Spelling fixes

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1219)

11 files changed, 14 insertions, 14 deletions

diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod
index f5e3b63ccf..77668ea44e 100644
--- a/doc/apps/s_client.pod
+++ b/doc/apps/s_client.pod
@@ -355,7 +355,7 @@ L<SSL_CTX_set_split_send_fragment(3)> for further information.
 
 The maximum number of encrypt/decrypt pipelines to be used. This will only have
 an effect if an engine has been loaded that supports pipelining (e.g. the dasync
-engine) and a suiteable ciphersuite has been negotiated. The default value is 1.
+engine) and a suitable ciphersuite has been negotiated. The default value is 1.
 See L<SSL_CTX_set_max_pipelines(3)> for further information.
 
 =item B<-read_buf int>
diff --git a/doc/apps/x509v3_config.pod b/doc/apps/x509v3_config.pod
index 6e90b350b6..edfd76e125 100644
--- a/doc/apps/x509v3_config.pod
+++ b/doc/apps/x509v3_config.pod
@@ -116,7 +116,7 @@ following PKIX, NS and MS values are meaningful:
  emailProtection        E-mail Protection (S/MIME).
  timeStamping           Trusted Timestamping
  OCSPSigning            OCSP Signing
- ipsecIKE               ipsec Internet Key Exchnage
+ ipsecIKE               ipsec Internet Key Exchange
  msCodeInd              Microsoft Individual Code Signing (authenticode)
  msCodeCom              Microsoft Commercial Code Signing (authenticode)
  msCTLSign              Microsoft Trust List Signing
diff --git a/doc/crypto/ASN1_STRING_length.pod b/doc/crypto/ASN1_STRING_length.pod
index 1675169566..78513f8a89 100644
--- a/doc/crypto/ASN1_STRING_length.pod
+++ b/doc/crypto/ASN1_STRING_length.pod
@@ -53,7 +53,7 @@ should be freed using OPENSSL_free().
 =head1 NOTES
 
 Almost all ASN1 types in OpenSSL are represented as an B<ASN1_STRING>
-structure. Other types such as B<ASN1_OCTET_STRING> are simply typedefed
+structure. Other types such as B<ASN1_OCTET_STRING> are simply typedef'ed
 to B<ASN1_STRING> and the functions call the B<ASN1_STRING> equivalents.
 B<ASN1_STRING> is also used for some B<CHOICE> types which consist
 entirely of primitive string types such as B<DirectoryString> and
diff --git a/doc/crypto/X509_PUBKEY_new.pod b/doc/crypto/X509_PUBKEY_new.pod
index 0e8a14abb5..b13310513b 100644
--- a/doc/crypto/X509_PUBKEY_new.pod
+++ b/doc/crypto/X509_PUBKEY_new.pod
@@ -56,7 +56,7 @@ count on the returned key is incremented so it B<MUST> be freed using
 EVP_PKEY_free() after use.
 
 d2i_PUBKEY() and i2d_PUBKEY() decode and encode an B<EVP_PKEY> structure
-using B<SubjectPublicKeyInfo> format. They otherise follow the conventions of
+using B<SubjectPublicKeyInfo> format. They otherwise follow the conventions of
 other ASN.1 functions such as d2i_X509().
 
 d2i_PUBKEY_bio(), d2i_PUBKEY_fp(), i2d_PUBKEY_bio() and i2d_PUBKEY_fp() are
diff --git a/doc/crypto/X509_STORE_CTX_get_error.pod b/doc/crypto/X509_STORE_CTX_get_error.pod
index d4163d7acf..105e051a1d 100644
--- a/doc/crypto/X509_STORE_CTX_get_error.pod
+++ b/doc/crypto/X509_STORE_CTX_get_error.pod
@@ -203,7 +203,7 @@ consistent with the supplied purpose.
 
 =item B<X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded>
 
-the basicConstraints pathlength parameter has been exceeded.
+the basicConstraints path-length parameter has been exceeded.
 
 =item B<X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose>
 
diff --git a/doc/crypto/X509_STORE_CTX_new.pod b/doc/crypto/X509_STORE_CTX_new.pod
index 1f4d410723..08adb34e86 100644
--- a/doc/crypto/X509_STORE_CTX_new.pod
+++ b/doc/crypto/X509_STORE_CTX_new.pod
@@ -95,10 +95,10 @@ X509_STORE_CTX_get0_param() retrieves an internal pointer
 to the verification parameters associated with B<ctx>.
 
 X509_STORE_CTX_get0_untrusted() retrieves an internal pointer to the
-stack of untrusted certifieds associated with B<ctx>.
+stack of untrusted certificates associated with B<ctx>.
 
 X509_STORE_CTX_set0_untrusted() sets the internal point to the stack
-of unstrusted certificates associated with B<ctx> to B<sk>.
+of untrusted certificates associated with B<ctx> to B<sk>.
 
 X509_STORE_CTX_set0_param() sets the internal verification parameter pointer
 to B<param>. After this call B<param> should not be used.
@@ -171,7 +171,7 @@ L<X509_VERIFY_PARAM_set_flags(3)>
 
 X509_STORE_CTX_set0_crls() was first added to OpenSSL 1.0.0
 X509_STORE_CTX_get_num_untrusted() was first added to OpenSSL 1.1.0
-X509_STORE_set_verify() wsa first added to OpenSSL 1.1.0. It was previously
+X509_STORE_set_verify() was first added to OpenSSL 1.1.0. It was previously
 available as a macro X509_STORE_set_verify_func(). This macro still exists but
 simply calls this function.
 
diff --git a/doc/crypto/X509_VERIFY_PARAM_set_flags.pod b/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
index 4b8e1775e8..2800cd441d 100644
--- a/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
+++ b/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
@@ -79,7 +79,7 @@ X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to B<depth>.
 That is the maximum number of intermediate CA certificates that can appear in a
 chain.
 A maximal depth chain contains 2 more certificates than the limit, since
-neither the end-entity ceritificate nor the trust-anchor count against this
+neither the end-entity certificate nor the trust-anchor count against this
 limit.
 Thus a B<depth> limit of 0 only allows the end-entity certificate to be signed
 directly by the trust-anchor, while with a B<depth> limit of 1 there can be one
diff --git a/doc/crypto/X509_check_ca.pod b/doc/crypto/X509_check_ca.pod
index fbeacdecb9..b79efb5b5a 100644
--- a/doc/crypto/X509_check_ca.pod
+++ b/doc/crypto/X509_check_ca.pod
@@ -19,7 +19,7 @@ to sign other certificates).
 
 Function return 0, if it is not CA certificate, 1 if it is proper X509v3
 CA certificate with B<basicConstraints> extension CA:TRUE,
-3, if it is selfsigned X509 v1 certificate, 4, if it is certificate with
+3, if it is self-signed X509 v1 certificate, 4, if it is certificate with
 B<keyUsage> extension with bit B<keyCertSign> set, but without
 B<basicConstraints>, and 5 if it has outdated Netscape Certificate Type
 extension telling that it is CA certificate.
diff --git a/doc/crypto/X509_get_subject_name.pod b/doc/crypto/X509_get_subject_name.pod
index fbff0cfb6b..3889735da9 100644
--- a/doc/crypto/X509_get_subject_name.pod
+++ b/doc/crypto/X509_get_subject_name.pod
@@ -34,11 +34,11 @@ up when it is no longer needed.
 
 X509_get_issuer_name() and X509_set_issuer_name() are identical to
 X509_get_subject_name() and X509_set_subject_name() except the get and
-set the isssuer name of B<x>.
+set the issuer name of B<x>.
 
 Similarly X509_REQ_get_subject_name(), X509_REQ_set_subject_name(),
  X509_CRL_get_issuer() and X509_CRL_set_issuer_name() get or set the subject
-or issuer names of certifcate requests of CRLs respectively.
+or issuer names of certificate requests of CRLs respectively.
 
 =head1 RETURN VALUES
 
diff --git a/doc/crypto/X509_get_version.pod b/doc/crypto/X509_get_version.pod
index d970962911..c7decc3eec 100644
--- a/doc/crypto/X509_get_version.pod
+++ b/doc/crypto/X509_get_version.pod
@@ -23,7 +23,7 @@ certificate request or CRL version
 
 X509_get_version() returns the numerical value of the version field of
 certificate B<x>. Note: this is defined by standards (X.509 et al) to be one
-less than the certificate version. So a verson 3 certificate will return 2 and
+less than the certificate version. So a version 3 certificate will return 2 and
 a version 1 certificate will return 0.
 
 X509_set_version() sets the numerical value of the version field of certificate
diff --git a/doc/crypto/X509_sign.pod b/doc/crypto/X509_sign.pod
index 9429280b01..994fd43881 100644
--- a/doc/crypto/X509_sign.pod
+++ b/doc/crypto/X509_sign.pod
@@ -30,7 +30,7 @@ certificate B<x> but uses the parameters contained in digest context B<ctx>.
 
 X509_verify() verifies the signature of certificate B<x> using public key
 B<pkey>. Only the signature is checked: no other checks (such as certificate
-chain validity) are perfored.
+chain validity) are performed.
 
 X509_REQ_sign(), X509_REQ_sign_ctx(), X509_REQ_verify(),
 X509_CRL_sign(), X509_CRL_sign_ctx() and X509_CRL_verify() sign and verify