From: Antonio Quartulli <antonio@openvpn.net>
Date: Wed, 28 Apr 2021 08:10:54 +0000 (+0200)
Subject: crypto: respect ECB argument type from prototype
X-Git-Tag: v2.6_beta1~523
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=6a3cbb43a3d09dbf0b5df33c741455f34bde2440;p=thirdparty%2Fopenvpn.git

crypto: respect ECB argument type from prototype

Crypto backends are implementing the cipher_des_encrypt_ecb()
function without fully respecting the type of the argumentis as described
in the function prototype.

All ECB arguments (key, input block and output block) are expected to
be 8 bytes long, for this reason the prototype specifies the arguments
as 3 arrays of 8 bytes in size.

Convert the implementations to also explicitly mention the size of the
array they expect to receive in input.

Fixes these warnings:

crypto_openssl.c:866:39: warning: argument 2 of type ‘unsigned char *’
declared as a pointer [-Warray-parameter=]
  866 |                        unsigned char *src,
      |                        ~~~~~~~~~~~~~~~^~~
In file included from crypto.h:125,
                 from crypto_openssl.c:42:
crypto_backend.h:202:43: note: previously declared as an array ‘unsigned
char[8]’
  202 |                             unsigned char src[DES_KEY_LENGTH],
      |                             ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~
crypto_openssl.c:867:39: warning: argument 3 of type ‘unsigned char *’
declared as a pointer [-Warray-parameter=]
  867 |                        unsigned char *dst)
      |                        ~~~~~~~~~~~~~~~^~~
In file included from crypto.h:125,
                 from crypto_openssl.c:42:
crypto_backend.h:203:43: note: previously declared as an array ‘unsigned
char[8]’
  203 |                             unsigned char dst[DES_KEY_LENGTH]);
      |                             ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~

Signed-off-by: Antonio Quartulli <antonio@openvpn.net>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20210428081054.29081-1-a@unstable.cc>
URL: https://www.mail-archive.com/search?l=mid&q=20210428081054.29081-1-a@unstable.cc
Signed-off-by: Gert Doering <gert@greenie.muc.de>
---

diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c
index f960d0ae1..836e80ac2 100644
--- a/src/openvpn/crypto_mbedtls.c
+++ b/src/openvpn/crypto_mbedtls.c
@@ -768,8 +768,8 @@ cipher_ctx_final_check_tag(mbedtls_cipher_context_t *ctx, uint8_t *dst,
 
 void
 cipher_des_encrypt_ecb(const unsigned char key[DES_KEY_LENGTH],
-                       unsigned char *src,
-                       unsigned char *dst)
+                       unsigned char src[DES_KEY_LENGTH],
+                       unsigned char dst[DES_KEY_LENGTH])
 {
     mbedtls_des_context ctx;
 
diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c
index 57731ed79..1b6bcf645 100644
--- a/src/openvpn/crypto_openssl.c
+++ b/src/openvpn/crypto_openssl.c
@@ -864,8 +864,8 @@ cipher_ctx_final_check_tag(EVP_CIPHER_CTX *ctx, uint8_t *dst, int *dst_len,
 
 void
 cipher_des_encrypt_ecb(const unsigned char key[DES_KEY_LENGTH],
-                       unsigned char *src,
-                       unsigned char *dst)
+                       unsigned char src[DES_KEY_LENGTH],
+                       unsigned char dst[DES_KEY_LENGTH])
 {
     DES_key_schedule sched;