diff --git a/ChangeLog b/ChangeLog
index 44e778f116cfd1595c57412f21d376a9d4a97d63..bb299f1c26d836e9cd61e47ff51840c22fa38fce 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,13 @@
+2014-12-12 Niels Möller <nisse@lysator.liu.se>
+
+ * cbc.h (CBC_ENCRYPT, CBC_DECRYPT): Make type-checking hack
+ stricter, warn if type of length argument is smaller than size_t.
+ * ctr.h (CTR_CRYPT): Likewise.
+ * eax.h (EAX_SET_KEY, EAX_SET_NONCE, EAX_UPDATE, EAX_ENCRYPT)
+ (EAX_DECRYPT, EAX_DIGEST): Likewise.
+ * gcm.h (GCM_SET_KEY, GCM_ENCRYPT, GCM_DECRYPT, GCM_DIGEST):
+ Likewise.
+
2014-11-24 Niels Möller <nisse@lysator.liu.se>
* gcm.h (GCM_SET_KEY): Rename macro argument KEY to avoid
diff --git a/cbc.h b/cbc.h
index bd0e2a22cc1689e0e4884e459a1bde45b281e6db..93b2e73900b67509390e00acfdbe5ec55094aad9 100644
--- a/cbc.h
+++ b/cbc.h
@@ -64,14 +64,16 @@ memcpy((ctx)->iv, (data), sizeof((ctx)->iv))
/* NOTE: Avoid using NULL, as we don't include anything defining it. */
#define CBC_ENCRYPT(self, f, length, dst, src) \
-(0 ? ((f)(&(self)->ctx, 0, (void *)0, (void *)0)) \
+ (0 ? ((f)(&(self)->ctx, ~(size_t) 0, \
+ (uint8_t *) 0, (const uint8_t *) 0)) \
: cbc_encrypt((void *) &(self)->ctx, \
(nettle_cipher_func *) (f), \
sizeof((self)->iv), (self)->iv, \
(length), (dst), (src)))
#define CBC_DECRYPT(self, f, length, dst, src) \
-(0 ? ((f)(&(self)->ctx, 0, (void *)0, (void *)0)) \
+ (0 ? ((f)(&(self)->ctx, ~(size_t) 0, \
+ (uint8_t *) 0, (const uint8_t *) 0)) \
: cbc_decrypt((void *) &(self)->ctx, \
(nettle_cipher_func *) (f), \
sizeof((self)->iv), (self)->iv, \
diff --git a/ctr.h b/ctr.h
index b67fdc5d8a2f113cee5476246f9a1f0aa7f654b2..7dd06a2d8d62b8593f19c16b82b817f844263fb7 100644
--- a/ctr.h
+++ b/ctr.h
@@ -57,7 +57,8 @@ ctr_crypt(const void *ctx, nettle_cipher_func *f,
memcpy((ctx)->ctr, (data), sizeof((ctx)->ctr))
#define CTR_CRYPT(self, f, length, dst, src) \
-(0 ? ((f)(&(self)->ctx, 0, NULL, NULL)) \
+ (0 ? ((f)(&(self)->ctx, ~(size_t) 0, \
+ (uint8_t *) 0, (const uint8_t *) 0)) \
: ctr_crypt((void *) &(self)->ctx, \
(nettle_cipher_func *) (f), \
sizeof((self)->ctr), (self)->ctr, \
diff --git a/eax.h b/eax.h
index 10749b4ecd9c682d9f5df294b805214f5384a78f..e9747f3c6be062c896385ef4fdb3dd9cf1744708 100644
--- a/eax.h
+++ b/eax.h
@@ -114,36 +114,42 @@ eax_digest (struct eax_ctx *eax, const struct eax_key *key,
#define EAX_SET_KEY(ctx, set_key, encrypt, data) \
do { \
(set_key)(&(ctx)->cipher, (data)); \
- if (0) (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0); \
+ if (0) (encrypt) (&(ctx)->cipher, ~(size_t) 0, \
+ (uint8_t *) 0, (const uint8_t *) 0); \
eax_set_key (&(ctx)->key, &(ctx)->cipher, (nettle_cipher_func *) encrypt); \
} while (0)
-#define EAX_SET_NONCE(ctx, encrypt, length, nonce) \
- (0 ? (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0) \
+#define EAX_SET_NONCE(ctx, encrypt, length, nonce) \
+ (0 ? (encrypt) (&(ctx)->cipher, ~(size_t) 0, \
+ (uint8_t *) 0, (const uint8_t *) 0) \
: eax_set_nonce (&(ctx)->eax, &(ctx)->key, \
&(ctx)->cipher, (nettle_cipher_func *) (encrypt), \
(length), (nonce)))
#define EAX_UPDATE(ctx, encrypt, length, data) \
- (0 ? (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0) \
+ (0 ? (encrypt) (&(ctx)->cipher, ~(size_t) 0, \
+ (uint8_t *) 0, (const uint8_t *) 0) \
: eax_update (&(ctx)->eax, &(ctx)->key, \
&(ctx)->cipher, (nettle_cipher_func *) (encrypt), \
(length), (data)))
#define EAX_ENCRYPT(ctx, encrypt, length, dst, src) \
- (0 ? (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0) \
+ (0 ? (encrypt) (&(ctx)->cipher, ~(size_t) 0, \
+ (uint8_t *) 0, (const uint8_t *) 0) \
: eax_encrypt (&(ctx)->eax, &(ctx)->key, \
&(ctx)->cipher, (nettle_cipher_func *) (encrypt), \
(length), (dst), (src)))
#define EAX_DECRYPT(ctx, encrypt, length, dst, src) \
- (0 ? (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0) \
+ (0 ? (encrypt) (&(ctx)->cipher, ~(size_t) 0, \
+ (uint8_t *) 0, (const uint8_t *) 0) \
: eax_decrypt (&(ctx)->eax, &(ctx)->key, \
&(ctx)->cipher, (nettle_cipher_func *) (encrypt), \
(length), (dst), (src)))
#define EAX_DIGEST(ctx, encrypt, length, digest) \
- (0 ? (encrypt) (&(ctx)->cipher, 0, (void *) 0, (void *) 0) \
+ (0 ? (encrypt) (&(ctx)->cipher, ~(size_t) 0, \
+ (uint8_t *) 0, (const uint8_t *) 0) \
: eax_digest (&(ctx)->eax, &(ctx)->key, \
&(ctx)->cipher, (nettle_cipher_func *) (encrypt), \
(length), (digest)))
diff --git a/gcm.h b/gcm.h
index c157f829c970bfecae131c99ef10a322aeeea99b..766019ae1d74b1736756639226159db704cf98dd 100644
--- a/gcm.h
+++ b/gcm.h
@@ -151,10 +151,11 @@ gcm_digest(struct gcm_ctx *ctx, const struct gcm_key *key,
{ struct gcm_key key; struct gcm_ctx gcm; type cipher; }
/* NOTE: Avoid using NULL, as we don't include anything defining it. */
-#define GCM_SET_KEY(ctx, set_key, encrypt, gcm_key) \
+#define GCM_SET_KEY(ctx, set_key, encrypt, gcm_key) \
do { \
- (set_key)(&(ctx)->cipher, (gcm_key)); \
- if (0) (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0); \
+ (set_key)(&(ctx)->cipher, (gcm_key)); \
+ if (0) (encrypt)(&(ctx)->cipher, ~(size_t) 0, \
+ (uint8_t *) 0, (const uint8_t *) 0); \
gcm_set_key(&(ctx)->key, &(ctx)->cipher, \
(nettle_cipher_func *) (encrypt)); \
} while (0)
@@ -166,19 +167,22 @@ gcm_digest(struct gcm_ctx *ctx, const struct gcm_key *key,
gcm_update(&(ctx)->gcm, &(ctx)->key, (length), (data))
#define GCM_ENCRYPT(ctx, encrypt, length, dst, src) \
- (0 ? (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0) \
+ (0 ? (encrypt)(&(ctx)->cipher, ~(size_t) 0, \
+ (uint8_t *) 0, (const uint8_t *) 0) \
: gcm_encrypt(&(ctx)->gcm, &(ctx)->key, &(ctx)->cipher, \
(nettle_cipher_func *) (encrypt), \
(length), (dst), (src)))
#define GCM_DECRYPT(ctx, encrypt, length, dst, src) \
- (0 ? (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0) \
+ (0 ? (encrypt)(&(ctx)->cipher, ~(size_t) 0, \
+ (uint8_t *) 0, (const uint8_t *) 0) \
: gcm_decrypt(&(ctx)->gcm, &(ctx)->key, &(ctx)->cipher, \
(nettle_cipher_func *) (encrypt), \
(length), (dst), (src)))
#define GCM_DIGEST(ctx, encrypt, length, digest) \
- (0 ? (encrypt)(&(ctx)->cipher, 0, (void *)0, (void *)0) \
+ (0 ? (encrypt)(&(ctx)->cipher, ~(size_t) 0, \
+ (uint8_t *) 0, (const uint8_t *) 0) \
: gcm_digest(&(ctx)->gcm, &(ctx)->key, &(ctx)->cipher, \
(nettle_cipher_func *) (encrypt), \
(length), (digest)))