I follow this simple version numbering scheme:
- - Version numbers are `x.y` or `x.y.z` where `x`, `y` ans `z` are
+ - Version numbers are `x.y` or `x.y.z` where `x`, `y` and `z` are
decimal integers (possibly greater than 10). When the `.z` part is
missing, it is equivalent to `.0`.
* can still be provided by chunks, but the total size must match
* the value provided upon initialisation.
*
- * - The nonce length is constrained betwen 7 and 13 bytes (inclusive).
+ * - The nonce length is constrained between 7 and 13 bytes (inclusive).
* Furthermore, the plaintext length, when encoded, must fit over
* 15-nonceLen bytes; thus, if the nonce has length 13 bytes, then
* the plaintext length cannot exceed 65535 bytes.
* - `br_xxx_out(const br_xxx_context *ctx, void *out)`
*
* Complete the hash computation and write the result in the provided
- * buffer. The output buffer MUST be large enough to accomodate the
+ * buffer. The output buffer MUST be large enough to accommodate the
* result. The context is NOT modified by this operation, so this
* function can be used to get a "partial hash" while still keeping
* the possibility of adding more bytes to the input.
/**
* \brief Compute the HMAC output.
*
- * The destination buffer MUST be large enough to accomodate the result;
+ * The destination buffer MUST be large enough to accommodate the result;
* its length is at most the "natural length" of HMAC (i.e. the output
* length of the underlying hash function). The context is NOT modified;
* further bytes may be processed. Thus, "partial HMAC" values can be
* # The TLS PRF
*
* The "PRF" is the pseudorandom function used internally during the
- * SSL/TLS handshake, notably to expand negociated shared secrets into
+ * SSL/TLS handshake, notably to expand negotiated shared secrets into
* the symmetric encryption keys that will be used to process the
* application data.
*
* is returned.
*
* If `name` is not `NULL`, then `*name` is set to a symbolic string
- * that identifies the seeder implemention. If no seeder is returned
+ * that identifies the seeder implementation. If no seeder is returned
* and `name` is not `NULL`, then `*name` is set to a pointer to the
* constant string `"none"`.
*
/**
* \brief Set the PRF implementation (for TLS 1.0 and 1.1).
*
- * This function sets (or removes, if `impl` is `NULL`) the implemenation
+ * This function sets (or removes, if `impl` is `NULL`) the implementation
* for the PRF used in TLS 1.0 and 1.1.
*
* \param cc SSL engine context.
/**
* \brief Set the PRF implementation with SHA-256 (for TLS 1.2).
*
- * This function sets (or removes, if `impl` is `NULL`) the implemenation
+ * This function sets (or removes, if `impl` is `NULL`) the implementation
* for the SHA-256 variant of the PRF used in TLS 1.2.
*
* \param cc SSL engine context.
/**
* \brief Set the PRF implementation with SHA-384 (for TLS 1.2).
*
- * This function sets (or removes, if `impl` is `NULL`) the implemenation
+ * This function sets (or removes, if `impl` is `NULL`) the implementation
* for the SHA-384 variant of the PRF used in TLS 1.2.
*
* \param cc SSL engine context.
* Informs the engine that 'len' bytes have been read from the buffer
* (extract operation) or written to the buffer (inject operation).
* The 'len' value MUST NOT be zero. The 'len' value MUST NOT exceed
- * that which was obtained from a preceeding br_ssl_engine_xxx_buf()
+ * that which was obtained from a preceding br_ssl_engine_xxx_buf()
* call.
*/
* then bit `x` is set (hash function ID is 0 for the special MD5+SHA-1,
* or 2 to 6 for the SHA family).
*
- * - If ECDSA is suported with hash function of ID `x`, then bit `8+x`
+ * - If ECDSA is supported with hash function of ID `x`, then bit `8+x`
* is set.
*
* - Newer algorithms are symbolic 16-bit identifiers that do not
* then bit `x` is set (hash function ID is 0 for the special MD5+SHA-1,
* or 2 to 6 for the SHA family).
*
- * - If ECDSA is suported with hash function of ID `x`, then bit `8+x`
+ * - If ECDSA is supported with hash function of ID `x`, then bit `8+x`
* is set.
*
* - Newer algorithms are symbolic 16-bit identifiers that do not
* - `end_chain()` is called when the last certificate in the chain
* was processed.
* - `get_pkey()` is called after chain processing, if the chain
- * validation was succesfull.
+ * validation was successful.
*
* A context structure may be reused; the `start_chain()` method shall
* ensure (re)initialisation.
* -- ECDSA signature verification is needed for "ECDHE_ECDSA"
* cipher suites (but not for ECDHE_RSA, ECDH_ECDSA or ECDH_RSA).
*
- * Normaly, you use the "default" implementations, obtained
+ * Normally, you use the "default" implementations, obtained
* through relevant function calls. These functions return
* implementations that are deemed "best" for the current
* platform, where "best" means "fastest within constant-time
* "i32". The "i31" code is somewhat faster than the "i32" code.
* Usually, "i31" is faster than "i15", except on some specific
* architectures (ARM Cortex M0, M0+, M1 and M3) where the "i15"
- * should be prefered (the "i15" code is constant-time, while
+ * should be preferred (the "i15" code is constant-time, while
* the "i31" is not, and the "i15" code is faster anyway).
*
* ECDSA code also comes in "i15" and "i31" variants. As in the
* ctmul64 Uses 64-bit multiplications with a 64-bit result.
*
* On 64-bit platforms, ctmul64 is the smallest and fastest of
- * the three. On 32-bit systems, ctmul should be prefered. The
+ * the three. On 32-bit systems, ctmul should be preferred. The
* ctmul32 implementation is meant to be used for the specific
* 32-bit systems that do not have a 32x32->64 multiplier (i.e.
* the ARM Cortex-M0 and Cortex-M0+).
/*
* TODO: see about merging the two ladders. Right now, we do
- * two independant point multiplications, which is a bit
+ * two independent point multiplications, which is a bit
* wasteful of CPU resources (but yields short code).
*/
/*
* TODO: see about merging the two ladders. Right now, we do
- * two independant point multiplications, which is a bit
+ * two independent point multiplications, which is a bit
* wasteful of CPU resources (but yields short code).
*/
*
* The test on 'unsigned long' should already catch most cases, the one
* notable exception being Windows code where 'unsigned long' is kept to
- * 32-bit for compatbility with all the legacy code that liberally uses
+ * 32-bit for compatibility with all the legacy code that liberally uses
* the 'DWORD' type for 32-bit values.
*
* Macro names are taken from: http://nadeausoftware.com/articles/2012/02/c_c_tip_how_detect_processor_type_using_compiler_predefined_macros
* or 0x00000000 (value does not fit).
*
* We must iterate over all bytes of the source, _and_ possibly
- * some extra virutal bytes (with value 0) so as to cover the
+ * some extra virtual bytes (with value 0) so as to cover the
* complete modulus as well. We also add 4 such extra bytes beyond
* the modulus length because it then guarantees that no accumulated
* partial word remains to be processed.
* or 0x00000000 (value does not fit).
*
* We must iterate over all bytes of the source, _and_ possibly
- * some extra virutal bytes (with value 0) so as to cover the
+ * some extra virtual bytes (with value 0) so as to cover the
* complete modulus as well. We also add 4 such extra bytes beyond
* the modulus length because it then guarantees that no accumulated
* partial word remains to be processed.
}
#endif
-/* see bearssl_rand.h.h */
+/* see bearssl_rand.h */
br_prng_seeder
br_prng_seeder_system(const char **name)
{
/*
* Check the "00 01 FF .. FF 00" with at least eight 0xFF bytes.
- * The comparaison is valid because we made sure that the signature
+ * The comparison is valid because we made sure that the signature
* is at least 11 bytes long.
*/
if (memcmp(sig, pad1, sizeof pad1) != 0) {
* specific name. It must be noted that since the engine context is the
* first field of the br_ssl_client_context structure ('eng'), then
* pointers values of both types are interchangeable, modulo an
- * appropriate cast. This also means that "adresses" computed as offsets
+ * appropriate cast. This also means that "addresses" computed as offsets
* within the structure work for both kinds of context.
*/
#define CTX ((br_ssl_client_context *)ENG)
* specific name. It must be noted that since the engine context is the
* first field of the br_ssl_client_context structure ('eng'), then
* pointers values of both types are interchangeable, modulo an
- * appropriate cast. This also means that "adresses" computed as offsets
+ * appropriate cast. This also means that "addresses" computed as offsets
* within the structure work for both kinds of context.
*/
#define CTX ((br_ssl_client_context *)ENG)
\ Parse CertificateRequest. Header has already been read.
: read-contents-CertificateRequest ( lim -- )
- \ Read supported client authentification types. We keep only
+ \ Read supported client authentication types. We keep only
\ RSA, ECDSA, and ECDH.
0 { auth_types }
read8 open-elt
read16 skip-blob ;
\ Open a substructure: the inner structure length is checked against,
-\ and substracted, from the output structure current limit.
+\ and subtracted, from the output structure current limit.
: open-elt ( lim len -- lim-outer lim-inner )
dup { len }
- dup 0< if ERR_BAD_PARAM fail then
* specific name. It must be noted that since the engine context is the
* first field of the br_ssl_server_context structure ('eng'), then
* pointers values of both types are interchangeable, modulo an
- * appropriate cast. This also means that "adresses" computed as offsets
+ * appropriate cast. This also means that "addresses" computed as offsets
* within the structure work for both kinds of context.
*/
#define CTX ((br_ssl_server_context *)ENG)
* specific name. It must be noted that since the engine context is the
* first field of the br_ssl_server_context structure ('eng'), then
* pointers values of both types are interchangeable, modulo an
- * appropriate cast. This also means that "adresses" computed as offsets
+ * appropriate cast. This also means that "addresses" computed as offsets
* within the structure work for both kinds of context.
*/
#define CTX ((br_ssl_server_context *)ENG)
\ suites are filtered out. In particular:
\ -- ECDHE suites are removed if there is no common hash function
\ (for the relevant signature algorithm) or no common curve.
- \ -- TLS-1.2-only suites are removed if the negociated version is
+ \ -- TLS-1.2-only suites are removed if the negotiated version is
\ TLS-1.1 or lower.
addr-client_suites dup >css-off
begin dup css-max < while
0x80 - dup ifnot ERR_X509_INDEFINITE_LENGTH fail then
\ Masking out bit 7, this yields the number of bytes over which
- \ the value is encoded. Since the total certicate length must
+ \ the value is encoded. Since the total certificate length must
\ fit over 3 bytes (this is a consequence of SSL/TLS message
\ format), we can reject big lengths and keep the length in a
\ single integer.
projects / BearSSL / commitdiff