From 3144d92ab8550ada6f0a9ddf40ef4a07d6ef52ab Mon Sep 17 00:00:00 2001 From: David Benjamin Date: Tue, 2 Jan 2018 15:05:45 -0500 Subject: [PATCH] Add some missing array parameter length annotations. Not that anything checks them... Change-Id: Iae1b5dbdb3c20a9ebd841bcd32cc5c725c68eb01 Reviewed-on: https://boringssl-review.googlesource.com/24524 Commit-Queue: Adam Langley Reviewed-by: Adam Langley CQ-Verified: CQ bot account: commit-bot@chromium.org --- third_party/fiat/curve25519.c | 16 ++++++++-------- third_party/fiat/internal.h | 4 ++-- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/third_party/fiat/curve25519.c b/third_party/fiat/curve25519.c index 92a965a9..1374a77f 100644 --- a/third_party/fiat/curve25519.c +++ b/third_party/fiat/curve25519.c @@ -122,7 +122,7 @@ static void fe_frombytes(fe *h, const uint8_t *s) { // // Have q+2^(-255)x = 2^(-255)(h + 19 2^(-25) h9 + 2^(-1)) // so floor(2^(-255)(h + 19 2^(-25) h9 + 2^(-1))) = q. -static void fe_tobytes_impl(uint8_t *s, const uint32_t h[10]) { +static void fe_tobytes_impl(uint8_t s[32], const uint32_t h[10]) { assert_fe_loose(h); int32_t h0 = h[0]; int32_t h1 = h[1]; @@ -203,11 +203,11 @@ static void fe_tobytes_impl(uint8_t *s, const uint32_t h[10]) { s[31] = h9 >> 18; } -static void fe_tobytes(uint8_t *s, const fe *h) { +static void fe_tobytes(uint8_t s[32], const fe *h) { fe_tobytes_impl(s, h->v); } -static void fe_loose_tobytes(uint8_t *s, const fe_loose *h) { +static void fe_loose_tobytes(uint8_t s[32], const fe_loose *h) { fe_tobytes_impl(s, h->v); } @@ -995,7 +995,7 @@ static void fe_pow22523(fe *out, const fe *z) { fe_mul_ttt(out, &t0, z); } -void x25519_ge_tobytes(uint8_t *s, const ge_p2 *h) { +void x25519_ge_tobytes(uint8_t s[32], const ge_p2 *h) { fe recip; fe x; fe y; @@ -1007,7 +1007,7 @@ void x25519_ge_tobytes(uint8_t *s, const ge_p2 *h) { s[31] ^= fe_isnegative(&x) << 7; } -static void ge_p3_tobytes(uint8_t *s, const ge_p3 *h) { +static void ge_p3_tobytes(uint8_t s[32], const ge_p3 *h) { fe recip; fe x; fe y; @@ -3848,7 +3848,7 @@ static void ge_double_scalarmult_vartime(ge_p2 *r, const uint8_t *a, // s[0]+256*s[1]+...+256^31*s[31] = s mod l // where l = 2^252 + 27742317777372353535851937790883648493. // Overwrites s in place. -void x25519_sc_reduce(uint8_t *s) { +void x25519_sc_reduce(uint8_t s[64]) { int64_t s0 = 2097151 & load_3(s); int64_t s1 = 2097151 & (load_4(s + 2) >> 5); int64_t s2 = 2097151 & (load_3(s + 5) >> 2); @@ -4676,8 +4676,8 @@ void ED25519_keypair(uint8_t out_public_key[32], uint8_t out_private_key[64]) { ED25519_keypair_from_seed(out_public_key, out_private_key, seed); } -int ED25519_sign(uint8_t *out_sig, const uint8_t *message, size_t message_len, - const uint8_t private_key[64]) { +int ED25519_sign(uint8_t out_sig[64], const uint8_t *message, + size_t message_len, const uint8_t private_key[64]) { uint8_t az[SHA512_DIGEST_LENGTH]; SHA512(private_key, 32, az); diff --git a/third_party/fiat/internal.h b/third_party/fiat/internal.h index 10218e06..54a93a56 100644 --- a/third_party/fiat/internal.h +++ b/third_party/fiat/internal.h @@ -101,7 +101,7 @@ typedef struct { fe_loose T2d; } ge_cached; -void x25519_ge_tobytes(uint8_t *s, const ge_p2 *h); +void x25519_ge_tobytes(uint8_t s[32], const ge_p2 *h); int x25519_ge_frombytes_vartime(ge_p3 *h, const uint8_t *s); void x25519_ge_p3_to_cached(ge_cached *r, const ge_p3 *p); void x25519_ge_p1p1_to_p2(ge_p2 *r, const ge_p1p1 *p); @@ -112,7 +112,7 @@ void x25519_ge_scalarmult_small_precomp( ge_p3 *h, const uint8_t a[32], const uint8_t precomp_table[15 * 2 * 32]); void x25519_ge_scalarmult_base(ge_p3 *h, const uint8_t a[32]); void x25519_ge_scalarmult(ge_p2 *r, const uint8_t *scalar, const ge_p3 *A); -void x25519_sc_reduce(uint8_t *s); +void x25519_sc_reduce(uint8_t s[64]); enum spake2_state_t { spake2_state_init = 0,