diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h index 188b94771..7b78c7310 100644 --- a/include/mbedtls/ssl_internal.h +++ b/include/mbedtls/ssl_internal.h @@ -379,7 +379,7 @@ typedef int mbedtls_ssl_tls_prf_cb( const unsigned char *secret, size_t slen, const unsigned char *random, size_t rlen, unsigned char *dstbuf, size_t dlen ); -/* cipher.h exports the maximum IV, key and block length from all +/* cipher.h exports the maximum IV, key and block length from * all ciphers enabled in the config, regardless of whether those * ciphers are actually usable in SSL/TLS. Notably, XTS is enabled * in the default configuration and uses 64 Byte keys, but it is diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 5a6204eda..d641b1620 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -59,15 +59,15 @@ struct mbedtls_ssl_tls1_3_labels_struct const mbedtls_ssl_tls1_3_labels = * 255. This allows us to save a few Bytes of code by * hardcoding the writing of the high bytes. * - (label, llen): label + label length, without "tls13 " prefix - * The label length MUST be - * <= MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN - * It is the caller's responsiblity to ensure this. + * The label length MUST be less than or equal to + * MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN + * It is the caller's responsibility to ensure this. * All (label, label length) pairs used in TLS 1.3 * can be obtained via MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(). * - (ctx, clen): context + context length - * The context length MUST be - * <= MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN - * It is the caller's responsiblity to ensure this. + * The context length MUST be less than or equal to + * MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN + * It is the caller's responsibility to ensure this. * - dst: Target buffer for HkdfLabel structure, * This MUST be a writable buffer of size * at least SSL_TLS1_3_KEY_SCHEDULE_MAX_HKDF_LABEL_LEN Bytes. @@ -296,7 +296,7 @@ int mbedtls_ssl_tls1_3_evolve_secret( hlen = mbedtls_md_get_size( md ); /* For non-initial runs, call Derive-Secret( ., "derived", "") - * on the old secreet. */ + * on the old secret. */ if( secret_old != NULL ) { ret = mbedtls_ssl_tls1_3_derive_secret( diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h index 7a9e5c94a..73b8aaf1c 100644 --- a/library/ssl_tls13_keys.h +++ b/library/ssl_tls13_keys.h @@ -64,7 +64,7 @@ extern const struct mbedtls_ssl_tls1_3_labels_struct mbedtls_ssl_tls1_3_labels; #define MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN \ sizeof( union mbedtls_ssl_tls1_3_labels_union ) -/* The maximum length of HKDF contexts used in the TLS 1.3 standad. +/* The maximum length of HKDF contexts used in the TLS 1.3 standard. * Since contexts are always hashes of message transcripts, this can * be approximated from above by the maximum hash size. */ #define MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN \ @@ -94,7 +94,7 @@ extern const struct mbedtls_ssl_tls1_3_labels_struct mbedtls_ssl_tls1_3_labels; * This must be a readable buffer of length \p clen Bytes. * \param clen The length of \p context in Bytes. * \param buf The destination buffer to hold the expanded secret. - * This must be a writable buffe of length \p blen Bytes. + * This must be a writable buffer of length \p blen Bytes. * \param blen The desired size of the expanded secret in Bytes. * * \returns \c 0 on success.