From 02f0c26cea09e4ea847fba303a856b9475382ba5 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Mon, 5 Jan 2015 11:30:03 +0000 Subject: [PATCH] Re-align some comments after running the reformat script. This should be a one off operation (subsequent invokation of the script should not move them) This commit is for the 0.9.8 changes Reviewed-by: Tim Hudson --- apps/ca.c | 8 +- apps/gendh.c | 4 +- apps/req.c | 8 +- apps/s_cb.c | 36 ++--- apps/s_client.c | 4 +- apps/s_socket.c | 14 +- crypto/bio/bf_null.c | 10 +- crypto/bio/bio.h | 18 +-- crypto/bio/bss_acpt.c | 12 +- crypto/bn/bn_add.c | 24 +-- crypto/bn/bn_exp.c | 60 +++---- crypto/bn/bn_gcd.c | 212 ++++++++++++------------ crypto/bn/bn_kron.c | 14 +- crypto/bn/bn_mul.c | 90 +++++------ crypto/bn/bn_print.c | 12 +- crypto/bn/bn_sqr.c | 22 +-- crypto/bn/bn_sqrt.c | 122 +++++++------- crypto/cast/casttest.c | 6 +- crypto/conf/conf_def.c | 20 +-- crypto/des/des.c | 16 +- crypto/des/destest.c | 14 +- crypto/des/enc_read.c | 12 +- crypto/des/ofb64ede.c | 4 +- crypto/dso/dso_vms.c | 34 ++-- crypto/ec/ec.h | 16 +- crypto/ec/ec2_smpl.c | 12 +- crypto/ec/ec_lcl.h | 16 +- crypto/ec/ec_mult.c | 14 +- crypto/ec/ecp_smpl.c | 70 ++++---- crypto/idea/ideatest.c | 6 +- crypto/lhash/lhash.c | 6 +- crypto/o_time.c | 48 +++--- crypto/pem/pem.h | 10 +- crypto/rand/randfile.c | 8 +- crypto/rc2/rc2test.c | 6 +- crypto/rc4/rc4_enc.c | 116 +++++++------- crypto/rsa/rsa_pss.c | 24 +-- crypto/threads/mttest.c | 44 ++--- crypto/x509/by_dir.c | 4 +- crypto/x509/x509_lu.c | 4 +- crypto/x509/x509_r2x.c | 4 +- crypto/x509/x509_vfy.c | 18 +-- crypto/x509/x509name.c | 20 +-- demos/engines/zencod/hw_zencod.h | 16 +- engines/e_cswift.c | 10 +- engines/vendor_defns/hwcryptohook.h | 240 ++++++++++++++-------------- ssl/d1_both.c | 20 +-- ssl/d1_clnt.c | 64 ++++---- ssl/d1_pkt.c | 50 +++--- ssl/kssl.c | 26 +-- ssl/s23_srvr.c | 26 +-- ssl/s2_pkt.c | 30 ++-- ssl/s3_clnt.c | 92 +++++------ ssl/s3_enc.c | 15 +- ssl/s3_pkt.c | 50 +++--- ssl/s3_srvr.c | 60 +++---- ssl/ssl_ciph.c | 28 ++-- ssl/ssl_lib.c | 10 +- ssl/ssl_task.c | 4 +- ssl/ssltest.c | 84 +++++----- ssl/t1_lib.c | 16 +- test/methtest.c | 12 +- 62 files changed, 1038 insertions(+), 1037 deletions(-) diff --git a/apps/ca.c b/apps/ca.c index cb9ffa1779..f0b192d19e 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -593,10 +593,10 @@ int MAIN(int argc, char **argv) oid_bio = BIO_new_file(p, "r"); if (oid_bio == NULL) { - /*- - BIO_printf(bio_err,"problems opening %s for extra oid's\n",p); - ERR_print_errors(bio_err); - */ + /*- + BIO_printf(bio_err,"problems opening %s for extra oid's\n",p); + ERR_print_errors(bio_err); + */ ERR_clear_error(); } else { OBJ_create_objects(oid_bio); diff --git a/apps/gendh.c b/apps/gendh.c index 21347dfb10..1331e5521f 100644 --- a/apps/gendh.c +++ b/apps/gendh.c @@ -122,8 +122,8 @@ int MAIN(int argc, char **argv) outfile = *(++argv); } else if (strcmp(*argv, "-2") == 0) g = 2; - /*- else if (strcmp(*argv,"-3") == 0) - g=3; */ +/*- else if (strcmp(*argv,"-3") == 0) + g=3; */ else if (strcmp(*argv, "-5") == 0) g = 5; # ifndef OPENSSL_NO_ENGINE diff --git a/apps/req.c b/apps/req.c index 1a481f51c7..c8b7dc9721 100644 --- a/apps/req.c +++ b/apps/req.c @@ -592,10 +592,10 @@ int MAIN(int argc, char **argv) oid_bio = BIO_new_file(p, "r"); if (oid_bio == NULL) { - /*- - BIO_printf(bio_err,"problems opening %s for extra oid's\n",p); - ERR_print_errors(bio_err); - */ + /*- + BIO_printf(bio_err,"problems opening %s for extra oid's\n",p); + ERR_print_errors(bio_err); + */ } else { OBJ_create_objects(oid_bio); BIO_free(oid_bio); diff --git a/apps/s_cb.c b/apps/s_cb.c index 690bac81c2..9649a798a8 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -178,10 +178,10 @@ int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx) int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file) { if (cert_file != NULL) { - /*- - SSL *ssl; - X509 *x509; - */ + /*- + SSL *ssl; + X509 *x509; + */ if (SSL_CTX_use_certificate_file(ctx, cert_file, SSL_FILETYPE_PEM) <= 0) { @@ -199,20 +199,20 @@ int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file) return (0); } - /*- - In theory this is no longer needed - ssl=SSL_new(ctx); - x509=SSL_get_certificate(ssl); - - if (x509 != NULL) { - EVP_PKEY *pktmp; - pktmp = X509_get_pubkey(x509); - EVP_PKEY_copy_parameters(pktmp, - SSL_get_privatekey(ssl)); - EVP_PKEY_free(pktmp); - } - SSL_free(ssl); - */ + /*- + In theory this is no longer needed + ssl=SSL_new(ctx); + x509=SSL_get_certificate(ssl); + + if (x509 != NULL) { + EVP_PKEY *pktmp; + pktmp = X509_get_pubkey(x509); + EVP_PKEY_copy_parameters(pktmp, + SSL_get_privatekey(ssl)); + EVP_PKEY_free(pktmp); + } + SSL_free(ssl); + */ /* * If we are using DSA, we can copy the parameters from the private diff --git a/apps/s_client.c b/apps/s_client.c index 0e410feb62..70653b6ed0 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -1082,8 +1082,8 @@ int MAIN(int argc, char **argv) FD_SET(SSL_get_fd(con), &writefds); } #endif -/*- printf("mode tty(%d %d%d) ssl(%d%d)\n", - tty_on,read_tty,write_tty,read_ssl,write_ssl);*/ +/*- printf("mode tty(%d %d%d) ssl(%d%d)\n", + tty_on,read_tty,write_tty,read_ssl,write_ssl);*/ /* * Note: under VMS with SOCKETSHR the second parameter is diff --git a/apps/s_socket.c b/apps/s_socket.c index c778814dc1..67e105bfff 100644 --- a/apps/s_socket.c +++ b/apps/s_socket.c @@ -428,13 +428,13 @@ static int do_accept(int acc_sock, int *sock, char **host) } /*- - ling.l_onoff=1; - ling.l_linger=0; - i=setsockopt(ret,SOL_SOCKET,SO_LINGER,(char *)&ling,sizeof(ling)); - if (i < 0) { perror("linger"); return(0); } - i=0; - i=setsockopt(ret,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i)); - if (i < 0) { perror("keepalive"); return(0); } + ling.l_onoff=1; + ling.l_linger=0; + i=setsockopt(ret,SOL_SOCKET,SO_LINGER,(char *)&ling,sizeof(ling)); + if (i < 0) { perror("linger"); return(0); } + i=0; + i=setsockopt(ret,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i)); + if (i < 0) { perror("keepalive"); return(0); } */ if (host == NULL) diff --git a/crypto/bio/bf_null.c b/crypto/bio/bf_null.c index d9d0dc6bf4..e0c79e8291 100644 --- a/crypto/bio/bf_null.c +++ b/crypto/bio/bf_null.c @@ -103,11 +103,11 @@ static int nullf_free(BIO *a) { if (a == NULL) return (0); - /*- - a->ptr=NULL; - a->init=0; - a->flags=0; - */ + /*- + a->ptr=NULL; + a->init=0; + a->flags=0; + */ return (1); } diff --git a/crypto/bio/bio.h b/crypto/bio/bio.h index b28c58e8f6..9d29b365bc 100644 --- a/crypto/bio/bio.h +++ b/crypto/bio/bio.h @@ -329,15 +329,15 @@ struct bio_st { DECLARE_STACK_OF(BIO) typedef struct bio_f_buffer_ctx_struct { - /*- - * Buffers are setup like this: - * - * <---------------------- size -----------------------> - * +---------------------------------------------------+ - * | consumed | remaining | free space | - * +---------------------------------------------------+ - * <-- off --><------- len -------> - */ + /*- + * Buffers are setup like this: + * + * <---------------------- size -----------------------> + * +---------------------------------------------------+ + * | consumed | remaining | free space | + * +---------------------------------------------------+ + * <-- off --><------- len -------> + */ /*- BIO *bio; *//* * this is now in the BIO struct */ diff --git a/crypto/bio/bss_acpt.c b/crypto/bio/bss_acpt.c index f5aab82690..0bb907cb84 100644 --- a/crypto/bio/bss_acpt.c +++ b/crypto/bio/bss_acpt.c @@ -421,12 +421,12 @@ static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr) ret = (long)data->bind_mode; break; case BIO_CTRL_DUP: -/*- dbio=(BIO *)ptr; - if (data->param_port) EAY EAY - BIO_set_port(dbio,data->param_port); - if (data->param_hostname) - BIO_set_hostname(dbio,data->param_hostname); - BIO_set_nbio(dbio,data->nbio); */ +/*- dbio=(BIO *)ptr; + if (data->param_port) EAY EAY + BIO_set_port(dbio,data->param_port); + if (data->param_hostname) + BIO_set_hostname(dbio,data->param_hostname); + BIO_set_nbio(dbio,data->nbio); */ break; default: diff --git a/crypto/bn/bn_add.c b/crypto/bn/bn_add.c index c48665a038..2f3d110449 100644 --- a/crypto/bn/bn_add.c +++ b/crypto/bn/bn_add.c @@ -69,12 +69,12 @@ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) bn_check_top(a); bn_check_top(b); - /*- - * a + b a+b - * a + -b a-b - * -a + b b-a - * -a + -b -(a+b) - */ + /*- + * a + b a+b + * a + -b a-b + * -a + b b-a + * -a + -b -(a+b) + */ if (a_neg ^ b->neg) { /* only one is negative */ if (a_neg) { @@ -265,12 +265,12 @@ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) bn_check_top(a); bn_check_top(b); - /*- - * a - b a-b - * a - -b a+b - * -a - b -(a+b) - * -a - -b b-a - */ + /*- + * a - b a-b + * a - -b a+b + * -a - b -(a+b) + * -a - -b b-a + */ if (a->neg) { if (b->neg) { tmp = a; diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c index b29df546d5..ef67843fc2 100644 --- a/crypto/bn/bn_exp.c +++ b/crypto/bn/bn_exp.c @@ -174,36 +174,36 @@ int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, bn_check_top(p); bn_check_top(m); - /*- - * For even modulus m = 2^k*m_odd, it might make sense to compute - * a^p mod m_odd and a^p mod 2^k separately (with Montgomery - * exponentiation for the odd part), using appropriate exponent - * reductions, and combine the results using the CRT. - * - * For now, we use Montgomery only if the modulus is odd; otherwise, - * exponentiation using the reciprocal-based quick remaindering - * algorithm is used. - * - * (Timing obtained with expspeed.c [computations a^p mod m - * where a, p, m are of the same length: 256, 512, 1024, 2048, - * 4096, 8192 bits], compared to the running time of the - * standard algorithm: - * - * BN_mod_exp_mont 33 .. 40 % [AMD K6-2, Linux, debug configuration] - * 55 .. 77 % [UltraSparc processor, but - * debug-solaris-sparcv8-gcc conf.] - * - * BN_mod_exp_recp 50 .. 70 % [AMD K6-2, Linux, debug configuration] - * 62 .. 118 % [UltraSparc, debug-solaris-sparcv8-gcc] - * - * On the Sparc, BN_mod_exp_recp was faster than BN_mod_exp_mont - * at 2048 and more bits, but at 512 and 1024 bits, it was - * slower even than the standard algorithm! - * - * "Real" timings [linux-elf, solaris-sparcv9-gcc configurations] - * should be obtained when the new Montgomery reduction code - * has been integrated into OpenSSL.) - */ + /*- + * For even modulus m = 2^k*m_odd, it might make sense to compute + * a^p mod m_odd and a^p mod 2^k separately (with Montgomery + * exponentiation for the odd part), using appropriate exponent + * reductions, and combine the results using the CRT. + * + * For now, we use Montgomery only if the modulus is odd; otherwise, + * exponentiation using the reciprocal-based quick remaindering + * algorithm is used. + * + * (Timing obtained with expspeed.c [computations a^p mod m + * where a, p, m are of the same length: 256, 512, 1024, 2048, + * 4096, 8192 bits], compared to the running time of the + * standard algorithm: + * + * BN_mod_exp_mont 33 .. 40 % [AMD K6-2, Linux, debug configuration] + * 55 .. 77 % [UltraSparc processor, but + * debug-solaris-sparcv8-gcc conf.] + * + * BN_mod_exp_recp 50 .. 70 % [AMD K6-2, Linux, debug configuration] + * 62 .. 118 % [UltraSparc, debug-solaris-sparcv8-gcc] + * + * On the Sparc, BN_mod_exp_recp was faster than BN_mod_exp_mont + * at 2048 and more bits, but at 512 and 1024 bits, it was + * slower even than the standard algorithm! + * + * "Real" timings [linux-elf, solaris-sparcv9-gcc configurations] + * should be obtained when the new Montgomery reduction code + * has been integrated into OpenSSL.) + */ #define MONT_MUL_MOD #define MONT_EXP_WORD diff --git a/crypto/bn/bn_gcd.c b/crypto/bn/bn_gcd.c index d6ee6b44b7..cd5f86b0e2 100644 --- a/crypto/bn/bn_gcd.c +++ b/crypto/bn/bn_gcd.c @@ -267,13 +267,13 @@ BIGNUM *BN_mod_inverse(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, goto err; } sign = -1; - /*- - * From B = a mod |n|, A = |n| it follows that - * - * 0 <= B < A, - * -sign*X*a == B (mod |n|), - * sign*Y*a == A (mod |n|). - */ + /*- + * From B = a mod |n|, A = |n| it follows that + * + * 0 <= B < A, + * -sign*X*a == B (mod |n|), + * sign*Y*a == A (mod |n|). + */ if (BN_is_odd(n) && (BN_num_bits(n) <= (BN_BITS <= 32 ? 450 : 2048))) { /* @@ -285,12 +285,12 @@ BIGNUM *BN_mod_inverse(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, int shift; while (!BN_is_zero(B)) { - /*- - * 0 < B < |n|, - * 0 < A <= |n|, - * (1) -sign*X*a == B (mod |n|), - * (2) sign*Y*a == A (mod |n|) - */ + /*- + * 0 < B < |n|, + * 0 < A <= |n|, + * (1) -sign*X*a == B (mod |n|), + * (2) sign*Y*a == A (mod |n|) + */ /* * Now divide B by the maximum possible power of two in the @@ -336,18 +336,18 @@ BIGNUM *BN_mod_inverse(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, goto err; } - /*- - * We still have (1) and (2). - * Both A and B are odd. - * The following computations ensure that - * - * 0 <= B < |n|, - * 0 < A < |n|, - * (1) -sign*X*a == B (mod |n|), - * (2) sign*Y*a == A (mod |n|), - * - * and that either A or B is even in the next iteration. - */ + /*- + * We still have (1) and (2). + * Both A and B are odd. + * The following computations ensure that + * + * 0 <= B < |n|, + * 0 < A < |n|, + * (1) -sign*X*a == B (mod |n|), + * (2) sign*Y*a == A (mod |n|), + * + * and that either A or B is even in the next iteration. + */ if (BN_ucmp(B, A) >= 0) { /* -sign*(X + Y)*a == B - A (mod |n|) */ if (!BN_uadd(X, X, Y)) @@ -376,11 +376,11 @@ BIGNUM *BN_mod_inverse(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, while (!BN_is_zero(B)) { BIGNUM *tmp; - /*- - * 0 < B < A, - * (*) -sign*X*a == B (mod |n|), - * sign*Y*a == A (mod |n|) - */ + /*- + * 0 < B < A, + * (*) -sign*X*a == B (mod |n|), + * sign*Y*a == A (mod |n|) + */ /* (D, M) := (A/B, A%B) ... */ if (BN_num_bits(A) == BN_num_bits(B)) { @@ -427,12 +427,12 @@ BIGNUM *BN_mod_inverse(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, goto err; } - /*- - * Now - * A = D*B + M; - * thus we have - * (**) sign*Y*a == D*B + M (mod |n|). - */ + /*- + * Now + * A = D*B + M; + * thus we have + * (**) sign*Y*a == D*B + M (mod |n|). + */ tmp = A; /* keep the BIGNUM object, the value does not * matter */ @@ -442,25 +442,25 @@ BIGNUM *BN_mod_inverse(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, B = M; /* ... so we have 0 <= B < A again */ - /*- - * Since the former M is now B and the former B is now A, - * (**) translates into - * sign*Y*a == D*A + B (mod |n|), - * i.e. - * sign*Y*a - D*A == B (mod |n|). - * Similarly, (*) translates into - * -sign*X*a == A (mod |n|). - * - * Thus, - * sign*Y*a + D*sign*X*a == B (mod |n|), - * i.e. - * sign*(Y + D*X)*a == B (mod |n|). - * - * So if we set (X, Y, sign) := (Y + D*X, X, -sign), we arrive back at - * -sign*X*a == B (mod |n|), - * sign*Y*a == A (mod |n|). - * Note that X and Y stay non-negative all the time. - */ + /*- + * Since the former M is now B and the former B is now A, + * (**) translates into + * sign*Y*a == D*A + B (mod |n|), + * i.e. + * sign*Y*a - D*A == B (mod |n|). + * Similarly, (*) translates into + * -sign*X*a == A (mod |n|). + * + * Thus, + * sign*Y*a + D*sign*X*a == B (mod |n|), + * i.e. + * sign*(Y + D*X)*a == B (mod |n|). + * + * So if we set (X, Y, sign) := (Y + D*X, X, -sign), we arrive back at + * -sign*X*a == B (mod |n|), + * sign*Y*a == A (mod |n|). + * Note that X and Y stay non-negative all the time. + */ /* * most of the time D is very small, so we can optimize tmp := @@ -497,13 +497,13 @@ BIGNUM *BN_mod_inverse(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, } } - /*- - * The while loop (Euclid's algorithm) ends when - * A == gcd(a,n); - * we have - * sign*Y*a == A (mod |n|), - * where Y is non-negative. - */ + /*- + * The while loop (Euclid's algorithm) ends when + * A == gcd(a,n); + * we have + * sign*Y*a == A (mod |n|), + * where Y is non-negative. + */ if (sign < 0) { if (!BN_sub(Y, n, Y)) @@ -587,22 +587,22 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in, goto err; } sign = -1; - /*- - * From B = a mod |n|, A = |n| it follows that - * - * 0 <= B < A, - * -sign*X*a == B (mod |n|), - * sign*Y*a == A (mod |n|). - */ + /*- + * From B = a mod |n|, A = |n| it follows that + * + * 0 <= B < A, + * -sign*X*a == B (mod |n|), + * sign*Y*a == A (mod |n|). + */ while (!BN_is_zero(B)) { BIGNUM *tmp; - /*- - * 0 < B < A, - * (*) -sign*X*a == B (mod |n|), - * sign*Y*a == A (mod |n|) - */ + /*- + * 0 < B < A, + * (*) -sign*X*a == B (mod |n|), + * sign*Y*a == A (mod |n|) + */ /* * Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked, @@ -615,12 +615,12 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in, if (!BN_div(D, M, pA, B, ctx)) goto err; - /*- - * Now - * A = D*B + M; - * thus we have - * (**) sign*Y*a == D*B + M (mod |n|). - */ + /*- + * Now + * A = D*B + M; + * thus we have + * (**) sign*Y*a == D*B + M (mod |n|). + */ tmp = A; /* keep the BIGNUM object, the value does not * matter */ @@ -630,25 +630,25 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in, B = M; /* ... so we have 0 <= B < A again */ - /*- - * Since the former M is now B and the former B is now A, - * (**) translates into - * sign*Y*a == D*A + B (mod |n|), - * i.e. - * sign*Y*a - D*A == B (mod |n|). - * Similarly, (*) translates into - * -sign*X*a == A (mod |n|). - * - * Thus, - * sign*Y*a + D*sign*X*a == B (mod |n|), - * i.e. - * sign*(Y + D*X)*a == B (mod |n|). - * - * So if we set (X, Y, sign) := (Y + D*X, X, -sign), we arrive back at - * -sign*X*a == B (mod |n|), - * sign*Y*a == A (mod |n|). - * Note that X and Y stay non-negative all the time. - */ + /*- + * Since the former M is now B and the former B is now A, + * (**) translates into + * sign*Y*a == D*A + B (mod |n|), + * i.e. + * sign*Y*a - D*A == B (mod |n|). + * Similarly, (*) translates into + * -sign*X*a == A (mod |n|). + * + * Thus, + * sign*Y*a + D*sign*X*a == B (mod |n|), + * i.e. + * sign*(Y + D*X)*a == B (mod |n|). + * + * So if we set (X, Y, sign) := (Y + D*X, X, -sign), we arrive back at + * -sign*X*a == B (mod |n|), + * sign*Y*a == A (mod |n|). + * Note that X and Y stay non-negative all the time. + */ if (!BN_mul(tmp, D, X, ctx)) goto err; @@ -662,13 +662,13 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in, sign = -sign; } - /*- - * The while loop (Euclid's algorithm) ends when - * A == gcd(a,n); - * we have - * sign*Y*a == A (mod |n|), - * where Y is non-negative. - */ + /*- + * The while loop (Euclid's algorithm) ends when + * A == gcd(a,n); + * we have + * sign*Y*a == A (mod |n|), + * where Y is non-negative. + */ if (sign < 0) { if (!BN_sub(Y, n, Y)) diff --git a/crypto/bn/bn_kron.c b/crypto/bn/bn_kron.c index 71808321d5..88d731ac75 100644 --- a/crypto/bn/bn_kron.c +++ b/crypto/bn/bn_kron.c @@ -66,13 +66,13 @@ int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) int ret = -2; /* avoid 'uninitialized' warning */ int err = 0; BIGNUM *A, *B, *tmp; - /*- - * In 'tab', only odd-indexed entries are relevant: - * For any odd BIGNUM n, - * tab[BN_lsw(n) & 7] - * is $(-1)^{(n^2-1)/8}$ (using TeX notation). - * Note that the sign of n does not matter. - */ + /*- + * In 'tab', only odd-indexed entries are relevant: + * For any odd BIGNUM n, + * tab[BN_lsw(n) & 7] + * is $(-1)^{(n^2-1)/8}$ (using TeX notation). + * Note that the sign of n does not matter. + */ static const int tab[8] = { 0, 1, 0, -1, 0, -1, 0, 1 }; bn_check_top(a); diff --git a/crypto/bn/bn_mul.c b/crypto/bn/bn_mul.c index 3b751d3edc..b174850b6b 100644 --- a/crypto/bn/bn_mul.c +++ b/crypto/bn/bn_mul.c @@ -527,11 +527,11 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, bn_mul_recursive(&(r[n2]), &(a[n]), &(b[n]), n, dna, dnb, p); } - /*- - * t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign - * r[10] holds (a[0]*b[0]) - * r[32] holds (b[1]*b[1]) - */ + /*- + * t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign + * r[10] holds (a[0]*b[0]) + * r[32] holds (b[1]*b[1]) + */ c1 = (int)(bn_add_words(t, r, &(r[n2]), n2)); @@ -542,12 +542,12 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, c1 += (int)(bn_add_words(&(t[n2]), &(t[n2]), t, n2)); } - /*- - * t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1]) - * r[10] holds (a[0]*b[0]) - * r[32] holds (b[1]*b[1]) - * c1 holds the carry bits - */ + /*- + * t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1]) + * r[10] holds (a[0]*b[0]) + * r[32] holds (b[1]*b[1]) + * c1 holds the carry bits + */ c1 += (int)(bn_add_words(&(r[n]), &(r[n]), &(t[n2]), n2)); if (c1) { p = &(r[n + n2]); @@ -689,11 +689,11 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n, } } - /*- - * t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign - * r[10] holds (a[0]*b[0]) - * r[32] holds (b[1]*b[1]) - */ + /*- + * t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign + * r[10] holds (a[0]*b[0]) + * r[32] holds (b[1]*b[1]) + */ c1 = (int)(bn_add_words(t, r, &(r[n2]), n2)); @@ -704,12 +704,12 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n, c1 += (int)(bn_add_words(&(t[n2]), &(t[n2]), t, n2)); } - /*- - * t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1]) - * r[10] holds (a[0]*b[0]) - * r[32] holds (b[1]*b[1]) - * c1 holds the carry bits - */ + /*- + * t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1]) + * r[10] holds (a[0]*b[0]) + * r[32] holds (b[1]*b[1]) + * c1 holds the carry bits + */ c1 += (int)(bn_add_words(&(r[n]), &(r[n]), &(t[n2]), n2)); if (c1) { p = &(r[n + n2]); @@ -828,13 +828,13 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2, bn_mul_recursive(r, &(a[n]), &(b[n]), n, 0, 0, &(t[n2])); } - /*- - * s0 == low(al*bl) - * s1 == low(ah*bh)+low((al-ah)*(bh-bl))+low(al*bl)+high(al*bl) - * We know s0 and s1 so the only unknown is high(al*bl) - * high(al*bl) == s1 - low(ah*bh+s0+(al-ah)*(bh-bl)) - * high(al*bl) == s1 - (r[0]+l[0]+t[0]) - */ + /*- + * s0 == low(al*bl) + * s1 == low(ah*bh)+low((al-ah)*(bh-bl))+low(al*bl)+high(al*bl) + * We know s0 and s1 so the only unknown is high(al*bl) + * high(al*bl) == s1 - low(ah*bh+s0+(al-ah)*(bh-bl)) + * high(al*bl) == s1 - (r[0]+l[0]+t[0]) + */ if (l != NULL) { lp = &(t[n2 + n]); c1 = (int)(bn_add_words(lp, &(r[0]), &(l[0]), n)); @@ -859,22 +859,22 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2, lp[i] = ((~mp[i]) + 1) & BN_MASK2; } - /*- - * s[0] = low(al*bl) - * t[3] = high(al*bl) - * t[10] = (a[0]-a[1])*(b[1]-b[0]) neg is the sign - * r[10] = (a[1]*b[1]) - */ - /*- - * R[10] = al*bl - * R[21] = al*bl + ah*bh + (a[0]-a[1])*(b[1]-b[0]) - * R[32] = ah*bh - */ - /*- - * R[1]=t[3]+l[0]+r[0](+-)t[0] (have carry/borrow) - * R[2]=r[0]+t[3]+r[1](+-)t[1] (have carry/borrow) - * R[3]=r[1]+(carry/borrow) - */ + /*- + * s[0] = low(al*bl) + * t[3] = high(al*bl) + * t[10] = (a[0]-a[1])*(b[1]-b[0]) neg is the sign + * r[10] = (a[1]*b[1]) + */ + /*- + * R[10] = al*bl + * R[21] = al*bl + ah*bh + (a[0]-a[1])*(b[1]-b[0]) + * R[32] = ah*bh + */ + /*- + * R[1]=t[3]+l[0]+r[0](+-)t[0] (have carry/borrow) + * R[2]=r[0]+t[3]+r[1](+-)t[1] (have carry/borrow) + * R[3]=r[1]+(carry/borrow) + */ if (l != NULL) { lp = &(t[n2]); c1 = (int)(bn_add_words(lp, &(t[n2 + n]), &(l[0]), n)); diff --git a/crypto/bn/bn_print.c b/crypto/bn/bn_print.c index 984b4cf6b6..15bc51af9e 100644 --- a/crypto/bn/bn_print.c +++ b/crypto/bn/bn_print.c @@ -106,12 +106,12 @@ char *BN_bn2dec(const BIGNUM *a) BIGNUM *t = NULL; BN_ULONG *bn_data = NULL, *lp; - /*- - * get an upper bound for the length of the decimal integer - * num <= (BN_num_bits(a) + 1) * log(2) - * <= 3 * BN_num_bits(a) * 0.1001 + log(2) + 1 (rounding error) - * <= BN_num_bits(a)/10 + BN_num_bits/1000 + 1 + 1 - */ + /*- + * get an upper bound for the length of the decimal integer + * num <= (BN_num_bits(a) + 1) * log(2) + * <= 3 * BN_num_bits(a) * 0.1001 + log(2) + 1 (rounding error) + * <= BN_num_bits(a)/10 + BN_num_bits/1000 + 1 + 1 + */ i = BN_num_bits(a) * 3; num = (i / 10 + i / 1000 + 1) + 1; bn_data = diff --git a/crypto/bn/bn_sqr.c b/crypto/bn/bn_sqr.c index 51daae4481..3ca69879ee 100644 --- a/crypto/bn/bn_sqr.c +++ b/crypto/bn/bn_sqr.c @@ -249,23 +249,23 @@ void bn_sqr_recursive(BN_ULONG *r, const BN_ULONG *a, int n2, BN_ULONG *t) bn_sqr_recursive(r, a, n, p); bn_sqr_recursive(&(r[n2]), &(a[n]), n, p); - /*- - * t[32] holds (a[0]-a[1])*(a[1]-a[0]), it is negative or zero - * r[10] holds (a[0]*b[0]) - * r[32] holds (b[1]*b[1]) - */ + /*- + * t[32] holds (a[0]-a[1])*(a[1]-a[0]), it is negative or zero + * r[10] holds (a[0]*b[0]) + * r[32] holds (b[1]*b[1]) + */ c1 = (int)(bn_add_words(t, r, &(r[n2]), n2)); /* t[32] is negative */ c1 -= (int)(bn_sub_words(&(t[n2]), t, &(t[n2]), n2)); - /*- - * t[32] holds (a[0]-a[1])*(a[1]-a[0])+(a[0]*a[0])+(a[1]*a[1]) - * r[10] holds (a[0]*a[0]) - * r[32] holds (a[1]*a[1]) - * c1 holds the carry bits - */ + /*- + * t[32] holds (a[0]-a[1])*(a[1]-a[0])+(a[0]*a[0])+(a[1]*a[1]) + * r[10] holds (a[0]*a[0]) + * r[32] holds (a[1]*a[1]) + * c1 holds the carry bits + */ c1 += (int)(bn_add_words(&(r[n]), &(r[n]), &(t[n2]), n2)); if (c1) { p = &(r[n + n2]); diff --git a/crypto/bn/bn_sqrt.c b/crypto/bn/bn_sqrt.c index 772c8080bb..232af99a21 100644 --- a/crypto/bn/bn_sqrt.c +++ b/crypto/bn/bn_sqrt.c @@ -132,14 +132,14 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) /* we'll set q later (if needed) */ if (e == 1) { - /*- - * The easy case: (|p|-1)/2 is odd, so 2 has an inverse - * modulo (|p|-1)/2, and square roots can be computed - * directly by modular exponentiation. - * We have - * 2 * (|p|+1)/4 == 1 (mod (|p|-1)/2), - * so we can use exponent (|p|+1)/4, i.e. (|p|-3)/4 + 1. - */ + /*- + * The easy case: (|p|-1)/2 is odd, so 2 has an inverse + * modulo (|p|-1)/2, and square roots can be computed + * directly by modular exponentiation. + * We have + * 2 * (|p|+1)/4 == 1 (mod (|p|-1)/2), + * so we can use exponent (|p|+1)/4, i.e. (|p|-3)/4 + 1. + */ if (!BN_rshift(q, p, 2)) goto end; q->neg = 0; @@ -152,32 +152,32 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) } if (e == 2) { - /*- - * |p| == 5 (mod 8) - * - * In this case 2 is always a non-square since - * Legendre(2,p) = (-1)^((p^2-1)/8) for any odd prime. - * So if a really is a square, then 2*a is a non-square. - * Thus for - * b := (2*a)^((|p|-5)/8), - * i := (2*a)*b^2 - * we have - * i^2 = (2*a)^((1 + (|p|-5)/4)*2) - * = (2*a)^((p-1)/2) - * = -1; - * so if we set - * x := a*b*(i-1), - * then - * x^2 = a^2 * b^2 * (i^2 - 2*i + 1) - * = a^2 * b^2 * (-2*i) - * = a*(-i)*(2*a*b^2) - * = a*(-i)*i - * = a. - * - * (This is due to A.O.L. Atkin, - * , - * November 1992.) - */ + /*- + * |p| == 5 (mod 8) + * + * In this case 2 is always a non-square since + * Legendre(2,p) = (-1)^((p^2-1)/8) for any odd prime. + * So if a really is a square, then 2*a is a non-square. + * Thus for + * b := (2*a)^((|p|-5)/8), + * i := (2*a)*b^2 + * we have + * i^2 = (2*a)^((1 + (|p|-5)/4)*2) + * = (2*a)^((p-1)/2) + * = -1; + * so if we set + * x := a*b*(i-1), + * then + * x^2 = a^2 * b^2 * (i^2 - 2*i + 1) + * = a^2 * b^2 * (-2*i) + * = a*(-i)*(2*a*b^2) + * = a*(-i)*i + * = a. + * + * (This is due to A.O.L. Atkin, + * , + * November 1992.) + */ /* t := 2*a */ if (!BN_mod_lshift1_quick(t, A, p)) @@ -277,24 +277,24 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) goto end; } - /*- - * Now we know that (if p is indeed prime) there is an integer - * k, 0 <= k < 2^e, such that - * - * a^q * y^k == 1 (mod p). - * - * As a^q is a square and y is not, k must be even. - * q+1 is even, too, so there is an element - * - * X := a^((q+1)/2) * y^(k/2), - * - * and it satisfies - * - * X^2 = a^q * a * y^k - * = a, - * - * so it is the square root that we are looking for. - */ + /*- + * Now we know that (if p is indeed prime) there is an integer + * k, 0 <= k < 2^e, such that + * + * a^q * y^k == 1 (mod p). + * + * As a^q is a square and y is not, k must be even. + * q+1 is even, too, so there is an element + * + * X := a^((q+1)/2) * y^(k/2), + * + * and it satisfies + * + * X^2 = a^q * a * y^k + * = a, + * + * so it is the square root that we are looking for. + */ /* t := (q-1)/2 (note that q is odd) */ if (!BN_rshift1(t, q)) @@ -333,15 +333,15 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) goto end; while (1) { - /*- - * Now b is a^q * y^k for some even k (0 <= k < 2^E - * where E refers to the original value of e, which we - * don't keep in a variable), and x is a^((q+1)/2) * y^(k/2). - * - * We have a*b = x^2, - * y^2^(e-1) = -1, - * b^2^(e-1) = 1. - */ + /*- + * Now b is a^q * y^k for some even k (0 <= k < 2^E + * where E refers to the original value of e, which we + * don't keep in a variable), and x is a^((q+1)/2) * y^(k/2). + * + * We have a*b = x^2, + * y^2^(e-1) = -1, + * b^2^(e-1) = 1. + */ if (BN_is_one(b)) { if (!BN_copy(ret, x)) diff --git a/crypto/cast/casttest.c b/crypto/cast/casttest.c index b3bd85c520..dc31bc6604 100644 --- a/crypto/cast/casttest.c +++ b/crypto/cast/casttest.c @@ -134,9 +134,9 @@ static unsigned char cfb_cipher64[CFB_TEST_SIZE] = { 0x59, 0xD8, 0xE2, 0x65, 0x00, 0x58, 0x6C, 0x3F, 0x2C, 0x17, 0x25, 0xD0, 0x1A, 0x38, 0xB7, 0x2A, 0x39, 0x61, 0x37, 0xDC, 0x79, 0xFB, 0x9F, 0x45 -/*- 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38, - 0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9, - 0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/ +/*- 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38, + 0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9, + 0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/ }; # endif diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c index 24bb9ea151..8ca68e1de5 100644 --- a/crypto/conf/conf_def.c +++ b/crypto/conf/conf_def.c @@ -574,16 +574,16 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from) } e++; } - /*- - * So at this point we have - * np which is the start of the name string which is - * '\0' terminated. - * cp which is the start of the section string which is - * '\0' terminated. - * e is the 'next point after'. - * r and rr are the chars replaced by the '\0' - * rp and rrp is where 'r' and 'rr' came from. - */ + /*- + * So at this point we have + * np which is the start of the name string which is + * '\0' terminated. + * cp which is the start of the section string which is + * '\0' terminated. + * e is the 'next point after'. + * r and rr are the chars replaced by the '\0' + * rp and rrp is where 'r' and 'rr' came from. + */ p = _CONF_get_string(conf, cp, np); if (rrp != NULL) *rrp = rr; diff --git a/crypto/des/des.c b/crypto/des/des.c index 402695160d..2bff281258 100644 --- a/crypto/des/des.c +++ b/crypto/des/des.c @@ -228,14 +228,14 @@ int main(int argc, char **argv) } if (error) usage(); - /*- - * We either - * do checksum or - * do encrypt or - * do decrypt or - * do decrypt then ckecksum or - * do checksum then encrypt - */ + /*- + * We either + * do checksum or + * do encrypt or + * do decrypt or + * do decrypt then ckecksum or + * do checksum then encrypt + */ if (((eflag + dflag) == 1) || cflag) { if (eflag) do_encrypt = DES_ENCRYPT; diff --git a/crypto/des/destest.c b/crypto/des/destest.c index 994eeefd53..c6be342038 100644 --- a/crypto/des/destest.c +++ b/crypto/des/destest.c @@ -404,13 +404,13 @@ int main(int argc, char *argv[]) DES_ENCRYPT); DES_ede3_cbcm_encrypt(&cbc_data[16], &cbc_out[16], i - 16, &ks, &ks2, &ks3, &iv3, &iv2, DES_ENCRYPT); - /*- if (memcmp(cbc_out,cbc3_ok, - (unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0) - { - printf("des_ede3_cbc_encrypt encrypt error\n"); - err=1; - } - */ +/*- if (memcmp(cbc_out,cbc3_ok, + (unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0) + { + printf("des_ede3_cbc_encrypt encrypt error\n"); + err=1; + } +*/ memcpy(iv3, cbc_iv, sizeof(cbc_iv)); memset(iv2, '\0', sizeof iv2); DES_ede3_cbcm_encrypt(cbc_out, cbc_in, i, &ks, &ks2, &ks3, &iv3, &iv2, diff --git a/crypto/des/enc_read.c b/crypto/des/enc_read.c index d01e870bcd..8746e8b281 100644 --- a/crypto/des/enc_read.c +++ b/crypto/des/enc_read.c @@ -199,12 +199,12 @@ int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched, */ num = len; } else { - /*- - * >output is a multiple of 8 byes, if len < rnum - * >we must be careful. The user must be aware that this - * >routine will write more bytes than he asked for. - * >The length of the buffer must be correct. - * FIXED - Should be ok now 18-9-90 - eay */ + /*- + * >output is a multiple of 8 byes, if len < rnum + * >we must be careful. The user must be aware that this + * >routine will write more bytes than he asked for. + * >The length of the buffer must be correct. + * FIXED - Should be ok now 18-9-90 - eay */ if (len < rnum) { if (DES_rw_mode & DES_PCBC_MODE) diff --git a/crypto/des/ofb64ede.c b/crypto/des/ofb64ede.c index 03399bc297..45c67505a6 100644 --- a/crypto/des/ofb64ede.c +++ b/crypto/des/ofb64ede.c @@ -102,8 +102,8 @@ void DES_ede3_ofb64_encrypt(register const unsigned char *in, n = (n + 1) & 0x07; } if (save) { -/*- v0=ti[0]; - v1=ti[1];*/ +/*- v0=ti[0]; + v1=ti[1];*/ iv = &(*ivec)[0]; l2c(v0, iv); l2c(v1, iv); diff --git a/crypto/dso/dso_vms.c b/crypto/dso/dso_vms.c index 75698e4c44..12e1db3f2f 100644 --- a/crypto/dso/dso_vms.c +++ b/crypto/dso/dso_vms.c @@ -151,23 +151,23 @@ static int vms_load(DSO *dso) goto err; } - /*- - * A file specification may look like this: - * - * node::dev:[dir-spec]name.type;ver - * - * or (for compatibility with TOPS-20): - * - * node::dev:name.type;ver - * - * and the dir-spec uses '.' as separator. Also, a dir-spec - * may consist of several parts, with mixed use of [] and <>: - * - * [dir1.] - * - * We need to split the file specification into the name and - * the rest (both before and after the name itself). - */ + /*- + * A file specification may look like this: + * + * node::dev:[dir-spec]name.type;ver + * + * or (for compatibility with TOPS-20): + * + * node::dev:name.type;ver + * + * and the dir-spec uses '.' as separator. Also, a dir-spec + * may consist of several parts, with mixed use of [] and <>: + * + * [dir1.] + * + * We need to split the file specification into the name and + * the rest (both before and after the name itself). + */ /* * Start with trying to find the end of a dir-spec, and save the position * of the byte after in sp1 diff --git a/crypto/ec/ec.h b/crypto/ec/ec.h index f84a22959f..08adf1fe48 100644 --- a/crypto/ec/ec.h +++ b/crypto/ec/ec.h @@ -106,14 +106,14 @@ typedef enum { typedef struct ec_method_st EC_METHOD; typedef struct ec_group_st - /*- - EC_METHOD *meth; - -- field definition - -- curve coefficients - -- optional generator with associated information (order, cofactor) - -- optional extra data (precomputed table for fast computation of multiples of generator) - -- ASN1 stuff - */ + /*- + EC_METHOD *meth; + -- field definition + -- curve coefficients + -- optional generator with associated information (order, cofactor) + -- optional extra data (precomputed table for fast computation of multiples of generator) + -- ASN1 stuff + */ EC_GROUP; typedef struct ec_point_st EC_POINT; diff --git a/crypto/ec/ec2_smpl.c b/crypto/ec/ec2_smpl.c index 4e2f86ebee..5df41e2660 100644 --- a/crypto/ec/ec2_smpl.c +++ b/crypto/ec/ec2_smpl.c @@ -872,12 +872,12 @@ int ec_GF2m_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, if (lh == NULL) goto err; - /*- - * We have a curve defined by a Weierstrass equation - * y^2 + x*y = x^3 + a*x^2 + b. - * <=> x^3 + a*x^2 + x*y + b + y^2 = 0 - * <=> ((x + a) * x + y ) * x + b + y^2 = 0 - */ + /*- + * We have a curve defined by a Weierstrass equation + * y^2 + x*y = x^3 + a*x^2 + b. + * <=> x^3 + a*x^2 + x*y + b + y^2 = 0 + * <=> ((x + a) * x + y ) * x + b + y^2 = 0 + */ if (!BN_GF2m_add(lh, &point->X, &group->a)) goto err; if (!field_mul(group, lh, lh, &point->X, ctx)) diff --git a/crypto/ec/ec_lcl.h b/crypto/ec/ec_lcl.h index b08b823d32..5372117bc3 100644 --- a/crypto/ec/ec_lcl.h +++ b/crypto/ec/ec_lcl.h @@ -115,14 +115,14 @@ struct ec_method_st { void (*point_finish) (EC_POINT *); void (*point_clear_finish) (EC_POINT *); int (*point_copy) (EC_POINT *, const EC_POINT *); - /*- - * used by EC_POINT_set_to_infinity, - * EC_POINT_set_Jprojective_coordinates_GFp, - * EC_POINT_get_Jprojective_coordinates_GFp, - * EC_POINT_set_affine_coordinates_GFp, ..._GF2m, - * EC_POINT_get_affine_coordinates_GFp, ..._GF2m, - * EC_POINT_set_compressed_coordinates_GFp, ..._GF2m: - */ + /*- + * used by EC_POINT_set_to_infinity, + * EC_POINT_set_Jprojective_coordinates_GFp, + * EC_POINT_get_Jprojective_coordinates_GFp, + * EC_POINT_set_affine_coordinates_GFp, ..._GF2m, + * EC_POINT_get_affine_coordinates_GFp, ..._GF2m, + * EC_POINT_set_compressed_coordinates_GFp, ..._GF2m: + */ int (*point_set_to_infinity) (const EC_GROUP *, EC_POINT *); int (*point_set_Jprojective_coordinates_GFp) (const EC_GROUP *, EC_POINT *, const BIGNUM *x, diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c index fd52c68be9..333cbc9c8c 100644 --- a/crypto/ec/ec_mult.c +++ b/crypto/ec/ec_mult.c @@ -600,13 +600,13 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, if (!(tmp = EC_POINT_new(group))) goto err; - /*- - * prepare precomputed values: - * val_sub[i][0] := points[i] - * val_sub[i][1] := 3 * points[i] - * val_sub[i][2] := 5 * points[i] - * ... - */ + /*- + * prepare precomputed values: + * val_sub[i][0] := points[i] + * val_sub[i][1] := 3 * points[i] + * val_sub[i][2] := 5 * points[i] + * ... + */ for (i = 0; i < num + num_scalar; i++) { if (i < num) { if (!EC_POINT_copy(val_sub[i][0], points[i])) diff --git a/crypto/ec/ecp_smpl.c b/crypto/ec/ecp_smpl.c index 3548e1be28..a0c1540c45 100644 --- a/crypto/ec/ecp_smpl.c +++ b/crypto/ec/ecp_smpl.c @@ -312,11 +312,11 @@ int ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx) goto err; } - /*- - * check the discriminant: - * y^2 = x^3 + a*x + b is an elliptic curve <=> 4*a^3 + 27*b^2 != 0 (mod p) - * 0 =< a, b < p - */ + /*- + * check the discriminant: + * y^2 = x^3 + a*x + b is an elliptic curve <=> 4*a^3 + 27*b^2 != 0 (mod p) + * 0 =< a, b < p + */ if (BN_is_zero(a)) { if (BN_is_zero(b)) goto err; @@ -668,11 +668,11 @@ int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, if (y == NULL) goto err; - /*- - * Recover y. We have a Weierstrass equation - * y^2 = x^3 + a*x + b, - * so y is one of the square roots of x^3 + a*x + b. - */ + /*- + * Recover y. We have a Weierstrass equation + * y^2 = x^3 + a*x + b, + * so y is one of the square roots of x^3 + a*x + b. + */ /* tmp1 := x^3 */ if (!BN_nnmod(x, x_, &group->field, ctx)) @@ -1251,10 +1251,10 @@ int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, goto err; if (!BN_mod_add_quick(n1, n0, n1, p)) goto err; - /*- - * n1 = 3 * (X_a + Z_a^2) * (X_a - Z_a^2) - * = 3 * X_a^2 - 3 * Z_a^4 - */ + /*- + * n1 = 3 * (X_a + Z_a^2) * (X_a - Z_a^2) + * = 3 * X_a^2 - 3 * Z_a^4 + */ } else { if (!field_sqr(group, n0, &a->X, ctx)) goto err; @@ -1375,15 +1375,15 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, if (Z6 == NULL) goto err; - /*- - * We have a curve defined by a Weierstrass equation - * y^2 = x^3 + a*x + b. - * The point to consider is given in Jacobian projective coordinates - * where (X, Y, Z) represents (x, y) = (X/Z^2, Y/Z^3). - * Substituting this and multiplying by Z^6 transforms the above equation into - * Y^2 = X^3 + a*X*Z^4 + b*Z^6. - * To test this, we add up the right-hand side in 'rh'. - */ + /*- + * We have a curve defined by a Weierstrass equation + * y^2 = x^3 + a*x + b. + * The point to consider is given in Jacobian projective coordinates + * where (X, Y, Z) represents (x, y) = (X/Z^2, Y/Z^3). + * Substituting this and multiplying by Z^6 transforms the above equation into + * Y^2 = X^3 + a*X*Z^4 + b*Z^6. + * To test this, we add up the right-hand side in 'rh'. + */ /* rh := X^2 */ if (!field_sqr(group, rh, &point->X, ctx)) @@ -1450,12 +1450,12 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx) { - /*- - * return values: - * -1 error - * 0 equal (in affine coordinates) - * 1 not equal - */ + /*- + * return values: + * -1 error + * 0 equal (in affine coordinates) + * 1 not equal + */ int (*field_mul) (const EC_GROUP *, BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *); @@ -1494,12 +1494,12 @@ int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, if (Zb23 == NULL) goto end; - /*- - * We have to decide whether - * (X_a/Z_a^2, Y_a/Z_a^3) = (X_b/Z_b^2, Y_b/Z_b^3), - * or equivalently, whether - * (X_a*Z_b^2, Y_a*Z_b^3) = (X_b*Z_a^2, Y_b*Z_a^3). - */ + /*- + * We have to decide whether + * (X_a/Z_a^2, Y_a/Z_a^3) = (X_b/Z_b^2, Y_b/Z_b^3), + * or equivalently, whether + * (X_a*Z_b^2, Y_a*Z_b^3) = (X_b*Z_a^2, Y_b*Z_a^3). + */ if (!b->Z_is_one) { if (!field_sqr(group, Zb23, &b->Z, ctx)) diff --git a/crypto/idea/ideatest.c b/crypto/idea/ideatest.c index d137a8f03a..a967dd58a7 100644 --- a/crypto/idea/ideatest.c +++ b/crypto/idea/ideatest.c @@ -102,9 +102,9 @@ static unsigned char cfb_cipher64[CFB_TEST_SIZE] = { 0x59, 0xD8, 0xE2, 0x65, 0x00, 0x58, 0x6C, 0x3F, 0x2C, 0x17, 0x25, 0xD0, 0x1A, 0x38, 0xB7, 0x2A, 0x39, 0x61, 0x37, 0xDC, 0x79, 0xFB, 0x9F, 0x45 -/*- 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38, - 0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9, - 0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/ +/*- 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38, + 0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9, + 0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/ }; static int cfb64_test(unsigned char *cfb_cipher); diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c index ea4fdfbc89..d48fe56264 100644 --- a/crypto/lhash/lhash.c +++ b/crypto/lhash/lhash.c @@ -433,9 +433,9 @@ unsigned long lh_strhash(const char *c) if ((c == NULL) || (*c == '\0')) return (ret); /*- - unsigned char b[16]; - MD5(c,strlen(c),b); - return(b[0]|(b[1]<<8)|(b[2]<<16)|(b[3]<<24)); + unsigned char b[16]; + MD5(c,strlen(c),b); + return(b[0]|(b[1]<<8)|(b[2]<<16)|(b[3]<<24)); */ n = 0x100; diff --git a/crypto/o_time.c b/crypto/o_time.c index 2881289ead..504e313d03 100644 --- a/crypto/o_time.c +++ b/crypto/o_time.c @@ -149,30 +149,30 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result) * do it the hard way. */ { - /*- - * The VMS epoch is the astronomical Smithsonian date, - if I remember correctly, which is November 17, 1858. - Furthermore, time is measure in thenths of microseconds - and stored in quadwords (64 bit integers). unix_epoch - below is January 1st 1970 expressed as a VMS time. The - following code was used to get this number: - - #include - #include - #include - #include - - main() - { - unsigned long systime[2]; - unsigned short epoch_values[7] = - { 1970, 1, 1, 0, 0, 0, 0 }; - - lib$cvt_vectim(epoch_values, systime); - - printf("%u %u", systime[0], systime[1]); - } - */ + /*- + * The VMS epoch is the astronomical Smithsonian date, + if I remember correctly, which is November 17, 1858. + Furthermore, time is measure in thenths of microseconds + and stored in quadwords (64 bit integers). unix_epoch + below is January 1st 1970 expressed as a VMS time. The + following code was used to get this number: + + #include + #include + #include + #include + + main() + { + unsigned long systime[2]; + unsigned short epoch_values[7] = + { 1970, 1, 1, 0, 0, 0, 0 }; + + lib$cvt_vectim(epoch_values, systime); + + printf("%u %u", systime[0], systime[1]); + } + */ unsigned long unix_epoch[2] = { 1273708544, 8164711 }; unsigned long deltatime[2]; unsigned long systime[2]; diff --git a/crypto/pem/pem.h b/crypto/pem/pem.h index 84e0c57d83..36fd838307 100644 --- a/crypto/pem/pem.h +++ b/crypto/pem/pem.h @@ -172,8 +172,8 @@ typedef struct pem_ctx_st { struct { int cipher; /*- - unused, and wrong size - unsigned char iv[8]; */ + unused, and wrong size + unsigned char iv[8]; */ } DEK_info; PEM_USER *originator; @@ -195,9 +195,9 @@ typedef struct pem_ctx_st { EVP_CIPHER *dec; /* date encryption cipher */ int key_len; /* key length */ unsigned char *key; /* key */ - /*- - unused, and wrong size - unsigned char iv[8]; */ + /*- + unused, and wrong size + unsigned char iv[8]; */ int data_enc; /* is the data encrypted */ int data_len; diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c index 24cf7694ba..3feca3d51b 100644 --- a/crypto/rand/randfile.c +++ b/crypto/rand/randfile.c @@ -111,10 +111,10 @@ static FILE *(*const vms_fopen)(const char *, const char *, ...) = int RAND_load_file(const char *file, long bytes) { - /*- - * If bytes >= 0, read up to 'bytes' bytes. - * if bytes == -1, read complete file. - */ + /*- + * If bytes >= 0, read up to 'bytes' bytes. + * if bytes == -1, read complete file. + */ MS_STATIC unsigned char buf[BUFSIZE]; struct stat sb; diff --git a/crypto/rc2/rc2test.c b/crypto/rc2/rc2test.c index 8347356312..e61df342ea 100644 --- a/crypto/rc2/rc2test.c +++ b/crypto/rc2/rc2test.c @@ -134,9 +134,9 @@ static unsigned char cfb_cipher64[CFB_TEST_SIZE] = { 0x59, 0xD8, 0xE2, 0x65, 0x00, 0x58, 0x6C, 0x3F, 0x2C, 0x17, 0x25, 0xD0, 0x1A, 0x38, 0xB7, 0x2A, 0x39, 0x61, 0x37, 0xDC, 0x79, 0xFB, 0x9F, 0x45 -/*- 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38, - 0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9, - 0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/ +/*- 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38, + 0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9, + 0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/ }; /* diff --git a/crypto/rc4/rc4_enc.c b/crypto/rc4/rc4_enc.c index 8dba10dacd..72cc8f6543 100644 --- a/crypto/rc4/rc4_enc.c +++ b/crypto/rc4/rc4_enc.c @@ -80,36 +80,36 @@ void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, d = key->data; #if defined(RC4_CHUNK) - /*- - * The original reason for implementing this(*) was the fact that - * pre-21164a Alpha CPUs don't have byte load/store instructions - * and e.g. a byte store has to be done with 64-bit load, shift, - * and, or and finally 64-bit store. Peaking data and operating - * at natural word size made it possible to reduce amount of - * instructions as well as to perform early read-ahead without - * suffering from RAW (read-after-write) hazard. This resulted - * in ~40%(**) performance improvement on 21064 box with gcc. - * But it's not only Alpha users who win here:-) Thanks to the - * early-n-wide read-ahead this implementation also exhibits - * >40% speed-up on SPARC and 20-30% on 64-bit MIPS (depending - * on sizeof(RC4_INT)). - * - * (*) "this" means code which recognizes the case when input - * and output pointers appear to be aligned at natural CPU - * word boundary - * (**) i.e. according to 'apps/openssl speed rc4' benchmark, - * crypto/rc4/rc4speed.c exhibits almost 70% speed-up... - * - * Cavets. - * - * - RC4_CHUNK="unsigned long long" should be a #1 choice for - * UltraSPARC. Unfortunately gcc generates very slow code - * (2.5-3 times slower than one generated by Sun's WorkShop - * C) and therefore gcc (at least 2.95 and earlier) should - * always be told that RC4_CHUNK="unsigned long". - * - * - */ + /*- + * The original reason for implementing this(*) was the fact that + * pre-21164a Alpha CPUs don't have byte load/store instructions + * and e.g. a byte store has to be done with 64-bit load, shift, + * and, or and finally 64-bit store. Peaking data and operating + * at natural word size made it possible to reduce amount of + * instructions as well as to perform early read-ahead without + * suffering from RAW (read-after-write) hazard. This resulted + * in ~40%(**) performance improvement on 21064 box with gcc. + * But it's not only Alpha users who win here:-) Thanks to the + * early-n-wide read-ahead this implementation also exhibits + * >40% speed-up on SPARC and 20-30% on 64-bit MIPS (depending + * on sizeof(RC4_INT)). + * + * (*) "this" means code which recognizes the case when input + * and output pointers appear to be aligned at natural CPU + * word boundary + * (**) i.e. according to 'apps/openssl speed rc4' benchmark, + * crypto/rc4/rc4speed.c exhibits almost 70% speed-up... + * + * Cavets. + * + * - RC4_CHUNK="unsigned long long" should be a #1 choice for + * UltraSPARC. Unfortunately gcc generates very slow code + * (2.5-3 times slower than one generated by Sun's WorkShop + * C) and therefore gcc (at least 2.95 and earlier) should + * always be told that RC4_CHUNK="unsigned long". + * + * + */ # define RC4_STEP ( \ x=(x+1) &0xff, \ @@ -131,34 +131,34 @@ void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, 1 }; - /*- - * I reckon we can afford to implement both endian - * cases and to decide which way to take at run-time - * because the machine code appears to be very compact - * and redundant 1-2KB is perfectly tolerable (i.e. - * in case the compiler fails to eliminate it:-). By - * suggestion from Terrel Larson - * who also stands for the is_endian union:-) - * - * Special notes. - * - * - is_endian is declared automatic as doing otherwise - * (declaring static) prevents gcc from eliminating - * the redundant code; - * - compilers (those I've tried) don't seem to have - * problems eliminating either the operators guarded - * by "if (sizeof(RC4_CHUNK)==8)" or the condition - * expressions themselves so I've got 'em to replace - * corresponding #ifdefs from the previous version; - * - I chose to let the redundant switch cases when - * sizeof(RC4_CHUNK)!=8 be (were also #ifdefed - * before); - * - in case you wonder "&(sizeof(RC4_CHUNK)*8-1)" in - * [LB]ESHFT guards against "shift is out of range" - * warnings when sizeof(RC4_CHUNK)!=8 - * - * - */ + /*- + * I reckon we can afford to implement both endian + * cases and to decide which way to take at run-time + * because the machine code appears to be very compact + * and redundant 1-2KB is perfectly tolerable (i.e. + * in case the compiler fails to eliminate it:-). By + * suggestion from Terrel Larson + * who also stands for the is_endian union:-) + * + * Special notes. + * + * - is_endian is declared automatic as doing otherwise + * (declaring static) prevents gcc from eliminating + * the redundant code; + * - compilers (those I've tried) don't seem to have + * problems eliminating either the operators guarded + * by "if (sizeof(RC4_CHUNK)==8)" or the condition + * expressions themselves so I've got 'em to replace + * corresponding #ifdefs from the previous version; + * - I chose to let the redundant switch cases when + * sizeof(RC4_CHUNK)!=8 be (were also #ifdefed + * before); + * - in case you wonder "&(sizeof(RC4_CHUNK)*8-1)" in + * [LB]ESHFT guards against "shift is out of range" + * warnings when sizeof(RC4_CHUNK)!=8 + * + * + */ if (!is_endian.little) { /* BIG-ENDIAN CASE */ # define BESHFT(c) (((sizeof(RC4_CHUNK)-(c)-1)*8)&(sizeof(RC4_CHUNK)*8-1)) for (; len & ~(sizeof(RC4_CHUNK) - 1); len -= sizeof(RC4_CHUNK)) { diff --git a/crypto/rsa/rsa_pss.c b/crypto/rsa/rsa_pss.c index 9225211f0e..c405425d97 100644 --- a/crypto/rsa/rsa_pss.c +++ b/crypto/rsa/rsa_pss.c @@ -84,12 +84,12 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, unsigned char H_[EVP_MAX_MD_SIZE]; hLen = M_EVP_MD_size(Hash); - /*- - * Negative sLen has special meanings: - * -1 sLen == hLen - * -2 salt length is autorecovered from signature - * -N reserved - */ + /*- + * Negative sLen has special meanings: + * -1 sLen == hLen + * -2 salt length is autorecovered from signature + * -N reserved + */ if (sLen == -1) sLen = hLen; else if (sLen == -2) @@ -171,12 +171,12 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM, EVP_MD_CTX ctx; hLen = M_EVP_MD_size(Hash); - /*- - * Negative sLen has special meanings: - * -1 sLen == hLen - * -2 salt length is maximized - * -N reserved - */ + /*- + * Negative sLen has special meanings: + * -1 sLen == hLen + * -2 salt length is maximized + * -N reserved + */ if (sLen == -1) sLen = hLen; else if (sLen == -2) diff --git a/crypto/threads/mttest.c b/crypto/threads/mttest.c index 40b5902bc9..5206cda708 100644 --- a/crypto/threads/mttest.c +++ b/crypto/threads/mttest.c @@ -331,8 +331,8 @@ int main(int argc, char *argv[]) fprintf(stderr, "-----\n"); lh_stats(SSL_CTX_sessions(s_ctx), stderr); fprintf(stderr, "-----\n"); - /*- lh_node_stats(SSL_CTX_sessions(s_ctx),stderr); - fprintf(stderr,"-----\n"); */ + /*- lh_node_stats(SSL_CTX_sessions(s_ctx),stderr); + fprintf(stderr,"-----\n"); */ lh_node_usage_stats(SSL_CTX_sessions(s_ctx), stderr); fprintf(stderr, "-----\n"); } @@ -367,11 +367,11 @@ int ndoit(SSL_CTX *ssl_ctx[2]) fprintf(stdout, "started thread %lu\n", CRYPTO_thread_id()); for (i = 0; i < number_of_loops; i++) { -/*- fprintf(stderr,"%4d %2d ctx->ref (%3d,%3d)\n", - CRYPTO_thread_id(),i, - ssl_ctx[0]->references, - ssl_ctx[1]->references); */ - /* pthread_delay_np(&tm); */ +/*- fprintf(stderr,"%4d %2d ctx->ref (%3d,%3d)\n", + CRYPTO_thread_id(),i, + ssl_ctx[0]->references, + ssl_ctx[1]->references); */ +/* pthread_delay_np(&tm); */ ret = doit(ctx); if (ret != 0) { @@ -799,23 +799,23 @@ void solaris_locking_callback(int mode, int type, char *file, int line) (type & CRYPTO_READ) ? "r" : "w", file, line); # endif - /*- - if (CRYPTO_LOCK_SSL_CERT == type) - fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n", - CRYPTO_thread_id(), - mode,file,line); - */ + /*- + if (CRYPTO_LOCK_SSL_CERT == type) + fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n", + CRYPTO_thread_id(), + mode,file,line); + */ if (mode & CRYPTO_LOCK) { /*- - if (mode & CRYPTO_READ) - rw_rdlock(&(lock_cs[type])); - else - rw_wrlock(&(lock_cs[type])); */ + if (mode & CRYPTO_READ) + rw_rdlock(&(lock_cs[type])); + else + rw_wrlock(&(lock_cs[type])); */ mutex_lock(&(lock_cs[type])); lock_count[type]++; } else { -/* rw_unlock(&(lock_cs[type])); */ +/* rw_unlock(&(lock_cs[type])); */ mutex_unlock(&(lock_cs[type])); } } @@ -985,10 +985,10 @@ void pthreads_locking_callback(int mode, int type, char *file, int line) (type & CRYPTO_READ) ? "r" : "w", file, line); # endif /*- - if (CRYPTO_LOCK_SSL_CERT == type) - fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n", - CRYPTO_thread_id(), - mode,file,line); + if (CRYPTO_LOCK_SSL_CERT == type) + fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n", + CRYPTO_thread_id(), + mode,file,line); */ if (mode & CRYPTO_LOCK) { pthread_mutex_lock(&(lock_cs[type])); diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c index 63816f67d4..5a127430ee 100644 --- a/crypto/x509/by_dir.c +++ b/crypto/x509/by_dir.c @@ -356,8 +356,8 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, * If we were going to up the reference count, we would need to * do it on a perl 'type' basis */ - /*- CRYPTO_add(&tmp->data.x509->references,1, - CRYPTO_LOCK_X509);*/ + /*- CRYPTO_add(&tmp->data.x509->references,1, + CRYPTO_LOCK_X509);*/ goto finish; } } diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c index 03cd406f11..684ef5f25c 100644 --- a/crypto/x509/x509_lu.c +++ b/crypto/x509/x509_lu.c @@ -307,8 +307,8 @@ int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name, return 0; } -/*- if (ret->data.ptr != NULL) - X509_OBJECT_free_contents(ret); */ +/*- if (ret->data.ptr != NULL) + X509_OBJECT_free_contents(ret); */ ret->type = tmp->type; ret->data.ptr = tmp->data.ptr; diff --git a/crypto/x509/x509_r2x.c b/crypto/x509/x509_r2x.c index 40b23e512a..0ff439c99f 100644 --- a/crypto/x509/x509_r2x.c +++ b/crypto/x509/x509_r2x.c @@ -84,8 +84,8 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey) goto err; if (!ASN1_INTEGER_set(xi->version, 2)) goto err; -/*- xi->extensions=ri->attributes; <- bad, should not ever be done - ri->attributes=NULL; */ +/*- xi->extensions=ri->attributes; <- bad, should not ever be done + ri->attributes=NULL; */ } xn = X509_REQ_get_subject_name(r); diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 5c637d6795..e11cd5d0ea 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -398,15 +398,15 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) ! !(ctx->param->flags & X509_V_FLAG_ALLOW_PROXY_CERTS); cb = ctx->verify_cb; - /*- - * must_be_ca can have 1 of 3 values: - * -1: we accept both CA and non-CA certificates, to allow direct - * use of self-signed certificates (which are marked as CA). - * 0: we only accept non-CA certificates. This is currently not - * used, but the possibility is present for future extensions. - * 1: we only accept CA certificates. This is currently used for - * all certificates in the chain except the leaf certificate. - */ + /*- + * must_be_ca can have 1 of 3 values: + * -1: we accept both CA and non-CA certificates, to allow direct + * use of self-signed certificates (which are marked as CA). + * 0: we only accept non-CA certificates. This is currently not + * used, but the possibility is present for future extensions. + * 1: we only accept CA certificates. This is currently used for + * all certificates in the chain except the leaf certificate. + */ must_be_ca = -1; /* diff --git a/crypto/x509/x509name.c b/crypto/x509/x509name.c index a72e9fe790..4e7b64f695 100644 --- a/crypto/x509/x509name.c +++ b/crypto/x509/x509name.c @@ -162,16 +162,16 @@ X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc) set_prev = ret->set - 1; set_next = sk_X509_NAME_ENTRY_value(sk, loc)->set; - /*- - * set_prev is the previous set - * set is the current set - * set_next is the following - * prev 1 1 1 1 1 1 1 1 - * set 1 1 2 2 - * next 1 1 2 2 2 2 3 2 - * so basically only if prev and next differ by 2, then - * re-number down by 1 - */ + /*- + * set_prev is the previous set + * set is the current set + * set_next is the following + * prev 1 1 1 1 1 1 1 1 + * set 1 1 2 2 + * next 1 1 2 2 2 2 3 2 + * so basically only if prev and next differ by 2, then + * re-number down by 1 + */ if (set_prev + 1 < set_next) for (i = loc; i < n; i++) sk_X509_NAME_ENTRY_value(sk, i)->set--; diff --git a/demos/engines/zencod/hw_zencod.h b/demos/engines/zencod/hw_zencod.h index e0ca6e64c4..a2510453a5 100644 --- a/demos/engines/zencod/hw_zencod.h +++ b/demos/engines/zencod/hw_zencod.h @@ -106,14 +106,14 @@ extern "C" { /* * Functions for Digest (MD5, SHA1) stuff */ -/* output : output data buffer */ -/* input : input data buffer */ -/* algo : hash algorithm, MD5 or SHA1 */ -/*- - * typedef int t_zencod_hash ( KEY *output, const KEY *input, int algo ) ; - * typedef int t_zencod_sha_hash ( KEY *output, const KEY *input, int algo ) ; - */ -/* For now separate this stuff that mad it easier to test */ + /* output : output data buffer */ + /* input : input data buffer */ + /* algo : hash algorithm, MD5 or SHA1 */ + /*- + * typedef int t_zencod_hash ( KEY *output, const KEY *input, int algo ) ; + * typedef int t_zencod_sha_hash ( KEY *output, const KEY *input, int algo ) ; + */ + /* For now separate this stuff that mad it easier to test */ typedef int t_zencod_md5_init(ZEN_MD_DATA *data); typedef int t_zencod_md5_update(ZEN_MD_DATA *data, const KEY * input); typedef int t_zencod_md5_do_final(ZEN_MD_DATA *data, KEY * output); diff --git a/engines/e_cswift.c b/engines/e_cswift.c index 70c2f226c3..c429802d5f 100644 --- a/engines/e_cswift.c +++ b/engines/e_cswift.c @@ -1037,11 +1037,11 @@ static int cswift_rand_bytes(unsigned char *buf, int num) while (num >= (int)sizeof(buf32)) { largenum.value = buf; largenum.nbytes = sizeof(buf32); - /*- - * tell CryptoSwift how many bytes we want and where we want it. - * Note: - CryptoSwift cannot do more than 4096 bytes at a time. - * - CryptoSwift can only do multiple of 32-bits. - */ + /*- + * tell CryptoSwift how many bytes we want and where we want it. + * Note: - CryptoSwift cannot do more than 4096 bytes at a time. + * - CryptoSwift can only do multiple of 32-bits. + */ swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1); if (swrc != SW_OK) { diff --git a/engines/vendor_defns/hwcryptohook.h b/engines/vendor_defns/hwcryptohook.h index db9480d2ac..9075a210b8 100644 --- a/engines/vendor_defns/hwcryptohook.h +++ b/engines/vendor_defns/hwcryptohook.h @@ -180,32 +180,32 @@ typedef struct { * be power of 2 */ int mslimbfirst; /* 0 or 1 */ int msbytefirst; /* 0 or 1; -1 = native */ - /*- - * All the callback functions should return 0 on success, or a - * nonzero integer (whose value will be visible in the error message - * put in the buffer passed to the call). - * - * If a callback is not available pass a null function pointer. - * - * The callbacks may not call down again into the crypto plugin. - */ - /*- - * For thread-safety. Set everything to 0 if you promise only to be - * singlethreaded. maxsimultaneous is the number of calls to - * ModExp[Crt]/RSAImmed{Priv,Pub}/RSA. If you don't know what to - * put there then say 0 and the hook library will use a default. - * - * maxmutexes is a small limit on the number of simultaneous mutexes - * which will be requested by the library. If there is no small - * limit, set it to 0. If the crypto plugin cannot create the - * advertised number of mutexes the calls to its functions may fail. - * If a low number of mutexes is advertised the plugin will try to - * do the best it can. Making larger numbers of mutexes available - * may improve performance and parallelism by reducing contention - * over critical sections. Unavailability of any mutexes, implying - * single-threaded operation, should be indicated by the setting - * mutex_init et al to 0. - */ + /*- + * All the callback functions should return 0 on success, or a + * nonzero integer (whose value will be visible in the error message + * put in the buffer passed to the call). + * + * If a callback is not available pass a null function pointer. + * + * The callbacks may not call down again into the crypto plugin. + */ + /*- + * For thread-safety. Set everything to 0 if you promise only to be + * singlethreaded. maxsimultaneous is the number of calls to + * ModExp[Crt]/RSAImmed{Priv,Pub}/RSA. If you don't know what to + * put there then say 0 and the hook library will use a default. + * + * maxmutexes is a small limit on the number of simultaneous mutexes + * which will be requested by the library. If there is no small + * limit, set it to 0. If the crypto plugin cannot create the + * advertised number of mutexes the calls to its functions may fail. + * If a low number of mutexes is advertised the plugin will try to + * do the best it can. Making larger numbers of mutexes available + * may improve performance and parallelism by reducing contention + * over critical sections. Unavailability of any mutexes, implying + * single-threaded operation, should be indicated by the setting + * mutex_init et al to 0. + */ int maxmutexes; int maxsimultaneous; size_t mutexsize; @@ -214,12 +214,12 @@ typedef struct { int (*mutex_acquire) (HWCryptoHook_Mutex *); void (*mutex_release) (HWCryptoHook_Mutex *); void (*mutex_destroy) (HWCryptoHook_Mutex *); - /*- - * For greater efficiency, can use condition vars internally for - * synchronisation. In this case maxsimultaneous is ignored, but - * the other mutex stuff must be available. In singlethreaded - * programs, set everything to 0. - */ + /*- + * For greater efficiency, can use condition vars internally for + * synchronisation. In this case maxsimultaneous is ignored, but + * the other mutex stuff must be available. In singlethreaded + * programs, set everything to 0. + */ size_t condvarsize; int (*condvar_init) (HWCryptoHook_CondVar *, HWCryptoHook_CallerContext * cactx); @@ -227,103 +227,103 @@ typedef struct { void (*condvar_signal) (HWCryptoHook_CondVar *); void (*condvar_broadcast) (HWCryptoHook_CondVar *); void (*condvar_destroy) (HWCryptoHook_CondVar *); - /*- - * The semantics of acquiring and releasing mutexes and broadcasting - * and waiting on condition variables are expected to be those from - * POSIX threads (pthreads). The mutexes may be (in pthread-speak) - * fast mutexes, recursive mutexes, or nonrecursive ones. - * - * The _release/_signal/_broadcast and _destroy functions must - * always succeed when given a valid argument; if they are given an - * invalid argument then the program (crypto plugin + application) - * has an internal error, and they should abort the program. - */ + /*- + * The semantics of acquiring and releasing mutexes and broadcasting + * and waiting on condition variables are expected to be those from + * POSIX threads (pthreads). The mutexes may be (in pthread-speak) + * fast mutexes, recursive mutexes, or nonrecursive ones. + * + * The _release/_signal/_broadcast and _destroy functions must + * always succeed when given a valid argument; if they are given an + * invalid argument then the program (crypto plugin + application) + * has an internal error, and they should abort the program. + */ int (*getpassphrase) (const char *prompt_info, int *len_io, char *buf, HWCryptoHook_PassphraseContext * ppctx, HWCryptoHook_CallerContext * cactx); - /*- - * Passphrases and the prompt_info, if they contain high-bit-set - * characters, are UTF-8. The prompt_info may be a null pointer if - * no prompt information is available (it should not be an empty - * string). It will not contain text like `enter passphrase'; - * instead it might say something like `Operator Card for John - * Smith' or `SmartCard in nFast Module #1, Slot #1'. - * - * buf points to a buffer in which to return the passphrase; on - * entry *len_io is the length of the buffer. It should be updated - * by the callback. The returned passphrase should not be - * null-terminated by the callback. - */ + /*- + * Passphrases and the prompt_info, if they contain high-bit-set + * characters, are UTF-8. The prompt_info may be a null pointer if + * no prompt information is available (it should not be an empty + * string). It will not contain text like `enter passphrase'; + * instead it might say something like `Operator Card for John + * Smith' or `SmartCard in nFast Module #1, Slot #1'. + * + * buf points to a buffer in which to return the passphrase; on + * entry *len_io is the length of the buffer. It should be updated + * by the callback. The returned passphrase should not be + * null-terminated by the callback. + */ int (*getphystoken) (const char *prompt_info, const char *wrong_info, HWCryptoHook_PassphraseContext * ppctx, HWCryptoHook_CallerContext * cactx); - /*- - * Requests that the human user physically insert a different - * smartcard, DataKey, etc. The plugin should check whether the - * currently inserted token(s) are appropriate, and if they are it - * should not make this call. - * - * prompt_info is as before. wrong_info is a description of the - * currently inserted token(s) so that the user is told what - * something is. wrong_info, like prompt_info, may be null, but - * should not be an empty string. Its contents should be - * syntactically similar to that of prompt_info. - */ - /*- - * Note that a single LoadKey operation might cause several calls to - * getpassphrase and/or requestphystoken. If requestphystoken is - * not provided (ie, a null pointer is passed) then the plugin may - * not support loading keys for which authorisation by several cards - * is required. If getpassphrase is not provided then cards with - * passphrases may not be supported. - * - * getpassphrase and getphystoken do not need to check that the - * passphrase has been entered correctly or the correct token - * inserted; the crypto plugin will do that. If this is not the - * case then the crypto plugin is responsible for calling these - * routines again as appropriate until the correct token(s) and - * passphrase(s) are supplied as required, or until any retry limits - * implemented by the crypto plugin are reached. - * - * In either case, the application must allow the user to say `no' - * or `cancel' to indicate that they do not know the passphrase or - * have the appropriate token; this should cause the callback to - * return nonzero indicating error. - */ + /*- + * Requests that the human user physically insert a different + * smartcard, DataKey, etc. The plugin should check whether the + * currently inserted token(s) are appropriate, and if they are it + * should not make this call. + * + * prompt_info is as before. wrong_info is a description of the + * currently inserted token(s) so that the user is told what + * something is. wrong_info, like prompt_info, may be null, but + * should not be an empty string. Its contents should be + * syntactically similar to that of prompt_info. + */ + /*- + * Note that a single LoadKey operation might cause several calls to + * getpassphrase and/or requestphystoken. If requestphystoken is + * not provided (ie, a null pointer is passed) then the plugin may + * not support loading keys for which authorisation by several cards + * is required. If getpassphrase is not provided then cards with + * passphrases may not be supported. + * + * getpassphrase and getphystoken do not need to check that the + * passphrase has been entered correctly or the correct token + * inserted; the crypto plugin will do that. If this is not the + * case then the crypto plugin is responsible for calling these + * routines again as appropriate until the correct token(s) and + * passphrase(s) are supplied as required, or until any retry limits + * implemented by the crypto plugin are reached. + * + * In either case, the application must allow the user to say `no' + * or `cancel' to indicate that they do not know the passphrase or + * have the appropriate token; this should cause the callback to + * return nonzero indicating error. + */ void (*logmessage) (void *logstream, const char *message); - /*- - * A log message will be generated at least every time something goes - * wrong and an ErrMsgBuf is filled in (or would be if one was - * provided). Other diagnostic information may be written there too, - * including more detailed reasons for errors which are reported in an - * ErrMsgBuf. - * - * When a log message is generated, this callback is called. It - * should write a message to the relevant logging arrangements. - * - * The message string passed will be null-terminated and may be of arbitrary - * length. It will not be prefixed by the time and date, nor by the - * name of the library that is generating it - if this is required, - * the logmessage callback must do it. The message will not have a - * trailing newline (though it may contain internal newlines). - * - * If a null pointer is passed for logmessage a default function is - * used. The default function treats logstream as a FILE* which has - * been converted to a void*. If logstream is 0 it does nothing. - * Otherwise it prepends the date and time and library name and - * writes the message to logstream. Each line will be prefixed by a - * descriptive string containing the date, time and identity of the - * crypto plugin. Errors on the logstream are not reported - * anywhere, and the default function doesn't flush the stream, so - * the application must set the buffering how it wants it. - * - * The crypto plugin may also provide a facility to have copies of - * log messages sent elsewhere, and or for adjusting the verbosity - * of the log messages; any such facilities will be configured by - * external means. - */ + /*- + * A log message will be generated at least every time something goes + * wrong and an ErrMsgBuf is filled in (or would be if one was + * provided). Other diagnostic information may be written there too, + * including more detailed reasons for errors which are reported in an + * ErrMsgBuf. + * + * When a log message is generated, this callback is called. It + * should write a message to the relevant logging arrangements. + * + * The message string passed will be null-terminated and may be of arbitrary + * length. It will not be prefixed by the time and date, nor by the + * name of the library that is generating it - if this is required, + * the logmessage callback must do it. The message will not have a + * trailing newline (though it may contain internal newlines). + * + * If a null pointer is passed for logmessage a default function is + * used. The default function treats logstream as a FILE* which has + * been converted to a void*. If logstream is 0 it does nothing. + * Otherwise it prepends the date and time and library name and + * writes the message to logstream. Each line will be prefixed by a + * descriptive string containing the date, time and identity of the + * crypto plugin. Errors on the logstream are not reported + * anywhere, and the default function doesn't flush the stream, so + * the application must set the buffering how it wants it. + * + * The crypto plugin may also provide a facility to have copies of + * log messages sent elsewhere, and or for adjusting the verbosity + * of the log messages; any such facilities will be configured by + * external means. + */ } HWCryptoHook_InitInfo; typedef diff --git a/ssl/d1_both.c b/ssl/d1_both.c index 1c475200cb..4642d77294 100644 --- a/ssl/d1_both.c +++ b/ssl/d1_both.c @@ -532,12 +532,12 @@ static int dtls1_preprocess_fragment(SSL *s, struct hm_header_st *msg_hdr, static int dtls1_retrieve_buffered_fragment(SSL *s, long max, int *ok) { - /*- - * (0) check whether the desired fragment is available - * if so: - * (1) copy over the fragment to s->init_buf->data[] - * (2) update s->init_num - */ + /*- + * (0) check whether the desired fragment is available + * if so: + * (1) copy over the fragment to s->init_buf->data[] + * (2) update s->init_num + */ pitem *item; hm_fragment *frag; int al; @@ -1252,10 +1252,10 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off, struct dtls1_retransmit_state saved_state; unsigned char save_write_sequence[8]; - /*- - OPENSSL_assert(s->init_num == 0); - OPENSSL_assert(s->init_off == 0); - */ + /*- + OPENSSL_assert(s->init_num == 0); + OPENSSL_assert(s->init_off == 0); + */ /* XDTLS: the requested message ought to be found, otherwise error */ pq_64bit_init(&seq64); diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c index c8aa6d3a98..335111a4f6 100644 --- a/ssl/d1_clnt.c +++ b/ssl/d1_clnt.c @@ -905,25 +905,25 @@ int dtls1_send_client_key_exchange(SSL *s) goto err; } - /*- - * 20010406 VRS - Earlier versions used KRB5 AP_REQ - ** in place of RFC 2712 KerberosWrapper, as in: - ** - ** Send ticket (copy to *p, set n = length) - ** n = krb5_ap_req.length; - ** memcpy(p, krb5_ap_req.data, krb5_ap_req.length); - ** if (krb5_ap_req.data) - ** kssl_krb5_free_data_contents(NULL,&krb5_ap_req); - ** - ** Now using real RFC 2712 KerberosWrapper - ** (Thanks to Simon Wilkinson ) - ** Note: 2712 "opaque" types are here replaced - ** with a 2-byte length followed by the value. - ** Example: - ** KerberosWrapper= xx xx asn1ticket 0 0 xx xx encpms - ** Where "xx xx" = length bytes. Shown here with - ** optional authenticator omitted. - */ + /*- + * 20010406 VRS - Earlier versions used KRB5 AP_REQ + ** in place of RFC 2712 KerberosWrapper, as in: + ** + ** Send ticket (copy to *p, set n = length) + ** n = krb5_ap_req.length; + ** memcpy(p, krb5_ap_req.data, krb5_ap_req.length); + ** if (krb5_ap_req.data) + ** kssl_krb5_free_data_contents(NULL,&krb5_ap_req); + ** + ** Now using real RFC 2712 KerberosWrapper + ** (Thanks to Simon Wilkinson ) + ** Note: 2712 "opaque" types are here replaced + ** with a 2-byte length followed by the value. + ** Example: + ** KerberosWrapper= xx xx asn1ticket 0 0 xx xx encpms + ** Where "xx xx" = length bytes. Shown here with + ** optional authenticator omitted. + */ /* KerberosWrapper.Ticket */ s2n(enc_ticket->length, p); @@ -949,13 +949,13 @@ int dtls1_send_client_key_exchange(SSL *s) if (RAND_bytes(tmp_buf, sizeof tmp_buf) <= 0) goto err; - /*- - * 20010420 VRS. Tried it this way; failed. - * EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL); - * EVP_CIPHER_CTX_set_key_length(&ciph_ctx, - * kssl_ctx->length); - * EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv); - */ + /*- + * 20010420 VRS. Tried it this way; failed. + * EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL); + * EVP_CIPHER_CTX_set_key_length(&ciph_ctx, + * kssl_ctx->length); + * EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv); + */ memset(iv, 0, sizeof iv); /* per RFC 1510 */ EVP_EncryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv); @@ -1059,12 +1059,12 @@ int dtls1_send_client_key_exchange(SSL *s) d = dtls1_set_message_header(s, d, SSL3_MT_CLIENT_KEY_EXCHANGE, n, 0, n); - /*- - *(d++)=SSL3_MT_CLIENT_KEY_EXCHANGE; - l2n3(n,d); - l2n(s->d1->handshake_write_seq,d); - s->d1->handshake_write_seq++; - */ + /*- + *(d++)=SSL3_MT_CLIENT_KEY_EXCHANGE; + l2n3(n,d); + l2n(s->d1->handshake_write_seq,d); + s->d1->handshake_write_seq++; + */ s->state = SSL3_ST_CW_KEY_EXCH_B; /* number of bytes to write */ diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c index 24d12b5f63..b5c3653d8b 100644 --- a/ssl/d1_pkt.c +++ b/ssl/d1_pkt.c @@ -360,12 +360,12 @@ static int dtls1_process_record(SSL *s) rr->data = rr->input; enc_err = s->method->ssl3_enc->enc(s, 0); - /*- - * enc_err is: - * 0: (in non-constant time) if the record is publically invalid. - * 1: if the padding is valid - * -1: if the padding is invalid - */ + /*- + * enc_err is: + * 0: (in non-constant time) if the record is publically invalid. + * 1: if the padding is valid + * -1: if the padding is invalid + */ if (enc_err == 0) { /* For DTLS we simply ignore bad packets. */ rr->length = 0; @@ -467,14 +467,14 @@ static int dtls1_process_record(SSL *s) } rr->off = 0; - /*- - * So at this point the following is true - * ssl->s3->rrec.type is the type of record - * ssl->s3->rrec.length == number of bytes in record - * ssl->s3->rrec.off == offset to first valid byte - * ssl->s3->rrec.data == where to take bytes from, increment - * after use :-). - */ + /*- + * So at this point the following is true + * ssl->s3->rrec.type is the type of record + * ssl->s3->rrec.length == number of bytes in record + * ssl->s3->rrec.off == offset to first valid byte + * ssl->s3->rrec.data == where to take bytes from, increment + * after use :-). + */ /* we have pulled in a full packet so zero things */ s->packet_length = 0; @@ -726,12 +726,12 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) start: s->rwstate = SSL_NOTHING; - /*- - * s->s3->rrec.type - is the type of record - * s->s3->rrec.data, - data - * s->s3->rrec.off, - offset into 'data' for next read - * s->s3->rrec.length, - number of bytes. - */ + /*- + * s->s3->rrec.type - is the type of record + * s->s3->rrec.data, - data + * s->s3->rrec.off, - offset into 'data' for next read + * s->s3->rrec.length, - number of bytes. + */ rr = &(s->s3->rrec); /* @@ -902,11 +902,11 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) } } - /*- - * s->d1->handshake_fragment_len == 12 iff rr->type == SSL3_RT_HANDSHAKE; - * s->d1->alert_fragment_len == 7 iff rr->type == SSL3_RT_ALERT. - * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) - */ + /*- + * s->d1->handshake_fragment_len == 12 iff rr->type == SSL3_RT_HANDSHAKE; + * s->d1->alert_fragment_len == 7 iff rr->type == SSL3_RT_ALERT. + * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) + */ /* If we are a client, check for an incoming 'Hello Request': */ if ((!s->server) && diff --git a/ssl/kssl.c b/ssl/kssl.c index 4637de2aff..cbb0ad9127 100644 --- a/ssl/kssl.c +++ b/ssl/kssl.c @@ -1386,20 +1386,20 @@ krb5_error_code kssl_sget_tkt( /* UPDATE */ KSSL_CTX *kssl_ctx, } } - /*- Actual Kerberos5 krb5_recvauth() has initial conversation here - * o check KRB5_SENDAUTH_BADAUTHVERS - * unless KRB5_RECVAUTH_SKIP_VERSION - * o check KRB5_SENDAUTH_BADAPPLVERS - * o send "0" msg if all OK - */ + /*- Actual Kerberos5 krb5_recvauth() has initial conversation here + * o check KRB5_SENDAUTH_BADAUTHVERS + * unless KRB5_RECVAUTH_SKIP_VERSION + * o check KRB5_SENDAUTH_BADAPPLVERS + * o send "0" msg if all OK + */ - /*- - * 20010411 was using AP_REQ instead of true KerberosWrapper - * - * if ((krb5rc = krb5_rd_req(krb5context, &krb5auth_context, - * &krb5in_data, krb5server, krb5keytab, - * &ap_option, &krb5ticket)) != 0) { Error } - */ + /*- + * 20010411 was using AP_REQ instead of true KerberosWrapper + * + * if ((krb5rc = krb5_rd_req(krb5context, &krb5auth_context, + * &krb5in_data, krb5server, krb5keytab, + * &ap_option, &krb5ticket)) != 0) { Error } + */ p = (unsigned char *)indata->data; if ((asn1ticket = (KRB5_TKTBODY *)d2i_KRB5_TICKET(NULL, &p, diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c index 44ef155577..d72826e8cf 100644 --- a/ssl/s23_srvr.c +++ b/ssl/s23_srvr.c @@ -391,19 +391,19 @@ int ssl23_get_client_hello(SSL *s) v[0] = p[3]; /* == SSL3_VERSION_MAJOR */ v[1] = p[4]; - /*- - * An SSLv3/TLSv1 backwards-compatible CLIENT-HELLO in an SSLv2 - * header is sent directly on the wire, not wrapped as a TLS - * record. It's format is: - * Byte Content - * 0-1 msg_length - * 2 msg_type - * 3-4 version - * 5-6 cipher_spec_length - * 7-8 session_id_length - * 9-10 challenge_length - * ... ... - */ + /*- + * An SSLv3/TLSv1 backwards-compatible CLIENT-HELLO in an SSLv2 + * header is sent directly on the wire, not wrapped as a TLS + * record. It's format is: + * Byte Content + * 0-1 msg_length + * 2 msg_type + * 3-4 version + * 5-6 cipher_spec_length + * 7-8 session_id_length + * 9-10 challenge_length + * ... ... + */ n = ((p[0] & 0x7f) << 8) | p[1]; if (n > (1024 * 4)) { SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_RECORD_TOO_LARGE); diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c index 5faac4ffce..5fbc0ef441 100644 --- a/ssl/s2_pkt.c +++ b/ssl/s2_pkt.c @@ -525,19 +525,19 @@ static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len) s->s2->three_byte_header = 0; p = 0; } else if ((bs <= 1) && (!s->s2->escape)) { - /*- - * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus - * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER - */ + /*- + * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus + * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + */ s->s2->three_byte_header = 0; p = 0; } else { /* we may have to use a 3 byte header */ - /*- - * If s->s2->escape is not set, then - * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, and thus - * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER. - */ + /*- + * If s->s2->escape is not set, then + * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, and thus + * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER. + */ p = (j % bs); p = (p == 0) ? 0 : (bs - p); if (s->s2->escape) { @@ -549,12 +549,12 @@ static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len) } } - /*- - * Now - * j <= SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER - * holds, and if s->s2->three_byte_header is set, then even - * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER. - */ + /*- + * Now + * j <= SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + * holds, and if s->s2->three_byte_header is set, then even + * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER. + */ /* * mac_size is the number of MAC bytes len is the number of data bytes we diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index fe6149a3d0..118856fe6a 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -1998,25 +1998,25 @@ int ssl3_send_client_key_exchange(SSL *s) goto err; } - /*- - * 20010406 VRS - Earlier versions used KRB5 AP_REQ - * in place of RFC 2712 KerberosWrapper, as in: - * - * Send ticket (copy to *p, set n = length) - * n = krb5_ap_req.length; - * memcpy(p, krb5_ap_req.data, krb5_ap_req.length); - * if (krb5_ap_req.data) - * kssl_krb5_free_data_contents(NULL,&krb5_ap_req); - * - * Now using real RFC 2712 KerberosWrapper - * (Thanks to Simon Wilkinson ) - * Note: 2712 "opaque" types are here replaced - * with a 2-byte length followed by the value. - * Example: - * KerberosWrapper= xx xx asn1ticket 0 0 xx xx encpms - * Where "xx xx" = length bytes. Shown here with - * optional authenticator omitted. - */ + /*- + * 20010406 VRS - Earlier versions used KRB5 AP_REQ + * in place of RFC 2712 KerberosWrapper, as in: + * + * Send ticket (copy to *p, set n = length) + * n = krb5_ap_req.length; + * memcpy(p, krb5_ap_req.data, krb5_ap_req.length); + * if (krb5_ap_req.data) + * kssl_krb5_free_data_contents(NULL,&krb5_ap_req); + * + * Now using real RFC 2712 KerberosWrapper + * (Thanks to Simon Wilkinson ) + * Note: 2712 "opaque" types are here replaced + * with a 2-byte length followed by the value. + * Example: + * KerberosWrapper= xx xx asn1ticket 0 0 xx xx encpms + * Where "xx xx" = length bytes. Shown here with + * optional authenticator omitted. + */ /* KerberosWrapper.Ticket */ s2n(enc_ticket->length, p); @@ -2044,13 +2044,13 @@ int ssl3_send_client_key_exchange(SSL *s) if (RAND_bytes(&(tmp_buf[2]), sizeof tmp_buf - 2) <= 0) goto err; - /*- - * 20010420 VRS. Tried it this way; failed. - * EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL); - * EVP_CIPHER_CTX_set_key_length(&ciph_ctx, - * kssl_ctx->length); - * EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv); - */ + /*- + * 20010420 VRS. Tried it this way; failed. + * EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL); + * EVP_CIPHER_CTX_set_key_length(&ciph_ctx, + * kssl_ctx->length); + * EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv); + */ memset(iv, 0, sizeof iv); /* per RFC 1510 */ EVP_EncryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv); @@ -2166,26 +2166,26 @@ int ssl3_send_client_key_exchange(SSL *s) * ecdh_clnt_cert to 1. */ if ((l & SSL_kECDH) && (s->cert != NULL)) { - /*- - * XXX: For now, we do not support client - * authentication using ECDH certificates. - * To add such support, one needs to add - * code that checks for appropriate - * conditions and sets ecdh_clnt_cert to 1. - * For example, the cert have an ECC - * key on the same curve as the server's - * and the key should be authorized for - * key agreement. - * - * One also needs to add code in ssl3_connect - * to skip sending the certificate verify - * message. - * - * if ((s->cert->key->privatekey != NULL) && - * (s->cert->key->privatekey->type == - * EVP_PKEY_EC) && ...) - * ecdh_clnt_cert = 1; - */ + /*- + * XXX: For now, we do not support client + * authentication using ECDH certificates. + * To add such support, one needs to add + * code that checks for appropriate + * conditions and sets ecdh_clnt_cert to 1. + * For example, the cert have an ECC + * key on the same curve as the server's + * and the key should be authorized for + * key agreement. + * + * One also needs to add code in ssl3_connect + * to skip sending the certificate verify + * message. + * + * if ((s->cert->key->privatekey != NULL) && + * (s->cert->key->privatekey->type == + * EVP_PKEY_EC) && ...) + * ecdh_clnt_cert = 1; + */ } if (s->session->sess_cert->peer_ecdh_tmp != NULL) { diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 66f2bc268a..f330577550 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -608,13 +608,14 @@ int ssl3_mac(SSL *ssl, unsigned char *md, int send) * are hashing because that gives an attacker a timing-oracle. */ - /*- - * npad is, at most, 48 bytes and that's with MD5: - * 16 + 48 + 8 (sequence bytes) + 1 + 2 = 75. - * - * With SHA-1 (the largest hash speced for SSLv3) the hash size - * goes up 4, but npad goes down by 8, resulting in a smaller - * total size. */ + /*- + * npad is, at most, 48 bytes and that's with MD5: + * 16 + 48 + 8 (sequence bytes) + 1 + 2 = 75. + * + * With SHA-1 (the largest hash speced for SSLv3) the hash size + * goes up 4, but npad goes down by 8, resulting in a smaller + * total size. + */ unsigned char header[75]; unsigned j = 0; memcpy(header + j, mac_sec, md_size); diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index 61a863ae00..ca0ef70648 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -367,12 +367,12 @@ static int ssl3_get_record(SSL *s) rr->data = rr->input; enc_err = s->method->ssl3_enc->enc(s, 0); - /*- - * enc_err is: - * 0: (in non-constant time) if the record is publically invalid. - * 1: if the padding is valid - * -1: if the padding is invalid - */ + /*- + * enc_err is: + * 0: (in non-constant time) if the record is publically invalid. + * 1: if the padding is valid + * -1: if the padding is invalid + */ if (enc_err == 0) { al = SSL_AD_DECRYPTION_FAILED; SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); @@ -479,14 +479,14 @@ static int ssl3_get_record(SSL *s) } rr->off = 0; - /*- - * So at this point the following is true - * ssl->s3->rrec.type is the type of record - * ssl->s3->rrec.length == number of bytes in record - * ssl->s3->rrec.off == offset to first valid byte - * ssl->s3->rrec.data == where to take bytes from, increment - * after use :-). - */ + /*- + * So at this point the following is true + * ssl->s3->rrec.type is the type of record + * ssl->s3->rrec.length == number of bytes in record + * ssl->s3->rrec.off == offset to first valid byte + * ssl->s3->rrec.data == where to take bytes from, increment + * after use :-). + */ /* we have pulled in a full packet so zero things */ s->packet_length = 0; @@ -907,12 +907,12 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) start: s->rwstate = SSL_NOTHING; - /*- - * s->s3->rrec.type - is the type of record - * s->s3->rrec.data, - data - * s->s3->rrec.off, - offset into 'data' for next read - * s->s3->rrec.length, - number of bytes. - */ + /*- + * s->s3->rrec.type - is the type of record + * s->s3->rrec.data, - data + * s->s3->rrec.off, - offset into 'data' for next read + * s->s3->rrec.length, - number of bytes. + */ rr = &(s->s3->rrec); /* get new packet if necessary */ @@ -1015,11 +1015,11 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) } } - /*- - * s->s3->handshake_fragment_len == 4 iff rr->type == SSL3_RT_HANDSHAKE; - * s->s3->alert_fragment_len == 2 iff rr->type == SSL3_RT_ALERT. - * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) - */ + /*- + * s->s3->handshake_fragment_len == 4 iff rr->type == SSL3_RT_HANDSHAKE; + * s->s3->alert_fragment_len == 2 iff rr->type == SSL3_RT_ALERT. + * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) + */ /* If we are a client, check for an incoming 'Hello Request': */ if ((!s->server) && diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index ae29dacabe..a1eb02e5e2 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -1104,17 +1104,17 @@ int ssl3_get_client_hello(SSL *s) s->s3->tmp.new_cipher = s->session->cipher; } - /*- - * we now have the following setup. - * client_random - * cipher_list - our prefered list of ciphers - * ciphers - the clients prefered list of ciphers - * compression - basically ignored right now - * ssl version is set - sslv3 - * s->session - The ssl session has been setup. - * s->hit - session reuse flag - * s->tmp.new_cipher - the new cipher to use. - */ + /*- + * we now have the following setup. + * client_random + * cipher_list - our prefered list of ciphers + * ciphers - the clients prefered list of ciphers + * compression - basically ignored right now + * ssl version is set - sslv3 + * s->session - The ssl session has been setup. + * s->hit - session reuse flag + * s->tmp.new_cipher - the new cipher to use. + */ #ifndef OPENSSL_NO_TLSEXT /* Handles TLS extensions that we couldn't check earlier */ @@ -2125,11 +2125,11 @@ int ssl3_get_client_key_exchange(SSL *s) } } - /*- Was doing kssl_ctx_free() here, - * but it caused problems for apache. - * kssl_ctx = kssl_ctx_free(kssl_ctx); - * if (s->kssl_ctx) s->kssl_ctx = NULL; - */ + /*- Was doing kssl_ctx_free() here, + * but it caused problems for apache. + * kssl_ctx = kssl_ctx_free(kssl_ctx); + * if (s->kssl_ctx) s->kssl_ctx = NULL; + */ } else #endif /* OPENSSL_NO_KRB5 */ @@ -2679,14 +2679,14 @@ int ssl3_send_newsession_ticket(SSL *s) */ if (slen > 0xFF00) return -1; - /*- - * Grow buffer if need be: the length calculation is as - * follows 1 (size of message name) + 3 (message length - * bytes) + 4 (ticket lifetime hint) + 2 (ticket length) + - * 16 (key name) + max_iv_len (iv length) + - * session_length + max_enc_block_size (max encrypted session - * length) + max_md_size (HMAC). - */ + /*- + * Grow buffer if need be: the length calculation is as + * follows 1 (size of message name) + 3 (message length + * bytes) + 4 (ticket lifetime hint) + 2 (ticket length) + + * 16 (key name) + max_iv_len (iv length) + + * session_length + max_enc_block_size (max encrypted session + * length) + max_md_size (HMAC). + */ if (!BUF_MEM_grow(s->init_buf, 26 + EVP_MAX_IV_LENGTH + EVP_MAX_BLOCK_LENGTH + EVP_MAX_MD_SIZE + slen)) @@ -2767,12 +2767,12 @@ int ssl3_send_cert_status(SSL *s) { if (s->state == SSL3_ST_SW_CERT_STATUS_A) { unsigned char *p; - /*- - * Grow buffer if need be: the length calculation is as - * follows 1 (message type) + 3 (message length) + - * 1 (ocsp response type) + 3 (ocsp response length) - * + (ocsp response) - */ + /*- + * Grow buffer if need be: the length calculation is as + * follows 1 (message type) + 3 (message length) + + * 1 (ocsp response type) + 3 (ocsp response length) + * + (ocsp response) + */ if (!BUF_MEM_grow(s->init_buf, 8 + s->tlsext_ocsp_resplen)) return -1; diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index f1fd7e8694..33a472e72a 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -888,12 +888,12 @@ static int ssl_cipher_process_rulestr(const char *rule_str, if (!found) break; /* ignore this entry */ - /*- - * New algorithms: - * 1 - any old restrictions apply outside new mask - * 2 - any new restrictions apply outside old mask - * 3 - enforce old & new where masks intersect - */ + /*- + * New algorithms: + * 1 - any old restrictions apply outside new mask + * 2 - any new restrictions apply outside old mask + * 3 - enforce old & new where masks intersect + */ algorithms = (algorithms & ~ca_list[j]->mask) | /* 1 */ (ca_list[j]->algorithms & ~mask) | /* 2 */ (algorithms & ca_list[j]->algorithms); /* 3 */ @@ -1345,14 +1345,14 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) if (cm == NULL || cm->type == NID_undef) return 1; - /*- - * According to draft-ietf-tls-compression-04.txt, the - * compression number ranges should be the following: - * - * 0 to 63: methods defined by the IETF - * 64 to 192: external party methods assigned by IANA - * 193 to 255: reserved for private use - */ + /*- + * According to draft-ietf-tls-compression-04.txt, the + * compression number ranges should be the following: + * + * 0 to 63: methods defined by the IETF + * 64 to 192: external party methods assigned by IANA + * 193 to 255: reserved for private use + */ if (id < 193 || id > 255) { SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE); diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 12dd85b5ac..bdbea75a0b 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1521,12 +1521,12 @@ SSL_CTX *SSL_CTX_new(SSL_METHOD *meth) ret->references = 1; ret->quiet_shutdown = 0; -/* ret->cipher=NULL;*/ +/* ret->cipher=NULL;*/ /*- - ret->s2->challenge=NULL; - ret->master_key=NULL; - ret->key_arg=NULL; - ret->s2->conn_id=NULL; */ + ret->s2->challenge=NULL; + ret->master_key=NULL; + ret->key_arg=NULL; + ret->s2->conn_id=NULL; */ ret->info_callback = NULL; diff --git a/ssl/ssl_task.c b/ssl/ssl_task.c index 521885fc50..fb770753e2 100644 --- a/ssl/ssl_task.c +++ b/ssl/ssl_task.c @@ -292,8 +292,8 @@ int doit(io_channel chan, SSL_CTX *s_ctx) if ((s_to_c == NULL) || (c_to_s == NULL)) goto err; /*- original, DRM 24-SEP-1997 - BIO_set_fd ( c_to_s, "", chan ); - BIO_set_fd ( s_to_c, "", chan ); + BIO_set_fd ( c_to_s, "", chan ); + BIO_set_fd ( s_to_c, "", chan ); */ BIO_set_fd(c_to_s, 0, chan); BIO_set_fd(s_to_c, 0, chan); diff --git a/ssl/ssltest.c b/ssl/ssltest.c index 460590bf7e..987e3cc4b6 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -927,40 +927,40 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE); do { - /*- - * c_ssl_bio: SSL filter BIO - * - * client: pseudo-I/O for SSL library - * - * client_io: client's SSL communication; usually to be - * relayed over some I/O facility, but in this - * test program, we're the server, too: - * - * server_io: server's SSL communication - * - * server: pseudo-I/O for SSL library - * - * s_ssl_bio: SSL filter BIO - * - * The client and the server each employ a "BIO pair": - * client + client_io, server + server_io. - * BIO pairs are symmetric. A BIO pair behaves similar - * to a non-blocking socketpair (but both endpoints must - * be handled by the same thread). - * [Here we could connect client and server to the ends - * of a single BIO pair, but then this code would be less - * suitable as an example for BIO pairs in general.] - * - * Useful functions for querying the state of BIO pair endpoints: - * - * BIO_ctrl_pending(bio) number of bytes we can read now - * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil - * other side's read attempt - * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now - * - * ..._read_request is never more than ..._write_guarantee; - * it depends on the application which one you should use. - */ + /*- + * c_ssl_bio: SSL filter BIO + * + * client: pseudo-I/O for SSL library + * + * client_io: client's SSL communication; usually to be + * relayed over some I/O facility, but in this + * test program, we're the server, too: + * + * server_io: server's SSL communication + * + * server: pseudo-I/O for SSL library + * + * s_ssl_bio: SSL filter BIO + * + * The client and the server each employ a "BIO pair": + * client + client_io, server + server_io. + * BIO pairs are symmetric. A BIO pair behaves similar + * to a non-blocking socketpair (but both endpoints must + * be handled by the same thread). + * [Here we could connect client and server to the ends + * of a single BIO pair, but then this code would be less + * suitable as an example for BIO pairs in general.] + * + * Useful functions for querying the state of BIO pair endpoints: + * + * BIO_ctrl_pending(bio) number of bytes we can read now + * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil + * other side's read attempt + * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now + * + * ..._read_request is never more than ..._write_guarantee; + * it depends on the application which one you should use. + */ /* * We have non-blocking behaviour throughout this test program, but @@ -1326,10 +1326,10 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count) printf("server waiting in SSL_accept - %s\n", SSL_state_string_long(s_ssl)); /*- - else if (s_write) - printf("server:SSL_write()\n"); - else - printf("server:SSL_read()\n"); */ + else if (s_write) + printf("server:SSL_write()\n"); + else + printf("server:SSL_read()\n"); */ } if (do_client && debug) { @@ -1337,10 +1337,10 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count) printf("client waiting in SSL_connect - %s\n", SSL_state_string_long(c_ssl)); /*- - else if (c_write) - printf("client:SSL_write()\n"); - else - printf("client:SSL_read()\n"); */ + else if (c_write) + printf("client:SSL_write()\n"); + else + printf("client:SSL_read()\n"); */ } if (!do_client && !do_server) { diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 758174530f..dd02c933c3 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -150,14 +150,14 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned long size_str; long lenmax; - /*- - * check for enough space. - * 4 for the servername type and entension length - * 2 for servernamelist length - * 1 for the hostname type - * 2 for hostname length - * + hostname length - */ + /*- + * check for enough space. + * 4 for the servername type and entension length + * 2 for servernamelist length + * 1 for the hostname type + * 2 for hostname length + * + hostname length + */ if ((lenmax = limit - ret - 9) < 0 || (size_str = diff --git a/test/methtest.c b/test/methtest.c index eb8cb30454..de66c1063b 100644 --- a/test/methtest.c +++ b/test/methtest.c @@ -86,13 +86,13 @@ char *argv[]; METH_arg(tmp2, METH_TYPE_DIR, "/usr/local/ssl/certs"); METH_push(top, METH_X509_CA_BY_SUBJECT, tmp2); -/*- tmp=METH_new(x509_by_issuer_dir); - METH_arg(tmp,METH_TYPE_DIR,"/home/eay/.mycerts"); - METH_push(top,METH_X509_BY_ISSUER,tmp); +/*- tmp=METH_new(x509_by_issuer_dir); + METH_arg(tmp,METH_TYPE_DIR,"/home/eay/.mycerts"); + METH_push(top,METH_X509_BY_ISSUER,tmp); - tmp=METH_new(x509_by_issuer_primary); - METH_arg(tmp,METH_TYPE_FILE,"/home/eay/.mycerts/primary.pem"); - METH_push(top,METH_X509_BY_ISSUER,tmp); + tmp=METH_new(x509_by_issuer_primary); + METH_arg(tmp,METH_TYPE_FILE,"/home/eay/.mycerts/primary.pem"); + METH_push(top,METH_X509_BY_ISSUER,tmp); */ METH_init(top); -- 2.25.1