treewide: sonarqube fixes

include/infuse/rpc/client.h

@@ -206,7 +206,7 @@ struct rpc_client_auto_load_params {
  */
 int rpc_client_data_queue_auto_load(struct rpc_client_ctx *ctx, uint32_t request_id,
 				    uint32_t offset, void *buffer, size_t buffer_len,
-				    struct rpc_client_auto_load_params *loader_params);
+				    const struct rpc_client_auto_load_params *loader_params);
 
 /**
  * @brief Queue a command for execution on a remote device and wait for the response

include/infuse/security.h

@@ -111,27 +111,38 @@ psa_key_id_t infuse_security_secondary_network_root_key(void);
  */
 sec_tag_t infuse_security_coap_dtls_tag(void);
 
+/** Parameters to control key creation */
+struct infuse_security_key_params {
+	/** Base key to use for HKDF */
+	psa_key_id_t base_key;
+	/** Algorithm key will be used with */
+	psa_algorithm_t algorithm;
+	/** Type of key to generate */
+	psa_key_type_t key_type;
+	/** Length of key to generate (bits) */
+	size_t key_bits;
+	/** How the key will be used */
+	psa_key_usage_t key_usage;
+	/** Key derivation randomisation */
+	const void *salt;
+	/** Length of @a salt */
+	size_t salt_len;
+	/** Optional application/usage specific array */
+	const void *info;
+	/** Length of @a info */
+	size_t info_len;
+	/** Force set PSA_KEY_USAGE_EXPORT attribute on generated key */
+	bool force_export;
+};
+
 /**
  * @brief Derive a key for use with PSA
  *
- * @param base_key Base key to use for HKDF
- * @param algorithm Algorithm key will be used with
- * @param key_type Type of key to generate
- * @param key_bits Length of key to generate (bits)
- * @param key_usage How the key will be used
- * @param salt Key derivation randomisation
- * @param salt_len Length of @a salt
- * @param info Optional application/usage specific array
- * @param info_len Length of @a info
- * @param force_export Force set PSA_KEY_USAGE_EXPORT attribute on generated key
+ * @param params Key parameters
  *
  * @return psa_key_id_t Derived key identifier
  */
-psa_key_id_t infuse_security_derive_key(psa_key_id_t base_key, psa_algorithm_t algorithm,
-					psa_key_type_t key_type, size_t key_bits,
-					psa_key_usage_t key_usage, const void *salt,
-					size_t salt_len, const void *info, size_t info_len,
-					bool force_export);
+psa_key_id_t infuse_security_derive_key(const struct infuse_security_key_params *params);
 
 /**
  * @brief Derive a key for use with ChaCha20-Poly1305

lib/math/cartesian.c

@@ -87,29 +87,32 @@ bool cartesian_point_in_polygon(struct cartesian_point_2d point,
 		size_t j = (i + 1) % vertices;
 		struct cartesian_line_2d edge = {polygon[i], polygon[j]};
 
-		if (cartesian_line_intersection(ray, edge, &intersection)) {
-
-			/* Check if the intersection is to the right of or at the test point */
-			if (intersection.x >= point.x) {
-
-				if (intersection.x == point.x && intersection.y == point.y) {
-					/* The point is on a vertex */
-					return true;
-				}
-
-				/* Handle edge cases */
-				if (edge.a.y == point.y || edge.b.y == point.y) {
-					/* If the intersection is at a vertex, count it
-					 * only, if the other endpoint is below the ray
-					 */
-					if ((edge.a.y > point.y && edge.b.y <= point.y) ||
-					    (edge.b.y > point.y && edge.a.y <= point.y)) {
-						intersections++;
-					}
-				} else {
-					intersections++;
-				}
+		/* If the test ray doesn't intersect with the polygon */
+		if (!cartesian_line_intersection(ray, edge, &intersection)) {
+			continue;
+		}
+
+		/* If the intersection is to the left of the test point */
+		if (intersection.x < point.x) {
+			continue;
+		}
+
+		/* The point is on a vertex */
+		if (intersection.x == point.x && intersection.y == point.y) {
+			return true;
+		}
+
+		/* Handle edge cases */
+		if (edge.a.y == point.y || edge.b.y == point.y) {
+			/* If the intersection is at a vertex, count it
+			 * only, if the other endpoint is below the ray
+			 */
+			if ((edge.a.y > point.y && edge.b.y <= point.y) ||
+			    (edge.b.y > point.y && edge.a.y <= point.y)) {
+				intersections++;
 			}
+		} else {
+			intersections++;
 		}
 	}
 

lib/security/security.c

@@ -402,31 +402,29 @@ int infuse_security_init(void)
 	return 0;
 }
 
-psa_key_id_t infuse_security_derive_key(psa_key_id_t base_key, psa_algorithm_t algorithm,
-					psa_key_type_t key_type, size_t key_bits,
-					psa_key_usage_t key_usage, const void *salt,
-					size_t salt_len, const void *info, size_t info_len,
-					bool force_export)
+psa_key_id_t infuse_security_derive_key(const struct infuse_security_key_params *params)
 {
 	psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT;
 	psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
 	psa_key_id_t output_key = PSA_KEY_ID_NULL;
+	psa_key_usage_t key_usage = params->key_usage;
 
-	if (IS_ENABLED(CONFIG_INFUSE_SECURITY_CHACHA_KEY_EXPORT) || force_export) {
+	if (IS_ENABLED(CONFIG_INFUSE_SECURITY_CHACHA_KEY_EXPORT) || params->force_export) {
 		key_usage |= PSA_KEY_USAGE_EXPORT;
 	}
 	psa_set_key_usage_flags(&key_attributes, key_usage);
 	psa_set_key_lifetime(&key_attributes, PSA_KEY_LIFETIME_VOLATILE);
-	psa_set_key_algorithm(&key_attributes, algorithm);
-	psa_set_key_type(&key_attributes, key_type);
-	psa_set_key_bits(&key_attributes, key_bits);
+	psa_set_key_algorithm(&key_attributes, params->algorithm);
+	psa_set_key_type(&key_attributes, params->key_type);
+	psa_set_key_bits(&key_attributes, params->key_bits);
 
 	if (psa_key_derivation_setup(&operation, PSA_ALG_HKDF(PSA_ALG_SHA_256)) ||
-	    psa_key_derivation_input_bytes(&operation, PSA_KEY_DERIVATION_INPUT_SALT, salt,
-					   salt_len) ||
-	    psa_key_derivation_input_bytes(&operation, PSA_KEY_DERIVATION_INPUT_INFO, info,
-					   info_len) ||
-	    psa_key_derivation_input_key(&operation, PSA_KEY_DERIVATION_INPUT_SECRET, base_key) ||
+	    psa_key_derivation_input_bytes(&operation, PSA_KEY_DERIVATION_INPUT_SALT, params->salt,
+					   params->salt_len) ||
+	    psa_key_derivation_input_bytes(&operation, PSA_KEY_DERIVATION_INPUT_INFO, params->info,
+					   params->info_len) ||
+	    psa_key_derivation_input_key(&operation, PSA_KEY_DERIVATION_INPUT_SECRET,
+					 params->base_key) ||
 	    psa_key_derivation_output_key(&key_attributes, &operation, &output_key)) {
 		output_key = PSA_KEY_ID_NULL;
 	}
@@ -438,10 +436,20 @@ psa_key_id_t infuse_security_derive_chacha_key(psa_key_id_t base_key, const void
 					       size_t salt_len, const void *info, size_t info_len,
 					       bool force_export)
 {
-	return infuse_security_derive_key(base_key, PSA_ALG_CHACHA20_POLY1305,
-					  PSA_KEY_TYPE_CHACHA20, 256,
-					  PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, salt,
-					  salt_len, info, info_len, force_export);
+	const struct infuse_security_key_params params = {
+		.base_key = base_key,
+		.algorithm = PSA_ALG_CHACHA20_POLY1305,
+		.key_type = PSA_KEY_TYPE_CHACHA20,
+		.key_bits = 256,
+		.key_usage = PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
+		.salt = salt,
+		.salt_len = salt_len,
+		.info = info,
+		.info_len = info_len,
+		.force_export = force_export,
+	};
+
+	return infuse_security_derive_key(&params);
 }
 
 void infuse_security_cloud_public_key(uint8_t public_key[32])

subsys/bluetooth/gatt.c

@@ -328,6 +328,7 @@ static void mtu_exchange_cb(struct bt_conn *conn, uint8_t err,
 			    struct bt_gatt_exchange_params *params)
 {
 	struct bt_gatt_state *s = &state[bt_conn_index(conn)];
+	int rc;
 
 	if (err) {
 		connection_error(conn, err);
@@ -355,9 +356,9 @@ static void mtu_exchange_cb(struct bt_conn *conn, uint8_t err,
 	db_read_params.by_uuid.start_handle = BT_ATT_FIRST_ATTRIBUTE_HANDLE;
 	db_read_params.by_uuid.end_handle = BT_ATT_LAST_ATTRIBUTE_HANDLE;
 
-	err = bt_gatt_read(conn, &db_read_params);
-	if (err < 0) {
-		connection_error(conn, err);
+	rc = bt_gatt_read(conn, &db_read_params);
+	if (rc < 0) {
+		connection_error(conn, rc);
 	}
 }
 

subsys/cpatch/patch.c

@@ -112,6 +112,43 @@ static int do_write(const struct flash_area *input, struct stream_flash_ctx *out
 	return 0;
 }
 
+static int do_cpatch(const struct flash_area *input, struct stream_flash_ctx *output,
+		     struct patch_state *state)
+{
+	int rc;
+
+	while (true) {
+		uint8_t len;
+
+		rc = binary_patch_read(state, &len, 1);
+		if (len == 0) {
+			break;
+		}
+		state->operation_count = len & 0x7F;
+		LOG_DBG("PATCH_COPY: %d", state->operation_count);
+		rc = do_copy(input, output, state);
+		if (rc < 0) {
+			return rc;
+		}
+		if (len & 0x80) {
+			state->operation_count = 1;
+		} else {
+			rc = binary_patch_read(state, &len, 1);
+			if (len == 0) {
+				break;
+			}
+			state->operation_count = len;
+		}
+		LOG_DBG("PATCH_WRITE: %d", state->operation_count);
+		rc = do_write(input, output, state);
+		if (rc < 0) {
+			return rc;
+		}
+	}
+
+	return 0;
+}
+
 static int crc_update(uint8_t *buf, size_t len, size_t offset)
 {
 	progress_crc = crc32_ieee_update(progress_crc, buf, len);
@@ -220,35 +257,7 @@ static int opcode_run(const struct flash_area *input, struct stream_flash_ctx *o
 		rc = do_write(input, output, state);
 		break;
 	case FAMILY_PATCH:
-		while (true) {
-			uint8_t len;
-
-			rc = binary_patch_read(state, &len, 1);
-			if (len == 0) {
-				break;
-			}
-			state->operation_count = len & 0x7F;
-			LOG_DBG("PATCH_COPY: %d", state->operation_count);
-			rc = do_copy(input, output, state);
-			if (rc < 0) {
-				break;
-			}
-			if (len & 0x80) {
-				state->operation_count = 1;
-			} else {
-				rc = binary_patch_read(state, &len, 1);
-				if (len == 0) {
-					break;
-				}
-				state->operation_count = len;
-			}
-			LOG_DBG("PATCH_WRITE: %d", state->operation_count);
-			rc = do_write(input, output, state);
-			if (rc < 0) {
-				break;
-			}
-		}
-
+		rc = do_cpatch(input, output, state);
 		break;
 	default:
 		return -EINVAL;