wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

mark all block comments that need format preserving so that

Browse source 
indent will not alter them when reformatting comments

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
This commit is contained in:
Tim Hudson 2014-12-28 12:48:40 +10:00 committed by Matt Caswell
parent aa8a9266f9
commit 1d97c84351
152 changed files with 971 additions and 704 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
apps/asn1pars.c
View file

@ -69,7 +69,8 @@
#include <openssl/x509.h>
#include <openssl/pem.h>
/* -inform arg - input format - default PEM (DER or PEM)
/*-
* -inform arg - input format - default PEM (DER or PEM)
* -in arg - input file - default stdin
* -i - indent the details by depth
* -offset - where in the file to start

3
apps/ca.c
View file

@ -2829,7 +2829,8 @@ char *make_revocation_str(int rev_type, char *rev_arg)
return str;
}
/* Convert revocation field to X509_REVOKED entry
/*-
* Convert revocation field to X509_REVOKED entry
* return code:
* 0 error
* 1 OK

3
apps/crl2p7.c
View file

@ -75,7 +75,8 @@ static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile);
#undef PROG
#define PROG crl2pkcs7_main
/* -inform arg - input format - default PEM (DER or PEM)
/*-
* -inform arg - input format - default PEM (DER or PEM)
* -outform arg - output format - default PEM
* -in arg - input file - default stdin
* -out arg - output file - default stdout

3
apps/dh.c
View file

@ -74,7 +74,8 @@
#undef PROG
#define PROG dh_main
/* -inform arg - input format - default PEM (DER or PEM)
/*-
* -inform arg - input format - default PEM (DER or PEM)
* -outform arg - output format - default PEM
* -in arg - input file - default stdin
* -out arg - output file - default stdout

3
apps/dhparam.c
View file

@ -132,7 +132,8 @@
#define DEFBITS 2048
/* -inform arg - input format - default PEM (DER or PEM)
/*-
* -inform arg - input format - default PEM (DER or PEM)
* -outform arg - output format - default PEM
* -in arg - input file - default stdin
* -out arg - output file - default stdout

3
apps/dsa.c
View file

@ -74,7 +74,8 @@
#undef PROG
#define PROG dsa_main
/* -inform arg - input format - default PEM (one of DER, NET or PEM)
/*-
* -inform arg - input format - default PEM (one of DER, NET or PEM)
* -outform arg - output format - default PEM
* -in arg - input file - default stdin
* -out arg - output file - default stdout

3
apps/dsaparam.c
View file

@ -75,7 +75,8 @@
#undef PROG
#define PROG dsaparam_main
/* -inform arg - input format - default PEM (DER or PEM)
/*-
* -inform arg - input format - default PEM (DER or PEM)
* -outform arg - output format - default PEM
* -in arg - input file - default stdin
* -out arg - output file - default stdout

3
apps/ec.c
View file

@ -70,7 +70,8 @@
#undef PROG
#define PROG ec_main
/* -inform arg - input format - default PEM (one of DER, NET or PEM)
/*-
* -inform arg - input format - default PEM (one of DER, NET or PEM)
* -outform arg - output format - default PEM
* -in arg - input file - default stdin
* -out arg - output file - default stdout

3
apps/ecparam.c
View file

@ -87,7 +87,8 @@
#undef PROG
#define PROG ecparam_main
/* -inform arg - input format - default PEM (DER or PEM)
/*-
* -inform arg - input format - default PEM (DER or PEM)
* -outform arg - output format - default PEM
* -in arg - input file - default stdin
* -out arg - output file - default stdout

3
apps/openssl.c
View file

@ -238,7 +238,8 @@ int main(int Argc, char *ARGV[])
long errline;
#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
/* 2011-03-22 SMS.
/*-
* 2011-03-22 SMS.
* If we have 32-bit pointers everywhere, then we're safe, and
* we bypass this mess, as on non-VMS systems. (See ARGV,
* above.)

3
apps/passwd.c
View file

@ -43,7 +43,8 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
char *passwd, BIO *out, int quiet, int table, int reverse,
size_t pw_maxlen, int usecrypt, int use1, int useapr1);
/* -crypt - standard Unix password algorithm (default)
/*-
* -crypt - standard Unix password algorithm (default)
* -1 - MD5-based password algorithm
* -apr1 - MD5-based password algorithm, Apache variant
* -salt string - salt

3
apps/rand.c
View file

@ -66,7 +66,8 @@
#undef PROG
#define PROG rand_main
/* -out file - write to file
/*-
* -out file - write to file
* -rand file:file - PRNG seed files
* -base64 - base64 encode output
* -hex - hex encode output

3
apps/req.c
View file

@ -99,7 +99,8 @@
#undef PROG
#define PROG req_main
/* -inform arg - input format - default PEM (DER or PEM)
/*-
* -inform arg - input format - default PEM (DER or PEM)
* -outform arg - output format - default PEM
* -in arg - input file - default stdin
* -out arg - output file - default stdout

3
apps/rsa.c
View file

@ -74,7 +74,8 @@
#undef PROG
#define PROG rsa_main
/* -inform arg - input format - default PEM (one of DER, NET or PEM)
/*-
* -inform arg - input format - default PEM (one of DER, NET or PEM)
* -outform arg - output format - default PEM
* -in arg - input file - default stdin
* -out arg - output file - default stdout

2
apps/s_socket.c
View file

@ -532,7 +532,7 @@ redoit:
return(0);
}
/*
/*-
ling.l_onoff=1;
ling.l_linger=0;
i=setsockopt(ret,SOL_SOCKET,SO_LINGER,(char *)&ling,sizeof(ling));

3
apps/spkac.c
View file

@ -73,7 +73,8 @@
#undef PROG
#define PROG spkac_main
/* -in arg - input file - default stdin
/*-
* -in arg - input file - default stdin
* -out arg - output file - default stdout
*/

2
apps/ts.c
View file

@ -1130,7 +1130,7 @@ static X509_STORE *create_cert_store(char *ca_path, char *ca_file)
static int MS_CALLBACK verify_cb(int ok, X509_STORE_CTX *ctx)
{
/*
/*-
char buf[256];
if (!ok)

2
apps/vms_decc_init.c
View file

@ -5,7 +5,7 @@
#ifdef USE_DECC_INIT
/*
/*-
* 2010-04-26 SMS.
*
*----------------------------------------------------------------------

2
crypto/aes/aes_core.c
View file

@ -41,7 +41,7 @@
#include "aes_locl.h"
#ifndef AES_ASM
/*
/*-
Te0[x] = S [x].[02, 01, 01, 03];
Te1[x] = S [x].[03, 02, 01, 01];
Te2[x] = S [x].[01, 03, 02, 01];

4
crypto/aes/aes_x86core.c
View file

@ -105,7 +105,7 @@ typedef unsigned long long u64;
})
# endif
#endif
/*
/*-
Te [x] = S [x].[02, 01, 01, 03, 02, 01, 01, 03];
Te0[x] = S [x].[02, 01, 01, 03];
Te1[x] = S [x].[03, 02, 01, 01];
@ -116,7 +116,7 @@ Te3[x] = S [x].[01, 01, 03, 02];
#define Te1 (u32)((u64*)((u8*)Te+3))
#define Te2 (u32)((u64*)((u8*)Te+2))
#define Te3 (u32)((u64*)((u8*)Te+1))
/*
/*-
Td [x] = Si[x].[0e, 09, 0d, 0b, 0e, 09, 0d, 0b];
Td0[x] = Si[x].[0e, 09, 0d, 0b];
Td1[x] = Si[x].[0b, 0e, 09, 0d];

3
crypto/asn1/a_sign.c
View file

@ -254,7 +254,8 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
signature);
if (rv == 1)
outl = signature->length;
/* Return value meanings:
/*-
* Return value meanings:
* <=0: error.
* 1: method does everything.
* 2: carry on as normal.

3
crypto/asn1/a_time.c
View file

@ -54,7 +54,8 @@
*/
/* This is an implementation of the ASN1 Time structure which is:
/*-
* This is an implementation of the ASN1 Time structure which is:
* Time ::= CHOICE {
* utcTime UTCTime,
* generalTime GeneralizedTime }

3
crypto/asn1/a_utf8.c
View file

@ -63,7 +63,8 @@
/* UTF8 utilities */
/* This parses a UTF8 string one character at a time. It is passed a pointer
/*-
* This parses a UTF8 string one character at a time. It is passed a pointer
* to the string and the length of the string. It sets 'value' to the value of
* the current character. It returns the number of characters read or a
* negative error code:

3
crypto/asn1/asn1.h
View file

@ -367,7 +367,8 @@ typedef struct ASN1_VALUE_st ASN1_VALUE;
TYPEDEF_D2I2D_OF(void);
/* The following macros and typedefs allow an ASN1_ITEM
/*-
* The following macros and typedefs allow an ASN1_ITEM
* to be embedded in a structure and referenced. Since
* the ASN1_ITEM pointers need to be globally accessible
* (possibly from shared libraries) they may exist in

6
crypto/asn1/asn1t.h
View file

@ -129,7 +129,8 @@ extern "C" {
/* This is a ASN1 type which just embeds a template */
/* This pair helps declare a SEQUENCE. We can do:
/*-
* This pair helps declare a SEQUENCE. We can do:
*
* ASN1_SEQUENCE(stname) = {
* ... SEQUENCE components ...
@ -231,7 +232,8 @@ extern "C" {
ASN1_ITEM_end(tname)
/* This pair helps declare a CHOICE type. We can do:
/*-
* This pair helps declare a CHOICE type. We can do:
*
* ASN1_CHOICE(chname) = {
* ... CHOICE options ...

3
crypto/asn1/x_attrib.c
View file

@ -62,7 +62,8 @@
#include <openssl/asn1t.h>
#include <openssl/x509.h>
/* X509_ATTRIBUTE: this has the following form:
/*-
* X509_ATTRIBUTE: this has the following form:
*
* typedef struct x509_attributes_st
* {

3
crypto/asn1/x_req.c
View file

@ -61,7 +61,8 @@
#include <openssl/asn1t.h>
#include <openssl/x509.h>
/* X509_REQ_INFO is handled in an unusual way to get round
/*-
* X509_REQ_INFO is handled in an unusual way to get round
* invalid encodings. Some broken certificate requests don't
* encode the attributes field if it is empty. This is in
* violation of PKCS#10 but we need to tolerate it. We do

2
crypto/bf/blowfish.h
View file

@ -72,7 +72,7 @@ extern "C" {
#define BF_ENCRYPT 1
#define BF_DECRYPT 0
/*
/*-
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
* ! BF_LONG has to be at least 32 bits wide. If it's wider, then !
* ! BF_LONG_LOG2 has to be defined along. !

2
crypto/bio/b_print.c
View file

@ -94,7 +94,7 @@
* on all source code distributions.
*/
/*
/*-
* This code contains numerious changes and enhancements which were
* made by lots of contributors over the last years to Patrick Powell's
* original code:

9
crypto/bio/bio.h
View file

@ -218,7 +218,8 @@ extern "C" {
#define BIO_GHBN_CTRL_FLUSH 5
/* Mostly used in the SSL BIO */
/* Not used anymore
/*-
* Not used anymore
* #define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10
* #define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20
* #define BIO_FLAGS_PROTOCOL_STARTUP 0x40
@ -336,7 +337,8 @@ DECLARE_STACK_OF(BIO)
typedef struct bio_f_buffer_ctx_struct
{
/* Buffers are setup like this:
/*-
* Buffers are setup like this:
*
* <---------------------- size ----------------------->
* +---------------------------------------------------+
@ -715,7 +717,8 @@ int BIO_hex_string(BIO *out, int indent, int width, unsigned char *data,
int datalen);
struct hostent *BIO_gethostbyname(const char *name);
/* We might want a thread-safe interface too:
/*-
* We might want a thread-safe interface too:
* struct hostent *BIO_gethostbyname_r(const char *name,
* struct hostent *result, void *buffer, size_t buflen);
* or something similar (caller allocates a struct hostent,

2
crypto/bio/bss_acpt.c
View file

@ -436,7 +436,7 @@ static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
ret=(long)data->bind_mode;
break;
case BIO_CTRL_DUP:
/* dbio=(BIO *)ptr;
/*- dbio=(BIO *)ptr;
if (data->param_port) EAY EAY
BIO_set_port(dbio,data->param_port);
if (data->param_hostname)

6
crypto/bio/bss_bio.c
View file

@ -269,7 +269,8 @@ static int bio_read(BIO *bio, char *buf, int size_)
return size;
}
/* non-copying interface: provide pointer to available data in buffer
/*-
* non-copying interface: provide pointer to available data in buffer
* bio_nread0: return number of available bytes
* bio_nread: also advance index
* (example usage: bio_nread0(), read from buffer, bio_nread()
@ -422,7 +423,8 @@ static int bio_write(BIO *bio, const char *buf, int num_)
return num;
}
/* non-copying interface: provide pointer to region to write to
/*-
* non-copying interface: provide pointer to region to write to
* bio_nwrite0: check how much space is available
* bio_nwrite: also increase length
* (example usage: bio_nwrite0(), write to buffer, bio_nwrite()

4
crypto/bn/asm/x86_64-gcc.c
View file

@ -2,7 +2,7 @@
#if !(defined(__GNUC__) && __GNUC__>=2)
# include "../bn_asm.c" /* kind of dirty hack for Sun Studio */
#else
/*
/*-
* x86_64 BIGNUM accelerator version 0.1, December 2002.
*
* Implemented by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
@ -64,7 +64,7 @@
#undef mul
#undef mul_add
/*
/*-
* "m"(a), "+m"(r) is the way to favor DirectPath µ-code;
* "g"(0) let the compiler to decide where does it
* want to keep the value of zero;

6
crypto/bn/bn_add.c
View file

@ -70,7 +70,8 @@ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
bn_check_top(a);
bn_check_top(b);
/* a + b a+b
/*-
* a + b a+b
* a + -b a-b
* -a + b b-a
* -a + -b -(a+b)
@ -266,7 +267,8 @@ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
bn_check_top(a);
bn_check_top(b);
/* a - b a-b
/*-
* a - b a-b
* a - -b a+b
* -a - b -(a+b)
* -a - -b b-a

3
crypto/bn/bn_div.c
View file

@ -172,7 +172,8 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
#endif /* OPENSSL_NO_ASM */
/* BN_div computes dv := num / divisor, rounding towards
/*-
* BN_div computes dv := num / divisor, rounding towards
* zero, and sets up rm such that dv*divisor + rm = num holds.
* Thus:
* dv->neg == num->neg ^ divisor->neg (unless the result is zero)

3
crypto/bn/bn_exp.c
View file

@ -200,7 +200,8 @@ int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
bn_check_top(p);
bn_check_top(m);
/* For even modulus m = 2^k*m_odd, it might make sense to compute
/*-
* For even modulus m = 2^k*m_odd, it might make sense to compute
* a^p mod m_odd and a^p mod 2^k separately (with Montgomery
* exponentiation for the odd part), using appropriate exponent
* reductions, and combine the results using the CRT.

31
crypto/bn/bn_gcd.c
View file

@ -263,7 +263,8 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
if (!BN_nnmod(B, B, A, ctx)) goto err;
}
sign = -1;
/* From B = a mod |n|, A = |n| it follows that
/*-
* From B = a mod |n|, A = |n| it follows that
*
* 0 <= B < A,
* -sign*X*a == B (mod |n|),
@ -280,7 +281,7 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
while (!BN_is_zero(B))
{
/*
/*-
* 0 < B < |n|,
* 0 < A <= |n|,
* (1) -sign*X*a == B (mod |n|),
@ -327,7 +328,8 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
}
/* We still have (1) and (2).
/*-
* We still have (1) and (2).
* Both A and B are odd.
* The following computations ensure that
*
@ -363,7 +365,7 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
{
BIGNUM *tmp;
/*
/*-
* 0 < B < A,
* (*) -sign*X*a == B (mod |n|),
* sign*Y*a == A (mod |n|)
@ -410,7 +412,8 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
if (!BN_div(D,M,A,B,ctx)) goto err;
}
/* Now
/*-
* Now
* A = D*B + M;
* thus we have
* (**) sign*Y*a == D*B + M (mod |n|).
@ -423,7 +426,8 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
B=M;
/* ... so we have 0 <= B < A again */
/* Since the former M is now B and the former B is now A,
/*-
* Since the former M is now B and the former B is now A,
* (**) translates into
* sign*Y*a == D*A + B (mod |n|),
* i.e.
@ -476,7 +480,7 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
}
}
/*
/*-
* The while loop (Euclid's algorithm) ends when
* A == gcd(a,n);
* we have
@ -565,7 +569,8 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
if (!BN_nnmod(B, pB, A, ctx)) goto err;
}
sign = -1;
/* From B = a mod |n|, A = |n| it follows that
/*-
* From B = a mod |n|, A = |n| it follows that
*
* 0 <= B < A,
* -sign*X*a == B (mod |n|),
@ -576,7 +581,7 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
{
BIGNUM *tmp;
/*
/*-
* 0 < B < A,
* (*) -sign*X*a == B (mod |n|),
* sign*Y*a == A (mod |n|)
@ -591,7 +596,8 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
/* (D, M) := (A/B, A%B) ... */
if (!BN_div(D,M,pA,B,ctx)) goto err;
/* Now
/*-
* Now
* A = D*B + M;
* thus we have
* (**) sign*Y*a == D*B + M (mod |n|).
@ -604,7 +610,8 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
B=M;
/* ... so we have 0 <= B < A again */
/* Since the former M is now B and the former B is now A,
/*-
* Since the former M is now B and the former B is now A,
* (**) translates into
* sign*Y*a == D*A + B (mod |n|),
* i.e.
@ -632,7 +639,7 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
sign = -sign;
}
/*
/*-
* The while loop (Euclid's algorithm) ends when
* A == gcd(a,n);
* we have

5
crypto/bn/bn_lcl.h
View file

@ -118,7 +118,8 @@
extern "C" {
#endif
/* Bignum consistency macros
/*-
* Bignum consistency macros
* There is one "API" macro, bn_fix_top(), for stripping leading zeroes from
* bignum data after direct manipulations on the data. There is also an
* "internal" macro, bn_check_top(), for verifying that there are no leading
@ -268,7 +269,7 @@ struct bn_gencb_st
};
/*
/*-
* BN_window_bits_for_exponent_size -- macro for sliding window mod_exp functions
*
*

3
crypto/bn/bn_lib.c
View file

@ -72,7 +72,8 @@ const char BN_version[]="Big Number" OPENSSL_VERSION_PTEXT;
/* This stuff appears to be completely unused, so is deprecated */
#ifndef OPENSSL_NO_DEPRECATED
/* For a 32 bit machine
/*-
* For a 32 bit machine
* 2 - 4 == 128
* 3 - 8 == 256
* 4 - 16 == 512

33
crypto/bn/bn_mul.c
View file

@ -348,7 +348,8 @@ BN_ULONG bn_add_part_words(BN_ULONG *r,
/* Karatsuba recursive multiplication algorithm
* (cf. Knuth, The Art of Computer Programming, Vol. 2) */
/* r is 2*n2 words in size,
/*-
* r is 2*n2 words in size,
* a and b are both n2 words in size.
* n2 must be a power of 2.
* We multiply and return the result.
@ -466,7 +467,8 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,dna,dnb,p);
}
/* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
/*-
* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
* r[10] holds (a[0]*b[0])
* r[32] holds (b[1]*b[1])
*/
@ -483,7 +485,8 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),t,n2));
}
/* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
/*-
* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
* r[10] holds (a[0]*b[0])
* r[32] holds (b[1]*b[1])
* c1 holds the carry bits
@ -638,7 +641,8 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
}
}
/* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
/*-
* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
* r[10] holds (a[0]*b[0])
* r[32] holds (b[1]*b[1])
*/
@ -655,7 +659,8 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),t,n2));
}
/* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
/*-
* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
* r[10] holds (a[0]*b[0])
* r[32] holds (b[1]*b[1])
* c1 holds the carry bits
@ -682,7 +687,8 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
}
}
/* a and b must be the same size, which is n2.
/*-
* a and b must be the same size, which is n2.
* r needs to be n2 words and t needs to be n2*2
*/
void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
@ -707,7 +713,8 @@ void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
}
}
/* a and b must be the same size, which is n2.
/*-
* a and b must be the same size, which is n2.
* r needs to be n2 words and t needs to be n2*2
* l is the low words of the output.
* t needs to be n2*3
@ -775,7 +782,8 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
bn_mul_recursive(r,&(a[n]),&(b[n]),n,0,0,&(t[n2]));
}
/* s0 == low(al*bl)
/*-
* s0 == low(al*bl)
* s1 == low(ah*bh)+low((al-ah)*(bh-bl))+low(al*bl)+high(al*bl)
* We know s0 and s1 so the only unknown is high(al*bl)
* high(al*bl) == s1 - low(ah*bh+s0+(al-ah)*(bh-bl))
@ -812,16 +820,19 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
lp[i]=((~mp[i])+1)&BN_MASK2;
}
/* s[0] = low(al*bl)
/*-
* s[0] = low(al*bl)
* t[3] = high(al*bl)
* t[10] = (a[0]-a[1])*(b[1]-b[0]) neg is the sign
* r[10] = (a[1]*b[1])
*/
/* R[10] = al*bl
/*-
* R[10] = al*bl
* R[21] = al*bl + ah*bh + (a[0]-a[1])*(b[1]-b[0])
* R[32] = ah*bh
*/
/* R[1]=t[3]+l[0]+r[0](+-)t[0] (have carry/borrow)
/*-
* R[1]=t[3]+l[0]+r[0](+-)t[0] (have carry/borrow)
* R[2]=r[0]+t[3]+r[1](+-)t[1] (have carry/borrow)
* R[3]=r[1]+(carry/borrow)
*/

6
crypto/bn/bn_prime.c
View file

@ -524,7 +524,8 @@ loop:
{
BN_ULONG rnd_word = BN_get_word(rnd);
/* In the case that the candidate prime is a single word then
/*-
* In the case that the candidate prime is a single word then
* we check that:
* 1) It's greater than primes[i] because we shouldn't reject
* 3 as being a prime number because it's a multiple of
@ -532,7 +533,8 @@ loop:
* 2) That it's not a multiple of a known prime. We don't
* check that rnd-1 is also coprime to all the known
* primes because there aren't many small primes where
* that's true. */
* that's true.
*/
for (i=1; i<NUMPRIMES && primes[i]<rnd_word; i++)
{
if ((mods[i]+delta)%primes[i] == 0)

3
crypto/bn/bn_recp.c
View file

@ -172,7 +172,8 @@ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
i,ctx); /* BN_reciprocal returns i, or -1 for an error */
if (recp->shift == -1) goto err;
/* d := |round(round(m / 2^BN_num_bits(N)) * recp->Nr / 2^(i - BN_num_bits(N)))|
/*-
* d := |round(round(m / 2^BN_num_bits(N)) * recp->Nr / 2^(i - BN_num_bits(N)))|
* = |round(round(m / 2^BN_num_bits(N)) * round(2^i / N) / 2^(i - BN_num_bits(N)))|
* <= |(m / 2^BN_num_bits(N)) * (2^i / N) * (2^BN_num_bits(N) / 2^i)|
* = |m/N|

9
crypto/bn/bn_sqr.c
View file

@ -190,7 +190,8 @@ void bn_sqr_normal(BN_ULONG *r, const BN_ULONG *a, int n, BN_ULONG *tmp)
}
#ifdef BN_RECURSION
/* r is 2*n words in size,
/*-
* r is 2*n words in size,
* a and b are both n words in size. (There's not actually a 'b' here ...)
* n must be a power of 2.
* We multiply and return the result.
@ -249,7 +250,8 @@ void bn_sqr_recursive(BN_ULONG *r, const BN_ULONG *a, int n2, BN_ULONG *t)
bn_sqr_recursive(r,a,n,p);
bn_sqr_recursive(&(r[n2]),&(a[n]),n,p);
/* t[32] holds (a[0]-a[1])*(a[1]-a[0]), it is negative or zero
/*-
* t[32] holds (a[0]-a[1])*(a[1]-a[0]), it is negative or zero
* r[10] holds (a[0]*b[0])
* r[32] holds (b[1]*b[1])
*/
@ -259,7 +261,8 @@ void bn_sqr_recursive(BN_ULONG *r, const BN_ULONG *a, int n2, BN_ULONG *t)
/* t[32] is negative */
c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
/* t[32] holds (a[0]-a[1])*(a[1]-a[0])+(a[0]*a[0])+(a[1]*a[1])
/*-
* t[32] holds (a[0]-a[1])*(a[1]-a[0])+(a[0]*a[0])+(a[1]*a[1])
* r[10] holds (a[0]*a[0])
* r[32] holds (a[1]*a[1])
* c1 holds the carry bits

12
crypto/bn/bn_sqrt.c
View file

@ -135,7 +135,8 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
if (e == 1)
{
/* The easy case: (|p|-1)/2 is odd, so 2 has an inverse
/*-
* The easy case: (|p|-1)/2 is odd, so 2 has an inverse
* modulo (|p|-1)/2, and square roots can be computed
* directly by modular exponentiation.
* We have
@ -152,7 +153,8 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
if (e == 2)
{
/* |p| == 5 (mod 8)
/*-
* |p| == 5 (mod 8)
*
* In this case 2 is always a non-square since
* Legendre(2,p) = (-1)^((p^2-1)/8) for any odd prime.
@ -262,7 +264,8 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
goto end;
}
/* Now we know that (if p is indeed prime) there is an integer
/*-
* Now we know that (if p is indeed prime) there is an integer
* k, 0 <= k < 2^e, such that
*
* a^q * y^k == 1 (mod p).
@ -318,7 +321,8 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
while (1)
{
/* Now b is a^q * y^k for some even k (0 <= k < 2^E
/*-
* Now b is a^q * y^k for some even k (0 <= k < 2^E
* where E refers to the original value of e, which we
* don't keep in a variable), and x is a^((q+1)/2) * y^(k/2).
*

3
crypto/conf/conf_def.c
View file

@ -601,7 +601,8 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from)
}
e++;
}
/* So at this point we have
/*-
* So at this point we have
* np which is the start of the name string which is
* '\0' terminated.
* cp which is the start of the section string which is

6
crypto/constant_time_locl.h
View file

@ -1,5 +1,5 @@
/* crypto/constant_time_locl.h */
/*
/*-
* Utilities for constant-time cryptography.
*
* Author: Emilia Kasper (emilia@openssl.org)
@ -53,7 +53,7 @@
extern "C" {
#endif
/*
/*-
* The boolean methods return a bitmask of all ones (0xff...f) for true
* and 0 for false. This is useful for choosing a value based on the result
* of a conditional in constant time. For example,
@ -112,7 +112,7 @@ static inline unsigned int constant_time_eq_int(int a, int b);
static inline unsigned char constant_time_eq_int_8(int a, int b);
/*
/*-
* Returns (mask & a) | (~mask & b).
*
* When |mask| is all 1s or all 0s (as returned by the methods above),

2
crypto/constant_time_test.c
View file

@ -1,5 +1,5 @@
/* crypto/constant_time_test.c */
/*
/*-
* Utilities for constant-time cryptography.
*
* Author: Emilia Kasper (emilia@openssl.org)

3
crypto/crypto.h
View file

@ -525,7 +525,8 @@ int CRYPTO_remove_all_info(void);
void CRYPTO_dbg_malloc(void *addr,int num,const char *file,int line,int before_p);
void CRYPTO_dbg_realloc(void *addr1,void *addr2,int num,const char *file,int line,int before_p);
void CRYPTO_dbg_free(void *addr,int before_p);
/* Tell the debugging code about options. By default, the following values
/*-
* Tell the debugging code about options. By default, the following values
* apply:
*
* 0: Clear all options.

3
crypto/des/des_locl.h
View file

@ -362,7 +362,8 @@
#endif
#endif
/* IP and FP
/*-
* IP and FP
* The problem is more of a geometric problem that random bit fiddling.
0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6
8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4

3
crypto/des/des_old.h
View file

@ -1,6 +1,7 @@
/* crypto/des/des_old.h -*- mode:C; c-file-style: "eay" -*- */
/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
/*-
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
*
* The function names in here are deprecated and are only present to
* provide an interface compatible with openssl 0.9.6 and older as

2
crypto/des/destest.c
View file

@ -380,7 +380,7 @@ int main(int argc, char *argv[])
DES_ENCRYPT);
DES_ede3_cbcm_encrypt(&cbc_data[16],&cbc_out[16],i-16,&ks,&ks2,&ks3,
&iv3,&iv2,DES_ENCRYPT);
/* if (memcmp(cbc_out,cbc3_ok,
/*- if (memcmp(cbc_out,cbc3_ok,
(unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0)
{
printf("des_ede3_cbc_encrypt encrypt error\n");

2
crypto/des/enc_read.c
View file

@ -66,7 +66,7 @@
OPENSSL_IMPLEMENT_GLOBAL(int,DES_rw_mode,DES_PCBC_MODE)
/*
/*-
* WARNINGS:
*
* - The data format used by DES_enc_write() and DES_enc_read()

2
crypto/des/enc_writ.c
View file

@ -63,7 +63,7 @@
#include "des_locl.h"
#include <openssl/rand.h>
/*
/*-
* WARNINGS:
*
* - The data format used by DES_enc_write() and DES_enc_read()

2
crypto/des/ncbc_enc.c
View file

@ -1,5 +1,5 @@
/* crypto/des/ncbc_enc.c */
/*
/*-
* #included by:
* cbc_enc.c (DES_cbc_encrypt)
* des_enc.c (DES_ncbc_encrypt)

2
crypto/des/rpc_des.h
View file

@ -57,7 +57,7 @@
*/
/* @(#)des.h 2.2 88/08/10 4.0 RPCSRC; from 2.7 88/02/08 SMI */
/*
/*-
* Sun RPC is a product of Sun Microsystems, Inc. and is provided for
* unrestricted use provided that this legend is included on all tape
* media and as a part of the software program in whole or part. Users

5
crypto/des/set_key.c
View file

@ -106,7 +106,8 @@ int DES_check_key_parity(const_DES_cblock *key)
return(1);
}
/* Weak and semi week keys as take from
/*-
* Weak and semi week keys as take from
* %A D.W. Davies
* %A W.L. Price
* %T Security for Computer Networks
@ -399,7 +400,7 @@ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule)
{
return(DES_set_key(key,schedule));
}
/*
/*-
#undef des_fixup_key_parity
void des_fixup_key_parity(des_cblock *key)
{

3
crypto/dh/dh_check.c
View file

@ -61,7 +61,8 @@
#include <openssl/bn.h>
#include <openssl/dh.h>
/* Check that p is a safe prime and
/*-
* Check that p is a safe prime and
* if g is 2, 3 or 5, check that it is a suitable generator
* where
* for 2, p mod 24 == 11

3
crypto/dh/dh_gen.c
View file

@ -77,7 +77,8 @@ int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *c
return dh_builtin_genparams(ret, prime_len, generator, cb);
}
/* We generate DH parameters as follows
/*-
* We generate DH parameters as follows
* find a prime q which is prime_len/2 bits long.
* p=(2*q)+1 or (p-1)/2 = q
* For this case, g is a generator if

3
crypto/dsa/dsa_ameth.c
View file

@ -213,7 +213,8 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
goto decerr;
if (sk_ASN1_TYPE_num(ndsa) != 2)
goto decerr;
/* Handle Two broken types:
/*-
* Handle Two broken types:
* SEQUENCE {parameters, priv_key}
* SEQUENCE {pub_key, priv_key}
*/

3
crypto/dsa/dsa_asn1.c
View file

@ -167,7 +167,8 @@ int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
}
/* data has already been hashed (probably with SHA or SHA-1). */
/* returns
/*-
* returns
* 1: correct signature
* 0: incorrect signature
* -1: error

3
crypto/dsa/dsa_ossl.c
View file

@ -93,7 +93,8 @@ NULL,
NULL
};
/* These macro wrappers replace attempts to use the dsa_mod_exp() and
/*-
* These macro wrappers replace attempts to use the dsa_mod_exp() and
* bn_mod_exp() handlers in the DSA_METHOD structure. We avoid the problem of
* having a the macro work as an expression by bundling an "err_instr". So;
*

3
crypto/dso/dso_vms.c
View file

@ -174,7 +174,8 @@ static int vms_load(DSO *dso)
goto err;
}
/* A file specification may look like this:
/*-
* A file specification may look like this:
*
* node::dev:[dir-spec]name.type;ver
*

2
crypto/ec/ec.h
View file

@ -118,7 +118,7 @@ typedef enum {
typedef struct ec_method_st EC_METHOD;
typedef struct ec_group_st
/*
/*-
EC_METHOD *meth;
-- field definition
-- curve coefficients

9
crypto/ec/ec2_mult.c
View file

@ -143,7 +143,8 @@ static int gf2m_Madd(const EC_GROUP *group, const BIGNUM *x, BIGNUM *x1, BIGNUM
return ret;
}
/* Compute the x, y affine coordinates from the point (x1, z1) (x2, z2)
/*-
* Compute the x, y affine coordinates from the point (x1, z1) (x2, z2)
* using Montgomery point multiplication algorithm Mxy() in appendix of
* Lopez, J. and Dahab, R. "Fast multiplication on elliptic curves over
* GF(2^m) without precomputation" (CHES '99, LNCS 1717).
@ -212,7 +213,8 @@ static int gf2m_Mxy(const EC_GROUP *group, const BIGNUM *x, const BIGNUM *y, BIG
}
/* Computes scalar*point and stores the result in r.
/*-
* Computes scalar*point and stores the result in r.
* point can not equal r.
* Uses a modified algorithm 2P of
* Lopez, J. and Dahab, R. "Fast multiplication on elliptic curves over
@ -318,7 +320,8 @@ static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group, EC_POINT *r,
}
/* Computes the sum
/*-
* Computes the sum
* scalar*group->generator + scalars[0]*points[0] + ... + scalars[num-1]*points[num-1]
* gracefully ignoring NULL scalar values.
*/

6
crypto/ec/ec2_smpl.c
View file

@ -586,7 +586,8 @@ int ec_GF2m_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_
lh = BN_CTX_get(ctx);
if (lh == NULL) goto err;
/* We have a curve defined by a Weierstrass equation
/*-
* We have a curve defined by a Weierstrass equation
* y^2 + x*y = x^3 + a*x^2 + b.
* <=> x^3 + a*x^2 + x*y + b + y^2 = 0
* <=> ((x + a) * x + y ) * x + b + y^2 = 0
@ -606,7 +607,8 @@ int ec_GF2m_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_
}
/* Indicates whether two points are equal.
/*-
* Indicates whether two points are equal.
* Return values:
* -1 error
* 0 equal (in affine coordinates)

3
crypto/ec/ec_lcl.h
View file

@ -117,7 +117,8 @@ struct ec_method_st {
void (*point_clear_finish)(EC_POINT *);
int (*point_copy)(EC_POINT *, const EC_POINT *);
/* used by EC_POINT_set_to_infinity,
/*-
* used by EC_POINT_set_to_infinity,
* EC_POINT_set_Jprojective_coordinates_GFp,
* EC_POINT_get_Jprojective_coordinates_GFp,
* EC_POINT_set_affine_coordinates_GFp, ..._GF2m,

6
crypto/ec/ec_mult.c
View file

@ -482,7 +482,8 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
if (!(tmp = EC_POINT_new(group)))
goto err;
/* prepare precomputed values:
/*-
* prepare precomputed values:
* val_sub[i][0] := points[i]
* val_sub[i][1] := 3 * points[i]
* val_sub[i][2] := 5 * points[i]
@ -607,7 +608,8 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
}
/* ec_wNAF_precompute_mult()
/*-
* ec_wNAF_precompute_mult()
* creates an EC_PRE_COMP object with preprecomputed multiples of the generator
* for use with wNAF splitting as implemented in ec_wNAF_mul().
*

33
crypto/ec/ecp_nistp224.c
View file

@ -46,7 +46,8 @@ typedef int64_t s64;
/******************************************************************************/
/* INTERNAL REPRESENTATION OF FIELD ELEMENTS
/*-
* INTERNAL REPRESENTATION OF FIELD ELEMENTS
*
* Field elements are represented as a_0 + 2^56*a_1 + 2^112*a_2 + 2^168*a_3
* using 64-bit coefficients called 'limbs',
@ -94,7 +95,8 @@ static const felem_bytearray nistp224_curve_params[5] = {
0x44,0xd5,0x81,0x99,0x85,0x00,0x7e,0x34}
};
/* Precomputed multiples of the standard generator
/*-
* Precomputed multiples of the standard generator
* Points are given in coordinates (X, Y, Z) where Z normally is 1
* (0 for the point at infinity).
* For each field element, slice a_0 is word 0, etc.
@ -573,9 +575,11 @@ static void felem_reduce(felem out, const widefelem in)
/* output[3] <= 2^56 + 2^16 */
out[2] = output[2] & 0x00ffffffffffffff;
/* out[0] < 2^56, out[1] < 2^56, out[2] < 2^56,
/*-
* out[0] < 2^56, out[1] < 2^56, out[2] < 2^56,
* out[3] <= 2^56 + 2^16 (due to final carry),
* so out < 2*p */
* so out < 2*p
*/
out[3] = output[3];
}
@ -752,13 +756,15 @@ copy_conditional(felem out, const felem in, limb icopy)
*
*/
/* Double an elliptic curve point:
/*-
* Double an elliptic curve point:
* (X', Y', Z') = 2 * (X, Y, Z), where
* X' = (3 * (X - Z^2) * (X + Z^2))^2 - 8 * X * Y^2
* Y' = 3 * (X - Z^2) * (X + Z^2) * (4 * X * Y^2 - X') - 8 * Y^2
* Z' = (Y + Z)^2 - Y^2 - Z^2 = 2 * Y * Z
* Outputs can equal corresponding inputs, i.e., x_out == x_in is allowed,
* while x_out == y_in is not (maybe this works, but it's not tested). */
* while x_out == y_in is not (maybe this works, but it's not tested).
*/
static void
point_double(felem x_out, felem y_out, felem z_out,
const felem x_in, const felem y_in, const felem z_in)
@ -830,7 +836,8 @@ point_double(felem x_out, felem y_out, felem z_out,
felem_reduce(y_out, tmp);
}
/* Add two elliptic curve points:
/*-
* Add two elliptic curve points:
* (X_1, Y_1, Z_1) + (X_2, Y_2, Z_2) = (X_3, Y_3, Z_3), where
* X_3 = (Z_1^3 * Y_2 - Z_2^3 * Y_1)^2 - (Z_1^2 * X_2 - Z_2^2 * X_1)^3 -
* 2 * Z_2^2 * X_1 * (Z_1^2 * X_2 - Z_2^2 * X_1)^2
@ -968,8 +975,10 @@ static void point_add(felem x3, felem y3, felem z3,
felem_scalar(ftmp5, 2);
/* ftmp5[i] < 2 * 2^57 = 2^58 */
/* x_out = (z1^3*y2 - z2^3*y1)^2 - (z1^2*x2 - z2^2*x1)^3 -
2*z2^2*x1*(z1^2*x2 - z2^2*x1)^2 */
/*-
* x_out = (z1^3*y2 - z2^3*y1)^2 - (z1^2*x2 - z2^2*x1)^3 -
* 2*z2^2*x1*(z1^2*x2 - z2^2*x1)^2
*/
felem_diff_128_64(tmp2, ftmp5);
/* tmp2[i] < 2^117 + 2^64 + 8 < 2^118 */
felem_reduce(x_out, tmp2);
@ -982,8 +991,10 @@ static void point_add(felem x3, felem y3, felem z3,
felem_mul(tmp2, ftmp3, ftmp2);
/* tmp2[i] < 4 * 2^57 * 2^59 = 2^118 */
/* y_out = (z1^3*y2 - z2^3*y1)*(z2^2*x1*(z1^2*x2 - z2^2*x1)^2 - x_out) -
z2^3*y1*(z1^2*x2 - z2^2*x1)^3 */
/*-
* y_out = (z1^3*y2 - z2^3*y1)*(z2^2*x1*(z1^2*x2 - z2^2*x1)^2 - x_out) -
* z2^3*y1*(z1^2*x2 - z2^2*x1)^3
*/
widefelem_diff(tmp2, tmp);
/* tmp2[i] < 2^118 + 2^120 < 2^121 */
felem_reduce(y_out, tmp2);

75
crypto/ec/ecp_nistp256.c
View file

@ -79,7 +79,8 @@ static const felem_bytearray nistp256_curve_params[5] = {
0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5}
};
/* The representation of field elements.
/*-
* The representation of field elements.
* ------------------------------------
*
* We represent field elements with either four 128-bit values, eight 128-bit
@ -248,7 +249,8 @@ static void longfelem_scalar(longfelem out, const u64 scalar)
/* zero105 is 0 mod p */
static const felem zero105 = { two105m41m9, two105, two105m41p9, two105m41p9 };
/* smallfelem_neg sets |out| to |-small|
/*-
* smallfelem_neg sets |out| to |-small|
* On exit:
* out[i] < out[i] + 2^105
*/
@ -261,7 +263,8 @@ static void smallfelem_neg(felem out, const smallfelem small)
out[3] = zero105[3] - small[3];
}
/* felem_diff subtracts |in| from |out|
/*-
* felem_diff subtracts |in| from |out|
* On entry:
* in[i] < 2^104
* On exit:
@ -288,7 +291,8 @@ static void felem_diff(felem out, const felem in)
/* zero107 is 0 mod p */
static const felem zero107 = { two107m43m11, two107, two107m43p11, two107m43p11 };
/* An alternative felem_diff for larger inputs |in|
/*-
* An alternative felem_diff for larger inputs |in|
* felem_diff_zero107 subtracts |in| from |out|
* On entry:
* in[i] < 2^106
@ -309,7 +313,8 @@ static void felem_diff_zero107(felem out, const felem in)
out[3] -= in[3];
}
/* longfelem_diff subtracts |in| from |out|
/*-
* longfelem_diff subtracts |in| from |out|
* On entry:
* in[i] < 7*2^67
* On exit:
@ -352,7 +357,8 @@ static void longfelem_diff(longfelem out, const longfelem in)
/* zero110 is 0 mod p */
static const felem zero110 = { two64m0, two110p32m0, two64m46, two64m32 };
/* felem_shrink converts an felem into a smallfelem. The result isn't quite
/*-
* felem_shrink converts an felem into a smallfelem. The result isn't quite
* minimal as the value may be greater than p.
*
* On entry:
@ -404,12 +410,14 @@ static void felem_shrink(smallfelem out, const felem in)
/* As tmp[3] < 2^65, high is either 1 or 0 */
high <<= 63;
high >>= 63;
/* high is:
/*-
* high is:
* all ones if the high word of tmp[3] is 1
* all zeros if the high word of tmp[3] if 0 */
low = tmp[3];
mask = low >> 63;
/* mask is:
/*-
* mask is:
* all ones if the MSB of low is 1
* all zeros if the MSB of low if 0 */
low &= bottom63bits;
@ -417,7 +425,8 @@ static void felem_shrink(smallfelem out, const felem in)
/* if low was greater than kPrime3Test then the MSB is zero */
low = ~low;
low >>= 63;
/* low is:
/*-
* low is:
* all ones if low was > kPrime3Test
* all zeros if low was <= kPrime3Test */
mask = (mask & low) | high;
@ -447,7 +456,8 @@ static void smallfelem_expand(felem out, const smallfelem in)
out[3] = in[3];
}
/* smallfelem_square sets |out| = |small|^2
/*-
* smallfelem_square sets |out| = |small|^2
* On entry:
* small[i] < 2^64
* On exit:
@ -525,7 +535,8 @@ static void smallfelem_square(longfelem out, const smallfelem small)
out[7] = high;
}
/* felem_square sets |out| = |in|^2
/*-
* felem_square sets |out| = |in|^2
* On entry:
* in[i] < 2^109
* On exit:
@ -538,7 +549,8 @@ static void felem_square(longfelem out, const felem in)
smallfelem_square(out, small);
}
/* smallfelem_mul sets |out| = |small1| * |small2|
/*-
* smallfelem_mul sets |out| = |small1| * |small2|
* On entry:
* small1[i] < 2^64
* small2[i] < 2^64
@ -653,7 +665,8 @@ static void smallfelem_mul(longfelem out, const smallfelem small1, const smallfe
out[7] = high;
}
/* felem_mul sets |out| = |in1| * |in2|
/*-
* felem_mul sets |out| = |in1| * |in2|
* On entry:
* in1[i] < 2^109
* in2[i] < 2^109
@ -668,7 +681,8 @@ static void felem_mul(longfelem out, const felem in1, const felem in2)
smallfelem_mul(out, small1, small2);
}
/* felem_small_mul sets |out| = |small1| * |in2|
/*-
* felem_small_mul sets |out| = |small1| * |in2|
* On entry:
* small1[i] < 2^64
* in2[i] < 2^109
@ -688,7 +702,8 @@ static void felem_small_mul(longfelem out, const smallfelem small1, const felem
/* zero100 is 0 mod p */
static const felem zero100 = { two100m36m4, two100, two100m36p4, two100m36p4 };
/* Internal function for the different flavours of felem_reduce.
/*-
* Internal function for the different flavours of felem_reduce.
* felem_reduce_ reduces the higher coefficients in[4]-in[7].
* On entry:
* out[0] >= in[6] + 2^32*in[6] + in[7] + 2^32*in[7]
@ -735,7 +750,8 @@ static void felem_reduce_(felem out, const longfelem in)
out[3] += (in[7] * 3);
}
/* felem_reduce converts a longfelem into an felem.
/*-
* felem_reduce converts a longfelem into an felem.
* To be called directly after felem_square or felem_mul.
* On entry:
* in[0] < 2^64, in[1] < 3*2^64, in[2] < 5*2^64, in[3] < 7*2^64
@ -752,7 +768,8 @@ static void felem_reduce(felem out, const longfelem in)
felem_reduce_(out, in);
/* out[0] > 2^100 - 2^36 - 2^4 - 3*2^64 - 3*2^96 - 2^64 - 2^96 > 0
/*-
* out[0] > 2^100 - 2^36 - 2^4 - 3*2^64 - 3*2^96 - 2^64 - 2^96 > 0
* out[1] > 2^100 - 2^64 - 7*2^96 > 0
* out[2] > 2^100 - 2^36 + 2^4 - 5*2^64 - 5*2^96 > 0
* out[3] > 2^100 - 2^36 + 2^4 - 7*2^64 - 5*2^96 - 3*2^96 > 0
@ -764,7 +781,8 @@ static void felem_reduce(felem out, const longfelem in)
*/
}
/* felem_reduce_zero105 converts a larger longfelem into an felem.
/*-
* felem_reduce_zero105 converts a larger longfelem into an felem.
* On entry:
* in[0] < 2^71
* On exit:
@ -779,7 +797,8 @@ static void felem_reduce_zero105(felem out, const longfelem in)
felem_reduce_(out, in);
/* out[0] > 2^105 - 2^41 - 2^9 - 2^71 - 2^103 - 2^71 - 2^103 > 0
/*-
* out[0] > 2^105 - 2^41 - 2^9 - 2^71 - 2^103 - 2^71 - 2^103 > 0
* out[1] > 2^105 - 2^71 - 2^103 > 0
* out[2] > 2^105 - 2^41 + 2^9 - 2^71 - 2^103 > 0
* out[3] > 2^105 - 2^41 + 2^9 - 2^71 - 2^103 - 2^103 > 0
@ -881,7 +900,8 @@ static void smallfelem_mul_contract(smallfelem out, const smallfelem in1, const
felem_contract(out, tmp);
}
/* felem_is_zero returns a limb with all bits set if |in| == 0 (mod p) and 0
/*-
* felem_is_zero returns a limb with all bits set if |in| == 0 (mod p) and 0
* otherwise.
* On entry:
* small[i] < 2^64
@ -926,7 +946,8 @@ static int smallfelem_is_zero_int(const smallfelem small)
return (int) (smallfelem_is_zero(small) & ((limb)1));
}
/* felem_inv calculates |out| = |in|^{-1}
/*-
* felem_inv calculates |out| = |in|^{-1}
*
* Based on Fermat's Little Theorem:
* a^p = a (mod p)
@ -1005,14 +1026,16 @@ static void smallfelem_inv_contract(smallfelem out, const smallfelem in)
felem_contract(out, tmp);
}
/* Group operations
/*-
* Group operations
* ----------------
*
* Building on top of the field operations we have the operations on the
* elliptic curve group itself. Points on the curve are represented in Jacobian
* coordinates */
/* point_double calculates 2*(x_in, y_in, z_in)
/*-
* point_double calculates 2*(x_in, y_in, z_in)
*
* The method is taken from:
* http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#doubling-dbl-2001-b
@ -1140,7 +1163,8 @@ copy_small_conditional(felem out, const smallfelem in, limb mask)
}
}
/* point_add calcuates (x1, y1, z1) + (x2, y2, z2)
/*-
* point_add calcuates (x1, y1, z1) + (x2, y2, z2)
*
* The method is taken from:
* http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#addition-add-2007-bl,
@ -1329,7 +1353,8 @@ static void point_add_small(smallfelem x3, smallfelem y3, smallfelem z3,
felem_shrink(z3, felem_z3);
}
/* Base point pre computation
/*-
* Base point pre computation
* --------------------------
*
* Two different sorts of precomputed tables are used in the following code.

78
crypto/ec/ecp_nistp521.c
View file

@ -109,7 +109,8 @@ static const felem_bytearray nistp521_curve_params[5] =
0x66, 0x50}
};
/* The representation of field elements.
/*-
* The representation of field elements.
* ------------------------------------
*
* We represent field elements with nine values. These values are either 64 or
@ -291,7 +292,8 @@ static void felem_scalar128(largefelem out, limb scalar)
out[8] *= scalar;
}
/* felem_neg sets |out| to |-in|
/*-
* felem_neg sets |out| to |-in|
* On entry:
* in[i] < 2^59 + 2^14
* On exit:
@ -314,7 +316,8 @@ static void felem_neg(felem out, const felem in)
out[8] = two62m2 - in[8];
}
/* felem_diff64 subtracts |in| from |out|
/*-
* felem_diff64 subtracts |in| from |out|
* On entry:
* in[i] < 2^59 + 2^14
* On exit:
@ -337,7 +340,8 @@ static void felem_diff64(felem out, const felem in)
out[8] += two62m2 - in[8];
}
/* felem_diff_128_64 subtracts |in| from |out|
/*-
* felem_diff_128_64 subtracts |in| from |out|
* On entry:
* in[i] < 2^62 + 2^17
* On exit:
@ -360,7 +364,8 @@ static void felem_diff_128_64(largefelem out, const felem in)
out[8] += two63m5 - in[8];
}
/* felem_diff_128_64 subtracts |in| from |out|
/*-
* felem_diff_128_64 subtracts |in| from |out|
* On entry:
* in[i] < 2^126
* On exit:
@ -383,7 +388,8 @@ static void felem_diff128(largefelem out, const largefelem in)
out[8] += (two127m69 - in[8]);
}
/* felem_square sets |out| = |in|^2
/*-
* felem_square sets |out| = |in|^2
* On entry:
* in[i] < 2^62
* On exit:
@ -395,7 +401,8 @@ static void felem_square(largefelem out, const felem in)
felem_scalar(inx2, in, 2);
felem_scalar(inx4, in, 4);
/* We have many cases were we want to do
/*-
* We have many cases were we want to do
* in[x] * in[y] +
* in[y] * in[x]
* This is obviously just
@ -474,7 +481,8 @@ static void felem_square(largefelem out, const felem in)
out[7] += ((uint128_t) in[8]) * inx2[8];
}
/* felem_mul sets |out| = |in1| * |in2|
/*-
* felem_mul sets |out| = |in1| * |in2|
* On entry:
* in1[i] < 2^64
* in2[i] < 2^63
@ -589,7 +597,8 @@ static void felem_mul(largefelem out, const felem in1, const felem in2)
static const limb bottom52bits = 0xfffffffffffff;
/* felem_reduce converts a largefelem to an felem.
/*-
* felem_reduce converts a largefelem to an felem.
* On entry:
* in[i] < 2^128
* On exit:
@ -677,7 +686,8 @@ static void felem_mul_reduce(felem out, const felem in1, const felem in2)
felem_reduce(out, tmp);
}
/* felem_inv calculates |out| = |in|^{-1}
/*-
* felem_inv calculates |out| = |in|^{-1}
*
* Based on Fermat's Little Theorem:
* a^p = a (mod p)
@ -769,7 +779,8 @@ static const felem kPrime =
0x03ffffffffffffff, 0x03ffffffffffffff, 0x01ffffffffffffff
};
/* felem_is_zero returns a limb with all bits set if |in| == 0 (mod p) and 0
/*-
* felem_is_zero returns a limb with all bits set if |in| == 0 (mod p) and 0
* otherwise.
* On entry:
* in[i] < 2^59 + 2^14
@ -834,7 +845,8 @@ static int felem_is_zero_int(const felem in)
return (int) (felem_is_zero(in) & ((limb)1));
}
/* felem_contract converts |in| to its unique, minimal representation.
/*-
* felem_contract converts |in| to its unique, minimal representation.
* On entry:
* in[i] < 2^59 + 2^14
*/
@ -930,14 +942,16 @@ static void felem_contract(felem out, const felem in)
sign = -(out[7] >> 63); out[7] += (two58 & sign); out[8] -= (1 & sign);
}
/* Group operations
/*-
* Group operations
* ----------------
*
* Building on top of the field operations we have the operations on the
* elliptic curve group itself. Points on the curve are represented in Jacobian
* coordinates */
/* point_double calcuates 2*(x_in, y_in, z_in)
/*-
* point_double calcuates 2*(x_in, y_in, z_in)
*
* The method is taken from:
* http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#doubling-dbl-2001-b
@ -974,11 +988,13 @@ point_double(felem x_out, felem y_out, felem z_out,
felem_scalar64(ftmp2, 3);
/* ftmp2[i] < 3*2^60 + 3*2^15 */
felem_mul(tmp, ftmp, ftmp2);
/* tmp[i] < 17(3*2^121 + 3*2^76)
/*-
* tmp[i] < 17(3*2^121 + 3*2^76)
* = 61*2^121 + 61*2^76
* < 64*2^121 + 64*2^76
* = 2^127 + 2^82
* < 2^128 */
* < 2^128
*/
felem_reduce(alpha, tmp);
/* x' = alpha^2 - 8*beta */
@ -1011,22 +1027,30 @@ point_double(felem x_out, felem y_out, felem z_out,
felem_diff64(beta, x_out);
/* beta[i] < 2^61 + 2^60 + 2^16 */
felem_mul(tmp, alpha, beta);
/* tmp[i] < 17*((2^59 + 2^14)(2^61 + 2^60 + 2^16))
/*-
* tmp[i] < 17*((2^59 + 2^14)(2^61 + 2^60 + 2^16))
* = 17*(2^120 + 2^75 + 2^119 + 2^74 + 2^75 + 2^30)
* = 17*(2^120 + 2^119 + 2^76 + 2^74 + 2^30)
* < 2^128 */
* < 2^128
*/
felem_square(tmp2, gamma);
/* tmp2[i] < 17*(2^59 + 2^14)^2
* = 17*(2^118 + 2^74 + 2^28) */
/*-
* tmp2[i] < 17*(2^59 + 2^14)^2
* = 17*(2^118 + 2^74 + 2^28)
*/
felem_scalar128(tmp2, 8);
/* tmp2[i] < 8*17*(2^118 + 2^74 + 2^28)
/*-
* tmp2[i] < 8*17*(2^118 + 2^74 + 2^28)
* = 2^125 + 2^121 + 2^81 + 2^77 + 2^35 + 2^31
* < 2^126 */
* < 2^126
*/
felem_diff128(tmp, tmp2);
/* tmp[i] < 2^127 - 2^69 + 17(2^120 + 2^119 + 2^76 + 2^74 + 2^30)
/*-
* tmp[i] < 2^127 - 2^69 + 17(2^120 + 2^119 + 2^76 + 2^74 + 2^30)
* = 2^127 + 2^124 + 2^122 + 2^120 + 2^118 + 2^80 + 2^78 + 2^76 +
* 2^74 + 2^69 + 2^34 + 2^30
* < 2^128 */
* < 2^128
*/
felem_reduce(y_out, tmp);
}
@ -1042,7 +1066,8 @@ copy_conditional(felem out, const felem in, limb mask)
}
}
/* point_add calcuates (x1, y1, z1) + (x2, y2, z2)
/*-
* point_add calcuates (x1, y1, z1) + (x2, y2, z2)
*
* The method is taken from
* http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#addition-add-2007-bl,
@ -1205,7 +1230,8 @@ static void point_add(felem x3, felem y3, felem z3,
felem_assign(z3, z_out);
}
/* Base point pre computation
/*-
* Base point pre computation
* --------------------------
*
* Two different sorts of precomputed tables are used in the following code.

2
crypto/ec/ecp_nistputil.c
View file

@ -107,7 +107,7 @@ void ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array,
}
}
/*
/*-
* This function looks at 5+1 scalar bits (5 current, 1 adjacent less
* significant bit), and recodes them into a signed digit for use in fast point
* multiplication: the use of signed rather than unsigned digits means that

12
crypto/ec/ecp_smpl.c
View file

@ -320,9 +320,11 @@ int ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
if (!BN_copy(b, group->b)) goto err;
}
/* check the discriminant:
/*-
* check the discriminant:
* y^2 = x^3 + a*x + b is an elliptic curve <=> 4*a^3 + 27*b^2 != 0 (mod p)
* 0 =< a, b < p */
* 0 =< a, b < p
*/
if (BN_is_zero(a))
{
if (BN_is_zero(b)) goto err;
@ -975,7 +977,8 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_C
Z6 = BN_CTX_get(ctx);
if (Z6 == NULL) goto err;
/* We have a curve defined by a Weierstrass equation
/*-
* We have a curve defined by a Weierstrass equation
* y^2 = x^3 + a*x + b.
* The point to consider is given in Jacobian projective coordinates
* where (X, Y, Z) represents (x, y) = (X/Z^2, Y/Z^3).
@ -1081,7 +1084,8 @@ int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *
Zb23 = BN_CTX_get(ctx);
if (Zb23 == NULL) goto end;
/* We have to decide whether
/*-
* We have to decide whether
* (X_a/Z_a^2, Y_a/Z_a^3) = (X_b/Z_b^2, Y_b/Z_b^3),
* or equivalently, whether
* (X_a*Z_b^2, Y_a*Z_b^3) = (X_b*Z_a^2, Y_b*Z_a^3).

6
crypto/ecdsa/ecs_vrf.c
View file

@ -61,7 +61,8 @@
#include <openssl/engine.h>
#endif
/* returns
/*-
* returns
* 1: correct signature
* 0: incorrect signature
* -1: error
@ -75,7 +76,8 @@ int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
return ecdsa->meth->ecdsa_do_verify(dgst, dgst_len, sig, eckey);
}
/* returns
/*-
* returns
* 1: correct signature
* 0: incorrect signature
* -1: error

2
crypto/engine/eng_all.c
View file

@ -82,7 +82,7 @@ void ENGINE_load_builtin_engines(void)
#ifndef OPENSSL_NO_HW_4758_CCA
ENGINE_load_4758cca();
#endif
/*
/*-
* These engines have been disabled as they do not currently build
#ifndef OPENSSL_NO_HW_AEP
ENGINE_load_aep();

8
crypto/engine/engine.h
View file

@ -291,7 +291,8 @@ typedef EVP_PKEY * (*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *,
typedef int (*ENGINE_SSL_CLIENT_CERT_PTR)(ENGINE *, SSL *ssl,
STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **pkey,
STACK_OF(X509) **pother, UI_METHOD *ui_method, void *callback_data);
/* These callback types are for an ENGINE's handler for cipher and digest logic.
/*-
* These callback types are for an ENGINE's handler for cipher and digest logic.
* These handlers have these prototypes;
* int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);
* int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid);
@ -359,13 +360,14 @@ void ENGINE_load_builtin_engines(void);
unsigned int ENGINE_get_table_flags(void);
void ENGINE_set_table_flags(unsigned int flags);
/* Manage registration of ENGINEs per "table". For each type, there are 3
/*- Manage registration of ENGINEs per "table". For each type, there are 3
* functions;
* ENGINE_register_***(e) - registers the implementation from 'e' (if it has one)
* ENGINE_unregister_***(e) - unregister the implementation from 'e'
* ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list
* Cleanup is automatically registered from each table when required, so
* ENGINE_cleanup() will reverse any "register" operations. */
* ENGINE_cleanup() will reverse any "register" operations.
*/
int ENGINE_register_RSA(ENGINE *e);
void ENGINE_unregister_RSA(ENGINE *e);

2
crypto/evp/bio_enc.c
View file

@ -396,7 +396,7 @@ static long enc_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
return(ret);
}
/*
/*-
void BIO_set_cipher_ctx(b,c)
BIO *b;
EVP_CIPHER_ctx *c;

2
crypto/evp/bio_md.c
View file

@ -264,7 +264,7 @@ static int md_gets(BIO *bp, char *buf, int size)
return((int)ret);
}
/*
/*-
static int md_puts(bp,str)
BIO *bp;
char *str;

2
crypto/evp/bio_ok.c
View file

@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/*
/*-
From: Arne Ansper <arne@cyber.ee>
Why BIO_f_reliable?

9
crypto/evp/encode.c
View file

@ -74,7 +74,8 @@
#define conv_ascii2bin(a) (data_ascii2bin[os_toascii[a]&0x7f])
#endif
/* 64 char lines
/*-
* 64 char lines
* pad input with 0
* left over chars are set to =
* 1 byte => xx==
@ -88,7 +89,8 @@
static const unsigned char data_bin2ascii[65]="ABCDEFGHIJKLMNOPQRSTUVWXYZ\
abcdefghijklmnopqrstuvwxyz0123456789+/";
/* 0xF0 is a EOLN
/*-
* 0xF0 is a EOLN
* 0xF1 is ignore but next needs to be 0xF0 (for \r\n processing).
* 0xF2 is EOF
* 0xE0 is ignore at start of line.
@ -228,7 +230,8 @@ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx)
ctx->expect_nl=0;
}
/* -1 for error
/*-
* -1 for error
* 0 for last line
* 1 for full line
*/

2
crypto/evp/evp.h
View file

@ -75,7 +75,7 @@
#include <openssl/bio.h>
#endif
/*
/*-
#define EVP_RC2_KEY_SIZE 16
#define EVP_RC4_KEY_SIZE 16
#define EVP_BLOWFISH_KEY_SIZE 16

2
crypto/evp/evp_locl.h
View file

@ -185,7 +185,7 @@ BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \
init_key, cleanup, set_asn1, get_asn1, ctrl)
/*
/*-
#define BLOCK_CIPHER_defs(cname, kstruct, \
nid, block_size, key_len, iv_len, flags,\
init_key, cleanup, set_asn1, get_asn1, ctrl)\

2
crypto/evp/p_seal.c
View file

@ -94,7 +94,7 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek
return(npubk);
}
/* MACRO
/*- MACRO
void EVP_SealUpdate(ctx,out,outl,in,inl)
EVP_CIPHER_CTX *ctx;
unsigned char *out;

2
crypto/idea/ideatest.c
View file

@ -100,7 +100,7 @@ static unsigned char cfb_cipher64[CFB_TEST_SIZE]={
0x2C,0x17,0x25,0xD0,0x1A,0x38,0xB7,0x2A,
0x39,0x61,0x37,0xDC,0x79,0xFB,0x9F,0x45
/* 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
/*- 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
};

8
crypto/jpake/jpake.c
View file

@ -370,7 +370,7 @@ int JPAKE_STEP2_generate(JPAKE_STEP2 *send, JPAKE_CTX *ctx)
BIGNUM *t1 = BN_new();
BIGNUM *t2 = BN_new();
/*
/*-
* X = g^{(xa + xc + xd) * xb * s}
* t1 = g^xa
*/
@ -382,7 +382,7 @@ int JPAKE_STEP2_generate(JPAKE_STEP2 *send, JPAKE_CTX *ctx)
/* t2 = xb * s */
BN_mod_mul(t2, ctx->xb, ctx->secret, ctx->p.q, ctx->ctx);
/*
/*-
* ZKP(xb * s)
* XXX: this is kinda funky, because we're using
*
@ -407,7 +407,7 @@ static int compute_key(JPAKE_CTX *ctx, const BIGNUM *gx)
BIGNUM *t2 = BN_new();
BIGNUM *t3 = BN_new();
/*
/*-
* K = (gx/g^{xb * xd * s})^{xb}
* = (g^{(xc + xa + xb) * xd * s - xb * xd *s})^{xb}
* = (g^{(xa + xc) * xd * s})^{xb}
@ -440,7 +440,7 @@ int JPAKE_STEP2_process(JPAKE_CTX *ctx, const JPAKE_STEP2 *received)
BIGNUM *t2 = BN_new();
int ret = 0;
/*
/*-
* g' = g^{xc + xa + xb} [from our POV]
* t1 = xa + xb
*/

4
crypto/jpake/jpaketest.c
View file

@ -128,12 +128,12 @@ int main(int argc, char **argv)
ERR_load_crypto_strings();
/*
/*-
BN_hex2bn(&p, "fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b76b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7");
BN_hex2bn(&g, "f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d0782675159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e13c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243bcca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a");
BN_hex2bn(&q, "9760508f15230bccb292b982a2eb840bf0581cf5");
*/
/*
/*-
p = BN_new();
BN_generate_prime(p, 1024, 1, NULL, NULL, NULL, NULL);
*/

134
crypto/krb5/krb5_asn.h
View file

@ -71,14 +71,14 @@ extern "C" {
/* ASN.1 from Kerberos RFC 1510
*/
*/
/* EncryptedData ::= SEQUENCE {
** etype[0] INTEGER, -- EncryptionType
** kvno[1] INTEGER OPTIONAL,
** cipher[2] OCTET STRING -- ciphertext
** }
*/
/*- EncryptedData ::= SEQUENCE {
* etype[0] INTEGER, -- EncryptionType
* kvno[1] INTEGER OPTIONAL,
* cipher[2] OCTET STRING -- ciphertext
* }
*/
typedef struct krb5_encdata_st
{
ASN1_INTEGER *etype;
@ -88,11 +88,11 @@ typedef struct krb5_encdata_st
DECLARE_STACK_OF(KRB5_ENCDATA)
/* PrincipalName ::= SEQUENCE {
** name-type[0] INTEGER,
** name-string[1] SEQUENCE OF GeneralString
** }
*/
/*- PrincipalName ::= SEQUENCE {
* name-type[0] INTEGER,
* name-string[1] SEQUENCE OF GeneralString
* }
*/
typedef struct krb5_princname_st
{
ASN1_INTEGER *nametype;
@ -102,13 +102,13 @@ typedef struct krb5_princname_st
DECLARE_STACK_OF(KRB5_PRINCNAME)
/* Ticket ::= [APPLICATION 1] SEQUENCE {
** tkt-vno[0] INTEGER,
** realm[1] Realm,
** sname[2] PrincipalName,
** enc-part[3] EncryptedData
** }
*/
/*- Ticket ::= [APPLICATION 1] SEQUENCE {
* tkt-vno[0] INTEGER,
* realm[1] Realm,
* sname[2] PrincipalName,
* enc-part[3] EncryptedData
* }
*/
typedef struct krb5_tktbody_st
{
ASN1_INTEGER *tktvno;
@ -121,17 +121,17 @@ typedef STACK_OF(KRB5_TKTBODY) KRB5_TICKET;
DECLARE_STACK_OF(KRB5_TKTBODY)
/* AP-REQ ::= [APPLICATION 14] SEQUENCE {
** pvno[0] INTEGER,
** msg-type[1] INTEGER,
** ap-options[2] APOptions,
** ticket[3] Ticket,
** authenticator[4] EncryptedData
** }
**
** APOptions ::= BIT STRING {
** reserved(0), use-session-key(1), mutual-required(2) }
*/
/*- AP-REQ ::= [APPLICATION 14] SEQUENCE {
* pvno[0] INTEGER,
* msg-type[1] INTEGER,
* ap-options[2] APOptions,
* ticket[3] Ticket,
* authenticator[4] EncryptedData
* }
*
* APOptions ::= BIT STRING {
* reserved(0), use-session-key(1), mutual-required(2) }
*/
typedef struct krb5_ap_req_st
{
ASN1_INTEGER *pvno;
@ -148,11 +148,11 @@ DECLARE_STACK_OF(KRB5_APREQBODY)
/* Authenticator Stuff */
/* Checksum ::= SEQUENCE {
** cksumtype[0] INTEGER,
** checksum[1] OCTET STRING
** }
*/
/*- Checksum ::= SEQUENCE {
* cksumtype[0] INTEGER,
* checksum[1] OCTET STRING
* }
*/
typedef struct krb5_checksum_st
{
ASN1_INTEGER *ctype;
@ -162,11 +162,11 @@ typedef struct krb5_checksum_st
DECLARE_STACK_OF(KRB5_CHECKSUM)
/* EncryptionKey ::= SEQUENCE {
** keytype[0] INTEGER,
** keyvalue[1] OCTET STRING
** }
*/
/*- EncryptionKey ::= SEQUENCE {
* keytype[0] INTEGER,
* keyvalue[1] OCTET STRING
* }
*/
typedef struct krb5_encryptionkey_st
{
ASN1_INTEGER *ktype;
@ -176,11 +176,11 @@ typedef struct krb5_encryptionkey_st
DECLARE_STACK_OF(KRB5_ENCKEY)
/* AuthorizationData ::= SEQUENCE OF SEQUENCE {
** ad-type[0] INTEGER,
** ad-data[1] OCTET STRING
** }
*/
/*- AuthorizationData ::= SEQUENCE OF SEQUENCE {
* ad-type[0] INTEGER,
* ad-data[1] OCTET STRING
* }
*/
typedef struct krb5_authorization_st
{
ASN1_INTEGER *adtype;
@ -190,19 +190,19 @@ typedef struct krb5_authorization_st
DECLARE_STACK_OF(KRB5_AUTHDATA)
/* -- Unencrypted authenticator
** Authenticator ::= [APPLICATION 2] SEQUENCE {
** authenticator-vno[0] INTEGER,
** crealm[1] Realm,
** cname[2] PrincipalName,
** cksum[3] Checksum OPTIONAL,
** cusec[4] INTEGER,
** ctime[5] KerberosTime,
** subkey[6] EncryptionKey OPTIONAL,
** seq-number[7] INTEGER OPTIONAL,
** authorization-data[8] AuthorizationData OPTIONAL
** }
*/
/*- -- Unencrypted authenticator
* Authenticator ::= [APPLICATION 2] SEQUENCE {
* authenticator-vno[0] INTEGER,
* crealm[1] Realm,
* cname[2] PrincipalName,
* cksum[3] Checksum OPTIONAL,
* cusec[4] INTEGER,
* ctime[5] KerberosTime,
* subkey[6] EncryptionKey OPTIONAL,
* seq-number[7] INTEGER OPTIONAL,
* authorization-data[8] AuthorizationData OPTIONAL
* }
*/
typedef struct krb5_authenticator_st
{
ASN1_INTEGER *avno;
@ -220,15 +220,15 @@ typedef STACK_OF(KRB5_AUTHENTBODY) KRB5_AUTHENT;
DECLARE_STACK_OF(KRB5_AUTHENTBODY)
/* DECLARE_ASN1_FUNCTIONS(type) = DECLARE_ASN1_FUNCTIONS_name(type, type) =
** type *name##_new(void);
** void name##_free(type *a);
** DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) =
** DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) =
** type *d2i_##name(type **a, const unsigned char **in, long len);
** int i2d_##name(type *a, unsigned char **out);
** DECLARE_ASN1_ITEM(itname) = OPENSSL_EXTERN const ASN1_ITEM itname##_it
*/
/*- DECLARE_ASN1_FUNCTIONS(type) = DECLARE_ASN1_FUNCTIONS_name(type, type) =
* type *name##_new(void);
* void name##_free(type *a);
* DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) =
* DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) =
* type *d2i_##name(type **a, const unsigned char **in, long len);
* int i2d_##name(type *a, unsigned char **out);
* DECLARE_ASN1_ITEM(itname) = OPENSSL_EXTERN const ASN1_ITEM itname##_it
*/
DECLARE_ASN1_FUNCTIONS(KRB5_ENCDATA)
DECLARE_ASN1_FUNCTIONS(KRB5_PRINCNAME)

3
crypto/lhash/lhash.c
View file

@ -56,7 +56,8 @@
* [including the GNU Public Licence.]
*/
/* Code for dynamic hash table routines
/*-
* Code for dynamic hash table routines
* Author - Eric Young v 2.0
*
* 2.2 eay - added #include "crypto.h" so the memory leak checking code is

2
crypto/md32_common.h
View file

@ -49,7 +49,7 @@
*
*/
/*
/*-
* This is a generic 32 bit "collector" for message digest algorithms.
* Whenever needed it collects input character stream into chunks of
* 32 bit values and invokes a block function that performs actual hash

2
crypto/md4/md4.h
View file

@ -70,7 +70,7 @@ extern "C" {
#error MD4 is disabled.
#endif
/*
/*-
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
* ! MD4_LONG has to be at least 32 bits wide. If it's wider, then !
* ! MD4_LONG_LOG2 has to be defined along. !

2
crypto/modes/gcm128.c
View file

@ -82,7 +82,7 @@
} \
} while(0)
/*
/*-
* Even though permitted values for TABLE_BITS are 8, 4 and 1, it should
* never be set to 8. 8 is effectively reserved for testing purposes.
* TABLE_BITS>1 are lookup-table-driven implementations referred to as

3
crypto/o_time.c
View file

@ -148,7 +148,8 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
/* Since there was no gmtime_r() to do this stuff for us,
we have to do it the hard way. */
{
/* The VMS epoch is the astronomical Smithsonian date,
/*-
* The VMS epoch is the astronomical Smithsonian date,
if I remember correctly, which is November 17, 1858.
Furthermore, time is measure in thenths of microseconds
and stored in quadwords (64 bit integers). unix_epoch

5
crypto/objects/objects.h
View file

@ -639,7 +639,8 @@
#define NID_ripemd160WithRSA 119
#define OBJ_ripemd160WithRSA 1L,3L,36L,3L,3L,1L,2L
/* Taken from rfc2040
/*-
* Taken from rfc2040
* RC5_CBC_Parameters ::= SEQUENCE {
* version INTEGER (v1_0(16)),
* rounds INTEGER (8..127),
@ -1028,7 +1029,7 @@ const void * OBJ_bsearch_ex_(const void *key,const void *base,int num,
#define DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm) \
type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num)
/*
/*-
* Unsolved problem: if a type is actually a pointer type, like
* nid_triple is, then its impossible to get a const where you need
* it. Consider:

38
crypto/ocsp/ocsp.h
View file

@ -90,7 +90,7 @@ extern "C" {
#define OCSP_RESPID_KEY 0x400
#define OCSP_NOTIME 0x800
/* CertID ::= SEQUENCE {
/*- CertID ::= SEQUENCE {
* hashAlgorithm AlgorithmIdentifier,
* issuerNameHash OCTET STRING, -- Hash of Issuer's DN
* issuerKeyHash OCTET STRING, -- Hash of Issuers public key (excluding the tag & length fields)
@ -106,7 +106,7 @@ typedef struct ocsp_cert_id_st
DECLARE_STACK_OF(OCSP_CERTID)
/* Request ::= SEQUENCE {
/*- Request ::= SEQUENCE {
* reqCert CertID,
* singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL }
*/
@ -120,7 +120,7 @@ DECLARE_STACK_OF(OCSP_ONEREQ)
DECLARE_ASN1_SET_OF(OCSP_ONEREQ)
/* TBSRequest ::= SEQUENCE {
/*- TBSRequest ::= SEQUENCE {
* version [0] EXPLICIT Version DEFAULT v1,
* requestorName [1] EXPLICIT GeneralName OPTIONAL,
* requestList SEQUENCE OF Request,
@ -134,7 +134,7 @@ typedef struct ocsp_req_info_st
STACK_OF(X509_EXTENSION) *requestExtensions;
} OCSP_REQINFO;
/* Signature ::= SEQUENCE {
/*- Signature ::= SEQUENCE {
* signatureAlgorithm AlgorithmIdentifier,
* signature BIT STRING,
* certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
@ -146,7 +146,7 @@ typedef struct ocsp_signature_st
STACK_OF(X509) *certs;
} OCSP_SIGNATURE;
/* OCSPRequest ::= SEQUENCE {
/*- OCSPRequest ::= SEQUENCE {
* tbsRequest TBSRequest,
* optionalSignature [0] EXPLICIT Signature OPTIONAL }
*/
@ -156,7 +156,7 @@ typedef struct ocsp_request_st
OCSP_SIGNATURE *optionalSignature; /* OPTIONAL */
} OCSP_REQUEST;
/* OCSPResponseStatus ::= ENUMERATED {
/*- OCSPResponseStatus ::= ENUMERATED {
* successful (0), --Response has valid confirmations
* malformedRequest (1), --Illegal confirmation request
* internalError (2), --Internal error in issuer
@ -173,7 +173,7 @@ typedef struct ocsp_request_st
#define OCSP_RESPONSE_STATUS_SIGREQUIRED 5
#define OCSP_RESPONSE_STATUS_UNAUTHORIZED 6
/* ResponseBytes ::= SEQUENCE {
/*- ResponseBytes ::= SEQUENCE {
* responseType OBJECT IDENTIFIER,
* response OCTET STRING }
*/
@ -183,7 +183,7 @@ typedef struct ocsp_resp_bytes_st
ASN1_OCTET_STRING *response;
} OCSP_RESPBYTES;
/* OCSPResponse ::= SEQUENCE {
/*- OCSPResponse ::= SEQUENCE {
* responseStatus OCSPResponseStatus,
* responseBytes [0] EXPLICIT ResponseBytes OPTIONAL }
*/
@ -193,7 +193,7 @@ struct ocsp_response_st
OCSP_RESPBYTES *responseBytes;
};
/* ResponderID ::= CHOICE {
/*- ResponderID ::= CHOICE {
* byName [1] Name,
* byKey [2] KeyHash }
*/
@ -211,11 +211,11 @@ struct ocsp_responder_id_st
DECLARE_STACK_OF(OCSP_RESPID)
DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
/* KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key
/*- KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key
* --(excluding the tag and length fields)
*/
/* RevokedInfo ::= SEQUENCE {
/*- RevokedInfo ::= SEQUENCE {
* revocationTime GeneralizedTime,
* revocationReason [0] EXPLICIT CRLReason OPTIONAL }
*/
@ -225,7 +225,7 @@ typedef struct ocsp_revoked_info_st
ASN1_ENUMERATED *revocationReason;
} OCSP_REVOKEDINFO;
/* CertStatus ::= CHOICE {
/*- CertStatus ::= CHOICE {
* good [0] IMPLICIT NULL,
* revoked [1] IMPLICIT RevokedInfo,
* unknown [2] IMPLICIT UnknownInfo }
@ -243,7 +243,7 @@ typedef struct ocsp_cert_status_st
} value;
} OCSP_CERTSTATUS;
/* SingleResponse ::= SEQUENCE {
/*- SingleResponse ::= SEQUENCE {
* certID CertID,
* certStatus CertStatus,
* thisUpdate GeneralizedTime,
@ -262,7 +262,7 @@ typedef struct ocsp_single_response_st
DECLARE_STACK_OF(OCSP_SINGLERESP)
DECLARE_ASN1_SET_OF(OCSP_SINGLERESP)
/* ResponseData ::= SEQUENCE {
/*- ResponseData ::= SEQUENCE {
* version [0] EXPLICIT Version DEFAULT v1,
* responderID ResponderID,
* producedAt GeneralizedTime,
@ -278,7 +278,7 @@ typedef struct ocsp_response_data_st
STACK_OF(X509_EXTENSION) *responseExtensions;
} OCSP_RESPDATA;
/* BasicOCSPResponse ::= SEQUENCE {
/*- BasicOCSPResponse ::= SEQUENCE {
* tbsResponseData ResponseData,
* signatureAlgorithm AlgorithmIdentifier,
* signature BIT STRING,
@ -308,7 +308,7 @@ typedef struct ocsp_basic_response_st
STACK_OF(X509) *certs;
} OCSP_BASICRESP;
/*
/*-
* CRLReason ::= ENUMERATED {
* unspecified (0),
* keyCompromise (1),
@ -329,7 +329,8 @@ typedef struct ocsp_basic_response_st
#define OCSP_REVOKED_STATUS_CERTIFICATEHOLD 6
#define OCSP_REVOKED_STATUS_REMOVEFROMCRL 8
/* CrlID ::= SEQUENCE {
/*-
* CrlID ::= SEQUENCE {
* crlUrl [0] EXPLICIT IA5String OPTIONAL,
* crlNum [1] EXPLICIT INTEGER OPTIONAL,
* crlTime [2] EXPLICIT GeneralizedTime OPTIONAL }
@ -341,7 +342,8 @@ typedef struct ocsp_crl_id_st
ASN1_GENERALIZEDTIME *crlTime;
} OCSP_CRLID;
/* ServiceLocator ::= SEQUENCE {
/*-
* ServiceLocator ::= SEQUENCE {
* issuer Name,
* locator AuthorityInfoAccessSyntax OPTIONAL }
*/

6
crypto/opensslv.h
View file

@ -5,7 +5,8 @@
extern "C" {
#endif
/* Numeric release version identifier:
/*-
* Numeric release version identifier:
* MNNFFPPS: major minor fix patch status
* The status nibble has one of the values 0 for development, 1 to e for betas
* 1 to 14, and f for release. The patch level is exactly that.
@ -38,7 +39,8 @@ extern "C" {
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
/* The macros below are to be used for shared library (.so, .dll, ...)
/*-
* The macros below are to be used for shared library (.so, .dll, ...)
* versioning. That kind of versioning works a bit differently between
* operating systems. The most usual scheme is to set a major and a minor
* number, and have the runtime loader check that the major number is equal

2
crypto/pkcs7/pkcs7.h
View file

@ -76,7 +76,7 @@ extern "C" {
#undef PKCS7_SIGNER_INFO
#endif
/*
/*-
Encryption_ID DES-CBC
Digest_ID MD5
Digest_Encryption_ID rsaEncryption

2
crypto/rand/rand_egd.c
View file

@ -58,7 +58,7 @@
#include <openssl/rand.h>
#include <openssl/buffer.h>
/*
/*-
* Query the EGD <URL: http://www.lothar.com/tech/crypto/>.
*
* This module supplies three routines:

2
crypto/rc2/rc2test.c
View file

@ -129,7 +129,7 @@ static unsigned char cfb_cipher64[CFB_TEST_SIZE]={
0x2C,0x17,0x25,0xD0,0x1A,0x38,0xB7,0x2A,
0x39,0x61,0x37,0xDC,0x79,0xFB,0x9F,0x45
/* 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
/*- 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
};

4
crypto/rc4/rc4_enc.c
View file

@ -79,7 +79,7 @@ void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
d=key->data;
#if defined(RC4_CHUNK) && !defined(PEDANTIC)
/*
/*-
* The original reason for implementing this(*) was the fact that
* pre-21164a Alpha CPUs don't have byte load/store instructions
* and e.g. a byte store has to be done with 64-bit load, shift,
@ -126,7 +126,7 @@ void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
RC4_CHUNK ichunk,otp;
const union { long one; char little; } is_endian = {1};
/*
/*-
* I reckon we can afford to implement both endian
* cases and to decide which way to take at run-time
* because the machine code appears to be very compact

4
crypto/rsa/rsa_pss.c
View file

@ -98,7 +98,7 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
hLen = M_EVP_MD_size(Hash);
if (hLen < 0)
goto err;
/*
/*-
* Negative sLen has special meanings:
* -1 sLen == hLen
* -2 salt length is autorecovered from signature
@ -210,7 +210,7 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
hLen = M_EVP_MD_size(Hash);
if (hLen < 0)
goto err;
/*
/*-
* Negative sLen has special meanings:
* -1 sLen == hLen
* -2 salt length is maximized

2
crypto/sha/sha.h
View file

@ -70,7 +70,7 @@ extern "C" {
#error SHA is disabled.
#endif
/*
/*-
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
* ! SHA_LONG has to be at least 32 bits wide. If it's wider, then !
* ! SHA_LONG_LOG2 has to be defined along. !

Some files were not shown because too many files have changed in this diff Show more