Convert ssl_buffer, ssl_cert, and ssl_cipher to C++.

ssl_cipher required fixing the types of the cipher masks.

Bug: 132
Change-Id: I0428d853b25fe4674ac3cad87a8eb92c6c8659e3
Reviewed-on: https://boringssl-review.googlesource.com/17746
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

ssl/CMakeLists.txt

@@ -18,9 +18,9 @@ add_library(
   s3_pkt.cc
   ssl_aead_ctx.c
   ssl_asn1.cc
-  ssl_buffer.c
-  ssl_cert.c
-  ssl_cipher.c
+  ssl_buffer.cc
+  ssl_cert.cc
+  ssl_cipher.cc
   ssl_ecdh.c
   ssl_file.c
   ssl_lib.c

ssl/internal.h

@@ -217,38 +217,38 @@ uint16_t ssl3_protocol_version(const SSL *ssl);
 /* Cipher suites. */
 
 /* Bits for |algorithm_mkey| (key exchange algorithm). */
-#define SSL_kRSA 0x00000001L
-#define SSL_kECDHE 0x00000002L
+#define SSL_kRSA 0x00000001u
+#define SSL_kECDHE 0x00000002u
 /* SSL_kPSK is only set for plain PSK, not ECDHE_PSK. */
-#define SSL_kPSK 0x00000004L
-#define SSL_kGENERIC 0x00000008L
+#define SSL_kPSK 0x00000004u
+#define SSL_kGENERIC 0x00000008u
 
 /* Bits for |algorithm_auth| (server authentication). */
-#define SSL_aRSA 0x00000001L
-#define SSL_aECDSA 0x00000002L
+#define SSL_aRSA 0x00000001u
+#define SSL_aECDSA 0x00000002u
 /* SSL_aPSK is set for both PSK and ECDHE_PSK. */
-#define SSL_aPSK 0x00000004L
-#define SSL_aGENERIC 0x00000008L
+#define SSL_aPSK 0x00000004u
+#define SSL_aGENERIC 0x00000008u
 
 #define SSL_aCERT (SSL_aRSA | SSL_aECDSA)
 
 /* Bits for |algorithm_enc| (symmetric encryption). */
-#define SSL_3DES                 0x00000001L
-#define SSL_AES128               0x00000002L
-#define SSL_AES256               0x00000004L
-#define SSL_AES128GCM            0x00000008L
-#define SSL_AES256GCM            0x00000010L
-#define SSL_eNULL                0x00000020L
-#define SSL_CHACHA20POLY1305     0x00000040L
+#define SSL_3DES                 0x00000001u
+#define SSL_AES128               0x00000002u
+#define SSL_AES256               0x00000004u
+#define SSL_AES128GCM            0x00000008u
+#define SSL_AES256GCM            0x00000010u
+#define SSL_eNULL                0x00000020u
+#define SSL_CHACHA20POLY1305     0x00000040u
 
 #define SSL_AES (SSL_AES128 | SSL_AES256 | SSL_AES128GCM | SSL_AES256GCM)
 
 /* Bits for |algorithm_mac| (symmetric authentication). */
-#define SSL_SHA1 0x00000001L
-#define SSL_SHA256 0x00000002L
-#define SSL_SHA384 0x00000004L
+#define SSL_SHA1 0x00000001u
+#define SSL_SHA256 0x00000002u
+#define SSL_SHA384 0x00000004u
 /* SSL_AEAD is set for all AEADs. */
-#define SSL_AEAD 0x00000008L
+#define SSL_AEAD 0x00000008u
 
 /* Bits for |algorithm_prf| (handshake digest). */
 #define SSL_HANDSHAKE_MAC_DEFAULT 0x1

ssl/ssl_buffer.cc

@@ -47,7 +47,7 @@ static int ensure_buffer(SSL3_BUFFER *buf, size_t header_len, size_t cap) {
   }
 
   /* Add up to |SSL3_ALIGN_PAYLOAD| - 1 bytes of slack for alignment. */
-  uint8_t *new_buf = OPENSSL_malloc(cap + SSL3_ALIGN_PAYLOAD - 1);
+  uint8_t *new_buf = (uint8_t *)OPENSSL_malloc(cap + SSL3_ALIGN_PAYLOAD - 1);
   if (new_buf == NULL) {
     OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
     return 0;

ssl/ssl_cert.cc

@@ -132,7 +132,7 @@
 
 
 CERT *ssl_cert_new(const SSL_X509_METHOD *x509_method) {
-  CERT *ret = OPENSSL_malloc(sizeof(CERT));
+  CERT *ret = (CERT *)OPENSSL_malloc(sizeof(CERT));
   if (ret == NULL) {
     OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
     return NULL;
@@ -149,7 +149,7 @@ static CRYPTO_BUFFER *buffer_up_ref(CRYPTO_BUFFER *buffer) {
 }
 
 CERT *ssl_cert_dup(CERT *cert) {
-  CERT *ret = OPENSSL_malloc(sizeof(CERT));
+  CERT *ret = (CERT *)OPENSSL_malloc(sizeof(CERT));
   if (ret == NULL) {
     OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
     return NULL;
@@ -168,8 +168,8 @@ CERT *ssl_cert_dup(CERT *cert) {
   ret->x509_method = cert->x509_method;
 
   if (cert->sigalgs != NULL) {
-    ret->sigalgs =
-        BUF_memdup(cert->sigalgs, cert->num_sigalgs * sizeof(cert->sigalgs[0]));
+    ret->sigalgs = (uint16_t *)BUF_memdup(
+        cert->sigalgs, cert->num_sigalgs * sizeof(cert->sigalgs[0]));
     if (ret->sigalgs == NULL) {
       goto err;
     }
@@ -496,7 +496,8 @@ int ssl_add_cert_chain(SSL *ssl, CBB *cbb) {
 
   CBB certs;
   if (!CBB_add_u24_length_prefixed(cbb, &certs)) {
-    goto err;
+    OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
+    return 0;
   }
 
   STACK_OF(CRYPTO_BUFFER) *chain = ssl->cert->chain;
@@ -507,15 +508,12 @@ int ssl_add_cert_chain(SSL *ssl, CBB *cbb) {
         !CBB_add_bytes(&child, CRYPTO_BUFFER_data(buffer),
                        CRYPTO_BUFFER_len(buffer)) ||
         !CBB_flush(&certs)) {
-      goto err;
+      OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
+      return 0;
     }
   }
 
   return CBB_flush(cbb);
-
-err:
-  OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
-  return 0;
 }
 
 /* ssl_cert_skip_to_spki parses a DER-encoded, X.509 certificate from |in| and

ssl/ssl_cipher.cc

@@ -631,8 +631,8 @@ static const CIPHER_ALIAS kCipherAliases[] = {
 static const size_t kCipherAliasesLen = OPENSSL_ARRAY_SIZE(kCipherAliases);
 
 static int ssl_cipher_id_cmp(const void *in_a, const void *in_b) {
-  const SSL_CIPHER *a = in_a;
-  const SSL_CIPHER *b = in_b;
+  const SSL_CIPHER *a = reinterpret_cast<const SSL_CIPHER *>(in_a);
+  const SSL_CIPHER *b = reinterpret_cast<const SSL_CIPHER *>(in_b);
 
   if (a->id > b->id) {
     return 1;
@@ -647,8 +647,8 @@ const SSL_CIPHER *SSL_get_cipher_by_value(uint16_t value) {
   SSL_CIPHER c;
 
   c.id = 0x03000000L | value;
-  return bsearch(&c, kCiphers, kCiphersLen, sizeof(SSL_CIPHER),
-                 ssl_cipher_id_cmp);
+  return reinterpret_cast<const SSL_CIPHER *>(bsearch(
+      &c, kCiphers, kCiphersLen, sizeof(SSL_CIPHER), ssl_cipher_id_cmp));
 }
 
 int ssl_cipher_get_evp_aead(const EVP_AEAD **out_aead,
@@ -1001,7 +1001,7 @@ static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p,
     curr = curr->next;
   }
 
-  number_uses = OPENSSL_malloc((max_strength_bits + 1) * sizeof(int));
+  number_uses = (int *)OPENSSL_malloc((max_strength_bits + 1) * sizeof(int));
   if (!number_uses) {
     OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
     return 0;
@@ -1227,7 +1227,7 @@ int ssl_create_cipher_list(
   /* Now we have to collect the available ciphers from the compiled in ciphers.
    * We cannot get more than the number compiled in, so it is used for
    * allocation. */
-  co_list = OPENSSL_malloc(sizeof(CIPHER_ORDER) * kCiphersLen);
+  co_list = (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * kCiphersLen);
   if (co_list == NULL) {
     OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
     return 0;
@@ -1314,7 +1314,7 @@ int ssl_create_cipher_list(
     goto err;
   }
 
-  in_group_flags = OPENSSL_malloc(kCiphersLen);
+  in_group_flags = (uint8_t *)OPENSSL_malloc(kCiphersLen);
   if (!in_group_flags) {
     goto err;
   }
@@ -1332,12 +1332,13 @@ int ssl_create_cipher_list(
   OPENSSL_free(co_list); /* Not needed any longer */
   co_list = NULL;
 
-  pref_list = OPENSSL_malloc(sizeof(struct ssl_cipher_preference_list_st));
+  pref_list = (ssl_cipher_preference_list_st *)OPENSSL_malloc(
+      sizeof(struct ssl_cipher_preference_list_st));
   if (!pref_list) {
     goto err;
   }
   pref_list->ciphers = cipherstack;
-  pref_list->in_group_flags = OPENSSL_malloc(num_in_group_flags);
+  pref_list->in_group_flags = (uint8_t *)OPENSSL_malloc(num_in_group_flags);
   if (!pref_list->in_group_flags) {
     goto err;
   }
@@ -1672,7 +1673,7 @@ const char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf,
 
   if (buf == NULL) {
     len = 128;
-    buf = OPENSSL_malloc(len);
+    buf = (char *)OPENSSL_malloc(len);
     if (buf == NULL) {
       return NULL;
     }