diff options
56 files changed, 82 insertions, 82 deletions
@@ -1822,7 +1822,7 @@ possible to have different stores per SSL structure or one store in the parent SSL_CTX. Include distinct stores for certificate chain verification and chain building. New ctrl SSL_CTRL_BUILD_CERT_CHAIN - to build and store a certificate chain in CERT structure: returing + to build and store a certificate chain in CERT structure: returning an error if the chain cannot be built: this will allow applications to test if a chain is correctly configured. @@ -2065,7 +2065,7 @@ 3. Check DSA/ECDSA signatures use DER. - Reencode DSA/ECDSA signatures and compare with the original received + Re-encode DSA/ECDSA signatures and compare with the original received signature. Return an error if there is a mismatch. This will reject various cases including garbage after signature @@ -2155,7 +2155,7 @@ *) Add additional DigestInfo checks. - Reencode DigestInto in DER and check against the original when + Re-encode DigestInto in DER and check against the original when verifying RSA signature: this will reject any improperly encoded DigestInfo structures. @@ -2211,7 +2211,7 @@ *) An attacker can force an error condition which causes openssl to crash whilst processing DTLS packets due to memory being freed twice. This can be exploited through a Denial of Service attack. - Thanks to Adam Langley and Wan-Teh Chang for discovering and researching + Thanks to Adam Langley and Wan-The Chang for discovering and researching this issue. (CVE-2014-3505) [Adam Langley] @@ -2752,7 +2752,7 @@ in CMS and PKCS7 code. When RSA decryption fails use a random key for content decryption and always return the same error. Note: this attack needs on average 2^20 messages so it only affects automated senders. The - old behaviour can be reenabled in the CMS code by setting the + old behaviour can be re-enabled in the CMS code by setting the CMS_DEBUG_DECRYPT flag: this is useful for debugging and testing where an MMA defence is not necessary. Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering @@ -3048,7 +3048,7 @@ as part of the CRL checking and indicate a new error "CRL path validation error" in this case. Applications wanting additional details can use the verify callback and check the new "parent" field. If this is not - NULL CRL path validation is taking place. Existing applications wont + NULL CRL path validation is taking place. Existing applications won't see this because it requires extended CRL support which is off by default. @@ -4061,9 +4061,9 @@ This work was sponsored by Logica. [Steve Henson] - *) Fix bug in X509_ATTRIBUTE creation: dont set attribute using + *) Fix bug in X509_ATTRIBUTE creation: don't set attribute using ASN1_TYPE_set1 if MBSTRING flag set. This bug would crash certain - attribute creation routines such as certifcate requests and PKCS#12 + attribute creation routines such as certificate requests and PKCS#12 files. [Steve Henson] @@ -4138,7 +4138,7 @@ [Ian Lister (tweaked by Geoff Thorpe)] *) Backport of CMS code to OpenSSL 0.9.8. This differs from the 0.9.9 - implemention in the following ways: + implementation in the following ways: Lack of EVP_PKEY_ASN1_METHOD means algorithm parameters have to be hard coded. @@ -4336,7 +4336,7 @@ implementation in BN_mod_exp_mont_consttime().) The old name remains as a deprecated alias. - Similary, RSA_FLAG_NO_EXP_CONSTTIME is replaced by a more general + Similarly, RSA_FLAG_NO_EXP_CONSTTIME is replaced by a more general RSA_FLAG_NO_CONSTTIME flag since the RSA implementation now uses constant-time implementations for more than just exponentiation. Here too the old name is kept as a deprecated alias. @@ -5040,7 +5040,7 @@ *) Key-generation can now be implemented in RSA_METHOD, DSA_METHOD and DH_METHOD (eg. by ENGINE implementations) to override the normal software implementations. For DSA and DH, parameter generation can - also be overriden by providing the appropriate method callbacks. + also be overridden by providing the appropriate method callbacks. [Geoff Thorpe] *) Change the "progress" mechanism used in key-generation and @@ -5123,7 +5123,7 @@ the "shared" options was given to ./Configure or ./config. Otherwise, they are inserted in libcrypto.a. /usr/local/ssl/engines is the default directory for dynamic - engines, but that can be overriden at configure time through + engines, but that can be overridden at configure time through the usual use of --prefix and/or --openssldir, and at run time with the environment variable OPENSSL_ENGINES. [Geoff Thorpe and Richard Levitte] @@ -5658,8 +5658,8 @@ [Steve Henson] *) Perform some character comparisons of different types in X509_NAME_cmp: - this is needed for some certificates that reencode DNs into UTF8Strings - (in violation of RFC3280) and can't or wont issue name rollover + this is needed for some certificates that re-encode DNs into UTF8Strings + (in violation of RFC3280) and can't or won't issue name rollover certificates. [Steve Henson] @@ -6717,7 +6717,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k const ASN1_ITEM *it = &ASN1_INTEGER_it; - wont compile. This is used by the any applications that need to + won't compile. This is used by the any applications that need to declare their own ASN1 modules. This was fixed by adding the option EXPORT_VAR_AS_FN to all Win32 platforms, although this isn't strictly needed for static libraries under Win32. @@ -7318,7 +7318,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k entropy, EGD style sockets (served by EGD or PRNGD) will automatically be queried. The locations /var/run/egd-pool, /dev/egd-pool, /etc/egd-pool, and - /etc/entropy will be queried once each in this sequence, quering stops + /etc/entropy will be queried once each in this sequence, querying stops when enough entropy was collected without querying more sockets. [Lutz Jaenicke] @@ -7346,7 +7346,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k information from an OCSP_CERTID structure (which will be created when the request structure is built). These are built from lower level functions which work on OCSP_SINGLERESP structures but - wont normally be used unless the application wishes to examine + won't normally be used unless the application wishes to examine extensions in the OCSP response for example. Replace nonce routines with a pair of functions. @@ -7422,7 +7422,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k *) New function X509V3_add1_i2d(). This automatically encodes and adds an extension. Its behaviour can be customised with various flags to append, replace or delete. Various wrappers added for - certifcates and CRLs. + certificates and CRLs. [Steve Henson] *) Fix to avoid calling the underlying ASN1 print routine when @@ -7967,7 +7967,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k [Nils Larsch <nla@trustcenter.de>] *) Fix BASE64 decode (EVP_DecodeUpdate) for data with CR/LF ended lines: - an end-of-file condition would erronously be flagged, when the CRLF + an end-of-file condition would erroneously be flagged, when the CRLF was just at the end of a processed block. The bug was discovered when processing data through a buffering memory BIO handing the data to a BASE64-decoding BIO. Bug fund and patch submitted by Pavel Tsekov @@ -8897,7 +8897,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k [Steve Henson] *) When a certificate request is read in keep a copy of the - original encoding of the signed data and use it when outputing + original encoding of the signed data and use it when outputting again. Signatures then use the original encoding rather than a decoded, encoded version which may cause problems if the request is improperly encoded. diff --git a/Configurations/README b/Configurations/README index 8451b44004..da64e8c79b 100644 --- a/Configurations/README +++ b/Configurations/README @@ -401,7 +401,7 @@ BEGINRAW and ENDRAW lines as follows: echo "/* haha */" > haha.h ENDRAW[Makefile(unix)] -The word withing square brackets is the build_file configuration item +The word within square brackets is the build_file configuration item or the build_file configuration item followed by the second word in the build_scheme configuration item for the configured target within parenthesis as shown above. For example, with the following relevant @@ -124,7 +124,7 @@ OPTIONS ts_options[] = { }; /* - * This comand is so complex, special help is needed. + * This command is so complex, special help is needed. */ static char* opt_helplist[] = { "Typical uses:", diff --git a/crypto/aes/asm/aes-ia64.S b/crypto/aes/asm/aes-ia64.S index ef44f7cc76..f7f1f63c9d 100644 --- a/crypto/aes/asm/aes-ia64.S +++ b/crypto/aes/asm/aes-ia64.S @@ -17,7 +17,7 @@ // 'and' which in turn can be assigned to M-port [there're double as // much M-ports as there're I-ports on Itanium 2]. By sacrificing few // registers for small constants (255, 24 and 16) to be used with -// 'shr' and 'and' instructions I can achieve better ILP, Intruction +// 'shr' and 'and' instructions I can achieve better ILP, Instruction // Level Parallelism, and performance. This code outperforms GCC 3.3 // generated code by over factor of 2 (two), GCC 3.4 - by 70% and // HP C - by 40%. Measured best-case scenario, i.e. aligned diff --git a/crypto/aes/asm/aes-ppc.pl b/crypto/aes/asm/aes-ppc.pl index d02dde5bc5..1558d8e454 100644 --- a/crypto/aes/asm/aes-ppc.pl +++ b/crypto/aes/asm/aes-ppc.pl @@ -26,7 +26,7 @@ # February 2010 # # Rescheduling instructions to favour Power6 pipeline gave 10% -# performance improvement on the platfrom in question (and marginal +# performance improvement on the platform in question (and marginal # improvement even on others). It should be noted that Power6 fails # to process byte in 18 cycles, only in 23, because it fails to issue # 4 load instructions in two cycles, only in 3. As result non-compact diff --git a/crypto/aes/asm/aesni-sha256-x86_64.pl b/crypto/aes/asm/aesni-sha256-x86_64.pl index e9ad24f7d7..a5fde2e4d1 100644 --- a/crypto/aes/asm/aesni-sha256-x86_64.pl +++ b/crypto/aes/asm/aesni-sha256-x86_64.pl @@ -35,7 +35,7 @@ # Skylake 2.62/3.14/3.62+7.70 8.10 +27%/34%/40% # Bulldozer 5.77/6.89/8.00+13.7 13.7 +42%/50%/58% # -# (*) there are XOP, AVX1 and AVX2 code pathes, meaning that +# (*) there are XOP, AVX1 and AVX2 code paths, meaning that # Westmere is omitted from loop, this is because gain was not # estimated high enough to justify the effort; # (**) these are EVP-free results, results obtained with 'speed diff --git a/crypto/aes/asm/aesni-x86_64.pl b/crypto/aes/asm/aesni-x86_64.pl index a03da20a5a..25dd120dd2 100644 --- a/crypto/aes/asm/aesni-x86_64.pl +++ b/crypto/aes/asm/aesni-x86_64.pl @@ -4239,7 +4239,7 @@ ___ # Vinodh Gopal <vinodh.gopal@intel.com> # Kahraman Akdemir # -# Agressively optimized in respect to aeskeygenassist's critical path +# Aggressively optimized in respect to aeskeygenassist's critical path # and is contained in %xmm0-5 to meet Win64 ABI requirement. # # int ${PREFIX}_set_encrypt_key(const unsigned char *inp, diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c index 3af1d1b801..679a50dce5 100644 --- a/crypto/asn1/tasn_dec.c +++ b/crypto/asn1/tasn_dec.c @@ -683,7 +683,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) { /* * Clear context cache for type OTHER because the auto clear when we - * have a exact match wont work + * have a exact match won't work */ if (utype == V_ASN1_OTHER) { asn1_tlc_clear(ctx); diff --git a/crypto/asn1/tasn_fre.c b/crypto/asn1/tasn_fre.c index d467b89c80..f730d110bf 100644 --- a/crypto/asn1/tasn_fre.c +++ b/crypto/asn1/tasn_fre.c @@ -99,7 +99,7 @@ static void asn1_item_embed_free(ASN1_VALUE **pval, const ASN1_ITEM *it, asn1_enc_free(pval, it); /* * If we free up as normal we will invalidate any ANY DEFINED BY - * field and we wont be able to determine the type of the field it + * field and we won't be able to determine the type of the field it * defines. So free up in reverse order. */ tt = it->templates + it->tcount; diff --git a/crypto/bio/b_sock2.c b/crypto/bio/b_sock2.c index 726b0629b3..7f4d89e551 100644 --- a/crypto/bio/b_sock2.c +++ b/crypto/bio/b_sock2.c @@ -69,7 +69,7 @@ int BIO_socket(int domain, int socktype, int protocol, int options) * * options holds BIO socket options that can be used * You should call this for every address returned by BIO_lookup - * until the connection is succesful. + * until the connection is successful. * * Returns 1 on success or 0 on failure. On failure errno is set * and an error status is added to the OpenSSL error stack. @@ -144,7 +144,7 @@ int BIO_connect(int sock, const BIO_ADDR *addr, int options) * fail. We can't tell the difference between already listening ourself to * it and someone else listening to it when failing and errno is EADDRINUSE, so * it's recommended to not give an error in that case if the first call was - * succesful. + * successful. * * When restarting the program it could be that the port is still in use. If * you set to BIO_SOCK_REUSEADDR option it will try to reuse the port anyway. diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c index a61ab7cc64..6dc075dc61 100644 --- a/crypto/bio/bss_mem.c +++ b/crypto/bio/bss_mem.c @@ -92,7 +92,7 @@ BIO *BIO_new_mem_buf(const void *buf, int len) b->max = sz; *bb->readp = *bb->buf; ret->flags |= BIO_FLAGS_MEM_RDONLY; - /* Since this is static data retrying wont help */ + /* Since this is static data retrying won't help */ ret->num = 0; return ret; } diff --git a/crypto/bn/asm/ia64.S b/crypto/bn/asm/ia64.S index 2fdf5bbabe..f2404a3c1e 100644 --- a/crypto/bn/asm/ia64.S +++ b/crypto/bn/asm/ia64.S @@ -29,7 +29,7 @@ // ports is the same, i.e. 2, while I need 4. In other words, to this // module Itanium2 remains effectively as "wide" as Itanium. Yet it's // essentially different in respect to this module, and a re-tune was -// required. Well, because some intruction latencies has changed. Most +// required. Well, because some instruction latencies has changed. Most // noticeably those intensively used: // // Itanium Itanium2 @@ -370,7 +370,7 @@ bn_mul_words: // The loop therefore spins at the latency of xma minus 1, or in other // words at 6*(n+4) ticks:-( Compare to the "production" loop above // that runs in 2*(n+11) where the low latency problem is worked around -// by moving the dependency to one-tick latent interger ALU. Note that +// by moving the dependency to one-tick latent integer ALU. Note that // "distance" between ldf8 and xma is not latency of ldf8, but the // *difference* between xma and ldf8 latencies. .L_bn_mul_words_ctop: @@ -432,7 +432,7 @@ bn_mul_add_words: // version was performing *all* additions in IALU and was starving // for those even on Itanium 2. In this version one addition is // moved to FPU and is folded with multiplication. This is at cost -// of propogating the result from previous call to this subroutine +// of propagating the result from previous call to this subroutine // to L2 cache... In other words negligible even for shorter keys. // *Overall* performance improvement [over previous version] varies // from 11 to 22 percent depending on key length. diff --git a/crypto/bn/asm/mips.pl b/crypto/bn/asm/mips.pl index e3a38bd140..420f01f3a4 100644 --- a/crypto/bn/asm/mips.pl +++ b/crypto/bn/asm/mips.pl @@ -22,7 +22,7 @@ # This is drop-in MIPS III/IV ISA replacement for crypto/bn/bn_asm.c. # # The module is designed to work with either of the "new" MIPS ABI(5), -# namely N32 or N64, offered by IRIX 6.x. It's not ment to work under +# namely N32 or N64, offered by IRIX 6.x. It's not meant to work under # IRIX 5.x not only because it doesn't support new ABIs but also # because 5.x kernels put R4x00 CPU into 32-bit mode and all those # 64-bit instructions (daddu, dmultu, etc.) found below gonna only diff --git a/crypto/bn/asm/ppc.pl b/crypto/bn/asm/ppc.pl index 346e01faf5..4ea534a1c7 100644 --- a/crypto/bn/asm/ppc.pl +++ b/crypto/bn/asm/ppc.pl @@ -425,7 +425,7 @@ $data=<<EOF; # r9,r10, r11 are the equivalents of c1,c2, c3. # # Possible optimization of loading all 8 longs of a into registers -# doesnt provide any speedup +# doesn't provide any speedup # xor r0,r0,r0 #set r0 = 0.Used in addze @@ -1015,7 +1015,7 @@ $data=<<EOF; $UMULL r8,r6,r7 $UMULH r9,r6,r7 addc r11,r11,r8 - addze r12,r9 # since we didnt set r12 to zero before. + addze r12,r9 # since we didn't set r12 to zero before. addze r10,r0 #mul_add_c(a[1],b[0],c2,c3,c1); $LD r6,`1*$BNSZ`(r4) diff --git a/crypto/bn/asm/sparcv8plus.S b/crypto/bn/asm/sparcv8plus.S index e77e67aa57..714a136675 100644 --- a/crypto/bn/asm/sparcv8plus.S +++ b/crypto/bn/asm/sparcv8plus.S @@ -52,7 +52,7 @@ * # cd ../.. * # make; make test * - * Q. V8plus achitecture? What kind of beast is that? + * Q. V8plus architecture? What kind of beast is that? * A. Well, it's rather a programming model than an architecture... * It's actually v9-compliant, i.e. *any* UltraSPARC, CPU under * special conditions, namely when kernel doesn't preserve upper diff --git a/crypto/bn/asm/sparcv9-mont.pl b/crypto/bn/asm/sparcv9-mont.pl index 771cd96141..c36ce36806 100644 --- a/crypto/bn/asm/sparcv9-mont.pl +++ b/crypto/bn/asm/sparcv9-mont.pl @@ -20,7 +20,7 @@ # for undertaken effort are multiple. First of all, UltraSPARC is not # the whole SPARCv9 universe and other VIS-free implementations deserve # optimized code as much. Secondly, newly introduced UltraSPARC T1, -# a.k.a. Niagara, has shared FPU and concurrent FPU-intensive pathes, +# a.k.a. Niagara, has shared FPU and concurrent FPU-intensive paths, # such as sparcv9a-mont, will simply sink it. Yes, T1 is equipped with # several integrated RSA/DSA accelerator circuits accessible through # kernel driver [only(*)], but having decent user-land software diff --git a/crypto/bn/asm/sparcv9a-mont.pl b/crypto/bn/asm/sparcv9a-mont.pl index 902c0d3ad2..50b690653f 100755 --- a/crypto/bn/asm/sparcv9a-mont.pl +++ b/crypto/bn/asm/sparcv9a-mont.pl @@ -58,7 +58,7 @@ # # Modulo-scheduled inner loops allow to interleave floating point and # integer instructions and minimize Read-After-Write penalties. This -# results in *further* 20-50% perfromance improvement [depending on +# results in *further* 20-50% performance improvement [depending on # key length, more for longer keys] on USI&II cores and 30-80% - on # USIII&IV. diff --git a/crypto/bn/asm/x86-mont.pl b/crypto/bn/asm/x86-mont.pl index 9994b0bf96..09296ec662 100755 --- a/crypto/bn/asm/x86-mont.pl +++ b/crypto/bn/asm/x86-mont.pl @@ -294,7 +294,7 @@ if (0) { &xor ("eax","eax"); # signal "not fast enough [yet]" &jmp (&label("just_leave")); # While the below code provides competitive performance for - # all key lengthes on modern Intel cores, it's still more + # all key lengths on modern Intel cores, it's still more # than 10% slower for 4096-bit key elsewhere:-( "Competitive" # means compared to the original integer-only assembler. # 512-bit RSA sign is better by ~40%, but that's about all diff --git a/crypto/chacha/asm/chacha-armv4.pl b/crypto/chacha/asm/chacha-armv4.pl index 5b3e7be781..b5e21e4938 100755 --- a/crypto/chacha/asm/chacha-armv4.pl +++ b/crypto/chacha/asm/chacha-armv4.pl @@ -1134,7 +1134,7 @@ $code.=<<___; ldrb @t[1],[r12],#1 @ read input subs @t[3],@t[3],#1 eor @t[0],@t[0],@t[1] - strb @t[0],[r14],#1 @ store ouput + strb @t[0],[r14],#1 @ store output bne .Loop_tail_neon .Ldone_neon: diff --git a/crypto/ec/asm/ecp_nistz256-armv4.pl b/crypto/ec/asm/ecp_nistz256-armv4.pl index 62761f8c96..73b7a55806 100755 --- a/crypto/ec/asm/ecp_nistz256-armv4.pl +++ b/crypto/ec/asm/ecp_nistz256-armv4.pl @@ -374,7 +374,7 @@ __ecp_nistz256_div_by_2: mov $ff,$a0,lsl#31 @ place least significant bit to most @ significant position, now arithmetic @ right shift by 31 will produce -1 or - @ 0, while logical rigth shift 1 or 0, + @ 0, while logical right shift 1 or 0, @ this is how modulus is conditionally |