From: Tomas Mraz <tomas@openssl.org>
Date: Tue, 17 Jun 2025 17:37:05 +0000 (+0200)
Subject: engines: Silence warnings on Win64 builds
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a0fcbcb282ca934bc2fb05059b65dc6ee74966ee;p=thirdparty%2Fopenssl.git

engines: Silence warnings on Win64 builds

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27806)
---

diff --git a/engines/e_loader_attic.c b/engines/e_loader_attic.c
index cef313a137b..a3fdf14c1d9 100644
--- a/engines/e_loader_attic.c
+++ b/engines/e_loader_attic.c
@@ -71,7 +71,7 @@ static char *file_get_pass(const UI_METHOD *ui_method, char *pass,
         ATTICerr(0, ERR_R_UI_LIB);
         pass = NULL;
     } else if (UI_add_input_string(ui, prompt, UI_INPUT_FLAG_DEFAULT_PWD,
-                                    pass, 0, maxsize - 1) <= 0) {
+                                    pass, 0, (int)(maxsize - 1)) <= 0) {
         ATTICerr(0, ERR_R_UI_LIB);
         pass = NULL;
     } else {
@@ -122,7 +122,7 @@ static int file_get_pem_pass(char *buf, int num, int w, void *data)
                                pass_data->prompt_desc, pass_data->prompt_info,
                                pass_data->data);
 
-    return pass == NULL ? 0 : strlen(pass);
+    return pass == NULL ? 0 : (int)strlen(pass);
 }
 
 /*
@@ -133,8 +133,8 @@ static int file_get_pem_pass(char *buf, int num, int w, void *data)
  */
 static int check_suffix(const char *str, const char *suffix)
 {
-    int str_len = strlen(str);
-    int suffix_len = strlen(suffix) + 1;
+    int str_len = (int)strlen(str);
+    int suffix_len = (int)(strlen(suffix) + 1);
     const char *p = NULL;
 
     if (suffix_len >= str_len)
@@ -143,7 +143,7 @@ static int check_suffix(const char *str, const char *suffix)
     if (*p != ' '
         || strcmp(p + 1, suffix) != 0)
         return -1;
-    return p - str;
+    return (int)(p - str);
 }
 
 /*
@@ -307,11 +307,11 @@ static OSSL_STORE_INFO *try_decode_PKCS12(const char *pem_name,
         /* Initial parsing */
         PKCS12 *p12;
 
-        if (pem_name != NULL)
+        if (pem_name != NULL || len > LONG_MAX)
             /* No match, there is no PEM PKCS12 tag */
             return NULL;
 
-        if ((p12 = d2i_PKCS12(NULL, &blob, len)) != NULL) {
+        if ((p12 = d2i_PKCS12(NULL, &blob, (long)len)) != NULL) {
             char *pass = NULL;
             char tpass[PEM_BUFSIZE];
             EVP_PKEY *pkey = NULL;
@@ -331,7 +331,7 @@ static OSSL_STORE_INFO *try_decode_PKCS12(const char *pem_name,
                     ATTICerr(0, ATTIC_R_PASSPHRASE_CALLBACK_ERROR);
                     goto p12_end;
                 }
-                if (!PKCS12_verify_mac(p12, pass, strlen(pass))) {
+                if (!PKCS12_verify_mac(p12, pass, (int)strlen(pass))) {
                     ATTICerr(0, ATTIC_R_ERROR_VERIFYING_PKCS12_MAC);
                     goto p12_end;
                 }
@@ -452,7 +452,7 @@ static OSSL_STORE_INFO *try_decode_PKCS8Encrypted(const char *pem_name,
         *matchcount = 1;
     }
 
-    if ((p8 = d2i_X509_SIG(NULL, &blob, len)) == NULL)
+    if (len > LONG_MAX || (p8 = d2i_X509_SIG(NULL, &blob, (long)len)) == NULL)
         return NULL;
 
     *matchcount = 1;
@@ -470,7 +470,8 @@ static OSSL_STORE_INFO *try_decode_PKCS8Encrypted(const char *pem_name,
     }
 
     X509_SIG_get0(p8, &dalg, &doct);
-    if (!PKCS12_pbe_crypt(dalg, pass, strlen(pass), doct->data, doct->length,
+    if (!PKCS12_pbe_crypt(dalg, pass, (int)strlen(pass),
+                          doct->data, doct->length,
                           &new_data, &new_data_len, 0))
         goto nop8;
 
@@ -516,10 +517,12 @@ static OSSL_STORE_INFO *try_decode_PrivateKey(const char *pem_name,
     EVP_PKEY *pkey = NULL;
     const EVP_PKEY_ASN1_METHOD *ameth = NULL;
 
+    if (len > LONG_MAX)
+        return NULL;
     if (pem_name != NULL) {
         if (strcmp(pem_name, PEM_STRING_PKCS8INF) == 0) {
             PKCS8_PRIV_KEY_INFO *p8inf =
-                d2i_PKCS8_PRIV_KEY_INFO(NULL, &blob, len);
+                d2i_PKCS8_PRIV_KEY_INFO(NULL, &blob, (long)len);
 
             *matchcount = 1;
             if (p8inf != NULL)
@@ -535,7 +538,7 @@ static OSSL_STORE_INFO *try_decode_PrivateKey(const char *pem_name,
                 && EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL,
                                            ameth)) {
                 *matchcount = 1;
-                pkey = d2i_PrivateKey_ex(pkey_id, NULL, &blob, len,
+                pkey = d2i_PrivateKey_ex(pkey_id, NULL, &blob, (long)len,
                                          libctx, propq);
             }
         }
@@ -567,7 +570,7 @@ static OSSL_STORE_INFO *try_decode_PrivateKey(const char *pem_name,
 
                     ERR_set_mark(); /* prevent flooding error queue */
                     tmp_pkey = d2i_PrivateKey_ex(pkey_id, NULL,
-                                                 &tmp_blob, len,
+                                                 &tmp_blob, (long)len,
                                                  libctx, propq);
                     if (tmp_pkey != NULL) {
                         if (pkey != NULL)
@@ -595,7 +598,7 @@ static OSSL_STORE_INFO *try_decode_PrivateKey(const char *pem_name,
                 continue;
 
             ERR_set_mark(); /* prevent flooding error queue */
-            tmp_pkey = d2i_PrivateKey_ex(pkey_id, NULL, &tmp_blob, len,
+            tmp_pkey = d2i_PrivateKey_ex(pkey_id, NULL, &tmp_blob, (long)len,
                                          libctx, propq);
             if (tmp_pkey != NULL) {
                 if (pkey != NULL)
@@ -651,7 +654,7 @@ static OSSL_STORE_INFO *try_decode_PUBKEY(const char *pem_name,
         *matchcount = 1;
     }
 
-    if ((pkey = d2i_PUBKEY(NULL, &blob, len)) != NULL) {
+    if (len > LONG_MAX || (pkey = d2i_PUBKEY(NULL, &blob, (long)len)) != NULL) {
         *matchcount = 1;
         store_info = OSSL_STORE_INFO_new_PUBKEY(pkey);
     }
@@ -681,6 +684,8 @@ static OSSL_STORE_INFO *try_decode_params(const char *pem_name,
     EVP_PKEY *pkey = NULL;
     const EVP_PKEY_ASN1_METHOD *ameth = NULL;
 
+    if (len > LONG_MAX)
+        return NULL;
     if (pem_name != NULL) {
         int slen;
         int pkey_id;
@@ -690,7 +695,7 @@ static OSSL_STORE_INFO *try_decode_params(const char *pem_name,
             && EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL,
                                        ameth)) {
             *matchcount = 1;
-            pkey = d2i_KeyParams(pkey_id, NULL, &blob, len);
+            pkey = d2i_KeyParams(pkey_id, NULL, &blob, (long)len);
         }
     } else {
         int i;
@@ -708,7 +713,7 @@ static OSSL_STORE_INFO *try_decode_params(const char *pem_name,
 
             ERR_set_mark(); /* prevent flooding error queue */
 
-            tmp_pkey = d2i_KeyParams(pkey_id, NULL, &tmp_blob, len);
+            tmp_pkey = d2i_KeyParams(pkey_id, NULL, &tmp_blob, (long)len);
 
             if (tmp_pkey != NULL) {
                 if (pkey != NULL)
@@ -767,6 +772,8 @@ static OSSL_STORE_INFO *try_decode_X509Certificate(const char *pem_name,
      */
     int ignore_trusted = 1;
 
+    if (len > LONG_MAX)
+        return NULL;
     if (pem_name != NULL) {
         if (strcmp(pem_name, PEM_STRING_X509_TRUSTED) == 0)
             ignore_trusted = 0;
@@ -781,8 +788,8 @@ static OSSL_STORE_INFO *try_decode_X509Certificate(const char *pem_name,
     if (cert == NULL)
         return NULL;
 
-    if ((d2i_X509_AUX(&cert, &blob, len)) != NULL
-        || (ignore_trusted && (d2i_X509(&cert, &blob, len)) != NULL)) {
+    if ((d2i_X509_AUX(&cert, &blob, (long)len)) != NULL
+        || (ignore_trusted && (d2i_X509(&cert, &blob, (long)len)) != NULL)) {
         *matchcount = 1;
         store_info = OSSL_STORE_INFO_new_CERT(cert);
     }
@@ -814,6 +821,8 @@ static OSSL_STORE_INFO *try_decode_X509CRL(const char *pem_name,
     OSSL_STORE_INFO *store_info = NULL;
     X509_CRL *crl = NULL;
 
+    if (len > LONG_MAX)
+        return NULL;
     if (pem_name != NULL) {
         if (strcmp(pem_name, PEM_STRING_X509_CRL) != 0)
             /* No match */
@@ -821,7 +830,7 @@ static OSSL_STORE_INFO *try_decode_X509CRL(const char *pem_name,
         *matchcount = 1;
     }
 
-    if ((crl = d2i_X509_CRL(NULL, &blob, len)) != NULL) {
+    if ((crl = d2i_X509_CRL(NULL, &blob, (long)len)) != NULL) {
         *matchcount = 1;
         store_info = OSSL_STORE_INFO_new_CRL(crl);
     }
@@ -1404,8 +1413,8 @@ static int file_name_to_uri(OSSL_STORE_LOADER_CTX *ctx, const char *name,
     assert(data != NULL);
     {
         const char *pathsep = ossl_ends_with_dirsep(ctx->uri) ? "" : "/";
-        long calculated_length = strlen(ctx->uri) + strlen(pathsep)
-            + strlen(name) + 1 /* \0 */;
+        long calculated_length = (long)(strlen(ctx->uri) + strlen(pathsep)
+            + strlen(name) + 1 /* \0 */);
 
         *data = OPENSSL_zalloc(calculated_length);
         if (*data == NULL)
diff --git a/engines/e_ossltest.c b/engines/e_ossltest.c
index 19dda64d1f5..de4e640ff7c 100644
--- a/engines/e_ossltest.c
+++ b/engines/e_ossltest.c
@@ -749,7 +749,7 @@ static int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
         memcpy(out, tmpbuf, inl);
     OPENSSL_free(tmpbuf);
 
-    return inl;
+    return (int)inl;
 }
 
 static int ossltest_aes128_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
@@ -817,7 +817,7 @@ static int ossltest_aes128_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx,
 
             /* pad the payload|hmac */
             plen += SHA_DIGEST_LENGTH;
-            for (l = len - plen - 1; plen < len; plen++)
+            for (l = (unsigned int)(len - plen - 1); plen < len; plen++)
                 out[plen] = l;
         }
     } else {
@@ -840,7 +840,7 @@ static int ossltest_aes128_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx,
 
             /* figure out payload length */
             pad = out[len - 1];
-            maxpad = len - (SHA_DIGEST_LENGTH + 1);
+            maxpad = (unsigned int)(len - (SHA_DIGEST_LENGTH + 1));
             if (pad > maxpad)
                 return 0;
             for (plen = len - pad - 1; plen < len; plen++)
diff --git a/engines/e_padlock.c b/engines/e_padlock.c
index 7e0cfc21fc9..2335bd29b7c 100644
--- a/engines/e_padlock.c
+++ b/engines/e_padlock.c
@@ -373,7 +373,7 @@ padlock_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
 
         out_arg += chunk;
         in_arg += chunk;
-        EVP_CIPHER_CTX_set_num(ctx, nbytes);
+        EVP_CIPHER_CTX_set_num(ctx, (int)nbytes);
         if (cdata->cword.b.encdec) {
             cdata->cword.b.encdec = 0;
             padlock_reload_key();
@@ -441,7 +441,7 @@ padlock_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
 
         out_arg += chunk;
         in_arg += chunk;
-        EVP_CIPHER_CTX_set_num(ctx, nbytes);
+        EVP_CIPHER_CTX_set_num(ctx, (int)nbytes);
         padlock_reload_key();   /* empirically found */
         padlock_aes_block(ivp, ivp, cdata);
         padlock_reload_key();   /* empirically found */