diff --git a/CHANGES.md b/CHANGES.md index b48d7e338b563..7e38b79f21303 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -7457,7 +7457,7 @@ OpenSSL 1.0.1 * Alternate chains certificate forgery - During certificate verfification, OpenSSL will attempt to find an + During certificate verification, OpenSSL will attempt to find an alternative certificate chain if the first attempt to build such a chain fails. An error in the implementation of this logic can mean that an attacker could cause certain checks on untrusted certificates to be @@ -8816,7 +8816,7 @@ OpenSSL 1.0.0 3. Check DSA/ECDSA signatures use DER. - Reencode DSA/ECDSA signatures and compare with the original received + Re-encode DSA/ECDSA signatures and compare with the original received signature. Return an error if there is a mismatch. This will reject various cases including garbage after signature @@ -8863,7 +8863,7 @@ OpenSSL 1.0.0 * Add additional DigestInfo checks. - Reencode DigestInto in DER and check against the original when + Re-encode DigestInto in DER and check against the original when verifying RSA signature: this will reject any improperly encoded DigestInfo structures. diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl index f852acf513210..c7989124bfbf6 100644 --- a/Configurations/unix-Makefile.tmpl +++ b/Configurations/unix-Makefile.tmpl @@ -1121,7 +1121,7 @@ uninstall_image_docs: done # Developer targets (note: these are only available on Unix) ######### -##@ Code maintenence +##@ Code maintenance # It's important that generate_buildinfo comes after ordinals, as ordinals # is sensitive to build.info changes. diff --git a/INSTALL.md b/INSTALL.md index 44e4a2a15aea2..e04eb999fd4ad 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -1566,7 +1566,7 @@ over the build process. Typically these should be defined prior to running PERL The name of the Perl executable to use when building OpenSSL. - Only needed if builing should use a different Perl executable + Only needed if building should use a different Perl executable than what is used to run the Configure script. RANLIB diff --git a/NEWS.md b/NEWS.md index 0833981522ccd..8bfc98aed3d84 100644 --- a/NEWS.md +++ b/NEWS.md @@ -1450,7 +1450,7 @@ OpenSSL 0.9.x * Overhauled Win32 builds * Cleanups and fixes to the Big Number (BN) library * Support for ASN.1 GeneralizedTime - * Splitted ASN.1 SETs from SEQUENCEs + * Split ASN.1 SETs from SEQUENCEs * ASN1 and PEM support for Netscape Certificate Sequences * Overhauled Perl interface * Lots of source tree cleanups. diff --git a/apps/s_client.c b/apps/s_client.c index 534bb5cc66824..4adffa4d4286b 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -2269,7 +2269,7 @@ int s_client_main(int argc, char **argv) if (isquic) { sbio = BIO_new_dgram(sock, BIO_NOCLOSE); if (!SSL_set_initial_peer_addr(con, peer_addr)) { - BIO_printf(bio_err, "Failed to set the inital peer address\n"); + BIO_printf(bio_err, "Failed to set the initial peer address\n"); goto shut; } } else @@ -4019,7 +4019,7 @@ static int user_data_process(struct user_data_st *user_data, size_t *len, && user_data->buf[user_data->bufoff] == '\n') { /* * This command was the only thing on the whole line. We - * supress the final `\n` + * suppress the final `\n` */ user_data->bufoff = 0; user_data->buflen = 0; diff --git a/crypto/bn/bn_nist.c b/crypto/bn/bn_nist.c index b10bf1e51f9fb..71efc596c27f1 100644 --- a/crypto/bn/bn_nist.c +++ b/crypto/bn/bn_nist.c @@ -251,7 +251,7 @@ const BIGNUM *BN_get0_nist_prime_521(void) /* * To avoid more recent compilers (specifically clang-14) from treating this - * code as a violation of the strict aliasing conditions and omiting it, this + * code as a violation of the strict aliasing conditions and omitting it, this * cannot be declared as a function. Moreover, the dst parameter cannot be * cached in a local since this no longer references the union and again falls * foul of the strict aliasing criteria. Refer to #18225 for the initial diff --git a/crypto/deterministic_nonce.c b/crypto/deterministic_nonce.c index 6b78777b42460..afa8543336e97 100644 --- a/crypto/deterministic_nonce.c +++ b/crypto/deterministic_nonce.c @@ -46,7 +46,7 @@ static int bits2int(BIGNUM *out, int qlen_bits, * out The returned Octet String * num The input Integer * rlen The required size of the returned Octet String in bytes - * Returns: 1 if successful, or 0 otherwis + * Returns: 1 if successful, or 0 otherwise. */ static int int2octets(unsigned char *out, const BIGNUM *num, int rlen) { diff --git a/crypto/ec/ec_local.h b/crypto/ec/ec_local.h index f34e06aea89a7..4786f687a4b0c 100644 --- a/crypto/ec/ec_local.h +++ b/crypto/ec/ec_local.h @@ -245,7 +245,7 @@ struct ec_group_st { * equation of the form y^2 + x*y = x^3 + a*x^2 + b. */ BIGNUM *a, *b; - /* enable optimized point arithmetics for special case */ + /* enable optimized point arithmetic for special case */ int a_is_minus3; /* method-specific (e.g., Montgomery structure) */ void *field_data1; @@ -318,7 +318,7 @@ struct ec_point_st { BIGNUM *Y; BIGNUM *Z; /* Jacobian projective coordinates: * (X, Y, * Z) represents (X/Z^2, Y/Z^3) if Z != 0 */ - int Z_is_one; /* enable optimized point arithmetics for + int Z_is_one; /* enable optimized point arithmetic for * special case */ }; diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index a3fac68232256..df8b73ba2d9b3 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -927,7 +927,7 @@ PEM_R_UNSUPPORTED_ENCRYPTION:114:unsupported encryption PEM_R_UNSUPPORTED_KEY_COMPONENTS:126:unsupported key components PEM_R_UNSUPPORTED_PUBLIC_KEY_TYPE:110:unsupported public key type PKCS12_R_CALLBACK_FAILED:115:callback failed -PKCS12_R_CANT_PACK_STRUCTURE:100:cant pack structure +PKCS12_R_CANT_PACK_STRUCTURE:100:can't pack structure PKCS12_R_CONTENT_TYPE_NOT_DATA:121:content type not data PKCS12_R_DECODE_ERROR:101:decode error PKCS12_R_ENCODE_ERROR:102:encode error @@ -1761,7 +1761,7 @@ X509_R_AKID_MISMATCH:110:akid mismatch X509_R_BAD_SELECTOR:133:bad selector X509_R_BAD_X509_FILETYPE:100:bad x509 filetype X509_R_BASE64_DECODE_ERROR:118:base64 decode error -X509_R_CANT_CHECK_DH_KEY:114:cant check dh key +X509_R_CANT_CHECK_DH_KEY:114:can't check dh key X509_R_CERTIFICATE_VERIFICATION_FAILED:139:certificate verification failed X509_R_CERT_ALREADY_IN_HASH_TABLE:101:cert already in hash table X509_R_CRL_ALREADY_DELTA:127:crl already delta diff --git a/crypto/hpke/hpke.c b/crypto/hpke/hpke.c index bf94d17ce6b70..8178ff249a19d 100644 --- a/crypto/hpke/hpke.c +++ b/crypto/hpke/hpke.c @@ -438,7 +438,7 @@ static size_t hpke_seqnonce2buf(OSSL_HPKE_CTX *ctx, * @brief call the underlying KEM to encap * @param ctx is the OSSL_HPKE_CTX * @param enc is a buffer for the sender's ephemeral public value - * @param enclen is the size of enc on input, number of octets used on ouptut + * @param enclen is the size of enc on input, number of octets used on output * @param pub is the recipient's public value * @param publen is the length of pub * @return 1 for success, 0 for error diff --git a/crypto/hpke/hpke_util.c b/crypto/hpke/hpke_util.c index b7a40b159117c..2f863cd6089de 100644 --- a/crypto/hpke/hpke_util.c +++ b/crypto/hpke/hpke_util.c @@ -114,7 +114,7 @@ static const OSSL_HPKE_KDF_INFO hpke_kdf_tab[] = { * others above. * * The function to use these is ossl_hpke_str2suite() further down - * this file and shouln't need modification so long as the table + * this file and shouldn't need modification so long as the table * sizes (i.e. allow exactly 4 synonyms) don't change. */ static const synonymttab_t kemstrtab[] = { diff --git a/crypto/modes/asm/aes-gcm-armv8-unroll8_64.pl b/crypto/modes/asm/aes-gcm-armv8-unroll8_64.pl index e9f50cddfd760..d17f4b16ef462 100644 --- a/crypto/modes/asm/aes-gcm-armv8-unroll8_64.pl +++ b/crypto/modes/asm/aes-gcm-armv8-unroll8_64.pl @@ -1100,7 +1100,7 @@ ins $acc_m.d[0], $h78k.d[1] @ GHASH final-7 block - mid eor $rk4v.8b, $rk4v.8b, $res0.8b @ GHASH final-7 block - mid - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in eor3 $res1b, $ctr_t1b, $ctr1b, $t1.16b @ AES final-6 block - result @@ -1121,7 +1121,7 @@ pmull $rk3q1, $res0.1d, $h7.1d @ GHASH final-6 block - low eor $rk4v.8b, $rk4v.8b, $res0.8b @ GHASH final-6 block - mid - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in pmull $rk4v.1q, $rk4v.1d, $h78k.1d @ GHASH final-6 block - mid pmull2 $rk2q1, $res0.2d, $h7.2d @ GHASH final-6 block - high @@ -1150,7 +1150,7 @@ eor3 $res1b, $ctr_t1b, $ctr3b, $t1.16b @ AES final-4 block - result pmull $rk3q1, $res0.1d, $h6.1d @ GHASH final-5 block - low - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in pmull2 $rk4v.1q, $rk4v.2d, $h56k.2d @ GHASH final-5 block - mid eor $acc_lb, $acc_lb, $rk3 @ GHASH final-5 block - low @@ -1167,7 +1167,7 @@ eor $res0b, $res0b, $t0.16b @ feed in partial tag ins $rk4v.d[0], $res0.d[1] @ GHASH final-4 block - mid - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in pmull2 $rk2q1, $res0.2d, $h5.2d @ GHASH final-4 block - high eor $rk4v.8b, $rk4v.8b, $res0.8b @ GHASH final-4 block - mid @@ -1191,7 +1191,7 @@ rev64 $res0b, $res1b @ GHASH final-3 block eor $res0b, $res0b, $t0.16b @ feed in partial tag - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in ins $rk4v.d[0], $res0.d[1] @ GHASH final-3 block - mid ldr $h34kq, [$current_tag, #96] @ load h4k | h3k @@ -1224,7 +1224,7 @@ ins $rk4v.d[0], $res0.d[1] @ GHASH final-2 block - mid ldr $h3q, [$current_tag, #80] @ load h3l | h3h ext $h3.16b, $h3.16b, $h3.16b, #8 - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in eor $rk4v.8b, $rk4v.8b, $res0.8b @ GHASH final-2 block - mid eor3 $res1b, $ctr_t1b, $ctr6b, $t1.16b @ AES final-1 block - result @@ -1249,7 +1249,7 @@ eor $res0b, $res0b, $t0.16b @ feed in partial tag - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in ins $rk4v.d[0], $res0.d[1] @ GHASH final-1 block - mid eor3 $res1b, $ctr_t1b, $ctr7b, $t1.16b @ AES final block - result @@ -2187,7 +2187,7 @@ pmull $acc_l.1q, $res0.1d, $h8.1d @ GHASH final-7 block - low ins $rk4v.d[0], $res0.d[1] @ GHASH final-7 block - mid - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in ldr $res1q, [$input_ptr], #16 @ AES final-6 block - load ciphertext eor $rk4v.8b, $rk4v.8b, $res0.8b @ GHASH final-7 block - mid @@ -2209,7 +2209,7 @@ pmull $rk3q1, $res0.1d, $h7.1d @ GHASH final-6 block - low ldr $res1q, [$input_ptr], #16 @ AES final-5 block - load ciphertext - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in pmull $rk4v.1q, $rk4v.1d, $h78k.1d @ GHASH final-6 block - mid st1 { $res4b}, [$output_ptr], #16 @ AES final-6 block - store result @@ -2237,7 +2237,7 @@ ins $rk4v.d[1], $rk4v.d[0] @ GHASH final-5 block - mid pmull $rk3q1, $res0.1d, $h6.1d @ GHASH final-5 block - low - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in pmull2 $rk4v.1q, $rk4v.2d, $h56k.2d @ GHASH final-5 block - mid pmull2 $rk2q1, $res0.2d, $h6.2d @ GHASH final-5 block - high @@ -2253,7 +2253,7 @@ ldr $res1q, [$input_ptr], #16 @ AES final-3 block - load ciphertext ins $rk4v.d[0], $res0.d[1] @ GHASH final-4 block - mid - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in pmull2 $rk2q1, $res0.2d, $h5.2d @ GHASH final-4 block - high pmull $rk3q1, $res0.1d, $h5.1d @ GHASH final-4 block - low @@ -2290,7 +2290,7 @@ pmull $rk3q1, $res0.1d, $h4.1d @ GHASH final-3 block - low pmull2 $rk2q1, $res0.2d, $h4.2d @ GHASH final-3 block - high - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in eor3 $res4b, $res1b, $ctr5b, $t1.16b @ AES final-2 block - result eor $acc_lb, $acc_lb, $rk3 @ GHASH final-3 block - low @@ -2307,7 +2307,7 @@ eor $res0b, $res0b, $t0.16b @ feed in partial tag ldr $h3q, [$current_tag, #80] @ load h3l | h3h ext $h3.16b, $h3.16b, $h3.16b, #8 - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in ins $rk4v.d[0], $res0.d[1] @ GHASH final-2 block - mid @@ -2335,7 +2335,7 @@ eor $res0b, $res0b, $t0.16b @ feed in partial tag - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in ins $rk4v.d[0], $res0.d[1] @ GHASH final-1 block - mid @@ -3416,7 +3416,7 @@ ldr $ctr_t1q, [$input_ptr], #16 @ AES final-6 block - load plaintext eor $rk4v.8b, $rk4v.8b, $res0.8b @ GHASH final-7 block - mid - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in pmull $acc_l.1q, $res0.1d, $h8.1d @ GHASH final-7 block - low pmull2 $acc_h.1q, $res0.2d, $h8.2d @ GHASH final-7 block - high @@ -3438,7 +3438,7 @@ pmull $rk3q1, $res0.1d, $h7.1d @ GHASH final-6 block - low eor3 $res1b, $ctr_t1b, $ctr2b, $t1.16b @ AES final-5 block - result - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in pmull2 $rk2q1, $res0.2d, $h7.2d @ GHASH final-6 block - high eor $rk4v.8b, $rk4v.8b, $res0.8b @ GHASH final-6 block - mid @@ -3471,7 +3471,7 @@ pmull2 $rk4v.1q, $rk4v.2d, $h56k.2d @ GHASH final-5 block - mid eor3 $res1b, $ctr_t1b, $ctr3b, $t1.16b @ AES final-4 block - result - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in eor $acc_mb, $acc_mb, $rk4v.16b @ GHASH final-5 block - mid .L192_enc_blocks_more_than_4: @ blocks left > 4 @@ -3491,7 +3491,7 @@ eor $rk4v.8b, $rk4v.8b, $res0.8b @ GHASH final-4 block - mid - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in eor $acc_lb, $acc_lb, $rk3 @ GHASH final-4 block - low pmull $rk4v.1q, $rk4v.1d, $h56k.1d @ GHASH final-4 block - mid @@ -3506,7 +3506,7 @@ rev64 $res0b, $res1b @ GHASH final-3 block eor $res0b, $res0b, $t0.16b @ feed in partial tag - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in ldr $ctr_t1q, [$input_ptr], #16 @ AES final-2 block - load plaintext ldr $h4q, [$current_tag, #112] @ load h4l | h4h @@ -3544,7 +3544,7 @@ pmull $rk3q1, $res0.1d, $h3.1d @ GHASH final-2 block - low pmull2 $rk2q1, $res0.2d, $h3.2d @ GHASH final-2 block - high - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in pmull $rk4v.1q, $rk4v.1d, $h34k.1d @ GHASH final-2 block - mid @@ -3578,7 +3578,7 @@ eor3 $res1b, $ctr_t1b, $ctr7b, $t1.16b @ AES final block - result pmull2 $rk4v.1q, $rk4v.2d, $h12k.2d @ GHASH final-1 block - mid - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in eor $acc_mb, $acc_mb, $rk4v.16b @ GHASH final-1 block - mid eor $acc_hb, $acc_hb, $rk2 @ GHASH final-1 block - high @@ -4581,7 +4581,7 @@ eor3 $res4b, $res1b, $ctr1b, $t1.16b @ AES final-6 block - result pmull $acc_m.1q, $rk4v.1d, $acc_m.1d @ GHASH final-7 block - mid - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in .L192_dec_blocks_more_than_6: @ blocks left > 6 rev64 $res0b, $res1b @ GHASH final-6 block @@ -4592,7 +4592,7 @@ ins $rk4v.d[0], $res0.d[1] @ GHASH final-6 block - mid eor $rk4v.8b, $rk4v.8b, $res0.8b @ GHASH final-6 block - mid - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in pmull2 $rk2q1, $res0.2d, $h7.2d @ GHASH final-6 block - high st1 { $res4b}, [$output_ptr], #16 @ AES final-6 block - store result @@ -4625,7 +4625,7 @@ pmull2 $rk4v.1q, $rk4v.2d, $h56k.2d @ GHASH final-5 block - mid eor $acc_lb, $acc_lb, $rk3 @ GHASH final-5 block - low - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in st1 { $res4b}, [$output_ptr], #16 @ AES final-5 block - store result eor $acc_mb, $acc_mb, $rk4v.16b @ GHASH final-5 block - mid @@ -4635,7 +4635,7 @@ rev64 $res0b, $res1b @ GHASH final-4 block eor $res0b, $res0b, $t0.16b @ feed in partial tag - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in ldr $res1q, [$input_ptr], #16 @ AES final-3 block - load ciphertext ins $rk4v.d[0], $res0.d[1] @ GHASH final-4 block - mid @@ -4666,7 +4666,7 @@ pmull2 $rk2q1, $res0.2d, $h4.2d @ GHASH final-3 block - high eor $acc_hb, $acc_hb, $rk2 @ GHASH final-3 block - high - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in pmull $rk3q1, $res0.1d, $h4.1d @ GHASH final-3 block - low st1 { $res4b}, [$output_ptr], #16 @ AES final-3 block - store result @@ -4700,7 +4700,7 @@ pmull $rk3q1, $res0.1d, $h3.1d @ GHASH final-2 block - low pmull $rk4v.1q, $rk4v.1d, $h34k.1d @ GHASH final-2 block - mid - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in eor $acc_lb, $acc_lb, $rk3 @ GHASH final-2 block - low st1 { $res4b}, [$output_ptr], #16 @ AES final-2 block - store result @@ -4715,7 +4715,7 @@ ext $h2.16b, $h2.16b, $h2.16b, #8 eor $res0b, $res0b, $t0.16b @ feed in partial tag - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in ldr $h12kq, [$current_tag, #48] @ load h2k | h1k pmull $rk3q1, $res0.1d, $h2.1d @ GHASH final-1 block - low @@ -5862,7 +5862,7 @@ ins $rk4v.d[0], $res0.d[1] @ GHASH final-7 block - mid ins $acc_m.d[0], $h78k.d[1] @ GHASH final-7 block - mid - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in eor $rk4v.8b, $rk4v.8b, $res0.8b @ GHASH final-7 block - mid eor3 $res1b, $ctr_t1b, $ctr1b, $t1.16b @ AES final-6 block - result @@ -5890,7 +5890,7 @@ pmull $rk4v.1q, $rk4v.1d, $h78k.1d @ GHASH final-6 block - mid eor3 $res1b, $ctr_t1b, $ctr2b, $t1.16b @ AES final-5 block - result - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in eor $acc_mb, $acc_mb, $rk4v.16b @ GHASH final-6 block - mid eor $acc_hb, $acc_hb, $rk2 @ GHASH final-6 block - high @@ -5915,7 +5915,7 @@ pmull $rk3q1, $res0.1d, $h6.1d @ GHASH final-5 block - low pmull2 $rk4v.1q, $rk4v.2d, $h56k.2d @ GHASH final-5 block - mid - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in eor $acc_lb, $acc_lb, $rk3 @ GHASH final-5 block - low eor $acc_mb, $acc_mb, $rk4v.16b @ GHASH final-5 block - mid @@ -5941,7 +5941,7 @@ pmull $rk4v.1q, $rk4v.1d, $h56k.1d @ GHASH final-4 block - mid - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in eor $acc_mb, $acc_mb, $rk4v.16b @ GHASH final-4 block - mid eor $acc_hb, $acc_hb, $rk2 @ GHASH final-4 block - high @@ -5969,7 +5969,7 @@ pmull $rk3q1, $res0.1d, $h4.1d @ GHASH final-3 block - low eor3 $res1b, $ctr_t1b, $ctr5b, $t1.16b @ AES final-2 block - result - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in eor $acc_mb, $acc_mb, $rk4v.16b @ GHASH final-3 block - mid eor $acc_lb, $acc_lb, $rk3 @ GHASH final-3 block - low @@ -5987,7 +5987,7 @@ ins $rk4v.d[0], $res0.d[1] @ GHASH final-2 block - mid - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in pmull2 $rk2q1, $res0.2d, $h3.2d @ GHASH final-2 block - high eor3 $res1b, $ctr_t1b, $ctr6b, $t1.16b @ AES final-1 block - result @@ -6011,7 +6011,7 @@ ldr $ctr_t1q, [$input_ptr], #16 @ AES final block - load plaintext eor $res0b, $res0b, $t0.16b @ feed in partial tag - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in ins $rk4v.d[0], $res0.d[1] @ GHASH final-1 block - mid pmull2 $rk2q1, $res0.2d, $h2.2d @ GHASH final-1 block - high @@ -7095,7 +7095,7 @@ pmull2 $acc_h.1q, $res0.2d, $h8.2d @ GHASH final-7 block - high eor $rk4v.8b, $rk4v.8b, $res0.8b @ GHASH final-7 block - mid - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in pmull $acc_l.1q, $res0.1d, $h8.1d @ GHASH final-7 block - low pmull $acc_m.1q, $rk4v.1d, $acc_m.1d @ GHASH final-7 block - mid @@ -7105,7 +7105,7 @@ eor $res0b, $res0b, $t0.16b @ feed in partial tag ldr $res1q, [$input_ptr], #16 @ AES final-5 block - load ciphertext - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in ins $rk4v.d[0], $res0.d[1] @ GHASH final-6 block - mid st1 { $res4b}, [$output_ptr], #16 @ AES final-6 block - store result @@ -7145,7 +7145,7 @@ eor $acc_lb, $acc_lb, $rk3 @ GHASH final-5 block - low eor $acc_mb, $acc_mb, $rk4v.16b @ GHASH final-5 block - mid - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in .L256_dec_blocks_more_than_4: @ blocks left > 4 rev64 $res0b, $res1b @ GHASH final-4 block @@ -7155,7 +7155,7 @@ ins $rk4v.d[0], $res0.d[1] @ GHASH final-4 block - mid ldr $res1q, [$input_ptr], #16 @ AES final-3 block - load ciphertext - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in pmull $rk3q1, $res0.1d, $h5.1d @ GHASH final-4 block - low pmull2 $rk2q1, $res0.2d, $h5.2d @ GHASH final-4 block - high @@ -7192,7 +7192,7 @@ pmull $rk3q1, $res0.1d, $h4.1d @ GHASH final-3 block - low pmull2 $rk2q1, $res0.2d, $h4.2d @ GHASH final-3 block - high - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in pmull2 $rk4v.1q, $rk4v.2d, $h34k.2d @ GHASH final-3 block - mid eor $acc_lb, $acc_lb, $rk3 @ GHASH final-3 block - low @@ -7217,7 +7217,7 @@ eor $rk4v.8b, $rk4v.8b, $res0.8b @ GHASH final-2 block - mid eor $acc_lb, $acc_lb, $rk3 @ GHASH final-2 block - low - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in pmull $rk4v.1q, $rk4v.1d, $h34k.1d @ GHASH final-2 block - mid pmull2 $rk2q1, $res0.2d, $h3.2d @ GHASH final-2 block - high @@ -7250,7 +7250,7 @@ pmull2 $rk4v.1q, $rk4v.2d, $h12k.2d @ GHASH final-1 block - mid - movi $t0.8b, #0 @ supress further partial tag feed in + movi $t0.8b, #0 @ suppress further partial tag feed in eor $acc_hb, $acc_hb, $rk2 @ GHASH final-1 block - high eor $acc_mb, $acc_mb, $rk4v.16b @ GHASH final-1 block - mid diff --git a/crypto/modes/asm/aes-gcm-avx512.pl b/crypto/modes/asm/aes-gcm-avx512.pl index 41d91ef710d0b..3433f52f50059 100644 --- a/crypto/modes/asm/aes-gcm-avx512.pl +++ b/crypto/modes/asm/aes-gcm-avx512.pl @@ -1234,7 +1234,7 @@ sub GHASH_1_TO_16 { # ;; To compute GH = GH*HashKey mod poly, give HK = HashKey<<1 mod poly as input # ;; GH = GH * HK * x mod poly which is equivalent to GH*HashKey mod poly. # ;; -# ;; Refer to [3] for more detals. +# ;; Refer to [3] for more details. # ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; sub GHASH_MUL { my $GH = $_[0]; #; [in/out] xmm/ymm/zmm with multiply operand(s) (128-bits) diff --git a/crypto/modes/asm/ghash-riscv64.pl b/crypto/modes/asm/ghash-riscv64.pl index 677c438a44bf8..8ec323d3bcdec 100644 --- a/crypto/modes/asm/ghash-riscv64.pl +++ b/crypto/modes/asm/ghash-riscv64.pl @@ -265,7 +265,7 @@ # input: Xi: current hash value # Htable: copy of H # inp: pointer to input data -# len: length of input data in bytes (mutiple of block size) +# len: length of input data in bytes (multiple of block size) # output: Xi: Xi+1 (next hash value Xi) { my ($Xi,$Htable,$inp,$len,$x0,$x1,$y0,$y1) = ("a0","a1","a2","a3","a4","a5","a6","a7"); diff --git a/crypto/modes/gcm128.c b/crypto/modes/gcm128.c index 3a29e35c11367..9639ef4666926 100644 --- a/crypto/modes/gcm128.c +++ b/crypto/modes/gcm128.c @@ -49,7 +49,7 @@ typedef size_t size_t_aX; /*- * - * NOTE: TABLE_BITS and all non-4bit implmentations have been removed in 3.1. + * NOTE: TABLE_BITS and all non-4bit implementations have been removed in 3.1. * * Even though permitted values for TABLE_BITS are 8, 4 and 1, it should * never be set to 8. 8 is effectively reserved for testing purposes. diff --git a/crypto/param_build.c b/crypto/param_build.c index ae215ff5aad60..7604f9bd6ce9a 100644 --- a/crypto/param_build.c +++ b/crypto/param_build.c @@ -32,7 +32,7 @@ typedef struct { union { /* * These fields are never directly addressed, but their sizes are - * imporant so that all native types can be copied here without overrun. + * important so that all native types can be copied here without overrun. */ ossl_intmax_t i; ossl_uintmax_t u; diff --git a/crypto/pkcs12/pk12err.c b/crypto/pkcs12/pk12err.c index b53b0e0d092ac..798b38a6c0fbc 100644 --- a/crypto/pkcs12/pk12err.c +++ b/crypto/pkcs12/pk12err.c @@ -17,7 +17,7 @@ static const ERR_STRING_DATA PKCS12_str_reasons[] = { {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_CALLBACK_FAILED), "callback failed"}, {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_CANT_PACK_STRUCTURE), - "cant pack structure"}, + "can't pack structure"}, {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_CONTENT_TYPE_NOT_DATA), "content type not data"}, {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_DECODE_ERROR), "decode error"}, diff --git a/crypto/rc4/asm/rc4-x86_64.pl b/crypto/rc4/asm/rc4-x86_64.pl index 5a903f5739e12..65752d19bf521 100755 --- a/crypto/rc4/asm/rc4-x86_64.pl +++ b/crypto/rc4/asm/rc4-x86_64.pl @@ -23,7 +23,7 @@ # Presumably it has everything to do with AMD cache architecture and # RAW or whatever penalties. Once again! The module *requires* config # line *without* RC4_CHAR! As for coding "secret," I bet on partial -# register arithmetics. For example instead of 'inc %r8; and $255,%r8' +# register arithmetic. For example instead of 'inc %r8; and $255,%r8' # I simply 'inc %r8b'. Even though optimization manual discourages # to operate on partial registers, it turned out to be the best bet. # At least for AMD... How IA32E would perform remains to be seen... diff --git a/crypto/rsa/rsa_ossl.c b/crypto/rsa/rsa_ossl.c index 8b9ebbb9ddf63..6e1350c51bfdb 100644 --- a/crypto/rsa/rsa_ossl.c +++ b/crypto/rsa/rsa_ossl.c @@ -442,7 +442,7 @@ static int derive_kdk(int flen, const unsigned char *from, RSA *rsa, * different hash doesn't provide a Bleichenbacher oracle: * if the attacker can see that different versions return different * messages for the same ciphertext, they'll know that the message is - * syntethically generated, which means that the padding check failed + * synthetically generated, which means that the padding check failed */ md = EVP_MD_fetch(rsa->libctx, "sha256", NULL); if (md == NULL) { diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c index 04fb0e4ed5e69..c91457db60809 100644 --- a/crypto/rsa/rsa_pk1.c +++ b/crypto/rsa/rsa_pk1.c @@ -311,7 +311,7 @@ static int ossl_rsa_prf(OSSL_LIB_CTX *ctx, * different hash doesn't provide a Bleichenbacher oracle: * if the attacker can see that different versions return different * messages for the same ciphertext, they'll know that the message is - * syntethically generated, which means that the padding check failed + * synthetically generated, which means that the padding check failed */ md = EVP_MD_fetch(ctx, "sha256", NULL); if (md == NULL) { @@ -392,7 +392,7 @@ int ossl_rsa_padding_check_PKCS1_type_2(OSSL_LIB_CTX *ctx, int num, unsigned char *kdk) { /* - * We need to generate a random length for the synthethic message, to avoid + * We need to generate a random length for the synthetic message, to avoid * bias towards zero and avoid non-constant timeness of DIV, we prepare * 128 values to check if they are not too large for the used key size, * and use 0 in case none of them are small enough, as 2^-128 is a good enough @@ -400,7 +400,7 @@ int ossl_rsa_padding_check_PKCS1_type_2(OSSL_LIB_CTX *ctx, */ #define MAX_LEN_GEN_TRIES 128 unsigned char *synthetic = NULL; - int synthethic_length; + int synthetic_length; uint16_t len_candidate; unsigned char candidate_lengths[MAX_LEN_GEN_TRIES * sizeof(len_candidate)]; uint16_t len_mask; @@ -452,18 +452,18 @@ int ossl_rsa_padding_check_PKCS1_type_2(OSSL_LIB_CTX *ctx, len_mask |= len_mask >> 4; len_mask |= len_mask >> 8; - synthethic_length = 0; + synthetic_length = 0; for (i = 0; i < MAX_LEN_GEN_TRIES * (int)sizeof(len_candidate); i += sizeof(len_candidate)) { len_candidate = (candidate_lengths[i] << 8) | candidate_lengths[i + 1]; len_candidate &= len_mask; - synthethic_length = constant_time_select_int( + synthetic_length = constant_time_select_int( constant_time_lt(len_candidate, max_sep_offset), - len_candidate, synthethic_length); + len_candidate, synthetic_length); } - synth_msg_index = flen - synthethic_length; + synth_msg_index = flen - synthetic_length; /* we have alternative message ready, check the real one */ good = constant_time_is_zero(from[0]); @@ -493,7 +493,7 @@ int ossl_rsa_padding_check_PKCS1_type_2(OSSL_LIB_CTX *ctx, /* * old code returned an error in case the decrypted message wouldn't fit - * into the |to|, since that would leak information, return the synthethic + * into the |to|, since that would leak information, return the synthetic * message instead */ good &= constant_time_ge(tlen, num - msg_index); diff --git a/crypto/sm4/asm/vpsm4-armv8.pl b/crypto/sm4/asm/vpsm4-armv8.pl index 79219c3ab111b..a09e44cada7cb 100755 --- a/crypto/sm4/asm/vpsm4-armv8.pl +++ b/crypto/sm4/asm/vpsm4-armv8.pl @@ -1477,7 +1477,7 @@ () cmp $remain,0 b.eq .return${std} -// This brance calculates the last two tweaks, +// This branch calculates the last two tweaks, // while the encryption/decryption length is larger than 32 .last_2blks_tweak${std}: ld1 {@tweak[0].4s},[$ivp] @@ -1489,7 +1489,7 @@ () b .check_dec${std} -// This brance calculates the last two tweaks, +// This branch calculates the last two tweaks, // while the encryption/decryption length is equal to 32, who only need two tweaks .only_2blks_tweak${std}: mov @tweak[1].16b,@tweak[0].16b diff --git a/crypto/sm4/asm/vpsm4_ex-armv8.pl b/crypto/sm4/asm/vpsm4_ex-armv8.pl index f2d5b6debf610..992ac98af72c2 100644 --- a/crypto/sm4/asm/vpsm4_ex-armv8.pl +++ b/crypto/sm4/asm/vpsm4_ex-armv8.pl @@ -1452,7 +1452,7 @@ () cmp $remain,0 b.eq .return${std} -// This brance calculates the last two tweaks, +// This branch calculates the last two tweaks, // while the encryption/decryption length is larger than 32 .last_2blks_tweak${std}: ___ @@ -1463,7 +1463,7 @@ () b .check_dec${std} -// This brance calculates the last two tweaks, +// This branch calculates the last two tweaks, // while the encryption/decryption length is equal to 32, who only need two tweaks .only_2blks_tweak${std}: mov @tweak[1].16b,@tweak[0].16b diff --git a/crypto/thread/arch/thread_win.c b/crypto/thread/arch/thread_win.c index 96f1e81a21ad4..ce7ff4931134e 100644 --- a/crypto/thread/arch/thread_win.c +++ b/crypto/thread/arch/thread_win.c @@ -70,8 +70,8 @@ int ossl_crypto_thread_native_perform_join(CRYPTO_THREAD *thread, CRYPTO_THREAD_ /* * GetExitCodeThread call followed by this check is to make sure that - * the thread exitted properly. In particular, thread_retval may be - * non-zero when exitted via explicit ExitThread/TerminateThread or + * the thread exited properly. In particular, thread_retval may be + * non-zero when exited via explicit ExitThread/TerminateThread or * if the thread is still active (returns STILL_ACTIVE (259)). */ if (thread_retval != 0) diff --git a/crypto/x509/x509_err.c b/crypto/x509/x509_err.c index 61f1e3ecc16fc..3e10443582d75 100644 --- a/crypto/x509/x509_err.c +++ b/crypto/x509/x509_err.c @@ -20,7 +20,7 @@ static const ERR_STRING_DATA X509_str_reasons[] = { {ERR_PACK(ERR_LIB_X509, 0, X509_R_BAD_X509_FILETYPE), "bad x509 filetype"}, {ERR_PACK(ERR_LIB_X509, 0, X509_R_BASE64_DECODE_ERROR), "base64 decode error"}, - {ERR_PACK(ERR_LIB_X509, 0, X509_R_CANT_CHECK_DH_KEY), "cant check dh key"}, + {ERR_PACK(ERR_LIB_X509, 0, X509_R_CANT_CHECK_DH_KEY), "can't check dh key"}, {ERR_PACK(ERR_LIB_X509, 0, X509_R_CERTIFICATE_VERIFICATION_FAILED), "certificate verification failed"}, {ERR_PACK(ERR_LIB_X509, 0, X509_R_CERT_ALREADY_IN_HASH_TABLE), diff --git a/dev/release-aux/README.md b/dev/release-aux/README.md index a0438f06b23ba..7c3128793006f 100644 --- a/dev/release-aux/README.md +++ b/dev/release-aux/README.md @@ -1,5 +1,5 @@ -Auxillary files for dev/release.sh -=================================== +Auxiliary files for dev/release.sh +================================== - release-state-fn.sh diff --git a/doc/designs/ddd/WINDOWS.md b/doc/designs/ddd/WINDOWS.md index 2c96a9542ed5a..d92c4133d315d 100644 --- a/doc/designs/ddd/WINDOWS.md +++ b/doc/designs/ddd/WINDOWS.md @@ -32,7 +32,7 @@ For this reason it's actually common for asynchronous I/O libraries to basically contain two separate implementations of their APIs internally, or at least a substantial chunk of their code (e.g. libuv, nanomsg). It turns out to be easier just to write a poll-based implementation of an I/O reactor and an IOCP-based -implementation than try to overcome the impedence discontinuities. +implementation than try to overcome the impedance discontinuities. The difference between polling and IOCPs is that polling reports *readiness* whereas IOCPs report *completion of an operation*. For example, in the IOCP diff --git a/doc/designs/quic-design/congestion-control.md b/doc/designs/quic-design/congestion-control.md index 336290b5f934e..d6892ed76981a 100644 --- a/doc/designs/quic-design/congestion-control.md +++ b/doc/designs/quic-design/congestion-control.md @@ -15,7 +15,7 @@ Congestion controllers are not thread safe; the caller is responsible for synchronisation. Congestion controllers may vary their state with respect to time. This is -faciliated via the `get_wakeup_deadline` method and the `now` argument to the +facilitated via the `get_wakeup_deadline` method and the `now` argument to the `new` method, which provides access to a clock. While no current congestion controller makes use of this facility, it can be used by future congestion controllers to implement packet pacing. @@ -40,10 +40,10 @@ only a single path per connection, so there is one congestion control instance per connection. This may change in future. While the congestion control API is roughly based around the arrangement of -functions as described by the congestion control psuedocode in RFC 9002, there +functions as described by the congestion control pseudocode in RFC 9002, there are some deliberate changes in order to obtain cleaner separation between the loss detection and congestion control functions. Where a literal option of RFC -9002 psuedocode would require a congestion controller to access the ACK +9002 pseudocode would require a congestion controller to access the ACK manager's internal state directly, the interface between the two has been changed to avoid this. This involves some small amounts of functionality which RFC 9002 considers part of the congestion controller being part of the ACK diff --git a/doc/designs/quic-design/dgram-api.md b/doc/designs/quic-design/dgram-api.md index cbd6d56970ad8..691a3acd14d89 100644 --- a/doc/designs/quic-design/dgram-api.md +++ b/doc/designs/quic-design/dgram-api.md @@ -55,7 +55,7 @@ The adopted design makes the following design decisions: The motivation for this is that these functions are intended to support concurrent use on the same BIO. If they read or modify BIO state, they would - need to be sychronised with a lock, undermining performance on what (for + need to be synchronised with a lock, undermining performance on what (for `BIO_dgram`) would otherwise be a straight system call. - We do not support iovecs. The motivations for this are: @@ -286,7 +286,7 @@ If we go with this, there are some issues that arise: `sendmsg`/`recvmsg`. This again adds burdens on the code using BIO_dgram, but it seems the only way to avoid the surprising performance pitfall of buffer copying to emulate iovec support. There is a fair risk - of code being written which accidentially works on one platform but not + of code being written which accidentally works on one platform but not another, because the author didn't realise the iovec limit is 1 on some platforms. Possibly we could have an “iovec limit” variable in the BIO_dgram which is 1 by default, which can be increased by a call to a diff --git a/doc/designs/quic-design/quic-ackm.md b/doc/designs/quic-design/quic-ackm.md index f81634a2e12ac..488fded5e1ae6 100644 --- a/doc/designs/quic-design/quic-ackm.md +++ b/doc/designs/quic-design/quic-ackm.md @@ -425,7 +425,7 @@ Failure to do so may may result in processing a duplicated packet in violation of the RFC. The returrn value of this function transitions from 1 to 0 for a given PN once -that PN is passed to ossl_ackm_on_rx_packet, thus this functiion must be used +that PN is passed to ossl_ackm_on_rx_packet, thus this function must be used before calling `ossl_ackm_on_rx_packet`. ```c diff --git a/doc/designs/quic-design/quic-fault-injector.md b/doc/designs/quic-design/quic-fault-injector.md index 2d7a5a9fa213e..77e034df4d99c 100644 --- a/doc/designs/quic-design/quic-fault-injector.md +++ b/doc/designs/quic-design/quic-fault-injector.md @@ -161,7 +161,7 @@ The Fault Injector will utilise the callbacks described above in order to supply a more test friendly API to test authors. This API will primarily take the form of a set of event listener callbacks. A -test will be able to "listen" for a specifc event occuring and be informed about +test will be able to "listen" for a specific event occurring and be informed about it when it does. Examples of events might include: - An EncryptedExtensions handshake message being sent @@ -295,7 +295,7 @@ int ossl_quic_fault_set_handshake_listener(OSSL_QUIC_FAULT *fault, int ossl_quic_fault_resize_handshake(OSSL_QUIC_FAULT *fault, size_t newlen); /* - * TODO(QUIC): Add listeners for specifc types of frame here. E.g. we might + * TODO(QUIC): Add listeners for specific types of frame here. E.g. we might * expect to see an "ACK" frame listener which will be passed pre-parsed ack * data that can be modified as required. */ @@ -338,7 +338,7 @@ int ossl_quic_fault_delete_extension(OSSL_QUIC_FAULT *fault, size_t *extlen); /* - * TODO(QUIC): Add additional helper functions for quering extensions here (e.g. + * TODO(QUIC): Add additional helper functions for querying extensions here (e.g. * finding or adding them). We could also provide a "listener" API for listening * for specific extension types */ @@ -470,7 +470,7 @@ static int test_unknown_frame(void) * TODO(QUIC): We should expect an error on the queue after this - but we * don't have it yet. * Note, just raising the error in the obvious place causes SSL_tick() to - * succeed, but leave a suprious error on the stack. We need to either + * succeed, but leave a spurious error on the stack. We need to either * allow SSL_tick() to fail, or somehow delay the raising of the error * until the SSL_read() call. */ diff --git a/doc/designs/quic-design/quic-requirements.md b/doc/designs/quic-design/quic-requirements.md index 6b12b42597a9e..c8aeedc7b7f39 100644 --- a/doc/designs/quic-design/quic-requirements.md +++ b/doc/designs/quic-design/quic-requirements.md @@ -120,7 +120,7 @@ Additional OTC analysis An OTC document provided the following analysis. -There are differents types of application that we need to cater for: +There are different types of application that we need to cater for: * Simple clients that just do basic SSL_read/SSL_write or BIO_read/BIO_write interactions. We want to be able to enable them to transfer to using single diff --git a/doc/designs/quic-design/record-layer.md b/doc/designs/quic-design/record-layer.md index 8b035f0d8bd39..da424064a38ce 100644 --- a/doc/designs/quic-design/record-layer.md +++ b/doc/designs/quic-design/record-layer.md @@ -302,7 +302,7 @@ The internal recordmethod.h header file for the record method API: */ /* - * An OSSL_RECORD_METHOD is a protcol specific method which provides the + * An OSSL_RECORD_METHOD is a protocol specific method which provides the * functions for reading and writing records for that protocol. Which * OSSL_RECORD_METHOD to use for a given protocol is defined by the SSL_METHOD. */ @@ -437,7 +437,7 @@ struct ossl_record_method_st { int (*processed_read_pending)(OSSL_RECORD_LAYER *rl); /* - * The amount of processed app data that is internally bufferred and + * The amount of processed app data that is internally buffered and * available to read */ size_t (*app_data_pending)(OSSL_RECORD_LAYER *rl); diff --git a/doc/internal/man3/OSSL_EVENT.pod b/doc/internal/man3/OSSL_EVENT.pod index 7f263b5b14f41..089890de9d7c7 100644 --- a/doc/internal/man3/OSSL_EVENT.pod +++ b/doc/internal/man3/OSSL_EVENT.pod @@ -81,7 +81,7 @@ guaranteed to not trigger before their time. =item context -A reference to user supplied contextual informaton. The event queue passes +A reference to user supplied contextual information. The event queue passes this to callbacks and never dereferences the pointer. =item payload, payload_size diff --git a/engines/e_dasync.c b/engines/e_dasync.c index f6771abad104e..9781085587a0d 100644 --- a/engines/e_dasync.c +++ b/engines/e_dasync.c @@ -13,7 +13,7 @@ /* * SHA-1 low level APIs are deprecated for public use, but still ok for * internal use. Note, that due to symbols not being exported, only the - * #defines and strucures can be accessed, in this case SHA_CBLOCK and + * #defines and structures can be accessed, in this case SHA_CBLOCK and * sizeof(SHA_CTX). */ #include "internal/deprecated.h" diff --git a/include/internal/bio_tfo.h b/include/internal/bio_tfo.h index 729e5b833dcf7..fc907e6c2ceca 100644 --- a/include/internal/bio_tfo.h +++ b/include/internal/bio_tfo.h @@ -78,7 +78,7 @@ * Linux pre-4.14) * * OSSL_TFO_DO_NOT_CONNECT - * Defined to skip calling conect() when creating a + * Defined to skip calling connect() when creating a * client socket (macOS, FreeBSD, Linux pre-4.14) */ diff --git a/include/internal/endian.h b/include/internal/endian.h index 8b34e03e4404b..eb43eade17a27 100644 --- a/include/internal/endian.h +++ b/include/internal/endian.h @@ -12,7 +12,7 @@ # pragma once /* - * IS_LITTLE_ENDIAN and IS_BIG_ENDIAN can be used to detect the endiannes + * IS_LITTLE_ENDIAN and IS_BIG_ENDIAN can be used to detect the endianness * at compile time. To use it, DECLARE_IS_ENDIAN must be used to declare * a variable. * diff --git a/include/internal/event_queue.h b/include/internal/event_queue.h index bc77e5acaa7ea..7027378307e09 100644 --- a/include/internal/event_queue.h +++ b/include/internal/event_queue.h @@ -100,7 +100,7 @@ void ossl_event_queue_free(OSSL_EVENT_QUEUE *queue); * * The event parameters are taken from the function arguments. * - * The function reutrns NULL on failure and the added event on success. + * The function returns NULL on failure and the added event on success. */ OSSL_EVENT *ossl_event_queue_add_new(OSSL_EVENT_QUEUE *queue, uint32_t type, uint32_t priority, @@ -113,7 +113,7 @@ OSSL_EVENT *ossl_event_queue_add_new(OSSL_EVENT_QUEUE *queue, * * The event parameters are taken from the function arguments. * - * The function reutrns 0 on failure and 1 on success. + * The function returns 0 on failure and 1 on success. */ int ossl_event_queue_add(OSSL_EVENT_QUEUE *queue, OSSL_EVENT *event, uint32_t type, uint32_t priority, diff --git a/include/internal/packet_quic.h b/include/internal/packet_quic.h index 447f75b81f315..7784e62c16181 100644 --- a/include/internal/packet_quic.h +++ b/include/internal/packet_quic.h @@ -114,7 +114,7 @@ __owur int WPACKET_start_quic_sub_packet(WPACKET *pkt); /* * Starts a QUIC sub-packet headed by a QUIC variable-length integer. max_len * specifies the upper bound for the sub-packet size at the time the sub-packet - * is closed, which determines the encoding size for tthe variable-length + * is closed, which determines the encoding size for the variable-length * integer header. max_len can be a precise figure or a worst-case bound * if a precise figure is not available. */ diff --git a/include/internal/quic_cc.h b/include/internal/quic_cc.h index d26ea55da5567..d3b74e8cbdde9 100644 --- a/include/internal/quic_cc.h +++ b/include/internal/quic_cc.h @@ -60,7 +60,7 @@ typedef struct ossl_cc_ecn_info_st { * * This interface is broadly based on the design described in RFC 9002. However, * the demarcation between the ACKM and the congestion controller does not - * exactly match that delineated in the RFC 9002 psuedocode. Where aspects of + * exactly match that delineated in the RFC 9002 pseudocode. Where aspects of * the demarcation involve the congestion controller accessing internal state of * the ACKM, the interface has been revised where possible to provide the * information needed by the congestion controller and avoid needing to give the diff --git a/include/internal/recordmethod.h b/include/internal/recordmethod.h index 7327e304829e1..a9823e43e4070 100644 --- a/include/internal/recordmethod.h +++ b/include/internal/recordmethod.h @@ -24,7 +24,7 @@ */ /* - * An OSSL_RECORD_METHOD is a protcol specific method which provides the + * An OSSL_RECORD_METHOD is a protocol specific method which provides the * functions for reading and writing records for that protocol. Which * OSSL_RECORD_METHOD to use for a given protocol is defined by the SSL_METHOD. */ @@ -161,7 +161,7 @@ struct ossl_record_method_st { int (*processed_read_pending)(OSSL_RECORD_LAYER *rl); /* - * The amount of processed app data that is internally bufferred and + * The amount of processed app data that is internally buffered and * available to read */ size_t (*app_data_pending)(OSSL_RECORD_LAYER *rl); diff --git a/include/openssl/ec.h b/include/openssl/ec.h index 3089dfccd4d80..85ec5e3bb12bd 100644 --- a/include/openssl/ec.h +++ b/include/openssl/ec.h @@ -1303,7 +1303,7 @@ OSSL_DEPRECATEDIN_3_0 int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *me OSSL_DEPRECATEDIN_3_0 EC_KEY *EC_KEY_new_method(ENGINE *engine); /** The old name for ecdh_KDF_X9_63 - * The ECDH KDF specification has been mistakingly attributed to ANSI X9.62, + * The ECDH KDF specification has been mistakenly attributed to ANSI X9.62, * it is actually specified in ANSI X9.63. * This identifier is retained for backwards compatibility */ diff --git a/providers/implementations/ciphers/cipher_aes_gcm_siv_polyval.c b/providers/implementations/ciphers/cipher_aes_gcm_siv_polyval.c index 4d147f3bc4fc4..1b82e0f194a89 100644 --- a/providers/implementations/ciphers/cipher_aes_gcm_siv_polyval.c +++ b/providers/implementations/ciphers/cipher_aes_gcm_siv_polyval.c @@ -74,7 +74,7 @@ void ossl_polyval_ghash_init(u128 Htable[16], const uint64_t H[2]) ossl_gcm_init_4bit(Htable, (u64*)tmp); } -/* Implmentation of POLYVAL via existing GHASH implementation */ +/* Implementation of POLYVAL via existing GHASH implementation */ void ossl_polyval_ghash_hash(const u128 Htable[16], uint8_t *tag, const uint8_t *inp, size_t len) { uint64_t out[2]; diff --git a/providers/implementations/encode_decode/encode_key2text.c b/providers/implementations/encode_decode/encode_key2text.c index 1692c1da64310..4c8ca992d3687 100644 --- a/providers/implementations/encode_decode/encode_key2text.c +++ b/providers/implementations/encode_decode/encode_key2text.c @@ -109,7 +109,7 @@ static int print_labeled_bignum(BIO *out, const char *label, const BIGNUM *bn) if ((bytes % 15) == 0 && bytes > 0) { if (BIO_printf(out, ":\n%s", spaces) <= 0) goto err; - use_sep = 0; /* The first byte on the next line doesnt have a : */ + use_sep = 0; /* The first byte on the next line doesn't have a : */ } if (BIO_printf(out, "%s%c%c", use_sep ? ":" : "", tolower(p[0]), tolower(p[1])) <= 0) diff --git a/providers/implementations/kdfs/argon2.c b/providers/implementations/kdfs/argon2.c index 4a0ffc573d28f..ffeb810fbc016 100644 --- a/providers/implementations/kdfs/argon2.c +++ b/providers/implementations/kdfs/argon2.c @@ -1034,7 +1034,7 @@ static int kdf_argon2_derive(void *vctx, unsigned char *out, size_t outlen, ctx->md = EVP_MD_fetch(ctx->libctx, "blake2b512", ctx->propq); if (ctx->md == NULL) { ERR_raise_data(ERR_LIB_PROV, PROV_R_MISSING_MESSAGE_DIGEST, - "canot fetch blake2b512"); + "cannot fetch blake2b512"); return 0; } diff --git a/providers/implementations/rands/drbg_hash.c b/providers/implementations/rands/drbg_hash.c index bad20d00fe076..b2395b61c8d87 100644 --- a/providers/implementations/rands/drbg_hash.c +++ b/providers/implementations/rands/drbg_hash.c @@ -166,7 +166,7 @@ static int add_bytes(PROV_DRBG *drbg, unsigned char *dst, /* Add the carry to the top of the dst if inlen is not the same size */ for (i = drbg->seedlen - inlen; i > 0; --i, d--) { *d += 1; /* Carry can only be 1 */ - if (*d != 0) /* exit if carry doesnt propagate to the next byte */ + if (*d != 0) /* exit if carry doesn't propagate to the next byte */ break; } } diff --git a/ssl/quic/quic_ackm.c b/ssl/quic/quic_ackm.c index 7478d5fc24c0b..4caf146c6156a 100644 --- a/ssl/quic/quic_ackm.c +++ b/ssl/quic/quic_ackm.c @@ -317,7 +317,7 @@ tx_pkt_history_remove(struct tx_pkt_history_st *h, uint64_t pkt_num) * n) will no longer be processed. Although datagrams may be reordered in the * network, a PN we receive can only become provably ACKed after our own * subsequently generated ACK frame is sent in a future TX packet, and then we - * receive another RX PN acknowleding that TX packet. This means that a given RX + * receive another RX PN acknowledging that TX packet. This means that a given RX * PN can only become provably ACKed at least 1 RTT after it is received; it is * unlikely that any reordered datagrams will still be "in the network" (and not * lost) by this time. If this does occur for whatever reason and a late PN is @@ -334,7 +334,7 @@ tx_pkt_history_remove(struct tx_pkt_history_st *h, uint64_t pkt_num) * we use to keep track of which PNs we have received but which have not yet * been provably ACKed, and thus will later need to generate an ACK frame for. * - * The correspondance with the logical states discussed above is as follows. A + * The correspondence with the logical states discussed above is as follows. A * PN is in state (C) if it is below the watermark; otherwise it is in state (B) * if it is in the logical set of PNs, and in state (A) otherwise. * @@ -430,7 +430,7 @@ static void rx_pkt_history_trim_range_count(struct rx_pkt_history_st *h) } /* - * Bump watermark to cover all PNs we removed to avoid accidential + * Bump watermark to cover all PNs we removed to avoid accidental * reprocessing of packets. */ if (highest != QUIC_PN_INVALID) diff --git a/ssl/quic/quic_channel.c b/ssl/quic/quic_channel.c index aa4233c51d136..16b52861a8df7 100644 --- a/ssl/quic/quic_channel.c +++ b/ssl/quic/quic_channel.c @@ -2078,7 +2078,7 @@ static void ch_start_terminating(QUIC_CHANNEL *ch, case QUIC_CHANNEL_STATE_TERMINATING_DRAINING: /* * Other than in the force-immediate case, we remain here until the - * timout expires. + * timeout expires. */ if (force_immediate) ch_on_terminating_timeout(ch); diff --git a/ssl/quic/quic_channel_local.h b/ssl/quic/quic_channel_local.h index b945f3654211f..3854567b361f4 100644 --- a/ssl/quic/quic_channel_local.h +++ b/ssl/quic/quic_channel_local.h @@ -12,7 +12,7 @@ * QUIC channel internals. It is intended that only the QUIC_CHANNEL * implementation and the RX depacketiser be allowed to access this structure * directly. As the RX depacketiser has no state of its own and computes over a - * QUIC_CHANNEL structure, it can be viewed as an extention of the QUIC_CHANNEL + * QUIC_CHANNEL structure, it can be viewed as an extension of the QUIC_CHANNEL * implementation. While the RX depacketiser could be provided with adequate * accessors to do what it needs, this would weaken the abstraction provided by * the QUIC_CHANNEL to other components; moreover the coupling of the RX diff --git a/ssl/record/methods/recmethod_local.h b/ssl/record/methods/recmethod_local.h index 9454ca56b8db1..b5dfaf30d2845 100644 --- a/ssl/record/methods/recmethod_local.h +++ b/ssl/record/methods/recmethod_local.h @@ -255,7 +255,7 @@ struct ossl_record_layer_st /* each decoded record goes in here */ TLS_RL_RECORD rrec[SSL_MAX_PIPELINES]; - /* How many records have we got available in the rrec bufer */ + /* How many records have we got available in the rrec buffer */ size_t num_recs; /* The record number in the rrec buffer that can be read next */ @@ -313,7 +313,7 @@ struct ossl_record_layer_st */ unsigned int max_frag_len; - /* The maxium amount of early data we can receive/send */ + /* The maximum amount of early data we can receive/send */ uint32_t max_early_data; /* The amount of early data that we have sent/received */ @@ -355,7 +355,7 @@ struct ossl_record_layer_st DTLS_BITMAP next_bitmap; /* - * Whether we are currently in a hanshake or not. Only maintained for DTLS + * Whether we are currently in a handshake or not. Only maintained for DTLS */ int in_init; diff --git a/ssl/record/methods/tls1_meth.c b/ssl/record/methods/tls1_meth.c index 139da76fc6fba..6112c349a1798 100644 --- a/ssl/record/methods/tls1_meth.c +++ b/ssl/record/methods/tls1_meth.c @@ -121,7 +121,7 @@ static int tls1_set_crypto_state(OSSL_RECORD_LAYER *rl, int level, && !ossl_set_tls_provider_parameters(rl, ciph_ctx, ciph, md)) return OSSL_RECORD_RETURN_FATAL; - /* Calculate the explict IV length */ + /* Calculate the explicit IV length */ if (RLAYER_USE_EXPLICIT_IV(rl)) { int mode = EVP_CIPHER_CTX_get_mode(ciph_ctx); int eivlen = 0; diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index c2fca8bb12989..635e84a764cee 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -1355,7 +1355,7 @@ unsigned long tls_output_rpk(SSL_CONNECTION *sc, WPACKET *pkt, CERT_PKEY *cpk) if (SSL_CONNECTION_IS_TLS13(sc)) { /* - * Only send extensions relevent to raw public keys. Until such + * Only send extensions relevant to raw public keys. Until such * extensions are defined, this will be an empty set of extensions. * |x509| may be NULL, which raw public-key extensions need to handle. */ diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 6eb98040e8c65..b1ece8dd970c8 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -379,7 +379,7 @@ static int send_server_key_exchange(SSL_CONNECTION *s) } /* - * Used to determine if we shoud send a CompressedCertificate message + * Used to determine if we should send a CompressedCertificate message * * Returns the algorithm to use, TLSEXT_comp_cert_none means no compression */ diff --git a/test/ffc_internal_test.c b/test/ffc_internal_test.c index 94920eb60e49c..58064f6dc261e 100644 --- a/test/ffc_internal_test.c +++ b/test/ffc_internal_test.c @@ -297,7 +297,7 @@ static int ffc_params_validate_pq_test(void) &res, NULL))) goto err; - /* Provided seed doesnt produce a valid prime q */ + /* Provided seed doesn't produce a valid prime q */ ossl_ffc_params_set_validate_params(¶ms, dsa_2048_224_sha224_bad_seed, sizeof(dsa_2048_224_sha224_bad_seed), dsa_2048_224_sha224_counter); diff --git a/test/helpers/quictestlib.c b/test/helpers/quictestlib.c index 79f25dc1eb3db..e289cfc056bdc 100644 --- a/test/helpers/quictestlib.c +++ b/test/helpers/quictestlib.c @@ -31,7 +31,7 @@ struct qtest_fault { QUIC_PKT_HDR pplainhdr; /* iovec for the plaintext packet data buffer */ OSSL_QTX_IOVEC pplainio; - /* Allocted size of the plaintext packet data buffer */ + /* Allocated size of the plaintext packet data buffer */ size_t pplainbuf_alloc; qtest_fault_on_packet_plain_cb pplaincb; void *pplaincbarg; @@ -262,7 +262,7 @@ int qtest_create_quic_connection(QUIC_TSERVER *qtserv, SSL *clientssl) /* * We're cheating. We don't take any notice of SSL_get_tick_timeout() - * and tick everytime around the loop anyway. This is inefficient. We + * and tick every time around the loop anyway. This is inefficient. We * can get away with it in test code because we control both ends of * the communications and don't expect network delays. This shouldn't * be done in a real application. diff --git a/test/helpers/quictestlib.h b/test/helpers/quictestlib.h index 71cdd91bcb16d..4660498de22f2 100644 --- a/test/helpers/quictestlib.h +++ b/test/helpers/quictestlib.h @@ -120,7 +120,7 @@ int qtest_fault_set_handshake_listener(QTEST_FAULT *fault, int qtest_fault_resize_handshake(QTEST_FAULT *fault, size_t newlen); /* - * TODO(QUIC): Add listeners for specifc types of frame here. E.g. we might + * TODO(QUIC): Add listeners for specific types of frame here. E.g. we might * expect to see an "ACK" frame listener which will be passed pre-parsed ack * data that can be modified as required. */ diff --git a/test/membio_test.c b/test/membio_test.c index 9d551dcd8c67f..254f71b9c5205 100644 --- a/test/membio_test.c +++ b/test/membio_test.c @@ -28,7 +28,7 @@ static int test_dgram(void) if (!TEST_ptr(rbio)) goto err; - /* Seeting the EOF return value on a non datagram mem BIO should be fine */ + /* Setting the EOF return value on a non datagram mem BIO should be fine */ if (!TEST_int_gt(BIO_set_mem_eof_return(rbio, 0), 0)) goto err; diff --git a/test/quicfaultstest.c b/test/quicfaultstest.c index c9b00ab280803..70d0c96af549b 100644 --- a/test/quicfaultstest.c +++ b/test/quicfaultstest.c @@ -146,7 +146,7 @@ static int test_unknown_frame(void) * TODO(QUIC): We should expect an error on the queue after this - but we * don't have it yet. * Note, just raising the error in the obvious place causes - * SSL_handle_events() to succeed, but leave a suprious error on the stack. + * SSL_handle_events() to succeed, but leave a spurious error on the stack. * We need to either allow SSL_handle_events() to fail, or somehow delay the * raising of the error until the SSL_read() call. */ diff --git a/test/recipes/30-test_evp_data/evppkey_rsa_common.txt b/test/recipes/30-test_evp_data/evppkey_rsa_common.txt index 8c015e8123c5e..351b257323963 100644 --- a/test/recipes/30-test_evp_data/evppkey_rsa_common.txt +++ b/test/recipes/30-test_evp_data/evppkey_rsa_common.txt @@ -402,12 +402,12 @@ Decrypt = RSA-2048-2 Input = 1f71879b426127f7dead621f7380a7098cf7d22173aa27991b143c46d53383c209bd0c9c00d84078037e715f6b98c65005a77120070522ede51d472c87ef94b94ead4c5428ee108a345561658301911ec5a8f7dd43ed4a3957fd29fb02a3529bf63f8040d3953490939bd8f78b2a3404b6fb5ff70a4bfdaac5c541d6bcce49c9778cc390be24cbef1d1eca7e870457241d3ff72ca44f9f56bdf31a890fa5eb3a9107b603ccc9d06a5dd911a664c82b6abd4fe036f8db8d5a070c2d86386ae18d97adc1847640c211d91ff5c3387574a26f8ef27ca7f48d2dd1f0c7f14b81cc9d33ee6853031d3ecf10a914ffd90947909c8011fd30249219348ebff76bfc Output = "lorem ipsum" -# positive that generates a 0 byte long synthethic message internally +# positive that generates a 0 byte long synthetic message internally Decrypt = RSA-2048-2 Input = b5e49308f6e9590014ffaffc5b8560755739dd501f1d4e9227a7d291408cf4b753f292322ff8bead613bf2caa181b221bc38caf6392deafb28eb21ad60930841ed02fd6225cc9c463409adbe7d8f32440212fbe3881c51375bb09565efb22e62b071472fb38676e5b4e23a0617db5d14d93519ac0007a30a9c822eb31c38b57fcb1be29608fcf1ca2abdcaf5d5752bbc2b5ac7dba5afcff4a5641da360dd01f7112539b1ed46cdb550a3b1006559b9fe1891030ec80f0727c42401ddd6cbb5e3c80f312df6ec89394c5a7118f573105e7ab00fe57833c126141b50a935224842addfb479f75160659ba28877b512bb9a93084ad8bec540f92640f63a11a010e0 Output = "lorem ipsum" -# positive that generates a 245 byte long synthethic message internally +# positive that generates a 245 byte long synthetic message internally Decrypt = RSA-2048-2 Input = 1ea0b50ca65203d0a09280d39704b24fe6e47800189db5033f202761a78bafb270c5e25abd1f7ecc6e7abc4f26d1b0cd9b8c648d529416ee64ccbdd7aa72a771d0353262b543f0e436076f40a1095f5c7dfd10dcf0059ccb30e92dfa5e0156618215f1c3ff3aa997a9d999e506924f5289e3ac72e5e2086cc7b499d71583ed561028671155db4005bee01800a7cdbdae781dd32199b8914b5d4011dd6ff11cd26d46aad54934d293b0bc403dd211bf13b5a5c6836a5e769930f437ffd8634fb7371776f4bc88fa6c271d8aa6013df89ae6470154497c4ac861be2a1c65ebffec139bf7aaba3a81c7c5cdd84da9af5d3edfb957848074686b5837ecbcb6a41c50 Output = "lorem ipsum" @@ -438,7 +438,7 @@ Output = e6d700309ca0ed62452254 # The old FIPS provider doesn't include the workaround (#13817) FIPSversion = >=3.2.0 # an invalid ciphertext, with a zero byte in first byte of -# ciphertext, decrypts to a random 11 byte long synthethic +# ciphertext, decrypts to a random 11 byte long synthetic # plaintext Decrypt = RSA-2048-2 Input = 0096136621faf36d5290b16bd26295de27f895d1faa51c800dafce73d001d60796cd4e2ac3fa2162131d859cd9da5a0c8a42281d9a63e5f353971b72e36b5722e4ac444d77f892a5443deb3dca49fa732fe855727196e23c26eeac55eeced8267a209ebc0f92f4656d64a6c13f7f7ce544ebeb0f668fe3a6c0f189e4bcd5ea12b73cf63e0c8350ee130dd62f01e5c97a1e13f52fde96a9a1bc9936ce734fdd61f27b18216f1d6de87f49cf4f2ea821fb8efd1f92cdad529baf7e31aff9bff4074f2cad2b4243dd15a711adcf7de900851fbd6bcb53dac399d7c880531d06f25f7002e1aaf1722765865d2c2b902c7736acd27bc6cbd3e38b560e2eecf7d4b576 @@ -447,7 +447,7 @@ Output = ba27b1842e7c21c0e7ef6a # The old FIPS provider doesn't include the workaround (#13817) FIPSversion = >=3.2.0 # an invalid ciphertext, with a zero byte removed from first byte of -# ciphertext, decrypts to a random 11 byte long synthethic +# ciphertext, decrypts to a random 11 byte long synthetic # plaintext Decrypt = RSA-2048-2 Input = 96136621faf36d5290b16bd26295de27f895d1faa51c800dafce73d001d60796cd4e2ac3fa2162131d859cd9da5a0c8a42281d9a63e5f353971b72e36b5722e4ac444d77f892a5443deb3dca49fa732fe855727196e23c26eeac55eeced8267a209ebc0f92f4656d64a6c13f7f7ce544ebeb0f668fe3a6c0f189e4bcd5ea12b73cf63e0c8350ee130dd62f01e5c97a1e13f52fde96a9a1bc9936ce734fdd61f27b18216f1d6de87f49cf4f2ea821fb8efd1f92cdad529baf7e31aff9bff4074f2cad2b4243dd15a711adcf7de900851fbd6bcb53dac399d7c880531d06f25f7002e1aaf1722765865d2c2b902c7736acd27bc6cbd3e38b560e2eecf7d4b576 @@ -456,7 +456,7 @@ Output = ba27b1842e7c21c0e7ef6a # The old FIPS provider doesn't include the workaround (#13817) FIPSversion = >=3.2.0 # an invalid ciphertext, with two zero bytes in first bytes of -# ciphertext, decrypts to a random 11 byte long synthethic +# ciphertext, decrypts to a random 11 byte long synthetic # plaintext Decrypt = RSA-2048-2 Input = 0000587cccc6b264bdfe0dc2149a988047fa921801f3502ea64624c510c6033d2f427e3f136c26e88ea9f6519e86a542cec96aad1e5e9013c3cc203b6de15a69183050813af5c9ad79703136d4b92f50ce171eefc6aa7988ecf02f319ffc5eafd6ee7a137f8fce64b255bb1b8dd19cfe767d64fdb468b9b2e9e7a0c24dae03239c8c714d3f40b7ee9c4e59ac15b17e4d328f1100756bce17133e8e7493b54e5006c3cbcdacd134130c5132a1edebdbd01a0c41452d16ed7a0788003c34730d0808e7e14c797a21f2b45a8aa1644357fd5e988f99b017d9df37563a354c788dc0e2f9466045622fa3f3e17db63414d27761f57392623a2bef6467501c63e8d645 @@ -465,7 +465,7 @@ Output = d5cf555b1d6151029a429a # The old FIPS provider doesn't include the workaround (#13817) FIPSversion = >=3.2.0 # an invalid ciphertext, with two zero bytes removed from first bytes of -# ciphertext, decrypts to a random 11 byte long synthethic +# ciphertext, decrypts to a random 11 byte long synthetic # plaintext Decrypt = RSA-2048-2 Input = 587cccc6b264bdfe0dc2149a988047fa921801f3502ea64624c510c6033d2f427e3f136c26e88ea9f6519e86a542cec96aad1e5e9013c3cc203b6de15a69183050813af5c9ad79703136d4b92f50ce171eefc6aa7988ecf02f319ffc5eafd6ee7a137f8fce64b255bb1b8dd19cfe767d64fdb468b9b2e9e7a0c24dae03239c8c714d3f40b7ee9c4e59ac15b17e4d328f1100756bce17133e8e7493b54e5006c3cbcdacd134130c5132a1edebdbd01a0c41452d16ed7a0788003c34730d0808e7e14c797a21f2b45a8aa1644357fd5e988f99b017d9df37563a354c788dc0e2f9466045622fa3f3e17db63414d27761f57392623a2bef6467501c63e8d645 @@ -474,7 +474,7 @@ Output = d5cf555b1d6151029a429a # The old FIPS provider doesn't include the workaround (#13817) FIPSversion = >=3.2.0 # and invalid ciphertext, otherwise valid but starting with 000002, decrypts -# to random 11 byte long synthethic plaintext +# to random 11 byte long synthetic plaintext Decrypt = RSA-2048-2 Input = 1786550ce8d8433052e01ecba8b76d3019f1355b212ac9d0f5191b023325a7e7714b7802f8e9a17c4cb3cd3a84041891471b10ca1fcfb5d041d34c82e6d0011cf4dc76b90e9c2e0743590579d55bcd7857057152c4a8040361343d1d22ba677d62b011407c652e234b1d663af25e2386251d7409190f19fc8ec3f9374fdf1254633874ce2ec2bff40ad0cb473f9761ec7b68da45a4bd5e33f5d7dac9b9a20821df9406b653f78a95a6c0ea0a4d57f867e4db22c17bf9a12c150f809a7b72b6db86c22a8732241ebf3c6a4f2cf82671d917aba8bc61052b40ccddd743a94ea9b538175106201971cca9d136d25081739aaf6cd18b2aecf9ad320ea3f89502f955 Output = 3d4a054d9358209e9cbbb9 @@ -662,7 +662,7 @@ PrivPubKeyPair = RSA-3072:RSA-3072-PUBLIC # The old FIPS provider doesn't include the workaround (#13817) FIPSversion = >=3.2.0 -# a random invalid ciphertext that generates an empty synthethic one +# a random invalid ciphertext that generates an empty synthetic one Decrypt = RSA-3072 Input = 5e956cd9652f4a2ece902931013e09662b6a9257ad1e987fb75f73a0606df2a4b04789770820c2e02322c4e826f767bd895734a01e20609c3be4517a7a2a589ea1cdc137beb73eb38dac781b52e863de9620f79f9b90fd5b953651fcbfef4a9f1cc07421d511a87dd6942caab6a5a0f4df473e62defb529a7de1509ab99c596e1dff1320402298d8be73a896cc86c38ae3f2f576e9ea70cc28ad575cb0f854f0be43186baa9c18e29c47c6ca77135db79c811231b7c1730955887d321fdc06568382b86643cf089b10e35ab23e827d2e5aa7b4e99ff2e914f302351819eb4d1693243b35f8bf1d42d08f8ec4acafa35f747a4a975a28643ec630d8e4fa5be59d81995660a14bb64c1fea5146d6b11f92da6a3956dd5cb5e0d747cf2ea23f81617769185336263d46ef4c144b754de62a6337342d6c85a95f19f015724546ee3fc4823eca603dbc1dc01c2d5ed50bd72d8e96df2dc048edde0081284068283fc5e73a6139851abf2f29977d0b3d160c883a42a37efba1be05c1a0b1741d7ddf59 Output = @@ -677,7 +677,7 @@ Output = 56a3bea054e01338be9b7d7957539c # The old FIPS provider doesn't include the workaround (#13817) FIPSversion = >=3.2.0 -# a random invalid that generates a synthethic of maximum size +# a random invalid that generates a synthetic of maximum size Decrypt = RSA-3072 Input = 1715065322522dff85049800f6a29ab5f98c465020467414b2a44127fe9446da47fa18047900f99afe67c2df6f50160bb8e90bff296610fde632b3859d4d0d2e644f23835028c46cca01b84b88231d7e03154edec6627bcba23de76740d839851fa12d74c8f92e540c73fe837b91b7d699b311997d5f0f7864c486d499c3a79c111faaacbe4799597a25066c6200215c3d158f3817c1aa57f18bdaad0be1658da9da93f5cc6c3c4dd72788af57adbb6a0c26f42d32d95b8a4f95e8c6feb2f8a5d53b19a50a0b7cbc25e055ad03e5ace8f3f7db13e57759f67b65d143f08cca15992c6b2aae643390483de111c2988d4e76b42596266005103c8de6044fb7398eb3c28a864fa672de5fd8774510ff45e05969a11a4c7d3f343e331190d2dcf24fb9154ba904dc94af98afc5774a9617d0418fe6d13f8245c7d7626c176138dd698a23547c25f27c2b98ea4d8a45c7842b81888e4cc14e5b72e9cf91f56956c93dbf2e5f44a8282a7813157fc481ff1371a0f66b31797e81ebdb09a673d4db96d6 Output = 7b036fcd6243900e4236c894e2462c17738acc87e01a76f4d95cb9a328d9acde81650283b8e8f60a217e3bdee835c7b222ad4c85d0acdb9a309bd2a754609a65dec50f3aa04c6d5891034566b9563d42668ede1f8992b17753a2132e28970584e255efc8b45a41c5dbd7567f014acec5fe6fdb6d484790360a913ebb9defcd74ff377f2a8ba46d2ed85f733c9a3da08eb57ecedfafda806778f03c66b2c5d2874cec1c291b2d49eb194c7b5d0dd2908ae90f4843268a2c45563092ade08acb6ab481a08176102fc803fbb2f8ad11b0e1531bd37df543498daf180b12017f4d4d426ca29b4161075534bfb914968088a9d13785d0adc0e2580d3548494b2a9e91605f2b27e6cc701c796f0de7c6f471f6ab6cb9272a1ed637ca32a60d117505d82af3c1336104afb537d01a8f70b510e1eebf4869cb976c419473795a66c7f5e6e20a8094b1bb603a74330c537c5c0698c31538bd2e138c1275a1bdf24c5fa8ab3b7b526324e7918a382d1363b3d463764222150e04 diff --git a/test/sslapitest.c b/test/sslapitest.c index 42417918c8ce9..1a5d887531da8 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -816,7 +816,7 @@ static int test_no_ems(void) status = create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE); if (fips_ems_check) { if (status == 1) { - printf("When FIPS uses the EMS check a connection that doesnt use EMS should fail\n"); + printf("When FIPS uses the EMS check a connection that doesn't use EMS should fail\n"); goto end; } } else { diff --git a/test/tls-provider.c b/test/tls-provider.c index a7e897ce95986..6c7cd2a2af123 100644 --- a/test/tls-provider.c +++ b/test/tls-provider.c @@ -1436,7 +1436,7 @@ static X509_PUBKEY *xorx_key_to_pubkey(const void *key, int key_nid, * EncryptedPrivateKeyInfo structure (defined by PKCS#8). They require * that there's an intent to encrypt, anything else is an error. * - * key_to_pki_* primarly produce encoded output with the private key data + * key_to_pki_* primarily produce encoded output with the private key data * in a PrivateKeyInfo structure (also defined by PKCS#8). However, if * there is an intent to encrypt the data, the corresponding key_to_epki_* * function is used instead.