Redo of PR#5345. Fixed spelling and typographical errors found by CodeSpell.

Signed-off-by: Shaun Case <warmsocks@gmail.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Shaun Case 2021-12-20 21:14:10 -08:00 committed by Dave Rodgman
parent 5479f5321a
commit 8b0ecbccf4
78 changed files with 151 additions and 151 deletions

View file

@ -2,4 +2,4 @@ The files in this directory stem from [Project Everest](https://project-everest.
This is a formally verified implementation of Curve25519-based handshakes. The C code is automatically derived from the (verified) [original implementation](https://github.com/project-everest/hacl-star/tree/master/code/curve25519) in the [F* language](https://github.com/fstarlang/fstar) by [KreMLin](https://github.com/fstarlang/kremlin). In addition to the improved safety and security of the implementation, it is also significantly faster than the default implementation of Curve25519 in mbedTLS.
The caveat is that not all platforms are supported, although the version in `everest/library/legacy` should work on most systems. The main issue is that some platforms do not provide a 128-bit integer type and KreMLin therefore has to use additional (also verified) code to simulate them, resulting in less of a performance gain overall. Explictly supported platforms are currently `x86` and `x86_64` using gcc or clang, and Visual C (2010 and later).
The caveat is that not all platforms are supported, although the version in `everest/library/legacy` should work on most systems. The main issue is that some platforms do not provide a 128-bit integer type and KreMLin therefore has to use additional (also verified) code to simulate them, resulting in less of a performance gain overall. Explicitly supported platforms are currently `x86` and `x86_64` using gcc or clang, and Visual C (2010 and later).

View file

@ -6,7 +6,7 @@
# command but rather at the target level using the
# target_include_directories command. That way, it is easier to guarantee
# that targets are built using the proper list of include directories.
# + Use the PUBLIC and PRIVATE keywords to specifiy the scope of include
# + Use the PUBLIC and PRIVATE keywords to specify the scope of include
# directories. That way, a target linking to a library (using the
# target_link_librairies command) inherits from the library PUBLIC include
# directories and not from the PRIVATE ones.

View file

@ -709,7 +709,7 @@ Security
applications calling mbedtls_mpi_sub_abs() directly are affected:
all calls inside the library were safe since this function is
only called with |A| >= |B|. Reported by Guido Vranken in #4042.
* Fix an errorneous estimation for an internal buffer in
* Fix an erroneous estimation for an internal buffer in
mbedtls_pk_write_key_pem(). If MBEDTLS_MPI_MAX_SIZE is set to an odd
value the function might fail to write a private RSA keys of the largest
supported size.
@ -722,7 +722,7 @@ Security
Bugfix
* Fix use-after-scope error in programs/ssl/ssl_client2.c and ssl_server2.c
* Fix memory leak that occured when calling psa_close_key() on a
* Fix memory leak that occurred when calling psa_close_key() on a
wrapped key with MBEDTLS_PSA_CRYPTO_SE_C defined.
* Fix an incorrect error code if an RSA private operation glitched.
* Fix a memory leak in an error case in psa_generate_derived_key_internal().
@ -1149,7 +1149,7 @@ Changes
executable.
* The ECP module, enabled by `MBEDTLS_ECP_C`, now depends on
`MBEDTLS_CTR_DRBG_C` or `MBEDTLS_HMAC_DRBG_C` for some side-channel
coutermeasures. If side channels are not a concern, this dependency can
countermeasures. If side channels are not a concern, this dependency can
be avoided by enabling the new option `MBEDTLS_ECP_NO_INTERNAL_RNG`.
* Align MSVC error flag with GCC and Clang. Contributed by Carlos Gomes
Martinho. #3147
@ -1817,7 +1817,7 @@ New deprecations
platform error.
* All module specific generic hardware acceleration errors following the
form MBEDTLS_ERR_XXX_HW_ACCEL_FAILED that are deprecated and are replaced
by the equivalent plaform error.
by the equivalent platform error.
* Deprecate the function mbedtls_mpi_is_prime() in favor of
mbedtls_mpi_is_prime_ext() which allows specifying the number of
Miller-Rabin rounds.
@ -2637,7 +2637,7 @@ Bugfix
a negative MPI. Previously the result was always negative. Found by Guido
Vranken.
* Fix a numerical underflow leading to stack overflow in mpi_read_file()
that was triggered uppon reading an empty line. Found by Guido Vranken.
that was triggered upon reading an empty line. Found by Guido Vranken.
Changes
* Send fatal alerts in more cases. The previous behaviour was to skip
@ -2812,7 +2812,7 @@ Bugfix
* Fix mbedtls_x509_get_sig() to update the ASN1 type in the mbedtls_x509_buf
data structure until after error checks are successful. Found by
subramanyam-c. #622
* Fix documentation and implementation missmatch for function arguments of
* Fix documentation and implementation mismatch for function arguments of
mbedtls_gcm_finish(). Found by cmiatpaar. #602
* Guarantee that P>Q at RSA key generation. Found by inestlerode. #558
* Fix potential byte overread when verifying malformed SERVER_HELLO in
@ -2935,7 +2935,7 @@ Security
Features
* Experimental support for EC J-PAKE as defined in Thread 1.0.0.
Disabled by default as the specification might still change.
* Added a key extraction callback to accees the master secret and key
* Added a key extraction callback to access the master secret and key
block. (Potential uses include EAP-TLS and Thread.)
Bugfix
@ -2970,7 +2970,7 @@ Security
overflow of the hostname or session ticket. Found by Guido Vranken,
Intelworks.
* Fix potential double-free if mbedtls_ssl_set_hs_psk() is called more than
once in the same handhake and mbedtls_ssl_conf_psk() was used.
once in the same handshake and mbedtls_ssl_conf_psk() was used.
Found and patch provided by Guido Vranken, Intelworks. Cannot be forced
remotely.
* Fix stack buffer overflow in pkcs12 decryption (used by
@ -3245,7 +3245,7 @@ Default behavior changes
Requirement changes
* The minimum MSVC version required is now 2010 (better C99 support).
* The NET layer now unconditionnaly relies on getaddrinfo() and select().
* The NET layer now unconditionally relies on getaddrinfo() and select().
* Compiler is required to support C99 types such as long long and uint32_t.
API changes from the 1.4 preview branch
@ -3458,7 +3458,7 @@ Bugfix
are defined but not POLARSSL_HAVE_TIME (found by Stephane Di Vito).
* Remove non-existent file from VS projects (found by Peter Vaskovic).
* ssl_read() could return non-application data records on server while
renegotation was pending, and on client when a HelloRequest was received.
renegotiation was pending, and on client when a HelloRequest was received.
* Server-initiated renegotiation would fail with non-blocking I/O if the
write callback returned WANT_WRITE when requesting renegotiation.
* ssl_close_notify() could send more than one message in some circumstances
@ -3942,7 +3942,7 @@ Bugfix
* Don't print uninitialised buffer in ssl_mail_client (found by Marc Abel).
* Fix net_accept() regarding non-blocking sockets (found by Luca Pesce).
* ssl_read() could return non-application data records on server while
renegotation was pending, and on client when a HelloRequest was received.
renegotiation was pending, and on client when a HelloRequest was received.
* Fix warnings from Clang's scan-build (contributed by Alfred Klomp).
Changes
@ -4378,7 +4378,7 @@ Changes
x509parse_crtfile(). With permissive parsing the parsing does not stop on
encountering a parse-error. Beware that the meaning of return values has
changed!
* All error codes are now negative. Even on mermory failures and IO errors.
* All error codes are now negative. Even on memory failures and IO errors.
Bugfix
* Fixed faulty HMAC-MD2 implementation. Found by dibac. (Closes
@ -4538,7 +4538,7 @@ Features
Changes
* Made Makefile cleaner
* Removed dependency on rand() in rsa_pkcs1_encrypt().
Now using random fuction provided to function and
Now using random function provided to function and
changed the prototype of rsa_pkcs1_encrypt(),
rsa_init() and rsa_gen_key().
* Some SSL defines were renamed in order to avoid

View file

@ -6,7 +6,7 @@ send an email to the security team at
## Security Incident Handling Process
Our security process is detailled in our
Our security process is detailed in our
[security
center](https://developer.trustedfirmware.org/w/mbed-tls/security-center/).

View file

@ -104,7 +104,7 @@
/*
* Save RAM at the expense of interoperability: do this only if you control
* both ends of the connection! (See coments in "mbedtls/ssl.h".)
* both ends of the connection! (See comments in "mbedtls/ssl.h".)
* The minimum size here depends on the certificate chain used as well as the
* typical size of records.
*/

View file

@ -40,7 +40,7 @@ If the way certain keys are stored changes, and we don't deliberately decide to
## Storage architecture overview
The PSA subsystem provides storage on top of the PSA trusted storage interface. The state of the storage is a mapping from file identifer (a 64-bit number) to file content (a byte array). These files include:
The PSA subsystem provides storage on top of the PSA trusted storage interface. The state of the storage is a mapping from file identifier (a 64-bit number) to file content (a byte array). These files include:
* [Key files](#key-storage) (files containing one key's metadata and, except for some secure element keys, key material).
* The [random generator injected seed or state file](#random-generator-state) (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`).

View file

@ -41,7 +41,7 @@
#define MBEDTLS_ARIA_DECRYPT 0 /**< ARIA decryption. */
#define MBEDTLS_ARIA_BLOCKSIZE 16 /**< ARIA block size in bytes. */
#define MBEDTLS_ARIA_MAX_ROUNDS 16 /**< Maxiumum number of rounds in ARIA. */
#define MBEDTLS_ARIA_MAX_ROUNDS 16 /**< Maximum number of rounds in ARIA. */
#define MBEDTLS_ARIA_MAX_KEYSIZE 32 /**< Maximum size of an ARIA key in bytes. */
/** Bad input data. */

View file

@ -253,7 +253,7 @@ int mbedtls_asn1_get_len( unsigned char **p,
* with the requested tag.
* \return #MBEDTLS_ERR_ASN1_OUT_OF_DATA if the ASN.1 element
* would end beyond \p end.
* \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparseable.
* \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparsable.
*/
int mbedtls_asn1_get_tag( unsigned char **p,
const unsigned char *end,

View file

@ -146,7 +146,7 @@
#endif
#if defined(MBEDTLS_PK_PARSE_C) && !defined(MBEDTLS_ASN1_PARSE_C)
#error "MBEDTLS_PK_PARSE_C defined, but not all prerequesites"
#error "MBEDTLS_PK_PARSE_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PKCS5_C) && !defined(MBEDTLS_MD_C)
@ -334,11 +334,11 @@
#endif
#if defined(MBEDTLS_MEMORY_BACKTRACE) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
#error "MBEDTLS_MEMORY_BACKTRACE defined, but not all prerequesites"
#error "MBEDTLS_MEMORY_BACKTRACE defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_MEMORY_DEBUG) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
#error "MBEDTLS_MEMORY_DEBUG defined, but not all prerequesites"
#error "MBEDTLS_MEMORY_DEBUG defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_HAVE_ASM)
@ -792,12 +792,12 @@
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \
!defined(MBEDTLS_SSL_PROTO_TLS1_2)
#error "MBEDTLS_SSL_ENCRYPT_THEN_MAC defined, but not all prerequsites"
#error "MBEDTLS_SSL_ENCRYPT_THEN_MAC defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) && \
!defined(MBEDTLS_SSL_PROTO_TLS1_2)
#error "MBEDTLS_SSL_EXTENDED_MASTER_SECRET defined, but not all prerequsites"
#error "MBEDTLS_SSL_EXTENDED_MASTER_SECRET defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_SSL_TICKET_C) && !defined(MBEDTLS_CIPHER_C)

View file

@ -139,7 +139,7 @@ extern "C" {
* discarded.
* (Default value: 0 = No debug )
*
* \param threshold theshold level of messages to filter on. Messages at a
* \param threshold threshold level of messages to filter on. Messages at a
* higher level will be discarded.
* - Debug levels
* - 0 No debug

View file

@ -65,7 +65,7 @@ typedef enum {
* (KeyExchange) as defined by the Thread spec.
*
* In order to benefit from this symmetry, we choose a different naming
* convetion from the Thread v1.0 spec. Correspondance is indicated in the
* convention from the Thread v1.0 spec. Correspondence is indicated in the
* description as a pair C: client name, S: server name
*/
typedef struct mbedtls_ecjpake_context

View file

@ -204,7 +204,7 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx,
size_t len );
/**
* \brief Initilisation of simpified HMAC_DRBG (never reseeds).
* \brief Initialisation of simplified HMAC_DRBG (never reseeds).
*
* This function is meant for use in algorithms that need a pseudorandom
* input such as deterministic ECDSA.

View file

@ -330,7 +330,7 @@
//#define MBEDTLS_SHA512_ALT
/*
* When replacing the elliptic curve module, pleace consider, that it is
* When replacing the elliptic curve module, please consider, that it is
* implemented with two .c files:
* - ecp.c
* - ecp_curves.c
@ -1416,7 +1416,7 @@
* Enable support for RFC 7627: Session Hash and Extended Master Secret
* Extension.
*
* This was introduced as "the proper fix" to the Triple Handshake familiy of
* This was introduced as "the proper fix" to the Triple Handshake family of
* attacks, but it is recommended to always use it (even if you disable
* renegotiation), since it actually fixes a more fundamental issue in the
* original SSL/TLS design, and has implications beyond Triple Handshake.
@ -1442,7 +1442,7 @@
* \note This option has no influence on the protection against the
* triple handshake attack. Even if it is disabled, Mbed TLS will
* still ensure that certificates do not change during renegotiation,
* for exaple by keeping a hash of the peer's certificate.
* for example by keeping a hash of the peer's certificate.
*
* Comment this macro to disable storing the peer's certificate
* after the handshake.
@ -2554,7 +2554,7 @@
/**
* \def MBEDTLS_PK_C
*
* Enable the generic public (asymetric) key layer.
* Enable the generic public (asymmetric) key layer.
*
* Module: library/pk.c
* Caller: library/psa_crypto_rsa.c
@ -2572,7 +2572,7 @@
/**
* \def MBEDTLS_PK_PARSE_C
*
* Enable the generic public (asymetric) key parser.
* Enable the generic public (asymmetric) key parser.
*
* Module: library/pkparse.c
* Caller: library/x509_crt.c
@ -2587,7 +2587,7 @@
/**
* \def MBEDTLS_PK_WRITE_C
*
* Enable the generic public (asymetric) key writer.
* Enable the generic public (asymmetric) key writer.
*
* Module: library/pkwrite.c
* Caller: library/x509write.c

View file

@ -1,7 +1,7 @@
/**
* \file private_access.h
*
* \brief Macro wrapper for struct's memebrs.
* \brief Macro wrapper for struct's members.
*/
/*
* Copyright The Mbed TLS Contributors

View file

@ -74,7 +74,7 @@
/*
* The above constants may be used even if the RSA module is compile out,
* eg for alternative (PKCS#11) RSA implemenations in the PK layers.
* eg for alternative (PKCS#11) RSA implementations in the PK layers.
*/
#ifdef __cplusplus
@ -540,7 +540,7 @@ int mbedtls_rsa_public( mbedtls_rsa_context *ctx,
*
* \note Blinding is used if and only if a PRNG is provided.
*
* \note If blinding is used, both the base of exponentation
* \note If blinding is used, both the base of exponentiation
* and the exponent are blinded, providing protection
* against some side-channel attacks.
*

View file

@ -2130,7 +2130,7 @@ int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl,
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
/**
* \brief Set the Maximum Tranport Unit (MTU).
* \brief Set the Maximum Transport Unit (MTU).
* Special value: 0 means unset (no limit).
* This represents the maximum size of a datagram payload
* handled by the transport layer (usually UDP) as determined
@ -3454,7 +3454,7 @@ void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf,
* Both sides: limits the set of curves accepted for use in
* ECDHE and in the peer's end-entity certificate.
*
* \deprecated Superseeded by mbedtls_ssl_conf_groups().
* \deprecated Superseded by mbedtls_ssl_conf_groups().
*
* \note This has no influence on which curves are allowed inside the
* certificate chains, see \c mbedtls_ssl_conf_cert_profile()
@ -3739,7 +3739,7 @@ int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **prot
*
* \param ssl SSL context
*
* \return Protcol name, or NULL if no protocol was negotiated.
* \return Protocol name, or NULL if no protocol was negotiated.
*/
const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl );
#endif /* MBEDTLS_SSL_ALPN */
@ -3822,7 +3822,7 @@ int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl,
unsigned char *mki_value,
uint16_t mki_len );
/**
* \brief Get the negotiated DTLS-SRTP informations:
* \brief Get the negotiated DTLS-SRTP information:
* Protection profile and MKI value.
*
* \warning This function must be called after the handshake is
@ -3830,7 +3830,7 @@ int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl,
* not be trusted or acted upon before the handshake completes.
*
* \param ssl The SSL context to query.
* \param dtls_srtp_info The negotiated DTLS-SRTP informations:
* \param dtls_srtp_info The negotiated DTLS-SRTP information:
* - Protection profile in use.
* A direct mapping of the iana defined value for protection
* profile on an uint16_t.
@ -4053,7 +4053,7 @@ void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets
* initiated by peer
* (Default: MBEDTLS_SSL_RENEGOTIATION_DISABLED)
*
* \warning It is recommended to always disable renegotation unless you
* \warning It is recommended to always disable renegotiation unless you
* know you need it and you know what you're doing. In the
* past, there have been several issues associated with
* renegotiation or a poor understanding of its properties.
@ -4116,7 +4116,7 @@ void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_
* scenario.
*
* \note With DTLS and server-initiated renegotiation, the
* HelloRequest is retransmited every time mbedtls_ssl_read() times
* HelloRequest is retransmitted every time mbedtls_ssl_read() times
* out or receives Application Data, until:
* - max_records records have beens seen, if it is >= 0, or
* - the number of retransmits that would happen during an
@ -4775,7 +4775,7 @@ void mbedtls_ssl_free( mbedtls_ssl_context *ssl );
* \return \c 0 if successful.
* \return #MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL if \p buf is too small.
* \return #MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed
* while reseting the context.
* while resetting the context.
* \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if a handshake is in
* progress, or there is pending data for reading or sending,
* or the connection does not use DTLS 1.2 with an AEAD

View file

@ -90,7 +90,7 @@ int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx,
* \brief Set expiration delay for cookies
* (Default MBEDTLS_SSL_COOKIE_TIMEOUT)
*
* \param ctx Cookie contex
* \param ctx Cookie context
* \param delay Delay, in seconds if HAVE_TIME, or in number of cookies
* issued in the meantime.
* 0 to disable expiration (NOT recommended)

View file

@ -968,7 +968,7 @@ void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx );
void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx );
/**
* \brief Set the verion for a Certificate
* \brief Set the version for a Certificate
* Default: MBEDTLS_X509_CRT_VERSION_3
*
* \param ctx CRT context to use

View file

@ -184,7 +184,7 @@ int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx,
* private key used to sign the CSR when writing it)
*
* \param ctx CSR context to use
* \param key Asymetric key to include
* \param key Asymmetric key to include
*/
void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key );

View file

@ -1023,7 +1023,7 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation,
* This function calculates the hash of the message formed by concatenating
* the inputs passed to preceding calls to psa_hash_update().
*
* When this function returns successfuly, the operation becomes inactive.
* When this function returns successfully, the operation becomes inactive.
* If this function returns an error status, the operation enters an error
* state and must be aborted by calling psa_hash_abort().
*
@ -1073,7 +1073,7 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
* compares the calculated hash with the expected hash passed as a
* parameter to this function.
*
* When this function returns successfuly, the operation becomes inactive.
* When this function returns successfully, the operation becomes inactive.
* If this function returns an error status, the operation enters an error
* state and must be aborted by calling psa_hash_abort().
*
@ -1458,7 +1458,7 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation,
* This function calculates the MAC of the message formed by concatenating
* the inputs passed to preceding calls to psa_mac_update().
*
* When this function returns successfuly, the operation becomes inactive.
* When this function returns successfully, the operation becomes inactive.
* If this function returns an error status, the operation enters an error
* state and must be aborted by calling psa_mac_abort().
*
@ -1511,7 +1511,7 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
* compares the calculated MAC with the expected MAC passed as a
* parameter to this function.
*
* When this function returns successfuly, the operation becomes inactive.
* When this function returns successfully, the operation becomes inactive.
* If this function returns an error status, the operation enters an error
* state and must be aborted by calling psa_mac_abort().
*
@ -1971,7 +1971,7 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
* formed by concatenating the inputs passed to preceding calls to
* psa_cipher_update().
*
* When this function returns successfuly, the operation becomes inactive.
* When this function returns successfully, the operation becomes inactive.
* If this function returns an error status, the operation enters an error
* state and must be aborted by calling psa_cipher_abort().
*
@ -2638,7 +2638,7 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation,
* preceding calls to psa_aead_update().
* - \p tag contains the authentication tag.
*
* When this function returns successfuly, the operation becomes inactive.
* When this function returns successfully, the operation becomes inactive.
* If this function returns an error status, the operation enters an error
* state and must be aborted by calling psa_aead_abort().
*
@ -2728,7 +2728,7 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation,
* plaintext and reports success. If the authentication tag is not correct,
* this function returns #PSA_ERROR_INVALID_SIGNATURE.
*
* When this function returns successfuly, the operation becomes inactive.
* When this function returns successfully, the operation becomes inactive.
* If this function returns an error status, the operation enters an error
* state and must be aborted by calling psa_aead_abort().
*
@ -3026,7 +3026,7 @@ psa_status_t psa_sign_hash(mbedtls_svc_key_id_t key,
* \retval #PSA_ERROR_INVALID_HANDLE
* \retval #PSA_ERROR_NOT_PERMITTED
* \retval #PSA_ERROR_INVALID_SIGNATURE
* The calculation was perfomed successfully, but the passed
* The calculation was performed successfully, but the passed
* signature is not a valid signature.
* \retval #PSA_ERROR_NOT_SUPPORTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
@ -3050,7 +3050,7 @@ psa_status_t psa_verify_hash(mbedtls_svc_key_id_t key,
/**
* \brief Encrypt a short message with a public key.
*
* \param key Identifer of the key to use for the operation.
* \param key Identifier of the key to use for the operation.
* It must be a public key or an asymmetric key
* pair. It must allow the usage
* #PSA_KEY_USAGE_ENCRYPT.

View file

@ -348,7 +348,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed,
* length of the byte string is the private key size in bytes (leading zeroes
* are not stripped).
*
* Determinstic DSA key derivation with psa_generate_derived_key follows
* Deterministic DSA key derivation with psa_generate_derived_key follows
* FIPS 186-4 &sect;B.1.2: interpret the byte string as integer
* in big-endian order. Discard it if it is not in the range
* [0, *N* - 2] where *N* is the boundary of the private key domain
@ -1145,7 +1145,7 @@ typedef uint32_t psa_pake_primitive_t;
*/
#define PSA_PAKE_STEP_ZK_PROOF ((psa_pake_step_t)0x03)
/** The type of the data strucure for PAKE cipher suites.
/** The type of the data structure for PAKE cipher suites.
*
* This is an implementation-defined \c struct. Applications should not
* make any assumptions about the content of this structure.

View file

@ -462,7 +462,7 @@ static inline void psa_set_key_type( psa_key_attributes_t *attributes,
}
else
{
/* Call the bigger function to free the old domain paramteres.
/* Call the bigger function to free the old domain parameters.
* Ignore any errors which may arise due to type requiring
* non-default domain parameters, since this function can't
* report errors. */

View file

@ -1456,7 +1456,7 @@
* with a random per-message secret number (*k*).
*
* The representation of the signature as a byte string consists of
* the concatentation of the signature values *r* and *s*. Each of
* the concatenation of the signature values *r* and *s*. Each of
* *r* and *s* is encoded as an *N*-octet string, where *N* is the length
* of the base point of the curve in octets. Each value is represented
* in big-endian order (most significant octet first).

View file

@ -1089,7 +1089,7 @@ typedef unsigned char mbedtls_be128[16];
*
* This function multiplies a field element by x in the polynomial field
* representation. It uses 64-bit word operations to gain speed but compensates
* for machine endianess and hence works correctly on both big and little
* for machine endianness and hence works correctly on both big and little
* endian machines.
*/
static void mbedtls_gf128mul_x_ble( unsigned char r[16],
@ -1189,7 +1189,7 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
unsigned char *prev_output = output - 16;
/* Copy ciphertext bytes from the previous block to our output for each
* byte of cyphertext we won't steal. At the same time, copy the
* byte of ciphertext we won't steal. At the same time, copy the
* remainder of the input for this final round (since the loop bounds
* are the same). */
for( i = 0; i < leftover; i++ )

View file

@ -2278,7 +2278,7 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B
* TA-TB is even so the division by 2 has an integer result.
* Invariant (I) is preserved since any odd divisor of both TA and TB
* also divides |TA-TB|/2, and any odd divisor of both TA and |TA-TB|/2
* also divides TB, and any odd divisior of both TB and |TA-TB|/2 also
* also divides TB, and any odd divisor of both TB and |TA-TB|/2 also
* divides TA.
*/
if( mbedtls_mpi_cmp_mpi( &TA, &TB ) >= 0 )

View file

@ -690,7 +690,7 @@ cleanup:
/*
* Conditionally swap X and Y, without leaking information
* about whether the swap was made or not.
* Here it is not ok to simply swap the pointers, which whould lead to
* Here it is not ok to simply swap the pointers, which would lead to
* different memory access patterns when X and Y are used afterwards.
*/
int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X,

View file

@ -449,7 +449,7 @@ cleanup:
/*
* Read a ECJPAKEKeyKPPairList (7.4.2.3) and check proofs
* Ouputs: verified peer public keys Xa, Xb
* Outputs: verified peer public keys Xa, Xb
*/
static int ecjpake_kkpp_read( const mbedtls_md_info_t *md_info,
const mbedtls_ecp_group *grp,

View file

@ -1267,7 +1267,7 @@ cleanup:
* For curves in short Weierstrass form, we do all the internal operations in
* Jacobian coordinates.
*
* For multiplication, we'll use a comb method with coutermeasueres against
* For multiplication, we'll use a comb method with countermeasures against
* SPA, hence timing attacks.
*/
@ -2231,7 +2231,7 @@ static unsigned char ecp_pick_window_size( const mbedtls_ecp_group *grp,
* This function is mainly responsible for administrative work:
* - managing the restart context if enabled
* - managing the table of precomputed points (passed between the below two
* functions): allocation, computation, ownership tranfer, freeing.
* functions): allocation, computation, ownership transfer, freeing.
*
* It delegates the actual arithmetic work to:
* ecp_precompute_comb() and ecp_mul_comb_with_precomp()
@ -2365,7 +2365,7 @@ cleanup:
/*
* For Montgomery curves, we do all the internal arithmetic in projective
* coordinates. Import/export of points uses only the x coordinates, which is
* internaly represented as X / Z.
* internally represented as X / Z.
*
* For scalar multiplication, we'll use a Montgomery ladder.
*/
@ -2519,7 +2519,7 @@ static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
MPI_ECP_LSET( &R->Z, 0 );
mbedtls_mpi_free( &R->Y );
/* RP.X might be sligtly larger than P, so reduce it */
/* RP.X might be slightly larger than P, so reduce it */
MOD_ADD( &RP.X );
/* Randomize coordinates of the starting point */

View file

@ -561,8 +561,8 @@ static void *buffer_alloc_calloc_mutexed( size_t n, size_t size )
static void buffer_alloc_free_mutexed( void *ptr )
{
/* We have to good option here, but corrupting the heap seems
* worse than loosing memory. */
/* We have no good option here, but corrupting the heap seems
* worse than losing memory. */
if( mbedtls_mutex_lock( &heap.mutex ) )
return;
buffer_alloc_free( ptr );

View file

@ -475,7 +475,7 @@ static int pk_use_ecparams( const mbedtls_asn1_buf *params, mbedtls_ecp_group *g
}
/*
* grp may already be initilialized; if so, make sure IDs match
* grp may already be initialized; if so, make sure IDs match
*/
if( grp->id != MBEDTLS_ECP_DP_NONE && grp->id != grp_id )
return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
@ -808,7 +808,7 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa,
goto cleanup;
#else
/* Verify existance of the CRT params */
/* Verify existence of the CRT params */
if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ||
( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ||
( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 )

View file

@ -913,7 +913,7 @@ static psa_status_t psa_get_and_lock_key_slot_with_policy(
goto error;
}
/* Enforce that the usage policy permits the requested algortihm. */
/* Enforce that the usage policy permits the requested algorithm. */
if( alg != 0 )
{
status = psa_key_policy_permits( &slot->attr.policy,

View file

@ -428,7 +428,7 @@ psa_status_t mbedtls_psa_aead_update(
* preceding calls to mbedtls_psa_aead_update().
* - \p tag contains the authentication tag.
*
* Whether or not this function returns successfuly, the PSA core subsequently
* Whether or not this function returns successfully, the PSA core subsequently
* calls mbedtls_psa_aead_abort() to deactivate the operation.
*
* \param[in,out] operation Active AEAD operation.

View file

@ -175,7 +175,7 @@ psa_status_t mbedtls_psa_hash_update(
* This function calculates the hash of the message formed by concatenating
* the inputs passed to preceding calls to mbedtls_psa_hash_update().
*
* When this function returns successfuly, the operation becomes inactive.
* When this function returns successfully, the operation becomes inactive.
* If this function returns an error status, the operation enters an error
* state and must be aborted by calling mbedtls_psa_hash_abort().
*

View file

@ -848,10 +848,10 @@ cleanup:
* the more bits of the key can be recovered. See [3].
*
* Collecting n collisions with m bit long blinding value requires 2^(m-m/n)
* observations on avarage.
* observations on average.
*
* For example with 28 byte blinding to achieve 2 collisions the adversary has
* to make 2^112 observations on avarage.
* to make 2^112 observations on average.
*
* (With the currently (as of 2017 April) known best algorithms breaking 2048
* bit RSA requires approximately as much time as trying out 2^112 random keys.

View file

@ -62,7 +62,7 @@
/*
* Cookies are formed of a 4-bytes timestamp (or serial number) and
* an HMAC of timestemp and client ID.
* an HMAC of timestamp and client ID.
*/
#define COOKIE_LEN ( 4 + COOKIE_HMAC_LEN )

View file

@ -1234,7 +1234,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
add_data, add_data_len );
/* Because of the check above, we know that there are
* explicit_iv_len Bytes preceeding data, and taglen
* explicit_iv_len Bytes preceding data, and taglen
* bytes following data + data_len. This justifies
* the debug message and the invocation of
* mbedtls_cipher_auth_decrypt_ext() below. */
@ -2404,7 +2404,7 @@ int mbedtls_ssl_start_handshake_msg( mbedtls_ssl_context *ssl, unsigned hs_type,
unsigned char **buf, size_t *buf_len )
{
/*
* Reserve 4 bytes for hanshake header. ( Section 4,RFC 8446 )
* Reserve 4 bytes for handshake header. ( Section 4,RFC 8446 )
* ...
* HandshakeType msg_type;
* uint24 length;

View file

@ -37,7 +37,7 @@
#include <string.h>
/*
* Initialze context
* Initialize context
*/
void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx )
{

View file

@ -4017,7 +4017,7 @@ void mbedtls_ssl_free( mbedtls_ssl_context *ssl )
}
/*
* Initialze mbedtls_ssl_config
* Initialize mbedtls_ssl_config
*/
void mbedtls_ssl_config_init( mbedtls_ssl_config *conf )
{
@ -6614,7 +6614,7 @@ void mbedtls_ssl_handshake_wrapup_free_hs_transform( mbedtls_ssl_context *ssl )
ssl->handshake = NULL;
/*
* Free the previous transform and swith in the current one
* Free the previous transform and switch in the current one
*/
if( ssl->transform )
{

View file

@ -2276,7 +2276,7 @@ start_processing:
MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
return( MBEDTLS_ERR_SSL_DECODE_ERROR );
}
} /* FALLTROUGH */
} /* FALLTHROUGH */
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \

View file

@ -1261,7 +1261,7 @@ read_record_header:
* Handshake layer:
* 0 . 0 handshake type
* 1 . 3 handshake length
* 4 . 5 DTLS only: message seqence number
* 4 . 5 DTLS only: message sequence number
* 6 . 8 DTLS only: fragment offset
* 9 . 11 DTLS only: fragment length
*/

View file

@ -1110,7 +1110,7 @@ int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform,
transform->tls_version = MBEDTLS_SSL_VERSION_TLS1_3;
/* We add the true record content type (1 Byte) to the plaintext and
* then pad to the configured granularity. The mimimum length of the
* then pad to the configured granularity. The minimum length of the
* type-extended and padded plaintext is therefore the padding
* granularity. */
transform->minlen =
@ -1425,7 +1425,7 @@ int mbedtls_ssl_tls13_generate_application_keys(
hash_alg = mbedtls_psa_translate_md( handshake->ciphersuite_info->mac );
hash_len = PSA_HASH_LENGTH( hash_alg );
/* Compute current handshake transcript. It's the caller's responsiblity
/* Compute current handshake transcript. It's the caller's responsibility
* to call this at the right time, that is, after the ServerFinished. */
ret = mbedtls_ssl_get_handshake_transcript( ssl, md_type,

View file

@ -35,10 +35,10 @@ make
Finally, you can run the targets like `./test/fuzz/fuzz_client`.
Corpus generation for network trafic targets
Corpus generation for network traffic targets
------
These targets use network trafic as inputs :
These targets use network traffic as inputs :
* client : simulates a client against (fuzzed) server traffic
* server : simulates a server against (fuzzed) client traffic
* dtls_client
@ -48,7 +48,7 @@ They also use the last bytes as configuration options.
To generate corpus for these targets, you can do the following, not fully automated steps :
* Build mbedtls programs ssl_server2 and ssl_client2
* Run them one against the other with `reproducible` option turned on while capturing trafic into test.pcap
* Run them one against the other with `reproducible` option turned on while capturing traffic into test.pcap
* Extract tcp payloads, for instance with tshark : `tshark -Tfields -e tcp.dstport -e tcp.payload -r test.pcap > test.txt`
* Run a dummy python script to output either client or server corpus file like `python dummy.py test.txt > test.cor`
* Finally, you can add the options by appending the last bytes to the file test.cor

View file

@ -47,7 +47,7 @@ int main(int argc, char** argv)
return 2;
}
//lauch fuzzer
//launch fuzzer
LLVMFuzzerTestOneInput(Data, Size);
free(Data);
fclose(fp);

View file

@ -37,7 +37,7 @@
* dominate memory usage in small configurations. For the sake of simplicity,
* only a Unix version is implemented.
*
* Warning: we are breaking some of the abtractions from the NET layer here.
* Warning: we are breaking some of the abstractions from the NET layer here.
* This is not a good example for general use. This programs has the specific
* goal of minimizing use of the libc functions on full-blown OSes.
*/

View file

@ -507,7 +507,7 @@ struct options
int transport; /* TLS or DTLS? */
uint32_t hs_to_min; /* Initial value of DTLS handshake timer */
uint32_t hs_to_max; /* Max value of DTLS handshake timer */
int dtls_mtu; /* UDP Maximum tranport unit for DTLS */
int dtls_mtu; /* UDP Maximum transport unit for DTLS */
int fallback; /* is this a fallback connection? */
int dgram_packing; /* allow/forbid datagram packing */
int extended_ms; /* negotiate extended master secret? */

View file

@ -651,7 +651,7 @@ struct options
int anti_replay; /* Use anti-replay for DTLS? -1 for default */
uint32_t hs_to_min; /* Initial value of DTLS handshake timer */
uint32_t hs_to_max; /* Max value of DTLS handshake timer */
int dtls_mtu; /* UDP Maximum tranport unit for DTLS */
int dtls_mtu; /* UDP Maximum transport unit for DTLS */
int dgram_packing; /* allow/forbid datagram packing */
int badmac_limit; /* Limit of records with bad MAC */
int eap_tls; /* derive EAP-TLS keying material? */

View file

@ -278,7 +278,7 @@ int ca_callback( void *data, mbedtls_x509_crt const *child,
/*
* Test recv/send functions that make sure each try returns
* WANT_READ/WANT_WRITE at least once before sucesseding
* WANT_READ/WANT_WRITE at least once before succeeding
*/
int delayed_recv( void *ctx, unsigned char *buf, size_t len );
int delayed_send( void *ctx, const unsigned char *buf, size_t len );

View file

@ -179,7 +179,7 @@ do { \
*
* This computes the maximum length of a title +3, because we appends "/s" and
* want at least one space. (If the value is too small, the only consequence
* is poor alignement.) */
* is poor alignment.) */
#define TITLE_SPACE 17
#define MEMORY_MEASURE_INIT \

View file

@ -1,5 +1,5 @@
/*
* UDP proxy: emulate an unreliable UDP connexion for DTLS testing
* UDP proxy: emulate an unreliable UDP connection for DTLS testing
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0

View file

@ -63,7 +63,7 @@ int main( int argc, char** argv )
if( argc != 2 )
{
mbedtls_printf( "This program takes exactly 1 agument\n" );
mbedtls_printf( "This program takes exactly 1 argument\n" );
usage();
mbedtls_exit( exit_code );
}

View file

@ -37,7 +37,7 @@ class CodeSizeComparison:
"""
old_revision: revision to compare against
new_revision:
result_dir: directory for comparision result
result_dir: directory for comparison result
"""
self.repo_path = "."
self.result_dir = os.path.abspath(result_dir)
@ -140,7 +140,7 @@ class CodeSizeComparison:
+ "-" + self.new_rev + ".csv"), "w")
res_file.write("file_name, this_size, old_size, change, change %\n")
print("Generating comparision results.")
print("Generating comparison results.")
old_ds = {}
for line in old_file.readlines()[1:]:
@ -199,7 +199,7 @@ def main():
parser.add_argument(
"-n", "--new-rev", type=str, default=None,
help="new revision for comparison, default is the current work \
directory, including uncommited changes."
directory, including uncommitted changes."
)
comp_args = parser.parse_args()

View file

@ -418,7 +418,7 @@ class ConfigFile(Config):
value = setting.value
if value is None:
value = ''
# Normally the whitespace to separte the symbol name from the
# Normally the whitespace to separate the symbol name from the
# value is part of middle, and there's no whitespace for a symbol
# with no value. But if a symbol has been changed from having a
# value to not having one, the whitespace is wrong, so fix it.

View file

@ -53,7 +53,7 @@ def preprocess_c_source_code(source, *classes):
"""
Simple preprocessor for C source code.
Only processses condition directives without expanding them.
Only processes condition directives without expanding them.
Yield object according to the classes input. Most match firstly
If the directive pair does not match , raise CondDirectiveNotMatch.

View file

@ -89,8 +89,8 @@ List of certificates:
_int-ca.crt: S7 + I1
_int-ca_ca2.crt: S7 + I1 + 2
_all_space.crt: S7 + I1 both with misplaced spaces (invalid PEM)
_pem_space.crt: S7 with misplace space (invalid PEM) + I1
_trailing_space.crt: S7 + I1 both with trainling space (valid PEM)
_pem_space.crt: S7 with misplaced space (invalid PEM) + I1
_trailing_space.crt: S7 + I1 both with trailing space (valid PEM)
_spurious_int-ca.crt: S7 + I2(spurious) + I1
- server8*.crt: I2 R L: RSA signed by EC signed by RSA (P1 for _int-ca2)
- server9*.crt: 1 R C* L P1*: signed using RSASSA-PSS

View file

@ -1,2 +1,2 @@
// Context with added '1234' at the begining to simulate too much data in the base64 code
// Context with added '1234' at the beginning to simulate too much data in the base64 code
1234AhUAAH8AAA4AAAQ8AAAAAF6HQx3MqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACG2QbHbUj8eGpdx5KVIebiwk0jvRj9/3m6BOSzpA7qBXeEunhqr3D11NE7ciGjeHMAAAAAAAM7MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcNMTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTNowCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKzNtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kMtQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8PhYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjyaHT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgwFoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQELBQADggEBAC465FJhPqel7zJngHIHJrqj/wVAxGAFOTF396XKATGAp+HRCqJ81Ry60CNK1jDzk8dv6M6UHoS7RIFiM/9rXQCbJfiPD5xMTejZp5n5UYHAmxsxDaazfA5FuBhkfokKK6jD4Eq91C94xGKb6X4/VkaPF7cqoBBw/bHxawXc0UEPjqayiBpCYU/rJoVZgLqFVP7Px3sva1nOrNx8rPPI1hJ+ZOg8maiPTxHZnBVLakSSLQy/sWeWyazO1RnrbxjrbgQtYKz0e3nwGpu1w13vfckFmUSBhHXH7AAS/HpKC4IH7G2GAk3+n8iSSN71sZzpxonQwVbopMZqLmbBm/7WPLcAAJTfQC2Ek91INP5ihHNzImPOAHJCk+YTO/pQuEnNWwXbdmKAi+IRp671iAwtpkjSxCBXVzKX925F1A66caCOQptlw+9zFukDQgblM2JyAJLG0j6B4RtBTDWJ8ZTMUPHUoLJoEpm8APZgRi//DMRyCKP9pbBLGlDzgUvl0w11LzBAlJHkWau5NoqQBlG7w4HFrKweovskAAFRgAAAAF6HQx248L77RH0Z973tSYNQ8zBsz861CZG5/T09TJz3XodDHe/iJ+cgXb5An3zTdnTBtw3EWAb68T+gCE33GN8AAAAAAAAAAAAAAAEAAAAAAAAAAwAAAQAAAAAAAgAAAA==

View file

@ -259,7 +259,7 @@ General options:
--no-force Refuse to overwrite modified files (default).
--no-keep-going Stop at the first error (default).
--no-memory No additional memory tests (default).
--no-quiet Print full ouput from components.
--no-quiet Print full output from components.
--out-of-source-dir=<path> Directory used for CMake out-of-source build tests.
--outcome-file=<path> File where test outcomes are written (not done if
empty; default: \$MBEDTLS_TEST_OUTCOME_FILE).

View file

@ -187,7 +187,7 @@ class ShebangIssueTracker(FileIssueTracker):
# Allow either /bin/sh, /bin/bash, or /usr/bin/env.
# Allow at most one argument (this is a Linux limitation).
# For sh and bash, the argument if present must be options.
# For env, the argument must be the base name of the interpeter.
# For env, the argument must be the base name of the interpreter.
_shebang_re = re.compile(rb'^#! ?(?:/bin/(bash|sh)(?: -[^\n ]*)?'
rb'|/usr/bin/env ([^\n /]+))$')
_extensions = {

View file

@ -813,7 +813,7 @@ class NameChecker():
def check_for_typos(self):
"""
Perform a check that all words in the soure code beginning with MBED are
Perform a check that all words in the source code beginning with MBED are
either defined as macros, or as enum constants.
Assumes parse_names_in_source() was called before this.

View file

@ -46,7 +46,7 @@ my $config_h = 'include/mbedtls/mbedtls_config.h';
# as many SSL options depend on specific hashes,
# and SSL is not in the test suites anyways,
# disable it to avoid dependcies issues
# disable it to avoid dependencies issues
my $ssl_sed_cmd = 's/^#define \(MBEDTLS_SSL.*\)/\1/p';
my @ssl = split( /\s+/, `sed -n -e '$ssl_sed_cmd' $config_h` );

View file

@ -831,7 +831,7 @@ class StorageFormatV0(StorageFormat):
def gather_key_types_for_sign_alg(self) -> Dict[str, List[str]]:
# pylint: disable=too-many-locals
"""Match possible key types for sign algorithms."""
# To create a valid combinaton both the algorithms and key types
# To create a valid combination both the algorithms and key types
# must be filtered. Pair them with keywords created from its names.
incompatible_alg_keyword = frozenset(['RAW', 'ANY', 'PURE'])
incompatible_key_type_keywords = frozenset(['MONTGOMERY'])
@ -855,7 +855,7 @@ class StorageFormatV0(StorageFormat):
if re.match(pattern, keyword):
alg_keywords.remove(keyword)
alg_keywords.add(replace)
# Filter out incompatible algortihms
# Filter out incompatible algorithms
if not alg_keywords.isdisjoint(incompatible_alg_keyword):
continue
@ -863,7 +863,7 @@ class StorageFormatV0(StorageFormat):
# Generate keywords from the of the key type
key_type_keywords = set(key_type.translate(translation_table).split(sep='_')[3:])
# Remove ambigious keywords
# Remove ambiguous keywords
for keyword1, keyword2 in exclusive_keywords.items():
if keyword1 in key_type_keywords:
key_type_keywords.remove(keyword2)
@ -880,7 +880,7 @@ class StorageFormatV0(StorageFormat):
"""Generate test keys for usage flag extensions."""
# Generate a key type and algorithm pair for each extendable usage
# flag to generate a valid key for exercising. The key is generated
# without usage extension to check the extension compatiblity.
# without usage extension to check the extension compatibility.
alg_with_keys = self.gather_key_types_for_sign_alg()
for usage in sorted(StorageKey.IMPLICIT_USAGE_FLAGS, key=str):

View file

@ -4,7 +4,7 @@
# (Multiple recursion where a() calls b() which calls a() not covered.)
#
# When the recursion depth might depend on data controlled by the attacker in
# an unbounded way, those functions should use interation instead.
# an unbounded way, those functions should use iteration instead.
#
# Typical usage: scripts/recursion.pl library/*.c
#

View file

@ -1,5 +1,5 @@
#!/usr/bin/env python3
"""Run the PSA Cryto API compliance test suite.
"""Run the PSA Crypto API compliance test suite.
Clone the repo and check out the commit specified by PSA_ARCH_TEST_REPO and PSA_ARCH_TEST_REF,
then complie and run the test suite. The clone is stored at <Mbed TLS root>/psa-arch-tests.
Known defects in either the test suite or mbedtls - identified by their test number - are ignored,

View file

@ -221,7 +221,7 @@ static int exercise_cipher_key( mbedtls_svc_key_id_t key,
sizeof( decrypted ) - part_length,
&part_length );
/* For a stream cipher, all inputs are valid. For a block cipher,
* if the input is some aribtrary data rather than an actual
* if the input is some arbitrary data rather than an actual
ciphertext, a padding error is likely. */
if( maybe_invalid_padding )
TEST_ASSERT( status == PSA_SUCCESS ||
@ -929,7 +929,7 @@ int mbedtls_test_psa_exercise_key( mbedtls_svc_key_id_t key,
return( 0 );
if( alg == 0 )
ok = 1; /* If no algorihm, do nothing (used for raw data "keys"). */
ok = 1; /* If no algorithm, do nothing (used for raw data "keys"). */
else if( PSA_ALG_IS_MAC( alg ) )
ok = exercise_mac_key( key, usage, alg );
else if( PSA_ALG_IS_CIPHER( alg ) )

View file

@ -4580,7 +4580,7 @@ run_test "Renegotiation: DTLS, gnutls server, client-initiated" \
-C "error" \
-s "Extra-header:"
# Test for the "secure renegotation" extension only (no actual renegotiation)
# Test for the "secure renegotiation" extension only (no actual renegotiation)
requires_gnutls
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
@ -5317,7 +5317,7 @@ run_test "Authentication, CA callback: client max_int chain, server required"
-s "use CA callback for X.509 CRT verification" \
-S "X509 - A fatal error occurred"
# Tests for certificate selection based on SHA verson
# Tests for certificate selection based on SHA version
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
run_test "Certificate hash: client TLS 1.2 -> SHA-2" \
@ -9068,7 +9068,7 @@ run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \
# certificate obtained from the server. Here, however, it
# connects to 127.0.0.1 while our test certificates use 'localhost'
# as the server name in the certificate. This will make the
# certifiate validation fail, but passing --insecure makes
# certificate validation fail, but passing --insecure makes
# GnuTLS continue the connection nonetheless.
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C

View file

@ -519,7 +519,7 @@ int execute_tests( int argc , const char ** argv )
FILE *file;
char buf[5000];
char *params[50];
/* Store for proccessed integer params. */
/* Store for processed integer params. */
int32_t int_params[50];
void *pointer;
#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))

View file

@ -1,7 +1,7 @@
/* BEGIN_HEADER */
#include "mbedtls/aria.h"
/* Maxium size of data used by test vectors
/* Maximum size of data used by test vectors
* WARNING: to be adapted if and when adding larger test cases */
#define ARIA_MAX_DATASIZE 160

View file

@ -49,7 +49,7 @@ read_round_one:MBEDTLS_ECJPAKE_CLIENT:"41047ea6e3a4487037a9e0dbd79262b2cc273e779
ECJPAKE round one: KKP1: no second point data
read_round_one:MBEDTLS_ECJPAKE_CLIENT:"41047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b0104":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
ECJPAKE round one: KKP1: unknow second point format
ECJPAKE round one: KKP1: unknown second point format
read_round_one:MBEDTLS_ECJPAKE_CLIENT:"41047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410509f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb516":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE
ECJPAKE round one: KKP1: nothing after second point
@ -97,7 +97,7 @@ read_round_one:MBEDTLS_ECJPAKE_CLIENT:"4104190a07700ffa4be6ae1d79ee0f06aeb544cd5
ECJPAKE round one: KKP2: no second point data
read_round_one:MBEDTLS_ECJPAKE_CLIENT:"4104190a07700ffa4be6ae1d79ee0f06aeb544cd5addaabedf70f8623321332c54f355f0fbfec783ed359e5d0bf7377a0fc4ea7ace473c9c112b41ccd41ac56a56124104360a1cea33fce641156458e0a4eac219e96831e6aebc88b3f3752f93a0281d1bf1fb106051db9694a8d6e862a5ef1324a3d9e27894f1ee4f7c59199965a8dd4a2091847d2d22df3ee55faa2a3fb33fd2d1e055a07a7c61ecfb8d80ec00c2c9eb1241047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b0104":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
ECJPAKE round one: KKP2: unknow second point format
ECJPAKE round one: KKP2: unknown second point format
read_round_one:MBEDTLS_ECJPAKE_CLIENT:"4104190a07700ffa4be6ae1d79ee0f06aeb544cd5addaabedf70f8623321332c54f355f0fbfec783ed359e5d0bf7377a0fc4ea7ace473c9c112b41ccd41ac56a56124104360a1cea33fce641156458e0a4eac219e96831e6aebc88b3f3752f93a0281d1bf1fb106051db9694a8d6e862a5ef1324a3d9e27894f1ee4f7c59199965a8dd4a2091847d2d22df3ee55faa2a3fb33fd2d1e055a07a7c61ecfb8d80ec00c2c9eb1241047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410509f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb516":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE
ECJPAKE round one: KKP2: nothing after second point
@ -190,7 +190,7 @@ read_round_two_srv:"410469d54ee85e90ce3f1246742de507e939e81d1dc1c5cb988b58c310c9
ECJPAKE round two server: no data
read_round_two_srv:"":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
ECJPAKE round two server: length of forst point too small
ECJPAKE round two server: length of first point too small
read_round_two_srv:"00":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
ECJPAKE round two server: length of first point too big

View file

@ -21,7 +21,7 @@ void mbedtls_md_process( )
/*
* Very minimal testing of mbedtls_md_process, just make sure the various
* xxx_process_wrap() function pointers are valid. (Testing that they
* indeed do the right thing whould require messing with the internal
* indeed do the right thing would require messing with the internal
* state of the underlying mbedtls_md/sha context.)
*
* Also tests that mbedtls_md_list() only returns valid MDs.

View file

@ -28,7 +28,7 @@
* On success, it refers to the opened file (\p wanted_fd).
* \param wanted_fd The desired file descriptor.
*
* \return \c 0 on succes, a negative error code on error.
* \return \c 0 on success, a negative error code on error.
*/
static int open_file_on_fd( mbedtls_net_context *ctx, int wanted_fd )
{

View file

@ -1080,7 +1080,7 @@ void pk_rsa_alt( )
memset( ciph, 0, sizeof ciph );
memset( test, 0, sizeof test );
/* Initiliaze PK RSA context with random key */
/* Initialize PK RSA context with random key */
TEST_ASSERT( mbedtls_pk_setup( &rsa,
mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
TEST_ASSERT( pk_genkey( &rsa, RSA_KEY_SIZE ) == 0 );

View file

@ -2259,7 +2259,7 @@ PSA symmetric decrypt: AES-CBC-nopad, input too short (5 bytes)
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
cipher_decrypt_fail:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
PSA symetric decrypt: CCM*-no-tag, input too short (15 bytes)
PSA symmetric decrypt: CCM*-no-tag, input too short (15 bytes)
depends_on:PSA_WANT_ALG_CCM_STAR_NO_TAG:MBEDTLS_AES_C
cipher_decrypt_fail:PSA_ALG_CCM_STAR_NO_TAG:PSA_KEY_TYPE_AES:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9":"2a2a2a2a2a2a2a2a":PSA_ERROR_INVALID_ARGUMENT

View file

@ -834,7 +834,7 @@ void import_large_key( int type_arg, int byte_size_arg,
size_t n;
/* Skip the test case if the target running the test cannot
* accomodate large keys due to heap size constraints */
* accommodate large keys due to heap size constraints */
ASSERT_ALLOC_WEAK( buffer, buffer_size );
memset( buffer, 'K', byte_size );
@ -1198,7 +1198,7 @@ void key_attributes_init( )
/* Test each valid way of initializing the object, except for `= {0}`, as
* Clang 5 complains when `-Wmissing-field-initializers` is used, even
* though it's OK by the C standard. We could test for this, but we'd need
* to supress the Clang warning for the test. */
* to suppress the Clang warning for the test. */
psa_key_attributes_t func = psa_key_attributes_init( );
psa_key_attributes_t init = PSA_KEY_ATTRIBUTES_INIT;
psa_key_attributes_t zero;
@ -1989,7 +1989,7 @@ void hash_operation_init( )
/* Test each valid way of initializing the object, except for `= {0}`, as
* Clang 5 complains when `-Wmissing-field-initializers` is used, even
* though it's OK by the C standard. We could test for this, but we'd need
* to supress the Clang warning for the test. */
* to suppress the Clang warning for the test. */
psa_hash_operation_t func = psa_hash_operation_init( );
psa_hash_operation_t init = PSA_HASH_OPERATION_INIT;
psa_hash_operation_t zero;
@ -2518,7 +2518,7 @@ void mac_operation_init( )
/* Test each valid way of initializing the object, except for `= {0}`, as
* Clang 5 complains when `-Wmissing-field-initializers` is used, even
* though it's OK by the C standard. We could test for this, but we'd need
* to supress the Clang warning for the test. */
* to suppress the Clang warning for the test. */
psa_mac_operation_t func = psa_mac_operation_init( );
psa_mac_operation_t init = PSA_MAC_OPERATION_INIT;
psa_mac_operation_t zero;
@ -2941,7 +2941,7 @@ void cipher_operation_init( )
/* Test each valid way of initializing the object, except for `= {0}`, as
* Clang 5 complains when `-Wmissing-field-initializers` is used, even
* though it's OK by the C standard. We could test for this, but we'd need
* to supress the Clang warning for the test. */
* to suppress the Clang warning for the test. */
psa_cipher_operation_t func = psa_cipher_operation_init( );
psa_cipher_operation_t init = PSA_CIPHER_OPERATION_INIT;
psa_cipher_operation_t zero;
@ -5964,7 +5964,7 @@ void sign_hash_deterministic( int key_type_arg, data_t *key_data,
PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
key_bits = psa_get_key_bits( &attributes );
/* Allocate a buffer which has the size advertized by the
/* Allocate a buffer which has the size advertised by the
* library. */
signature_size = PSA_SIGN_OUTPUT_SIZE( key_type,
key_bits, alg );
@ -6063,7 +6063,7 @@ void sign_verify_hash( int key_type_arg, data_t *key_data,
PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
key_bits = psa_get_key_bits( &attributes );
/* Allocate a buffer which has the size advertized by the
/* Allocate a buffer which has the size advertised by the
* library. */
signature_size = PSA_SIGN_OUTPUT_SIZE( key_type,
key_bits, alg );
@ -6697,7 +6697,7 @@ void key_derivation_init( )
/* Test each valid way of initializing the object, except for `= {0}`, as
* Clang 5 complains when `-Wmissing-field-initializers` is used, even
* though it's OK by the C standard. We could test for this, but we'd need
* to supress the Clang warning for the test. */
* to suppress the Clang warning for the test. */
size_t capacity;
psa_key_derivation_operation_t func = psa_key_derivation_operation_init( );
psa_key_derivation_operation_t init = PSA_KEY_DERIVATION_OPERATION_INIT;
@ -7617,7 +7617,7 @@ void key_agreement_capacity( int alg_arg,
NULL, 0 ) );
}
/* Test the advertized capacity. */
/* Test the advertised capacity. */
PSA_ASSERT( psa_key_derivation_get_capacity(
&operation, &actual_capacity ) );
TEST_EQUAL( actual_capacity, (size_t) expected_capacity_arg );

View file

@ -995,7 +995,7 @@ void cipher_entry_points( int alg_arg, int key_type_arg,
/*
* Test encrypt failure
* First test that if we don't force a driver error, encryption is
* successfull, then force driver error.
* successful, then force driver error.
*/
status = psa_cipher_encrypt(
key, alg, input->x, input->len,

View file

@ -7,7 +7,7 @@ external_rng_failure_generate:
# randomization for (e.g.) blinding. An external implementation could use
# its own randomness source which is not affected by the forced failure of
# the RNG driver.
# Key types and non-randomized auxilary algorithms (in practice, hashes) can
# Key types and non-randomized auxiliary algorithms (in practice, hashes) can
# use an external implementation.
PSA external RNG failure: randomized ECDSA
depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PSA_BUILTIN_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256

View file

@ -325,7 +325,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg,
case INVALIDATE_BY_DESTROYING:
case INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN:
/*
* Test that the key handle and identifier are now not refering to an
* Test that the key handle and identifier are now not referring to an
* existing key.
*/
TEST_EQUAL( psa_get_key_attributes( handle, &read_attributes ),

View file

@ -10,7 +10,7 @@ test_multiple_psks_opaque:1
Attempt to register multiple PSKs, incl. opaque PSK, #2
test_multiple_psks_opaque:2
Test calback buffer sanity
Test callback buffer sanity
test_callback_buffer_sanity:
Callback buffer test: Exercise simple write/read
@ -624,7 +624,7 @@ ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12350000":0
SSL DTLS replay: delayed
ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12340002":0
SSL DTLS replay: lastest replayed
SSL DTLS replay: latest replayed
ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12340003":-1
SSL DTLS replay: older replayed

View file

@ -2229,7 +2229,7 @@ void perform_handshake( handshake_test_options* options )
/* After calling mbedtls_ssl_renegotiate for the client all renegotiation
* should happen inside this function. However in this test, we cannot
* perform simultaneous communication betwen client and server so this
* perform simultaneous communication between client and server so this
* function will return waiting error on the socket. All rest of
* renegotiation should happen during data exchanging */
ret = mbedtls_ssl_renegotiate( &(client.ssl) );
@ -2321,7 +2321,7 @@ void test_callback_buffer_sanity()
TEST_ASSERT( mbedtls_test_buffer_get( NULL, NULL, 0 ) == -1 );
/* Make sure calling put and get on a buffer that hasn't been set up results
* in eror. */
* in error. */
mbedtls_test_buffer_init( &buf );
TEST_ASSERT( mbedtls_test_buffer_put( &buf, input, sizeof( input ) ) == -1 );