Update bootutil_sig_verify to receive slen as size_t

This fixes a comparison issue that was previously fixed by doing a cast. Since tinycrypt and mbed-tls both already use an unsigned for the size, the mcuboot interface was updated to also use an unsigned value (size_t to be more precise!). Signed-off-by: Fabio Utzig <utzig@apache.org>
2017-12-05 10:30:26 -02:00 · 2017-12-05 10:30:26 -02:00 · 1a927dd591
parent aaf767cf8a
commit 1a927dd591
4 changed files with 7 additions and 7 deletions
--- a/boot/bootutil/src/bootutil_priv.h
+++ b/boot/bootutil/src/bootutil_priv.h
@ -130,8 +130,8 @@ struct boot_loader_state {
    uint8_t write_sz;
 };

-int bootutil_verify_sig(uint8_t *hash, uint32_t hlen, uint8_t *sig, int slen,
-    uint8_t key_id);
+int bootutil_verify_sig(uint8_t *hash, uint32_t hlen, uint8_t *sig,
+                        size_t slen, uint8_t key_id);

 uint32_t boot_slots_trailer_sz(uint8_t min_write_sz);
 int boot_status_entries(const struct flash_area *fap);
--- a/boot/bootutil/src/image_ec.c
+++ b/boot/bootutil/src/image_ec.c
@ -89,13 +89,13 @@ bootutil_parse_eckey(mbedtls_ecdsa_context *ctx, uint8_t **p, uint8_t *end)

 static int
 bootutil_cmp_sig(mbedtls_ecdsa_context *ctx, uint8_t *hash, uint32_t hlen,
-  uint8_t *sig, int slen)
+  uint8_t *sig, size_t slen)
 {
    return mbedtls_ecdsa_read_signature(ctx, hash, hlen, sig, slen);
 }

 int
-bootutil_verify_sig(uint8_t *hash, uint32_t hlen, uint8_t *sig, int slen,
+bootutil_verify_sig(uint8_t *hash, uint32_t hlen, uint8_t *sig, size_t slen,
  uint8_t key_id)
 {
    int rc;
--- a/boot/bootutil/src/image_ec256.c
+++ b/boot/bootutil/src/image_ec256.c
@ -141,7 +141,7 @@ tinycrypt_decode_sig(uint8_t signature[NUM_ECC_BYTES * 2], uint8_t *cp, uint8_t
 }

 int
-bootutil_verify_sig(uint8_t *hash, uint32_t hlen, uint8_t *sig, int slen,
+bootutil_verify_sig(uint8_t *hash, uint32_t hlen, uint8_t *sig, size_t slen,
  uint8_t key_id)
 {
    int rc;
--- a/boot/bootutil/src/image_rsa.c
+++ b/boot/bootutil/src/image_rsa.c
@ -254,7 +254,7 @@ bootutil_cmp_rsasig(mbedtls_rsa_context *ctx, uint8_t *hash, uint32_t hlen,
 }

 int
-bootutil_verify_sig(uint8_t *hash, uint32_t hlen, uint8_t *sig, int slen,
+bootutil_verify_sig(uint8_t *hash, uint32_t hlen, uint8_t *sig, size_t slen,
  uint8_t key_id)
 {
    mbedtls_rsa_context ctx;
@ -268,7 +268,7 @@ bootutil_verify_sig(uint8_t *hash, uint32_t hlen, uint8_t *sig, int slen,
    end = cp + *bootutil_keys[key_id].len;

    rc = bootutil_parse_rsakey(&ctx, &cp, end);
-    if (rc || (size_t)slen != ctx.len) {
+    if (rc || slen != ctx.len) {
        mbedtls_rsa_free(&ctx);
        return rc;
    }