From ef083a0e2c75c31c49e35328bf9bc345901cae42 Mon Sep 17 00:00:00 2001 From: Joseph Sutton Date: Fri, 23 Jun 2023 12:54:20 +1200 Subject: [PATCH] hx509: Fix code spelling Signed-off-by: Joseph Sutton --- lib/hx509/cert.c | 24 ++++++++++++------------ lib/hx509/cms.c | 34 +++++++++++++++++----------------- lib/hx509/revoke.c | 28 ++++++++++++++-------------- 3 files changed, 43 insertions(+), 43 deletions(-) diff --git a/lib/hx509/cert.c b/lib/hx509/cert.c index d728251df..4fcb4ba8d 100644 --- a/lib/hx509/cert.c +++ b/lib/hx509/cert.c @@ -237,13 +237,13 @@ hx509_set_warn_dest(hx509_context context, heim_log_facility *fac) /** * Selects if the hx509_revoke_verify() function is going to require - * the existans of a revokation method (OCSP, CRL) or not. Note that - * hx509_verify_path(), hx509_cms_verify_signed(), and other function + * the existence of a revocation method (OCSP, CRL) or not. Note that + * hx509_verify_path(), hx509_cms_verify_signed(), and other functions * call hx509_revoke_verify(). * * @param context hx509 context to change the flag for. - * @param flag zero, revokation method required, non zero missing - * revokation method ok + * @param flag zero, revocation method required, non zero missing + * revocation method ok * * @ingroup hx509_verify */ @@ -555,7 +555,7 @@ hx509_cert_ref(hx509_cert cert) } /** - * Allocate an verification context that is used fo control the + * Allocate an verification context that is used to control the * verification process. * * @param context A hx509 context. @@ -2436,7 +2436,7 @@ hx509_verify_path(hx509_context context, /* * The subject name of the proxy certificate should be - * CN=XXX,, prune of CN and check if its + * CN=XXX,. Prune off CN and check if it's * the same over the whole chain of proxy certs and * then check with the EE cert when we get to it. */ @@ -2496,7 +2496,7 @@ hx509_verify_path(hx509_context context, } else { /* * Now we are done with the proxy certificates, this - * cert was an EE cert and we we will fall though to + * cert was an EE cert and we will fall though to * EE checking below. */ type = EE_CERT; @@ -2505,9 +2505,9 @@ hx509_verify_path(hx509_context context, HEIM_FALLTHROUGH; case EE_CERT: /* - * If there where any proxy certificates in the chain + * If there were any proxy certificates in the chain * (proxy_cert_depth > 0), check that the proxy issuer - * matched proxy certificates "base" subject. + * matched the proxy certificate's "base" subject. */ if (proxy_cert_depth) { @@ -2598,7 +2598,7 @@ hx509_verify_path(hx509_context context, } /* - * Verify that no certificates has been revoked. + * Verify that no certificates have been revoked. */ if (ctx->revoke_ctx) { @@ -2681,7 +2681,7 @@ hx509_verify_path(hx509_context context, goto out; } /* - * Verify that the sigature algorithm is not weak. Ignore + * Verify that the signature algorithm is not weak. Ignore * trust anchors since they are provisioned by the user. */ @@ -2708,7 +2708,7 @@ out: * @param signer the certificate that made the signature. * @param alg algorthm that was used to sign the data. * @param data the data that was signed. - * @param sig the sigature to verify. + * @param sig the signature to verify. * * @return An hx509 error code, see hx509_get_error_string(). * diff --git a/lib/hx509/cms.c b/lib/hx509/cms.c index 20cb63ae0..3a3265050 100644 --- a/lib/hx509/cms.c +++ b/lib/hx509/cms.c @@ -117,8 +117,8 @@ hx509_cms_wrap_ContentInfo(const heim_oid *oid, * @param in the encoded buffer. * @param oid type of the content. * @param out data to be wrapped. - * @param have_data since the data is optional, this flags show dthe - * diffrence between no data and the zero length data. + * @param have_data since the data is optional, this flag shows the + * difference between no data and the zero length data. * * @return Returns an hx509 error code. * @@ -328,7 +328,7 @@ find_CMSIdentifier(hx509_context context, /** * Decode and unencrypt EnvelopedData. * - * Extract data and parameteres from from the EnvelopedData. Also + * Extract data and parameters from the EnvelopedData. Also * supports using detached EnvelopedData. * * @param context A hx509 context. @@ -339,7 +339,7 @@ find_CMSIdentifier(hx509_context context, * EnvelopedData stucture. * @param length length of the data that data point to. * @param encryptedContent in case of detached signature, this - * contains the actual encrypted data, othersize its should be NULL. + * contains the actual encrypted data, otherwise it should be NULL. * @param time_now set the current time, if zero the library uses now as the date. * @param contentType output type oid, should be freed with der_free_oid(). * @param content the data, free with der_free_octet_string(). @@ -434,7 +434,7 @@ hx509_cms_unenvelope(hx509_context context, hx509_cert_free(cert); if (ret == 0) - break; /* succuessfully decrypted cert */ + break; /* successfully decrypted cert */ cert = NULL; ret2 = unparse_CMSIdentifier(context, &ri->rid, &str); if (ret2 == 0) { @@ -528,17 +528,17 @@ out: } /** - * Encrypt end encode EnvelopedData. + * Encrypt and encode EnvelopedData. * * Encrypt and encode EnvelopedData. The data is encrypted with a * random key and the the random key is encrypted with the - * certificates private key. This limits what private key type can be + * certificate's private key. This limits what private key type can be * used to RSA. * * @param context A hx509 context. * @param flags flags to control the behavior. * - HX509_CMS_EV_NO_KU_CHECK - Don't check KU on certificate - * - HX509_CMS_EV_ALLOW_WEAK - Allow weak crytpo + * - HX509_CMS_EV_ALLOW_WEAK - Allow weak crypto * - HX509_CMS_EV_ID_NAME - prefer issuer name and serial number * @param cert Certificate to encrypt the EnvelopedData encryption key * with. @@ -770,12 +770,12 @@ find_attribute(const CMSAttributes *attr, const heim_oid *oid) * * @param context A hx509 context. * @param ctx a hx509 verify context. - * @param flags to control the behaivor of the function. + * @param flags to control the behavior of the function. * - HX509_CMS_VS_NO_KU_CHECK - Don't check KeyUsage * - HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH - allow oid mismatch * - HX509_CMS_VS_ALLOW_ZERO_SIGNER - no signer, see below. * @param data pointer to CMS SignedData encoded data. - * @param length length of the data that data point to. + * @param length length of the data that data points to. * @param signedContent external data used for signature. * @param pool certificate pool to build certificates paths. * @param contentType free with der_free_oid(). @@ -826,7 +826,7 @@ hx509_cms_verify_signed(hx509_context context, * - HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH - allow oid mismatch * - HX509_CMS_VS_ALLOW_ZERO_SIGNER - no signer, see below. * @param data pointer to CMS SignedData encoded data. - * @param length length of the data that data point to. + * @param length length of the data that data points to. * @param signedContent external data used for signature. * @param pool certificate pool to build certificates paths. * @param contentType free with der_free_oid(). @@ -969,7 +969,7 @@ hx509_cms_verify_signed_ext(hx509_context context, sa.val = signer_info->signedAttrs->val; sa.len = signer_info->signedAttrs->len; - /* verify that sigature exists */ + /* verify that signature exists */ attr = find_attribute(&sa, &asn1_oid_id_pkcs9_messageDigest); if (attr == NULL) { ret = HX509_CRYPTO_SIGNATURE_MISSING; @@ -1114,10 +1114,10 @@ hx509_cms_verify_signed_ext(hx509_context context, } /** * If HX509_CMS_VS_ALLOW_ZERO_SIGNER is set, allow empty - * SignerInfo (no signatures). If SignedData have no signatures, + * SignerInfo (no signatures). If SignedData has no signatures, * the function will return 0 with signer_certs set to NULL. Zero - * signers is allowed by the standard, but since its only useful - * in corner cases, it make into a flag that the caller have to + * signers is allowed by the standard, but since it's only useful + * in corner cases, it's made into a flag that the caller has to * turn on. */ if (sd.signerInfos.len == 0 && (flags & HX509_CMS_VS_ALLOW_ZERO_SIGNER)) { @@ -1193,10 +1193,10 @@ add_one_attribute(Attribute **attr, * @param flags * @param eContentType the type of the data. * @param data data to sign - * @param length length of the data that data point to. + * @param length length of the data that data points to. * @param digest_alg digest algorithm to use, use NULL to get the * default or the peer determined algorithm. - * @param cert certificate to use for sign the data. + * @param cert certificate to use for signing the data. * @param peer info about the peer the message to send the message to, * like what digest algorithm to use. * @param anchors trust anchors that the client will use, used to diff --git a/lib/hx509/revoke.c b/lib/hx509/revoke.c index fbf3b0466..ade0bd342 100644 --- a/lib/hx509/revoke.c +++ b/lib/hx509/revoke.c @@ -81,10 +81,10 @@ struct hx509_revoke_ctx_data { }; /** - * Allocate a revokation context. Free with hx509_revoke_free(). + * Allocate a revocation context. Free with hx509_revoke_free(). * * @param context A hx509 context. - * @param ctx returns a newly allocated revokation context. + * @param ctx returns a newly allocated revocation context. * * @return An hx509 error code, see hx509_get_error_string(). * @@ -130,7 +130,7 @@ free_ocsp(struct revoke_ocsp *ocsp) } /** - * Free a hx509 revokation context. + * Free a hx509 revocation context. * * @param ctx context to be freed * @@ -208,8 +208,8 @@ verify_ocsp(hx509_context context, goto out; /* - * If signer certificate isn't the CA certificate, lets check the - * it is the CA that signed the signer certificate and the OCSP EKU + * If signer certificate isn't the CA certificate, let's check that + * it is the CA that signed the signer certificate and that the OCSP EKU * is set. */ if (hx509_cert_cmp(signer, parent) != 0) { @@ -390,10 +390,10 @@ load_ocsp(hx509_context context, struct revoke_ocsp *ocsp) } /** - * Add a OCSP file to the revokation context. + * Add a OCSP file to the revocation context. * * @param context hx509 context - * @param ctx hx509 revokation context + * @param ctx hx509 revocation context * @param path path to file that is going to be added to the context. * * @return An hx509 error code, see hx509_get_error_string(). @@ -525,7 +525,7 @@ verify_crl(hx509_context context, /* * If signer is not CA cert, need to check revoke status of this * CRL signing cert too, this include all parent CRL signer cert - * up to the root *sigh*, assume root at least hve CERTSIGN flag + * up to the root *sigh*, assume root at least has CERTSIGN flag * set. */ while (_hx509_check_key_usage(context, signer, 1 << 5, TRUE)) { @@ -626,10 +626,10 @@ load_crl(hx509_context context, const char *path, time_t *t, CRLCertificateList } /** - * Add a CRL file to the revokation context. + * Add a CRL file to the revocation context. * * @param context hx509 context - * @param ctx hx509 revokation context + * @param ctx hx509 revocation context * @param path path to file that is going to be added to the context. * * @return An hx509 error code, see hx509_get_error_string(). @@ -691,12 +691,12 @@ hx509_revoke_add_crl(hx509_context context, } /** - * Check that a certificate is not expired according to a revokation - * context. Also need the parent certificte to the check OCSP + * Check that a certificate is not expired according to a revocation + * context. Also need the parent certificate to check the OCSP * parent identifier. * * @param context hx509 context - * @param ctx hx509 revokation context + * @param ctx hx509 revocation context * @param certs * @param now * @param cert @@ -726,7 +726,7 @@ hx509_revoke_verify(hx509_context context, struct revoke_ocsp *ocsp = &ctx->ocsps.val[i]; struct stat sb; - /* check this ocsp apply to this cert */ + /* check if this ocsp applies to this cert */ /* check if there is a newer version of the file */ ret = stat(ocsp->path, &sb);