_t)(m->used * 2 + 1)); @@ -13266,7 +13266,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits, } if (err == MP_OKAY) { /* t[0] = t[0] mod m, temporary size has to be bigger than t[0]. */ - err = _sp_div(t[0], m, NULL, t[0], t[0]->used + 1); + err = _sp_div(t[0], m, NULL, t[0], t[0]->used + 1U); } if (err == MP_OKAY) { /* 4. t[1] = t[0] @@ -13293,7 +13293,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits, if (err == MP_OKAY) { /* 6.2. y = e[i] */ - int y = (int)((e->dp[i >> SP_WORD_SHIFT] >> (i & SP_WORD_MASK)) & 1); + int y = (int)((e->dp[i >> SP_WORD_SHIFT] >> (i & (int)SP_WORD_MASK)) & 1); /* 6.3 j = y & s */ int j = y & s; /* 6.4 s = s | y */ @@ -13761,10 +13761,10 @@ static int _sp_exptmod_base_2(const sp_int* e, int digits, const sp_int* m, * - constant time add value for mod operation * - temporary result */ - ALLOC_SP_INT_ARRAY(d, m->used * 2 + 1, 2, err, NULL); + ALLOC_SP_INT_ARRAY(d, m->used * 2U + 1U, 2, err, NULL); #else /* Allocate sp_int for temporary result. */ - ALLOC_SP_INT(tr, m->used * 2 + 1, err, NULL); + ALLOC_SP_INT(tr, m->used * 2U + 1U, err, NULL); #endif if (err == MP_OKAY) { #ifndef WC_NO_HARDEN @@ -14223,9 +14223,9 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m, * - Montgomery form of base */ #ifndef WOLFSSL_SP_NO_MALLOC - ALLOC_DYN_SP_INT_ARRAY(t, m->used * 2 + 1, (size_t)preCnt + 2, err, NULL); + ALLOC_DYN_SP_INT_ARRAY(t, m->used * 2U + 1U, (size_t)preCnt + 2, err, NULL); #else - ALLOC_SP_INT_ARRAY(t, m->used * 2 + 1, (size_t)preCnt + 2, err, NULL); + ALLOC_SP_INT_ARRAY(t, m->used * 2U + 1U, (size_t)preCnt + 2, err, NULL); #endif if (err == MP_OKAY) { /* Set variables to use allocate memory. */ @@ -14269,7 +14269,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m, } if (err == MP_OKAY) { /* bm = bm mod m, temporary size has to be bigger than bm->used. */ - err = _sp_div(bm, m, NULL, bm, bm->used + 1); + err = _sp_div(bm, m, NULL, bm, bm->used + 1U); } if (err == MP_OKAY) { /* Copy Montgomery form of base into first element of table. */ @@ -14739,7 +14739,7 @@ int sp_mod_2d(const sp_int* a, int e, sp_int* r) if (err == MP_OKAY) { /* Copy a into r if not same pointer. */ if (a != r) { - XMEMCPY(r->dp, a->dp, digits * SP_WORD_SIZEOF); + XMEMCPY(r->dp, a->dp, digits * (word32)SP_WORD_SIZEOF); r->used = a->used; #ifdef WOLFSSL_SP_INT_NEGATIVE r->sign = a->sign; @@ -14953,7 +14953,7 @@ static int _sp_sqr(const sp_int* a, sp_int* r) } if (err == MP_OKAY) { - r->used = a->used * 2; + r->used = (sp_size_t)(a->used * 2U); sp_clamp(r); } @@ -17296,7 +17296,7 @@ static int _sp_sqrmod(const sp_int* a, const sp_int* m, sp_int* r) ALLOC_SP_INT(t, a->used * 2, err, NULL); if (err == MP_OKAY) { - err = sp_init_size(t, a->used * 2); + err = sp_init_size(t, a->used * 2U); } /* Square and reduce. */ @@ -17511,7 +17511,7 @@ static int _sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp, int ct) /* 4. a = a mod m * Always subtract but at a too high offset if a is less than m. */ - _sp_submod_ct(a, m, m, m->used + 1, a); + _sp_submod_ct(a, m, m, m->used + 1U, a); } @@ -17842,7 +17842,7 @@ static int _sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp, int ct) /* Constant time clamping. */ sp_clamp_ct(a); - _sp_submod_ct(a, m, m, m->used + 1, a); + _sp_submod_ct(a, m, m, m->used + 1U, a); } #if 0 @@ -18259,7 +18259,7 @@ int sp_to_unsigned_bin_len_ct(const sp_int* a, byte* out, int outSz) /* Put each digit in. */ i = 0; for (j = outSz - 1; j >= 0; ) { - int b; + unsigned int b; d = a->dp[i]; /* Place each byte of a digit into the buffer. */ for (b = 0; (j >= 0) && (b < SP_WORD_SIZEOF); b++) { @@ -18386,7 +18386,7 @@ static int _sp_read_radix_16(sp_int* a, const char* in) a->dp[j] = d; } /* Update used count. */ - a->used = j + 1; + a->used = (sp_size_t)(j + 1U); /* Remove leading zeros. */ sp_clamp(a); } @@ -18424,7 +18424,7 @@ static int _sp_read_radix_10(sp_int* a, const char* in) /* Check character is valid. */ if ((ch >= '0') && (ch <= '9')) { /* Assume '0'..'9' are continuous values as characters. */ - ch -= '0'; + ch = (char)(ch - '0'); } else { if (CharIsWhiteSpace(ch)) @@ -19280,9 +19280,9 @@ static int _sp_prime_trials(const sp_int* a, int trials, int* result) n1 = t[0]; r = t[1]; - _sp_init_size(n1, a->used + 1); - _sp_init_size(r, a->used + 1); - _sp_init_size(b, (sp_size_t)(a->used * 2 + 1)); + _sp_init_size(n1, a->used + 1U); + _sp_init_size(r, a->used + 1U); + _sp_init_size(b, (sp_size_t)(a->used * 2U + 1U)); /* Do requested number of trials of Miller-Rabin test. */ for (i = 0; i < trials; i++) { @@ -19404,10 +19404,10 @@ static int _sp_prime_random_trials(const sp_int* a, int trials, int* result, sp_int* b = d[0]; sp_int* r = d[1]; - _sp_init_size(c , a->used + 1); - _sp_init_size(n1, a->used + 1); - _sp_init_size(b , (sp_size_t)(a->used * 2 + 1)); - _sp_init_size(r , (sp_size_t)(a->used * 2 + 1)); + _sp_init_size(c , a->used + 1U); + _sp_init_size(n1, a->used + 1U); + _sp_init_size(b , (sp_size_t)(a->used * 2U + 1U)); + _sp_init_size(r , (sp_size_t)(a->used * 2U + 1U)); _sp_sub_d(a, 2, c); @@ -19574,7 +19574,7 @@ static WC_INLINE int _sp_gcd(const sp_int* a, const sp_int* b, sp_int* r) /* Used for swapping sp_ints. */ sp_int* s; /* Determine maximum digit length numbers will reach. */ - unsigned int used = (a->used >= b->used) ? a->used + 1 : b->used + 1; + unsigned int used = (a->used >= b->used) ? a->used + 1U : b->used + 1U; DECL_SP_INT_ARRAY(d, used, 3); SAVE_VECTOR_REGISTERS(err = _svr_ret;); diff --git a/wolfcrypt/src/sp_x86_64.c b/wolfcrypt/src/sp_x86_64.c index 799c286239..039820d4bb 100644 --- a/wolfcrypt/src/sp_x86_64.c +++ b/wolfcrypt/src/sp_x86_64.c @@ -9435,7 +9435,7 @@ static void sp_256_ecc_recode_6_4(const sp_digit* k, ecc_recode_256* v) n >>= o; } - y += (word8)carry; + y = (word8)(y + carry); v[i].i = recode_index_4_6[y]; v[i].neg = recode_neg_4_6[y]; carry = (y >> 6) + v[i].neg; @@ -12110,7 +12110,7 @@ static void sp_256_ecc_recode_7_4(const sp_digit* k, ecc_recode_256* v) n >>= o; } - y += (word8)carry; + y = (word8)(y + carry); v[i].i = recode_index_4_7[y]; v[i].neg = recode_neg_4_7[y]; carry = (y >> 7) + v[i].neg; @@ -24173,7 +24173,7 @@ static int sp_256_ecc_mulmod_add_only_4(sp_point_256* r, const sp_point_256* g, p->infinity = !v[i].i; sp_256_sub_4(negy, p256_mod, p->y); sp_256_norm_4(negy); - sp_256_cond_copy_4(p->y, negy, 0 - v[i].neg); + sp_256_cond_copy_4(p->y, negy, (sp_digit)(0 - v[i].neg)); sp_256_proj_point_add_qz1_4(rt, rt, p, tmp); } if (map != 0) { @@ -24306,7 +24306,7 @@ static int sp_256_ecc_mulmod_add_only_avx2_4(sp_point_256* r, const sp_point_256 p->infinity = !v[i].i; sp_256_sub_4(negy, p256_mod, p->y); sp_256_norm_4(negy); - sp_256_cond_copy_4(p->y, negy, 0 - v[i].neg); + sp_256_cond_copy_4(p->y, negy, (sp_digit)(0 - v[i].neg)); sp_256_proj_point_add_qz1_avx2_4(rt, rt, p, tmp); } if (map != 0) { @@ -28596,7 +28596,7 @@ static void sp_384_ecc_recode_6_6(const sp_digit* k, ecc_recode_384* v) n >>= o; } - y += (word8)carry; + y = (word8)(y + carry); v[i].i = recode_index_6_6[y]; v[i].neg = recode_neg_6_6[y]; carry = (y >> 6) + v[i].neg; @@ -31330,7 +31330,7 @@ static void sp_384_ecc_recode_7_6(const sp_digit* k, ecc_recode_384* v) n >>= o; } - y += (word8)carry; + y = (word8)(y + carry); v[i].i = recode_index_6_7[y]; v[i].neg = recode_neg_6_7[y]; carry = (y >> 7) + v[i].neg; @@ -49207,7 +49207,7 @@ static int sp_384_ecc_mulmod_add_only_6(sp_point_384* r, const sp_point_384* g, p->infinity = !v[i].i; sp_384_sub_6(negy, p384_mod, p->y); sp_384_norm_6(negy); - sp_384_cond_copy_6(p->y, negy, 0 - v[i].neg); + sp_384_cond_copy_6(p->y, negy, (sp_digit)(0 - v[i].neg)); sp_384_proj_point_add_qz1_6(rt, rt, p, tmp); } if (map != 0) { @@ -49340,7 +49340,7 @@ static int sp_384_ecc_mulmod_add_only_avx2_6(sp_point_384* r, const sp_point_384 p->infinity = !v[i].i; sp_384_sub_6(negy, p384_mod, p->y); sp_384_norm_6(negy); - sp_384_cond_copy_6(p->y, negy, 0 - v[i].neg); + sp_384_cond_copy_6(p->y, negy, (sp_digit)(0 - v[i].neg)); sp_384_proj_point_add_qz1_avx2_6(rt, rt, p, tmp); } if (map != 0) { @@ -53526,7 +53526,7 @@ static void sp_521_ecc_recode_6_9(const sp_digit* k, ecc_recode_521* v) n >>= o; } - y += (word8)carry; + y = (word8)(y + carry); v[i].i = recode_index_9_6[y]; v[i].neg = recode_neg_9_6[y]; carry = (y >> 6) + v[i].neg; @@ -56363,7 +56363,7 @@ static void sp_521_ecc_recode_7_9(const sp_digit* k, ecc_recode_521* v) n >>= o; } - y += (word8)carry; + y = (word8)(y + carry); v[i].i = recode_index_9_7[y]; v[i].neg = recode_neg_9_7[y]; carry = (y >> 7) + v[i].neg; @@ -90300,7 +90300,7 @@ static int sp_521_ecc_mulmod_add_only_9(sp_point_521* r, const sp_point_521* g, p->infinity = !v[i].i; sp_521_sub_9(negy, p521_mod, p->y); sp_521_norm_9(negy); - sp_521_cond_copy_9(p->y, negy, 0 - v[i].neg); + sp_521_cond_copy_9(p->y, negy, (sp_digit)(0 - v[i].neg)); sp_521_proj_point_add_qz1_9(rt, rt, p, tmp); } if (map != 0) { @@ -90433,7 +90433,7 @@ static int sp_521_ecc_mulmod_add_only_avx2_9(sp_point_521* r, const sp_point_521 p->infinity = !v[i].i; sp_521_sub_9(negy, p521_mod, p->y); sp_521_norm_9(negy); - sp_521_cond_copy_9(p->y, negy, 0 - v[i].neg); + sp_521_cond_copy_9(p->y, negy, (sp_digit)(0 - v[i].neg)); sp_521_proj_point_add_qz1_avx2_9(rt, rt, p, tmp); } if (map != 0) { @@ -94820,7 +94820,7 @@ static void sp_1024_ecc_recode_7_16(const sp_digit* k, ecc_recode_1024* v) n >>= o; } - y += (word8)carry; + y = (word8)(y + carry); v[i].i = recode_index_16_7[y]; v[i].neg = recode_neg_16_7[y]; carry = (y >> 7) + v[i].neg; diff --git a/wolfcrypt/src/wc_port.c b/wolfcrypt/src/wc_port.c index 9d6c1aed05..2ee85e3f36 100644 --- a/wolfcrypt/src/wc_port.c +++ b/wolfcrypt/src/wc_port.c @@ -1186,10 +1186,10 @@ int wc_strcasecmp(const char *s1, const char *s2) for (;;++s1, ++s2) { c1 = *s1; if ((c1 >= 'a') && (c1 <= 'z')) - c1 -= ('a' - 'A'); + c1 = (char)(c1 - ('a' - 'A')); c2 = *s2; if ((c2 >= 'a') && (c2 <= 'z')) - c2 -= ('a' - 'A'); + c2 = (char)(c2 - ('a' - 'A')); if ((c1 != c2) || (c1 == 0)) break; } @@ -1204,10 +1204,10 @@ int wc_strncasecmp(const char *s1, const char *s2, size_t n) for (c1 = 0, c2 = 0; n > 0; --n, ++s1, ++s2) { c1 = *s1; if ((c1 >= 'a') && (c1 <= 'z')) - c1 -= ('a' - 'A'); + c1 = (char)(c1 - ('a' - 'A')); c2 = *s2; if ((c2 >= 'a') && (c2 <= 'z')) - c2 -= ('a' - 'A'); + c2 = (char)(c2 - ('a' - 'A')); if ((c1 != c2) || (c1 == 0)) break; }