libnm/crypto: adjust signature of crypto functions

- avoid "const gsize" as type for function arguments. - consistently use "guint8 *" type for binary data, instead of "char *", which indicates a NUL terminated C string.
2026-06-09 23:48:25 +02:00 · 2018-08-31 07:40:52 +02:00 · 2018-08-31 07:40:52 +02:00 · 2456298da0
commit 2456298da0
parent 67f36f880e
5 changed files with 67 additions and 67 deletions
--- a/libnm-core/nm-crypto-gnutls.c
+++ b/libnm-core/nm-crypto-gnutls.c
@ -55,15 +55,15 @@ _nm_crypto_init (GError **error)
 	return TRUE;
 }

-char *
+guint8 *
 _nmtst_crypto_decrypt (const char *cipher,
                       int key_type,
                       const guint8 *data,
                       gsize data_len,
-                       const char *iv,
-                       const gsize iv_len,
-                       const char *key,
-                       const gsize key_len,
+                       const guint8 *iv,
+                       gsize iv_len,
+                       const guint8 *key,
+                       gsize key_len,
                       gsize *out_len,
                       GError **error)
 {
@ -167,16 +167,16 @@ out:
 		}
 	}
 	gnutls_cipher_deinit (ctx);
-	return output;
+	return (guint8 *) output;
 }

-char *
+guint8 *
 _nmtst_crypto_encrypt (const char *cipher,
                       const guint8 *data,
                       gsize data_len,
-                       const char *iv,
-                       const gsize iv_len,
-                       const char *key,
+                       const guint8 *iv,
+                       gsize iv_len,
+                       const guint8 *key,
                       gsize key_len,
                       gsize *out_len,
                       GError **error)
@ -264,11 +264,11 @@ out:
 		}
 	}
 	gnutls_cipher_deinit (ctx);
-	return output;
+	return (guint8 *) output;
 }

 gboolean
-_nm_crypto_verify_x509 (const unsigned char *data,
+_nm_crypto_verify_x509 (const guint8 *data,
                        gsize len,
                        GError **error)
 {
--- a/libnm-core/nm-crypto-impl.h
+++ b/libnm-core/nm-crypto-impl.h
@ -51,25 +51,25 @@ gboolean _nm_crypto_verify_pkcs8 (const guint8 *data,

 /*****************************************************************************/

-char *_nmtst_crypto_encrypt (const char *cipher,
-                             const guint8 *data,
-                             gsize data_len,
-                             const char *iv,
-                             gsize iv_len,
-                             const char *key,
-                             gsize key_len,
-                             gsize *out_len,
-                             GError **error);
+guint8 *_nmtst_crypto_encrypt (const char *cipher,
+                               const guint8 *data,
+                               gsize data_len,
+                               const guint8 *iv,
+                               gsize iv_len,
+                               const guint8 *key,
+                               gsize key_len,
+                               gsize *out_len,
+                               GError **error);

-char *_nmtst_crypto_decrypt (const char *cipher,
-                             int key_type,
-                             const guint8 *data,
-                             gsize data_len,
-                             const char *iv,
-                             const gsize iv_len,
-                             const char *key,
-                             const gsize key_len,
-                             gsize *out_len,
-                             GError **error);
+guint8 *_nmtst_crypto_decrypt (const char *cipher,
+                               int key_type,
+                               const guint8 *data,
+                               gsize data_len,
+                               const guint8 *iv,
+                               gsize iv_len,
+                               const guint8 *key,
+                               gsize key_len,
+                               gsize *out_len,
+                               GError **error);

 #endif  /* __NM_CRYPTO_IMPL_H__ */
--- a/libnm-core/nm-crypto-nss.c
+++ b/libnm-core/nm-crypto-nss.c
@ -71,15 +71,15 @@ _nm_crypto_init (GError **error)
 	return TRUE;
 }

-char *
+guint8 *
 _nmtst_crypto_decrypt (const char *cipher,
                       int key_type,
                       const guint8 *data,
                       gsize data_len,
-                       const char *iv,
-                       const gsize iv_len,
-                       const char *key,
-                       const gsize key_len,
+                       const guint8 *iv,
+                       gsize iv_len,
+                       const guint8 *key,
+                       gsize key_len,
                       gsize *out_len,
                       GError **error)
 {
@ -239,16 +239,16 @@ out:
 			output = NULL;
 		}
 	}
-	return output;
+	return (guint8 *) output;
 }

-char *
+guint8 *
 _nmtst_crypto_encrypt (const char *cipher,
                       const guint8 *data,
                       gsize data_len,
-                       const char *iv,
+                       const guint8 *iv,
                       gsize iv_len,
-                       const char *key,
+                       const guint8 *key,
                       gsize key_len,
                       gsize *out_len,
                       GError **error)
@ -367,11 +367,11 @@ out:
 		g_free (output);
 		output = NULL;
 	}
-	return (char *) output;
+	return (guint8 *) output;
 }

 gboolean
-_nm_crypto_verify_x509 (const unsigned char *data,
+_nm_crypto_verify_x509 (const guint8 *data,
                        gsize len,
                        GError **error)
 {
--- a/libnm-core/nm-crypto.c
+++ b/libnm-core/nm-crypto.c
@ -418,16 +418,16 @@ _nmtst_convert_iv (const char *src,
 	return g_steal_pointer (&c);
 }

-char *
+guint8 *
 nm_crypto_make_des_aes_key (const char *cipher,
-                            const char *salt,
-                            const gsize salt_len,
+                            const guint8 *salt,
+                            gsize salt_len,
                            const char *password,
                            gsize *out_len,
                            GError **error)
 {
-	char *key;
-	guint32 digest_len;
+	guint8 *key;
+	gsize digest_len;

 	g_return_val_if_fail (cipher != NULL, NULL);
 	g_return_val_if_fail (salt != NULL, NULL);
@ -460,11 +460,11 @@ nm_crypto_make_des_aes_key (const char *cipher,

 	key = g_malloc0 (digest_len + 1);

-	nm_crypto_md5_hash ((guint8 *) salt,
+	nm_crypto_md5_hash (salt,
 	                    8,
 	                    (guint8 *) password,
 	                    strlen (password),
-	                    (guint8 *) key,
+	                    key,
 	                    digest_len);

 	*out_len = digest_len;
@ -505,21 +505,21 @@ _nmtst_decrypt_key (const char *cipher,
 	}

 	/* Convert the password and IV into a DES or AES key */
-	key.str = nm_crypto_make_des_aes_key (cipher, bin_iv.str, bin_iv.len, password, &key.len, error);
-	if (!key.str || !key.len)
+	key.bin = nm_crypto_make_des_aes_key (cipher, bin_iv.bin, bin_iv.len, password, &key.len, error);
+	if (!key.bin || !key.len)
 		return FALSE;

-	parsed->str = _nmtst_crypto_decrypt (cipher,
+	parsed->bin = _nmtst_crypto_decrypt (cipher,
 	                                     key_type,
 	                                     data,
 	                                     data_len,
-	                                     bin_iv.str,
+	                                     bin_iv.bin,
 	                                     bin_iv.len,
-	                                     key.str,
+	                                     key.bin,
 	                                     key.len,
 	                                     &parsed->len,
 	                                     error);
-	if (!parsed->str || parsed->len == 0) {
+	if (!parsed->bin || parsed->len == 0) {
 		nm_secret_ptr_clear (parsed);
 		return FALSE;
 	}
@ -910,7 +910,7 @@ nmtst_crypto_rsa_key_encrypt (const guint8 *data,
                              char **out_password,
                              GError **error)
 {
-	char salt[8];
+	guint8 salt[8];
 	nm_auto_clear_secret_ptr NMSecretPtr key = { 0 };
 	nm_auto_clear_secret_ptr NMSecretPtr enc = { 0 };
 	gs_unref_ptrarray GPtrArray *pem = NULL;
@ -939,12 +939,12 @@ nmtst_crypto_rsa_key_encrypt (const guint8 *data,
 	if (!nm_crypto_randomize (salt, sizeof (salt), error))
 		return NULL;

-	key.str = nm_crypto_make_des_aes_key (CIPHER_DES_EDE3_CBC, &salt[0], sizeof (salt), in_password, &key.len, NULL);
-	if (!key.str)
+	key.bin = nm_crypto_make_des_aes_key (CIPHER_DES_EDE3_CBC, salt, sizeof (salt), in_password, &key.len, NULL);
+	if (!key.bin)
 		g_return_val_if_reached (NULL);

-	enc.str = _nmtst_crypto_encrypt (CIPHER_DES_EDE3_CBC, data, len, salt, sizeof (salt), key.str, key.len, &enc.len, error);
-	if (!enc.str)
+	enc.bin = _nmtst_crypto_encrypt (CIPHER_DES_EDE3_CBC, data, len, salt, sizeof (salt), key.bin, key.len, &enc.len, error);
+	if (!enc.bin)
 		return NULL;

 	/* What follows is not the most efficient way to construct the pem
@ -964,7 +964,7 @@ nmtst_crypto_rsa_key_encrypt (const guint8 *data,
 	g_ptr_array_add (pem, g_strdup ("\n\n"));

 	/* Convert the encrypted key to a base64 string */
-	enc_base64 = g_base64_encode ((const guchar *) enc.str, enc.len);
+	enc_base64 = g_base64_encode ((const guchar *) enc.bin, enc.len);
 	enc_base64_len = strlen (enc_base64);
 	for (p = enc_base64; (p - enc_base64) < (ptrdiff_t) enc_base64_len; p += 64) {
 		g_ptr_array_add (pem, g_strndup (p, 64));
--- a/libnm-core/nm-crypto.h
+++ b/libnm-core/nm-crypto.h
@ -81,12 +81,12 @@ void nm_crypto_md5_hash (const guint8 *salt,
                         guint8 *buffer,
                         gsize buflen);

-char *nm_crypto_make_des_aes_key (const char *cipher,
-                                  const char *salt,
-                                  const gsize salt_len,
-                                  const char *password,
-                                  gsize *out_len,
-                                  GError **error);
+guint8 *nm_crypto_make_des_aes_key (const char *cipher,
+                                    const guint8 *salt,
+                                    gsize salt_len,
+                                    const char *password,
+                                    gsize *out_len,
+                                    GError **error);

 gboolean nm_crypto_randomize (void *buffer, gsize buffer_len, GError **error);