Clean Makefile and fix all warnings that could be found
This commit is contained in:
parent
3ada2a29dd
commit
cf9d0dd243
16
Makefile
16
Makefile
|
@ -1,7 +1,15 @@
|
||||||
pegh : pegh.c
|
# should compile with clang like:
|
||||||
cc -Wall -Wextra -Werror -std=c89 -pedantic \
|
# CC=clang CFLAGS=-Weverything make clean all
|
||||||
-Wstrict-prototypes -Wold-style-definition \
|
# and gcc like:
|
||||||
pegh.c -lcrypto -O3 -o pegh
|
# CC=gcc make clean all
|
||||||
|
|
||||||
|
CFLAGS += -Wall -Wextra -Werror -std=c89 -pedantic \
|
||||||
|
-Wstrict-prototypes -Wold-style-definition -Wconversion \
|
||||||
|
-Wno-missing-prototypes -Wno-missing-noreturn \
|
||||||
|
-O3
|
||||||
|
LDFLAGS += -lcrypto
|
||||||
|
|
||||||
|
all : pegh
|
||||||
|
|
||||||
clean :
|
clean :
|
||||||
rm -f pegh
|
rm -f pegh
|
||||||
|
|
54
pegh.c
54
pegh.c
|
@ -103,6 +103,13 @@ int gcm_encrypt(const unsigned char *key, const unsigned char *iv, size_t buffer
|
||||||
int exit_code = 0, ciphertext_written;
|
int exit_code = 0, ciphertext_written;
|
||||||
size_t plaintext_read;
|
size_t plaintext_read;
|
||||||
|
|
||||||
|
if(buffer_size > INT_MAX) {
|
||||||
|
/* this is because we read up to buffer_size at once, and then send that value to openssl which uses int instead of size_t */
|
||||||
|
if(NULL != err)
|
||||||
|
fprintf(err, "due to openssl API buffer_size can at most be %d\n", INT_MAX);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
do {
|
do {
|
||||||
plaintext = malloc(buffer_size);
|
plaintext = malloc(buffer_size);
|
||||||
if(!plaintext) {
|
if(!plaintext) {
|
||||||
|
@ -141,7 +148,7 @@ int gcm_encrypt(const unsigned char *key, const unsigned char *iv, size_t buffer
|
||||||
*/
|
*/
|
||||||
while ((plaintext_read = fread(plaintext, 1, buffer_size, in)) > 0) {
|
while ((plaintext_read = fread(plaintext, 1, buffer_size, in)) > 0) {
|
||||||
|
|
||||||
if(1 != EVP_EncryptUpdate(ctx, ciphertext, &ciphertext_written, plaintext, plaintext_read))
|
if(1 != EVP_EncryptUpdate(ctx, ciphertext, &ciphertext_written, plaintext, (int) plaintext_read))
|
||||||
goto fail;
|
goto fail;
|
||||||
|
|
||||||
if(((size_t) ciphertext_written) != plaintext_read) {
|
if(((size_t) ciphertext_written) != plaintext_read) {
|
||||||
|
@ -150,7 +157,7 @@ int gcm_encrypt(const unsigned char *key, const unsigned char *iv, size_t buffer
|
||||||
goto fail;
|
goto fail;
|
||||||
}
|
}
|
||||||
|
|
||||||
fwrite(ciphertext, 1, ciphertext_written, out);
|
fwrite(ciphertext, 1, (size_t) ciphertext_written, out);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -217,6 +224,13 @@ int gcm_decrypt(const unsigned char *key, const unsigned char *iv, size_t buffer
|
||||||
int exit_code = 0, plaintext_written;
|
int exit_code = 0, plaintext_written;
|
||||||
size_t ciphertext_read;
|
size_t ciphertext_read;
|
||||||
|
|
||||||
|
if(buffer_size > INT_MAX) {
|
||||||
|
/* this is because we read up to buffer_size at once, and then send that value to openssl which uses int instead of size_t */
|
||||||
|
if(NULL != err)
|
||||||
|
fprintf(err, "due to openssl API buffer_size can at most be %d\n", INT_MAX);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
do {
|
do {
|
||||||
plaintext = malloc(buffer_size);
|
plaintext = malloc(buffer_size);
|
||||||
if(!plaintext) {
|
if(!plaintext) {
|
||||||
|
@ -267,7 +281,7 @@ int gcm_decrypt(const unsigned char *key, const unsigned char *iv, size_t buffer
|
||||||
ciphertext_read = fread(ciphertext_read_zone, 1, buffer_size, in);
|
ciphertext_read = fread(ciphertext_read_zone, 1, buffer_size, in);
|
||||||
|
|
||||||
/* decrypt the bytes previously saved in tag plus ones currently read except the last 16 bytes */
|
/* decrypt the bytes previously saved in tag plus ones currently read except the last 16 bytes */
|
||||||
if(1 != EVP_DecryptUpdate(ctx, plaintext, &plaintext_written, tag, ciphertext_read))
|
if(1 != EVP_DecryptUpdate(ctx, plaintext, &plaintext_written, tag, (int) ciphertext_read))
|
||||||
goto fail;
|
goto fail;
|
||||||
/* now save the unused last 16 bytes in tag */
|
/* now save the unused last 16 bytes in tag */
|
||||||
memcpy(tag, ciphertext_read_zone + ciphertext_read - GCM_TAG_LEN, GCM_TAG_LEN);
|
memcpy(tag, ciphertext_read_zone + ciphertext_read - GCM_TAG_LEN, GCM_TAG_LEN);
|
||||||
|
@ -278,7 +292,7 @@ int gcm_decrypt(const unsigned char *key, const unsigned char *iv, size_t buffer
|
||||||
goto fail;
|
goto fail;
|
||||||
}
|
}
|
||||||
|
|
||||||
fwrite(plaintext, 1, plaintext_written, out);
|
fwrite(plaintext, 1, (size_t) plaintext_written, out);
|
||||||
} while(buffer_size == ciphertext_read);
|
} while(buffer_size == ciphertext_read);
|
||||||
|
|
||||||
|
|
||||||
|
@ -351,7 +365,7 @@ int pegh_encrypt(char *password,
|
||||||
|
|
||||||
/* first write the version and parameters */
|
/* first write the version and parameters */
|
||||||
salt[0] = 0;
|
salt[0] = 0;
|
||||||
salt[1] = (N >> 24) & 0xFF;
|
salt[1] = (unsigned char) ((N >> 24) & 0xFF);
|
||||||
salt[2] = (N >> 16) & 0xFF;
|
salt[2] = (N >> 16) & 0xFF;
|
||||||
salt[3] = (N >> 8) & 0xFF;
|
salt[3] = (N >> 8) & 0xFF;
|
||||||
salt[4] = N & 0xFF;
|
salt[4] = N & 0xFF;
|
||||||
|
@ -401,10 +415,10 @@ int pegh_decrypt(char *password,
|
||||||
fprintf(err, "unsupported file format version %d, we only support version 0\n", salt[0]);
|
fprintf(err, "unsupported file format version %d, we only support version 0\n", salt[0]);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
N = ((salt[1] & 0xFF) << 24)
|
N = (uint32_t) ((salt[1] & 0xFF) << 24)
|
||||||
| ((salt[2] & 0xFF) << 16)
|
| (uint32_t) ((salt[2] & 0xFF) << 16)
|
||||||
| ((salt[3] & 0xFF) << 8)
|
| (uint32_t) ((salt[3] & 0xFF) << 8)
|
||||||
| (salt[4] & 0xFF);
|
| (uint32_t) (salt[4] & 0xFF);
|
||||||
r = salt[5];
|
r = salt[5];
|
||||||
p = salt[6];
|
p = salt[6];
|
||||||
|
|
||||||
|
@ -459,24 +473,31 @@ usage: pegh [options...] password\n\
|
||||||
\nFor additional info on scrypt params refer to:\n\
|
\nFor additional info on scrypt params refer to:\n\
|
||||||
https://blog.filippo.io/the-scrypt-parameters/\n\
|
https://blog.filippo.io/the-scrypt-parameters/\n\
|
||||||
https://tools.ietf.org/html/rfc7914#section-2\n\n");
|
https://tools.ietf.org/html/rfc7914#section-2\n\n");
|
||||||
exit(exit_code);
|
|
||||||
return exit_code;
|
return exit_code;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void help_exit(int exit_code) {
|
||||||
|
help(exit_code);
|
||||||
|
exit(exit_code);
|
||||||
|
}
|
||||||
|
|
||||||
uint32_t parse_int_arg(int optind, int argc, char **argv) {
|
uint32_t parse_int_arg(int optind, int argc, char **argv) {
|
||||||
uint32_t tmp = 0;
|
uint64_t tmp = 0;
|
||||||
|
|
||||||
if(optind >= argc) {
|
if(optind >= argc) {
|
||||||
fprintf(stderr, "Error: %s requires an argument\n", argv[optind - 1]);
|
fprintf(stderr, "Error: %s requires an argument\n", argv[optind - 1]);
|
||||||
return help(2);
|
help_exit(2);
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
errno = 0;
|
errno = 0;
|
||||||
tmp = strtoul(argv[optind], NULL, 10);
|
tmp = strtoul(argv[optind], NULL, 10);
|
||||||
if(errno != 0 || tmp < 1) {
|
if(errno != 0 || tmp < 1 || tmp > UINT_MAX) {
|
||||||
fprintf(stderr, "Error: %s %s failed to parse as a number\n", argv[optind - 1], argv[optind]);
|
fprintf(stderr, "Error: %s %s failed to parse as a number\n", argv[optind - 1], argv[optind]);
|
||||||
return help(2);
|
help_exit(2);
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
return tmp;
|
return (uint32_t) tmp;
|
||||||
}
|
}
|
||||||
|
|
||||||
uint8_t parse_byte_arg(int optind, int argc, char **argv) {
|
uint8_t parse_byte_arg(int optind, int argc, char **argv) {
|
||||||
|
@ -485,7 +506,8 @@ uint8_t parse_byte_arg(int optind, int argc, char **argv) {
|
||||||
tmp = parse_int_arg(optind, argc, argv);
|
tmp = parse_int_arg(optind, argc, argv);
|
||||||
if(tmp > 255) {
|
if(tmp > 255) {
|
||||||
fprintf(stderr, "Error: %s %s failed to parse as a number 1-255\n", argv[optind - 1], argv[optind]);
|
fprintf(stderr, "Error: %s %s failed to parse as a number 1-255\n", argv[optind - 1], argv[optind]);
|
||||||
return help(2);
|
help_exit(2);
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
return (uint8_t) tmp;
|
return (uint8_t) tmp;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue