libtom · levitte · Aug 19, 2024
diff --git a/doc/crypt.tex b/doc/crypt.tex
@@ -9671,9 +9671,9 @@ \subsection{Exporting and Importing}
      @param len   The number of octets
      @return CRYPT_OK on success
    */
-   int (*unsigned_read)(         void *dst,
-                        unsigned char *src,
-                        unsigned long  len);
+   int (*unsigned_read)(               void *dst,
+                        const unsigned char *src,
+                              unsigned long  len);
 
 /* ---- basic math ---- */
 

diff --git a/src/headers/tomcrypt_math.h b/src/headers/tomcrypt_math.h
@@ -175,9 +175,9 @@ typedef struct {
      @param len   The number of octets
      @return CRYPT_OK on success
    */
-   int (*unsigned_read)(         void *dst,
-                        unsigned char *src,
-                        unsigned long  len);
+   int (*unsigned_read)(               void *dst,
+                        const unsigned char *src,
+                              unsigned long  len);
 
 /* ---- basic math ---- */
 

diff --git a/src/math/gmp_desc.c b/src/math/gmp_desc.c
@@ -209,7 +209,7 @@ static int unsigned_write(void *a, unsigned char *b)
 }
 
 /* read */
-static int unsigned_read(void *a, unsigned char *b, unsigned long len)
+static int unsigned_read(void *a, const unsigned char *b, unsigned long len)
 {
    LTC_ARGCHK(a != NULL);
    LTC_ARGCHK(b != NULL);

diff --git a/src/math/ltm_desc.c b/src/math/ltm_desc.c
@@ -224,7 +224,7 @@ static int unsigned_write(void *a, unsigned char *b)
 }
 
 /* read */
-static int unsigned_read(void *a, unsigned char *b, unsigned long len)
+static int unsigned_read(void *a, const unsigned char *b, unsigned long len)
 {
    LTC_ARGCHK(a != NULL);
    LTC_ARGCHK(b != NULL);

diff --git a/src/math/tfm_desc.c b/src/math/tfm_desc.c
@@ -188,7 +188,7 @@ static int unsigned_write(void *a, unsigned char *b)
 }
 
 /* read */
-static int unsigned_read(void *a, unsigned char *b, unsigned long len)
+static int unsigned_read(void *a, const unsigned char *b, unsigned long len)
 {
    LTC_ARGCHK(a != NULL);
    LTC_ARGCHK(b != NULL);

diff --git a/src/misc/ssh/ssh_decode_sequence_multi.c b/src/misc/ssh/ssh_decode_sequence_multi.c
@@ -142,7 +142,7 @@ int ssh_decode_sequence_multi(const unsigned char *in, unsigned long *inlen, ...
                err = CRYPT_INVALID_PACKET;
                goto error;
             } else {
-               if ((err = mp_read_unsigned_bin(vdata, (unsigned char *)in, size)) != CRYPT_OK)          { goto error; }
+               if ((err = mp_read_unsigned_bin(vdata, in, size)) != CRYPT_OK)                           { goto error; }
             }
             in += size;
             break;

diff --git a/src/pk/dsa/dsa_set.c b/src/pk/dsa/dsa_set.c
@@ -30,9 +30,9 @@ int dsa_set_pqg(const unsigned char *p,  unsigned long plen,
    /* init key */
    if ((err = dsa_int_init(key)) != CRYPT_OK) return err;
 
-   if ((err = mp_read_unsigned_bin(key->p, (unsigned char *)p , plen)) != CRYPT_OK) { goto LBL_ERR; }
-   if ((err = mp_read_unsigned_bin(key->g, (unsigned char *)g , glen)) != CRYPT_OK) { goto LBL_ERR; }
-   if ((err = mp_read_unsigned_bin(key->q, (unsigned char *)q , qlen)) != CRYPT_OK) { goto LBL_ERR; }
+   if ((err = mp_read_unsigned_bin(key->p, p , plen)) != CRYPT_OK)                  { goto LBL_ERR; }
+   if ((err = mp_read_unsigned_bin(key->g, g , glen)) != CRYPT_OK)                  { goto LBL_ERR; }
+   if ((err = mp_read_unsigned_bin(key->q, q , qlen)) != CRYPT_OK)                  { goto LBL_ERR; }
 
    key->qord = mp_unsigned_bin_size(key->q);
 
@@ -75,12 +75,12 @@ int dsa_set_key(const unsigned char *in, unsigned long inlen, int type, dsa_key
 
    if (type == PK_PRIVATE) {
       key->type = PK_PRIVATE;
-      if ((err = mp_read_unsigned_bin(key->x, (unsigned char *)in, inlen)) != CRYPT_OK) { goto LBL_ERR; }
+      if ((err = mp_read_unsigned_bin(key->x, in, inlen)) != CRYPT_OK)                  { goto LBL_ERR; }
       if ((err = mp_exptmod(key->g, key->x, key->p, key->y)) != CRYPT_OK)               { goto LBL_ERR; }
    }
    else {
       key->type = PK_PUBLIC;
-      if ((err = mp_read_unsigned_bin(key->y, (unsigned char *)in, inlen)) != CRYPT_OK) { goto LBL_ERR; }
+      if ((err = mp_read_unsigned_bin(key->y, in, inlen)) != CRYPT_OK)                  { goto LBL_ERR; }
    }
 
    if ((err = dsa_int_validate_xy(key, &stat)) != CRYPT_OK)                             { goto LBL_ERR; }

diff --git a/src/pk/dsa/dsa_sign_hash.c b/src/pk/dsa/dsa_sign_hash.c
@@ -80,7 +80,7 @@ int dsa_sign_hash_raw(const unsigned char *in,  unsigned long inlen,
    inlen = MIN(inlen, (unsigned long)(key->qord));
 
    /* now find s = (in + xr)/k mod q */
-   if ((err = mp_read_unsigned_bin(tmp, (unsigned char *)in, inlen)) != CRYPT_OK)      { goto error; }
+   if ((err = mp_read_unsigned_bin(tmp, in, inlen)) != CRYPT_OK)                       { goto error; }
    if ((err = mp_mul(key->x, r, s)) != CRYPT_OK)                                       { goto error; }
    if ((err = mp_add(s, tmp, s)) != CRYPT_OK)                                          { goto error; }
    if ((err = mp_mulmod(s, kinv, key->q, s)) != CRYPT_OK)                              { goto error; }

diff --git a/src/pk/dsa/dsa_verify_hash.c b/src/pk/dsa/dsa_verify_hash.c
@@ -53,7 +53,7 @@ int dsa_verify_hash_raw(         void   *r,          void   *s,
    if ((err = mp_invmod(s, key->q, w)) != CRYPT_OK)                                       { goto error; }
 
    /* u1 = m * w mod q */
-   if ((err = mp_read_unsigned_bin(u1, (unsigned char *)hash, hashlen)) != CRYPT_OK)      { goto error; }
+   if ((err = mp_read_unsigned_bin(u1, hash, hashlen)) != CRYPT_OK)                       { goto error; }
    if ((err = mp_mulmod(u1, w, key->q, u1)) != CRYPT_OK)                                  { goto error; }
 
    /* u2 = r*w mod q */

diff --git a/src/pk/ecc/ecc_recover_key.c b/src/pk/ecc/ecc_recover_key.c
@@ -81,8 +81,8 @@ int ecc_recover_key(const unsigned char *sig,  unsigned long siglen,
          err = CRYPT_INVALID_PACKET;
          goto error;
       }
-      if ((err = mp_read_unsigned_bin(r, (unsigned char *)sig,   i)) != CRYPT_OK)                       { goto error; }
-      if ((err = mp_read_unsigned_bin(s, (unsigned char *)sig+i, i)) != CRYPT_OK)                       { goto error; }
+      if ((err = mp_read_unsigned_bin(r, sig,   i)) != CRYPT_OK)                                        { goto error; }
+      if ((err = mp_read_unsigned_bin(s, sig+i, i)) != CRYPT_OK)                                        { goto error; }
    }
    else if (sigformat == LTC_ECCSIG_ETH27) {
       /* Ethereum (v,r,s) format */
@@ -102,8 +102,8 @@ int ecc_recover_key(const unsigned char *sig,  unsigned long siglen,
          goto error;
       }
       recid = i;
-      if ((err = mp_read_unsigned_bin(r, (unsigned char *)sig,  32)) != CRYPT_OK)                       { goto error; }
-      if ((err = mp_read_unsigned_bin(s, (unsigned char *)sig+32, 32)) != CRYPT_OK)                     { goto error; }
+      if ((err = mp_read_unsigned_bin(r, sig,  32)) != CRYPT_OK)                                        { goto error; }
+      if ((err = mp_read_unsigned_bin(s, sig+32, 32)) != CRYPT_OK)                                      { goto error; }
    }
 #ifdef LTC_SSH
    else if (sigformat == LTC_ECCSIG_RFC5656) {
@@ -150,10 +150,10 @@ int ecc_recover_key(const unsigned char *sig,  unsigned long siglen,
    pbits = mp_count_bits(p);
    pbytes = (pbits+7) >> 3;
    if (pbits > hashlen*8) {
-      if ((err = mp_read_unsigned_bin(e, (unsigned char *)hash, hashlen)) != CRYPT_OK)                  { goto error; }
+      if ((err = mp_read_unsigned_bin(e, hash, hashlen)) != CRYPT_OK)                                   { goto error; }
    }
    else if (pbits % 8 == 0) {
-      if ((err = mp_read_unsigned_bin(e, (unsigned char *)hash, pbytes)) != CRYPT_OK)                   { goto error; }
+      if ((err = mp_read_unsigned_bin(e, hash, pbytes)) != CRYPT_OK)                                    { goto error; }
    }
    else {
       shift_right = 8 - pbits % 8;
@@ -162,7 +162,7 @@ int ecc_recover_key(const unsigned char *sig,  unsigned long siglen,
         ch = (hash[i] << (8-shift_right));
         buf[i] = buf[i] ^ (hash[i] >> shift_right);
       }
-      if ((err = mp_read_unsigned_bin(e, (unsigned char *)buf, pbytes)) != CRYPT_OK)                    { goto error; }
+      if ((err = mp_read_unsigned_bin(e, buf, pbytes)) != CRYPT_OK)                                     { goto error; }
    }
 
    /* decompress point from r=(x mod p) - BEWARE: requires sqrtmod_prime */

diff --git a/src/pk/ecc/ecc_set_key.c b/src/pk/ecc/ecc_set_key.c
@@ -20,7 +20,7 @@ int ecc_set_key(const unsigned char *in, unsigned long inlen, int type, ecc_key
 
    if (type == PK_PRIVATE) {
       /* load private key */
-      if ((err = mp_read_unsigned_bin(key->k, (unsigned char *)in, inlen)) != CRYPT_OK) {
+      if ((err = mp_read_unsigned_bin(key->k, in, inlen)) != CRYPT_OK) {
          goto error;
       }
       if (mp_iszero(key->k) || (mp_cmp(key->k, key->dp.order) != LTC_MP_LT)) {

diff --git a/src/pk/ecc/ecc_sign_hash.c b/src/pk/ecc/ecc_sign_hash.c
@@ -55,10 +55,10 @@ int ecc_sign_hash_ex(const unsigned char *in,  unsigned long inlen,
    pbits = mp_count_bits(p);
    pbytes = (pbits+7) >> 3;
    if (pbits > inlen*8) {
-      if ((err = mp_read_unsigned_bin(e, (unsigned char *)in, inlen)) != CRYPT_OK)    { goto errnokey; }
+      if ((err = mp_read_unsigned_bin(e, in, inlen)) != CRYPT_OK)    { goto errnokey; }
    }
    else if (pbits % 8 == 0) {
-      if ((err = mp_read_unsigned_bin(e, (unsigned char *)in, pbytes)) != CRYPT_OK)   { goto errnokey; }
+      if ((err = mp_read_unsigned_bin(e, in, pbytes)) != CRYPT_OK)   { goto errnokey; }
    }
    else {
       shift_right = 8 - pbits % 8;
@@ -67,7 +67,7 @@ int ecc_sign_hash_ex(const unsigned char *in,  unsigned long inlen,
         ch = (in[i] << (8-shift_right));
         buf[i] = buf[i] ^ (in[i] >> shift_right);
       }
-      if ((err = mp_read_unsigned_bin(e, (unsigned char *)buf, pbytes)) != CRYPT_OK)  { goto errnokey; }
+      if ((err = mp_read_unsigned_bin(e, buf, pbytes)) != CRYPT_OK)  { goto errnokey; }
    }
 
    /* make up a key and export the public copy */

diff --git a/src/pk/ecc/ecc_verify_hash.c b/src/pk/ecc/ecc_verify_hash.c
@@ -75,8 +75,8 @@ int ecc_verify_hash_ex(const unsigned char *sig,  unsigned long siglen,
          err = CRYPT_INVALID_PACKET;
          goto error;
       }
-      if ((err = mp_read_unsigned_bin(r, (unsigned char *)sig,   i)) != CRYPT_OK)                       { goto error; }
-      if ((err = mp_read_unsigned_bin(s, (unsigned char *)sig+i, i)) != CRYPT_OK)                       { goto error; }
+      if ((err = mp_read_unsigned_bin(r, sig,   i)) != CRYPT_OK)                                        { goto error; }
+      if ((err = mp_read_unsigned_bin(s, sig+i, i)) != CRYPT_OK)                                        { goto error; }
    }
    else if (sigformat == LTC_ECCSIG_ETH27) {
       /* Ethereum (v,r,s) format */
@@ -88,8 +88,8 @@ int ecc_verify_hash_ex(const unsigned char *sig,  unsigned long siglen,
          err = CRYPT_INVALID_PACKET;
          goto error;
       }
-      if ((err = mp_read_unsigned_bin(r, (unsigned char *)sig,  32)) != CRYPT_OK)                       { goto error; }
-      if ((err = mp_read_unsigned_bin(s, (unsigned char *)sig+32, 32)) != CRYPT_OK)                     { goto error; }
+      if ((err = mp_read_unsigned_bin(r, sig,  32)) != CRYPT_OK)                                        { goto error; }
+      if ((err = mp_read_unsigned_bin(s, sig+32, 32)) != CRYPT_OK)                                      { goto error; }
    }
 #ifdef LTC_SSH
    else if (sigformat == LTC_ECCSIG_RFC5656) {
@@ -130,10 +130,10 @@ int ecc_verify_hash_ex(const unsigned char *sig,  unsigned long siglen,
    pbits = mp_count_bits(p);
    pbytes = (pbits+7) >> 3;
    if (pbits > hashlen*8) {
-      if ((err = mp_read_unsigned_bin(e, (unsigned char *)hash, hashlen)) != CRYPT_OK)                  { goto error; }
+      if ((err = mp_read_unsigned_bin(e, hash, hashlen)) != CRYPT_OK)                                   { goto error; }
    }
    else if (pbits % 8 == 0) {
-      if ((err = mp_read_unsigned_bin(e, (unsigned char *)hash, pbytes)) != CRYPT_OK)                   { goto error; }
+      if ((err = mp_read_unsigned_bin(e, hash, pbytes)) != CRYPT_OK)                                    { goto error; }
    }
    else {
       shift_right = 8 - pbits % 8;
@@ -142,7 +142,7 @@ int ecc_verify_hash_ex(const unsigned char *sig,  unsigned long siglen,
         ch = (hash[i] << (8-shift_right));
         buf[i] = buf[i] ^ (hash[i] >> shift_right);
       }
-      if ((err = mp_read_unsigned_bin(e, (unsigned char *)buf, pbytes)) != CRYPT_OK)                    { goto error; }
+      if ((err = mp_read_unsigned_bin(e, buf, pbytes)) != CRYPT_OK)                                     { goto error; }
    }
 
    /*  w  = s^-1 mod n */

diff --git a/src/pk/ecc/ltc_ecc_import_point.c b/src/pk/ecc/ltc_ecc_import_point.c
@@ -21,14 +21,14 @@ int ltc_ecc_import_point(const unsigned char *in, unsigned long inlen, void *pri
    if (in[0] == 0x04 && (inlen&1) && ((inlen-1)>>1) == size) {
       /* read uncompressed point */
       /* load x */
-      if ((err = mp_read_unsigned_bin(x, (unsigned char *)in+1, size)) != CRYPT_OK)      { goto cleanup; }
+      if ((err = mp_read_unsigned_bin(x, in+1, size)) != CRYPT_OK)                       { goto cleanup; }
       /* load y */
-      if ((err = mp_read_unsigned_bin(y, (unsigned char *)in+1+size, size)) != CRYPT_OK) { goto cleanup; }
+      if ((err = mp_read_unsigned_bin(y, in+1+size, size)) != CRYPT_OK)                  { goto cleanup; }
    }
    else if ((in[0] == 0x02 || in[0] == 0x03) && (inlen-1) == size && ltc_mp.sqrtmod_prime != NULL) {
       /* read compressed point - BEWARE: requires sqrtmod_prime */
       /* load x */
-      if ((err = mp_read_unsigned_bin(x, (unsigned char *)in+1, size)) != CRYPT_OK)      { goto cleanup; }
+      if ((err = mp_read_unsigned_bin(x, in+1, size)) != CRYPT_OK)                       { goto cleanup; }
       /* compute x^3 */
       if ((err = mp_sqr(x, t1)) != CRYPT_OK)                                             { goto cleanup; }
       if ((err = mp_mulmod(t1, x, prime, t1)) != CRYPT_OK)                               { goto cleanup; }

diff --git a/src/pk/rsa/rsa_exptmod.c b/src/pk/rsa/rsa_exptmod.c
@@ -53,7 +53,7 @@ int rsa_exptmod(const unsigned char *in,   unsigned long inlen,
 #endif /* LTC_RSA_BLINDING */
                                                            NULL)) != CRYPT_OK)
         { return err; }
-   if ((err = mp_read_unsigned_bin(tmp, (unsigned char *)in, (int)inlen)) != CRYPT_OK)
+   if ((err = mp_read_unsigned_bin(tmp, in, (int)inlen)) != CRYPT_OK)
         { goto error; }
 
 
@@ -130,7 +130,7 @@ int rsa_exptmod(const unsigned char *in,   unsigned long inlen,
       #ifdef LTC_RSA_CRT_HARDENING
       if (has_crt_parameters) {
          if ((err = mp_exptmod(tmp, key->e, key->N, tmpa)) != CRYPT_OK)                              { goto error; }
-         if ((err = mp_read_unsigned_bin(tmpb, (unsigned char *)in, (int)inlen)) != CRYPT_OK)        { goto error; }
+         if ((err = mp_read_unsigned_bin(tmpb, in, (int)inlen)) != CRYPT_OK)                         { goto error; }
          if (mp_cmp(tmpa, tmpb) != LTC_MP_EQ)                                     { err = CRYPT_ERROR; goto error; }
       }
       #endif

diff --git a/src/pk/rsa/rsa_make_key.c b/src/pk/rsa/rsa_make_key.c
@@ -130,7 +130,7 @@ int rsa_make_key_ubin_e(prng_state *prng, int wprng, int size,
       return err;
    }
 
-   if ((err = mp_read_unsigned_bin(tmp_e, (unsigned char *)e, elen)) == CRYPT_OK)
+   if ((err = mp_read_unsigned_bin(tmp_e, e, elen)) == CRYPT_OK)
      err = rsa_make_key_bn_e(prng, wprng, size, tmp_e, key);
 
    mp_clear(tmp_e);

diff --git a/src/pk/rsa/rsa_set.c b/src/pk/rsa/rsa_set.c
@@ -31,10 +31,10 @@ int rsa_set_key(const unsigned char *N,  unsigned long Nlen,
 
    if ((err = rsa_init(key)) != CRYPT_OK) return err;
 
-   if ((err = mp_read_unsigned_bin(key->N , (unsigned char *)N , Nlen)) != CRYPT_OK)    { goto LBL_ERR; }
-   if ((err = mp_read_unsigned_bin(key->e , (unsigned char *)e , elen)) != CRYPT_OK)    { goto LBL_ERR; }
+   if ((err = mp_read_unsigned_bin(key->N , N , Nlen)) != CRYPT_OK)                     { goto LBL_ERR; }
+   if ((err = mp_read_unsigned_bin(key->e , e , elen)) != CRYPT_OK)                     { goto LBL_ERR; }
    if (d && dlen) {
-      if ((err = mp_read_unsigned_bin(key->d , (unsigned char *)d , dlen)) != CRYPT_OK) { goto LBL_ERR; }
+      if ((err = mp_read_unsigned_bin(key->d , d , dlen)) != CRYPT_OK)                  { goto LBL_ERR; }
       key->type = PK_PRIVATE;
    }
    else {
@@ -72,8 +72,8 @@ int rsa_set_factors(const unsigned char *p,  unsigned long plen,
 
    if (key->type != PK_PRIVATE) return CRYPT_PK_TYPE_MISMATCH;
 
-   if ((err = mp_read_unsigned_bin(key->p , (unsigned char *)p , plen)) != CRYPT_OK) { goto LBL_ERR; }
-   if ((err = mp_read_unsigned_bin(key->q , (unsigned char *)q , qlen)) != CRYPT_OK) { goto LBL_ERR; }
+   if ((err = mp_read_unsigned_bin(key->p , p , plen)) != CRYPT_OK)                  { goto LBL_ERR; }
+   if ((err = mp_read_unsigned_bin(key->q , q , qlen)) != CRYPT_OK)                  { goto LBL_ERR; }
    return CRYPT_OK;
 
 LBL_ERR:
@@ -110,9 +110,9 @@ int rsa_set_crt_params(const unsigned char *dP, unsigned long dPlen,
 
    if (key->type != PK_PRIVATE) return CRYPT_PK_TYPE_MISMATCH;
 
-   if ((err = mp_read_unsigned_bin(key->dP, (unsigned char *)dP, dPlen)) != CRYPT_OK) { goto LBL_ERR; }
-   if ((err = mp_read_unsigned_bin(key->dQ, (unsigned char *)dQ, dQlen)) != CRYPT_OK) { goto LBL_ERR; }
-   if ((err = mp_read_unsigned_bin(key->qP, (unsigned char *)qP, qPlen)) != CRYPT_OK) { goto LBL_ERR; }
+   if ((err = mp_read_unsigned_bin(key->dP, dP, dPlen)) != CRYPT_OK)                  { goto LBL_ERR; }
+   if ((err = mp_read_unsigned_bin(key->dQ, dQ, dQlen)) != CRYPT_OK)                  { goto LBL_ERR; }
+   if ((err = mp_read_unsigned_bin(key->qP, qP, qPlen)) != CRYPT_OK)                  { goto LBL_ERR; }
    return CRYPT_OK;
 
 LBL_ERR: