SPHINCS: strictly check integer conversions

crypto_sign/sphincs-shake256-128f-simple/clean/Makefile

@@ -5,7 +5,7 @@ LIB=libsphincs-shake256-128f-simple_clean.a
 HEADERS = params.h address.h wots.h utils.h fors.h api.h  hash.h thash.h
 OBJECTS =          address.o wots.o utils.o fors.o sign.o hash_shake256.o thash_shake256_simple.o
 
-CFLAGS=-Wall -Wextra -Wpedantic -Werror -std=c99 -I../../../common $(EXTRAFLAGS)
+CFLAGS=-Wall -Wconversion -Wextra -Wpedantic -Werror -std=c99 -I../../../common $(EXTRAFLAGS)
 
 all: $(LIB)
 

crypto_sign/sphincs-shake256-128f-simple/clean/fors.c

@@ -50,7 +50,7 @@ static void message_to_indices(uint32_t *indices, const unsigned char *m) {
     for (i = 0; i < SPX_FORS_TREES; i++) {
         indices[i] = 0;
         for (j = 0; j < SPX_FORS_HEIGHT; j++) {
-            indices[i] ^= ((m[offset >> 3] >> (offset & 0x7)) & 0x1) << j;
+            indices[i] ^= (((uint32_t)m[offset >> 3] >> (offset & 0x7)) & 0x1) << j;
             offset++;
         }
     }

crypto_sign/sphincs-shake256-128f-simple/clean/wots.c

@@ -53,12 +53,13 @@ static void gen_chain(unsigned char *out, const unsigned char *in,
  * Interprets an array of bytes as integers in base w.
  * This only works when log_w is a divisor of 8.
  */
-static void base_w(int *output, const int out_len, const unsigned char *input) {
+static void base_w(unsigned int *output, const size_t out_len,
-    int in = 0;
+                   const unsigned char *input) {
-    int out = 0;
+    size_t in = 0;
+    size_t out = 0;
     unsigned char total = 0;
-    int bits = 0;
+    unsigned int bits = 0;
-    int consumed;
+    size_t consumed;
 
     for (consumed = 0; consumed < out_len; consumed++) {
         if (bits == 0) {
@@ -73,8 +74,9 @@ static void base_w(int *output, const int out_len, const unsigned char *input) {
 }
 
 /* Computes the WOTS+ checksum over a message (in base_w). */
-static void wots_checksum(int *csum_base_w, const int *msg_base_w) {
+static void wots_checksum(unsigned int *csum_base_w,
-    int csum = 0;
+                          const unsigned int *msg_base_w) {
+    unsigned int csum = 0;
     unsigned char csum_bytes[(SPX_WOTS_LEN2 * SPX_WOTS_LOGW + 7) / 8];
     unsigned int i;
 
@@ -92,7 +94,7 @@ static void wots_checksum(int *csum_base_w, const int *msg_base_w) {
 }
 
 /* Takes a message and derives the matching chain lengths. */
-static void chain_lengths(int *lengths, const unsigned char *msg) {
+static void chain_lengths(unsigned int *lengths, const unsigned char *msg) {
     base_w(lengths, SPX_WOTS_LEN1, msg);
     wots_checksum(lengths + SPX_WOTS_LEN1, lengths);
 }
@@ -125,7 +127,7 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_wots_sign(
     unsigned char *sig, const unsigned char *msg,
     const unsigned char *sk_seed, const unsigned char *pub_seed,
     uint32_t addr[8]) {
-    int lengths[SPX_WOTS_LEN];
+    unsigned int lengths[SPX_WOTS_LEN];
     uint32_t i;
 
     chain_lengths(lengths, msg);
@@ -146,7 +148,7 @@ void PQCLEAN_SPHINCSSHAKE256128FSIMPLE_CLEAN_wots_pk_from_sig(
     unsigned char *pk,
     const unsigned char *sig, const unsigned char *msg,
     const unsigned char *pub_seed, uint32_t addr[8]) {
-    int lengths[SPX_WOTS_LEN];
+    unsigned int lengths[SPX_WOTS_LEN];
     uint32_t i;
 
     chain_lengths(lengths, msg);