Google Git
Sign in
boringssl/boringssl.git/3144d92ab8550ada6f0a9ddf40ef4a07d6ef52ab^!/.
commit
3144d92ab8550ada6f0a9ddf40ef4a07d6ef52ab
[log]
author
David Benjamin <davidben@google.com>
Tue Jan 02 15:05:45 2018 -0500
committer
CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Wed Jan 03 22:34:22 2018 +0000
tree
2c2371b9a40540d9799c4f2efc72d08f1948c34c
parent
d9f49974e3ea7b0aa4dee14c2b9535ed28e757af [diff]
Add some missing array parameter length annotations.

Not that anything checks them...

Change-Id: Iae1b5dbdb3c20a9ebd841bcd32cc5c725c68eb01
Reviewed-on: https://boringssl-review.googlesource.com/24524
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/third_party/fiat/curve25519.c b/third_party/fiat/curve25519.c
index 92a965a..1374a77 100644
--- a/third_party/fiat/curve25519.c
+++ b/third_party/fiat/curve25519.c

@@ -122,7 +122,7 @@
 //
 //   Have q+2^(-255)x = 2^(-255)(h + 19 2^(-25) h9 + 2^(-1))
 //   so floor(2^(-255)(h + 19 2^(-25) h9 + 2^(-1))) = q.
-static void fe_tobytes_impl(uint8_t *s, const uint32_t h[10]) {
+static void fe_tobytes_impl(uint8_t s[32], const uint32_t h[10]) {
   assert_fe_loose(h);
   int32_t h0 = h[0];
   int32_t h1 = h[1];
@@ -203,11 +203,11 @@
   s[31] = h9 >> 18;
 }
 
-static void fe_tobytes(uint8_t *s, const fe *h) {
+static void fe_tobytes(uint8_t s[32], const fe *h) {
   fe_tobytes_impl(s, h->v);
 }
 
-static void fe_loose_tobytes(uint8_t *s, const fe_loose *h) {
+static void fe_loose_tobytes(uint8_t s[32], const fe_loose *h) {
   fe_tobytes_impl(s, h->v);
 }
 
@@ -995,7 +995,7 @@
   fe_mul_ttt(out, &t0, z);
 }
 
-void x25519_ge_tobytes(uint8_t *s, const ge_p2 *h) {
+void x25519_ge_tobytes(uint8_t s[32], const ge_p2 *h) {
   fe recip;
   fe x;
   fe y;
@@ -1007,7 +1007,7 @@
   s[31] ^= fe_isnegative(&x) << 7;
 }
 
-static void ge_p3_tobytes(uint8_t *s, const ge_p3 *h) {
+static void ge_p3_tobytes(uint8_t s[32], const ge_p3 *h) {
   fe recip;
   fe x;
   fe y;
@@ -3848,7 +3848,7 @@
 //   s[0]+256*s[1]+...+256^31*s[31] = s mod l
 //   where l = 2^252 + 27742317777372353535851937790883648493.
 //   Overwrites s in place.
-void x25519_sc_reduce(uint8_t *s) {
+void x25519_sc_reduce(uint8_t s[64]) {
   int64_t s0 = 2097151 & load_3(s);
   int64_t s1 = 2097151 & (load_4(s + 2) >> 5);
   int64_t s2 = 2097151 & (load_3(s + 5) >> 2);
@@ -4676,8 +4676,8 @@
   ED25519_keypair_from_seed(out_public_key, out_private_key, seed);
 }
 
-int ED25519_sign(uint8_t *out_sig, const uint8_t *message, size_t message_len,
-                 const uint8_t private_key[64]) {
+int ED25519_sign(uint8_t out_sig[64], const uint8_t *message,
+                 size_t message_len, const uint8_t private_key[64]) {
   uint8_t az[SHA512_DIGEST_LENGTH];
   SHA512(private_key, 32, az);
 

diff --git a/third_party/fiat/internal.h b/third_party/fiat/internal.h
index 10218e0..54a93a5 100644
--- a/third_party/fiat/internal.h
+++ b/third_party/fiat/internal.h

@@ -101,7 +101,7 @@
   fe_loose T2d;
 } ge_cached;
 
-void x25519_ge_tobytes(uint8_t *s, const ge_p2 *h);
+void x25519_ge_tobytes(uint8_t s[32], const ge_p2 *h);
 int x25519_ge_frombytes_vartime(ge_p3 *h, const uint8_t *s);
 void x25519_ge_p3_to_cached(ge_cached *r, const ge_p3 *p);
 void x25519_ge_p1p1_to_p2(ge_p2 *r, const ge_p1p1 *p);
@@ -112,7 +112,7 @@
     ge_p3 *h, const uint8_t a[32], const uint8_t precomp_table[15 * 2 * 32]);
 void x25519_ge_scalarmult_base(ge_p3 *h, const uint8_t a[32]);
 void x25519_ge_scalarmult(ge_p2 *r, const uint8_t *scalar, const ge_p3 *A);
-void x25519_sc_reduce(uint8_t *s);
+void x25519_sc_reduce(uint8_t s[64]);
 
 enum spake2_state_t {
   spake2_state_init = 0,