return r;
}
-/* Return true iff env has a good key.
+/* Return true iff env has a valid key.
*/
int crypto_pk_check_key(crypto_pk_env_t *env)
{
return r;
}
-/* Check a 'fromlen' bytes signature from 'from' with the public key
- * in 'env', using PKCS1 padding. On success, write the signed data
- * to 'to', and return the number of bytes written. On failure,
- * return -1.
+/* Check the signature in 'from' ('fromlen' bytes long) with the
+ * public key in 'env', using PKCS1 padding. On success, write the
+ * signed data to 'to', and return the number of bytes written.
+ * On failure, return -1.
*/
int crypto_pk_public_checksig(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to)
{
tor_assert(env && from && to);
r = RSA_public_decrypt(fromlen, (unsigned char*)from, to, env->key, RSA_PKCS1_PADDING);
- if (r<0)
+ if (r<0) {
crypto_log_errors(LOG_WARN, "checking RSA signature");
+ return -1;
+ }
return r;
}
return -1;
r = RSA_private_encrypt(fromlen, (unsigned char*)from, to, env->key, RSA_PKCS1_PADDING);
- if (r<0)
+ if (r<0) {
crypto_log_errors(LOG_WARN, "generating RSA signature");
+ return -1;
+ }
return r;
}
}
/* Decode an ASN.1-encoded public key from str; return the result on
- * success and -1 on failure.
+ * success and NULL on failure.
*/
crypto_pk_env_t *crypto_pk_asn1_decode(const char *str, int len)
{
return crypto_rand(CIPHER_KEY_LEN, env->key);
}
-/* Set the symmetric key for the cipehr in 'env' to CIPHER_KEY_LEN
- * bytes from 'key'. Does not initialize the cipher.
+/* Set the symmetric key for the cipher in 'env' to the first
+ * CIPHER_KEY_LEN bytes of 'key'. Does not initialize the cipher.
*/
int crypto_cipher_set_key(crypto_cipher_env_t *env, const unsigned char *key)
{
* bytes of shared key material and write them to 'secret_out'.
*
* (We generate key material by computing
- * SHA11( g^xy || "\x00" ) || SHA1( g^xy || "\x01" ) || ...
+ * SHA1( g^xy || "\x00" ) || SHA1( g^xy || "\x01" ) || ...
* where || is concatenation.)
*
*/
/* Base-64 encode 'srclen' bytes of data from 'src'. Write the result
* into 'dest', if it will fit within 'destlen' bytes. Return the
- * number of bytes written on success; -1 on failure.
+ * number of bytes written on success; -1 if destlen is too short,
+ * or other failure.
*/
int
base64_encode(char *dest, int destlen, const char *src, int srclen)
/* Base-64 decode 'srclen' bytes of data from 'src'. Write the result
* into 'dest', if it will fit within 'destlen' bytes. Return the
- * number of bytes written on success; -1 on failure.
+ * number of bytes written on success; -1 if destlen is too short,
+ * or other failure.
*/
int
base64_decode(char *dest, int destlen, const char *src, int srclen)
/* Length of our DH keys. */
#define DH_BYTES (1024/8)
-/* Constants used to indicate disired public-key padding functions. */
+/* Constants used to indicate desired public-key padding functions. */
#define PK_NO_PADDING 60000
#define PK_PKCS1_PADDING 60001
#define PK_PKCS1_OAEP_PADDING 60002
SSL_CTX *ctx;
} tor_tls_context;
-/* Holds a SSL object and it associated data.
+/* Holds a SSL object and its associated data.
*/
struct tor_tls_st {
SSL *ssl;
enum {
TOR_TLS_ST_HANDSHAKE, TOR_TLS_ST_OPEN, TOR_TLS_ST_GOTCLOSE,
TOR_TLS_ST_SENTCLOSE, TOR_TLS_ST_CLOSED
- } state; /* The current SSL state, depending on which operatios have
+ } state; /* The current SSL state, depending on which operations have
* completed successfully. */
int isServer;
int wantwrite_n; /* 0 normally, >0 if we returned wantwrite last time */
* _TOR_TLS_ZERORETURN instead of reporting zero-return errors.
*
* If an error has occurred, log it at level 'severity' and describe the
- * current action as 'doing.'
+ * current action as 'doing'.
*/
static int
tor_tls_get_error(tor_tls *tls, int r, int extra,
}
/* Change the capacity of the smartlist to 'n', so that we can grow
- * the list upt to'n' elements with no further reallocation or wasted
+ * the list up to 'n' elements with no further reallocation or wasted
* space. If 'n' is less than or equal to the number of elements
- * currently in the list, reduces the list's capacity as much as
+ * currently in the list, reduce the list's capacity as much as
* possible without losing elements.
*/
void smartlist_set_capacity(smartlist_t *sl, int n) {
sl->list[sl->num_used++] = element;
}
-/* Append each elements from S2 to the end of S1. */
+/* Append each element from S2 to the end of S1. */
void smartlist_add_all(smartlist_t *sl, const smartlist_t *s2)
{
SMARTLIST_FOREACH(s2, void *, element, smartlist_add(sl, element));
return sl->num_used;
}
/* Insert the value 'val' as the new 'idx'th element of 'sl', moving all
- * items previously at 'idx' or later forward on space.
+ * items previously at 'idx' or later forward one space.
*/
void smartlist_insert(smartlist_t *sl, int idx, void *val)
{
return;
}
-/* Returns the number of microseconds elapsed between *start and *end.
+/* Return the number of microseconds elapsed between *start and *end.
+ * If start is after end, return 0.
*/
long
tv_udiff(struct timeval *start, struct timeval *end)
* socketpair.)
*
* Currently, only (AF_UNIX, SOCK_STREAM, 0 ) sockets are supported.
- * Note that on systems without socketpair, this call will sometimes
- * fail if localhost is inaccessible (for example, if the networking
- * stack is down).
+ *
+ * Note that on systems without socketpair, this call will fail if
+ * localhost is inaccessible (for example, if the networking
+ * stack is down). And even if it succeeds, the socket pair will not
+ * be able to read while localhost is down later (the socket pair may
+ * even close, depending on OS-specific timeouts).
**/
int
tor_socketpair(int family, int type, int protocol, int fd[2])
return FN_ERROR;
}
-/* Check whether dirname exists and is private. If yes returns 0. If
- * it does not exist, and create is set, try to creat it and return 0
+/* Check whether dirname exists and is private. If yes return 0. If
+ * it does not exist, and create is set, try to create it and return 0
* on success. Else return -1. */
int check_private_dir(const char *dirname, int create)
{
/* Hold the result of our call to 'uname'. */
static char uname_result[256];
-/* True iff uname_Result is set. */
+/* True iff uname_result is set. */
static int uname_result_is_set = 0;
/* Return a pointer to a description of our platform.
void finish_daemon(void) {}
#endif
-/* Write the current process ID, followed by NL, into 'filaname',
+/* Write the current process ID, followed by NL, into 'filename',
*/
void write_pidfile(char *filename) {
#ifndef MS_WINDOWS
/* Set *addr to the IP address (in dotted-quad notation) stored in c.
* Return 1 on success, 0 if c is badly formatted. (Like inet_aton(c,addr),
- * but works on Windows.)
+ * but works on Windows and Solaris.)
*/
int tor_inet_aton(const char *c, struct in_addr* addr)
{
projects / thirdparty / tor.git / commitdiff
