mark all block comments that need format preserving so that

indent will not alter them when reformatting comments

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

12 files changed, 76 insertions, 42 deletions

diff --git a/crypto/bn/asm/x86_64-gcc.c b/crypto/bn/asm/x86_64-gcc.c
index 7d97c0bedc..c6d12f4f81 100644
--- a/crypto/bn/asm/x86_64-gcc.c
+++ b/crypto/bn/asm/x86_64-gcc.c
@@ -2,7 +2,7 @@
 #if !(defined(__GNUC__) && __GNUC__>=2)
 # include "../bn_asm.c"	/* kind of dirty hack for Sun Studio */
 #else
-/*
+/*-
  * x86_64 BIGNUM accelerator version 0.1, December 2002.
  *
  * Implemented by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
@@ -64,7 +64,7 @@
 #undef mul
 #undef mul_add
 
-/*
+/*-
  * "m"(a), "+m"(r)	is the way to favor DirectPath µ-code;
  * "g"(0)		let the compiler to decide where does it
  *			want to keep the value of zero;
diff --git a/crypto/bn/bn_add.c b/crypto/bn/bn_add.c
index 659e1d22d7..2584234cbf 100644
--- a/crypto/bn/bn_add.c
+++ b/crypto/bn/bn_add.c
@@ -70,7 +70,8 @@ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
 	bn_check_top(a);
 	bn_check_top(b);
 
-	/*  a +  b	a+b
+	/*-
+	 *  a +  b	a+b
 	 *  a + -b	a-b
 	 * -a +  b	b-a
 	 * -a + -b	-(a+b)
@@ -266,7 +267,8 @@ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
 	bn_check_top(a);
 	bn_check_top(b);
 
-	/*  a -  b	a-b
+	/*-
+	 *  a -  b	a-b
 	 *  a - -b	a+b
 	 * -a -  b	-(a+b)
 	 * -a - -b	b-a
diff --git a/crypto/bn/bn_div.c b/crypto/bn/bn_div.c
index 1b5c29c7ac..da6b4cf62c 100644
--- a/crypto/bn/bn_div.c
+++ b/crypto/bn/bn_div.c
@@ -172,7 +172,8 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
 #endif /* OPENSSL_NO_ASM */
 
 
-/* BN_div computes  dv := num / divisor,  rounding towards
+/*-
+ * BN_div computes  dv := num / divisor,  rounding towards
  * zero, and sets up rm  such that  dv*divisor + rm = num  holds.
  * Thus:
  *     dv->neg == num->neg ^ divisor->neg  (unless the result is zero)
diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c
index 3a1941a998..45760a8583 100644
--- a/crypto/bn/bn_exp.c
+++ b/crypto/bn/bn_exp.c
@@ -200,7 +200,8 @@ int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
 	bn_check_top(p);
 	bn_check_top(m);
 
-	/* For even modulus  m = 2^k*m_odd,  it might make sense to compute
+	/*-
+	 * For even modulus  m = 2^k*m_odd,  it might make sense to compute
 	 * a^p mod m_odd  and  a^p mod 2^k  separately (with Montgomery
 	 * exponentiation for the odd part), using appropriate exponent
 	 * reductions, and combine the results using the CRT.
diff --git a/crypto/bn/bn_gcd.c b/crypto/bn/bn_gcd.c
index 63a77d2439..233e3f5332 100644
--- a/crypto/bn/bn_gcd.c
+++ b/crypto/bn/bn_gcd.c
@@ -263,7 +263,8 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
 		if (!BN_nnmod(B, B, A, ctx)) goto err;
 		}
 	sign = -1;
-	/* From  B = a mod |n|,  A = |n|  it follows that
+	/*-
+	 * From  B = a mod |n|,  A = |n|  it follows that
 	 *
 	 *      0 <= B < A,
 	 *     -sign*X*a  ==  B   (mod |n|),
@@ -280,7 +281,7 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
 		
 		while (!BN_is_zero(B))
 			{
-			/*
+			/*-
 			 *      0 < B < |n|,
 			 *      0 < A <= |n|,
 			 * (1) -sign*X*a  ==  B   (mod |n|),
@@ -327,7 +328,8 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
 				}
 
 			
-			/* We still have (1) and (2).
+			/*-
+			 * We still have (1) and (2).
 			 * Both  A  and  B  are odd.
 			 * The following computations ensure that
 			 *
@@ -363,7 +365,7 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
 			{
 			BIGNUM *tmp;
 			
-			/*
+			/*-
 			 *      0 < B < A,
 			 * (*) -sign*X*a  ==  B   (mod |n|),
 			 *      sign*Y*a  ==  A   (mod |n|)
@@ -410,7 +412,8 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
 				if (!BN_div(D,M,A,B,ctx)) goto err;
 				}
 			
-			/* Now
+			/*-
+			 * Now
 			 *      A = D*B + M;
 			 * thus we have
 			 * (**)  sign*Y*a  ==  D*B + M   (mod |n|).
@@ -423,7 +426,8 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
 			B=M;
 			/* ... so we have  0 <= B < A  again */
 			
-			/* Since the former  M  is now  B  and the former  B  is now  A,
+			/*-
+			 * Since the former  M  is now  B  and the former  B  is now  A,
 			 * (**) translates into
 			 *       sign*Y*a  ==  D*A + B    (mod |n|),
 			 * i.e.
@@ -476,7 +480,7 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
 			}
 		}
 		
-	/*
+	/*-
 	 * The while loop (Euclid's algorithm) ends when
 	 *      A == gcd(a,n);
 	 * we have
@@ -565,7 +569,8 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
 		if (!BN_nnmod(B, pB, A, ctx)) goto err;
 		}
 	sign = -1;
-	/* From  B = a mod |n|,  A = |n|  it follows that
+	/*-
+	 * From  B = a mod |n|,  A = |n|  it follows that
 	 *
 	 *      0 <= B < A,
 	 *     -sign*X*a  ==  B   (mod |n|),
@@ -576,7 +581,7 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
 		{
 		BIGNUM *tmp;
 		
-		/*
+		/*-
 		 *      0 < B < A,
 		 * (*) -sign*X*a  ==  B   (mod |n|),
 		 *      sign*Y*a  ==  A   (mod |n|)
@@ -591,7 +596,8 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
 		/* (D, M) := (A/B, A%B) ... */		
 		if (!BN_div(D,M,pA,B,ctx)) goto err;
 		
-		/* Now
+		/*-
+		 * Now
 		 *      A = D*B + M;
 		 * thus we have
 		 * (**)  sign*Y*a  ==  D*B + M   (mod |n|).
@@ -604,7 +610,8 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
 		B=M;
 		/* ... so we have  0 <= B < A  again */
 		
-		/* Since the former  M  is now  B  and the former  B  is now  A,
+		/*-
+		 * Since the former  M  is now  B  and the former  B  is now  A,
 		 * (**) translates into
 		 *       sign*Y*a  ==  D*A + B    (mod |n|),
 		 * i.e.
@@ -632,7 +639,7 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
 		sign = -sign;
 		}
 		
-	/*
+	/*-
 	 * The while loop (Euclid's algorithm) ends when
 	 *      A == gcd(a,n);
 	 * we have
diff --git a/crypto/bn/bn_lcl.h b/crypto/bn/bn_lcl.h
index 260f67b348..993579e8f5 100644
--- a/crypto/bn/bn_lcl.h
+++ b/crypto/bn/bn_lcl.h
@@ -118,7 +118,8 @@
 extern "C" {
 #endif
 
-/* Bignum consistency macros
+/*-
+ * Bignum consistency macros
  * There is one "API" macro, bn_fix_top(), for stripping leading zeroes from
  * bignum data after direct manipulations on the data. There is also an
  * "internal" macro, bn_check_top(), for verifying that there are no leading
@@ -268,7 +269,7 @@ struct bn_gencb_st
 	};
 
 
-/*
+/*-
  * BN_window_bits_for_exponent_size -- macro for sliding window mod_exp functions
  *
  *
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index f0b449dc66..886de0d81f 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -72,7 +72,8 @@ const char BN_version[]="Big Number" OPENSSL_VERSION_PTEXT;
 
 /* This stuff appears to be completely unused, so is deprecated */
 #ifndef OPENSSL_NO_DEPRECATED
-/* For a 32 bit machine
+/*-
+ * For a 32 bit machine
  * 2 -   4 ==  128
  * 3 -   8 ==  256
  * 4 -  16 ==  512
diff --git a/crypto/bn/bn_mul.c b/crypto/bn/bn_mul.c
index dde0919218..a98e6078c8 100644
--- a/crypto/bn/bn_mul.c
+++ b/crypto/bn/bn_mul.c
@@ -348,7 +348,8 @@ BN_ULONG bn_add_part_words(BN_ULONG *r,
 /* Karatsuba recursive multiplication algorithm
  * (cf. Knuth, The Art of Computer Programming, Vol. 2) */
 
-/* r is 2*n2 words in size,
+/*-
+ * r is 2*n2 words in size,
  * a and b are both n2 words in size.
  * n2 must be a power of 2.
  * We multiply and return the result.
@@ -466,7 +467,8 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
 		bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,dna,dnb,p);
 		}
 
-	/* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
+	/*-
+	 * t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
 	 * r[10] holds (a[0]*b[0])
 	 * r[32] holds (b[1]*b[1])
 	 */
@@ -483,7 +485,8 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
 		c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),t,n2));
 		}
 
-	/* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
+	/*-
+	 * t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
 	 * r[10] holds (a[0]*b[0])
 	 * r[32] holds (b[1]*b[1])
 	 * c1 holds the carry bits
@@ -638,7 +641,8 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
 			}
 		}
 
-	/* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
+	/*-
+	 * t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
 	 * r[10] holds (a[0]*b[0])
 	 * r[32] holds (b[1]*b[1])
 	 */
@@ -655,7 +659,8 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
 		c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),t,n2));
 		}
 
-	/* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
+	/*-
+	 * t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
 	 * r[10] holds (a[0]*b[0])
 	 * r[32] holds (b[1]*b[1])
 	 * c1 holds the carry bits
@@ -682,7 +687,8 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
 		}
 	}
 
-/* a and b must be the same size, which is n2.
+/*-
+ * a and b must be the same size, which is n2.
  * r needs to be n2 words and t needs to be n2*2
  */
 void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
@@ -707,7 +713,8 @@ void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
 		}
 	}
 
-/* a and b must be the same size, which is n2.
+/*-
+ * a and b must be the same size, which is n2.
  * r needs to be n2 words and t needs to be n2*2
  * l is the low words of the output.
  * t needs to be n2*3
@@ -775,7 +782,8 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
 		bn_mul_recursive(r,&(a[n]),&(b[n]),n,0,0,&(t[n2]));
 		}
 
-	/* s0 == low(al*bl)
+	/*-
+	 * s0 == low(al*bl)
 	 * s1 == low(ah*bh)+low((al-ah)*(bh-bl))+low(al*bl)+high(al*bl)
 	 * We know s0 and s1 so the only unknown is high(al*bl)
 	 * high(al*bl) == s1 - low(ah*bh+s0+(al-ah)*(bh-bl))
@@ -812,16 +820,19 @@ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
 			lp[i]=((~mp[i])+1)&BN_MASK2;
 		}
 
-	/* s[0] = low(al*bl)
+	/*-
+	 * s[0] = low(al*bl)
 	 * t[3] = high(al*bl)
 	 * t[10] = (a[0]-a[1])*(b[1]-b[0]) neg is the sign
 	 * r[10] = (a[1]*b[1])
 	 */
-	/* R[10] = al*bl
+	/*-
+	 * R[10] = al*bl
 	 * R[21] = al*bl + ah*bh + (a[0]-a[1])*(b[1]-b[0])
 	 * R[32] = ah*bh
 	 */
-	/* R[1]=t[3]+l[0]+r[0](+-)t[0] (have carry/borrow)
+	/*-
+	 * R[1]=t[3]+l[0]+r[0](+-)t[0] (have carry/borrow)
 	 * R[2]=r[0]+t[3]+r[1](+-)t[1] (have carry/borrow)
 	 * R[3]=r[1]+(carry/borrow)
 	 */
diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c
index 2d66b61f04..9f390054e3 100644
--- a/crypto/bn/bn_prime.c
+++ b/crypto/bn/bn_prime.c
@@ -524,7 +524,8 @@ loop:
 		{
 		BN_ULONG rnd_word = BN_get_word(rnd);
 
-		/* In the case that the candidate prime is a single word then
+		/*-
+		 * In the case that the candidate prime is a single word then
 		 * we check that:
 		 *   1) It's greater than primes[i] because we shouldn't reject
 		 *      3 as being a prime number because it's a multiple of
@@ -532,7 +533,8 @@ loop:
 		 *   2) That it's not a multiple of a known prime. We don't
 		 *      check that rnd-1 is also coprime to all the known
 		 *      primes because there aren't many small primes where
-		 *      that's true. */
+		 *      that's true. 
+		 */
 		for (i=1; i<NUMPRIMES && primes[i]<rnd_word; i++)
 			{
 			if ((mods[i]+delta)%primes[i] == 0)
diff --git a/crypto/bn/bn_recp.c b/crypto/bn/bn_recp.c
index f99e1b4812..372a01f34e 100644
--- a/crypto/bn/bn_recp.c
+++ b/crypto/bn/bn_recp.c
@@ -172,7 +172,8 @@ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
 			i,ctx); /* BN_reciprocal returns i, or -1 for an error */
 	if (recp->shift == -1) goto err;
 
-	/* d := |round(round(m / 2^BN_num_bits(N)) * recp->Nr / 2^(i - BN_num_bits(N)))|
+	/*-
+	 * d := |round(round(m / 2^BN_num_bits(N)) * recp->Nr / 2^(i - BN_num_bits(N)))|
 	 *    = |round(round(m / 2^BN_num_bits(N)) * round(2^i / N) / 2^(i - BN_num_bits(N)))|
 	 *   <= |(m / 2^BN_num_bits(N)) * (2^i / N) * (2^BN_num_bits(N) / 2^i)|
 	 *    = |m/N|
diff --git a/crypto/bn/bn_sqr.c b/crypto/bn/bn_sqr.c
index 74d7df6ef4..57da1e46ae 100644
--- a/crypto/bn/bn_sqr.c
+++ b/crypto/bn/bn_sqr.c
@@ -190,7 +190,8 @@ void bn_sqr_normal(BN_ULONG *r, const BN_ULONG *a, int n, BN_ULONG *tmp)
 	}
 
 #ifdef BN_RECURSION
-/* r is 2*n words in size,
+/*-
+ * r is 2*n words in size,
  * a and b are both n words in size.    (There's not actually a 'b' here ...)
  * n must be a power of 2.
  * We multiply and return the result.
@@ -249,7 +250,8 @@ void bn_sqr_recursive(BN_ULONG *r, const BN_ULONG *a, int n2, BN_ULONG *t)
 	bn_sqr_recursive(r,a,n,p);
 	bn_sqr_recursive(&(r[n2]),&(a[n]),n,p);
 
-	/* t[32] holds (a[0]-a[1])*(a[1]-a[0]), it is negative or zero
+	/*-
+	 * t[32] holds (a[0]-a[1])*(a[1]-a[0]), it is negative or zero
 	 * r[10] holds (a[0]*b[0])
 	 * r[32] holds (b[1]*b[1])
 	 */
@@ -259,7 +261,8 @@ void bn_sqr_recursive(BN_ULONG *r, const BN_ULONG *a, int n2, BN_ULONG *t)
 	/* t[32] is negative */
 	c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
 
-	/* t[32] holds (a[0]-a[1])*(a[1]-a[0])+(a[0]*a[0])+(a[1]*a[1])
+	/*-
+	 * t[32] holds (a[0]-a[1])*(a[1]-a[0])+(a[0]*a[0])+(a[1]*a[1])
 	 * r[10] holds (a[0]*a[0])
 	 * r[32] holds (a[1]*a[1])
 	 * c1 holds the carry bits
diff --git a/crypto/bn/bn_sqrt.c b/crypto/bn/bn_sqrt.c
index 6beaf9e5e5..04cf4a0bf8 100644
--- a/crypto/bn/bn_sqrt.c
+++ b/crypto/bn/bn_sqrt.c
@@ -135,7 +135,8 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 
 	if (e == 1)
 		{
-		/* The easy case:  (|p|-1)/2  is odd, so 2 has an inverse
+		/*-
+		 * The easy case:  (|p|-1)/2  is odd, so 2 has an inverse
 		 * modulo  (|p|-1)/2,  and square roots can be computed
 		 * directly by modular exponentiation.
 		 * We have
@@ -152,7 +153,8 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 	
 	if (e == 2)
 		{
-		/* |p| == 5  (mod 8)
+		/*-
+		 * |p| == 5  (mod 8)
 		 *
 		 * In this case  2  is always a non-square since
 		 * Legendre(2,p) = (-1)^((p^2-1)/8)  for any odd prime.
@@ -262,7 +264,8 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 		goto end;
 		}
 
-	/* Now we know that (if  p  is indeed prime) there is an integer
+	/*-
+	 * Now we know that (if  p  is indeed prime) there is an integer
 	 * k,  0 <= k < 2^e,  such that
 	 *
 	 *      a^q * y^k == 1   (mod p).
@@ -318,7 +321,8 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 
 	while (1)
 		{
-		/* Now  b  is  a^q * y^k  for some even  k  (0 <= k < 2^E
+		/*- 
+		 * Now  b  is  a^q * y^k  for some even  k  (0 <= k < 2^E
 		 * where  E  refers to the original value of  e,  which we
 		 * don't keep in a variable),  and  x  is  a^((q+1)/2) * y^(k/2).
 		 *