Merge "Fix -Wshorten-64-to-32 errors in BoringSSL interactions"

libwvdrmengine/oemcrypto/test/oec_key_deriver.cpp

@@ -147,8 +147,9 @@ void KeyDeriver::ServerSignBuffer(const uint8_t* data, size_t data_length,
   ASSERT_EQ(mac_key_server_.size(), MAC_KEY_SIZE);
   signature->assign(SHA256_DIGEST_LENGTH, 0);
   unsigned int sig_len = SHA256_DIGEST_LENGTH;
-  ASSERT_TRUE(HMAC(EVP_sha256(), mac_key_server_.data(), mac_key_server_.size(),
-                   data, data_length, signature->data(), &sig_len));
+  ASSERT_TRUE(HMAC(EVP_sha256(), mac_key_server_.data(),
+                   static_cast<int>(mac_key_server_.size()), data, data_length,
+                   signature->data(), &sig_len));
 }
 
 void KeyDeriver::ClientSignBuffer(const vector<uint8_t>& buffer,
@@ -156,8 +157,9 @@ void KeyDeriver::ClientSignBuffer(const vector<uint8_t>& buffer,
   ASSERT_EQ(mac_key_client_.size(), MAC_KEY_SIZE);
   signature->assign(SHA256_DIGEST_LENGTH, 0);
   unsigned int sig_len = SHA256_DIGEST_LENGTH;
-  ASSERT_TRUE(HMAC(EVP_sha256(), mac_key_client_.data(), mac_key_client_.size(),
-                   buffer.data(), buffer.size(), signature->data(), &sig_len));
+  ASSERT_TRUE(HMAC(EVP_sha256(), mac_key_client_.data(),
+                   static_cast<int>(mac_key_client_.size()), buffer.data(),
+                   buffer.size(), signature->data(), &sig_len));
 }
 
 void KeyDeriver::ClientSignPstReport(const vector<uint8_t>& pst_report_buffer,
@@ -165,7 +167,8 @@ void KeyDeriver::ClientSignPstReport(const vector<uint8_t>& pst_report_buffer,
   ASSERT_EQ(mac_key_client_.size(), MAC_KEY_SIZE);
   signature->assign(SHA_DIGEST_LENGTH, 0);
   unsigned int sig_len = SHA_DIGEST_LENGTH;
-  ASSERT_TRUE(HMAC(EVP_sha1(), mac_key_client_.data(), mac_key_client_.size(),
+  ASSERT_TRUE(HMAC(EVP_sha1(), mac_key_client_.data(),
+                   static_cast<int>(mac_key_client_.size()),
                    &pst_report_buffer[SHA_DIGEST_LENGTH],
                    pst_report_buffer.size() - SHA_DIGEST_LENGTH,
                    signature->data(), &sig_len));

libwvdrmengine/oemcrypto/test/oec_session_util.cpp

@@ -112,9 +112,9 @@ OEMCryptoResult DecryptCTR(OEMCrypto_SESSION session_id, const uint8_t* key,
 
 }  // namespace
 
-int GetRandBytes(unsigned char* buf, int num) {
+int GetRandBytes(unsigned char* buf, size_t num) {
   // returns 1 on success, -1 if not supported, or 0 if other failure.
-  return RAND_bytes(buf, num);
+  return RAND_bytes(buf, static_cast<int>(num));
 }
 
 // Does the boilerplate to fill out sample and subsample descriptions for
@@ -162,7 +162,9 @@ void ctr128_inc64(int64_t increaseBy, uint8_t* iv) {
 uint32_t htonl_fnc(uint32_t x) { return htonl(x); }
 
 void dump_boringssl_error() {
-  while (unsigned long err = ERR_get_error()) {
+  // BoringSSL and OpenSSL disagree about what the type of an error code is, so
+  // we must use "auto" here.
+  while (auto err = ERR_get_error()) {
     char buffer[120];
     ERR_error_string_n(err, buffer, sizeof(buffer));
     cout << "BoringSSL Error -- " << buffer << "\n";
@@ -1373,7 +1375,8 @@ void Session::GenerateDerivedKeysFromSessionKey() {
 }
 
 void Session::TestDecryptCTR(bool select_key_first,
-                             OEMCryptoResult expected_result, int key_index) {
+                             OEMCryptoResult expected_result,
+                             size_t key_index) {
   OEMCryptoResult select_result = OEMCrypto_SUCCESS;
   if (select_key_first) {
     // Select the key (from FillSimpleMessage)
@@ -1433,7 +1436,7 @@ void Session::TestDecryptResult(OEMCryptoResult expected_result,
   }
 }
 
-void Session::TestSelectExpired(unsigned int key_index) {
+void Session::TestSelectExpired(size_t key_index) {
   if (global_features.api_version >= 13) {
     OEMCryptoResult status = OEMCrypto_SelectKey(
         session_id(), license().keys[key_index].key_id,
@@ -1477,7 +1480,7 @@ void Session::LoadOEMCert(bool verify_cert) {
   // Load the public cert's key into public_rsa_ and verify, if requested
   for (size_t i = 0; certs && i < static_cast<size_t>(sk_X509_num(certs));
        ++i) {
-    X509* x509_cert = sk_X509_value(certs, i);
+    X509* x509_cert = sk_X509_value(certs, static_cast<int>(i));
     boringssl_ptr<EVP_PKEY, EVP_PKEY_free> pubkey(X509_get_pubkey(x509_cert));
     ASSERT_TRUE(pubkey.NotNull());
     if (i == 0) {
@@ -1493,7 +1496,8 @@ void Session::LoadOEMCert(bool verify_cert) {
 
       X509_NAME* name = X509_get_subject_name(x509_cert);
       printf("  OEM Certificate Name: %s\n",
-             X509_NAME_oneline(name, buffer.data(), buffer.size()));
+             X509_NAME_oneline(name, buffer.data(),
+                               static_cast<int>(buffer.size())));
       boringssl_ptr<X509_STORE, X509_STORE_free> store(X509_STORE_new());
       ASSERT_TRUE(store.NotNull());
       boringssl_ptr<X509_STORE_CTX, X509_STORE_CTX_free> store_ctx(
@@ -1523,7 +1527,8 @@ void Session::PreparePublicKey(const uint8_t* rsa_key, size_t rsa_key_length) {
     rsa_key_length = sizeof(kTestRSAPKCS8PrivateKeyInfo2_2048);
   }
   uint8_t* p = const_cast<uint8_t*>(rsa_key);
-  boringssl_ptr<BIO, BIO_vfree> bio(BIO_new_mem_buf(p, rsa_key_length));
+  boringssl_ptr<BIO, BIO_vfree> bio(
+      BIO_new_mem_buf(p, static_cast<int>(rsa_key_length)));
   ASSERT_TRUE(bio.NotNull());
   boringssl_ptr<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_free> pkcs8_pki(
       d2i_PKCS8_PRIV_KEY_INFO_bio(bio.get(), nullptr));
@@ -1621,8 +1626,9 @@ void Session::VerifyRSASignature(const vector<uint8_t>& message,
     int size;
     // RSA_public_decrypt decrypts the signature, and then verifies that
     // it was padded with RSA PKCS1 padding.
-    size = RSA_public_decrypt(signature_length, signature, padded_digest.data(),
-                              public_rsa_, RSA_PKCS1_PADDING);
+    size = RSA_public_decrypt(static_cast<int>(signature_length), signature,
+                              padded_digest.data(), public_rsa_,
+                              RSA_PKCS1_PADDING);
     EXPECT_GT(size, 0);
     padded_digest.resize(size);
     EXPECT_EQ(message, padded_digest);
@@ -1639,9 +1645,9 @@ bool Session::GenerateRSASessionKey(vector<uint8_t>* session_key,
   }
   *session_key = wvcdm::a2b_hex("6fa479c731d2770b6a61a5d1420bb9d1");
   enc_session_key->assign(RSA_size(public_rsa_), 0);
-  int status = RSA_public_encrypt(session_key->size(), &(session_key->front()),
-                                  &(enc_session_key->front()), public_rsa_,
-                                  RSA_PKCS1_OAEP_PADDING);
+  int status = RSA_public_encrypt(
+      static_cast<int>(session_key->size()), &(session_key->front()),
+      &(enc_session_key->front()), public_rsa_, RSA_PKCS1_OAEP_PADDING);
   int size = static_cast<int>(RSA_size(public_rsa_));
   if (status != size) {
     cout << "GenerateRSASessionKey error encrypting session key.\n";

libwvdrmengine/oemcrypto/test/oec_session_util.h

@@ -117,7 +117,7 @@ struct EntitledContentKeyData {
 };
 
 // returns 1 on success, -1 if not supported, or 0 if other failure.
-int GetRandBytes(unsigned char* buf, int num);
+int GetRandBytes(unsigned char* buf, size_t num);
 
 void GenerateSimpleSampleDescription(const std::vector<uint8_t>& in,
                                      std::vector<uint8_t>& out,
@@ -534,10 +534,10 @@ class Session {
   // Encrypt some data and pass to OEMCrypto_DecryptCENC to verify decryption.
   void TestDecryptCTR(bool select_key_first = true,
                       OEMCryptoResult expected_result = OEMCrypto_SUCCESS,
-                      int key_index = 0);
+                      size_t key_index = 0);
   // Verify that an attempt to select an expired key either succeeds, or gives
   // an actionable error code.
-  void TestSelectExpired(unsigned int key_index);
+  void TestSelectExpired(size_t key_index);
   // Calls OEMCrypto_GetOEMPublicCertificate and OEMCrypto_LoadOEMPrivateKey and
   // loads the OEM cert's public rsa key into public_rsa_.
   void LoadOEMCert(bool verify_cert = false);