aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/common/crypto.c32
-rw-r--r--src/common/crypto.h2
-rw-r--r--src/common/tortls.c6
-rw-r--r--src/common/util.c30
4 files changed, 40 insertions, 30 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 12a57dfa5..5304180e3 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -452,7 +452,7 @@ crypto_pk_write_private_key_to_filename(crypto_pk_env_t *env,
return r;
}
-/* Return true iff env has a good key.
+/* Return true iff env has a valid key.
*/
int crypto_pk_check_key(crypto_pk_env_t *env)
{
@@ -543,10 +543,10 @@ int crypto_pk_private_decrypt(crypto_pk_env_t *env, const unsigned char *from, i
return r;
}
-/* Check a 'fromlen' bytes signature from 'from' with the public key
- * in 'env', using PKCS1 padding. On success, write the signed data
- * to 'to', and return the number of bytes written. On failure,
- * return -1.
+/* Check the signature in 'from' ('fromlen' bytes long) with the
+ * public key in 'env', using PKCS1 padding. On success, write the
+ * signed data to 'to', and return the number of bytes written.
+ * On failure, return -1.
*/
int crypto_pk_public_checksig(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to)
{
@@ -554,8 +554,10 @@ int crypto_pk_public_checksig(crypto_pk_env_t *env, const unsigned char *from, i
tor_assert(env && from && to);
r = RSA_public_decrypt(fromlen, (unsigned char*)from, to, env->key, RSA_PKCS1_PADDING);
- if (r<0)
+ if (r<0) {
crypto_log_errors(LOG_WARN, "checking RSA signature");
+ return -1;
+ }
return r;
}
@@ -573,8 +575,10 @@ int crypto_pk_private_sign(crypto_pk_env_t *env, const unsigned char *from, int
return -1;
r = RSA_private_encrypt(fromlen, (unsigned char*)from, to, env->key, RSA_PKCS1_PADDING);
- if (r<0)
+ if (r<0) {
crypto_log_errors(LOG_WARN, "generating RSA signature");
+ return -1;
+ }
return r;
}
@@ -770,7 +774,7 @@ int crypto_pk_asn1_encode(crypto_pk_env_t *pk, char *dest, int dest_len)
}
/* Decode an ASN.1-encoded public key from str; return the result on
- * success and -1 on failure.
+ * success and NULL on failure.
*/
crypto_pk_env_t *crypto_pk_asn1_decode(const char *str, int len)
{
@@ -879,8 +883,8 @@ int crypto_cipher_generate_key(crypto_cipher_env_t *env)
return crypto_rand(CIPHER_KEY_LEN, env->key);
}
-/* Set the symmetric key for the cipehr in 'env' to CIPHER_KEY_LEN
- * bytes from 'key'. Does not initialize the cipher.
+/* Set the symmetric key for the cipher in 'env' to the first
+ * CIPHER_KEY_LEN bytes of 'key'. Does not initialize the cipher.
*/
int crypto_cipher_set_key(crypto_cipher_env_t *env, const unsigned char *key)
{
@@ -1177,7 +1181,7 @@ int crypto_dh_get_public(crypto_dh_env_t *dh, char *pubkey, int pubkey_len)
* bytes of shared key material and write them to 'secret_out'.
*
* (We generate key material by computing
- * SHA11( g^xy || "\x00" ) || SHA1( g^xy || "\x01" ) || ...
+ * SHA1( g^xy || "\x00" ) || SHA1( g^xy || "\x01" ) || ...
* where || is concatenation.)
*
*/
@@ -1336,7 +1340,8 @@ int crypto_pseudo_rand_int(unsigned int max) {
/* Base-64 encode 'srclen' bytes of data from 'src'. Write the result
* into 'dest', if it will fit within 'destlen' bytes. Return the
- * number of bytes written on success; -1 on failure.
+ * number of bytes written on success; -1 if destlen is too short,
+ * or other failure.
*/
int
base64_encode(char *dest, int destlen, const char *src, int srclen)
@@ -1359,7 +1364,8 @@ base64_encode(char *dest, int destlen, const char *src, int srclen)
/* Base-64 decode 'srclen' bytes of data from 'src'. Write the result
* into 'dest', if it will fit within 'destlen' bytes. Return the
- * number of bytes written on success; -1 on failure.
+ * number of bytes written on success; -1 if destlen is too short,
+ * or other failure.
*/
int
base64_decode(char *dest, int destlen, const char *src, int srclen)
diff --git a/src/common/crypto.h b/src/common/crypto.h
index 4d763cf7b..a6b269f5d 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -16,7 +16,7 @@
/* Length of our DH keys. */
#define DH_BYTES (1024/8)
-/* Constants used to indicate disired public-key padding functions. */
+/* Constants used to indicate desired public-key padding functions. */
#define PK_NO_PADDING 60000
#define PK_PKCS1_PADDING 60001
#define PK_PKCS1_OAEP_PADDING 60002
diff --git a/src/common/tortls.c b/src/common/tortls.c
index 05cc0200e..e480f79e7 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -33,7 +33,7 @@ typedef struct tor_tls_context_st {
SSL_CTX *ctx;
} tor_tls_context;
-/* Holds a SSL object and it associated data.
+/* Holds a SSL object and its associated data.
*/
struct tor_tls_st {
SSL *ssl;
@@ -41,7 +41,7 @@ struct tor_tls_st {
enum {
TOR_TLS_ST_HANDSHAKE, TOR_TLS_ST_OPEN, TOR_TLS_ST_GOTCLOSE,
TOR_TLS_ST_SENTCLOSE, TOR_TLS_ST_CLOSED
- } state; /* The current SSL state, depending on which operatios have
+ } state; /* The current SSL state, depending on which operations have
* completed successfully. */
int isServer;
int wantwrite_n; /* 0 normally, >0 if we returned wantwrite last time */
@@ -99,7 +99,7 @@ tls_log_errors(int severity, const char *doing)
* _TOR_TLS_ZERORETURN instead of reporting zero-return errors.
*
* If an error has occurred, log it at level 'severity' and describe the
- * current action as 'doing.'
+ * current action as 'doing'.
*/
static int
tor_tls_get_error(tor_tls *tls, int r, int extra,
diff --git a/src/common/util.c b/src/common/util.c
index b788f675c..f2c6cf7ad 100644
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -281,9 +281,9 @@ void smartlist_free(smartlist_t *sl) {
}
/* Change the capacity of the smartlist to 'n', so that we can grow
- * the list upt to'n' elements with no further reallocation or wasted
+ * the list up to 'n' elements with no further reallocation or wasted
* space. If 'n' is less than or equal to the number of elements
- * currently in the list, reduces the list's capacity as much as
+ * currently in the list, reduce the list's capacity as much as
* possible without losing elements.
*/
void smartlist_set_capacity(smartlist_t *sl, int n) {
@@ -320,7 +320,7 @@ void smartlist_add(smartlist_t *sl, void *element) {
sl->list[sl->num_used++] = element;
}
-/* Append each elements from S2 to the end of S1. */
+/* Append each element from S2 to the end of S1. */
void smartlist_add_all(smartlist_t *sl, const smartlist_t *s2)
{
SMARTLIST_FOREACH(s2, void *, element, smartlist_add(sl, element));
@@ -440,7 +440,7 @@ int smartlist_len(const smartlist_t *sl)
return sl->num_used;
}
/* Insert the value 'val' as the new 'idx'th element of 'sl', moving all
- * items previously at 'idx' or later forward on space.
+ * items previously at 'idx' or later forward one space.
*/
void smartlist_insert(smartlist_t *sl, int idx, void *val)
{
@@ -785,7 +785,8 @@ void tor_gettimeofday(struct timeval *timeval) {
return;
}
-/* Returns the number of microseconds elapsed between *start and *end.
+/* Return the number of microseconds elapsed between *start and *end.
+ * If start is after end, return 0.
*/
long
tv_udiff(struct timeval *start, struct timeval *end)
@@ -981,9 +982,12 @@ void spawn_exit()
* socketpair.)
*
* Currently, only (AF_UNIX, SOCK_STREAM, 0 ) sockets are supported.
- * Note that on systems without socketpair, this call will sometimes
- * fail if localhost is inaccessible (for example, if the networking
- * stack is down).
+ *
+ * Note that on systems without socketpair, this call will fail if
+ * localhost is inaccessible (for example, if the networking
+ * stack is down). And even if it succeeds, the socket pair will not
+ * be able to read while localhost is down later (the socket pair may
+ * even close, depending on OS-specific timeouts).
**/
int
tor_socketpair(int family, int type, int protocol, int fd[2])
@@ -1131,8 +1135,8 @@ file_status_t file_status(const char *fname)
return FN_ERROR;
}
-/* Check whether dirname exists and is private. If yes returns 0. If
- * it does not exist, and create is set, try to creat it and return 0
+/* Check whether dirname exists and is private. If yes return 0. If
+ * it does not exist, and create is set, try to create it and return 0
* on success. Else return -1. */
int check_private_dir(const char *dirname, int create)
{
@@ -1336,7 +1340,7 @@ int is_internal_IP(uint32_t ip) {
/* Hold the result of our call to 'uname'. */
static char uname_result[256];
-/* True iff uname_Result is set. */
+/* True iff uname_result is set. */
static int uname_result_is_set = 0;
/* Return a pointer to a description of our platform.
@@ -1465,7 +1469,7 @@ void start_daemon(char *cp) {}
void finish_daemon(void) {}
#endif
-/* Write the current process ID, followed by NL, into 'filaname',
+/* Write the current process ID, followed by NL, into 'filename',
*/
void write_pidfile(char *filename) {
#ifndef MS_WINDOWS
@@ -1536,7 +1540,7 @@ int switch_id(char *user, char *group) {
/* Set *addr to the IP address (in dotted-quad notation) stored in c.
* Return 1 on success, 0 if c is badly formatted. (Like inet_aton(c,addr),
- * but works on Windows.)
+ * but works on Windows and Solaris.)
*/
int tor_inet_aton(const char *c, struct in_addr* addr)
{