Merge pull request #14 from jimsch/master

Add first pass at a memory validator

.gitignore

@@ -61,3 +61,6 @@ Testing
 dist
 test/test.cbor
 *.tcl
+
+# Coverity
+cov-int

dumper/dumper.c

@@ -35,7 +35,7 @@ extern FOO Signer[];
 #define CBOR_CONTEXT_PARAM
 #endif
 
-FOO AlgorithmMap[32] = {
+FOO AlgorithmMap[36] = {
 	{ "ES512", CN_CBOR_INT, -9, NULL, 0, 0 },
 	{ "ES384", CN_CBOR_INT, -8, NULL, 0, 0 },
 	{"ES256", CN_CBOR_INT, -7, NULL, 0, 0 },
@@ -53,7 +53,11 @@ FOO AlgorithmMap[32] = {
 	{"AES-CCM-16-64-256", CN_CBOR_UINT, 11, NULL, 0, 0 },
 	{"AES-CCM-16-128-128", CN_CBOR_UINT, 12, NULL, 0, 0 },
 	{"AES-CCM-16-128-256", CN_CBOR_UINT, 13, NULL, 0, 0 },
+	{"AES-CBC-MAC-128/64", CN_CBOR_UINT, 14, NULL, 0, 0},
+	{"AES-CBC-MAC-256/64", CN_CBOR_UINT, 15, NULL, 0, 0},
 	{"ChaCha20//Poly1305", CN_CBOR_UINT, 24, NULL, 0, 0 },
+	{"AES-CBC-MAC-128/128", CN_CBOR_UINT, 25, NULL, 0, 0},
+	{"AES-CBC-MAC-256/128", CN_CBOR_UINT, 26, NULL, 0, 0},
 	{"AES-CCM-64-64-128", CN_CBOR_UINT, 30, NULL, 0, 0 },
 	{"AES-CCM-64-64-256", CN_CBOR_UINT, 31, NULL, 0, 0 },
 	{"AES-CCM-64-128-128", CN_CBOR_UINT, 32, NULL, 0, 0 },
@@ -205,7 +209,7 @@ FOO Mac0MessageWithTag = {
 	NULL, CN_CBOR_TAG, 995, &Mac0Message, 1, 0
 };
 
-int WrapLineAt = 0;
+size_t WrapLineAt = 0;
 char OutputBuffer[4096];
 
 void WrapPrintF(FILE * fp, char * format, ...)
@@ -359,13 +363,17 @@ void DumpTree(const cn_cbor * cbor, FILE * out, const FOO *pFOO, int depth, int
 					switch (cbor2->type) {
 					case CN_CBOR_UINT:
 						if ((group != 0) && (pFoo2->group != 0) && (pFoo2->group != group)) continue;
-						if (pFoo2->value == cbor2->v.uint) i2 = pFOO->count + 1;
+						if (pFoo2->value == (int) cbor2->v.uint) i2 = pFOO->count + 1;
 						break;
 
 					case CN_CBOR_INT:
 						if ((group != 0) && (pFoo2->group != 0) && (pFoo2->group != group)) continue;
 						if (pFoo2->value == cbor2->v.sint) i2 = pFOO->count + 1;
 						break;
+
+					default:
+						//  Should assert here?
+						break;
 					}
 
 					if (i2 == pFOO->count + 1) break;
@@ -418,7 +426,7 @@ void DumpTree(const cn_cbor * cbor, FILE * out, const FOO *pFOO, int depth, int
 		WrapPrintF(out, "%u", cbor->v.uint);
 		if (fValue && (pFOO != NULL)) {
 			for (i = 0, pFoo2 = pFOO->children; i < pFOO->count; i++, pFoo2++) {
-				if ((pFoo2->type == CN_CBOR_UINT) && (pFoo2->value == cbor->v.uint)) {
+				if ((pFoo2->type == CN_CBOR_UINT) && (pFoo2->value == (int) cbor->v.uint)) {
 					if (pFoo2->fieldName != NULL) {
 						if (fInComment) WrapPrintF(out, " \\ %s \\", pFoo2->fieldName);
 						else WrapPrintF(out, " / %s /", pFoo2->fieldName);

src/Cose.c

@@ -143,7 +143,7 @@ HCOSE COSE_Decode(const byte * rgbData, int cbData, int * ptype, COSE_object_typ
 
 	if (cbor->type == CN_CBOR_TAG) {
 		if (struct_type != 0) {
-			CHECK_CONDITION(struct_type == cbor->v.uint, COSE_ERR_INVALID_PARAMETER);
+                    CHECK_CONDITION(struct_type == (COSE_object_type) cbor->v.sint, COSE_ERR_INVALID_PARAMETER);
 		}
 		else struct_type = cbor->v.uint;
 

src/Encrypt.c

@@ -61,22 +61,14 @@ HCOSE_ENCRYPT _COSE_Encrypt_Init_From_Object(cn_cbor * cbor, COSE_Encrypt * pIn,
 		goto errorReturn;
 	}
 
-#ifdef USE_ARRAY
 	tmp = _COSE_arrayget_int(&pobj->m_message, INDEX_BODY);
-#else
-	tmp = cn_cbor_mapget_int(cbor, COSE_Header_Ciphertext);
-#endif
 	if (tmp != NULL) {
 		CHECK_CONDITION(tmp->type == CN_CBOR_BYTES, COSE_ERR_INVALID_PARAMETER);
 		pobj->cbContent = tmp->length;
 		pobj->pbContent = (byte *) tmp->v.str;
 	}
 
-#ifdef USE_ARRAY
 	pRecipients = _COSE_arrayget_int(&pobj->m_message, INDEX_RECIPIENTS);
-#else
-	pRecipients = cn_cbor_mapget_int(cbor, COSE_Header_Recipients);
-#endif
 	if (pRecipients != NULL) {
 		CHECK_CONDITION(pRecipients->type == CN_CBOR_ARRAY, COSE_ERR_INVALID_PARAMETER);
 
@@ -183,25 +175,14 @@ HCOSE_RECIPIENT COSE_Encrypt_add_shared_secret(HCOSE_ENCRYPT hcose, COSE_Algorit
 	pobj->m_recipientNext = pcose->m_recipientFirst;
 	pcose->m_recipientFirst = pobj;
 
-#ifdef USE_ARRAY
 	cn_cbor * pRecipients = _COSE_arrayget_int(&pcose->m_message, INDEX_RECIPIENTS);
-#else
-	cn_cbor * pRecipients = cn_cbor_mapget_int(pcose->m_message.m_cbor, COSE_Header_Recipients);
-#endif
 	if (pRecipients == NULL) {
 		pRecipients = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA NULL);
 		if (pRecipients == NULL) goto error;
-#ifdef USE_ARRAY
 		if (!_COSE_array_replace(&pcose->m_message, pRecipients, INDEX_RECIPIENTS, CBOR_CONTEXT_PARAM_COMMA NULL)) {
 			CN_CBOR_FREE(pRecipients, context);
 			goto error;
 		}
-#else
-		if (!cn_cbor_mapput_int(pcose->m_message.m_cbor, COSE_Header_Recipients, pRecipients, CBOR_CONTEXT_PARAM_COMMA NULL)) {
-			CN_CBOR_FREE(pRecipients, context);
-			goto error;
-		}
-#endif
 	}
 
 	cn_cbor_array_append(pRecipients, pobj->m_encrypt.m_message.m_cbor, NULL);
@@ -292,10 +273,6 @@ bool _COSE_Encrypt_decrypt(COSE_Encrypt * pcose, COSE_RecipientInfo * pRecip, in
 		cbitKey = 256;
 		break;
 
-	case COSE_Algorithm_Direct:
-	  	CHECK_CONDITION(pcose->cbKey == (unsigned int) cbitKey / 8, COSE_ERR_INVALID_PARAMETER);
-		break;
-
 	default:
 		FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
 		break;
@@ -381,11 +358,6 @@ bool _COSE_Encrypt_decrypt(COSE_Encrypt * pcose, COSE_RecipientInfo * pRecip, in
 		if (!AES_GCM_Decrypt(pcose, pbKey, cbitKey / 8, pbAuthData, cbAuthData, perr)) goto error;
 		break;
 
-	case COSE_Algorithm_Direct:
-	  CHECK_CONDITION((pcose->cbKey == (unsigned int) cbitKey / 8),  COSE_ERR_INVALID_PARAMETER);
-		memcpy(pbKey, pcose->pbKey, pcose->cbKey);
-		break;
-
 	default:
 		FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
 		break;
@@ -447,10 +419,6 @@ bool COSE_Encrypt_encrypt(HCOSE_ENCRYPT h, cose_errback * perr)
 		break;
 #endif // INCLUDE_AES_CCM
 
-	case COSE_Algorithm_Direct:
-		cbitKey = 0;
-		break;
-
 	default:
 		FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
 	}
@@ -529,20 +497,12 @@ bool COSE_Encrypt_encrypt(HCOSE_ENCRYPT h, cose_errback * perr)
 		break;
 #endif
 
-	case COSE_Algorithm_Direct:
-		ptmp = cn_cbor_data_create(NULL, 0, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
-		CHECK_CONDITION_CBOR(ptmp != NULL, cbor_error);
-		CHECK_CONDITION_CBOR(_COSE_array_replace(&pcose->m_message, ptmp, INDEX_BODY, CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error);
-		break;
-
 	default:
 		FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
 	}
 
 	for (pri = pcose->m_recipientFirst; pri != NULL; pri = pri->m_recipientNext) {
-		if (!_COSE_Encrypt_SetContent(&pri->m_encrypt, pcose->pbKey, pcose->cbKey, perr)) goto errorReturn;
-
-		if (!COSE_Encrypt_encrypt((HCOSE_ENCRYPT) &pri->m_encrypt, perr)) goto errorReturn;
+		if (!_COSE_Recipient_encrypt(pri, pcose->pbKey, (int) pcose->cbKey, perr)) goto errorReturn;
 	}
 
 	//  Figure out the clean up

src/MacMessage.c

@@ -56,11 +56,7 @@ HCOSE_MAC _COSE_Mac_Init_From_Object(cn_cbor * cbor, COSE_MacMessage * pIn, CBOR
 		goto errorReturn;
 	}
 
-#ifdef USE_ARRAY
 	pRecipients = _COSE_arrayget_int(&pobj->m_message, INDEX_MAC_RECIPIENTS);
-#else
-	pRecipients = (cn_cbor *)cn_cbor_mapget_int(cbor, COSE_Header_Recipients);
-#endif
 	if (pRecipients != NULL) {
 		CHECK_CONDITION(pRecipients->type == CN_CBOR_ARRAY, COSE_ERR_INVALID_PARAMETER);
 
@@ -168,24 +164,13 @@ HCOSE_RECIPIENT COSE_Mac_add_shared_secret(HCOSE_MAC hcose, COSE_Algorithms alg,
 	pobj->m_recipientNext = pcose->m_recipientFirst;
 	pcose->m_recipientFirst = pobj;
 
-#ifdef USE_ARRAY
 	pRecipients = _COSE_arrayget_int(&pcose->m_message, INDEX_MAC_RECIPIENTS);
-#else
-	cn_cbor * pRecipients = (cn_cbor *)cn_cbor_mapget_int(pcose->m_message.m_cbor, COSE_Header_Recipients);
-#endif
 	if (pRecipients == NULL) {
 		pRecipients = pRecipientsNew = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA &cbor_error);
 		CHECK_CONDITION_CBOR(pRecipients != NULL, cbor_error);
 		pRecipientsNew = NULL;
 
-#ifdef USE_ARRAY
 		CHECK_CONDITION_CBOR(_COSE_array_replace(&pcose->m_message, pRecipients, INDEX_MAC_RECIPIENTS, CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error);
-#else
-		if (!cn_cbor_mapput_int(pcose->m_message.m_cbor, COSE_Header_Recipients, pRecipients, CBOR_CONTEXT_PARAM_COMMA NULL)) {
-			cn_cbor_free(pRecipients, context);
-			goto error;
-		}
-#endif
 	}
 
 	CHECK_CONDITION_CBOR(cn_cbor_array_append(pRecipients, pobj->m_encrypt.m_message.m_cbor, &cbor_error), cbor_error);
@@ -214,15 +199,9 @@ bool COSE_Mac_SetContent(HCOSE_MAC cose, const byte * rgbContent, size_t cbConte
 	ptmp = cn_cbor_data_create(rgbContent, (int) cbContent, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
 	CHECK_CONDITION_CBOR(ptmp != NULL, cbor_error);
 
-#ifdef USE_ARRAY
 	CHECK_CONDITION_CBOR(_COSE_array_replace(&p->m_message, ptmp, INDEX_BODY, CBOR_CONTEXT_PARAM_COMMA &cbor_error),  cbor_error);
 	ptmp = NULL;
-#else
-	if (!cn_cbor_mapput_int(p->m_message.m_cbor, COSE_Header_PlainText, cn_cbor_data_create (rgbContent, cbContent, CBOR_CONTEXT_PARAM_COMMA NULL), CBOR_CONTEXT_PARAM_COMMA NULL)) {
-		if (errp != NULL) errp->err = COSE_ERR_CBOR;
-		return;
-	}
-#endif
+
 	return true;
 
 errorReturn:
@@ -344,15 +323,6 @@ bool COSE_Mac_encrypt(HCOSE_MAC h, cose_errback * perr)
 	const cn_cbor * cbBody = _COSE_arrayget_int(&pcose->m_message, INDEX_BODY);
 	CHECK_CONDITION(cbBody != NULL, COSE_ERR_INVALID_PARAMETER);
 
-#ifndef USE_ARRAY
-	//  Add Unprotected headers
-
-	if (pcose->m_message.m_unprotectMap->first_child != NULL) {
-		if (!cn_cbor_mapput_int(pcose->m_message.m_cbor, COSE_Header_Unprotected, pcose->m_message.m_unprotectMap, CBOR_CONTEXT_PARAM_COMMA NULL)) goto error;
-		pcose->m_message.m_ownUnprotectedMap = false;
-	}
-#endif
-
 	//  Build authenticated data
 	//  Protected headers
 	//  external data
@@ -422,9 +392,7 @@ bool COSE_Mac_encrypt(HCOSE_MAC h, cose_errback * perr)
 	}
 
 	for (pri = pcose->m_recipientFirst; pri != NULL; pri = pri->m_recipientNext) {
-		if (!_COSE_Encrypt_SetContent(&pri->m_encrypt, pcose->pbKey, pcose->cbKey, perr)) goto errorReturn;
-
-		if (!COSE_Encrypt_encrypt((HCOSE_ENCRYPT)&pri->m_encrypt, perr)) goto errorReturn;
+		if (!_COSE_Recipient_encrypt(pri, pcose->pbKey, pcose->cbKey, perr)) goto errorReturn;
 	}
 
 	//  Figure out the clean up