From 9ade5bdff479ecded577de2386197ed4f0a758be Mon Sep 17 00:00:00 2001 From: Karel Miko Date: Sun, 3 May 2026 11:10:59 +0200 Subject: [PATCH 1/8] fix clang warning: 'err' may be used uninitialized --- src/misc/pem/pem_ssh.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/misc/pem/pem_ssh.c b/src/misc/pem/pem_ssh.c index d4de0865a..799945d21 100644 --- a/src/misc/pem/pem_ssh.c +++ b/src/misc/pem/pem_ssh.c @@ -555,6 +555,7 @@ static int s_read_authorized_keys(const void *buf, unsigned long len, ssh_author } XMEMCPY(cpy, buf, len); s = cpy; + err = CRYPT_ERROR; while (clen && (err = s_parse_line(s, &clen, key, &comment)) == CRYPT_OK) { if (cb(key, comment, ctx)) { break; From 98cd215a96c988644959df800b6c8670b8d82619 Mon Sep 17 00:00:00 2001 From: Karel Miko Date: Sun, 3 May 2026 17:39:00 +0200 Subject: [PATCH 2/8] fix UBSanitizer issue: left-shifting negative integer is undefined behavior --- src/pk/ec25519/tweetnacl.c | 9 ++++++--- src/pk/ec448/ec448_common.c | 13 ++++++++----- 2 files changed, 14 insertions(+), 8 deletions(-) diff --git a/src/pk/ec25519/tweetnacl.c b/src/pk/ec25519/tweetnacl.c index 48446ef9a..02df12cd2 100644 --- a/src/pk/ec25519/tweetnacl.c +++ b/src/pk/ec25519/tweetnacl.c @@ -14,6 +14,9 @@ typedef ulong64 u64; typedef long64 i64; typedef i64 gf[16]; +#define GF25519_RADIX (((i64)1) << 16) /* field limbs use base 2^16; multiplication avoids left-shifting negative carry values */ +#define MODL_RADIX (((i64)1) << 8) /* base used by modL carry reduction; multiplication avoids left-shifting negative carry values */ + static const u8 nine[32] = {9}; static const gf @@ -50,10 +53,10 @@ sv car25519(gf o) int i; i64 c; FOR(i,16) { - o[i]+=(1LL<<16); + o[i]+=GF25519_RADIX; c=o[i]>>16; o[(i+1)*(i<15)]+=c-1+37*(c-1)*(i==15); - o[i]-=c<<16; + o[i]-=c*GF25519_RADIX; } } @@ -366,7 +369,7 @@ sv modL(u8 *r,i64 x[64]) for (j = i - 32;j < i - 12;++j) { x[j] += carry - 16 * x[i] * L[j - (i - 32)]; carry = (x[j] + 128) >> 8; - x[j] -= carry << 8; + x[j] -= carry * MODL_RADIX; } x[j] += carry; x[i] = 0; diff --git a/src/pk/ec448/ec448_common.c b/src/pk/ec448/ec448_common.c index 65bb0f2bb..6fca83732 100644 --- a/src/pk/ec448/ec448_common.c +++ b/src/pk/ec448/ec448_common.c @@ -25,6 +25,9 @@ */ typedef long64 gf448[16]; +/* field limbs use base 2^28; multiplication avoids left-shifting negative carry values */ +#define GF448_RADIX (((long64)1) << 28) + /* field constants */ static const gf448 gf448_0 = {0}; static const gf448 gf448_1 = {1}; @@ -96,23 +99,23 @@ static void s_gf448_carry(gf448 o) for (i = 0; i < 15; ++i) { c = o[i] >> 28; o[i+1] += c; - o[i] -= c << 28; + o[i] -= c * GF448_RADIX; } /* limb 15 overflow: 2^(28*16) = 2^448 == 2^224 + 1 */ c = o[15] >> 28; o[0] += c; /* + c * 1 */ o[8] += c; /* + c * 2^224 */ - o[15] -= c << 28; + o[15] -= c * GF448_RADIX; /* one more pass to settle the extra from limb 0 and 8 */ for (i = 0; i < 15; ++i) { c = o[i] >> 28; o[i+1] += c; - o[i] -= c << 28; + o[i] -= c * GF448_RADIX; } c = o[15] >> 28; o[0] += c; o[8] += c; - o[15] -= c << 28; + o[15] -= c * GF448_RADIX; } /* Conditional swap: if b==1, swap p and q; if b==0, no-op. Constant-time */ @@ -254,7 +257,7 @@ static void s_gf448_mul(gf448 o, const gf448 a, const gf448 b) for (i = 0; i < 30; ++i) { c = t[i] >> 28; t[i+1] += c; - t[i] -= c << 28; + t[i] -= c * GF448_RADIX; } t[14] += 2 * t[30]; t[6] += t[30]; From c3166cd6dafacb2ad65fcae0ad014c3a0646fb79 Mon Sep 17 00:00:00 2001 From: Karel Miko Date: Sun, 3 May 2026 17:39:58 +0200 Subject: [PATCH 3/8] fix UBSanitizer issue: memcpy/memcmp require non-null pointers even when the length is zero --- src/encauth/siv/siv.c | 2 +- src/misc/compare_testvector.c | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/src/encauth/siv/siv.c b/src/encauth/siv/siv.c index bd6d5b45b..4de52d90b 100644 --- a/src/encauth/siv/siv.c +++ b/src/encauth/siv/siv.c @@ -161,7 +161,7 @@ static LTC_INLINE int s_siv_S2V_T(siv_omac_ctx_t *ctx, } else { s_siv_dbl(D); XMEMSET(&T, 0, sizeof(T)); - XMEMCPY(&T, in, inlen); + if (inlen != 0) XMEMCPY(&T, in, inlen); T.u.byte[inlen] = 0x80; s_siv_xor_buf(D, &T); diff --git a/src/misc/compare_testvector.c b/src/misc/compare_testvector.c index f13084960..874794ff7 100644 --- a/src/misc/compare_testvector.c +++ b/src/misc/compare_testvector.c @@ -59,6 +59,8 @@ int ltc_compare_testvector(const void* is, const unsigned long is_len, const voi int res = 0; if(is_len != should_len) { res = is_len > should_len ? -1 : 1; + } else if (is_len == 0) { + res = 0; } else { res = XMEMCMP(is, should, is_len); } From e0be0d241dc4f66584f309f5559f5f3abdabf781 Mon Sep 17 00:00:00 2001 From: Karel Miko Date: Sun, 3 May 2026 18:32:21 +0200 Subject: [PATCH 4/8] fix UBSanitizer issue: applying non-zero offset to null pointer --- src/misc/pem/pem_read.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/misc/pem/pem_read.c b/src/misc/pem/pem_read.c index bbc61cb0d..4bb2dd4c2 100644 --- a/src/misc/pem/pem_read.c +++ b/src/misc/pem/pem_read.c @@ -56,8 +56,11 @@ static LTC_INLINE int s_bufp_fits(struct bufp *buf, unsigned long to_write) { char *d = buf->work; char *e = buf->end; - char *w = d + to_write; - if (d == NULL || w < d || w > e) + char *w; + if (d == NULL || e == NULL) + return 0; + w = d + to_write; + if (w < d || w > e) return 0; return 1; } From 977b9e93df4aabda37dddf193868b1117ed9dc52 Mon Sep 17 00:00:00 2001 From: Karel Miko Date: Sun, 3 May 2026 19:12:00 +0200 Subject: [PATCH 5/8] fix clang warnings -Wstrict-prototypes -Wmissing-prototypes in tests+demos --- demos/gcm-file/gcm_file.c | 2 +- demos/gcm-file/gcm_filehandle.c | 2 +- demos/openssl-enc.c | 8 ++++---- tests/common.h | 1 + tests/no_null_termination_check_test.c | 2 +- tests/pem_test.c | 2 +- 6 files changed, 9 insertions(+), 8 deletions(-) diff --git a/demos/gcm-file/gcm_file.c b/demos/gcm-file/gcm_file.c index 21fd49505..4e81a05fd 100644 --- a/demos/gcm-file/gcm_file.c +++ b/demos/gcm-file/gcm_file.c @@ -34,7 +34,7 @@ @param res [out] Result of the operation, 1==valid, 0==invalid @return CRYPT_OK on success */ -int gcm_file( int cipher, +static int gcm_file(int cipher, const unsigned char *key, unsigned long keylen, const unsigned char *IV, unsigned long IVlen, const unsigned char *adata, unsigned long adatalen, diff --git a/demos/gcm-file/gcm_filehandle.c b/demos/gcm-file/gcm_filehandle.c index 8c0224abd..7e5731f94 100644 --- a/demos/gcm-file/gcm_filehandle.c +++ b/demos/gcm-file/gcm_filehandle.c @@ -52,7 +52,7 @@ @param res [out] Result of the operation, 1==valid, 0==invalid @return CRYPT_OK on success */ -int gcm_filehandle( int cipher, +static int gcm_filehandle(int cipher, const unsigned char *key, unsigned long keylen, const unsigned char *IV, unsigned long IVlen, const unsigned char *adata, unsigned long adatalen, diff --git a/demos/openssl-enc.c b/demos/openssl-enc.c index b2f228030..5f22fda05 100644 --- a/demos/openssl-enc.c +++ b/demos/openssl-enc.c @@ -109,7 +109,7 @@ static void LTC_NORETURN barf(const char *pname, const char *err) * Output: CRYPT_OK if parsed OK, CRYPT_ERROR if not * Side Effects: infile's read pointer += 16 */ -int parse_openssl_header(FILE *in, unsigned char *out) +static int parse_openssl_header(FILE *in, unsigned char *out) { unsigned char tmp[SALT_LENGTH]; if(fread(tmp, 1, sizeof(tmp), in) != sizeof(tmp)) @@ -129,7 +129,7 @@ int parse_openssl_header(FILE *in, unsigned char *out) * Output: none * Side Effects: bytes printed as a hex blob, no lf at the end */ -void dump_bytes(unsigned char *in, unsigned long len) +static void dump_bytes(unsigned char *in, unsigned long len) { unsigned long idx; for(idx=0; idx #define NNTCT_NULL ((void *)0) diff --git a/tests/pem_test.c b/tests/pem_test.c index 8027dc473..08b4519c1 100644 --- a/tests/pem_test.c +++ b/tests/pem_test.c @@ -24,7 +24,7 @@ static int s_pem_decode_ssh_f(FILE *f, void *key) return pem_decode_openssh_filehandle(f, key, &pw_ctx); } -int s_authorized_key_cb(ltc_pka_key *k, const char *comment, void *ctx) +static int s_authorized_key_cb(ltc_pka_key *k, const char *comment, void *ctx) { LTC_UNUSED_PARAM(comment); LTC_UNUSED_PARAM(ctx); From 1687e954defd39e95f2fbf4732569ba04ab57b60 Mon Sep 17 00:00:00 2001 From: Karel Miko Date: Sun, 3 May 2026 19:19:19 +0200 Subject: [PATCH 6/8] fix clang warnings -Wmissing-variable-declarations --- demos/latex-tables.c | 6 ------ notes/rsa-testvectors/oaep-vect.c | 2 +- notes/rsa-testvectors/pkcs1v15crypt-vectors.c | 2 +- notes/rsa-testvectors/pkcs1v15sign-vectors.c | 2 +- notes/rsa-testvectors/pss-vect.c | 2 +- src/headers/tomcrypt_private.h | 14 ++++++++++++++ src/misc/pem/pem_pkcs.c | 3 --- src/misc/pem/pem_read.c | 8 -------- src/misc/pem/pem_ssh.c | 2 +- tests/bcrypt_test.c | 2 +- tests/deprecated_test.c | 4 ---- tests/rsa_test.c | 3 --- tests/tomcrypt_test.h | 5 +++++ 13 files changed, 25 insertions(+), 30 deletions(-) diff --git a/demos/latex-tables.c b/demos/latex-tables.c index becd94208..af7a8df14 100644 --- a/demos/latex-tables.c +++ b/demos/latex-tables.c @@ -4,12 +4,6 @@ #include "tomcrypt_private.h" #if defined(LTC_PEM_SSH) -extern const struct blockcipher_info pem_dek_infos[]; -extern const unsigned long pem_dek_infos_num; - -extern const struct blockcipher_info ssh_ciphers[]; -extern const unsigned long ssh_ciphers_num; - static const struct { const char *is, *should; } cipher_name_map[] = { diff --git a/notes/rsa-testvectors/oaep-vect.c b/notes/rsa-testvectors/oaep-vect.c index dcbdbb00f..87ef96161 100644 --- a/notes/rsa-testvectors/oaep-vect.c +++ b/notes/rsa-testvectors/oaep-vect.c @@ -42,7 +42,7 @@ typedef struct testcase { #endif /* LTC_TEST_EXT */ } testcase_t; -testcase_t testcases_oaep[] = +static testcase_t testcases_oaep[] = { { "Example 1: A 1024-bit RSA Key Pair", diff --git a/notes/rsa-testvectors/pkcs1v15crypt-vectors.c b/notes/rsa-testvectors/pkcs1v15crypt-vectors.c index ce96cf28c..5be21f759 100644 --- a/notes/rsa-testvectors/pkcs1v15crypt-vectors.c +++ b/notes/rsa-testvectors/pkcs1v15crypt-vectors.c @@ -42,7 +42,7 @@ typedef struct testcase { #endif /* LTC_TEST_EXT */ } testcase_t; -testcase_t testcases_eme[] = +static testcase_t testcases_eme[] = { { "Example 1: A 1024-bit RSA key pair", diff --git a/notes/rsa-testvectors/pkcs1v15sign-vectors.c b/notes/rsa-testvectors/pkcs1v15sign-vectors.c index 0483c87ac..e9b4a628f 100644 --- a/notes/rsa-testvectors/pkcs1v15sign-vectors.c +++ b/notes/rsa-testvectors/pkcs1v15sign-vectors.c @@ -40,7 +40,7 @@ typedef struct testcase { #endif /* LTC_TEST_EXT */ } testcase_t; -testcase_t testcases_emsa[] = +static testcase_t testcases_emsa[] = { { "Example 1: A 1024-bit RSA key pair", diff --git a/notes/rsa-testvectors/pss-vect.c b/notes/rsa-testvectors/pss-vect.c index 3db5f5b97..4b85dbf7a 100644 --- a/notes/rsa-testvectors/pss-vect.c +++ b/notes/rsa-testvectors/pss-vect.c @@ -42,7 +42,7 @@ typedef struct testcase { #endif /* LTC_TEST_EXT */ } testcase_t; -testcase_t testcases_pss[] = +static testcase_t testcases_pss[] = { { "Example 1: A 1024-bit RSA Key Pair", diff --git a/src/headers/tomcrypt_private.h b/src/headers/tomcrypt_private.h index 6df57ef9f..990413239 100644 --- a/src/headers/tomcrypt_private.h +++ b/src/headers/tomcrypt_private.h @@ -429,6 +429,20 @@ int pbes2_extract(const ltc_asn1_list *s, pbes_arg *res); #endif #ifdef LTC_PEM +extern const struct pem_header_id pem_std_headers[]; +extern const unsigned long pem_std_headers_num; +extern const struct str pem_proc_type_encrypted; +#ifdef LTC_SSH +extern const struct str pem_ssh_comment; +#endif +extern const struct str pem_dek_info_start; +extern const struct blockcipher_info pem_dek_infos[]; +extern const unsigned long pem_dek_infos_num; +#ifdef LTC_PEM_SSH +extern const struct blockcipher_info ssh_ciphers[]; +extern const unsigned long ssh_ciphers_num; +#endif + int pem_decrypt(unsigned char *data, unsigned long *datalen, unsigned char *key, unsigned long keylen, unsigned char *iv, unsigned long ivlen, diff --git a/src/misc/pem/pem_pkcs.c b/src/misc/pem/pem_pkcs.c index 6a6d4e457..6581aff39 100644 --- a/src/misc/pem/pem_pkcs.c +++ b/src/misc/pem/pem_pkcs.c @@ -9,9 +9,6 @@ #ifdef LTC_PEM -extern const struct pem_header_id pem_std_headers[]; -extern const unsigned long pem_std_headers_num; - static int s_decrypt_pem(unsigned char *asn1_cert, unsigned long *asn1_len, const struct pem_headers *hdr) { unsigned char iv[MAXBLOCKSIZE], key[MAXBLOCKSIZE]; diff --git a/src/misc/pem/pem_read.c b/src/misc/pem/pem_read.c index 4bb2dd4c2..be969193f 100644 --- a/src/misc/pem/pem_read.c +++ b/src/misc/pem/pem_read.c @@ -9,14 +9,6 @@ #ifdef LTC_PEM -extern const struct str pem_proc_type_encrypted; -#ifdef LTC_SSH -extern const struct str pem_ssh_comment; -#endif -extern const struct str pem_dek_info_start; -extern const struct blockcipher_info pem_dek_infos[]; -extern const unsigned long pem_dek_infos_num; - static LTC_INLINE unsigned long s_bufp_alloc_len(struct bufp *buf) { if (buf->start == NULL || buf->end == NULL) diff --git a/src/misc/pem/pem_ssh.c b/src/misc/pem/pem_ssh.c index 799945d21..89dfeb4e8 100644 --- a/src/misc/pem/pem_ssh.c +++ b/src/misc/pem/pem_ssh.c @@ -324,7 +324,7 @@ struct ssh_pka { int (*decode)(const unsigned char*, unsigned long*, ltc_pka_key*, enum pem_flags); }; -struct ssh_pka ssh_pkas[] = { +static struct ssh_pka ssh_pkas[] = { #ifdef LTC_CURVE25519 { SET_CSTR(.name, "ssh-ed25519"), LTC_PKA_ED25519, diff --git a/tests/bcrypt_test.c b/tests/bcrypt_test.c index 972854dea..f30945157 100644 --- a/tests/bcrypt_test.c +++ b/tests/bcrypt_test.c @@ -18,7 +18,7 @@ struct test { const char *key; }; -struct test tests[] = { +static struct test tests[] = { /* basic */ { 4, 8, "password", 4, "salt", 32, "\x5b\xbf\x0c\xc2\x93\x58\x7f\x1c\x36\x35\x55\x5c\x27\x79\x65\x98" diff --git a/tests/deprecated_test.c b/tests/deprecated_test.c index 57215d4e3..cce4432f6 100644 --- a/tests/deprecated_test.c +++ b/tests/deprecated_test.c @@ -41,10 +41,6 @@ static void s_ecc_test(void) #endif #ifdef LTC_MRSA -extern const unsigned char ltc_rsa_private_test_key[]; -extern const unsigned long ltc_rsa_private_test_key_sz; -extern const unsigned char ltc_openssl_public_rsa[]; -extern const unsigned long ltc_openssl_public_rsa_sz; static void s_rsa_test(void) { rsa_key key, pubkey; diff --git a/tests/rsa_test.c b/tests/rsa_test.c index 80055f8fe..88c38e76b 100644 --- a/tests/rsa_test.c +++ b/tests/rsa_test.c @@ -176,9 +176,6 @@ static const unsigned char openssl_rsautl_pkcs[] = { 0xef, 0x57, 0x23, 0x4b, 0x3a, 0xa3, 0x24, 0x91, 0x4d, 0xfb, 0xb2, 0xd4, 0xe7, 0x5e, 0x41, 0x7e, }; -extern const char ltc_der_tests_cacert_root_cert[]; -extern const unsigned long ltc_der_tests_cacert_root_cert_size; - static int rsa_compat_test(void) { rsa_key key, pubkey; diff --git a/tests/tomcrypt_test.h b/tests/tomcrypt_test.h index 86d39af77..65993a001 100644 --- a/tests/tomcrypt_test.h +++ b/tests/tomcrypt_test.h @@ -57,6 +57,11 @@ int pk_oid_test(void); int deprecated_test(void); int nop_test(void); +extern const char ltc_der_tests_cacert_root_cert[]; +extern const unsigned long ltc_der_tests_cacert_root_cert_size; +extern const unsigned char ltc_openssl_public_rsa[]; +extern const unsigned long ltc_openssl_public_rsa_sz; + #ifdef LTC_PKCS_1 struct ltc_prng_descriptor* no_prng_desc_get(void); void no_prng_desc_free(struct ltc_prng_descriptor*); From 98415662c4a318c251c87da0189e7dad3e70e465 Mon Sep 17 00:00:00 2001 From: Karel Miko Date: Sun, 3 May 2026 19:45:12 +0200 Subject: [PATCH 7/8] fix clang warnings -Wimplicit-fallthrough (while keeping /* FALLTHROUGH */ for some code review tools) --- src/ciphers/multi2.c | 6 +++--- src/ciphers/twofish/twofish.c | 6 +++--- src/headers/tomcrypt_cfg.h | 3 +++ src/misc/adler32.c | 8 ++++---- src/misc/padding/padding_depad.c | 2 +- src/misc/padding/padding_pad.c | 2 +- src/misc/pkcs12/pkcs12_utf8_to_utf16.c | 10 +++++----- 7 files changed, 20 insertions(+), 17 deletions(-) diff --git a/src/ciphers/multi2.c b/src/ciphers/multi2.c index dbd9c60dc..624161e10 100644 --- a/src/ciphers/multi2.c +++ b/src/ciphers/multi2.c @@ -88,9 +88,9 @@ static void s_decrypt(ulong32 *p, int N, const ulong32 *uk) int n, t; for (t = 4*(((N-1)>>2)&1), n = N; ; ) { switch (n<=4 ? n : ((n-1)%4)+1) { - case 4: s_pi4(p, uk+t); --n; /* FALLTHROUGH */ - case 3: s_pi3(p, uk+t); --n; /* FALLTHROUGH */ - case 2: s_pi2(p, uk+t); --n; /* FALLTHROUGH */ + case 4: s_pi4(p, uk+t); --n; LTC_FALLTHROUGH; /* FALLTHROUGH */ + case 3: s_pi3(p, uk+t); --n; LTC_FALLTHROUGH; /* FALLTHROUGH */ + case 2: s_pi2(p, uk+t); --n; LTC_FALLTHROUGH; /* FALLTHROUGH */ case 1: s_pi1(p); --n; break; case 0: return; } diff --git a/src/ciphers/twofish/twofish.c b/src/ciphers/twofish/twofish.c index 2507796a6..9fb6e24f4 100644 --- a/src/ciphers/twofish/twofish.c +++ b/src/ciphers/twofish/twofish.c @@ -250,19 +250,19 @@ static void h_func(const unsigned char *in, unsigned char *out, const unsigned c y[1] = (unsigned char)(sbox(0, (ulong32)y[1]) ^ M[4 * (6 + offset) + 1]); y[2] = (unsigned char)(sbox(0, (ulong32)y[2]) ^ M[4 * (6 + offset) + 2]); y[3] = (unsigned char)(sbox(1, (ulong32)y[3]) ^ M[4 * (6 + offset) + 3]); - /* FALLTHROUGH */ + LTC_FALLTHROUGH; /* FALLTHROUGH */ case 3: y[0] = (unsigned char)(sbox(1, (ulong32)y[0]) ^ M[4 * (4 + offset) + 0]); y[1] = (unsigned char)(sbox(1, (ulong32)y[1]) ^ M[4 * (4 + offset) + 1]); y[2] = (unsigned char)(sbox(0, (ulong32)y[2]) ^ M[4 * (4 + offset) + 2]); y[3] = (unsigned char)(sbox(0, (ulong32)y[3]) ^ M[4 * (4 + offset) + 3]); - /* FALLTHROUGH */ + LTC_FALLTHROUGH; /* FALLTHROUGH */ case 2: y[0] = (unsigned char)(sbox(1, sbox(0, sbox(0, (ulong32)y[0]) ^ M[4 * (2 + offset) + 0]) ^ M[4 * (0 + offset) + 0])); y[1] = (unsigned char)(sbox(0, sbox(0, sbox(1, (ulong32)y[1]) ^ M[4 * (2 + offset) + 1]) ^ M[4 * (0 + offset) + 1])); y[2] = (unsigned char)(sbox(1, sbox(1, sbox(0, (ulong32)y[2]) ^ M[4 * (2 + offset) + 2]) ^ M[4 * (0 + offset) + 2])); y[3] = (unsigned char)(sbox(0, sbox(1, sbox(1, (ulong32)y[3]) ^ M[4 * (2 + offset) + 3]) ^ M[4 * (0 + offset) + 3])); - /* FALLTHROUGH */ + break; } mds_mult(y, out); } diff --git a/src/headers/tomcrypt_cfg.h b/src/headers/tomcrypt_cfg.h index 14b81d87f..131878132 100644 --- a/src/headers/tomcrypt_cfg.h +++ b/src/headers/tomcrypt_cfg.h @@ -412,6 +412,9 @@ typedef unsigned long ltc_mp_digit; # define LTC_ATTRIBUTE(x) #endif +#if __has_attribute(fallthrough) +# define LTC_FALLTHROUGH LTC_ATTRIBUTE((fallthrough)) +#endif #if __has_attribute(target) # define LTC_TARGET(x) LTC_ATTRIBUTE((target(x))) #endif diff --git a/src/misc/adler32.c b/src/misc/adler32.c index 985f2a627..265977d57 100644 --- a/src/misc/adler32.c +++ b/src/misc/adler32.c @@ -87,16 +87,16 @@ void adler32_finish(const adler32_state *ctx, void *hash, unsigned long size) switch (size) { default: h[3] = ctx->s[0] & 0x0ff; - /* FALLTHROUGH */ + LTC_FALLTHROUGH; /* FALLTHROUGH */ case 3: h[2] = (ctx->s[0] >> 8) & 0x0ff; - /* FALLTHROUGH */ + LTC_FALLTHROUGH; /* FALLTHROUGH */ case 2: h[1] = ctx->s[1] & 0x0ff; - /* FALLTHROUGH */ + LTC_FALLTHROUGH; /* FALLTHROUGH */ case 1: h[0] = (ctx->s[1] >> 8) & 0x0ff; - /* FALLTHROUGH */ + LTC_FALLTHROUGH; /* FALLTHROUGH */ case 0: ; } diff --git a/src/misc/padding/padding_depad.c b/src/misc/padding/padding_depad.c index 8afed1a47..83c7c13f0 100644 --- a/src/misc/padding/padding_depad.c +++ b/src/misc/padding/padding_depad.c @@ -52,7 +52,7 @@ int padding_depad(const unsigned char *data, unsigned long *length, unsigned lon switch (type) { case LTC_PAD_ANSI_X923: pad = 0x0; - /* FALLTHROUGH */ + LTC_FALLTHROUGH; /* FALLTHROUGH */ case LTC_PAD_PKCS7: for (n = unpadded_length; n < padded_length - 1; ++n) { data_xor_pad |= data[n] ^ pad; diff --git a/src/misc/padding/padding_pad.c b/src/misc/padding/padding_pad.c index 7d8bbbad8..b229a2a7d 100644 --- a/src/misc/padding/padding_pad.c +++ b/src/misc/padding/padding_pad.c @@ -28,7 +28,7 @@ static int s_padding_padded_length(unsigned long *length, unsigned long mode) t = 0; break; } - /* FALLTHROUGH */ + LTC_FALLTHROUGH; /* FALLTHROUGH */ case LTC_PAD_PKCS7: case LTC_PAD_ONE_AND_ZERO: case LTC_PAD_ZERO_ALWAYS: diff --git a/src/misc/pkcs12/pkcs12_utf8_to_utf16.c b/src/misc/pkcs12/pkcs12_utf8_to_utf16.c index bcf2023bf..75edecc30 100644 --- a/src/misc/pkcs12/pkcs12_utf8_to_utf16.c +++ b/src/misc/pkcs12/pkcs12_utf8_to_utf16.c @@ -30,15 +30,15 @@ int pkcs12_utf8_to_utf16(const unsigned char *in, unsigned long inlen, if (in + extra >= in_end) goto ERROR; switch (extra) { case 5: ch += *in++; ch <<= 6; - /* FALLTHROUGH */ + LTC_FALLTHROUGH; /* FALLTHROUGH */ case 4: ch += *in++; ch <<= 6; - /* FALLTHROUGH */ + LTC_FALLTHROUGH; /* FALLTHROUGH */ case 3: ch += *in++; ch <<= 6; - /* FALLTHROUGH */ + LTC_FALLTHROUGH; /* FALLTHROUGH */ case 2: ch += *in++; ch <<= 6; - /* FALLTHROUGH */ + LTC_FALLTHROUGH; /* FALLTHROUGH */ case 1: ch += *in++; ch <<= 6; - /* FALLTHROUGH */ + LTC_FALLTHROUGH; /* FALLTHROUGH */ case 0: ch += *in++; } ch -= offset[extra]; From e9a7e949c6dea527ad20f46fa42cdbd53c071b0e Mon Sep 17 00:00:00 2001 From: Karel Miko Date: Sun, 3 May 2026 23:19:19 +0200 Subject: [PATCH 8/8] fix build failures with -std=c99 --- demos/constants.c | 2 ++ demos/hashsum.c | 1 + demos/sizes.c | 1 + src/ciphers/aes/aes_desc.c | 2 +- src/encauth/gcm/gcm_gf_mult.c | 2 +- src/hashes/sha1_desc.c | 2 +- src/hashes/sha2/sha224_desc.c | 2 +- src/hashes/sha2/sha256_desc.c | 2 +- tests/common.c | 2 +- tests/der_test.c | 8 ++++++-- tests/tomcrypt_test.h | 1 + 11 files changed, 17 insertions(+), 8 deletions(-) diff --git a/demos/constants.c b/demos/constants.c index ca1b17090..2276742d4 100644 --- a/demos/constants.c +++ b/demos/constants.c @@ -1,5 +1,7 @@ /* LibTomCrypt, modular cryptographic library -- Tom St Denis */ /* SPDX-License-Identifier: Unlicense */ + +#define _POSIX_C_SOURCE 200809L /* otherwise PATH_MAX + strdup are not defined for build with -std=c99 */ #include "tomcrypt.h" #include diff --git a/demos/hashsum.c b/demos/hashsum.c index 6789b6561..15dc4db81 100644 --- a/demos/hashsum.c +++ b/demos/hashsum.c @@ -10,6 +10,7 @@ * more functions ;) */ +#define _POSIX_C_SOURCE 200809L /* otherwise PATH_MAX + strdup are not defined for build with -std=c99 */ #include #include diff --git a/demos/sizes.c b/demos/sizes.c index c8406168f..3972691ba 100644 --- a/demos/sizes.c +++ b/demos/sizes.c @@ -1,6 +1,7 @@ /* LibTomCrypt, modular cryptographic library -- Tom St Denis */ /* SPDX-License-Identifier: Unlicense */ +#define _POSIX_C_SOURCE 200809L /* otherwise PATH_MAX + strdup are not defined for build with -std=c99 */ #include "tomcrypt.h" #include diff --git a/src/ciphers/aes/aes_desc.c b/src/ciphers/aes/aes_desc.c index b9d1d5089..61d9f7b7e 100644 --- a/src/ciphers/aes/aes_desc.c +++ b/src/ciphers/aes/aes_desc.c @@ -22,7 +22,7 @@ static LTC_INLINE void s_x86_cpuid(int* regs, int leaf) a = leaf; b = c = d = 0; - asm volatile ("cpuid" + __asm__ volatile ("cpuid" :"=a"(a), "=b"(b), "=c"(c), "=d"(d) :"a"(a), "c"(c) ); diff --git a/src/encauth/gcm/gcm_gf_mult.c b/src/encauth/gcm/gcm_gf_mult.c index 9dd209c4f..60fda3816 100644 --- a/src/encauth/gcm/gcm_gf_mult.c +++ b/src/encauth/gcm/gcm_gf_mult.c @@ -40,7 +40,7 @@ static LTC_INLINE void s_x86_cpuid(int* regs, int leaf) a = leaf; b = c = d = 0; - asm volatile ("cpuid" + __asm__ volatile ("cpuid" :"=a"(a), "=b"(b), "=c"(c), "=d"(d) :"a"(a), "c"(c) ); diff --git a/src/hashes/sha1_desc.c b/src/hashes/sha1_desc.c index 8b83687ea..56e731352 100644 --- a/src/hashes/sha1_desc.c +++ b/src/hashes/sha1_desc.c @@ -35,7 +35,7 @@ static LTC_INLINE void s_x86_cpuid(int* regs, int leaf) a = leaf; b = c = d = 0; - asm volatile ("cpuid" + __asm__ volatile ("cpuid" :"=a"(a), "=b"(b), "=c"(c), "=d"(d) :"a"(a), "c"(c) ); diff --git a/src/hashes/sha2/sha224_desc.c b/src/hashes/sha2/sha224_desc.c index 6aa9dfd20..abdd55079 100644 --- a/src/hashes/sha2/sha224_desc.c +++ b/src/hashes/sha2/sha224_desc.c @@ -40,7 +40,7 @@ static LTC_INLINE void s_x86_cpuid(int* regs, int leaf) a = leaf; b = c = d = 0; - asm volatile ("cpuid" + __asm__ volatile ("cpuid" :"=a"(a), "=b"(b), "=c"(c), "=d"(d) :"a"(a), "c"(c) ); diff --git a/src/hashes/sha2/sha256_desc.c b/src/hashes/sha2/sha256_desc.c index 1bf0c1f7a..f3cecc33e 100644 --- a/src/hashes/sha2/sha256_desc.c +++ b/src/hashes/sha2/sha256_desc.c @@ -15,7 +15,7 @@ static LTC_INLINE void s_x86_cpuid(int* regs, int leaf) a = leaf; b = c = d = 0; - asm volatile ("cpuid" + __asm__ volatile ("cpuid" :"=a"(a), "=b"(b), "=c"(c), "=d"(d) :"a"(a), "c"(c) ); diff --git a/tests/common.c b/tests/common.c index c37b19356..f8d59d7e2 100644 --- a/tests/common.c +++ b/tests/common.c @@ -1,7 +1,7 @@ /* LibTomCrypt, modular cryptographic library -- Tom St Denis */ /* SPDX-License-Identifier: Unlicense */ -#include "common.h" +#include /** @file common.c diff --git a/tests/der_test.c b/tests/der_test.c index 2c1604870..f8625a2b9 100644 --- a/tests/der_test.c +++ b/tests/der_test.c @@ -966,7 +966,11 @@ static void der_Xcode_run(const der_Xcode_t* x) } #if defined(_MSC_VER) -#define typeof(x) x +#define LTC_TYPEOF(x) x +#elif defined(__GNUC__) && defined(__STRICT_ANSI__) +#define LTC_TYPEOF(x) __typeof__(x) /* needed for build with -std=c99 */ +#else +#define LTC_TYPEOF(x) typeof(x) #endif #define DER_XCODE_X(n, b, x) { \ @@ -975,7 +979,7 @@ static void der_Xcode_run(const der_Xcode_t* x) b, \ sizeof(b), \ x, \ - sizeof(typeof(b[0])),\ + sizeof(LTC_TYPEOF(b[0])),\ #n \ } diff --git a/tests/tomcrypt_test.h b/tests/tomcrypt_test.h index 65993a001..a1e2617f5 100644 --- a/tests/tomcrypt_test.h +++ b/tests/tomcrypt_test.h @@ -4,6 +4,7 @@ #ifndef TOMCRYPT_TEST_H_ #define TOMCRYPT_TEST_H_ +#define _POSIX_C_SOURCE 200809L /* otherwise PATH_MAX + strdup are not defined for build with -std=c99 */ #include "tomcrypt_private.h" #include "common.h"