Fix typos

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17392)

(cherry picked from commit e304aa87b35fac5ea97c405dd3c21549faa45e78)

16 files changed, 20 insertions, 20 deletions

diff --git a/crypto/aes/asm/aesv8-armx.pl b/crypto/aes/asm/aesv8-armx.pl
index ed5ae4207c..835bd49c11 100755
--- a/crypto/aes/asm/aesv8-armx.pl
+++ b/crypto/aes/asm/aesv8-armx.pl
@@ -417,7 +417,7 @@ ___
 # If lsize < 3*16 bytes, treat them as the tail, interleave the
 # two blocks AES instructions.
 # There is one special case, if the original input data size dsize
-# = 16 bytes, we will treat it seperately to improve the
+# = 16 bytes, we will treat it separately to improve the
 # performance: one independent code block without LR, FP load and
 # store, just looks like what the original ECB implementation does.
 
@@ -2222,7 +2222,7 @@ ___
 # will be processed specially, which be integrated into the 5*16 bytes
 # loop to improve the efficiency.
 # There is one special case, if the original input data size dsize
-# = 16 bytes, we will treat it seperately to improve the
+# = 16 bytes, we will treat it separately to improve the
 # performance: one independent code block without LR, FP load and
 # store.
 # Encryption will process the (length -tailcnt) bytes as mentioned
@@ -3555,7 +3555,7 @@ $code.=<<___	if ($flavour =~ /64/);
 	cbnz	x2,.Lxts_dec_1st_done
 	vld1.32	{$dat0},[$inp],#16
 
-	// Decrypt the last secod block to get the last plain text block
+	// Decrypt the last second block to get the last plain text block
 .Lxts_dec_1st_done:
 	eor	$tmpin,$dat0,$iv1
 	ldr	$rounds,[$key1,#240]
diff --git a/crypto/bn/asm/rsaz-2k-avx512.pl b/crypto/bn/asm/rsaz-2k-avx512.pl
index 80bc4a51b2..2ae7f70b72 100644
--- a/crypto/bn/asm/rsaz-2k-avx512.pl
+++ b/crypto/bn/asm/rsaz-2k-avx512.pl
@@ -97,7 +97,7 @@ ___
 # specified in the original algorithm as according to the Lemma 1 from the paper
 # [2], the result will be always < 2*m and can be used as a direct input to
 # the next AMM iteration.  This post-condition is true, provided the correct
-# parameter |s| (notion of the Lemma 1 from [2]) is choosen, i.e.  s >= n + 2 * k,
+# parameter |s| (notion of the Lemma 1 from [2]) is chosen, i.e.  s >= n + 2 * k,
 # which matches our case: 1040 > 1024 + 2 * 1.
 #
 # [1] Gueron, S. Efficient software implementations of modular exponentiation.
diff --git a/crypto/bn/asm/rsaz-3k-avx512.pl b/crypto/bn/asm/rsaz-3k-avx512.pl
index e294afd294..5e8fa4b35b 100644
--- a/crypto/bn/asm/rsaz-3k-avx512.pl
+++ b/crypto/bn/asm/rsaz-3k-avx512.pl
@@ -75,7 +75,7 @@ if ($avx512ifma>0) {{{
 # specified in the original algorithm as according to the Lemma 1 from the paper
 # [2], the result will be always < 2*m and can be used as a direct input to
 # the next AMM iteration.  This post-condition is true, provided the correct
-# parameter |s| (notion of the Lemma 1 from [2]) is choosen, i.e.  s >= n + 2 * k,
+# parameter |s| (notion of the Lemma 1 from [2]) is chosen, i.e.  s >= n + 2 * k,
 # which matches our case: 1560 > 1536 + 2 * 1.
 #
 # [1] Gueron, S. Efficient software implementations of modular exponentiation.
diff --git a/crypto/bn/asm/rsaz-4k-avx512.pl b/crypto/bn/asm/rsaz-4k-avx512.pl
index fb5bf10198..417e6dc809 100644
--- a/crypto/bn/asm/rsaz-4k-avx512.pl
+++ b/crypto/bn/asm/rsaz-4k-avx512.pl
@@ -72,7 +72,7 @@ if ($avx512ifma>0) {{{
 # specified in the original algorithm as according to the Lemma 1 from the paper
 # [2], the result will be always < 2*m and can be used as a direct input to
 # the next AMM iteration.  This post-condition is true, provided the correct
-# parameter |s| (notion of the Lemma 1 from [2]) is choosen, i.e.  s >= n + 2 * k,
+# parameter |s| (notion of the Lemma 1 from [2]) is chosen, i.e.  s >= n + 2 * k,
 # which matches our case: 2080 > 2048 + 2 * 1.
 #
 # [1] Gueron, S. Efficient software implementations of modular exponentiation.
diff --git a/crypto/cmp/cmp_vfy.c b/crypto/cmp/cmp_vfy.c
index b9d6fc2bdd..1696685ae9 100644
--- a/crypto/cmp/cmp_vfy.c
+++ b/crypto/cmp/cmp_vfy.c
@@ -598,7 +598,7 @@ int OSSL_CMP_validate_msg(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg)
                 break;
             }
             ossl_cmp_debug(ctx,
-                           "sucessfully validated PBM-based CMP message protection");
+                           "successfully validated PBM-based CMP message protection");
             return 1;
         }
         ossl_cmp_warn(ctx, "verifying PBM-based CMP message protection failed");
@@ -628,7 +628,7 @@ int OSSL_CMP_validate_msg(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg)
             /* use ctx->srvCert for signature check even if not acceptable */
             if (verify_signature(ctx, msg, scrt)) {
                 ossl_cmp_debug(ctx,
-                               "sucessfully validated signature-based CMP message protection");
+                               "successfully validated signature-based CMP message protection");
 
                 return 1;
             }
@@ -646,7 +646,7 @@ int OSSL_CMP_validate_msg(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg)
  * Any msg->extraCerts are prepended to ctx->untrusted.
  *
  * Ensures that:
- * its sender is of appropriate type (curently only X509_NAME) and
+ * its sender is of appropriate type (currently only X509_NAME) and
  *     matches any expected sender or srvCert subject given in the ctx
  * it has a valid body type
  * its protection is valid (or invalid/absent, but only if a callback function
diff --git a/crypto/context.c b/crypto/context.c
index bdfc4d02a3..1647371bb7 100644
--- a/crypto/context.c
+++ b/crypto/context.c
@@ -404,7 +404,7 @@ void *ossl_lib_ctx_get_data(OSSL_LIB_CTX *ctx, int index,
      * The alloc call ensures there's a value there. We release the ctx->lock
      * for this, because the allocation itself may recursively call
      * ossl_lib_ctx_get_data for other indexes (never this one). The allocation
-     * will itself aquire the ctx->lock when it actually comes to store the
+     * will itself acquire the ctx->lock when it actually comes to store the
      * allocated data (see ossl_lib_ctx_generic_new() above). We call
      * ossl_crypto_alloc_ex_data_intern() here instead of CRYPTO_alloc_ex_data().
      * They do the same thing except that the latter calls CRYPTO_get_ex_data()
diff --git a/crypto/ec/ec2_oct.c b/crypto/ec/ec2_oct.c
index 10a4932591..0b37c4f802 100644
--- a/crypto/ec/ec2_oct.c
+++ b/crypto/ec/ec2_oct.c
@@ -272,7 +272,7 @@ int ossl_ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
     }
 
     /*
-     * The first octet is the point converison octet PC, see X9.62, page 4
+     * The first octet is the point conversion octet PC, see X9.62, page 4
      * and section 4.4.2.  It must be:
      *     0x00          for the point at infinity
      *     0x02 or 0x03  for compressed form
diff --git a/crypto/encode_decode/encoder_lib.c b/crypto/encode_decode/encoder_lib.c
index 7a55c7ab9a..7868da79b7 100644
--- a/crypto/encode_decode/encoder_lib.c
+++ b/crypto/encode_decode/encoder_lib.c
@@ -522,7 +522,7 @@ static int encoder_process(struct encoder_process_data_st *data)
 
         OSSL_TRACE_BEGIN(ENCODER) {
             BIO_printf(trc_out,
-                       "[%d]    Skipping because recusion level %d failed\n",
+                       "[%d]    Skipping because recursion level %d failed\n",
                        data->level, new_data.level);
         } OSSL_TRACE_END(ENCODER);
     }
diff --git a/crypto/evp/ctrl_params_translate.c b/crypto/evp/ctrl_params_translate.c
index c767c31643..47a935ce9c 100644
--- a/crypto/evp/ctrl_params_translate.c
+++ b/crypto/evp/ctrl_params_translate.c
@@ -2192,7 +2192,7 @@ static const struct translation_st evp_pkey_ctx_translations[] = {
       OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
     /*
      * The "rsa_oaep_label" ctrl_str expects the value to always be hex.
-     * This is accomodated by default_fixup_args() above, which mimics that
+     * This is accommodated by default_fixup_args() above, which mimics that
      * expectation for any translation item where |ctrl_str| is NULL and
      * |ctrl_hexstr| is non-NULL.
      */
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
index 76a6814b42..fc087d2cb6 100644
--- a/crypto/evp/m_sigver.c
+++ b/crypto/evp/m_sigver.c
@@ -239,7 +239,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
              * This might be requested by a later call to EVP_MD_CTX_get0_md().
              * In that case the "explicit fetch" rules apply for that
              * function (as per man pages), i.e. the ref count is not updated
-             * so the EVP_MD should not be used beyound the lifetime of the
+             * so the EVP_MD should not be used beyond the lifetime of the
              * EVP_MD_CTX.
              */
             ctx->fetched_digest = EVP_MD_fetch(locpctx->libctx, mdname, props);
diff --git a/crypto/ffc/ffc_params_generate.c b/crypto/ffc/ffc_params_generate.c
index f0601e1644..3431ac7ddd 100644
--- a/crypto/ffc/ffc_params_generate.c
+++ b/crypto/ffc/ffc_params_generate.c
@@ -435,7 +435,7 @@ static int generate_q_fips186_2(BN_CTX *ctx, BIGNUM *q, const EVP_MD *evpmd,
         }
         if (r != 0)
             goto err; /* Exit if error */
-        /* Try another iteration if it wasnt prime - was in old code.. */
+        /* Try another iteration if it wasn't prime - was in old code.. */
         generate_seed = 1;
     }
 err:
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index 449097b8b2..9588a75964 100644
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -1105,7 +1105,7 @@ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, void *label, int llen)
     if (ret <= 0)
         return ret;
 
-    /* Ownership is supposed to be transfered to the callee. */
+    /* Ownership is supposed to be transferred to the callee. */
     OPENSSL_free(label);
     return 1;
 }
diff --git a/crypto/x509/v3_ist.c b/crypto/x509/v3_ist.c
index 0de281f668..069ae0def4 100644
--- a/crypto/x509/v3_ist.c
+++ b/crypto/x509/v3_ist.c
@@ -17,7 +17,7 @@
 
 /*
  * Issuer Sign Tool (1.2.643.100.112) The name of the tool used to signs the subject (ASN1_SEQUENCE)
- * This extention is required to obtain the status of a qualified certificate at Russian Federation.
+ * This extension is required to obtain the status of a qualified certificate at Russian Federation.
  * RFC-style description is available here: https://tools.ietf.org/html/draft-deremin-rfc4491-bis-04#section-5
  * Russian Federal Law 63 "Digital Sign" is available here:  http://www.consultant.ru/document/cons_doc_LAW_112701/
  */
diff --git a/crypto/x509/v3_utf8.c b/crypto/x509/v3_utf8.c
index 1c4f79c4cd..ab158c2fa0 100644
--- a/crypto/x509/v3_utf8.c
+++ b/crypto/x509/v3_utf8.c
@@ -16,7 +16,7 @@
 
 /*
  * Subject Sign Tool (1.2.643.100.111) The name of the tool used to signs the subject (UTF8String)
- * This extention is required to obtain the status of a qualified certificate at Russian Federation.
+ * This extension is required to obtain the status of a qualified certificate at Russian Federation.
  * RFC-style description is available here: https://tools.ietf.org/html/draft-deremin-rfc4491-bis-04#section-5
  * Russian Federal Law 63 "Digital Sign" is available here:  http://www.consultant.ru/document/cons_doc_LAW_112701/
  */
diff --git a/crypto/x509/v3_utl.c b/crypto/x509/v3_utl.c
index 6e4ef26ed6..ba76253029 100644
--- a/crypto/x509/v3_utl.c
+++ b/crypto/x509/v3_utl.c
@@ -47,7 +47,7 @@ static int x509v3_add_len_value(const char *name, const char *value,
     if (name != NULL && (tname = OPENSSL_strdup(name)) == NULL)
         goto err;
     if (value != NULL) {
-        /* We don't allow embeded NUL characters */
+        /* We don't allow embedded NUL characters */
         if (memchr(value, 0, vallen) != NULL)
             goto err;
         tvalue = OPENSSL_strndup(value, vallen);
diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c
index bc90ddd89b..a2855340b8 100644
--- a/crypto/x509/x_pubkey.c
+++ b/crypto/x509/x_pubkey.c
@@ -170,7 +170,7 @@ static int x509_pubkey_ex_d2i_ex(ASN1_VALUE **pval,
 
     /*
      * Try to decode with legacy method first.  This ensures that engines
-     * aren't overriden by providers.
+     * aren't overridden by providers.
      */
     if ((ret = x509_pubkey_decode(&pubkey->pkey, pubkey)) == -1) {
         /* -1 indicates a fatal error, like malloc failure */