Cleanup

CMakeLists.txt

@@ -137,6 +137,9 @@ install(
     DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig
 )
 
+###########################################################
+# Test
+
 option(BUILD_TEST OFF)
 
 if (BUILD_TEST)

CONTRIBUTING.md

@@ -1,30 +1,41 @@
 Contributing {#contrib}
 ===
 
-You can contribute to `libzpc` by submitting issues (feature requests, bug reports) or pull requests (code contributions) to the GitHub repository.
+You can contribute to `libzpc` by submitting issues (feature requests, bug
+reports) or pull requests (code contributions) to the GitHub repository.
 
 
 Bug reports
 ---
 
 When filing a bug report, please include all relevant information.
 
-In all cases include the `libzpc` version, operating system and kernel version used.
+In all cases include the `libzpc` version, operating system and kernel version
+used.
 
-Additionally, if it is a build error, include the toolchain version used. If it is a runtime error, include the crypto adapter config and processor model used.
+Additionally, if it is a build error, include the toolchain version used. If it
+is a runtime error, include the crypto adapter config and processor model used.
 
 Ideally, detailed steps on how to reproduce the issue would be included.
 
 
 Code contributions
 ---
 
-All code contributions are reviewed by the `libzpc` maintainers who reverve the right to accept or reject a pull request.
+All code contributions are reviewed by the `libzpc` maintainers who reverve the
+right to accept or reject a pull request.
 
-Please state clearly if your pull request changes the `libzpc` API or ABI, and if so, whether the changes are backward compatible.
+Please state clearly if your pull request changes the `libzpc` API or ABI, and
+if so, whether the changes are backward compatible.
 
-If your pull request resolves an issue, please put a `"Fixes #<issue number>"` line in the commit message. Ideally, the pull request would add a corresponding regression test.
+If your pull request resolves an issue, please put a `"Fixes #<issue number>"`
+line in the commit message. Ideally, the pull request would add a corresponding
+regression test.
 
 If your pull request adds a new feature, please add a corresponding unit test.
 
-The code base is formatted using the `indent` tool with the options specified in the enclosed `.indent.pro` file. All code contributions must not violate this coding style. When formatting `libzpc` code, you can use `indent` with the prescribed options by copying the file to your home directory or by setting the `INDENT_PROFILE` environment variable's value to name the file.
+The code base is formatted using the `indent` tool with the options specified in
+the enclosed `.indent.pro` file. All code contributions must not violate this
+coding style. When formatting `libzpc` code, you can use `indent` with the
+prescribed options by copying the file to your home directory or by setting the
+`INDENT_PROFILE` environment variable's value to name the file.

include/zpc/ecc_key.h

@@ -125,7 +125,7 @@ int zpc_ec_key_set_apqns(struct zpc_ec_key *key, const char *apqns[]);
  */
 __attribute__((visibility("default")))
 int zpc_ec_key_import(struct zpc_ec_key *key, const unsigned char *seckey,
-					unsigned int seckeylen);
+					size_t seckeylen);
 
 /**
  * Import an EC clear-key pair. At least one of the key parts must be non-NULL.
@@ -150,8 +150,8 @@ int zpc_ec_key_import(struct zpc_ec_key *key, const unsigned char *seckey,
  */
 __attribute__((visibility("default")))
 int zpc_ec_key_import_clear(struct zpc_ec_key *key,
-					const unsigned char *pubkey, unsigned int publen,
-					const unsigned char *privkey, unsigned int privlen);
+					const unsigned char *pubkey, size_t publen,
+					const unsigned char *privkey, size_t privlen);
 
 /**
  * Export an EC secure-key. Depending on the key type (CCA or EP11), the secure
@@ -166,7 +166,7 @@ int zpc_ec_key_import_clear(struct zpc_ec_key *key,
  */
 __attribute__((visibility("default")))
 int zpc_ec_key_export(struct zpc_ec_key *key, unsigned char *seckey,
-					unsigned int *seckeylen);
+					size_t *seckeylen);
 
 /**
  * Export an EC public-key.
@@ -180,7 +180,7 @@ int zpc_ec_key_export(struct zpc_ec_key *key, unsigned char *seckey,
  */
 __attribute__((visibility("default")))
 int zpc_ec_key_export_public(struct zpc_ec_key *key, unsigned char *pubkey,
-					unsigned int *pubkeylen);
+					size_t *pubkeylen);
 
 /**
  * Generate an EC secure-key.

include/zpc/ecdsa_ctx.h

@@ -58,8 +58,8 @@ int zpc_ecdsa_ctx_set_key(struct zpc_ecdsa_ctx *ctx, struct zpc_ec_key *key);
  */
 __attribute__((visibility("default")))
 int zpc_ecdsa_sign(struct zpc_ecdsa_ctx *ctx,
-				const unsigned char *hash, unsigned int hash_len,
-				unsigned char *signature, unsigned int *sig_len);
+				const unsigned char *hash, size_t hash_len,
+				unsigned char *signature, size_t *sig_len);
 
 /**
  * Do an ECDSA verify operation.
@@ -72,8 +72,8 @@ int zpc_ecdsa_sign(struct zpc_ecdsa_ctx *ctx,
  */
 __attribute__((visibility("default")))
 int zpc_ecdsa_verify(struct zpc_ecdsa_ctx *ctx,
-				const unsigned char *hash, unsigned int hash_len,
-				const unsigned char *signature, unsigned int sig_len);
+				const unsigned char *hash, size_t hash_len,
+				const unsigned char *signature, size_t sig_len);
 
 /**
  * Free an ECDSA context.

s390x-tc-debian.cmake

@@ -1,4 +1,5 @@
 set(CMAKE_SYSTEM_NAME Linux)
+set(CMAKE_SYSTEM_PROCESSOR s390x)
 
 set(CMAKE_C_COMPILER   s390x-linux-gnu-gcc)
 set(CMAKE_CXX_COMPILER s390x-linux-gnu-g++)

src/ecc_key.c

@@ -43,13 +43,13 @@ const u16 curve2pvsecret_type[] = {
 
 static void __ec_key_reset(struct zpc_ec_key *);
 static int ec_key_check_ep11_spki(const struct zpc_ec_key *ec_key,
-						const unsigned char *spki, unsigned int spki_len);
+						const unsigned char *spki, size_t spki_len);
 static void ec_key_use_maced_spki_from_buf(struct zpc_ec_key *ec_key,
-						const unsigned char *spki, unsigned int spki_len);
+						const unsigned char *spki, size_t spki_len);
 static int ec_key_use_raw_spki_from_buf(struct zpc_ec_key *ec_key,
-						const unsigned char *spki, unsigned int spki_len);
+						const unsigned char *spki, size_t spki_len);
 static int ec_key_spki_has_valid_mkvp(const struct zpc_ec_key *ec_key,
-						const unsigned char *spki, unsigned int spki_len);
+						const unsigned char *spki, size_t spki_len);
 static int ec_key_blob_has_valid_mkvp(struct zpc_ec_key *ec_key,
 						const unsigned char *buf);
 static int ec_key_blob_is_pkey_extractable(struct zpc_ec_key *ec_key,
@@ -492,7 +492,7 @@ int zpc_ec_key_set_apqns(struct zpc_ec_key *ec_key, const char *apqns[])
 
 int
 zpc_ec_key_export(struct zpc_ec_key *ec_key, unsigned char *buf,
-				unsigned int *buflen)
+				size_t *buflen)
 {
 	int rc, rv;
 
@@ -558,7 +558,7 @@ zpc_ec_key_export(struct zpc_ec_key *ec_key, unsigned char *buf,
 }
 
 int zpc_ec_key_export_public(struct zpc_ec_key *ec_key,
-						unsigned char *buf, unsigned int *buflen)
+						unsigned char *buf, size_t *buflen)
 {
 	int rc, rv;
 
@@ -613,7 +613,7 @@ int zpc_ec_key_export_public(struct zpc_ec_key *ec_key,
 }
 
 int zpc_ec_key_import(struct zpc_ec_key *ec_key, const unsigned char *buf,
-				unsigned int buflen)
+				size_t buflen)
 {
 	target_t target;
 	int rc, rv, seclen;
@@ -789,8 +789,8 @@ int zpc_ec_key_import(struct zpc_ec_key *ec_key, const unsigned char *buf,
 }
 
 int zpc_ec_key_import_clear(struct zpc_ec_key *ec_key, const unsigned char *pubkey,
-						unsigned int publen, const unsigned char *privkey,
-						unsigned int privlen)
+						size_t publen, const unsigned char *privkey,
+						size_t privlen)
 {
 	unsigned int flags;
 	int rc, rv;
@@ -1057,7 +1057,7 @@ int zpc_ec_key_generate(struct zpc_ec_key *ec_key)
 int zpc_ec_key_reencipher(struct zpc_ec_key *ec_key, unsigned int method)
 {
 	struct ec_key reenc;
-	unsigned int seckeylen;
+	size_t seckeylen;
 	target_t target;
 	int rv, rc = ZPC_ERROR_APQNSNOTSET;
 	size_t i;
@@ -1343,8 +1343,8 @@ int ec_key_pvsec2prot(struct zpc_ec_key *ec_key)
 }
 
 int ec_key_clr2sec(struct zpc_ec_key *ec_key, unsigned int flags,
-			const unsigned char *pubkey, unsigned int publen,
-			const unsigned char *privkey, unsigned int privlen)
+			const unsigned char *pubkey, size_t publen,
+			const unsigned char *privkey, size_t privlen)
 {
 	target_t target;
 	int rv, rc = ZPC_ERROR_APQNSNOTSET;
@@ -1400,7 +1400,7 @@ int ec_key_sec2prot(struct zpc_ec_key *ec_key, enum ec_key_sec sec)
 {
 	struct pkey_kblob2pkey3 io;
 	struct ec_key *key = NULL;
-	unsigned int keybuf_len;
+	size_t keybuf_len;
 	int rc, i;
 
 	assert(sec == EC_KEY_SEC_OLD || sec == EC_KEY_SEC_CUR);
@@ -1442,7 +1442,7 @@ int ec_key_sec2prot(struct zpc_ec_key *ec_key, enum ec_key_sec sec)
 }
 
 int ec_key_clr2prot(struct zpc_ec_key *ec_key, const unsigned char *privkey,
-					unsigned int privlen)
+					size_t privlen)
 {
 	struct pkey_kblob2pkey3 io;
 	unsigned char buf[sizeof(struct clearkeytoken) + 80];
@@ -1529,7 +1529,7 @@ int ec_key_spki_valid_for_pubkey(const struct zpc_ec_key *ec_key,
 }
 
 static int ec_key_check_ep11_spki(const struct zpc_ec_key *ec_key,
-							const unsigned char *spki, unsigned int spki_len)
+							const unsigned char *spki, size_t spki_len)
 {
 	if (spki_len > curve2macedspkilen[ec_key->curve] &&
 		spki_len < curve2rawspkilen[ec_key->curve])
@@ -1550,7 +1550,7 @@ static int ec_key_check_ep11_spki(const struct zpc_ec_key *ec_key,
 }
 
 static void ec_key_use_maced_spki_from_buf(struct zpc_ec_key *ec_key,
-						const unsigned char *spki, unsigned int spki_len)
+						const unsigned char *spki, size_t spki_len)
 {
 	memcpy(ec_key->pub.spki, spki, spki_len);
 	ec_key->pub.spkilen = spki_len;
@@ -1563,7 +1563,7 @@ static void ec_key_use_maced_spki_from_buf(struct zpc_ec_key *ec_key,
 }
 
 static int ec_key_use_raw_spki_from_buf(struct zpc_ec_key *ec_key,
-						const unsigned char *spki, unsigned int spki_len)
+						const unsigned char *spki, size_t spki_len)
 {
 	target_t target;
 	int rc = -EIO, rv;
@@ -1600,7 +1600,7 @@ static int ec_key_use_raw_spki_from_buf(struct zpc_ec_key *ec_key,
 }
 
 static int ec_key_spki_has_valid_mkvp(const struct zpc_ec_key *ec_key,
-						const unsigned char *spki, unsigned int spki_len)
+						const unsigned char *spki, size_t spki_len)
 {
 	(void)spki_len; /* suppress unused parm compiler warning */
 
@@ -1618,7 +1618,7 @@ static int ec_key_spki_has_valid_mkvp(const struct zpc_ec_key *ec_key,
 static int ec_key_blob_has_valid_mkvp(struct zpc_ec_key *ec_key, const unsigned char *buf)
 {
 	const unsigned char *mkvp;
-	unsigned int mkvp_len;
+	size_t mkvp_len;
 
 	if (ec_key->mkvp_set == 0)
 		return 1; /* cannot judge */

src/ecc_key_local.h

@@ -59,10 +59,10 @@ struct zpc_ec_key {
 };
 
 int ec_key_clr2sec(struct zpc_ec_key *ec_key, unsigned int flags,
-			const unsigned char *pubkey, unsigned int publen,
-			const unsigned char *privkey, unsigned int privlen);
+			const unsigned char *pubkey, size_t publen,
+			const unsigned char *privkey, size_t privlen);
 int ec_key_sec2prot(struct zpc_ec_key *, enum ec_key_sec sec);
 int ec_key_check(const struct zpc_ec_key *);
 int ec_key_clr2prot(struct zpc_ec_key *ec_key, const unsigned char *privkey,
-			unsigned int privlen);
+			size_t privlen);
 #endif

src/ecdsa_ctx.c

@@ -27,19 +27,19 @@
 extern const size_t curve2siglen[];
 
 static int __ec_sign(struct zpc_ecdsa_ctx *, const unsigned char *hash,
-		unsigned int hash_len, unsigned char *signature, unsigned int *sig_len);
+		size_t hash_len, unsigned char *signature, size_t *sig_len);
 static int __ec_verify(struct zpc_ecdsa_ctx *, const unsigned char *hash,
-		unsigned int hash_len, const unsigned char *signature, unsigned int sig_len);
+		size_t hash_len, const unsigned char *signature, size_t sig_len);
 static void __ec_ctx_reset(struct zpc_ecdsa_ctx *);
 static void __copy_hash_to_sign_param(struct zpc_ecdsa_ctx *ctx,
-		const unsigned char *hash, unsigned int hash_len);
+		const unsigned char *hash, size_t hash_len);
 static void __get_signature_from_sign_param(struct zpc_ecdsa_ctx *ctx,
-		unsigned char *signature, unsigned int sig_len);
+		unsigned char *signature, size_t sig_len);
 static void __copy_pubkey_to_verify_param(struct zpc_ecdsa_ctx *ctx);
 static void __copy_protkey_to_sign_param(struct zpc_ecdsa_ctx *ctx);
 static void __copy_args_to_verify_param(struct zpc_ecdsa_ctx *ctx,
-		const unsigned char *hash, unsigned int hash_len,
-		const unsigned char *signature, unsigned int sig_len);
+		const unsigned char *hash, size_t hash_len,
+		const unsigned char *signature, size_t sig_len);
 static void __cleanup_verify_param(struct zpc_ecdsa_ctx *ctx);
 static void __cleanup_sign_param(struct zpc_ecdsa_ctx *ctx);
 
@@ -182,8 +182,8 @@ int zpc_ecdsa_ctx_set_key(struct zpc_ecdsa_ctx *ec_ctx, struct zpc_ec_key *ec_ke
 }
 
 int zpc_ecdsa_sign(struct zpc_ecdsa_ctx *ctx,
-			const unsigned char *hash, unsigned int hash_len,
-			unsigned char *signature, unsigned int *sig_len)
+			const unsigned char *hash, size_t hash_len,
+			unsigned char *signature, size_t *sig_len)
 {
 	int rc, rv, i;
 
@@ -274,8 +274,8 @@ int zpc_ecdsa_sign(struct zpc_ecdsa_ctx *ctx,
 }
 
 int zpc_ecdsa_verify(struct zpc_ecdsa_ctx *ctx,
-			const unsigned char *hash, unsigned int hash_len,
-			const unsigned char *signature, unsigned int sig_len)
+			const unsigned char *hash, size_t hash_len,
+			const unsigned char *signature, size_t sig_len)
 {
 	int rc, rv;
 
@@ -358,8 +358,8 @@ void zpc_ecdsa_ctx_free(struct zpc_ecdsa_ctx **ctx)
 }
 
 static int __ec_sign(struct zpc_ecdsa_ctx *ctx,
-				const unsigned char *hash, unsigned int hash_len,
-				unsigned char *signature, unsigned int *sig_len)
+				const unsigned char *hash, size_t hash_len,
+				unsigned char *signature, size_t *sig_len)
 {
 	void *param;
 	int rc, cc;
@@ -391,8 +391,8 @@ static int __ec_sign(struct zpc_ecdsa_ctx *ctx,
 }
 
 static int __ec_verify(struct zpc_ecdsa_ctx *ctx,
-				const unsigned char *hash, unsigned int hash_len,
-				const unsigned char *signature, unsigned int sig_len)
+				const unsigned char *hash, size_t hash_len,
+				const unsigned char *signature, size_t sig_len)
 {
 	void *param;
 	int rc = ZPC_ERROR_EC_SIGNATURE_INVALID, cc;
@@ -431,7 +431,7 @@ static void __ec_ctx_reset(struct zpc_ecdsa_ctx *ctx)
 }
 
 static void __copy_hash_to_sign_param(struct zpc_ecdsa_ctx *ctx,
-						const unsigned char *hash, unsigned int hash_len)
+						const unsigned char *hash, size_t hash_len)
 {
 	switch (ctx->ec_key->curve) {
 	case ZPC_EC_CURVE_P256:
@@ -455,7 +455,7 @@ static void __copy_hash_to_sign_param(struct zpc_ecdsa_ctx *ctx,
 }
 
 static void __get_signature_from_sign_param(struct zpc_ecdsa_ctx *ctx,
-								unsigned char *signature, unsigned int sig_len)
+								unsigned char *signature, size_t sig_len)
 {
 	switch (ctx->ec_key->curve) {
 	case ZPC_EC_CURVE_P256:
@@ -538,8 +538,8 @@ static void __copy_protkey_to_sign_param(struct zpc_ecdsa_ctx *ctx)
 }
 
 static void __copy_args_to_verify_param(struct zpc_ecdsa_ctx *ctx,
-						const unsigned char *hash, unsigned int hash_len,
-						const unsigned char *signature, unsigned int sig_len)
+						const unsigned char *hash, size_t hash_len,
+						const unsigned char *signature, size_t sig_len)
 {
 	switch (ctx->ec_key->curve) {
 	case ZPC_EC_CURVE_P256: