Added comments to hmac and rc4 code and extra diagnotics to cert # out of

bounds. git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@192 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
2025-04-19 23:22:16 +03:00 · 2011-01-08 03:44:47 +00:00 · 2011-01-08 03:44:47 +00:00 · 9e1cb29c54
commit 9e1cb29c54
parent ab9ddd16f5
4 changed files with 12 additions and 6 deletions
--- a/crypto/hmac.c
+++ b/crypto/hmac.c
@ -30,6 +30,8 @@

 /**
 * HMAC implementation - This code was originally taken from RFC2104
+ * See http://www.ietf.org/rfc/rfc2104.txt and
+ * http://www.faqs.org/rfcs/rfc2202.html
 */

 #include <string.h>
@ -38,6 +40,7 @@

 /**
 * Perform HMAC-MD5
+ * NOTE: does not handle keys larger than the block size.
 */
 void hmac_md5(const uint8_t *msg, int length, const uint8_t *key, 
        int key_len, uint8_t *digest)
@ -70,6 +73,7 @@ void hmac_md5(const uint8_t *msg, int length, const uint8_t *key,

 /**
 * Perform HMAC-SHA1
+ * NOTE: does not handle keys larger than the block size.
 */
 void hmac_sha1(const uint8_t *msg, int length, const uint8_t *key, 
        int key_len, uint8_t *digest)
--- a/crypto/rc4.c
+++ b/crypto/rc4.c
@ -67,12 +67,12 @@ void RC4_setup(RC4_CTX *ctx, const uint8_t *key, int length)
 /**
 * Perform the encrypt/decrypt operation (can use it for either since
 * this is a stream cipher).
+ * NOTE: *msg and *out must be the same pointer (performance tweak)
 */
 void RC4_crypt(RC4_CTX *ctx, const uint8_t *msg, uint8_t *out, int length)
 { 
    int i;
    uint8_t *m, x, y, a, b;
-    out = (uint8_t *)msg; 

    x = ctx->x;
    y = ctx->y;
--- a/ssl/tls1.c
+++ b/ssl/tls1.c
@ -347,8 +347,9 @@ int add_cert(SSL_CTX *ssl_ctx, const uint8_t *buf, int len)
    if (i == CONFIG_SSL_MAX_CERTS) /* too many certs */
    {
 #ifdef CONFIG_SSL_FULL_MODE
-        printf("Error: maximum number of certs added - change of "
-                "compile-time configuration required\n");
+        printf("Error: maximum number of certs added (%d) - change of "
+                "compile-time configuration required\n",
+                CONFIG_SSL_MAX_CERTS);
 #endif
        goto error;
    }
@ -404,8 +405,9 @@ int add_cert_auth(SSL_CTX *ssl_ctx, const uint8_t *buf, int len)
        if (i >= CONFIG_X509_MAX_CA_CERTS)
        {
 #ifdef CONFIG_SSL_FULL_MODE
-            printf("Error: maximum number of CA certs added - change of "
-                    "compile-time configuration required\n");
+            printf("Error: maximum number of CA certs added (%d) - change of "
+                    "compile-time configuration required\n", 
+                    CONFIG_X509_MAX_CA_CERTS);
 #endif
            break;
        }
--- a/www/index.html
+++ b/www/index.html