diff --git a/.github/workflows/cmake.yml b/.github/workflows/cmake.yml index d85557df9..0f87cbf05 100644 --- a/.github/workflows/cmake.yml +++ b/.github/workflows/cmake.yml @@ -16,8 +16,6 @@ jobs: os: [ubuntu-latest, macos-latest, windows-latest] crypto: [internal, openssl, openssl3, wolfssl, nss, mbedtls] exclude: - - os: windows-latest - crypto: openssl - os: windows-latest crypto: wolfssl - os: windows-latest diff --git a/.github/workflows/ios.yml b/.github/workflows/ios.yml new file mode 100644 index 000000000..5dd50e30b --- /dev/null +++ b/.github/workflows/ios.yml @@ -0,0 +1,31 @@ +name: IOS CI + +on: + push: + branches: [ main ] + pull_request: + branches: [ main ] + +jobs: + build: + strategy: + fail-fast: false + + runs-on: macos-latest + + steps: + + - uses: actions/checkout@v2 + + - name: Create Build Environment + run: cmake -E make_directory ${{github.workspace}}/build + + - name: Configure CMake + working-directory: ${{github.workspace}}/build + shell: bash + run: cmake $GITHUB_WORKSPACE -GXcode -DCMAKE_SYSTEM_NAME=iOS + + - name: Build + working-directory: ${{github.workspace}}/build + shell: bash + run: cmake --build . --target srtp3 -- -sdk iphonesimulator diff --git a/cmake/Warnings.cmake b/cmake/Warnings.cmake index 4383aed6e..9580d39ef 100644 --- a/cmake/Warnings.cmake +++ b/cmake/Warnings.cmake @@ -31,7 +31,7 @@ function(target_set_warnings) # /w14906 # string literal cast to 'LPWSTR' ) - set(CLANG_WARNINGS + set(COMMON_WARNINGS # Baseline -Wall -Wextra # reasonable and standard @@ -48,8 +48,13 @@ function(target_set_warnings) -Wcast-qual ) + set(CLANG_WARNINGS + ${COMMON_WARNINGS} + -Wshorten-64-to-32 + ) + set(GCC_WARNINGS - ${CLANG_WARNINGS} + ${COMMON_WARNINGS} -Wduplicated-cond # warn if if / else chain has duplicated conditions -Wduplicated-branches # warn if if / else branches have duplicated code -Wlogical-op # warn about logical operations being used where bitwise were probably wanted diff --git a/crypto/cipher/aes_gcm_mbedtls.c b/crypto/cipher/aes_gcm_mbedtls.c index 285c3680d..03b894072 100644 --- a/crypto/cipher/aes_gcm_mbedtls.c +++ b/crypto/cipher/aes_gcm_mbedtls.c @@ -281,7 +281,7 @@ static srtp_err_status_t srtp_aes_gcm_mbedtls_context_init(void *cv, debug_print(srtp_mod_aes_gcm, "key: %s", srtp_octet_string_hex_string(key, c->key_size)); - key_len_in_bits = (c->key_size << 3); + key_len_in_bits = (uint32_t)(c->key_size << 3); switch (c->key_size) { case SRTP_AES_256_KEY_LEN: case SRTP_AES_128_KEY_LEN: diff --git a/crypto/cipher/aes_gcm_nss.c b/crypto/cipher/aes_gcm_nss.c index d70386d0f..a07e0646c 100644 --- a/crypto/cipher/aes_gcm_nss.c +++ b/crypto/cipher/aes_gcm_nss.c @@ -56,6 +56,7 @@ #include "cipher_test_cases.h" #include #include +#include srtp_debug_module_t srtp_mod_aes_gcm = { false, /* debugging is off by default */ @@ -215,7 +216,7 @@ static srtp_err_status_t srtp_aes_gcm_nss_context_init(void *cv, /* explicitly cast away const of key */ SECItem key_item = { siBuffer, (unsigned char *)(uintptr_t)key, - c->key_size }; + (unsigned)c->key_size }; c->key = PK11_ImportSymKey(slot, CKM_AES_GCM, PK11_OriginUnwrap, CKA_ENCRYPT, &key_item, NULL); PK11_FreeSlot(slot); @@ -296,6 +297,10 @@ static srtp_err_status_t srtp_aes_gcm_nss_do_crypto(void *cv, // Reset AAD c->aad_size = 0; + if (src_len > UINT_MAX || *dst_len > UINT_MAX) { + return srtp_err_status_bad_param; + } + unsigned int out_len = 0; int rv; SECItem param = { siBuffer, (unsigned char *)&c->params, @@ -309,8 +314,8 @@ static srtp_err_status_t srtp_aes_gcm_nss_do_crypto(void *cv, return srtp_err_status_buffer_small; } - rv = PK11_Encrypt(c->key, CKM_AES_GCM, ¶m, dst, &out_len, *dst_len, - src, src_len); + rv = PK11_Encrypt(c->key, CKM_AES_GCM, ¶m, dst, &out_len, + (unsigned int)*dst_len, src, (unsigned int)src_len); } else { if (c->dir != srtp_direction_decrypt) { return srtp_err_status_bad_param; @@ -324,8 +329,8 @@ static srtp_err_status_t srtp_aes_gcm_nss_do_crypto(void *cv, return srtp_err_status_buffer_small; } - rv = PK11_Decrypt(c->key, CKM_AES_GCM, ¶m, dst, &out_len, *dst_len, - src, src_len); + rv = PK11_Decrypt(c->key, CKM_AES_GCM, ¶m, dst, &out_len, + (unsigned int)*dst_len, src, (unsigned int)src_len); } *dst_len = out_len; srtp_err_status_t status = srtp_err_status_ok; diff --git a/crypto/cipher/aes_gcm_ossl.c b/crypto/cipher/aes_gcm_ossl.c index 32faf31ea..9362a2054 100644 --- a/crypto/cipher/aes_gcm_ossl.c +++ b/crypto/cipher/aes_gcm_ossl.c @@ -258,12 +258,16 @@ static srtp_err_status_t srtp_aes_gcm_openssl_set_aad(void *cv, debug_print(srtp_mod_aes_gcm, "setting AAD: %s", srtp_octet_string_hex_string(aad, aad_len)); + if (aad_len > INT_MAX) { + return srtp_err_status_bad_param; + } + if (c->dir == srtp_direction_encrypt) { - if (EVP_EncryptUpdate(c->ctx, NULL, &len, aad, aad_len) != 1) { + if (EVP_EncryptUpdate(c->ctx, NULL, &len, aad, (int)aad_len) != 1) { return srtp_err_status_algo_fail; } } else { - if (EVP_DecryptUpdate(c->ctx, NULL, &len, aad, aad_len) != 1) { + if (EVP_DecryptUpdate(c->ctx, NULL, &len, aad, (int)aad_len) != 1) { return srtp_err_status_algo_fail; } } @@ -300,10 +304,14 @@ static srtp_err_status_t srtp_aes_gcm_openssl_encrypt(void *cv, return srtp_err_status_buffer_small; } + if (src_len > INT_MAX) { + return srtp_err_status_bad_param; + } + /* * Encrypt the data */ - if (EVP_EncryptUpdate(c->ctx, dst, &len, src, src_len) != 1) { + if (EVP_EncryptUpdate(c->ctx, dst, &len, src, (int)src_len) != 1) { return srtp_err_status_algo_fail; } *dst_len = len; @@ -319,7 +327,7 @@ static srtp_err_status_t srtp_aes_gcm_openssl_encrypt(void *cv, /* * Retrieve the tag */ - if (EVP_CIPHER_CTX_ctrl(c->ctx, EVP_CTRL_GCM_GET_TAG, c->tag_len, + if (EVP_CIPHER_CTX_ctrl(c->ctx, EVP_CTRL_GCM_GET_TAG, (int)c->tag_len, dst + *dst_len) != 1) { return srtp_err_status_algo_fail; } @@ -357,10 +365,15 @@ static srtp_err_status_t srtp_aes_gcm_openssl_decrypt(void *cv, return srtp_err_status_buffer_small; } + if (src_len > INT_MAX) { + return srtp_err_status_bad_param; + } + /* * Decrypt the data */ - if (EVP_DecryptUpdate(c->ctx, dst, &len, src, src_len - c->tag_len) != 1) { + if (EVP_DecryptUpdate(c->ctx, dst, &len, src, + (int)(src_len - c->tag_len)) != 1) { return srtp_err_status_algo_fail; } *dst_len = len; @@ -371,7 +384,7 @@ static srtp_err_status_t srtp_aes_gcm_openssl_decrypt(void *cv, * explicitly cast away const of src */ if (EVP_CIPHER_CTX_ctrl( - c->ctx, EVP_CTRL_GCM_SET_TAG, c->tag_len, + c->ctx, EVP_CTRL_GCM_SET_TAG, (int)c->tag_len, (void *)(uintptr_t)(src + (src_len - c->tag_len))) != 1) { return srtp_err_status_algo_fail; } diff --git a/crypto/cipher/aes_gcm_wssl.c b/crypto/cipher/aes_gcm_wssl.c index 8f4699e20..6e063803f 100644 --- a/crypto/cipher/aes_gcm_wssl.c +++ b/crypto/cipher/aes_gcm_wssl.c @@ -57,6 +57,7 @@ #include "crypto_types.h" #include "cipher_types.h" #include "cipher_test_cases.h" +#include srtp_debug_module_t srtp_mod_aes_gcm = { 0, /* debugging is off by default */ @@ -225,7 +226,8 @@ static srtp_err_status_t srtp_aes_gcm_wolfssl_context_init(void *cv, } } - err = wc_AesGcmSetKey(c->ctx, (const unsigned char *)key, c->key_size); + err = wc_AesGcmSetKey(c->ctx, (const unsigned char *)key, + (word32)c->key_size); if (err < 0) { debug_print(srtp_mod_aes_gcm, "wolfSSL error code: %d", err); return srtp_err_status_init_fail; @@ -298,10 +300,16 @@ static srtp_err_status_t srtp_aes_gcm_wolfssl_set_aad(void *cv, memcpy(c->aad + c->aad_size, aad, aad_len); c->aad_size += aad_len; #else + if (aad_len > INT_MAX) { + return srtp_err_status_bad_param; + } + if (c->dir == srtp_direction_encrypt) { - err = wc_AesGcmEncryptUpdate(c->ctx, NULL, NULL, 0, aad, aad_len); + err = + wc_AesGcmEncryptUpdate(c->ctx, NULL, NULL, 0, aad, (word32)aad_len); } else { - err = wc_AesGcmDecryptUpdate(c->ctx, NULL, NULL, 0, aad, aad_len); + err = + wc_AesGcmDecryptUpdate(c->ctx, NULL, NULL, 0, aad, (word32)aad_len); } if (err < 0) { debug_print(srtp_mod_aes_gcm, "wolfSSL error code: %d", err); @@ -338,6 +346,10 @@ static srtp_err_status_t srtp_aes_gcm_wolfssl_encrypt(void *cv, return srtp_err_status_buffer_small; } + if (src_len > INT_MAX) { + return srtp_err_status_bad_param; + } + #ifndef WOLFSSL_AESGCM_STREAM // tag must always be 16 bytes when passed to wc_AesGcmEncrypt, can truncate // to c->tag_len after @@ -349,12 +361,12 @@ static srtp_err_status_t srtp_aes_gcm_wolfssl_encrypt(void *cv, memcpy(dst + src_len, tag, c->tag_len); } #else - err = wc_AesGcmEncryptUpdate(c->ctx, dst, src, src_len, NULL, 0); + err = wc_AesGcmEncryptUpdate(c->ctx, dst, src, (word32)src_len, NULL, 0); if (err < 0) { debug_print(srtp_mod_aes_gcm, "wolfSSL error code: %d", err); return srtp_err_status_algo_fail; } - err = wc_AesGcmEncryptFinal(c->ctx, dst + src_len, c->tag_len); + err = wc_AesGcmEncryptFinal(c->ctx, dst + src_len, (word32)c->tag_len); #endif if (err < 0) { debug_print(srtp_mod_aes_gcm, "wolfSSL error code: %d", err); @@ -397,6 +409,10 @@ static srtp_err_status_t srtp_aes_gcm_wolfssl_decrypt(void *cv, return srtp_err_status_buffer_small; } + if (src_len > INT_MAX) { + return srtp_err_status_bad_param; + } + #ifndef WOLFSSL_AESGCM_STREAM debug_print(srtp_mod_aes_gcm, "AAD: %s", srtp_octet_string_hex_string(c->aad, c->aad_size)); @@ -406,14 +422,14 @@ static srtp_err_status_t srtp_aes_gcm_wolfssl_decrypt(void *cv, c->aad, c->aad_size); c->aad_size = 0; #else - err = wc_AesGcmDecryptUpdate(c->ctx, dst, src, (src_len - c->tag_len), NULL, - 0); + err = wc_AesGcmDecryptUpdate(c->ctx, dst, src, + (word32)(src_len - c->tag_len), NULL, 0); if (err < 0) { debug_print(srtp_mod_aes_gcm, "wolfSSL error code: %d", err); return srtp_err_status_algo_fail; } - err = - wc_AesGcmDecryptFinal(c->ctx, src + (src_len - c->tag_len), c->tag_len); + err = wc_AesGcmDecryptFinal(c->ctx, src + (src_len - c->tag_len), + (word32)c->tag_len); #endif if (err < 0) { debug_print(srtp_mod_aes_gcm, "wolfSSL error code: %d", err); diff --git a/crypto/cipher/aes_icm_mbedtls.c b/crypto/cipher/aes_icm_mbedtls.c index 1b5d4b83b..eb7d1d9e7 100644 --- a/crypto/cipher/aes_icm_mbedtls.c +++ b/crypto/cipher/aes_icm_mbedtls.c @@ -301,7 +301,7 @@ static srtp_err_status_t srtp_aes_icm_mbedtls_context_init(void *cv, const uint8_t *key) { srtp_aes_icm_ctx_t *c = (srtp_aes_icm_ctx_t *)cv; - uint32_t key_size_in_bits = (c->key_size << 3); + uint32_t key_size_in_bits = (uint32_t)(c->key_size << 3); int errcode = 0; /* diff --git a/crypto/cipher/aes_icm_nss.c b/crypto/cipher/aes_icm_nss.c index 5d6dc07b7..25080e033 100644 --- a/crypto/cipher/aes_icm_nss.c +++ b/crypto/cipher/aes_icm_nss.c @@ -54,6 +54,8 @@ #include "cipher_types.h" #include "cipher_test_cases.h" +#include + srtp_debug_module_t srtp_mod_aes_icm = { false, /* debugging is off by default */ "aes icm nss" /* printable module name */ @@ -256,7 +258,7 @@ static srtp_err_status_t srtp_aes_icm_nss_context_init(void *cv, /* explicitly cast away const of key */ SECItem keyItem = { siBuffer, (unsigned char *)(uintptr_t)key, - c->key_size }; + (unsigned int)c->key_size }; c->key = PK11_ImportSymKey(slot, CKM_AES_CTR, PK11_OriginUnwrap, CKA_ENCRYPT, &keyItem, NULL); PK11_FreeSlot(slot); @@ -342,8 +344,13 @@ static srtp_err_status_t srtp_aes_icm_nss_encrypt(void *cv, return srtp_err_status_buffer_small; } + if (src_len > UINT_MAX || *dst_len > UINT_MAX) { + return srtp_err_status_bad_param; + } + int out_len = 0; - int rv = PK11_CipherOp(c->ctx, dst, &out_len, *dst_len, src, src_len); + int rv = PK11_CipherOp(c->ctx, dst, &out_len, (unsigned int)*dst_len, src, + (unsigned int)src_len); *dst_len = out_len; srtp_err_status_t status = srtp_err_status_ok; if (rv != SECSuccess) { diff --git a/crypto/cipher/aes_icm_ossl.c b/crypto/cipher/aes_icm_ossl.c index 82e7d9632..f78c859da 100644 --- a/crypto/cipher/aes_icm_ossl.c +++ b/crypto/cipher/aes_icm_ossl.c @@ -316,7 +316,11 @@ static srtp_err_status_t srtp_aes_icm_openssl_encrypt(void *cv, return srtp_err_status_buffer_small; } - if (!EVP_EncryptUpdate(c->ctx, dst, &len, src, src_len)) { + if (src_len > INT_MAX) { + return srtp_err_status_bad_param; + } + + if (!EVP_EncryptUpdate(c->ctx, dst, &len, src, (int)src_len)) { return srtp_err_status_cipher_fail; } *dst_len = len; diff --git a/crypto/cipher/aes_icm_wssl.c b/crypto/cipher/aes_icm_wssl.c index 41cb38eef..4721ff200 100644 --- a/crypto/cipher/aes_icm_wssl.c +++ b/crypto/cipher/aes_icm_wssl.c @@ -56,6 +56,7 @@ #include "alloc.h" #include "cipher_types.h" #include "cipher_test_cases.h" +#include srtp_debug_module_t srtp_mod_aes_icm = { 0, /* debugging is off by default */ @@ -326,7 +327,11 @@ static srtp_err_status_t srtp_aes_icm_wolfssl_encrypt(void *cv, return srtp_err_status_buffer_small; } - err = wc_AesCtrEncrypt(c->ctx, dst, src, src_len); + if (src_len > INT_MAX) { + return srtp_err_status_bad_param; + } + + err = wc_AesCtrEncrypt(c->ctx, dst, src, (word32)src_len); if (err < 0) { debug_print(srtp_mod_aes_icm, "wolfSSL encrypt error: %d", err); return srtp_err_status_cipher_fail; diff --git a/crypto/hash/hmac_nss.c b/crypto/hash/hmac_nss.c index a2a76adb3..27f21e568 100644 --- a/crypto/hash/hmac_nss.c +++ b/crypto/hash/hmac_nss.c @@ -48,6 +48,8 @@ #include #include +#include + #define SHA1_DIGEST_SIZE 20 /* the debug module for authentiation */ @@ -187,8 +189,13 @@ static srtp_err_status_t srtp_hmac_init(void *statev, return srtp_err_status_bad_param; } + if (key_len > UINT_MAX) { + return srtp_err_status_bad_param; + } + /* explicitly cast away const of key */ - SECItem key_item = { siBuffer, (unsigned char *)(uintptr_t)key, key_len }; + SECItem key_item = { siBuffer, (unsigned char *)(uintptr_t)key, + (unsigned int)key_len }; sym_key = PK11_ImportSymKey(slot, CKM_SHA_1_HMAC, PK11_OriginUnwrap, CKA_SIGN, &key_item, NULL); PK11_FreeSlot(slot); @@ -221,7 +228,12 @@ static srtp_err_status_t srtp_hmac_update(void *statev, debug_print(srtp_mod_hmac, "input: %s", srtp_octet_string_hex_string(message, msg_octets)); - if (PK11_DigestOp(hmac->ctx, message, msg_octets) != SECSuccess) { + if (msg_octets > UINT_MAX) { + return srtp_err_status_bad_param; + } + + if (PK11_DigestOp(hmac->ctx, message, (unsigned int)msg_octets) != + SECSuccess) { return srtp_err_status_auth_fail; } @@ -247,7 +259,12 @@ static srtp_err_status_t srtp_hmac_compute(void *statev, return srtp_err_status_bad_param; } - if (PK11_DigestOp(hmac->ctx, message, msg_octets) != SECSuccess) { + if (msg_octets > UINT_MAX) { + return srtp_err_status_bad_param; + } + + if (PK11_DigestOp(hmac->ctx, message, (unsigned int)msg_octets) != + SECSuccess) { return srtp_err_status_auth_fail; } diff --git a/crypto/hash/hmac_ossl.c b/crypto/hash/hmac_ossl.c index b0ed3418f..f9660b905 100644 --- a/crypto/hash/hmac_ossl.c +++ b/crypto/hash/hmac_ossl.c @@ -240,7 +240,11 @@ static srtp_err_status_t srtp_hmac_init(void *statev, return srtp_err_status_auth_fail; } #else - if (HMAC_Init_ex(hmac->ctx, key, key_len, EVP_sha1(), NULL) == 0) { + if (key_len > INT_MAX) { + return srtp_err_status_bad_param; + } + + if (HMAC_Init_ex(hmac->ctx, key, (int)key_len, EVP_sha1(), NULL) == 0) { return srtp_err_status_auth_fail; } #endif diff --git a/crypto/hash/hmac_wssl.c b/crypto/hash/hmac_wssl.c index 9a97ea094..3215851b0 100644 --- a/crypto/hash/hmac_wssl.c +++ b/crypto/hash/hmac_wssl.c @@ -53,6 +53,7 @@ #include "alloc.h" #include "err.h" /* for srtp_debug */ #include "auth_test_cases.h" +#include #define SHA1_DIGEST_SIZE 20 @@ -135,7 +136,11 @@ static srtp_err_status_t srtp_hmac_wolfssl_init(void *statev, Hmac *state = (Hmac *)statev; int err; - err = wc_HmacSetKey(state, WC_SHA, key, key_len); + if (key_len > INT_MAX) { + return srtp_err_status_bad_param; + } + + err = wc_HmacSetKey(state, WC_SHA, key, (word32)key_len); if (err < 0) { debug_print(srtp_mod_hmac, "wolfSSL error code: %d", err); return srtp_err_status_auth_fail; @@ -154,7 +159,11 @@ static srtp_err_status_t srtp_hmac_wolfssl_update(void *statev, debug_print(srtp_mod_hmac, "input: %s", srtp_octet_string_hex_string(message, msg_octets)); - err = wc_HmacUpdate(state, message, msg_octets); + if (msg_octets > INT_MAX) { + return srtp_err_status_bad_param; + } + + err = wc_HmacUpdate(state, message, (word32)msg_octets); if (err < 0) { debug_print(srtp_mod_hmac, "wolfSSL error code: %d", err); return srtp_err_status_auth_fail; @@ -182,8 +191,12 @@ static srtp_err_status_t srtp_hmac_wolfssl_compute(void *statev, return srtp_err_status_bad_param; } + if (msg_octets > INT_MAX) { + return srtp_err_status_bad_param; + } + /* hash message, copy output into H */ - err = wc_HmacUpdate(state, message, msg_octets); + err = wc_HmacUpdate(state, message, (word32)msg_octets); if (err < 0) { debug_print(srtp_mod_hmac, "wolfSSL error code: %d", err); return srtp_err_status_auth_fail; diff --git a/crypto/math/datatypes.c b/crypto/math/datatypes.c index 5daaf1258..96621f8bb 100644 --- a/crypto/math/datatypes.c +++ b/crypto/math/datatypes.c @@ -210,7 +210,7 @@ void v128_left_shift(v128_t *x, size_t shift) return; } - const int base_index = shift >> 5; + const int base_index = (int)(shift >> 5); const int bit_index = shift & 31; __m128i mm = _mm_loadu_si128((const __m128i *)x); @@ -325,8 +325,8 @@ void bitvector_left_shift(bitvector_t *x, size_t shift) ((const __m128i *)right_shift_masks)[4u - (base_index & 3u)]; __m128i mm_left_shift_mask = ((const __m128i *)left_shift_masks)[base_index & 3u]; - __m128i mm_shift_right = _mm_cvtsi32_si128(bit_index); - __m128i mm_shift_left = _mm_cvtsi32_si128(32 - bit_index); + __m128i mm_shift_right = _mm_cvtsi32_si128((int)bit_index); + __m128i mm_shift_left = _mm_cvtsi32_si128((int)(32 - bit_index)); __m128i mm_current = _mm_loadu_si128(from); __m128i mm_current_r = _mm_srl_epi32(mm_current, mm_shift_right); diff --git a/srtp/srtp.c b/srtp/srtp.c index b0df1bee0..8e0b1235d 100644 --- a/srtp/srtp.c +++ b/srtp/srtp.c @@ -850,10 +850,14 @@ static srtp_err_status_t srtp_kdf_generate(srtp_kdf_t *kdf, } octet_string_set_to_zero(key, length); + if (length > INT_MAX) { + return srtp_err_status_bad_param; + } + PRIVATE_KEY_UNLOCK(); err = wc_SRTP_KDF_label(kdf->master_key, kdf->master_key_len, kdf->master_salt, MAX_SRTP_SALT_LEN, -1, NULL, - label, key, length); + label, key, (word32)length); PRIVATE_KEY_LOCK(); if (err < 0) { debug_print(mod_srtp, "wolfSSL SRTP KDF error: %d", err);