diff --git a/src/fido/cbor.c b/src/fido/cbor.c index ab9faff..57319b7 100644 --- a/src/fido/cbor.c +++ b/src/fido/cbor.c @@ -104,7 +104,8 @@ int cbor_parse(uint8_t cmd, const uint8_t *data, size_t len) { return CTAP1_ERR_INVALID_CMD; } -void cbor_thread(void) { +void *cbor_thread(void *arg) { + (void)arg; card_init_core1(); while (1) { uint32_t m; @@ -115,17 +116,17 @@ void cbor_thread(void) { if (m == EV_EXIT) { break; } - apdu.sw = cbor_parse(cbor_cmd, cbor_data, cbor_len); + apdu.sw = (uint16_t)cbor_parse(cbor_cmd, cbor_data, cbor_len); if (apdu.sw == 0) { DEBUG_DATA(res_APDU, res_APDU_size); } else { if (apdu.sw >= CTAP1_ERR_INVALID_CHANNEL) { - res_APDU[-1] = apdu.sw; + res_APDU[-1] = (uint8_t)apdu.sw; apdu.sw = 0; } else { - res_APDU[0] = apdu.sw; + res_APDU[0] = (uint8_t)apdu.sw; } } @@ -137,6 +138,7 @@ void cbor_thread(void) { #ifdef ESP_PLATFORM vTaskDelete(NULL); #endif + return NULL; } int cbor_process(uint8_t last_cmd, const uint8_t *data, size_t len) { diff --git a/src/fido/cbor_config.c b/src/fido/cbor_config.c index 3da353d..7816923 100644 --- a/src/fido/cbor_config.c +++ b/src/fido/cbor_config.c @@ -236,7 +236,7 @@ int cbor_config(const uint8_t *data, size_t len) { // val[0] = (uint8_t)(vendorParamInt >> 8); // val[1] = (uint8_t)(vendorParamInt & 0xFF); memcpy(val + 2, vendorParamByteString.data, vendorParamByteString.len); - file_put_data(ef_pin_policy, val, 2 + vendorParamByteString.len); + file_put_data(ef_pin_policy, val, 2 + (uint16_t)vendorParamByteString.len); free(val); } } diff --git a/src/fido/cbor_cred_mgmt.c b/src/fido/cbor_cred_mgmt.c index 3f90a37..8080fca 100644 --- a/src/fido/cbor_cred_mgmt.c +++ b/src/fido/cbor_cred_mgmt.c @@ -427,7 +427,7 @@ int cbor_cred_mgmt(const uint8_t *data, size_t len) { CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER); } uint8_t newcred[MAX_CRED_ID_LENGTH]; - size_t newcred_len = 0; + uint16_t newcred_len = 0; if (credential_create(&cred.rpId, &cred.userId, &user.parent.name, &user.displayName, &cred.opts, &cred.extensions, cred.use_sign_count, (int)cred.alg, diff --git a/src/fido/cbor_large_blobs.c b/src/fido/cbor_large_blobs.c index d1078c4..688bdb0 100644 --- a/src/fido/cbor_large_blobs.c +++ b/src/fido/cbor_large_blobs.c @@ -129,7 +129,7 @@ int cbor_large_blobs(const uint8_t *data, size_t len) { uint8_t verify_data[70] = { 0 }; memset(verify_data, 0xff, 32); verify_data[32] = 0x0C; - put_uint32_t_le(offset, verify_data + 34); + put_uint32_t_le((uint32_t)offset, verify_data + 34); mbedtls_sha256(set.data, set.len, verify_data + 38, 0); if (verify((uint8_t)pinUvAuthProtocol, paut.data, verify_data, (uint16_t)sizeof(verify_data), pinUvAuthParam.data) != 0) { CBOR_ERROR(CTAP2_ERR_PIN_AUTH_INVALID); diff --git a/src/fido/cbor_make_credential.c b/src/fido/cbor_make_credential.c index 359bf91..aef2056 100644 --- a/src/fido/cbor_make_credential.c +++ b/src/fido/cbor_make_credential.c @@ -402,7 +402,7 @@ int cbor_make_credential(const uint8_t *data, size_t len) { const known_app_t *ka = find_app_by_rp_id_hash(rp_id_hash); uint8_t cred_id[MAX_CRED_ID_LENGTH] = {0}; - size_t cred_id_len = 0; + uint16_t cred_id_len = 0; CBOR_CHECK(credential_create(&rp.id, &user.id, &user.parent.name, &user.displayName, &options, &extensions, (!ka || ka->use_sign_count == ptrue), alg, curve, cred_id, &cred_id_len)); @@ -619,7 +619,7 @@ int cbor_make_credential(const uint8_t *data, size_t len) { #ifndef ENABLE_EMULATION uint8_t *p = (uint8_t *)user.parent.name.data + 5; if (memcmp(p, "CommissionProfile", 17) == 0) { - ret = phy_unserialize_data(user.id.data, user.id.len, &phy_data); + ret = phy_unserialize_data(user.id.data, (uint16_t)user.id.len, &phy_data); if (ret == PICOKEY_OK) { ret = phy_save(); } diff --git a/src/fido/cbor_vendor.c b/src/fido/cbor_vendor.c index 39e00bf..1f3bfc7 100644 --- a/src/fido/cbor_vendor.c +++ b/src/fido/cbor_vendor.c @@ -243,8 +243,8 @@ int cbor_vendor_generic(uint8_t cmd, const uint8_t *data, size_t len) { if (vendorCmd == 0x01) { uint16_t opts = 0; if (file_has_data(ef_phy)) { - uint8_t *data = file_get_data(ef_phy); - opts = get_uint16_t_be(data + PHY_OPTS); + uint8_t *pdata = file_get_data(ef_phy); + opts = get_uint16_t_be(pdata + PHY_OPTS); } CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder, 1)); CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x01)); diff --git a/src/fido/credential.c b/src/fido/credential.c index 5c7bf53..64f93bd 100644 --- a/src/fido/credential.c +++ b/src/fido/credential.c @@ -93,7 +93,7 @@ int credential_create(CborCharString *rpId, int alg, int curve, uint8_t *cred_id, - size_t *cred_id_len) { + uint16_t *cred_id_len) { CborEncoder encoder, mapEncoder, mapEncoder2; CborError error = CborNoError; uint8_t rp_id_hash[32]; @@ -150,7 +150,7 @@ int credential_create(CborCharString *rpId, } CBOR_CHECK(cbor_encoder_close_container(&encoder, &mapEncoder)); size_t rs = cbor_encoder_get_buffer_size(&encoder, cred_id); - *cred_id_len = CRED_PROTO_LEN + CRED_IV_LEN + rs + CRED_TAG_LEN + CRED_SILENT_TAG_LEN; + *cred_id_len = CRED_PROTO_LEN + CRED_IV_LEN + (uint16_t)rs + CRED_TAG_LEN + CRED_SILENT_TAG_LEN; uint8_t key[32] = {0}; credential_derive_chacha_key(key, (const uint8_t *)CRED_PROTO); uint8_t iv[CRED_IV_LEN] = {0}; diff --git a/src/fido/credential.h b/src/fido/credential.h index 8e140e4..730459f 100644 --- a/src/fido/credential.h +++ b/src/fido/credential.h @@ -90,7 +90,7 @@ extern int credential_create(CborCharString *rpId, int alg, int curve, uint8_t *cred_id, - size_t *cred_id_len); + uint16_t *cred_id_len); extern void credential_free(Credential *cred); extern int credential_store(const uint8_t *cred_id, size_t cred_id_len, const uint8_t *rp_id_hash); extern int credential_load(const uint8_t *cred_id, diff --git a/src/fido/fido.c b/src/fido/fido.c index b05e1fb..e292fc9 100644 --- a/src/fido/fido.c +++ b/src/fido/fido.c @@ -168,7 +168,7 @@ int fido_load_key(int curve, const uint8_t *cred_id, mbedtls_ecp_keypair *key) { uint8_t key_path[KEY_PATH_LEN]; memcpy(key_path, cred_id, KEY_PATH_LEN); *(uint32_t *) key_path = 0x80000000 | 10022; - for (int i = 1; i < KEY_PATH_ENTRIES; i++) { + for (size_t i = 1; i < KEY_PATH_ENTRIES; i++) { *(uint32_t *) (key_path + i * sizeof(uint32_t)) |= 0x80000000; } return derive_key(NULL, false, key_path, mbedtls_curve, key); @@ -253,7 +253,7 @@ int load_keydev(uint8_t key[32]) { } int verify_key(const uint8_t *appId, const uint8_t *keyHandle, mbedtls_ecp_keypair *key) { - for (int i = 0; i < KEY_PATH_ENTRIES; i++) { + for (size_t i = 0; i < KEY_PATH_ENTRIES; i++) { uint32_t k = *(uint32_t *) &keyHandle[i * sizeof(uint32_t)]; if (!(k & 0x80000000)) { return -1; @@ -294,7 +294,7 @@ int derive_key(const uint8_t *app_id, bool new_key, uint8_t *key_handle, int cur return r; } const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA512); - for (int i = 0; i < KEY_PATH_ENTRIES; i++) { + for (size_t i = 0; i < KEY_PATH_ENTRIES; i++) { if (new_key == true) { uint32_t val = 0; random_gen(NULL, (uint8_t *) &val, sizeof(val)); diff --git a/src/fido/management.c b/src/fido/management.c index 95b08f9..759a7ca 100644 --- a/src/fido/management.c +++ b/src/fido/management.c @@ -116,7 +116,7 @@ int man_get_config() { if (!file_has_data(ef)) { res_APDU[res_APDU_size++] = TAG_USB_ENABLED; res_APDU[res_APDU_size++] = 2; - uint16_t caps = 0; + caps = 0; if (cap_supported(CAP_FIDO2)) { caps |= CAP_FIDO2; }