build: avoid -Wenum-conversion warnings with GCC 10

Signed-off-by: Daiki Ueno <ueno@gnu.org>

diff --git a/lib/algorithms.h b/lib/algorithms.h
index 9cdb3abf7a8984cdafe3c0281c9f2f45ae17a7fa..7a051b6365907f87a5ea57e62b609b5e3d6f0ee4 100644 (file)
--- a/lib/algorithms.h
+++ b/lib/algorithms.h
@@ -174,11 +174,24 @@ inline static int _gnutls_mac_get_key_size(const mac_entry_st * e)
                return e->key_size;
 }
 
+inline static gnutls_digest_algorithm_t
+_gnutls_mac_to_dig(gnutls_mac_algorithm_t mac)
+{
+       if (unlikely(mac >= GNUTLS_MAC_AEAD))
+               return GNUTLS_DIG_UNKNOWN;
+
+       return (gnutls_digest_algorithm_t)mac;
+}
+
+#define MAC_TO_DIG(mac) _gnutls_mac_to_dig(mac)
+
 /* Functions for digests. */
 #define _gnutls_x509_digest_to_oid _gnutls_x509_mac_to_oid
 #define _gnutls_digest_get_name _gnutls_mac_get_name
 #define _gnutls_hash_get_algo_len _gnutls_mac_get_algo_len
 
+#define DIG_TO_MAC(dig) (gnutls_mac_algorithm_t)(dig)
+
 /* Security against pre-image attacks */
 inline static int _gnutls_digest_is_secure(const mac_entry_st * e)
 {

diff --git a/lib/algorithms/sign.c b/lib/algorithms/sign.c
index 0d8d1a89c98de4d514951a500af007f79a044ad2..2728a54478af17ca41f1e0ad489330493992f1fe 100644 (file)
--- a/lib/algorithms/sign.c
+++ b/lib/algorithms/sign.c
@@ -797,7 +797,7 @@ _gnutls_sign_get_hash_strength(gnutls_sign_algorithm_t sign)
        if (unlikely(se == NULL))
                return 0;
 
-       me = mac_to_entry(se->hash);
+       me = hash_to_entry(se->hash);
        if (unlikely(me == NULL))
                return 0;
 

diff --git a/lib/crypto-api.c b/lib/crypto-api.c
index adef4bee7b188931e964a9fac20c796bb7517c5c..bd600ef1667fa322e936f70963f6ce619301ece3 100644 (file)
--- a/lib/crypto-api.c
+++ b/lib/crypto-api.c
@@ -588,7 +588,7 @@ int
 gnutls_hash_init(gnutls_hash_hd_t * dig,
                 gnutls_digest_algorithm_t algorithm)
 {
-       if (is_mac_algo_forbidden(algorithm))
+       if (is_mac_algo_forbidden(DIG_TO_MAC(algorithm)))
                return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
 
        *dig = gnutls_malloc(sizeof(digest_hd_st));
@@ -684,7 +684,7 @@ int
 gnutls_hash_fast(gnutls_digest_algorithm_t algorithm,
                 const void *ptext, size_t ptext_len, void *digest)
 {
-       if (is_mac_algo_forbidden(algorithm))
+       if (is_mac_algo_forbidden(DIG_TO_MAC(algorithm)))
                return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
 
        return _gnutls_hash_fast(algorithm, ptext, ptext_len, digest);

diff --git a/lib/hash_int.c b/lib/hash_int.c
index 8c528d5f9034117f33be416078a4b2b5e2b6b83c..59eddeba37b72fd76360602f223e0ead0b9a4526 100644 (file)
--- a/lib/hash_int.c
+++ b/lib/hash_int.c
@@ -80,7 +80,7 @@ int _gnutls_digest_exists(gnutls_digest_algorithm_t algo)
 {
        const gnutls_crypto_digest_st *cc = NULL;
 
-       if (is_mac_algo_forbidden(algo))
+       if (is_mac_algo_forbidden(DIG_TO_MAC(algo)))
                return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
 
        cc = _gnutls_get_crypto_digest(algo);

diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c
index ccf403b007d74019b1e02bad6a70b6ba315224d5..57a8560edec97595e70e1b65b027f6bcca7d41c9 100644 (file)
--- a/lib/nettle/pk.c
+++ b/lib/nettle/pk.c
@@ -917,7 +917,7 @@ _wrap_nettle_pk_sign(gnutls_pk_algorithm_t algo,
 
                        /* This call will return a valid MAC entry and
                         * getters will check that is not null anyway. */
-                       me = mac_to_entry(_gnutls_gost_digest(pk_params->algo));
+                       me = hash_to_entry(_gnutls_gost_digest(pk_params->algo));
                        if (_gnutls_mac_get_algo_len(me) != vdata->size) {
                                gnutls_assert();
                                _gnutls_debug_log
@@ -987,7 +987,7 @@ _wrap_nettle_pk_sign(gnutls_pk_algorithm_t algo,
                                ret = _gnutls_ecdsa_compute_k(k,
                                                              curve_id,
                                                              pk_params->params[ECC_K],
-                                                             sign_params->dsa_dig,
+                                                             DIG_TO_MAC(sign_params->dsa_dig),
                                                              vdata->data,
                                                              vdata->size);
                                if (ret < 0)
@@ -1056,7 +1056,7 @@ _wrap_nettle_pk_sign(gnutls_pk_algorithm_t algo,
                                ret = _gnutls_dsa_compute_k(k,
                                                            pub.q,
                                                            TOMPZ(priv),
-                                                           sign_params->dsa_dig,
+                                                           DIG_TO_MAC(sign_params->dsa_dig),
                                                            vdata->data,
                                                            vdata->size);
                                if (ret < 0)
@@ -1312,7 +1312,7 @@ _wrap_nettle_pk_verify(gnutls_pk_algorithm_t algo,
 
                        /* This call will return a valid MAC entry and
                         * getters will check that is not null anyway. */
-                       me = mac_to_entry(_gnutls_gost_digest(pk_params->algo));
+                       me = hash_to_entry(_gnutls_gost_digest(pk_params->algo));
                        if (_gnutls_mac_get_algo_len(me) != vdata->size)
                                return gnutls_assert_val(GNUTLS_E_PK_SIG_VERIFY_FAILED);
 

diff --git a/lib/tls-sig.c b/lib/tls-sig.c
index 779e02c18f09820535e986f7a360b4c410584a86..7d2b04323e0edf01906b8353e17b64a44ef934f2 100644 (file)
--- a/lib/tls-sig.c
+++ b/lib/tls-sig.c
@@ -160,7 +160,7 @@ _gnutls_handshake_sign_data10(gnutls_session_t session,
        dconcat.data = concat;
        dconcat.size = _gnutls_hash_get_algo_len(me);
 
-       ret = gnutls_privkey_sign_hash(pkey, me->id, GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA,
+       ret = gnutls_privkey_sign_hash(pkey, MAC_TO_DIG(me->id), GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA,
                                       &dconcat, signature);
        if (ret < 0) {
                gnutls_assert();
@@ -788,7 +788,7 @@ _gnutls_handshake_sign_crt_vrfy10(gnutls_session_t session,
        dconcat.data = concat;
        dconcat.size = _gnutls_hash_get_algo_len(me);
 
-       ret = gnutls_privkey_sign_hash(pkey, me->id, GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA,
+       ret = gnutls_privkey_sign_hash(pkey, MAC_TO_DIG(me->id), GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA,
                                       &dconcat, signature);
        if (ret < 0) {
                gnutls_assert();

diff --git a/lib/tls13-sig.c b/lib/tls13-sig.c
index e15d8305e285f70c69cdfc218347f1d77605f046..b14390e3536087e4d6161447acb88d1f836b6028 100644 (file)
--- a/lib/tls13-sig.c
+++ b/lib/tls13-sig.c
@@ -104,7 +104,7 @@ _gnutls13_handshake_verify_data(gnutls_session_t session,
                goto cleanup;
        }
 
-       ret = gnutls_hash_fast(session->security_parameters.prf->id,
+       ret = gnutls_hash_fast(MAC_TO_DIG(session->security_parameters.prf->id),
                               session->internals.handshake_hash_buffer.data,
                               session->internals.handshake_hash_buffer_prev_len,
                               prefix);
@@ -186,7 +186,7 @@ _gnutls13_handshake_sign_data(gnutls_session_t session,
                goto cleanup;
        }
 
-       ret = gnutls_hash_fast(session->security_parameters.prf->id,
+       ret = gnutls_hash_fast(MAC_TO_DIG(session->security_parameters.prf->id),
                               session->internals.handshake_hash_buffer.data,
                               session->internals.handshake_hash_buffer.length,
                               tmp);

diff --git a/lib/tls13/finished.c b/lib/tls13/finished.c
index 35ab87f9afd11a35181d53593d34028c0f9b5fef..68eab993ea595bca988287457d9877743ab42f7c 100644 (file)
--- a/lib/tls13/finished.c
+++ b/lib/tls13/finished.c
@@ -45,7 +45,7 @@ int _gnutls13_compute_finished(const mac_entry_st *prf,
        if (ret < 0)
                return gnutls_assert_val(ret);
 
-       ret = gnutls_hash_fast(prf->id,
+       ret = gnutls_hash_fast(MAC_TO_DIG(prf->id),
                               handshake_hash_buffer->data,
                               handshake_hash_buffer->length,
                               ts_hash);

diff --git a/lib/x509/pkcs12.c b/lib/x509/pkcs12.c
index cdb284026a355d9161ab8866722e870e8813a839..2dc082390576cfda99ccaa623a638ba18d7b5156 100644 (file)
--- a/lib/x509/pkcs12.c
+++ b/lib/x509/pkcs12.c
@@ -1098,7 +1098,7 @@ int gnutls_pkcs12_verify_mac(gnutls_pkcs12_t pkcs12, const char *pass)
                return _gnutls_asn2err(result);
        }
 
-       algo = gnutls_oid_to_digest(oid);
+       algo = DIG_TO_MAC(gnutls_oid_to_digest(oid));
        if (algo == GNUTLS_MAC_UNKNOWN) {
  unknown_mac:
                gnutls_assert();
@@ -1970,7 +1970,7 @@ gnutls_pkcs12_mac_info(gnutls_pkcs12_t pkcs12, unsigned int *mac,
                *oid = (char*)tmp.data;
        }
 
-       algo = gnutls_oid_to_digest((char*)tmp.data);
+       algo = DIG_TO_MAC(gnutls_oid_to_digest((char*)tmp.data));
        if (algo == GNUTLS_MAC_UNKNOWN || mac_to_entry(algo) == NULL) {
                gnutls_assert();
                return GNUTLS_E_UNKNOWN_HASH_ALGORITHM;

diff --git a/lib/x509/pkcs7.c b/lib/x509/pkcs7.c
index 98669e88797f2a521d492f8c81a7d17c0d6d5edc..0ff55ba04b73ebfb68dad4712d407dc9de120b34 100644 (file)
--- a/lib/x509/pkcs7.c
+++ b/lib/x509/pkcs7.c
@@ -2277,7 +2277,7 @@ static int write_attributes(ASN1_TYPE c2, const char *root,
                /* If we add any attribute we should add them all */
                /* Add hash */
                digest_size = _gnutls_hash_get_algo_len(me);
-               ret = gnutls_hash_fast(me->id, data->data, data->size, digest);
+               ret = gnutls_hash_fast(MAC_TO_DIG(me->id), data->data, data->size, digest);
                if (ret < 0) {
                        gnutls_assert();
                        return ret;

diff --git a/src/certtool.c b/src/certtool.c
index 0e24ac82816e7cc923efb8fd075adb0e7a282333..6bdfe376b1956770da304dba26e031a0b9e1117a 100644 (file)
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -1426,9 +1426,9 @@ static void cmd_parser(int argc, char **argv)
 
        if (HAVE_OPT(VERIFY_PROFILE)) {
                if (strcasecmp(OPT_ARG(VERIFY_PROFILE), "none")) {
-                       cinfo.verification_profile = GNUTLS_PROFILE_UNKNOWN;
+                       cinfo.verification_profile = (gnutls_sec_param_t)GNUTLS_PROFILE_UNKNOWN;
                } else {
-                       cinfo.verification_profile = gnutls_certificate_verification_profile_get_id(OPT_ARG(VERIFY_PROFILE));
+                       cinfo.verification_profile = (gnutls_sec_param_t)gnutls_certificate_verification_profile_get_id(OPT_ARG(VERIFY_PROFILE));
                }
        } else if (!HAVE_OPT(VERIFY_ALLOW_BROKEN)) {
                if (HAVE_OPT(VERIFY_CHAIN) || HAVE_OPT(VERIFY)) {
@@ -2956,7 +2956,7 @@ void generate_pkcs12(common_info_st * cinfo)
        }
 
        if (cinfo->hash != GNUTLS_DIG_UNKNOWN)
-               mac = cinfo->hash;
+               mac = (gnutls_mac_algorithm_t)cinfo->hash;
        else
                mac = GNUTLS_MAC_SHA1;
 

diff --git a/tests/slow/hash-large.c b/tests/slow/hash-large.c
index 33dc1df0daaf3cd685344b79b6d117f8f092717b..71312ef3695bd38040d0ac3f5e36dd2dbb2bf527 100644 (file)
--- a/tests/slow/hash-large.c
+++ b/tests/slow/hash-large.c
@@ -139,7 +139,7 @@ void doit(void)
        /* SHA1 */
 
        err =
-           gnutls_hash_fast(GNUTLS_MAC_SHA1, buf, size,
+           gnutls_hash_fast(GNUTLS_DIG_SHA1, buf, size,
                             digest);
        if (err < 0)
                fail("gnutls_hash_fast(SHA1) failed: %d\n", err);