diff options
56 files changed, 82 insertions, 82 deletions
@@ -1822,7 +1822,7 @@ possible to have different stores per SSL structure or one store in the parent SSL_CTX. Include distinct stores for certificate chain verification and chain building. New ctrl SSL_CTRL_BUILD_CERT_CHAIN - to build and store a certificate chain in CERT structure: returing + to build and store a certificate chain in CERT structure: returning an error if the chain cannot be built: this will allow applications to test if a chain is correctly configured. @@ -2065,7 +2065,7 @@ 3. Check DSA/ECDSA signatures use DER. - Reencode DSA/ECDSA signatures and compare with the original received + Re-encode DSA/ECDSA signatures and compare with the original received signature. Return an error if there is a mismatch. This will reject various cases including garbage after signature @@ -2155,7 +2155,7 @@ *) Add additional DigestInfo checks. - Reencode DigestInto in DER and check against the original when + Re-encode DigestInto in DER and check against the original when verifying RSA signature: this will reject any improperly encoded DigestInfo structures. @@ -2211,7 +2211,7 @@ *) An attacker can force an error condition which causes openssl to crash whilst processing DTLS packets due to memory being freed twice. This can be exploited through a Denial of Service attack. - Thanks to Adam Langley and Wan-Teh Chang for discovering and researching + Thanks to Adam Langley and Wan-The Chang for discovering and researching this issue. (CVE-2014-3505) [Adam Langley] @@ -2752,7 +2752,7 @@ in CMS and PKCS7 code. When RSA decryption fails use a random key for content decryption and always return the same error. Note: this attack needs on average 2^20 messages so it only affects automated senders. The - old behaviour can be reenabled in the CMS code by setting the + old behaviour can be re-enabled in the CMS code by setting the CMS_DEBUG_DECRYPT flag: this is useful for debugging and testing where an MMA defence is not necessary. Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering @@ -3048,7 +3048,7 @@ as part of the CRL checking and indicate a new error "CRL path validation error" in this case. Applications wanting additional details can use the verify callback and check the new "parent" field. If this is not - NULL CRL path validation is taking place. Existing applications wont + NULL CRL path validation is taking place. Existing applications won't see this because it requires extended CRL support which is off by default. @@ -4061,9 +4061,9 @@ This work was sponsored by Logica. [Steve Henson] - *) Fix bug in X509_ATTRIBUTE creation: dont set attribute using + *) Fix bug in X509_ATTRIBUTE creation: don't set attribute using ASN1_TYPE_set1 if MBSTRING flag set. This bug would crash certain - attribute creation routines such as certifcate requests and PKCS#12 + attribute creation routines such as certificate requests and PKCS#12 files. [Steve Henson] @@ -4138,7 +4138,7 @@ [Ian Lister (tweaked by Geoff Thorpe)] *) Backport of CMS code to OpenSSL 0.9.8. This differs from the 0.9.9 - implemention in the following ways: + implementation in the following ways: Lack of EVP_PKEY_ASN1_METHOD means algorithm parameters have to be hard coded. @@ -4336,7 +4336,7 @@ implementation in BN_mod_exp_mont_consttime().) The old name remains as a deprecated alias. - Similary, RSA_FLAG_NO_EXP_CONSTTIME is replaced by a more general + Similarly, RSA_FLAG_NO_EXP_CONSTTIME is replaced by a more general RSA_FLAG_NO_CONSTTIME flag since the RSA implementation now uses constant-time implementations for more than just exponentiation. Here too the old name is kept as a deprecated alias. @@ -5040,7 +5040,7 @@ *) Key-generation can now be implemented in RSA_METHOD, DSA_METHOD and DH_METHOD (eg. by ENGINE implementations) to override the normal software implementations. For DSA and DH, parameter generation can - also be overriden by providing the appropriate method callbacks. + also be overridden by providing the appropriate method callbacks. [Geoff Thorpe] *) Change the "progress" mechanism used in key-generation and @@ -5123,7 +5123,7 @@ the "shared" options was given to ./Configure or ./config. Otherwise, they are inserted in libcrypto.a. /usr/local/ssl/engines is the default directory for dynamic - engines, but that can be overriden at configure time through + engines, but that can be overridden at configure time through the usual use of --prefix and/or --openssldir, and at run time with the environment variable OPENSSL_ENGINES. [Geoff Thorpe and Richard Levitte] @@ -5658,8 +5658,8 @@ [Steve Henson] *) Perform some character comparisons of different types in X509_NAME_cmp: - this is needed for some certificates that reencode DNs into UTF8Strings - (in violation of RFC3280) and can't or wont issue name rollover + this is needed for some certificates that re-encode DNs into UTF8Strings + (in violation of RFC3280) and can't or won't issue name rollover certificates. [Steve Henson] @@ -6717,7 +6717,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k const ASN1_ITEM *it = &ASN1_INTEGER_it; - wont compile. This is used by the any applications that need to + won't compile. This is used by the any applications that need to declare their own ASN1 modules. This was fixed by adding the option EXPORT_VAR_AS_FN to all Win32 platforms, although this isn't strictly needed for static libraries under Win32. @@ -7318,7 +7318,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k entropy, EGD style sockets (served by EGD or PRNGD) will automatically be queried. The locations /var/run/egd-pool, /dev/egd-pool, /etc/egd-pool, and - /etc/entropy will be queried once each in this sequence, quering stops + /etc/entropy will be queried once each in this sequence, querying stops when enough entropy was collected without querying more sockets. [Lutz Jaenicke] @@ -7346,7 +7346,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k information from an OCSP_CERTID structure (which will be created when the request structure is built). These are built from lower level functions which work on OCSP_SINGLERESP structures but - wont normally be used unless the application wishes to examine + won't normally be used unless the application wishes to examine extensions in the OCSP response for example. Replace nonce routines with a pair of functions. @@ -7422,7 +7422,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k *) New function X509V3_add1_i2d(). This automatically encodes and adds an extension. Its behaviour can be customised with various flags to append, replace or delete. Various wrappers added for - certifcates and CRLs. + certificates and CRLs. [Steve Henson] *) Fix to avoid calling the underlying ASN1 print routine when @@ -7967,7 +7967,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k [Nils Larsch <nla@trustcenter.de>] *) Fix BASE64 decode (EVP_DecodeUpdate) for data with CR/LF ended lines: - an end-of-file condition would erronously be flagged, when the CRLF + an end-of-file condition would erroneously be flagged, when the CRLF was just at the end of a processed block. The bug was discovered when processing data through a buffering memory BIO handing the data to a BASE64-decoding BIO. Bug fund and patch submitted by Pavel Tsekov @@ -8897,7 +8897,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k [Steve Henson] *) When a certificate request is read in keep a copy of the - original encoding of the signed data and use it when outputing + original encoding of the signed data and use it when outputting again. Signatures then use the original encoding rather than a decoded, encoded version which may cause problems if the request is improperly encoded. diff --git a/Configurations/README b/Configurations/README index 8451b44004..da64e8c79b 100644 --- a/Configurations/README +++ b/Configurations/README @@ -401,7 +401,7 @@ BEGINRAW and ENDRAW lines as follows: echo "/* haha */" > haha.h ENDRAW[Makefile(unix)] -The word withing square brackets is the build_file configuration item +The word within square brackets is the build_file configuration item or the build_file configuration item followed by the second word in the build_scheme configuration item for the configured target within parenthesis as shown above. For example, with the following relevant @@ -124,7 +124,7 @@ OPTIONS ts_options[] = { }; /* - * This comand is so complex, special help is needed. + * This command is so complex, special help is needed. */ static char* opt_helplist[] = { "Typical uses:", diff --git a/crypto/aes/asm/aes-ia64.S b/crypto/aes/asm/aes-ia64.S index ef44f7cc76..f7f1f63c9d 100644 --- a/crypto/aes/asm/aes-ia64.S +++ b/crypto/aes/asm/aes-ia64.S @@ -17,7 +17,7 @@ // 'and' which in turn can be assigned to M-port [there're double as // much M-ports as there're I-ports on Itanium 2]. By sacrificing few // registers for small constants (255, 24 and 16) to be used with -// 'shr' and 'and' instructions I can achieve better ILP, Intruction +// 'shr' and 'and' instructions I can achieve better ILP, Instruction // Level Parallelism, and performance. This code outperforms GCC 3.3 // generated code by over factor of 2 (two), GCC 3.4 - by 70% and // HP C - by 40%. Measured best-case scenario, i.e. aligned diff --git a/crypto/aes/asm/aes-ppc.pl b/crypto/aes/asm/aes-ppc.pl index d02dde5bc5..1558d8e454 100644 --- a/crypto/aes/asm/aes-ppc.pl +++ b/crypto/aes/asm/aes-ppc.pl @@ -26,7 +26,7 @@ # February 2010 # # Rescheduling instructions to favour Power6 pipeline gave 10% -# performance improvement on the platfrom in question (and marginal +# performance improvement on the platform in question (and marginal # improvement even on others). It should be noted that Power6 fails # to process byte in 18 cycles, only in 23, because it fails to issue # 4 load instructions in two cycles, only in 3. As result non-compact diff --git a/crypto/aes/asm/aesni-sha256-x86_64.pl b/crypto/aes/asm/aesni-sha256-x86_64.pl index e9ad24f7d7..a5fde2e4d1 100644 --- a/crypto/aes/asm/aesni-sha256-x86_64.pl +++ b/crypto/aes/asm/aesni-sha256-x86_64.pl @@ -35,7 +35,7 @@ # Skylake 2.62/3.14/3.62+7.70 8.10 +27%/34%/40% # Bulldozer 5.77/6.89/8.00+13.7 13.7 +42%/50%/58% # -# (*) there are XOP, AVX1 and AVX2 code pathes, meaning that +# (*) there are XOP, AVX1 and AVX2 code paths, meaning that # Westmere is omitted from loop, this is because gain was not # estimated high enough to justify the effort; # (**) these are EVP-free results, results obtained with 'speed diff --git a/crypto/aes/asm/aesni-x86_64.pl b/crypto/aes/asm/aesni-x86_64.pl index a03da20a5a..25dd120dd2 100644 --- a/crypto/aes/asm/aesni-x86_64.pl +++ b/crypto/aes/asm/aesni-x86_64.pl @@ -4239,7 +4239,7 @@ ___ # Vinodh Gopal <vinodh.gopal@intel.com> # Kahraman Akdemir # -# Agressively optimized in respect to aeskeygenassist's critical path +# Aggressively optimized in respect to aeskeygenassist's critical path # and is contained in %xmm0-5 to meet Win64 ABI requirement. # # int ${PREFIX}_set_encrypt_key(const unsigned char *inp, diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c index 3af1d1b801..679a50dce5 100644 --- a/crypto/asn1/tasn_dec.c +++ b/crypto/asn1/tasn_dec.c @@ -683,7 +683,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) { /* * Clear context cache for type OTHER because the auto clear when we - * have a exact match wont work + * have a exact match won't work */ if (utype == V_ASN1_OTHER) { asn1_tlc_clear(ctx); diff --git a/crypto/asn1/tasn_fre.c b/crypto/asn1/tasn_fre.c index d467b89c80..f730d110bf 100644 --- a/crypto/asn1/tasn_fre.c +++ b/crypto/asn1/tasn_fre.c @@ -99,7 +99,7 @@ static void asn1_item_embed_free(ASN1_VALUE **pval, const ASN1_ITEM *it, asn1_enc_free(pval, it); /* * If we free up as normal we will invalidate any ANY DEFINED BY - * field and we wont be able to determine the type of the field it + * field and we won't be able to determine the type of the field it * defines. So free up in reverse order. */ tt = it->templates + it->tcount; diff --git a/crypto/bio/b_sock2.c b/crypto/bio/b_sock2.c index 726b0629b3..7f4d89e551 100644 --- a/crypto/bio/b_sock2.c +++ b/crypto/bio/b_sock2.c @@ -69,7 +69,7 @@ int BIO_socket(int domain, int socktype, int protocol, int options) * * options holds BIO socket options that can be used * You should call this for every address returned by BIO_lookup - * until the connection is succesful. + * until the connection is successful. * * Returns 1 on success or 0 on failure. On failure errno is set * and an error status is added to the OpenSSL error stack. @@ -144,7 +144,7 @@ int BIO_connect(int sock, const BIO_ADDR *addr, int options) * fail. We can't tell the difference between already listening ourself to * it and someone else listening to it when failing and errno is EADDRINUSE, so * it's recommended to not give an error in that case if the first call was - * succesful. + * successful. * * When restarting the program it could be that the port is still in use. If * you set to BIO_SOCK_REUSEADDR option it will try to reuse the port anyway. diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c index a61ab7cc64..6dc075dc61 100644 --- a/crypto/bio/bss_mem.c +++ b/crypto/bio/bss_mem.c @@ -92,7 +92,7 @@ BIO *BIO_new_mem_buf(const void *buf, int len) b->max = sz; *bb->readp = *bb->buf; ret->flags |= BIO_FLAGS_MEM_RDONLY; - /* Since this is static data retrying wont help */ + /* Since this is static data retrying won't help */ ret->num = 0; return ret; } diff --git a/crypto/bn/asm/ia64.S b/crypto/bn/asm/ia64.S index 2fdf5bbabe..f2404a3c1e 100644 --- a/crypto/bn/asm/ia64.S +++ b/crypto/bn/asm/ia64.S @@ -29,7 +29,7 @@ // ports is the same, i.e. 2, while I need 4. In other words, to this // module Itanium2 remains effectively as "wide" as Itanium. Yet it's // essentially different in respect to this module, and a re-tune was -// required. Well, because some intruction latencies has changed. Most +// required. Well, because some instruction latencies has changed. Most // noticeably those intensively used: // // Itanium Itanium2 @@ -370,7 +370,7 @@ bn_mul_words: // The loop therefore spins at the latency of xma minus 1, or in other // words at 6*(n+4) ticks:-( Compare to the "production" loop above // that runs in 2*(n+11) where the low latency problem is worked around -// by moving the dependency to one-tick latent interger ALU. Note that +// by moving the dependency to one-tick latent integer ALU. Note that // "distance" between ldf8 and xma is not latency of ldf8, but the // *difference* between xma and ldf8 latencies. .L_bn_mul_words_ctop: @@ -432,7 +432,7 @@ bn_mul_add_words: // version was performing *all* additions in IALU and was starving // for those even on Itanium 2. In this version one addition is // moved to FPU and is folded with multiplication. This is at cost -// of propogating the result from previous call to this subroutine +// of propagating the result from previous call to this subroutine // to L2 cache... In other words negligible even for shorter keys. // *Overall* performance improvement [over previous version] varies // from 11 to 22 percent depending on key length. diff --git a/crypto/bn/asm/mips.pl b/crypto/bn/asm/mips.pl index e3a38bd140..420f01f3a4 100644 --- a/crypto/bn/asm/mips.pl +++ b/crypto/bn/asm/mips.pl @@ -22,7 +22,7 @@ # This is drop-in MIPS III/IV ISA replacement for crypto/bn/bn_asm.c. # # The module is designed to work with either of the "new" MIPS ABI(5), -# namely N32 or N64, offered by IRIX 6.x. It's not ment to work under +# namely N32 or N64, offered by IRIX 6.x. It's not meant to work under # IRIX 5.x not only because it doesn't support new ABIs but also # because 5.x kernels put R4x00 CPU into 32-bit mode and all those # 64-bit instructions (daddu, dmultu, etc.) found below gonna only diff --git a/crypto/bn/asm/ppc.pl b/crypto/bn/asm/ppc.pl index 346e01faf5..4ea534a1c7 100644 --- a/crypto/bn/asm/ppc.pl +++ b/crypto/bn/asm/ppc.pl @@ -425,7 +425,7 @@ $data=<<EOF; # r9,r10, r11 are the equivalents of c1,c2, c3. # # Possible optimization of loading all 8 longs of a into registers -# doesnt provide any speedup +# doesn't provide any speedup # xor r0,r0,r0 #set r0 = 0.Used in addze @@ -1015,7 +1015,7 @@ $data=<<EOF; $UMULL r8,r6,r7 $UMULH r9,r6,r7 addc r11,r11,r8 - addze r12,r9 # since we didnt set r12 to zero before. + addze r12,r9 # since we didn't set r12 to zero before. addze r10,r0 #mul_add_c(a[1],b[0],c2,c3,c1); $LD r6,`1*$BNSZ`(r4) diff --git a/crypto/bn/asm/sparcv8plus.S b/crypto/bn/asm/sparcv8plus.S index e77e67aa57..714a136675 100644 --- a/crypto/bn/asm/sparcv8plus.S +++ b/crypto/bn/asm/sparcv8plus.S @@ -52,7 +52,7 @@ * # cd ../.. * # make; make test * - * Q. V8plus achitecture? What kind of beast is that? + * Q. V8plus architecture? What kind of beast is that? * A. Well, it's rather a programming model than an architecture... * It's actually v9-compliant, i.e. *any* UltraSPARC, CPU under * special conditions, namely when kernel doesn't preserve upper diff --git a/crypto/bn/asm/sparcv9-mont.pl b/crypto/bn/asm/sparcv9-mont.pl index 771cd96141..c36ce36806 100644 --- a/crypto/bn/asm/sparcv9-mont.pl +++ b/crypto/bn/asm/sparcv9-mont.pl @@ -20,7 +20,7 @@ # for undertaken effort are multiple. First of all, UltraSPARC is not # the whole SPARCv9 universe and other VIS-free implementations deserve # optimized code as much. Secondly, newly introduced UltraSPARC T1, -# a.k.a. Niagara, has shared FPU and concurrent FPU-intensive pathes, +# a.k.a. Niagara, has shared FPU and concurrent FPU-intensive paths, # such as sparcv9a-mont, will simply sink it. Yes, T1 is equipped with # several integrated RSA/DSA accelerator circuits accessible through # kernel driver [only(*)], but having decent user-land software diff --git a/crypto/bn/asm/sparcv9a-mont.pl b/crypto/bn/asm/sparcv9a-mont.pl index 902c0d3ad2..50b690653f 100755 --- a/crypto/bn/asm/sparcv9a-mont.pl +++ b/crypto/bn/asm/sparcv9a-mont.pl @@ -58,7 +58,7 @@ # # Modulo-scheduled inner loops allow to interleave floating point and # integer instructions and minimize Read-After-Write penalties. This -# results in *further* 20-50% perfromance improvement [depending on +# results in *further* 20-50% performance improvement [depending on # key length, more for longer keys] on USI&II cores and 30-80% - on # USIII&IV. diff --git a/crypto/bn/asm/x86-mont.pl b/crypto/bn/asm/x86-mont.pl index 9994b0bf96..09296ec662 100755 --- a/crypto/bn/asm/x86-mont.pl +++ b/crypto/bn/asm/x86-mont.pl @@ -294,7 +294,7 @@ if (0) { &xor ("eax","eax"); # signal "not fast enough [yet]" &jmp (&label("just_leave")); # While the below code provides competitive performance for - # all key lengthes on modern Intel cores, it's still more + # all key lengths on modern Intel cores, it's still more # than 10% slower for 4096-bit key elsewhere:-( "Competitive" # means compared to the original integer-only assembler. # 512-bit RSA sign is better by ~40%, but that's about all diff --git a/crypto/chacha/asm/chacha-armv4.pl b/crypto/chacha/asm/chacha-armv4.pl index 5b3e7be781..b5e21e4938 100755 --- a/crypto/chacha/asm/chacha-armv4.pl +++ b/crypto/chacha/asm/chacha-armv4.pl @@ -1134,7 +1134,7 @@ $code.=<<___; ldrb @t[1],[r12],#1 @ read input subs @t[3],@t[3],#1 eor @t[0],@t[0],@t[1] - strb @t[0],[r14],#1 @ store ouput + strb @t[0],[r14],#1 @ store output bne .Loop_tail_neon .Ldone_neon: diff --git a/crypto/ec/asm/ecp_nistz256-armv4.pl b/crypto/ec/asm/ecp_nistz256-armv4.pl index 62761f8c96..73b7a55806 100755 --- a/crypto/ec/asm/ecp_nistz256-armv4.pl +++ b/crypto/ec/asm/ecp_nistz256-armv4.pl @@ -374,7 +374,7 @@ __ecp_nistz256_div_by_2: mov $ff,$a0,lsl#31 @ place least significant bit to most @ significant position, now arithmetic @ right shift by 31 will produce -1 or - @ 0, while logical rigth shift 1 or 0, + @ 0, while logical right shift 1 or 0, @ this is how modulus is conditionally @ synthesized in this case... ldr $a3,[$a_ptr,#12] diff --git a/crypto/include/internal/cryptlib_int.h b/crypto/include/internal/cryptlib_int.h index aa02ddcd17..8e2a7199a1 100644 --- a/crypto/include/internal/cryptlib_int.h +++ b/crypto/include/internal/cryptlib_int.h @@ -20,7 +20,7 @@ int ossl_init_thread_start(uint64_t opts); /* * OPENSSL_INIT flags. The primary list of these is in crypto.h. Flags below - * are those ommitted from crypto.h because they are "reserved for internal + * are those omitted from crypto.h because they are "reserved for internal * use". */ # define OPENSSL_INIT_ZLIB 0x00010000L diff --git a/crypto/modes/asm/ghash-x86.pl b/crypto/modes/asm/ghash-x86.pl index 4eb0b2c6e5..cd8458256e 100644 --- a/crypto/modes/asm/ghash-x86.pl +++ b/crypto/modes/asm/ghash-x86.pl @@ -95,7 +95,7 @@ # where Tproc is time required for Karatsuba pre- and post-processing, # is more realistic estimate. In this case it gives ... 1.91 cycles. # Or in other words, depending on how well we can interleave reduction -# and one of the two multiplications the performance should be betwen +# and one of the two multiplications the performance should be between # 1.91 and 2.16. As already mentioned, this implementation processes # one byte out of 8KB buffer in 2.10 cycles, while x86_64 counterpart # - in 2.02. x86_64 performance is better, because larger register @@ -722,7 +722,7 @@ sub mmx_loop() { &pxor ($red[1],$red[1]); &pxor ($red[2],$red[2]); - # Just like in "May" verson modulo-schedule for critical path in + # Just like in "May" version modulo-schedule for critical path in # 'Z.hi ^= rem_8bit[Z.lo&0xff^((u8)H[nhi]<<4)]<<48'. Final 'pxor' # is scheduled so late that rem_8bit[] has to be shifted *right* # by 16, which is why last argument to pinsrw is 2, which @@ -1148,7 +1148,7 @@ my ($Xhi,$Xi) = @_; &movdqu (&QWP(0,$Xip),$Xi); &function_end("gcm_ghash_clmul"); -} else { # Algorith 5. Kept for reference purposes. +} else { # Algorithm 5. Kept for reference purposes. sub reduction_alg5 { # 19/16 times faster than Intel version my ($Xhi,$Xi)=@_; diff --git a/crypto/ocsp/ocsp_cl.c b/crypto/ocsp/ocsp_cl.c index 12d5bef574..0ae474b332 100644 --- a/crypto/ocsp/ocsp_cl.c +++ b/crypto/ocsp/ocsp_cl.c @@ -299,7 +299,7 @@ int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status, /* * Check validity of thisUpdate and nextUpdate fields. It is possible that - * the request will take a few seconds to process and/or the time wont be + * the request will take a few seconds to process and/or the time won't be * totally accurate. Therefore to avoid rejecting otherwise valid time we * allow the times to be within 'nsec' of the current time. Also to avoid * accepting very old responses without a nextUpdate field an optional maxage diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c index 8965fda8d0..2792593cb2 100644 --- a/crypto/pem/pem_lib.c +++ b/crypto/pem/pem_lib.c @@ -151,7 +151,7 @@ static int check_pem(const char *nm, const char *name) slen = pem_check_suffix(nm, "PRIVATE KEY"); if (slen > 0) { /* - * NB: ENGINE implementations wont contain a deprecated old + * NB: ENGINE implementations won't contain a deprecated old * private key decode function so don't look for them. */ ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen); diff --git a/crypto/poly1305/asm/poly1305-ppc.pl b/crypto/poly1305/asm/poly1305-ppc.pl index 8a06c77c83..ab65910282 100755 --- a/crypto/poly1305/asm/poly1305-ppc.pl +++ b/crypto/poly1305/asm/poly1305-ppc.pl @@ -62,7 +62,7 @@ if ($flavour =~ /64/) { $PUSH ="stw"; } else { die "nonsense $flavour"; } -# Define endianess based on flavour +# Define endianness based on flavour # i.e.: linux64le $LITTLE_ENDIAN = ($flavour=~/le$/) ? $SIZE_T : 0; diff --git a/crypto/rand/rand_egd.c b/crypto/rand/rand_egd.c index f4bfd8696c..fb6bad70dc 100644 --- a/crypto/rand/rand_egd.c +++ b/crypto/rand/rand_egd.c @@ -48,7 +48,7 @@ NON_EMPTY_TRANSLATION_UNIT * the number of bytes requested or smaller, if the EGD pool is * drained and the daemon signals that the pool is empty. * - * RAND_egd(path) will query 255 bytes and use the bytes retreived to seed + * RAND_egd(path) will query 255 bytes and use the bytes retrieved to seed * the PRNG. * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255. */ diff --git a/crypto/rc4/asm/rc4-586.pl b/crypto/rc4/asm/rc4-586.pl index 936177778d..7d6f97c59e 100644 --- a/crypto/rc4/asm/rc4-586.pl +++ b/crypto/rc4/asm/rc4-586.pl @@ -157,7 +157,7 @@ if ($alt=0) { &movd ($i>0?"mm1":"mm2",&DWP(0,$dat,$ty,4)); # (*) This is the key to Core2 and Westmere performance. - # Whithout movz out-of-order execution logic confuses + # Without movz out-of-order execution logic confuses # itself and fails to reorder loads and stores. Problem # appears to be fixed in Sandy Bridge... } diff --git a/crypto/rc4/asm/rc4-x86_64.pl b/crypto/rc4/asm/rc4-x86_64.pl index 5ae0c6dd49..aaed2b1e61 100755 --- a/crypto/rc4/asm/rc4-x86_64.pl +++ b/crypto/rc4/asm/rc4-x86_64.pl @@ -57,7 +57,7 @@ # As was shown by Zou Nanhai loop unrolling can improve Intel EM64T # performance by >30% [unlike P4 32-bit case that is]. But this is # provided that loads are reordered even more aggressively! Both code -# pathes, AMD64 and EM64T, reorder loads in essentially same manner +# paths, AMD64 and EM64T, reorder loads in essentially same manner # as my IA-64 implementation. On Opteron this resulted in modest 5% # improvement [I had to test it], while final Intel P4 performance # achieves respectful 432MBps on 2.8GHz processor now. For reference. diff --git a/crypto/sha/asm/sha1-ppc.pl b/crypto/sha/asm/sha1-ppc.pl index 7a66e0353e..add5a9ea5c 100755 --- a/crypto/sha/asm/sha1-ppc.pl +++ b/crypto/sha/asm/sha1-ppc.pl @@ -44,7 +44,7 @@ if ($flavour =~ /64/) { $PUSH ="stw"; } else { die "nonsense $flavour"; } -# Define endianess based on flavour +# Define endianness based on flavour # i.e.: linux64le $LITTLE_ENDIAN = ($flavour=~/le$/) ? $SIZE_T : 0; diff --git a/crypto/sha/asm/sha512-x86_64.pl b/crypto/sha/asm/sha512-x86_64.pl index 3dbb23ae11..63a62656f6 100755 --- a/crypto/sha/asm/sha512-x86_64.pl +++ b/crypto/sha/asm/sha512-x86_64.pl @@ -41,7 +41,7 @@ # level parallelism, on a given CPU implementation in this case. # # Special note on Intel EM64T. While Opteron CPU exhibits perfect -# perfromance ratio of 1.5 between 64- and 32-bit flavors [see above], +# performance ratio of 1.5 between 64- and 32-bit flavors [see above], # [currently available] EM64T CPUs apparently are far from it. On the # contrary, 64-bit version, sha512_block, is ~30% *slower* than 32-bit # sha256_block:-( This is presumably because 64-bit shifts/rotates diff --git a/crypto/sparccpuid.S b/crypto/sparccpuid.S index 4c394fa00d..c6ca224738 100644 --- a/crypto/sparccpuid.S +++ b/crypto/sparccpuid.S @@ -298,7 +298,7 @@ _sparcv9_vis1_instrument: sub %o3,%o2,%o2 sub %o4,%o3,%o3 - ! find minumum value + ! find minimum value cmp %o0,%o1 .word 0x38680002 !bgu,a %xcc,.+8 mov %o1,%o0 diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 28745741b2..36baeacb9d 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -889,7 +889,7 @@ static int check_cert(X509_STORE_CTX *ctx) crl = NULL; dcrl = NULL; /* - * If reasons not updated we wont get anywhere by another iteration, + * If reasons not updated we won't get anywhere by another iteration, * so exit loop. */ if (last_reasons == ctx->current_reasons) { diff --git a/crypto/x509/x_crl.c b/crypto/x509/x_crl.c index f4bcea56d1..f94d04c37d 100644 --- a/crypto/x509/x_crl.c +++ b/crypto/x509/x_crl.c @@ -41,7 +41,7 @@ static const X509_CRL_METHOD *default_crl_method = &int_crl_meth; /* * The X509_CRL_INFO structure needs a bit of customisation. Since we cache - * the original encoding the signature wont be affected by reordering of the + * the original encoding the signature won't be affected by reordering of the * revoked field. */ static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, diff --git a/crypto/x509v3/pcy_tree.c b/crypto/x509v3/pcy_tree.c index df50d803e2..9f9246beae 100644 --- a/crypto/x509v3/pcy_tree.c +++ b/crypto/x509v3/pcy_tree.c @@ -129,7 +129,7 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, * decremented for every non-self-issued certificate in the path, but may * be further reduced by policy constraints in a non-leaf certificate. * - * The ultimate policy set is the interesection of all the policies along + * The ultimate policy set is the intersection of all the policies along * the path, if we hit a certificate with an empty policy set, and explicit * policy is required we're done. */ diff --git a/doc/apps/cms.pod b/doc/apps/cms.pod index 4a2b604a83..b6546133cf 100644 --- a/doc/apps/cms.pod +++ b/doc/apps/cms.pod @@ -499,7 +499,7 @@ a blank line. Piping the mail directly to sendmail is one way to achieve the correct format. The supplied message to be signed or encrypted must include the -necessary MIME headers or many S/MIME clients wont display it +necessary MIME headers or many S/MIME clients won't display it properly (if at all). You can use the B<-text> option to automatically add plain text headers. diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod index 77668ea44e..4ed032ca32 100644 --- a/doc/apps/s_client.pod +++ b/doc/apps/s_client.pod @@ -327,7 +327,7 @@ and accepted from the server. =item B<-dtls>, B<-dtls1>, B<-dtls1_2> These options make B<s_client> use DTLS protocols instead of TLS. -With B<-dtls>, B<s_client> will negotiate any supported DTLS protcol version, +With B<-dtls>, B<s_client> will negotiate any supported DTLS protocol version, whilst B<-dtls1> and B<-dtls1_2> will only support DTLS1.0 and DTLS1.2 respectively. diff --git a/doc/apps/sess_id.pod b/doc/apps/sess_id.pod index b098528bb8..3694f7d838 100644 --- a/doc/apps/sess_id.pod +++ b/doc/apps/sess_id.pod @@ -72,7 +72,7 @@ this option prevents output of the encoded version of the session. =item B<-context ID> this option can set the session id so the output session information uses the -supplied ID. The ID can be any string of characters. This option wont normally +supplied ID. The ID can be any string of characters. This option won't normally be used. =back diff --git a/doc/apps/smime.pod b/doc/apps/smime.pod index 05cefea7e2..2c7661daf0 100644 --- a/doc/apps/smime.pod +++ b/doc/apps/smime.pod @@ -331,7 +331,7 @@ a blank line. Piping the mail directly to sendmail is one way to achieve the correct format. The supplied message to be signed or encrypted must include the -necessary MIME headers or many S/MIME clients wont display it +necessary MIME headers or many S/MIME clients won't display it properly (if at all). You can use the B<-text> option to automatically add plain text headers. diff --git a/doc/crypto/ASYNC_start_job.pod b/doc/crypto/ASYNC_start_job.pod index edec50b573..c10a66f565 100644 --- a/doc/crypto/ASYNC_start_job.pod +++ b/doc/crypto/ASYNC_start_job.pod @@ -128,7 +128,7 @@ The ASYNC_block_pause() function will prevent the currently active job from pausing. The block will remain in place until a subsequent call to ASYNC_unblock_pause(). These functions can be nested, e.g. if you call ASYNC_block_pause() twice then you must call ASYNC_unblock_pause() twice in -order to reenable pausing. If these functions are called while there is no +order to re-enable pausing. If these functions are called while there is no currently active job then they have no effect. This functionality can be useful to avoid deadlock scenarios. For example during the execution of an ASYNC_JOB an application acquires a lock. It then calls some cryptographic function which diff --git a/doc/crypto/EVP_EncryptInit.pod b/doc/crypto/EVP_EncryptInit.pod index 8286a717e9..d981620908 100644 --- a/doc/crypto/EVP_EncryptInit.pod +++ b/doc/crypto/EVP_EncryptInit.pod @@ -560,7 +560,7 @@ Encrypt a string using IDEA: EVP_CIPHER_CTX_free(ctx); /* Need binary mode for fopen because encrypted data is * binary data. Also cannot use strlen() on it because - * it wont be null terminated and may contain embedded + * it won't be null terminated and may contain embedded * nulls. */ out = fopen(outfile, "wb"); diff --git a/doc/crypto/OPENSSL_malloc.pod b/doc/crypto/OPENSSL_malloc.pod index 0060b989a9..50f09751cf 100644 --- a/doc/crypto/OPENSSL_malloc.pod +++ b/doc/crypto/OPENSSL_malloc.pod @@ -179,7 +179,7 @@ CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened). -CRYPTO_mem_ctrl() returns -1 if an error occured, otherwise the +CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode. OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() diff --git a/doc/crypto/X509_STORE_CTX_set_verify_cb.pod b/doc/crypto/X509_STORE_CTX_set_verify_cb.pod index 034a5804e9..266a4c1ecb 100644 --- a/doc/crypto/X509_STORE_CTX_set_verify_cb.pod +++ b/doc/crypto/X509_STORE_CTX_set_verify_cb.pod @@ -201,7 +201,7 @@ X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() -and X509_STORE_CTX_get_cleanup() were addded in OpenSSL 1.1.0. +and X509_STORE_CTX_get_cleanup() were added in OpenSSL 1.1.0. =head1 COPYRIGHT diff --git a/doc/crypto/X509_STORE_set_verify_cb_func.pod b/doc/crypto/X509_STORE_set_verify_cb_func.pod index 89135f4e13..c4f48162c3 100644 --- a/doc/crypto/X509_STORE_set_verify_cb_func.pod +++ b/doc/crypto/X509_STORE_set_verify_cb_func.pod @@ -246,7 +246,7 @@ X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), -X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were addded in +X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0. =head1 COPYRIGHT diff --git a/doc/crypto/X509_get_extension_flags.pod b/doc/crypto/X509_get_extension_flags.pod index a4a33ae937..92e8a6ba1f 100644 --- a/doc/crypto/X509_get_extension_flags.pod +++ b/doc/crypto/X509_get_extension_flags.pod @@ -118,7 +118,7 @@ certificate B<x>. This is for the users who need to mark non-RFC3820 proxy certificates as such, as OpenSSL only detects RFC3820 compliant ones. X509_get_proxy_pathlen() returns the proxy certificate path length for the -given certificate B<x> if it is a proxy certicate. +given certificate B<x> if it is a proxy certificate. =head1 NOTES diff --git a/include/openssl/bn.h b/include/openssl/bn.h index 1e3c24af46..4dc2abd838 100644 --- a/include/openssl/bn.h +++ b/include/openssl/bn.h @@ -76,7 +76,7 @@ extern "C" { # if OPENSSL_API_COMPAT < 0x00908000L /* deprecated name for the flag */ # define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME -# define BN_FLG_FREE 0x8000 /* used for debuging */ +# define BN_FLG_FREE 0x8000 /* used for debugging */ # endif void BN_set_flags(BIGNUM *b, int n); diff --git a/include/openssl/engine.h b/include/openssl/engine.h index c0bedf6f97..319371e425 100644 --- a/include/openssl/engine.h +++ b/include/openssl/engine.h @@ -672,7 +672,7 @@ typedef struct st_dynamic_MEM_fns { } dynamic_MEM_fns; /* * FIXME: Perhaps the memory and locking code (crypto.h) should declare and - * use these types so we (and any other dependant code) can simplify a bit?? + * use these types so we (and any other dependent code) can simplify a bit?? */ /* The top-level structure */ typedef struct st_dynamic_fns { diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index ef05f70824..f502cadb1d 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -1502,7 +1502,7 @@ typedef struct cert_st { unsigned char *ctypes; size_t ctype_num; /* - * suppported signature algorithms. When set on a client this is sent in + * supported signature algorithms. When set on a client this is sent in * the client hello as the supported signature algorithms extension. For * servers it represents the signature algorithms we are willing to use. */ diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c index 31ae1cbc8f..3f44175252 100644 --- a/ssl/statem/statem_dtls.c +++ b/ssl/statem/statem_dtls.c @@ -800,7 +800,7 @@ static int dtls_get_reassembled_message(SSL *s, long *len) s->init_num = 0; goto redo; - } else { /* Incorrectly formated Hello request */ + } else { /* Incorrectly formatted Hello request */ al = SSL_AD_UNEXPECTED_MESSAGE; SSLerr(SSL_F_DTLS_GET_REASSEMBLED_MESSAGE, diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index dc43095a1d..602336acd9 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -1443,8 +1443,8 @@ WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst) /*- * we now have the following setup. * client_random - * cipher_list - our prefered list of ciphers - * ciphers - the clients prefered list of ciphers + * cipher_list - our preferred list of ciphers + * ciphers - the clients preferred list of ciphers * compression - basically ignored right now * ssl version is set - sslv3 * s->session - The ssl session has been setup. diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 124a53c5a8..70f70d146c 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -478,7 +478,7 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, unsigned char hash[EVP_MAX_MD_SIZE * 2]; int hashlen; /* Digest cached records keeping record buffer (if present): - * this wont affect client auth because we're freezing the buffer + * this won't affect client auth because we're freezing the buffer * at the same point (after client key exchange and before certificate * verify) */ diff --git a/test/destest.c b/test/destest.c index 877f71d3fb..84d753dde9 100644 --- a/test/destest.c +++ b/test/destest.c @@ -214,7 +214,7 @@ static unsigned char cbc_ok[32] = { }; # ifdef SCREW_THE_PARITY -# error "SCREW_THE_PARITY is not ment to be defined." +# error "SCREW_THE_PARITY is not meant to be defined." # error "Original vectors are preserved for reference only." static unsigned char cbc2_key[8] = { 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87 }; diff --git a/test/ecdsatest.c b/test/ecdsatest.c index 538f9dfe9d..ce73778791 100644 --- a/test/ecdsatest.c +++ b/test/ecdsatest.c @@ -270,7 +270,7 @@ int test_builtin(BIO *out) } /* - * create and verify a ecdsa signature with every availble curve (with ) + * create and verify a ecdsa signature with every available curve (with ) */ BIO_printf(out, "\ntesting ECDSA_sign() and ECDSA_verify() " "with some internal curves:\n"); diff --git a/test/recipes/01-test_symbol_presence.t b/test/recipes/01-test_symbol_presence.t index 32827f573e..dbd4b1008d 100644 --- a/test/recipes/01-test_symbol_presence.t +++ b/test/recipes/01-test_symbol_presence.t @@ -23,7 +23,7 @@ my $testcount = scalar @libnames; plan tests => $testcount * 2; note - "NOTE: developper test! It's possible that it won't run on your\n", + "NOTE: developer test! It's possible that it won't run on your\n", "platform, and that's perfectly fine. This is mainly for developers\n", "on Unix to check that our shared libraries are consistent with the\n", "ordinals (util/*.num in the source tree), something that should be\n", diff --git a/test/recipes/25-test_d2i.t b/test/recipes/25-test_d2i.t index 77afe3fb9f..9db0b2be45 100644 --- a/test/recipes/25-test_d2i.t +++ b/test/recipes/25-test_d2i.t @@ -38,7 +38,7 @@ ok(run(test(["d2i_test", "ASN1_ANY", "OK", srctop_file('test','d2i-tests','high_tag.der')])), "Running d2i_test high_tag.der"); -# Above test data but interpeted as ASN.1 INTEGER: this will be rejected +# Above test data but interpreted as ASN.1 INTEGER: this will be rejected # because the tag is invalid. ok(run(test(["d2i_test", "ASN1_INTEGER", "decode", srctop_file('test','d2i-tests','high_tag.der')])), diff --git a/test/recipes/70-test_sslrecords.t b/test/recipes/70-test_sslrecords.t index 5a569d3052..0ae018a07d 100644 --- a/test/recipes/70-test_sslrecords.t +++ b/test/recipes/70-test_sslrecords.t @@ -110,7 +110,7 @@ sub add_frag_alert_filter #); #push @{$proxy->record_list}, $record; - # Now add the alert level (Fatal) as a seperate record + # Now add the alert level (Fatal) as a separate record $byte = pack('C', TLSProxy::Message::AL_LEVEL_FATAL); my $record = TLSProxy::Record->new( 0, diff --git a/test/smime-certs/ca.cnf b/test/smime-certs/ca.cnf index 5e8b108654..835b2c672d 100644 --- a/test/smime-certs/ca.cnf +++ b/test/smime-certs/ca.cnf @@ -16,7 +16,7 @@ default_keyfile = privkey.pem # Don't prompt for fields: use those in section directly prompt = no distinguished_name = req_distinguished_name -x509_extensions = v3_ca # The extentions to add to the self signed cert +x509_extensions = v3_ca # The extensions to add to the self signed cert string_mask = utf8only # req_extensions = v3_req # The extensions to add to a certificate request |