More comment realignmentmaster-post-reformat

Reviewed-by: Tim Hudson <tjh@openssl.org>
author: Matt Caswell <matt@openssl.org> 2015-01-17 01:06:54 +0100
committer: Matt Caswell <matt@openssl.org> 2015-01-22 10:20:10 +0100
commit: 35a1cc90bc1795e8893c11e442790ee7f659fffb (patch)
tree: 07b5091171d75ea2bcce8b37f1776e03f1f102d1 /crypto/ec
parent: Re-align some comments after running the reformat script. (diff)
download: openssl-master-post-reformat.tar.xz
openssl-master-post-reformat.zip
4 files changed, 93 insertions, 89 deletions
diff --git a/crypto/ec/ecp_nistp256.c b/crypto/ec/ecp_nistp256.c
index 51ac99c85b..d485a97fd8 100644
--- a/crypto/ec/ecp_nistp256.c
+++ b/crypto/ec/ecp_nistp256.c
@@ -432,25 +432,25 @@ static void felem_shrink(smallfelem out, const felem in)
     /* As tmp[3] < 2^65, high is either 1 or 0 */
     high <<= 63;
     high >>= 63;
-	/*-
-	 * high is:
-	 *   all ones   if the high word of tmp[3] is 1
-	 *   all zeros  if the high word of tmp[3] if 0 */
+    /*-
+     * high is:
+     *   all ones   if the high word of tmp[3] is 1
+     *   all zeros  if the high word of tmp[3] if 0 */
     low = tmp[3];
     mask = low >> 63;
-	/*-
-	 * mask is:
-	 *   all ones   if the MSB of low is 1
-	 *   all zeros  if the MSB of low if 0 */
+    /*-
+     * mask is:
+     *   all ones   if the MSB of low is 1
+     *   all zeros  if the MSB of low if 0 */
     low &= bottom63bits;
     low -= kPrime3Test;
     /* if low was greater than kPrime3Test then the MSB is zero */
     low = ~low;
     low >>= 63;
-	/*-
-	 * low is:
-	 *   all ones   if low was > kPrime3Test
-	 *   all zeros  if low was <= kPrime3Test */
+    /*-
+     * low is:
+     *   all ones   if low was > kPrime3Test
+     *   all zeros  if low was <= kPrime3Test */
     mask = (mask & low) | high;
     tmp[0] -= mask & kPrime[0];
     tmp[1] -= mask & kPrime[1];
@@ -790,17 +790,17 @@ static void felem_reduce(felem out, const longfelem in)
 
     felem_reduce_(out, in);
 
-	/*-
-	 * out[0] > 2^100 - 2^36 - 2^4 - 3*2^64 - 3*2^96 - 2^64 - 2^96 > 0
-	 * out[1] > 2^100 - 2^64 - 7*2^96 > 0
-	 * out[2] > 2^100 - 2^36 + 2^4 - 5*2^64 - 5*2^96 > 0
-	 * out[3] > 2^100 - 2^36 + 2^4 - 7*2^64 - 5*2^96 - 3*2^96 > 0
-	 *
-	 * out[0] < 2^100 + 2^64 + 7*2^64 + 5*2^96 < 2^101
-	 * out[1] < 2^100 + 3*2^64 + 5*2^64 + 3*2^97 < 2^101
-	 * out[2] < 2^100 + 5*2^64 + 2^64 + 3*2^65 + 2^97 < 2^101
-	 * out[3] < 2^100 + 7*2^64 + 7*2^96 + 3*2^64 < 2^101
-	 */
+    /*-
+     * out[0] > 2^100 - 2^36 - 2^4 - 3*2^64 - 3*2^96 - 2^64 - 2^96 > 0
+     * out[1] > 2^100 - 2^64 - 7*2^96 > 0
+     * out[2] > 2^100 - 2^36 + 2^4 - 5*2^64 - 5*2^96 > 0
+     * out[3] > 2^100 - 2^36 + 2^4 - 7*2^64 - 5*2^96 - 3*2^96 > 0
+     *
+     * out[0] < 2^100 + 2^64 + 7*2^64 + 5*2^96 < 2^101
+     * out[1] < 2^100 + 3*2^64 + 5*2^64 + 3*2^97 < 2^101
+     * out[2] < 2^100 + 5*2^64 + 2^64 + 3*2^65 + 2^97 < 2^101
+     * out[3] < 2^100 + 7*2^64 + 7*2^96 + 3*2^64 < 2^101
+     */
 }
 
 /*-
@@ -819,17 +819,17 @@ static void felem_reduce_zero105(felem out, const longfelem in)
 
     felem_reduce_(out, in);
 
-	/*-
-	 * out[0] > 2^105 - 2^41 - 2^9 - 2^71 - 2^103 - 2^71 - 2^103 > 0
-	 * out[1] > 2^105 - 2^71 - 2^103 > 0
-	 * out[2] > 2^105 - 2^41 + 2^9 - 2^71 - 2^103 > 0
-	 * out[3] > 2^105 - 2^41 + 2^9 - 2^71 - 2^103 - 2^103 > 0
-	 *
-	 * out[0] < 2^105 + 2^71 + 2^71 + 2^103 < 2^106
-	 * out[1] < 2^105 + 2^71 + 2^71 + 2^103 < 2^106
-	 * out[2] < 2^105 + 2^71 + 2^71 + 2^71 + 2^103 < 2^106
-	 * out[3] < 2^105 + 2^71 + 2^103 + 2^71 < 2^106
-	 */
+    /*-
+     * out[0] > 2^105 - 2^41 - 2^9 - 2^71 - 2^103 - 2^71 - 2^103 > 0
+     * out[1] > 2^105 - 2^71 - 2^103 > 0
+     * out[2] > 2^105 - 2^41 + 2^9 - 2^71 - 2^103 > 0
+     * out[3] > 2^105 - 2^41 + 2^9 - 2^71 - 2^103 - 2^103 > 0
+     *
+     * out[0] < 2^105 + 2^71 + 2^71 + 2^103 < 2^106
+     * out[1] < 2^105 + 2^71 + 2^71 + 2^103 < 2^106
+     * out[2] < 2^105 + 2^71 + 2^71 + 2^71 + 2^103 < 2^106
+     * out[3] < 2^105 + 2^71 + 2^103 + 2^71 < 2^106
+     */
 }
 
 /*
@@ -1094,7 +1094,8 @@ static void smallfelem_inv_contract(smallfelem out, const smallfelem in)
  *
  * Building on top of the field operations we have the operations on the
  * elliptic curve group itself. Points on the curve are represented in Jacobian
- * coordinates */
+ * coordinates
+ */
 
 /*-
  * point_double calculates 2*(x_in, y_in, z_in)
@@ -1103,7 +1104,8 @@ static void smallfelem_inv_contract(smallfelem out, const smallfelem in)
  *   http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#doubling-dbl-2001-b
  *
  * Outputs can equal corresponding inputs, i.e., x_out == x_in is allowed.
- * while x_out == y_in is not (maybe this works, but it's not tested). */
+ * while x_out == y_in is not (maybe this works, but it's not tested).
+ */
 static void
 point_double(felem x_out, felem y_out, felem z_out,
              const felem x_in, const felem y_in, const felem z_in)
@@ -1234,7 +1236,8 @@ static void copy_small_conditional(felem out, const smallfelem in, limb mask)
  * This function includes a branch for checking whether the two input points
  * are equal, (while not equal to the point at infinity). This case never
  * happens during single point multiplication, so there is no timing leak for
- * ECDH or ECDSA signing. */
+ * ECDH or ECDSA signing.
+ */
 static void point_add(felem x3, felem y3, felem z3,
                       const felem x1, const felem y1, const felem z1,
                       const int mixed, const smallfelem x2,
diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c
index fa6766ec30..360b9a3516 100644
--- a/crypto/ec/ecp_nistp521.c
+++ b/crypto/ec/ecp_nistp521.c
@@ -414,15 +414,16 @@ static void felem_square(largefelem out, const felem in)
     felem_scalar(inx2, in, 2);
     felem_scalar(inx4, in, 4);
 
-	/*-
-	 * We have many cases were we want to do
-	 *   in[x] * in[y] +
-	 *   in[y] * in[x]
-	 * This is obviously just
-	 *   2 * in[x] * in[y]
-	 * However, rather than do the doubling on the 128 bit result, we
-	 * double one of the inputs to the multiplication by reading from
-	 * |inx2| */
+    /*-
+     * We have many cases were we want to do
+     *   in[x] * in[y] +
+     *   in[y] * in[x]
+     * This is obviously just
+     *   2 * in[x] * in[y]
+     * However, rather than do the doubling on the 128 bit result, we
+     * double one of the inputs to the multiplication by reading from
+     * |inx2|
+     */
 
     out[0] = ((uint128_t) in[0]) * in[0];
     out[1] = ((uint128_t) in[0]) * inx2[1];
@@ -610,10 +611,10 @@ static void felem_reduce(felem out, const largefelem in)
 
     out[1] += ((limb) in[0]) >> 58;
     out[1] += (((limb) (in[0] >> 64)) & bottom52bits) << 6;
-        /*-
-         * out[1] < 2^58 + 2^6 + 2^58
-         *        = 2^59 + 2^6
-         */
+    /*-
+     * out[1] < 2^58 + 2^6 + 2^58
+     *        = 2^59 + 2^6
+     */
     out[2] += ((limb) (in[0] >> 64)) >> 52;
 
     out[2] += ((limb) in[1]) >> 58;
@@ -642,10 +643,10 @@ static void felem_reduce(felem out, const largefelem in)
 
     out[8] += ((limb) in[7]) >> 58;
     out[8] += (((limb) (in[7] >> 64)) & bottom52bits) << 6;
-        /*-
-         * out[x > 1] < 2^58 + 2^6 + 2^58 + 2^12
-         *            < 2^59 + 2^13
-         */
+    /*-
+     * out[x > 1] < 2^58 + 2^6 + 2^58 + 2^12
+     *            < 2^59 + 2^13
+     */
     overflow1 = ((limb) (in[7] >> 64)) >> 52;
 
     overflow1 += ((limb) in[8]) >> 58;
@@ -660,11 +661,11 @@ static void felem_reduce(felem out, const largefelem in)
 
     out[1] += out[0] >> 58;
     out[0] &= bottom58bits;
-        /*-
-         * out[0] < 2^58
-         * out[1] < 2^59 + 2^6 + 2^13 + 2^2
-         *        < 2^59 + 2^14
-         */
+    /*-
+     * out[0] < 2^58
+     * out[1] < 2^59 + 2^6 + 2^13 + 2^2
+     *        < 2^59 + 2^14
+     */
 }
 
 static void felem_square_reduce(felem out, const felem in)
diff --git a/crypto/ec/ecp_oct.c b/crypto/ec/ecp_oct.c
index 5ac8533e73..be309cd80a 100644
--- a/crypto/ec/ecp_oct.c
+++ b/crypto/ec/ecp_oct.c
@@ -96,11 +96,11 @@ int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group,
     if (y == NULL)
         goto err;
 
-        /*-
-         * Recover y.  We have a Weierstrass equation
-         *     y^2 = x^3 + a*x + b,
-         * so  y  is one of the square roots of  x^3 + a*x + b.
-         */
+    /*-
+     * Recover y.  We have a Weierstrass equation
+     *     y^2 = x^3 + a*x + b,
+     * so  y  is one of the square roots of  x^3 + a*x + b.
+     */
 
     /* tmp1 := x^3 */
     if (!BN_nnmod(x, x_, group->field, ctx))
diff --git a/crypto/ec/ecp_smpl.c b/crypto/ec/ecp_smpl.c
index 34ae6d5ff5..ee0c46841b 100644
--- a/crypto/ec/ecp_smpl.c
+++ b/crypto/ec/ecp_smpl.c
@@ -909,10 +909,10 @@ int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
             goto err;
         if (!BN_mod_add_quick(n1, n0, n1, p))
             goto err;
-                /*-
-                 * n1 = 3 * (X_a + Z_a^2) * (X_a - Z_a^2)
-                 *    = 3 * X_a^2 - 3 * Z_a^4
-                 */
+        /*-
+         * n1 = 3 * (X_a + Z_a^2) * (X_a - Z_a^2)
+         *    = 3 * X_a^2 - 3 * Z_a^4
+         */
     } else {
         if (!field_sqr(group, n0, a->X, ctx))
             goto err;
@@ -1033,15 +1033,15 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
     if (Z6 == NULL)
         goto err;
 
-	/*-
-	 * We have a curve defined by a Weierstrass equation
-	 *      y^2 = x^3 + a*x + b.
-	 * The point to consider is given in Jacobian projective coordinates
-	 * where  (X, Y, Z)  represents  (x, y) = (X/Z^2, Y/Z^3).
-	 * Substituting this and multiplying by  Z^6  transforms the above equation into
-	 *      Y^2 = X^3 + a*X*Z^4 + b*Z^6.
-	 * To test this, we add up the right-hand side in 'rh'.
-	 */
+    /*-
+     * We have a curve defined by a Weierstrass equation
+     *      y^2 = x^3 + a*x + b.
+     * The point to consider is given in Jacobian projective coordinates
+     * where  (X, Y, Z)  represents  (x, y) = (X/Z^2, Y/Z^3).
+     * Substituting this and multiplying by  Z^6  transforms the above equation into
+     *      Y^2 = X^3 + a*X*Z^4 + b*Z^6.
+     * To test this, we add up the right-hand side in 'rh'.
+     */
 
     /* rh := X^2 */
     if (!field_sqr(group, rh, point->X, ctx))
@@ -1108,12 +1108,12 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
 int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a,
                       const EC_POINT *b, BN_CTX *ctx)
 {
-        /*-
-         * return values:
-         *  -1   error
-         *   0   equal (in affine coordinates)
-         *   1   not equal
-         */
+    /*-
+     * return values:
+     *  -1   error
+     *   0   equal (in affine coordinates)
+     *   1   not equal
+     */
 
     int (*field_mul) (const EC_GROUP *, BIGNUM *, const BIGNUM *,
                       const BIGNUM *, BN_CTX *);
@@ -1151,12 +1151,12 @@ int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a,
     if (Zb23 == NULL)
         goto end;
 
-	/*-
-	 * We have to decide whether
-	 *     (X_a/Z_a^2, Y_a/Z_a^3) = (X_b/Z_b^2, Y_b/Z_b^3),
-	 * or equivalently, whether
-	 *     (X_a*Z_b^2, Y_a*Z_b^3) = (X_b*Z_a^2, Y_b*Z_a^3).
-	 */
+    /*-
+     * We have to decide whether
+     *     (X_a/Z_a^2, Y_a/Z_a^3) = (X_b/Z_b^2, Y_b/Z_b^3),
+     * or equivalently, whether
+     *     (X_a*Z_b^2, Y_a*Z_b^3) = (X_b*Z_a^2, Y_b*Z_a^3).
+     */
 
     if (!b->Z_is_one) {
         if (!field_sqr(group, Zb23, b->Z, ctx))
author	Matt Caswell <matt@openssl.org>	2015-01-17 01:06:54 +0100
committer	Matt Caswell <matt@openssl.org>	2015-01-22 10:20:10 +0100
commit	35a1cc90bc1795e8893c11e442790ee7f659fffb (patch)
tree	07b5091171d75ea2bcce8b37f1776e03f1f102d1 /crypto/ec
parent	Re-align some comments after running the reformat script. (diff)
download	openssl-master-post-reformat.tar.xz openssl-master-post-reformat.zip