From: Loup Vaillant <loup@loup-vaillant.fr>
Date: Mon, 27 Feb 2023 14:06:24 +0000 (+0100)
Subject: Fix the most nitpicky Clang warnings, fix C++ compatibility
X-Git-Url: https://git.codecow.com/?a=commitdiff_plain;h=657c0a3e25fa46475a357f407fb10f1b2137e248;p=Monocypher.git

Fix the most nitpicky Clang warnings, fix C++ compatibility

This is mostly about shadowed variables.
---

diff --git a/makefile b/makefile
index 5651c24..1305e42 100644
--- a/makefile
+++ b/makefile
@@ -53,7 +53,7 @@
 .SUFFIXES:
 
 CC=gcc -std=c99
-CFLAGS= -pedantic -Wall -Wextra -O3 -march=native
+CFLAGS=-pedantic -Wall -Wextra -O3 -march=native
 DESTDIR=
 PREFIX=usr/local
 LIBDIR=$(PREFIX)/lib
diff --git a/src/monocypher.h b/src/monocypher.h
index c52c8ff..cf635e8 100644
--- a/src/monocypher.h
+++ b/src/monocypher.h
@@ -289,11 +289,11 @@ void crypto_poly1305(uint8_t        mac[16],
 typedef struct {
 	// Do not rely on the size or contents of this type,
 	// for they may change without notice.
-	uint32_t r[4];   // constant multiplier (from the secret key)
-	uint32_t h[5];   // accumulated hash
 	uint8_t  c[16];  // chunk of the message
-	uint32_t pad[4]; // random number added at the end (from the secret key)
 	size_t   c_idx;  // How many bytes are there in the chunk.
+	uint32_t r  [4]; // constant multiplier (from the secret key)
+	uint32_t pad[4]; // random number added at the end (from the secret key)
+	uint32_t h  [5]; // accumulated hash
 } crypto_poly1305_ctx;
 
 void crypto_poly1305_init  (crypto_poly1305_ctx *ctx, const uint8_t key[32]);
diff --git a/src/optional/monocypher-ed25519.c b/src/optional/monocypher-ed25519.c
index 5d37025..b76503a 100644
--- a/src/optional/monocypher-ed25519.c
+++ b/src/optional/monocypher-ed25519.c
@@ -61,8 +61,8 @@ namespace MONOCYPHER_CPP_NAMESPACE {
 /// Utilities ///
 /////////////////
 #define FOR(i, min, max)     for (size_t i = min; i < max; i++)
-#define COPY(dst, src, size) FOR(i, 0, size) (dst)[i] = (src)[i]
-#define ZERO(buf, size)      FOR(i, 0, size) (buf)[i] = 0
+#define COPY(dst, src, size) FOR(_i_, 0, size) (dst)[_i_] = (src)[_i_]
+#define ZERO(buf, size)      FOR(_i_, 0, size) (buf)[_i_] = 0
 #define WIPE_CTX(ctx)        crypto_wipe(ctx   , sizeof(*(ctx)))
 #define WIPE_BUFFER(buffer)  crypto_wipe(buffer, sizeof(buffer))
 #define MIN(a, b)            ((a) <= (b) ? (a) : (b))
@@ -477,7 +477,7 @@ int crypto_ed25519_check(const u8 signature[64], const u8 public_key[32],
 	return crypto_eddsa_check_equation(signature, public_key, h_ram);
 }
 
-static const u8 domain[34] = "SigEd25519 no Ed25519 collisions\1\0";
+static const u8 domain[34] = "SigEd25519 no Ed25519 collisions\1";
 
 void crypto_ed25519_ph_sign(uint8_t signature[64], const uint8_t secret_key[32],
                             const uint8_t message_hash[64])
diff --git a/tests/test.c b/tests/test.c
index 142ee88..1725b1c 100644
--- a/tests/test.c
+++ b/tests/test.c
@@ -62,9 +62,9 @@
 ////////////////////////////////
 /// Constant time comparison ///
 ////////////////////////////////
-static void p_verify(size_t size, int (*compare)(const u8*, const u8*))
+static void p_verify(unsigned size, int (*compare)(const u8*, const u8*))
 {
-	printf("\tcrypto_verify%zu\n", size);
+	printf("\tcrypto_verify%u\n", size);
 	u8 a[64]; // size <= 64
 	u8 b[64]; // size <= 64
 	FOR (i, 0, 2) {
@@ -437,27 +437,28 @@ static void test_blake2b()
 	// interface.
 #undef INPUT_SIZE
 #define INPUT_SIZE (BLAKE2B_BLOCK_SIZE * 3) // total input size
+	{
+		RANDOM_INPUT(input, INPUT_SIZE);
 
-	RANDOM_INPUT(input, INPUT_SIZE);
-
-	// hash at once
-	u8 hash_whole[64];
-	crypto_blake2b(hash_whole, 64, input, INPUT_SIZE);
-
-	FOR (j, 0, INPUT_SIZE) {
-		FOR (i, 0, j+1) {
-			// Hash bit by bit
-			u8 *mid_input = j - i == 0 ? NULL : input + i; // test NULL update
-			u8 hash_chunk[64];
-			crypto_blake2b_ctx ctx;
-			crypto_blake2b_init  (&ctx, 64);
-			crypto_blake2b_update(&ctx, input    , i);
-			crypto_blake2b_update(&ctx, mid_input, j - i);
-			crypto_blake2b_update(&ctx, input + j, INPUT_SIZE - j);
-			crypto_blake2b_final (&ctx, hash_chunk);
-
-			// Compare the results (must be the same)
-			ASSERT_EQUAL(hash_chunk, hash_whole, 64);
+		// hash at once
+		u8 hash_whole[64];
+		crypto_blake2b(hash_whole, 64, input, INPUT_SIZE);
+
+		FOR (j, 0, INPUT_SIZE) {
+			FOR (i, 0, j+1) {
+				// Hash bit by bit
+				u8 *mid_input = j - i == 0 ? NULL : input + i; // NULL update
+				u8 hash_chunk[64];
+				crypto_blake2b_ctx ctx;
+				crypto_blake2b_init  (&ctx, 64);
+				crypto_blake2b_update(&ctx, input    , i);
+				crypto_blake2b_update(&ctx, mid_input, j - i);
+				crypto_blake2b_update(&ctx, input + j, INPUT_SIZE - j);
+				crypto_blake2b_final (&ctx, hash_chunk);
+
+				// Compare the results (must be the same)
+				ASSERT_EQUAL(hash_chunk, hash_whole, 64);
+			}
 		}
 	}
 
@@ -514,27 +515,28 @@ static void test_sha512()
 	printf("\tSHA-512 (incremental)\n");
 #undef INPUT_SIZE
 #define INPUT_SIZE (SHA_512_BLOCK_SIZE * 4 - 32) // total input size
+	{
+		RANDOM_INPUT(input, INPUT_SIZE);
 
-	RANDOM_INPUT(input, INPUT_SIZE);
-
-	// hash at once
-	u8 hash_whole[64];
-	crypto_sha512(hash_whole, input, INPUT_SIZE);
-
-	FOR (j, 0, INPUT_SIZE) {
-		FOR (i, 0, j+1) {
-			// Hash bit by bit
-			u8 *mid_input = j - i == 0 ? NULL : input + i; // test NULL update
-			u8 hash_chunk[64];
-			crypto_sha512_ctx ctx;
-			crypto_sha512_init  (&ctx);
-			crypto_sha512_update(&ctx, input    , i);
-			crypto_sha512_update(&ctx, mid_input, j - i);
-			crypto_sha512_update(&ctx, input + j, INPUT_SIZE - j);
-			crypto_sha512_final (&ctx, hash_chunk);
-
-			// Compare the results (must be the same)
-			ASSERT_EQUAL(hash_chunk, hash_whole, 64);
+		// hash at once
+		u8 hash_whole[64];
+		crypto_sha512(hash_whole, input, INPUT_SIZE);
+
+		FOR (j, 0, INPUT_SIZE) {
+			FOR (i, 0, j+1) {
+				// Hash bit by bit
+				u8 *mid_input = j - i == 0 ? NULL : input + i; // NULL update
+				u8 hash_chunk[64];
+				crypto_sha512_ctx ctx;
+				crypto_sha512_init  (&ctx);
+				crypto_sha512_update(&ctx, input    , i);
+				crypto_sha512_update(&ctx, mid_input, j - i);
+				crypto_sha512_update(&ctx, input + j, INPUT_SIZE - j);
+				crypto_sha512_final (&ctx, hash_chunk);
+
+				// Compare the results (must be the same)
+				ASSERT_EQUAL(hash_chunk, hash_whole, 64);
+			}
 		}
 	}
 
@@ -609,16 +611,16 @@ static void argon2(vector_reader *reader)
 	crypto_argon2_inputs inputs;
 	inputs.pass      = pass.buf;
 	inputs.salt      = salt.buf;
-	inputs.pass_size = pass.size;
-	inputs.salt_size = salt.size;
+	inputs.pass_size = (u32)pass.size;
+	inputs.salt_size = (u32)salt.size;
 
 	crypto_argon2_extras extras;
 	extras.key       = key.buf;
 	extras.ad        = ad.buf;
-	extras.key_size  = key.size;
-	extras.ad_size   = ad.size;
+	extras.key_size  = (u32)key.size;
+	extras.ad_size   = (u32)ad.size;
 
-	crypto_argon2(out.buf, out.size, work_area, config, inputs, extras);
+	crypto_argon2(out.buf, (u32)out.size, work_area, config, inputs, extras);
 	free(work_area);
 }
 
@@ -1102,8 +1104,7 @@ static void test_elligator()
 	}
 
 	printf("\telligator x25519\n");
-	int i = 0;
-	while (i < 64) {
+	FOR (i, 0, 64) {
 		RANDOM_INPUT(sk1, 32);
 		RANDOM_INPUT(sk2, 32);
 		u8 skc [32];  memcpy(skc, sk1, 32);  skc[0] &= 248;
@@ -1130,7 +1131,8 @@ static void test_elligator()
 		u8 tweak = (u8)((i & 1) + (i << 5));
 		u8 r[32];
 		if (crypto_elligator_rev(r, pkf, tweak)) {
-			continue; // retry untill success (doesn't increment the tweak)
+			i--;      // Cancel tweak increment
+			continue; // retry untill success
 		}
 		// Verify that the tweak's msb are copied to the representative
 		ASSERT((tweak >> 6) == (r[31] >> 6));
@@ -1143,7 +1145,6 @@ static void test_elligator()
 		u8 e1 [32];  crypto_x25519(e1, sk2, pk1);
 		u8 e2 [32];  crypto_x25519(e2, sk2, pkr);
 		ASSERT_EQUAL(e1, e2, 32);
-		i++;
 	}
 
 	printf("\telligator key pair\n");
diff --git a/tests/tis-ci.c b/tests/tis-ci.c
index 09fe36b..d1544a7 100644
--- a/tests/tis-ci.c
+++ b/tests/tis-ci.c
@@ -57,10 +57,6 @@
 #include <stdlib.h>
 #include <string.h>
 
-#define ARRAY(name, size)	\
-	u8 name[size]; \
-	for(size_t i = 0; i < size; i++) name[i] = i;
-
 static void chacha20(vector_reader *reader)
 {
 	vector key       = next_input(reader);
@@ -85,7 +81,7 @@ static void ietf_chacha20(vector_reader *reader)
 	vector out       = next_output(reader);
 	u32    nb_blocks = (u32)(plain.size / 64 + (plain.size % 64 != 0));
 	u32    new_ctr   = crypto_chacha20_ietf(out.buf, plain.buf, plain.size,
-	                                        key.buf, nonce.buf, ctr);
+	                                        key.buf, nonce.buf, (u32)ctr);
 	if (new_ctr - ctr != nb_blocks) {
 		printf("FAILURE: IETF Chacha20 returned counter not correct: ");
 	}
@@ -188,16 +184,16 @@ static void argon2(vector_reader *reader)
 	crypto_argon2_inputs inputs;
 	inputs.pass      = pass.buf;
 	inputs.salt      = salt.buf;
-	inputs.pass_size = pass.size;
-	inputs.salt_size = salt.size;
+	inputs.pass_size = (u32)pass.size;
+	inputs.salt_size = (u32)salt.size;
 
 	crypto_argon2_extras extras;
 	extras.key       = key.buf;
 	extras.ad        = ad.buf;
-	extras.key_size  = key.size;
-	extras.ad_size   = ad.size;
+	extras.key_size  = (u32)key.size;
+	extras.ad_size   = (u32)ad.size;
 
-	crypto_argon2(out.buf, out.size, work_area, config, inputs, extras);
+	crypto_argon2(out.buf, (u32)out.size, work_area, config, inputs, extras);
 	free(work_area);
 }