| File: | lib/algorithms/ciphers.c |
| Location: | line 256, column 25 |
| Description: | Value stored to 'i' is never read |
| 1 | /* |
| 2 | * Copyright (C) 2011-2012 Free Software Foundation, Inc. |
| 3 | * |
| 4 | * Author: Nikos Mavrogiannopoulos |
| 5 | * |
| 6 | * This file is part of GnuTLS. |
| 7 | * |
| 8 | * The GnuTLS is free software; you can redistribute it and/or |
| 9 | * modify it under the terms of the GNU Lesser General Public License |
| 10 | * as published by the Free Software Foundation; either version 3 of |
| 11 | * the License, or (at your option) any later version. |
| 12 | * |
| 13 | * This library is distributed in the hope that it will be useful, but |
| 14 | * WITHOUT ANY WARRANTY; without even the implied warranty of |
| 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| 16 | * Lesser General Public License for more details. |
| 17 | * |
| 18 | * You should have received a copy of the GNU Lesser General Public License |
| 19 | * along with this program. If not, see <http://www.gnu.org/licenses/> |
| 20 | * |
| 21 | */ |
| 22 | |
| 23 | #include <gnutls_int.h> |
| 24 | #include <algorithms.h> |
| 25 | #include <gnutls_errors.h> |
| 26 | #include <x509/common.h> |
| 27 | |
| 28 | struct gnutls_cipher_entry |
| 29 | { |
| 30 | const char *name; |
| 31 | gnutls_cipher_algorithm_t id; |
| 32 | uint16_t blocksize; |
| 33 | uint16_t keysize; |
| 34 | unsigned block:1; |
| 35 | uint16_t iv; /* the size of IV */ |
| 36 | unsigned export_flag:1; /* 0 non export */ |
| 37 | unsigned auth:1; /* Whether it is authenc cipher */ |
| 38 | }; |
| 39 | typedef struct gnutls_cipher_entry gnutls_cipher_entry; |
| 40 | |
| 41 | /* Note that all algorithms are in CBC or STREAM modes. |
| 42 | * Do not add any algorithms in other modes (avoid modified algorithms). |
| 43 | * View first: "The order of encryption and authentication for |
| 44 | * protecting communications" by Hugo Krawczyk - CRYPTO 2001 |
| 45 | * |
| 46 | * Make sure to update MAX_CIPHER_BLOCK_SIZE and MAX_CIPHER_KEY_SIZE as well. |
| 47 | */ |
| 48 | static const gnutls_cipher_entry algorithms[] = { |
| 49 | {"AES-256-CBC", GNUTLS_CIPHER_AES_256_CBC, 16, 32, CIPHER_BLOCK, 16, 0, 0}, |
| 50 | {"AES-192-CBC", GNUTLS_CIPHER_AES_192_CBC, 16, 24, CIPHER_BLOCK, 16, 0, 0}, |
| 51 | {"AES-128-CBC", GNUTLS_CIPHER_AES_128_CBC, 16, 16, CIPHER_BLOCK, 16, 0, 0}, |
| 52 | {"AES-128-GCM", GNUTLS_CIPHER_AES_128_GCM, 16, 16, CIPHER_STREAM, AEAD_IMPLICIT_DATA_SIZE4, 0, 1}, |
| 53 | {"AES-256-GCM", GNUTLS_CIPHER_AES_256_GCM, 16, 32, CIPHER_STREAM, AEAD_IMPLICIT_DATA_SIZE4, 0, 1}, |
| 54 | {"ARCFOUR-128", GNUTLS_CIPHER_ARCFOUR_128, 1, 16, CIPHER_STREAM, 0, 0, 0}, |
| 55 | {"CAMELLIA-256-CBC", GNUTLS_CIPHER_CAMELLIA_256_CBC, 16, 32, CIPHER_BLOCK, |
| 56 | 16, 0, 0}, |
| 57 | {"CAMELLIA-128-CBC", GNUTLS_CIPHER_CAMELLIA_128_CBC, 16, 16, CIPHER_BLOCK, |
| 58 | 16, 0, 0}, |
| 59 | {"3DES-CBC", GNUTLS_CIPHER_3DES_CBC, 8, 24, CIPHER_BLOCK, 8, 0, 0}, |
| 60 | {"DES-CBC", GNUTLS_CIPHER_DES_CBC, 8, 8, CIPHER_BLOCK, 8, 0, 0}, |
| 61 | {"ARCFOUR-40", GNUTLS_CIPHER_ARCFOUR_40, 1, 5, CIPHER_STREAM, 0, 1, 0}, |
| 62 | {"RC2-40", GNUTLS_CIPHER_RC2_40_CBC, 8, 5, CIPHER_BLOCK, 8, 1, 0}, |
| 63 | |
| 64 | #ifdef ENABLE_OPENPGP1 |
| 65 | {"IDEA-PGP-CFB", GNUTLS_CIPHER_IDEA_PGP_CFB, 8, 16, CIPHER_BLOCK, 8, 0, 0}, |
| 66 | {"3DES-PGP-CFB", GNUTLS_CIPHER_3DES_PGP_CFB, 8, 24, CIPHER_BLOCK, 8, 0, 0}, |
| 67 | {"CAST5-PGP-CFB", GNUTLS_CIPHER_CAST5_PGP_CFB, 8, 16, CIPHER_BLOCK, 8, 0, 0}, |
| 68 | {"BLOWFISH-PGP-CFB", GNUTLS_CIPHER_BLOWFISH_PGP_CFB, 8, |
| 69 | 16 /*actually unlimited */ , CIPHER_BLOCK, 8, 0, 0}, |
| 70 | {"SAFER-SK128-PGP-CFB", GNUTLS_CIPHER_SAFER_SK128_PGP_CFB, 8, 16, |
| 71 | CIPHER_BLOCK, 8, 0, 0}, |
| 72 | {"AES-128-PGP-CFB", GNUTLS_CIPHER_AES128_PGP_CFB, 16, 16, CIPHER_BLOCK, 16, |
| 73 | 0, 0}, |
| 74 | {"AES-192-PGP-CFB", GNUTLS_CIPHER_AES192_PGP_CFB, 16, 24, CIPHER_BLOCK, 16, |
| 75 | 0, 0}, |
| 76 | {"AES-256-PGP-CFB", GNUTLS_CIPHER_AES256_PGP_CFB, 16, 32, CIPHER_BLOCK, 16, |
| 77 | 0, 0}, |
| 78 | {"TWOFISH-PGP-CFB", GNUTLS_CIPHER_TWOFISH_PGP_CFB, 16, 16, CIPHER_BLOCK, 16, |
| 79 | 0, 0}, |
| 80 | #endif |
| 81 | {"NULL", GNUTLS_CIPHER_NULL, 1, 0, CIPHER_STREAM, 0, 0, 0}, |
| 82 | {0, 0, 0, 0, 0, 0, 0} |
| 83 | }; |
| 84 | |
| 85 | #define GNUTLS_CIPHER_LOOP(b)const gnutls_cipher_entry *p; for(p = algorithms; p->name != ((void*)0); p++) { b ; } \ |
| 86 | const gnutls_cipher_entry *p; \ |
| 87 | for(p = algorithms; p->name != NULL((void*)0); p++) { b ; } |
| 88 | |
| 89 | #define GNUTLS_ALG_LOOP(a)const gnutls_cipher_entry *p; for(p = algorithms; p->name != ((void*)0); p++) { if(p->id == algorithm) { a; break; } ; } \ |
| 90 | GNUTLS_CIPHER_LOOP( if(p->id == algorithm) { a; break; } )const gnutls_cipher_entry *p; for(p = algorithms; p->name != ((void*)0); p++) { if(p->id == algorithm) { a; break; } ; } |
| 91 | |
| 92 | /* CIPHER functions */ |
| 93 | |
| 94 | /** |
| 95 | * gnutls_cipher_get_block_size: |
| 96 | * @algorithm: is an encryption algorithm |
| 97 | * |
| 98 | * Get block size for encryption algorithm. |
| 99 | * |
| 100 | * Returns: block size for encryption algorithm. |
| 101 | * |
| 102 | * Since: 2.10.0 |
| 103 | **/ |
| 104 | int |
| 105 | gnutls_cipher_get_block_size (gnutls_cipher_algorithm_t algorithm) |
| 106 | { |
| 107 | size_t ret = 0; |
| 108 | GNUTLS_ALG_LOOP (ret = p->blocksize)const gnutls_cipher_entry *p; for(p = algorithms; p->name != ((void*)0); p++) { if(p->id == algorithm) { ret = p->blocksize ; break; } ; }; |
| 109 | return ret; |
| 110 | |
| 111 | } |
| 112 | |
| 113 | /* returns the priority */ |
| 114 | int |
| 115 | _gnutls_cipher_priority (gnutls_session_t session, |
| 116 | gnutls_cipher_algorithm_t algorithm) |
| 117 | { |
| 118 | unsigned int i; |
| 119 | for (i = 0; i < session->internals.priorities.cipher.algorithms; i++) |
| 120 | { |
| 121 | if (session->internals.priorities.cipher.priority[i] == algorithm) |
| 122 | return i; |
| 123 | } |
| 124 | return -1; |
| 125 | } |
| 126 | |
| 127 | |
| 128 | int |
| 129 | _gnutls_cipher_is_block (gnutls_cipher_algorithm_t algorithm) |
| 130 | { |
| 131 | size_t ret = 0; |
| 132 | |
| 133 | GNUTLS_ALG_LOOP (ret = p->block)const gnutls_cipher_entry *p; for(p = algorithms; p->name != ((void*)0); p++) { if(p->id == algorithm) { ret = p->block ; break; } ; }; |
| 134 | return ret; |
| 135 | |
| 136 | } |
| 137 | |
| 138 | int |
| 139 | _gnutls_cipher_algo_is_aead (gnutls_cipher_algorithm_t algorithm) |
| 140 | { |
| 141 | size_t ret = 0; |
| 142 | |
| 143 | GNUTLS_ALG_LOOP (ret = p->auth)const gnutls_cipher_entry *p; for(p = algorithms; p->name != ((void*)0); p++) { if(p->id == algorithm) { ret = p->auth ; break; } ; }; |
| 144 | return ret; |
| 145 | |
| 146 | } |
| 147 | |
| 148 | /** |
| 149 | * gnutls_cipher_get_key_size: |
| 150 | * @algorithm: is an encryption algorithm |
| 151 | * |
| 152 | * Get key size for cipher. |
| 153 | * |
| 154 | * Returns: length (in bytes) of the given cipher's key size, or 0 if |
| 155 | * the given cipher is invalid. |
| 156 | **/ |
| 157 | size_t |
| 158 | gnutls_cipher_get_key_size (gnutls_cipher_algorithm_t algorithm) |
| 159 | { /* In bytes */ |
| 160 | size_t ret = 0; |
| 161 | GNUTLS_ALG_LOOP (ret = p->keysize)const gnutls_cipher_entry *p; for(p = algorithms; p->name != ((void*)0); p++) { if(p->id == algorithm) { ret = p->keysize ; break; } ; }; |
| 162 | return ret; |
| 163 | |
| 164 | } |
| 165 | |
| 166 | int |
| 167 | _gnutls_cipher_get_iv_size (gnutls_cipher_algorithm_t algorithm) |
| 168 | { /* In bytes */ |
| 169 | size_t ret = 0; |
| 170 | GNUTLS_ALG_LOOP (ret = p->iv)const gnutls_cipher_entry *p; for(p = algorithms; p->name != ((void*)0); p++) { if(p->id == algorithm) { ret = p->iv ; break; } ; }; |
| 171 | return ret; |
| 172 | |
| 173 | } |
| 174 | |
| 175 | int |
| 176 | _gnutls_cipher_get_export_flag (gnutls_cipher_algorithm_t algorithm) |
| 177 | { /* In bytes */ |
| 178 | size_t ret = 0; |
| 179 | GNUTLS_ALG_LOOP (ret = p->export_flag)const gnutls_cipher_entry *p; for(p = algorithms; p->name != ((void*)0); p++) { if(p->id == algorithm) { ret = p->export_flag ; break; } ; }; |
| 180 | return ret; |
| 181 | |
| 182 | } |
| 183 | |
| 184 | /** |
| 185 | * gnutls_cipher_get_name: |
| 186 | * @algorithm: is an encryption algorithm |
| 187 | * |
| 188 | * Convert a #gnutls_cipher_algorithm_t type to a string. |
| 189 | * |
| 190 | * Returns: a pointer to a string that contains the name of the |
| 191 | * specified cipher, or %NULL. |
| 192 | **/ |
| 193 | const char * |
| 194 | gnutls_cipher_get_name (gnutls_cipher_algorithm_t algorithm) |
| 195 | { |
| 196 | const char *ret = NULL((void*)0); |
| 197 | |
| 198 | /* avoid prefix */ |
| 199 | GNUTLS_ALG_LOOP (ret = p->name)const gnutls_cipher_entry *p; for(p = algorithms; p->name != ((void*)0); p++) { if(p->id == algorithm) { ret = p->name ; break; } ; }; |
| 200 | |
| 201 | return ret; |
| 202 | } |
| 203 | |
| 204 | /** |
| 205 | * gnutls_cipher_get_id: |
| 206 | * @name: is a cipher algorithm name |
| 207 | * |
| 208 | * The names are compared in a case insensitive way. |
| 209 | * |
| 210 | * Returns: return a #gnutls_cipher_algorithm_t value corresponding to |
| 211 | * the specified cipher, or %GNUTLS_CIPHER_UNKNOWN on error. |
| 212 | **/ |
| 213 | gnutls_cipher_algorithm_t |
| 214 | gnutls_cipher_get_id (const char *name) |
| 215 | { |
| 216 | gnutls_cipher_algorithm_t ret = GNUTLS_CIPHER_UNKNOWN; |
| 217 | |
| 218 | GNUTLS_CIPHER_LOOP (const gnutls_cipher_entry *p; for(p = algorithms; p->name != ((void*)0); p++) { if (strcasecmp (p->name, name) == 0) { ret = p->id; break; } ; } |
| 219 | if (strcasecmp (p->name, name) == 0)const gnutls_cipher_entry *p; for(p = algorithms; p->name != ((void*)0); p++) { if (strcasecmp (p->name, name) == 0) { ret = p->id; break; } ; } |
| 220 | {const gnutls_cipher_entry *p; for(p = algorithms; p->name != ((void*)0); p++) { if (strcasecmp (p->name, name) == 0) { ret = p->id; break; } ; } |
| 221 | ret = p->id;const gnutls_cipher_entry *p; for(p = algorithms; p->name != ((void*)0); p++) { if (strcasecmp (p->name, name) == 0) { ret = p->id; break; } ; } |
| 222 | break;const gnutls_cipher_entry *p; for(p = algorithms; p->name != ((void*)0); p++) { if (strcasecmp (p->name, name) == 0) { ret = p->id; break; } ; } |
| 223 | }const gnutls_cipher_entry *p; for(p = algorithms; p->name != ((void*)0); p++) { if (strcasecmp (p->name, name) == 0) { ret = p->id; break; } ; } |
| 224 | )const gnutls_cipher_entry *p; for(p = algorithms; p->name != ((void*)0); p++) { if (strcasecmp (p->name, name) == 0) { ret = p->id; break; } ; }; |
| 225 | |
| 226 | return ret; |
| 227 | } |
| 228 | |
| 229 | /** |
| 230 | * gnutls_cipher_list: |
| 231 | * |
| 232 | * Get a list of supported cipher algorithms. Note that not |
| 233 | * necessarily all ciphers are supported as TLS cipher suites. For |
| 234 | * example, DES is not supported as a cipher suite, but is supported |
| 235 | * for other purposes (e.g., PKCS#8 or similar). |
| 236 | * |
| 237 | * This function is not thread safe. |
| 238 | * |
| 239 | * Returns: a (0)-terminated list of #gnutls_cipher_algorithm_t |
| 240 | * integers indicating the available ciphers. |
| 241 | * |
| 242 | **/ |
| 243 | const gnutls_cipher_algorithm_t * |
| 244 | gnutls_cipher_list (void) |
| 245 | { |
| 246 | static gnutls_cipher_algorithm_t supported_ciphers[MAX_ALGOS32] = {0}; |
| 247 | |
| 248 | if (supported_ciphers[0] == 0) |
| 249 | { |
| 250 | int i = 0; |
| 251 | |
| 252 | GNUTLS_CIPHER_LOOP (const gnutls_cipher_entry *p; for(p = algorithms; p->name != ((void*)0); p++) { if (_gnutls_cipher_exists(p->id)) supported_ciphers [i++]=p->id; ; } |
| 253 | if (_gnutls_cipher_exists(p->id))const gnutls_cipher_entry *p; for(p = algorithms; p->name != ((void*)0); p++) { if (_gnutls_cipher_exists(p->id)) supported_ciphers [i++]=p->id; ; } |
| 254 | supported_ciphers[i++]=p->id;const gnutls_cipher_entry *p; for(p = algorithms; p->name != ((void*)0); p++) { if (_gnutls_cipher_exists(p->id)) supported_ciphers [i++]=p->id; ; } |
| 255 | )const gnutls_cipher_entry *p; for(p = algorithms; p->name != ((void*)0); p++) { if (_gnutls_cipher_exists(p->id)) supported_ciphers [i++]=p->id; ; }; |
| 256 | supported_ciphers[i++]=0; |
Value stored to 'i' is never read | |
| 257 | } |
| 258 | |
| 259 | return supported_ciphers; |
| 260 | } |
| 261 | |
| 262 | int |
| 263 | _gnutls_cipher_is_ok (gnutls_cipher_algorithm_t algorithm) |
| 264 | { |
| 265 | ssize_t ret = -1; |
| 266 | GNUTLS_ALG_LOOP (ret = p->id)const gnutls_cipher_entry *p; for(p = algorithms; p->name != ((void*)0); p++) { if(p->id == algorithm) { ret = p->id ; break; } ; }; |
| 267 | if (ret >= 0) |
| 268 | ret = 0; |
| 269 | else |
| 270 | ret = 1; |
| 271 | return ret; |
| 272 | } |