From c66345e32a7e944cf41b41f2d32b6a087ca6e215 Mon Sep 17 00:00:00 2001 From: DakshitBabbar Date: Mon, 17 Mar 2025 15:30:11 +0530 Subject: [PATCH 1/3] Update code to remove constness related warnings for lates ESP-IDF v5.4 --- .../aws-iot-core-mqtt-file-streams-embedded-c | 2 +- .../port/ota_pal.c | 17 +++++++++-------- libraries/corePKCS11/port/iot_crypto.c | 4 ++-- libraries/corePKCS11/port/iot_crypto.h | 2 +- 4 files changed, 13 insertions(+), 12 deletions(-) diff --git a/libraries/aws-iot-core-mqtt-file-streams-embedded-c/aws-iot-core-mqtt-file-streams-embedded-c b/libraries/aws-iot-core-mqtt-file-streams-embedded-c/aws-iot-core-mqtt-file-streams-embedded-c index 05ff5dc55..0889aae80 160000 --- a/libraries/aws-iot-core-mqtt-file-streams-embedded-c/aws-iot-core-mqtt-file-streams-embedded-c +++ b/libraries/aws-iot-core-mqtt-file-streams-embedded-c/aws-iot-core-mqtt-file-streams-embedded-c @@ -1 +1 @@ -Subproject commit 05ff5dc55a8591360664557f78ae1d71d696d201 +Subproject commit 0889aae80c5e020bfcc04f6667d0488a54795f55 diff --git a/libraries/aws-iot-core-mqtt-file-streams-embedded-c/port/ota_pal.c b/libraries/aws-iot-core-mqtt-file-streams-embedded-c/port/ota_pal.c index ecf890868..6fca48a2a 100644 --- a/libraries/aws-iot-core-mqtt-file-streams-embedded-c/port/ota_pal.c +++ b/libraries/aws-iot-core-mqtt-file-streams-embedded-c/port/ota_pal.c @@ -106,12 +106,13 @@ static CK_RV prvGetCertificate( const char * pcLabelName, uint8_t ** ppucData, uint32_t * pulDataSize ); -static OtaPalStatus_t asn1_to_raw_ecdsa( uint8_t * signature, +static OtaPalStatus_t asn1_to_raw_ecdsa( const uint8_t * signature, uint16_t sig_len, uint8_t * out_signature ) { int ret = 0; - const unsigned char * end = signature + sig_len; + unsigned char * local_signature_ptr = ( unsigned char * ) signature; + const unsigned char * end = local_signature_ptr + sig_len; size_t len; mbedtls_mpi r = { 0 }; mbedtls_mpi s = { 0 }; @@ -125,21 +126,21 @@ static OtaPalStatus_t asn1_to_raw_ecdsa( uint8_t * signature, mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s ); - if( ( ret = mbedtls_asn1_get_tag( &signature, end, &len, + if( ( ret = mbedtls_asn1_get_tag( &local_signature_ptr, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { LogError( ( "Bad Input Signature" ) ); goto cleanup; } - if( signature + len != end ) + if( local_signature_ptr + len != end ) { LogError( ( "Incorrect ASN1 Signature Length" ) ); goto cleanup; } - if( ( ( ret = mbedtls_asn1_get_mpi( &signature, end, &r ) ) != 0 ) || - ( ( ret = mbedtls_asn1_get_mpi( &signature, end, &s ) ) != 0 ) ) + if( ( ( ret = mbedtls_asn1_get_mpi( &local_signature_ptr, end, &r ) ) != 0 ) || + ( ( ret = mbedtls_asn1_get_mpi( &local_signature_ptr, end, &s ) ) != 0 ) ) { LogError( ( "ASN1 parsing failed" ) ); goto cleanup; @@ -475,7 +476,7 @@ OtaPalStatus_t otaPal_CheckFileSignature( AfrOtaJobDocumentFields_t * const pFil } if( CRYPTO_SignatureVerificationFinal( pvSigVerifyContext, ( char * ) pucSignerCert, ulSignerCertSize, - pFileContext->signature, pFileContext->signatureLen ) == pdFALSE ) + ( const uint8_t * ) pFileContext->signature, pFileContext->signatureLen ) == pdFALSE ) { LogError( ( "Signature verification failed." ) ); result = OtaPalSignatureCheckFailed; @@ -529,7 +530,7 @@ OtaPalStatus_t otaPal_CloseFile( AfrOtaJobDocumentFields_t * const pFileContext { memset( sec_boot_sig->sec_ver, 0x00, sizeof( sec_boot_sig->sec_ver ) ); memset( sec_boot_sig->pad, 0xFF, sizeof( sec_boot_sig->pad ) ); - mainErr = asn1_to_raw_ecdsa( pFileContext->signature, pFileContext->signatureLen, sec_boot_sig->raw_ecdsa_sig ); + mainErr = asn1_to_raw_ecdsa( ( const uint8_t * ) pFileContext->signature, pFileContext->signatureLen, sec_boot_sig->raw_ecdsa_sig ); if( mainErr == OtaPalSuccess ) { diff --git a/libraries/corePKCS11/port/iot_crypto.c b/libraries/corePKCS11/port/iot_crypto.c index 03aafad7c..da53995fb 100644 --- a/libraries/corePKCS11/port/iot_crypto.c +++ b/libraries/corePKCS11/port/iot_crypto.c @@ -107,7 +107,7 @@ static BaseType_t prvVerifySignature( char * pcSignerCertificate, BaseType_t xHashAlgorithm, uint8_t * pucHash, size_t xHashLength, - uint8_t * pucSignature, + const uint8_t * pucSignature, size_t xSignatureLength ) { BaseType_t xResult = pdTRUE; @@ -255,7 +255,7 @@ void CRYPTO_SignatureVerificationUpdate( void * pvContext, BaseType_t CRYPTO_SignatureVerificationFinal( void * pvContext, char * pcSignerCertificate, size_t xSignerCertificateLength, - uint8_t * pucSignature, + const uint8_t * pucSignature, size_t xSignatureLength ) { BaseType_t xResult = pdFALSE; diff --git a/libraries/corePKCS11/port/iot_crypto.h b/libraries/corePKCS11/port/iot_crypto.h index 742d04ce5..dd9352e73 100644 --- a/libraries/corePKCS11/port/iot_crypto.h +++ b/libraries/corePKCS11/port/iot_crypto.h @@ -101,7 +101,7 @@ void CRYPTO_SignatureVerificationUpdate( void * pvContext, BaseType_t CRYPTO_SignatureVerificationFinal( void * pvContext, char * pcSignerCertificate, size_t xSignerCertificateLength, - uint8_t * pucSignature, + const uint8_t * pucSignature, size_t xSignatureLength ); #ifdef __cplusplus } From cd5b7292abec6f4d571cc3d6f598c3c308abca30 Mon Sep 17 00:00:00 2001 From: DakshitBabbar Date: Mon, 30 Jun 2025 12:28:58 +0530 Subject: [PATCH 2/3] Update the mqtt-file-streams submodule pointer --- .../aws-iot-core-mqtt-file-streams-embedded-c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libraries/aws-iot-core-mqtt-file-streams-embedded-c/aws-iot-core-mqtt-file-streams-embedded-c b/libraries/aws-iot-core-mqtt-file-streams-embedded-c/aws-iot-core-mqtt-file-streams-embedded-c index 0889aae80..73182a76f 160000 --- a/libraries/aws-iot-core-mqtt-file-streams-embedded-c/aws-iot-core-mqtt-file-streams-embedded-c +++ b/libraries/aws-iot-core-mqtt-file-streams-embedded-c/aws-iot-core-mqtt-file-streams-embedded-c @@ -1 +1 @@ -Subproject commit 0889aae80c5e020bfcc04f6667d0488a54795f55 +Subproject commit 73182a76fc71b0e5400e80b0e647aa58dcf4c7ad From 91154cf829db38f99b9d0157e052b29e2e4ae280 Mon Sep 17 00:00:00 2001 From: DakshitBabbar Date: Mon, 30 Jun 2025 12:41:43 +0530 Subject: [PATCH 3/3] Revert the suppression of warnings in mqtt-file-streams --- .../aws-iot-core-mqtt-file-streams-embedded-c/CMakeLists.txt | 4 ---- 1 file changed, 4 deletions(-) diff --git a/libraries/aws-iot-core-mqtt-file-streams-embedded-c/CMakeLists.txt b/libraries/aws-iot-core-mqtt-file-streams-embedded-c/CMakeLists.txt index 14e0cc28d..2ed3ac292 100644 --- a/libraries/aws-iot-core-mqtt-file-streams-embedded-c/CMakeLists.txt +++ b/libraries/aws-iot-core-mqtt-file-streams-embedded-c/CMakeLists.txt @@ -53,10 +53,6 @@ set_source_files_properties( "${CMAKE_CURRENT_LIST_DIR}/aws-iot-core-mqtt-file-streams-embedded-c/source/MQTTFileDownloader.c" PROPERTIES COMPILE_FLAGS -Wno-format) -set_source_files_properties( -"${CMAKE_CURRENT_LIST_DIR}/aws-iot-core-mqtt-file-streams-embedded-c/source/MQTTFileDownloader_cbor.c" -PROPERTIES COMPILE_FLAGS -Wno-incompatible-pointer-types) - if (NOT CONFIG_MQTT_STREAMS_USE_CUSTOM_CONFIG) target_compile_definitions( ${COMPONENT_TARGET} PUBLIC MQTT_STREAMS_DO_NOT_USE_CUSTOM_CONFIG=1 ) endif()