From 05520e8eae3d8c6039e8bcde58741cf4ffb18f1d Mon Sep 17 00:00:00 2001 From: Thomas Pornin Date: Sun, 27 May 2018 23:37:15 +0200 Subject: [PATCH] Fixed some typographic errors in comments. --- README.txt | 2 +- inc/bearssl_aead.h | 2 +- inc/bearssl_hash.h | 2 +- inc/bearssl_hmac.h | 2 +- inc/bearssl_prf.h | 2 +- inc/bearssl_rand.h | 2 +- inc/bearssl_ssl.h | 12 ++++++------ inc/bearssl_x509.h | 2 +- samples/custom_profile.c | 6 +++--- src/ec/ec_prime_i15.c | 2 +- src/ec/ec_prime_i31.c | 2 +- src/inner.h | 2 +- src/int/i15_decmod.c | 2 +- src/int/i31_decmod.c | 2 +- src/rand/sysrng.c | 2 +- src/rsa/rsa_pkcs1_sig_unpad.c | 2 +- src/ssl/ssl_hs_client.c | 2 +- src/ssl/ssl_hs_client.t0 | 4 ++-- src/ssl/ssl_hs_common.t0 | 2 +- src/ssl/ssl_hs_server.c | 2 +- src/ssl/ssl_hs_server.t0 | 4 ++-- src/x509/asn1.t0 | 2 +- 22 files changed, 31 insertions(+), 31 deletions(-) diff --git a/README.txt b/README.txt index a440e29..0e318aa 100644 --- a/README.txt +++ b/README.txt @@ -112,7 +112,7 @@ Dependencies are simple and systematic: I follow this simple version numbering scheme: - - Version numbers are `x.y` or `x.y.z` where `x`, `y` ans `z` are + - Version numbers are `x.y` or `x.y.z` where `x`, `y` and `z` are decimal integers (possibly greater than 10). When the `.z` part is missing, it is equivalent to `.0`. diff --git a/inc/bearssl_aead.h b/inc/bearssl_aead.h index c495dc2..8e35a1f 100644 --- a/inc/bearssl_aead.h +++ b/inc/bearssl_aead.h @@ -877,7 +877,7 @@ extern const br_aead_class br_eax_vtable; * can still be provided by chunks, but the total size must match * the value provided upon initialisation. * - * - The nonce length is constrained betwen 7 and 13 bytes (inclusive). + * - The nonce length is constrained between 7 and 13 bytes (inclusive). * Furthermore, the plaintext length, when encoded, must fit over * 15-nonceLen bytes; thus, if the nonce has length 13 bytes, then * the plaintext length cannot exceed 65535 bytes. diff --git a/inc/bearssl_hash.h b/inc/bearssl_hash.h index 860ab71..3b15ba7 100644 --- a/inc/bearssl_hash.h +++ b/inc/bearssl_hash.h @@ -93,7 +93,7 @@ extern "C" { * - `br_xxx_out(const br_xxx_context *ctx, void *out)` * * Complete the hash computation and write the result in the provided - * buffer. The output buffer MUST be large enough to accomodate the + * buffer. The output buffer MUST be large enough to accommodate the * result. The context is NOT modified by this operation, so this * function can be used to get a "partial hash" while still keeping * the possibility of adding more bytes to the input. diff --git a/inc/bearssl_hmac.h b/inc/bearssl_hmac.h index 511dbbe..14147d8 100644 --- a/inc/bearssl_hmac.h +++ b/inc/bearssl_hmac.h @@ -155,7 +155,7 @@ void br_hmac_update(br_hmac_context *ctx, const void *data, size_t len); /** * \brief Compute the HMAC output. * - * The destination buffer MUST be large enough to accomodate the result; + * The destination buffer MUST be large enough to accommodate the result; * its length is at most the "natural length" of HMAC (i.e. the output * length of the underlying hash function). The context is NOT modified; * further bytes may be processed. Thus, "partial HMAC" values can be diff --git a/inc/bearssl_prf.h b/inc/bearssl_prf.h index 9d54ad8..fdf608c 100644 --- a/inc/bearssl_prf.h +++ b/inc/bearssl_prf.h @@ -37,7 +37,7 @@ extern "C" { * # The TLS PRF * * The "PRF" is the pseudorandom function used internally during the - * SSL/TLS handshake, notably to expand negociated shared secrets into + * SSL/TLS handshake, notably to expand negotiated shared secrets into * the symmetric encryption keys that will be used to process the * application data. * diff --git a/inc/bearssl_rand.h b/inc/bearssl_rand.h index 37379d2..060cb40 100644 --- a/inc/bearssl_rand.h +++ b/inc/bearssl_rand.h @@ -279,7 +279,7 @@ typedef int (*br_prng_seeder)(const br_prng_class **ctx); * is returned. * * If `name` is not `NULL`, then `*name` is set to a symbolic string - * that identifies the seeder implemention. If no seeder is returned + * that identifies the seeder implementation. If no seeder is returned * and `name` is not `NULL`, then `*name` is set to a pointer to the * constant string `"none"`. * diff --git a/inc/bearssl_ssl.h b/inc/bearssl_ssl.h index 6640bc6..2a4fada 100644 --- a/inc/bearssl_ssl.h +++ b/inc/bearssl_ssl.h @@ -1278,7 +1278,7 @@ br_ssl_engine_get_hash(br_ssl_engine_context *ctx, int id) /** * \brief Set the PRF implementation (for TLS 1.0 and 1.1). * - * This function sets (or removes, if `impl` is `NULL`) the implemenation + * This function sets (or removes, if `impl` is `NULL`) the implementation * for the PRF used in TLS 1.0 and 1.1. * * \param cc SSL engine context. @@ -1293,7 +1293,7 @@ br_ssl_engine_set_prf10(br_ssl_engine_context *cc, br_tls_prf_impl impl) /** * \brief Set the PRF implementation with SHA-256 (for TLS 1.2). * - * This function sets (or removes, if `impl` is `NULL`) the implemenation + * This function sets (or removes, if `impl` is `NULL`) the implementation * for the SHA-256 variant of the PRF used in TLS 1.2. * * \param cc SSL engine context. @@ -1308,7 +1308,7 @@ br_ssl_engine_set_prf_sha256(br_ssl_engine_context *cc, br_tls_prf_impl impl) /** * \brief Set the PRF implementation with SHA-384 (for TLS 1.2). * - * This function sets (or removes, if `impl` is `NULL`) the implemenation + * This function sets (or removes, if `impl` is `NULL`) the implementation * for the SHA-384 variant of the PRF used in TLS 1.2. * * \param cc SSL engine context. @@ -1916,7 +1916,7 @@ br_ssl_engine_last_error(const br_ssl_engine_context *cc) * Informs the engine that 'len' bytes have been read from the buffer * (extract operation) or written to the buffer (inject operation). * The 'len' value MUST NOT be zero. The 'len' value MUST NOT exceed - * that which was obtained from a preceeding br_ssl_engine_xxx_buf() + * that which was obtained from a preceding br_ssl_engine_xxx_buf() * call. */ @@ -2517,7 +2517,7 @@ struct br_ssl_client_context_ { * then bit `x` is set (hash function ID is 0 for the special MD5+SHA-1, * or 2 to 6 for the SHA family). * - * - If ECDSA is suported with hash function of ID `x`, then bit `8+x` + * - If ECDSA is supported with hash function of ID `x`, then bit `8+x` * is set. * * - Newer algorithms are symbolic 16-bit identifiers that do not @@ -3564,7 +3564,7 @@ br_ssl_server_get_client_suites(const br_ssl_server_context *cc, size_t *num) * then bit `x` is set (hash function ID is 0 for the special MD5+SHA-1, * or 2 to 6 for the SHA family). * - * - If ECDSA is suported with hash function of ID `x`, then bit `8+x` + * - If ECDSA is supported with hash function of ID `x`, then bit `8+x` * is set. * * - Newer algorithms are symbolic 16-bit identifiers that do not diff --git a/inc/bearssl_x509.h b/inc/bearssl_x509.h index 1f55b4e..10e3510 100644 --- a/inc/bearssl_x509.h +++ b/inc/bearssl_x509.h @@ -360,7 +360,7 @@ typedef struct { * - `end_chain()` is called when the last certificate in the chain * was processed. * - `get_pkey()` is called after chain processing, if the chain - * validation was succesfull. + * validation was successful. * * A context structure may be reused; the `start_chain()` method shall * ensure (re)initialisation. diff --git a/samples/custom_profile.c b/samples/custom_profile.c index 7588f9d..8133532 100644 --- a/samples/custom_profile.c +++ b/samples/custom_profile.c @@ -181,7 +181,7 @@ example_client_profile(br_ssl_client_context *cc * -- ECDSA signature verification is needed for "ECDHE_ECDSA" * cipher suites (but not for ECDHE_RSA, ECDH_ECDSA or ECDH_RSA). * - * Normaly, you use the "default" implementations, obtained + * Normally, you use the "default" implementations, obtained * through relevant function calls. These functions return * implementations that are deemed "best" for the current * platform, where "best" means "fastest within constant-time @@ -196,7 +196,7 @@ example_client_profile(br_ssl_client_context *cc * "i32". The "i31" code is somewhat faster than the "i32" code. * Usually, "i31" is faster than "i15", except on some specific * architectures (ARM Cortex M0, M0+, M1 and M3) where the "i15" - * should be prefered (the "i15" code is constant-time, while + * should be preferred (the "i15" code is constant-time, while * the "i31" is not, and the "i15" code is faster anyway). * * ECDSA code also comes in "i15" and "i31" variants. As in the @@ -359,7 +359,7 @@ example_client_profile(br_ssl_client_context *cc * ctmul64 Uses 64-bit multiplications with a 64-bit result. * * On 64-bit platforms, ctmul64 is the smallest and fastest of - * the three. On 32-bit systems, ctmul should be prefered. The + * the three. On 32-bit systems, ctmul should be preferred. The * ctmul32 implementation is meant to be used for the specific * 32-bit systems that do not have a 32x32->64 multiplier (i.e. * the ARM Cortex-M0 and Cortex-M0+). diff --git a/src/ec/ec_prime_i15.c b/src/ec/ec_prime_i15.c index 85affe5..0f210f2 100644 --- a/src/ec/ec_prime_i15.c +++ b/src/ec/ec_prime_i15.c @@ -765,7 +765,7 @@ api_muladd(unsigned char *A, const unsigned char *B, size_t len, /* * TODO: see about merging the two ladders. Right now, we do - * two independant point multiplications, which is a bit + * two independent point multiplications, which is a bit * wasteful of CPU resources (but yields short code). */ diff --git a/src/ec/ec_prime_i31.c b/src/ec/ec_prime_i31.c index ce4d4ab..0586a3b 100644 --- a/src/ec/ec_prime_i31.c +++ b/src/ec/ec_prime_i31.c @@ -764,7 +764,7 @@ api_muladd(unsigned char *A, const unsigned char *B, size_t len, /* * TODO: see about merging the two ladders. Right now, we do - * two independant point multiplications, which is a bit + * two independent point multiplications, which is a bit * wasteful of CPU resources (but yields short code). */ diff --git a/src/inner.h b/src/inner.h index 5f596a1..d552f03 100644 --- a/src/inner.h +++ b/src/inner.h @@ -85,7 +85,7 @@ * * The test on 'unsigned long' should already catch most cases, the one * notable exception being Windows code where 'unsigned long' is kept to - * 32-bit for compatbility with all the legacy code that liberally uses + * 32-bit for compatibility with all the legacy code that liberally uses * the 'DWORD' type for 32-bit values. * * Macro names are taken from: http://nadeausoftware.com/articles/2012/02/c_c_tip_how_detect_processor_type_using_compiler_predefined_macros diff --git a/src/int/i15_decmod.c b/src/int/i15_decmod.c index be955e3..6076c57 100644 --- a/src/int/i15_decmod.c +++ b/src/int/i15_decmod.c @@ -46,7 +46,7 @@ br_i15_decode_mod(uint16_t *x, const void *src, size_t len, const uint16_t *m) * or 0x00000000 (value does not fit). * * We must iterate over all bytes of the source, _and_ possibly - * some extra virutal bytes (with value 0) so as to cover the + * some extra virtual bytes (with value 0) so as to cover the * complete modulus as well. We also add 4 such extra bytes beyond * the modulus length because it then guarantees that no accumulated * partial word remains to be processed. diff --git a/src/int/i31_decmod.c b/src/int/i31_decmod.c index 745bc10..3cd7bfe 100644 --- a/src/int/i31_decmod.c +++ b/src/int/i31_decmod.c @@ -46,7 +46,7 @@ br_i31_decode_mod(uint32_t *x, const void *src, size_t len, const uint32_t *m) * or 0x00000000 (value does not fit). * * We must iterate over all bytes of the source, _and_ possibly - * some extra virutal bytes (with value 0) so as to cover the + * some extra virtual bytes (with value 0) so as to cover the * complete modulus as well. We also add 4 such extra bytes beyond * the modulus length because it then guarantees that no accumulated * partial word remains to be processed. diff --git a/src/rand/sysrng.c b/src/rand/sysrng.c index 3a10db9..bec06be 100644 --- a/src/rand/sysrng.c +++ b/src/rand/sysrng.c @@ -139,7 +139,7 @@ seeder_win32(const br_prng_class **ctx) } #endif -/* see bearssl_rand.h.h */ +/* see bearssl_rand.h */ br_prng_seeder br_prng_seeder_system(const char **name) { diff --git a/src/rsa/rsa_pkcs1_sig_unpad.c b/src/rsa/rsa_pkcs1_sig_unpad.c index d179945..c8ae08f 100644 --- a/src/rsa/rsa_pkcs1_sig_unpad.c +++ b/src/rsa/rsa_pkcs1_sig_unpad.c @@ -68,7 +68,7 @@ br_rsa_pkcs1_sig_unpad(const unsigned char *sig, size_t sig_len, /* * Check the "00 01 FF .. FF 00" with at least eight 0xFF bytes. - * The comparaison is valid because we made sure that the signature + * The comparison is valid because we made sure that the signature * is at least 11 bytes long. */ if (memcmp(sig, pad1, sizeof pad1) != 0) { diff --git a/src/ssl/ssl_hs_client.c b/src/ssl/ssl_hs_client.c index 2c35f29..cba2f13 100644 --- a/src/ssl/ssl_hs_client.c +++ b/src/ssl/ssl_hs_client.c @@ -86,7 +86,7 @@ void br_ssl_hs_client_run(void *t0ctx); * specific name. It must be noted that since the engine context is the * first field of the br_ssl_client_context structure ('eng'), then * pointers values of both types are interchangeable, modulo an - * appropriate cast. This also means that "adresses" computed as offsets + * appropriate cast. This also means that "addresses" computed as offsets * within the structure work for both kinds of context. */ #define CTX ((br_ssl_client_context *)ENG) diff --git a/src/ssl/ssl_hs_client.t0 b/src/ssl/ssl_hs_client.t0 index 0747d42..23b39e7 100644 --- a/src/ssl/ssl_hs_client.t0 +++ b/src/ssl/ssl_hs_client.t0 @@ -31,7 +31,7 @@ preamble { * specific name. It must be noted that since the engine context is the * first field of the br_ssl_client_context structure ('eng'), then * pointers values of both types are interchangeable, modulo an - * appropriate cast. This also means that "adresses" computed as offsets + * appropriate cast. This also means that "addresses" computed as offsets * within the structure work for both kinds of context. */ #define CTX ((br_ssl_client_context *)ENG) @@ -969,7 +969,7 @@ cc: get-client-chain ( auth_types -- ) { \ Parse CertificateRequest. Header has already been read. : read-contents-CertificateRequest ( lim -- ) - \ Read supported client authentification types. We keep only + \ Read supported client authentication types. We keep only \ RSA, ECDSA, and ECDH. 0 { auth_types } read8 open-elt diff --git a/src/ssl/ssl_hs_common.t0 b/src/ssl/ssl_hs_common.t0 index dd9abcb..a879258 100644 --- a/src/ssl/ssl_hs_common.t0 +++ b/src/ssl/ssl_hs_common.t0 @@ -581,7 +581,7 @@ cc: more-incoming-bytes? ( -- bool ) { read16 skip-blob ; \ Open a substructure: the inner structure length is checked against, -\ and substracted, from the output structure current limit. +\ and subtracted, from the output structure current limit. : open-elt ( lim len -- lim-outer lim-inner ) dup { len } - dup 0< if ERR_BAD_PARAM fail then diff --git a/src/ssl/ssl_hs_server.c b/src/ssl/ssl_hs_server.c index 5dd30a1..a6be5e7 100644 --- a/src/ssl/ssl_hs_server.c +++ b/src/ssl/ssl_hs_server.c @@ -86,7 +86,7 @@ void br_ssl_hs_server_run(void *t0ctx); * specific name. It must be noted that since the engine context is the * first field of the br_ssl_server_context structure ('eng'), then * pointers values of both types are interchangeable, modulo an - * appropriate cast. This also means that "adresses" computed as offsets + * appropriate cast. This also means that "addresses" computed as offsets * within the structure work for both kinds of context. */ #define CTX ((br_ssl_server_context *)ENG) diff --git a/src/ssl/ssl_hs_server.t0 b/src/ssl/ssl_hs_server.t0 index 58d5c94..9f6e934 100644 --- a/src/ssl/ssl_hs_server.t0 +++ b/src/ssl/ssl_hs_server.t0 @@ -31,7 +31,7 @@ preamble { * specific name. It must be noted that since the engine context is the * first field of the br_ssl_server_context structure ('eng'), then * pointers values of both types are interchangeable, modulo an - * appropriate cast. This also means that "adresses" computed as offsets + * appropriate cast. This also means that "addresses" computed as offsets * within the structure work for both kinds of context. */ #define CTX ((br_ssl_server_context *)ENG) @@ -864,7 +864,7 @@ cc: save-session ( -- ) { \ suites are filtered out. In particular: \ -- ECDHE suites are removed if there is no common hash function \ (for the relevant signature algorithm) or no common curve. - \ -- TLS-1.2-only suites are removed if the negociated version is + \ -- TLS-1.2-only suites are removed if the negotiated version is \ TLS-1.1 or lower. addr-client_suites dup >css-off begin dup css-max < while diff --git a/src/x509/asn1.t0 b/src/x509/asn1.t0 index 6732f9d..ba59252 100644 --- a/src/x509/asn1.t0 +++ b/src/x509/asn1.t0 @@ -278,7 +278,7 @@ cc: get32 ( addr -- val ) { 0x80 - dup ifnot ERR_X509_INDEFINITE_LENGTH fail then \ Masking out bit 7, this yields the number of bytes over which - \ the value is encoded. Since the total certicate length must + \ the value is encoded. Since the total certificate length must \ fit over 3 bytes (this is a consequence of SSL/TLS message \ format), we can reject big lengths and keep the length in a \ single integer. -- 2.17.1