[openssl-commits] [openssl] master update

Rich Salz rsalz at openssl.org
Fri Feb 5 20:26:04 UTC 2016


The branch master has been updated
       via  0d4fb8439092ff8253af72ac6bc193e77ebbcf2f (commit)
      from  2b52de9a37422058bdd9f292e507cbd4f577d52e (commit)


- Log -----------------------------------------------------------------
commit 0d4fb8439092ff8253af72ac6bc193e77ebbcf2f
Author: FdaSilvaYY <fdasilvayy at gmail.com>
Date:   Fri Feb 5 15:23:54 2016 -0500

    GH601: Various spelling fixes.
    
    Signed-off-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 CHANGES                               | 12 ++++++------
 Netware/set_env.bat                   |  6 +++---
 apps/dgst.c                           |  2 +-
 apps/s_cb.c                           |  2 +-
 crypto/aes/asm/aes-armv4.pl           |  2 +-
 crypto/aes/asm/aes-c64xplus.pl        |  2 +-
 crypto/asn1/a_int.c                   |  2 +-
 crypto/asn1/asn_mime.c                |  2 +-
 crypto/asn1/asn_mstbl.c               |  2 +-
 crypto/asn1/tasn_dec.c                |  2 +-
 crypto/bio/b_sock.c                   |  2 +-
 crypto/bio/bss_dgram.c                |  2 +-
 crypto/bio/bss_file.c                 |  4 ++--
 crypto/bn/asm/ia64.S                  |  2 +-
 crypto/bn/asm/parisc-mont.pl          |  2 +-
 crypto/bn/asm/rsaz-x86_64.pl          |  4 ++--
 crypto/bn/bn_gcd.c                    |  2 +-
 crypto/bn/bn_kron.c                   |  2 +-
 crypto/bn/bn_lib.c                    |  2 +-
 crypto/bn/bn_mul.c                    |  2 +-
 crypto/bn/bn_nist.c                   |  2 +-
 crypto/bn/bn_x931p.c                  |  2 +-
 crypto/cmac/cmac.c                    |  6 +++---
 crypto/cms/cms_kari.c                 |  2 +-
 crypto/cms/cms_lib.c                  |  2 +-
 crypto/cms/cms_sd.c                   |  6 +++---
 crypto/comp/c_zlib.c                  |  2 +-
 crypto/des/ofb_enc.c                  |  2 +-
 crypto/dh/dh_ameth.c                  |  4 ++--
 crypto/dh/dh_asn1.c                   |  2 +-
 crypto/dh/dh_key.c                    |  2 +-
 crypto/dsa/dsa_gen.c                  |  2 +-
 crypto/ebcdic.c                       |  2 +-
 crypto/ec/asm/ecp_nistz256-avx2.pl    |  4 ++--
 crypto/ec/ec_ameth.c                  |  4 ++--
 crypto/ec/ec_asn1.c                   |  4 ++--
 crypto/ec/ec_curve.c                  |  2 +-
 crypto/ec/ec_mult.c                   |  2 +-
 crypto/ec/ecp_nistp256.c              |  2 +-
 crypto/ec/ecp_nistp521.c              |  4 ++--
 crypto/engine/eng_cryptodev.c         | 12 ++++++------
 crypto/engine/eng_ctrl.c              |  2 +-
 crypto/engine/eng_dyn.c               |  2 +-
 crypto/engine/eng_list.c              |  4 ++--
 crypto/engine/eng_table.c             |  2 +-
 crypto/evp/digest.c                   |  2 +-
 crypto/evp/e_aes.c                    |  2 +-
 crypto/evp/evp_enc.c                  |  4 ++--
 crypto/evp/pmeth_lib.c                |  2 +-
 crypto/ex_data.c                      |  4 ++--
 crypto/modes/cfb128.c                 |  2 +-
 crypto/modes/ctr128.c                 |  4 ++--
 crypto/o_time.c                       |  4 ++--
 crypto/objects/o_names.c              |  2 +-
 crypto/ocsp/ocsp_cl.c                 |  6 +++---
 crypto/ocsp/ocsp_ext.c                |  4 ++--
 crypto/ocsp/ocsp_lcl.h                |  2 +-
 crypto/ocsp/ocsp_lib.c                |  2 +-
 crypto/ocsp/ocsp_prn.c                |  2 +-
 crypto/ocsp/ocsp_vfy.c                |  2 +-
 crypto/perlasm/x86_64-xlate.pl        |  4 ++--
 crypto/pkcs12/p12_kiss.c              |  2 +-
 crypto/rand/md_rand.c                 |  2 +-
 crypto/rand/rand_win.c                |  2 +-
 crypto/rsa/rsa_ameth.c                |  2 +-
 crypto/rsa/rsa_ossl.c                 |  2 +-
 crypto/sha/asm/sha1-mb-x86_64.pl      |  8 ++++----
 crypto/sha/asm/sha1-mips.pl           |  2 +-
 crypto/sha/asm/sha256-mb-x86_64.pl    |  8 ++++----
 crypto/sha/sha256.c                   |  2 +-
 crypto/sha/sha_locl.h                 |  2 +-
 crypto/srp/srp_lib.c                  |  2 +-
 crypto/ui/ui_lib.c                    |  4 ++--
 crypto/whrlpool/wp_block.c            |  2 +-
 crypto/whrlpool/wp_dgst.c             |  2 +-
 crypto/x509/x509_cmp.c                |  2 +-
 crypto/x509/x509_vfy.c                |  4 ++--
 crypto/x509/x509name.c                |  2 +-
 crypto/x509/x_name.c                  |  2 +-
 crypto/x509v3/v3_addr.c               |  6 +++---
 crypto/x509v3/v3_asid.c               |  4 ++--
 crypto/x509v3/v3_ncons.c              |  4 ++--
 demos/x509/README                     |  2 +-
 doc/apps/x509.pod                     |  2 +-
 doc/crypto/ASN1_INTEGER_get_int64.pod |  4 ++--
 doc/crypto/ASYNC_start_job.pod        |  6 +++---
 doc/crypto/EC_GROUP_copy.pod          |  4 ++--
 doc/crypto/OCSP_cert_to_id.pod        |  2 +-
 doc/crypto/X509V3_get_d2i.pod         |  2 +-
 doc/openssl-c-indent.el               |  2 +-
 doc/ssl/SSL_CTX_set1_sigalgs.pod      |  4 ++--
 include/openssl/dso.h                 |  2 +-
 include/openssl/e_os2.h               |  4 ++--
 include/openssl/ocsp.h                |  2 +-
 include/openssl/ui.h                  |  2 +-
 ssl/statem/statem.c                   |  4 ++--
 96 files changed, 147 insertions(+), 147 deletions(-)

diff --git a/CHANGES b/CHANGES
index b2e5a71..9060abe 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2750,7 +2750,7 @@
 
   *) New option -sigopt to dgst utility. Update dgst to use
      EVP_Digest{Sign,Verify}*. These two changes make it possible to use
-     alternative signing paramaters such as X9.31 or PSS in the dgst 
+     alternative signing parameters such as X9.31 or PSS in the dgst 
      utility.
      [Steve Henson]
 
@@ -3957,7 +3957,7 @@
      unofficial, and the ID has long expired.
      [Bodo Moeller]
 
-  *) Fix RSA blinding Heisenbug (problems sometimes occured on
+  *) Fix RSA blinding Heisenbug (problems sometimes occurred on
      dual-core machines) and other potential thread-safety issues.
      [Bodo Moeller]
 
@@ -4972,7 +4972,7 @@
      unofficial, and the ID has long expired.
      [Bodo Moeller]
 
-  *) Fix RSA blinding Heisenbug (problems sometimes occured on
+  *) Fix RSA blinding Heisenbug (problems sometimes occurred on
      dual-core machines) and other potential thread-safety issues.
      [Bodo Moeller]
 
@@ -5077,7 +5077,7 @@
 
   *) Added support for proxy certificates according to RFC 3820.
      Because they may be a security thread to unaware applications,
-     they must be explicitely allowed in run-time.  See
+     they must be explicitly allowed in run-time.  See
      docs/HOWTO/proxy_certificates.txt for further information.
      [Richard Levitte]
 
@@ -7654,7 +7654,7 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
 
   *) Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't
      reveal whether illegal block cipher padding was found or a MAC
-     verification error occured.  (Neither SSLerr() codes nor alerts
+     verification error occurred.  (Neither SSLerr() codes nor alerts
      are directly visible to potential attackers, but the information
      may leak via logfiles.)
 
@@ -10061,7 +10061,7 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
   *) Bugfix: ssl23_get_client_hello did not work properly when called in
      state SSL23_ST_SR_CLNT_HELLO_B, i.e. when the first 7 bytes of
      a SSLv2-compatible client hello for SSLv3 or TLSv1 could be read,
-     but a retry condition occured while trying to read the rest.
+     but a retry condition occurred while trying to read the rest.
      [Bodo Moeller]
 
   *) The PKCS7_ENC_CONTENT_new() function was setting the content type as
diff --git a/Netware/set_env.bat b/Netware/set_env.bat
index ace024e..f063cc9 100644
--- a/Netware/set_env.bat
+++ b/Netware/set_env.bat
@@ -1,7 +1,7 @@
 @echo off
 
 rem ========================================================================
-rem   Batch file to assist in setting up the necessary enviroment for
+rem   Batch file to assist in setting up the necessary environment for
 rem   building OpenSSL for NetWare.
 rem
 rem   usage:
@@ -84,10 +84,10 @@ echo using GNU GCC Compiler
 :info
 echo.
 
-if "%LIBC_BUILD%" == "Y" echo Enviroment configured for LibC build
+if "%LIBC_BUILD%" == "Y" echo Environment configured for LibC build
 if "%LIBC_BUILD%" == "Y" echo use "netware\build.bat netware-libc ..." 
 
-if "%CLIB_BUILD%" == "Y" echo Enviroment configured for CLib build
+if "%CLIB_BUILD%" == "Y" echo Environment configured for CLib build
 if "%CLIB_BUILD%" == "Y" echo use "netware\build.bat netware-clib ..." 
 
 goto end
diff --git a/apps/dgst.c b/apps/dgst.c
index 09396e6..5d25c58 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -107,7 +107,7 @@ OPTIONS dgst_options[] = {
     {"debug", OPT_DEBUG, '-'},
     {"fips-fingerprint", OPT_FIPS_FINGERPRINT, '-'},
     {"hmac", OPT_HMAC, 's', "Create hashed MAC with key"},
-    {"mac", OPT_MAC, 's', "Create MAC (not neccessarily HMAC)"},
+    {"mac", OPT_MAC, 's', "Create MAC (not necessarily HMAC)"},
     {"sigopt", OPT_SIGOPT, 's', "Signature parameter in n:v form"},
     {"macopt", OPT_MACOPT, 's', "MAC algorithm parameters in n:v form or key"},
     {"", OPT_DIGEST, '-', "Any supported digest"},
diff --git a/apps/s_cb.c b/apps/s_cb.c
index b8e1ccc..096471a8 100644
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -831,7 +831,7 @@ static STRINT_PAIR chain_flags[] = {
     {"CA signature", CERT_PKEY_CA_SIGNATURE},
     {"EE key parameters", CERT_PKEY_EE_PARAM},
     {"CA key parameters", CERT_PKEY_CA_PARAM},
-    {"Explicity sign with EE key", CERT_PKEY_EXPLICIT_SIGN},
+    {"Explicitly sign with EE key", CERT_PKEY_EXPLICIT_SIGN},
     {"Issuer Name", CERT_PKEY_ISSUER_NAME},
     {"Certificate Type", CERT_PKEY_CERT_TYPE},
     {NULL}
diff --git a/crypto/aes/asm/aes-armv4.pl b/crypto/aes/asm/aes-armv4.pl
index fbe4597..f72d027 100644
--- a/crypto/aes/asm/aes-armv4.pl
+++ b/crypto/aes/asm/aes-armv4.pl
@@ -767,7 +767,7 @@ _armv4_AES_set_enc2dec_key:
 	ldr	$rounds,[r0,#240]
 	mov	$i1,r0			@ input
 	add	$i2,r0,$rounds,lsl#4
-	mov	$key,r1			@ ouput
+	mov	$key,r1			@ output
 	add	$tbl,r1,$rounds,lsl#4
 	str	$rounds,[r1,#240]
 
diff --git a/crypto/aes/asm/aes-c64xplus.pl b/crypto/aes/asm/aes-c64xplus.pl
index 5bbc2ac..54426f7 100644
--- a/crypto/aes/asm/aes-c64xplus.pl
+++ b/crypto/aes/asm/aes-c64xplus.pl
@@ -566,7 +566,7 @@ __set_encrypt_key:
 	NOP
 
 	BNOP	RA,5
-||	MVK	-2,RET				; unknown bit lenght
+||	MVK	-2,RET				; unknown bit length
 ||	MVK	0,B0				; redundant
 ;;====================================================================
 ;;====================================================================
diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c
index af52beb..ec623f7 100644
--- a/crypto/asn1/a_int.c
+++ b/crypto/asn1/a_int.c
@@ -186,7 +186,7 @@ static size_t i2c_ibuf(const unsigned char *b, size_t blen, int neg,
 
 /*
  * convert content octets into a big endian buffer. Returns the length
- * of buffer or 0 on error: for malformed INTEGER. If output bufer is
+ * of buffer or 0 on error: for malformed INTEGER. If output buffer is
  * NULL just return length.
  */
 
diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c
index 0fb5126..6ac9b2c 100644
--- a/crypto/asn1/asn_mime.c
+++ b/crypto/asn1/asn_mime.c
@@ -364,7 +364,7 @@ static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
     int rv = 1;
 
     /*
-     * If data is not deteched or resigning then the output BIO is already
+     * If data is not detached or resigning then the output BIO is already
      * set up to finalise when it is written through.
      */
     if (!(flags & SMIME_DETACHED) || (flags & PKCS7_REUSE_DIGEST)) {
diff --git a/crypto/asn1/asn_mstbl.c b/crypto/asn1/asn_mstbl.c
index ad1c4cf..f90b442 100644
--- a/crypto/asn1/asn_mstbl.c
+++ b/crypto/asn1/asn_mstbl.c
@@ -59,7 +59,7 @@
 #include <openssl/conf.h>
 #include <openssl/x509v3.h>
 
-/* Multi string module: add table enstries from a given section */
+/* Multi string module: add table entries from a given section */
 
 static int do_tcreate(char *value, char *name);
 
diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c
index 67dddcf..b025e58 100644
--- a/crypto/asn1/tasn_dec.c
+++ b/crypto/asn1/tasn_dec.c
@@ -984,7 +984,7 @@ static int asn1_find_end(const unsigned char **in, long len, char inf)
 }
 
 /*
- * This function collects the asn1 data from a constructred string type into
+ * This function collects the asn1 data from a constructed string type into
  * a buffer. The values of 'in' and 'len' should refer to the contents of the
  * constructed type and 'inf' should be set if it is indefinite length.
  */
diff --git a/crypto/bio/b_sock.c b/crypto/bio/b_sock.c
index fab5b09..567ee48 100644
--- a/crypto/bio/b_sock.c
+++ b/crypto/bio/b_sock.c
@@ -195,7 +195,7 @@ int BIO_sock_init(void)
         memset(&wsa_state, 0, sizeof(wsa_state));
         /*
          * Not making wsa_state available to the rest of the code is formally
-         * wrong. But the structures we use are [beleived to be] invariable
+         * wrong. But the structures we use are [believed to be] invariable
          * among Winsock DLLs, while API availability is [expected to be]
          * probed at run-time with DSO_global_lookup.
          */
diff --git a/crypto/bio/bss_dgram.c b/crypto/bio/bss_dgram.c
index a3d8a0c..0887293 100644
--- a/crypto/bio/bss_dgram.c
+++ b/crypto/bio/bss_dgram.c
@@ -299,7 +299,7 @@ static void dgram_adjust_rcv_timeout(BIO *b)
         }
 
         /*
-         * Adjust socket timeout if next handhake message timer will expire
+         * Adjust socket timeout if next handshake message timer will expire
          * earlier.
          */
         if ((data->socket_timeout.tv_sec == 0
diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c
index 334eca0..2689a28 100644
--- a/crypto/bio/bss_file.c
+++ b/crypto/bio/bss_file.c
@@ -196,8 +196,8 @@ BIO *BIO_new_fp(FILE *stream, int close_flag)
     if ((ret = BIO_new(BIO_s_file())) == NULL)
         return (NULL);
 
-    BIO_set_flags(ret, BIO_FLAGS_UPLINK); /* redundant, left for
-                                           * documentation puposes */
+    /* redundant flag, left for documentation purposes */
+    BIO_set_flags(ret, BIO_FLAGS_UPLINK);
     BIO_set_fp(ret, stream, close_flag);
     return (ret);
 }
diff --git a/crypto/bn/asm/ia64.S b/crypto/bn/asm/ia64.S
index a9a42ab..9e090ab 100644
--- a/crypto/bn/asm/ia64.S
+++ b/crypto/bn/asm/ia64.S
@@ -495,7 +495,7 @@ bn_sqr_words:
 // scalability. The decision will very likely be reconsidered after the
 // benchmark program is profiled. I.e. if perfomance gain on Itanium
 // will appear larger than loss on "wider" IA-64, then the loop should
-// be explicitely split and the epilogue compressed.
+// be explicitly split and the epilogue compressed.
 .L_bn_sqr_words_ctop:
 { .mfi;	(p16)	ldf8		f32=[r33],8
 	(p25)	xmpy.lu		f42=f41,f41
diff --git a/crypto/bn/asm/parisc-mont.pl b/crypto/bn/asm/parisc-mont.pl
index c02ef6f..aa6c797 100644
--- a/crypto/bn/asm/parisc-mont.pl
+++ b/crypto/bn/asm/parisc-mont.pl
@@ -126,7 +126,7 @@ $fp="%r3";
 $hi1="%r2";
 $hi0="%r1";
 
-$xfer=$n0;	# accomodates [-16..15] offset in fld[dw]s
+$xfer=$n0;	# accommodates [-16..15] offset in fld[dw]s
 
 $fm0="%fr4";	$fti=$fm0;
 $fbi="%fr5L";
diff --git a/crypto/bn/asm/rsaz-x86_64.pl b/crypto/bn/asm/rsaz-x86_64.pl
index 091cdc2..bac6aee 100755
--- a/crypto/bn/asm/rsaz-x86_64.pl
+++ b/crypto/bn/asm/rsaz-x86_64.pl
@@ -1671,7 +1671,7 @@ ___
 {	# __rsaz_512_mul
 	#
 	# input: %rsi - ap, %rbp - bp
-	# ouput:
+	# output:
 	# clobbers: everything
 my ($ap,$bp) = ("%rsi","%rbp");
 $code.=<<___;
@@ -1823,7 +1823,7 @@ if ($addx) {
 	# __rsaz_512_mulx
 	#
 	# input: %rsi - ap, %rbp - bp
-	# ouput:
+	# output:
 	# clobbers: everything
 my ($ap,$bp,$zero) = ("%rsi","%rbp","%rdi");
 $code.=<<___;
diff --git a/crypto/bn/bn_gcd.c b/crypto/bn/bn_gcd.c
index b6dd09e..a6e909d 100644
--- a/crypto/bn/bn_gcd.c
+++ b/crypto/bn/bn_gcd.c
@@ -294,7 +294,7 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
         /*
          * Binary inversion algorithm; requires odd modulus. This is faster
          * than the general algorithm if the modulus is sufficiently small
-         * (about 400 .. 500 bits on 32-bit sytems, but much more on 64-bit
+         * (about 400 .. 500 bits on 32-bit systems, but much more on 64-bit
          * systems)
          */
         int shift;
diff --git a/crypto/bn/bn_kron.c b/crypto/bn/bn_kron.c
index 20a64a7..4477bec 100644
--- a/crypto/bn/bn_kron.c
+++ b/crypto/bn/bn_kron.c
@@ -91,7 +91,7 @@ int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
         goto end;
 
     /*
-     * Kronecker symbol, imlemented according to Henri Cohen,
+     * Kronecker symbol, implemented according to Henri Cohen,
      * "A Course in Computational Algebraic Number Theory"
      * (algorithm 1.4.10).
      */
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index dd07d19..09d3954 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -330,7 +330,7 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
              * The fact that the loop is unrolled
              * 4-wise is a tribute to Intel. It's
              * the one that doesn't have enough
-             * registers to accomodate more data.
+             * registers to accommodate more data.
              * I'd unroll it 8-wise otherwise:-)
              *
              *              <appro at fy.chalmers.se>
diff --git a/crypto/bn/bn_mul.c b/crypto/bn/bn_mul.c
index f30855a..7d4cd31 100644
--- a/crypto/bn/bn_mul.c
+++ b/crypto/bn/bn_mul.c
@@ -69,7 +69,7 @@
  * Here follows specialised variants of bn_add_words() and bn_sub_words().
  * They have the property performing operations on arrays of different sizes.
  * The sizes of those arrays is expressed through cl, which is the common
- * length ( basicall, min(len(a),len(b)) ), and dl, which is the delta
+ * length ( basically, min(len(a),len(b)) ), and dl, which is the delta
  * between the two lengths, calculated as len(a)-len(b). All lengths are the
  * number of BN_ULONGs...  For the operations that require a result array as
  * parameter, it must have the length cl+abs(dl). These functions should
diff --git a/crypto/bn/bn_nist.c b/crypto/bn/bn_nist.c
index db8f687..35d0eef 100644
--- a/crypto/bn/bn_nist.c
+++ b/crypto/bn/bn_nist.c
@@ -644,7 +644,7 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 #endif
     } else if (carry < 0) {
         /*
-         * it's a bit more comlicated logic in this case. if bn_add_words
+         * it's a bit more complicated logic in this case. if bn_add_words
          * yields no carry, then result has to be adjusted by unconditionally
          * *adding* the modulus. but if it does, then result has to be
          * compared to the modulus and conditionally adjusted by
diff --git a/crypto/bn/bn_x931p.c b/crypto/bn/bn_x931p.c
index 3c8f34a..3c74fd5 100644
--- a/crypto/bn/bn_x931p.c
+++ b/crypto/bn/bn_x931p.c
@@ -78,7 +78,7 @@ static int bn_x931_derive_pi(BIGNUM *pi, const BIGNUM *Xpi, BN_CTX *ctx,
     for (;;) {
         i++;
         BN_GENCB_call(cb, 0, i);
-        /* NB 27 MR is specificed in X9.31 */
+        /* NB 27 MR is specified in X9.31 */
         if (BN_is_prime_fasttest_ex(pi, 27, ctx, 1, cb))
             break;
         if (!BN_add_word(pi, 2))
diff --git a/crypto/cmac/cmac.c b/crypto/cmac/cmac.c
index 77f4ccb..cb30e6d 100644
--- a/crypto/cmac/cmac.c
+++ b/crypto/cmac/cmac.c
@@ -156,7 +156,7 @@ int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
         ctx->nlast_block = 0;
         return 1;
     }
-    /* Initialiase context */
+    /* Initialise context */
     if (cipher && !EVP_EncryptInit_ex(ctx->cctx, cipher, impl, NULL, NULL))
         return 0;
     /* Non-NULL key means initialisation complete */
@@ -257,9 +257,9 @@ int CMAC_resume(CMAC_CTX *ctx)
     if (ctx->nlast_block == -1)
         return 0;
     /*
-     * The buffer "tbl" containes the last fully encrypted block which is the
+     * The buffer "tbl" contains the last fully encrypted block which is the
      * last IV (or all zeroes if no last encrypted block). The last block has
-     * not been modified since CMAC_final(). So reinitliasing using the last
+     * not been modified since CMAC_final(). So reinitialising using the last
      * decrypted block will allow CMAC to continue after calling
      * CMAC_Final().
      */
diff --git a/crypto/cms/cms_kari.c b/crypto/cms/cms_kari.c
index e7ebf6c..79634ad 100644
--- a/crypto/cms/cms_kari.c
+++ b/crypto/cms/cms_kari.c
@@ -422,7 +422,7 @@ int cms_RecipientInfo_kari_encrypt(CMS_ContentInfo *cms,
     if (!cms_wrap_init(kari, ec->cipher))
         return 0;
     /*
-     * If no orignator key set up initialise for ephemeral key the public key
+     * If no originator key set up initialise for ephemeral key the public key
      * ASN1 structure will set the actual public key value.
      */
     if (kari->originator->type == -1) {
diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c
index 42ae38f..a0a1adb 100644
--- a/crypto/cms/cms_lib.c
+++ b/crypto/cms/cms_lib.c
@@ -153,7 +153,7 @@ int CMS_dataFinal(CMS_ContentInfo *cms, BIO *cmsbio)
     ASN1_OCTET_STRING **pos = CMS_get0_content(cms);
     if (!pos)
         return 0;
-    /* If ebmedded content find memory BIO and set content */
+    /* If embedded content find memory BIO and set content */
     if (*pos && ((*pos)->flags & ASN1_STRING_FLAG_CONT)) {
         BIO *mbio;
         unsigned char *cont;
diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c
index 288db48..2757aa9 100644
--- a/crypto/cms/cms_sd.c
+++ b/crypto/cms/cms_sd.c
@@ -92,7 +92,7 @@ static CMS_SignedData *cms_signed_data_init(CMS_ContentInfo *cms)
     return cms_get0_signed(cms);
 }
 
-/* Just initialize SignedData e.g. for certs only structure */
+/* Just initialise SignedData e.g. for certs only structure */
 
 int CMS_SignedData_init(CMS_ContentInfo *cms)
 {
@@ -351,7 +351,7 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
         goto err;
     if (!(flags & CMS_NOATTR)) {
         /*
-         * Initialialize signed attributes strutucture so other attributes
+         * Initialize signed attributes structure so other attributes
          * such as signing time etc are added later even if we add none here.
          */
         if (!si->signedAttrs) {
@@ -593,7 +593,7 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
 
     if (!cms_DigestAlgorithm_find_ctx(mctx, chain, si->digestAlgorithm))
         goto err;
-    /* Set SignerInfo algortihm details if we used custom parametsr */
+    /* Set SignerInfo algorithm details if we used custom parameter */
     if (si->pctx && !cms_sd_asn1_ctrl(si, 0))
         goto err;
 
diff --git a/crypto/comp/c_zlib.c b/crypto/comp/c_zlib.c
index 6307daf..a2a811d 100644
--- a/crypto/comp/c_zlib.c
+++ b/crypto/comp/c_zlib.c
@@ -86,7 +86,7 @@ static int zlib_stateful_expand_block(COMP_CTX *ctx, unsigned char *out,
                                       unsigned int olen, unsigned char *in,
                                       unsigned int ilen);
 
-/* memory allocations functions for zlib intialization */
+/* memory allocations functions for zlib initialisation */
 static void *zlib_zalloc(void *opaque, unsigned int no, unsigned int size)
 {
     void *p;
diff --git a/crypto/des/ofb_enc.c b/crypto/des/ofb_enc.c
index a988630..c37709b 100644
--- a/crypto/des/ofb_enc.c
+++ b/crypto/des/ofb_enc.c
@@ -59,7 +59,7 @@
 
 /*
  * The input and output are loaded in multiples of 8 bits. What this means is
- * that if you hame numbits=12 and length=2 the first 12 bits will be
+ * that if you have numbits=12 and length=2 the first 12 bits will be
  * retrieved from the first byte and half the second.  The second 12 bits
  * will come from the 3rd and half the 4th byte.
  */
diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c
index f021b39..fbb0613 100644
--- a/crypto/dh/dh_ameth.c
+++ b/crypto/dh/dh_ameth.c
@@ -195,7 +195,7 @@ static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
 /*
  * PKCS#8 DH is defined in PKCS#11 of all places. It is similar to DH in that
  * the AlgorithmIdentifier contains the parameters, the private key is
- * explcitly included and the pubkey must be recalculated.
+ * explicitly included and the pubkey must be recalculated.
  */
 
 static int dh_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
@@ -861,7 +861,7 @@ static int dh_cms_encrypt(CMS_RecipientInfo *ri)
                         V_ASN1_UNDEF, NULL);
     }
 
-    /* See if custom paraneters set */
+    /* See if custom parameters set */
     kdf_type = EVP_PKEY_CTX_get_dh_kdf_type(pctx);
     if (kdf_type <= 0)
         goto err;
diff --git a/crypto/dh/dh_asn1.c b/crypto/dh/dh_asn1.c
index 2a6411a..d8ac810 100644
--- a/crypto/dh/dh_asn1.c
+++ b/crypto/dh/dh_asn1.c
@@ -125,7 +125,7 @@ int i2d_int_dhx(const int_dhx942_dh *a, unsigned char **pp);
 
 IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(int_dhx942_dh, DHxparams, int_dhx)
 
-/* Application leve function: read in X9.42 DH parameters into DH structure */
+/* Application public function: read in X9.42 DH parameters into DH structure */
 
 DH *d2i_DHxparams(DH **a, const unsigned char **pp, long length)
 {
diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
index fcb851c..5ee38e3 100644
--- a/crypto/dh/dh_key.c
+++ b/crypto/dh/dh_key.c
@@ -257,7 +257,7 @@ static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
 {
     /*
      * If a is only one word long and constant time is false, use the faster
-     * exponenentiation function.
+     * exponentiation function.
      */
     if (bn_get_top(a) == 1 && ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) != 0)) {
         BN_ULONG A = bn_get_words(a)[0];
diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c
index b3fb27f..c36aa15 100644
--- a/crypto/dsa/dsa_gen.c
+++ b/crypto/dsa/dsa_gen.c
@@ -375,7 +375,7 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
     }
 
     mdsize = EVP_MD_size(evpmd);
-    /* If unverificable g generation only don't need seed */
+    /* If unverifiable g generation only don't need seed */
     if (!ret->p || !ret->q || idx >= 0) {
         if (seed_len == 0)
             seed_len = mdsize;
diff --git a/crypto/ebcdic.c b/crypto/ebcdic.c
index c16c0f8..0f1255a 100644
--- a/crypto/ebcdic.c
+++ b/crypto/ebcdic.c
@@ -172,7 +172,7 @@ const unsigned char os_toebcdic[256] = {
  * systems. It is a modified version of the BS2000 table.
  *
  * Bijective EBCDIC (character set IBM-1047) to US-ASCII table: This table is
- * bijective - there are no ambigous or duplicate characters.
+ * bijective - there are no ambiguous or duplicate characters.
  */
 const unsigned char os_toascii[256] = {
     0x00, 0x01, 0x02, 0x03, 0x85, 0x09, 0x86, 0x7f, /* 00-0f: */
diff --git a/crypto/ec/asm/ecp_nistz256-avx2.pl b/crypto/ec/asm/ecp_nistz256-avx2.pl
index 9dc5cc6..43f3c1d 100755
--- a/crypto/ec/asm/ecp_nistz256-avx2.pl
+++ b/crypto/ec/asm/ecp_nistz256-avx2.pl
@@ -149,7 +149,7 @@ $code.=<<___;
 ___
 
 {
-# This function recieves a pointer to an array of four affine points
+# This function receives a pointer to an array of four affine points
 # (X, Y, <1>) and rearanges the data for AVX2 execution, while
 # converting it to 2^29 radix redundant form
 
@@ -301,7 +301,7 @@ ___
 }
 {
 ################################################################################
-# This function recieves a pointer to an array of four AVX2 formatted points
+# This function receives a pointer to an array of four AVX2 formatted points
 # (X, Y, Z) convert the data to normal representation, and rearanges the data
 
 my ($D0,$D1,$D2,$D3, $D4,$D5,$D6,$D7, $D8)=map("%ymm$_",(0..8));
diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c
index 9420875..310bfad 100644
--- a/crypto/ec/ec_ameth.c
+++ b/crypto/ec/ec_ameth.c
@@ -819,7 +819,7 @@ static int ecdh_cms_encrypt(CMS_RecipientInfo *ri)
                         V_ASN1_UNDEF, NULL);
     }
 
-    /* See if custom paraneters set */
+    /* See if custom parameters set */
     kdf_type = EVP_PKEY_CTX_get_ecdh_kdf_type(pctx);
     if (kdf_type <= 0)
         goto err;
@@ -838,7 +838,7 @@ static int ecdh_cms_encrypt(CMS_RecipientInfo *ri)
         if (EVP_PKEY_CTX_set_ecdh_kdf_type(pctx, kdf_type) <= 0)
             goto err;
     } else
-        /* Uknown KDF */
+        /* Unknown KDF */
         goto err;
     if (kdf_md == NULL) {
         /* Fixme later for better MD */
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index 8276b6f..d56e6cd 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -645,7 +645,7 @@ ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *group,
             if ((ret->value.named_curve = OBJ_nid2obj(tmp)) == NULL)
                 ok = 0;
         } else
-            /* we don't kmow the nid => ERROR */
+            /* we don't know the nid => ERROR */
             ok = 0;
     } else {
         /* use the ECPARAMETERS structure */
@@ -1189,7 +1189,7 @@ EC_KEY *o2i_ECPublicKey(EC_KEY **a, const unsigned char **in, long len)
 
     if (a == NULL || (*a) == NULL || (*a)->group == NULL) {
         /*
-         * sorry, but a EC_GROUP-structur is necessary to set the public key
+         * sorry, but a EC_GROUP-structure is necessary to set the public key
          */
         ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_PASSED_NULL_PARAMETER);
         return 0;
diff --git a/crypto/ec/ec_curve.c b/crypto/ec/ec_curve.c
index e8e9914..107beb5 100644
--- a/crypto/ec/ec_curve.c
+++ b/crypto/ec/ec_curve.c
@@ -2981,7 +2981,7 @@ static const ec_list_element curve_list[] = {
      "NIST/SECG/WTLS curve over a 233 bit binary field"},
 #endif
     {NID_wap_wsg_idm_ecid_wtls12, &_EC_WTLS_12.h, 0,
-     "WTLS curvs over a 224 bit prime field"},
+     "WTLS curve over a 224 bit prime field"},
 #ifndef OPENSSL_NO_EC2M
     /* IPSec curves */
     {NID_ipsec3, &_EC_IPSEC_155_ID3.h, 0,
diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c
index 596b5f8..7e1418c 100644
--- a/crypto/ec/ec_mult.c
+++ b/crypto/ec/ec_mult.c
@@ -67,7 +67,7 @@
 #include "ec_lcl.h"
 
 /*
- * This file implements the wNAF-based interleaving multi-exponentation method
+ * This file implements the wNAF-based interleaving multi-exponentiation method
  * (<URL:http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#multiexp>);
  * for multiplication with precomputation, we use wNAF splitting
  * (<URL:http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#fastexp>).
diff --git a/crypto/ec/ecp_nistp256.c b/crypto/ec/ecp_nistp256.c
index 2bd792c..9e33acf 100644
--- a/crypto/ec/ecp_nistp256.c
+++ b/crypto/ec/ecp_nistp256.c
@@ -1226,7 +1226,7 @@ static void copy_small_conditional(felem out, const smallfelem in, limb mask)
 }
 
 /*-
- * point_add calcuates (x1, y1, z1) + (x2, y2, z2)
+ * point_add calculates (x1, y1, z1) + (x2, y2, z2)
  *
  * The method is taken from:
  *   http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#addition-add-2007-bl,
diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c
index 04c3f08..4fff85a 100644
--- a/crypto/ec/ecp_nistp521.c
+++ b/crypto/ec/ecp_nistp521.c
@@ -1032,7 +1032,7 @@ static void felem_contract(felem out, const felem in)
  * coordinates */
 
 /*-
- * point_double calcuates 2*(x_in, y_in, z_in)
+ * point_double calculates 2*(x_in, y_in, z_in)
  *
  * The method is taken from:
  *   http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#doubling-dbl-2001-b
@@ -1148,7 +1148,7 @@ static void copy_conditional(felem out, const felem in, limb mask)
 }
 
 /*-
- * point_add calcuates (x1, y1, z1) + (x2, y2, z2)
+ * point_add calculates (x1, y1, z1) + (x2, y2, z2)
  *
  * The method is taken from
  *   http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#addition-add-2007-bl,
diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
index f2f3d47..eb8a8bb 100644
--- a/crypto/engine/eng_cryptodev.c
+++ b/crypto/engine/eng_cryptodev.c
@@ -364,12 +364,12 @@ static int get_cryptodev_digests(const int **cnids)
  * Find the useable ciphers|digests from dev/crypto - this is the first
  * thing called by the engine init crud which determines what it
  * can use for ciphers from this engine. We want to return
- * only what we can do, anythine else is handled by software.
+ * only what we can do, anything else is handled by software.
  *
  * If we can't initialize the device to do anything useful for
  * any reason, we want to return a NULL array, and 0 length,
  * which forces everything to be done is software. By putting
- * the initalization of the device in here, we ensure we can
+ * the initialization of the device in here, we ensure we can
  * use this engine as the default, and if for whatever reason
  * /dev/crypto won't do what we want it will just be done in
  * software
@@ -400,7 +400,7 @@ static int cryptodev_usable_digests(const int **nids)
      * suck moose gonads - would be nice to be able to decide something
      * as reasonable default without having hackery that's card dependent.
      * of course, the default should probably be just do everything,
-     * with perhaps a sysctl to turn algoritms off (or have them off
+     * with perhaps a sysctl to turn algorithms off (or have them off
      * by default) on cards that generally suck like the hifn.
      */
     *nids = NULL;
@@ -447,7 +447,7 @@ cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 
     if (ioctl(state->d_fd, CIOCCRYPT, &cryp) == -1) {
         /*
-         * XXX need better errror handling this can fail for a number of
+         * XXX need better error handling this can fail for a number of
          * different reasons.
          */
         return (0);
@@ -503,7 +503,7 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 }
 
 /*
- * free anything we allocated earlier when initting a
+ * free anything we allocated earlier when initing a
  * session, and close the session.
  */
 static int cryptodev_cleanup(EVP_CIPHER_CTX *ctx)
@@ -516,7 +516,7 @@ static int cryptodev_cleanup(EVP_CIPHER_CTX *ctx)
         return (0);
 
     /*
-     * XXX if this ioctl fails, someting's wrong. the invoker may have called
+     * XXX if this ioctl fails, something's wrong. the invoker may have called
      * us with a bogus ctx, or we could have a device that for whatever
      * reason just doesn't want to play ball - it's not clear what's right
      * here - should this be an error? should it just increase a counter,
diff --git a/crypto/engine/eng_ctrl.c b/crypto/engine/eng_ctrl.c
index 2757755..2db9902 100644
--- a/crypto/engine/eng_ctrl.c
+++ b/crypto/engine/eng_ctrl.c
@@ -133,7 +133,7 @@ static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p,
         return e->cmd_defns[idx].cmd_num;
     }
     /*
-     * For the rest of the commands, the 'long' argument must specify a valie
+     * For the rest of the commands, the 'long' argument must specify a valid
      * command number - so we need to conduct a search.
      */
     if ((e->cmd_defns == NULL) || ((idx = int_ctrl_cmd_by_num(e->cmd_defns,
diff --git a/crypto/engine/eng_dyn.c b/crypto/engine/eng_dyn.c
index 2536525..607317b 100644
--- a/crypto/engine/eng_dyn.c
+++ b/crypto/engine/eng_dyn.c
@@ -316,7 +316,7 @@ void ENGINE_load_dynamic(void)
 static int dynamic_init(ENGINE *e)
 {
     /*
-     * We always return failure - the "dyanamic" engine itself can't be used
+     * We always return failure - the "dynamic" engine itself can't be used
      * for anything.
      */
     return 0;
diff --git a/crypto/engine/eng_list.c b/crypto/engine/eng_list.c
index b47bb4d..90039a0 100644
--- a/crypto/engine/eng_list.c
+++ b/crypto/engine/eng_list.c
@@ -219,7 +219,7 @@ ENGINE *ENGINE_get_next(ENGINE *e)
     CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
     ret = e->next;
     if (ret) {
-        /* Return a valid structural refernce to the next ENGINE */
+        /* Return a valid structural reference to the next ENGINE */
         ret->struct_ref++;
         engine_ref_debug(ret, 0, 1);
     }
@@ -353,7 +353,7 @@ ENGINE *ENGINE_by_id(const char *id)
     if (iterator != NULL)
         return iterator;
     /*
-     * Prevent infinite recusrion if we're looking for the dynamic engine.
+     * Prevent infinite recursion if we're looking for the dynamic engine.
      */
     if (strcmp(id, "dynamic")) {
 # ifdef OPENSSL_SYS_VMS
diff --git a/crypto/engine/eng_table.c b/crypto/engine/eng_table.c
index 2907d82..22390d2 100644
--- a/crypto/engine/eng_table.c
+++ b/crypto/engine/eng_table.c
@@ -155,7 +155,7 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
             fnd->funct = NULL;
             (void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd);
         }
-        /* A registration shouldn't add duplciate entries */
+        /* A registration shouldn't add duplicate entries */
         (void)sk_ENGINE_delete_ptr(fnd->sk, e);
         /*
          * if 'setdefault', this ENGINE goes to the head of the list
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 52ff05f..1fc58bd 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -174,7 +174,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
      * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so
      * this context may already have an ENGINE! Try to avoid releasing the
      * previous handle, re-querying for an ENGINE, and having a
-     * reinitialisation, when it may all be unecessary.
+     * reinitialisation, when it may all be unnecessary.
      */
     if (ctx->engine && ctx->digest && (!type ||
                                        (type
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index daa84d7..6191680 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -605,7 +605,7 @@ void aes_t4_decrypt(const unsigned char *in, unsigned char *out,
  * non-key-length specific routines would require conditional branches
  * either in inner loops or on subroutines' entries. Former is hardly
  * acceptable, while latter means code size increase to size occupied
- * by multiple key-length specfic subroutines, so why fight?
+ * by multiple key-length specific subroutines, so why fight?
  */
 void aes128_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
                            size_t len, const AES_KEY *key,
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 1b45a94..278e91b 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -124,7 +124,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
      * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so
      * this context may already have an ENGINE! Try to avoid releasing the
      * previous handle, re-querying for an ENGINE, and having a
-     * reinitialisation, when it may all be unecessary.
+     * reinitialisation, when it may all be unnecessary.
      */
     if (ctx->engine && ctx->cipher
         && (!cipher || (cipher && (cipher->nid == ctx->cipher->nid))))
@@ -159,7 +159,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
                 /*
                  * One positive side-effect of US's export control history,
                  * is that we should at least be able to avoid using US
-                 * mispellings of "initialisation"?
+                 * misspellings of "initialisation"?
                  */
                 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
                 return 0;
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index b7b6e35..5b23014 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -144,7 +144,7 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
         e = ENGINE_get_pkey_meth_engine(id);
 
     /*
-     * If an ENGINE handled this method look it up. Othewise use internal
+     * If an ENGINE handled this method look it up. Otherwise use internal
      * tables.
      */
 
diff --git a/crypto/ex_data.c b/crypto/ex_data.c
index fcdc83f..f19fa8e 100644
--- a/crypto/ex_data.c
+++ b/crypto/ex_data.c
@@ -116,8 +116,8 @@
  * exdata has a stack of callbacks for each instance.
  */
 struct ex_callback_st {
-    long argl;                  /* Arbitary long */
-    void *argp;                 /* Arbitary void * */
+    long argl;                  /* Arbitrary long */
+    void *argp;                 /* Arbitrary void * */
     CRYPTO_EX_new *new_func;
     CRYPTO_EX_free *free_func;
     CRYPTO_EX_dup *dup_func;
diff --git a/crypto/modes/cfb128.c b/crypto/modes/cfb128.c
index d4ecbd0..c4395bc 100644
--- a/crypto/modes/cfb128.c
+++ b/crypto/modes/cfb128.c
@@ -190,7 +190,7 @@ static void cfbr_encrypt_block(const unsigned char *in, unsigned char *out,
                                block128_f block)
 {
     int n, rem, num;
-    unsigned char ovec[16 * 2 + 1]; /* +1 because we dererefence (but don't
+    unsigned char ovec[16 * 2 + 1]; /* +1 because we dereference (but don't
                                      * use) one byte off the end */
 
     if (nbits <= 0 || nbits > 128)
diff --git a/crypto/modes/ctr128.c b/crypto/modes/ctr128.c
index f3bbcbf..f56fd0c 100644
--- a/crypto/modes/ctr128.c
+++ b/crypto/modes/ctr128.c
@@ -117,7 +117,7 @@ static void ctr128_inc_aligned(unsigned char *counter)
  * before the first call to CRYPTO_ctr128_encrypt(). This algorithm assumes
  * that the counter is in the x lower bits of the IV (ivec), and that the
  * application has full control over overflow and the rest of the IV.  This
- * implementation takes NO responsability for checking that the counter
+ * implementation takes NO responsibility for checking that the counter
  * doesn't overflow into the rest of the IV when incremented.
  */
 void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
@@ -245,7 +245,7 @@ void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
         (*func) (in, out, blocks, key, ivec);
         /* (*ctr) does not update ivec, caller does: */
         PUTU32(ivec + 12, ctr32);
-        /* ... overflow was detected, propogate carry. */
+        /* ... overflow was detected, propagate carry. */
         if (ctr32 == 0)
             ctr96_inc(ivec);
         blocks *= 16;
diff --git a/crypto/o_time.c b/crypto/o_time.c
index fdd8282..59d759f 100644
--- a/crypto/o_time.c
+++ b/crypto/o_time.c
@@ -161,7 +161,7 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
             /*-
              * The VMS epoch is the astronomical Smithsonian date,
                if I remember correctly, which is November 17, 1858.
-               Furthermore, time is measure in thenths of microseconds
+               Furthermore, time is measure in tenths of microseconds
                and stored in quadwords (64 bit integers).  unix_epoch
                below is January 1st 1970 expressed as a VMS time.  The
                following code was used to get this number:
@@ -253,7 +253,7 @@ int OPENSSL_gmtime_adj(struct tm *tm, int off_day, long offset_sec)
     int time_sec, time_year, time_month, time_day;
     long time_jd;
 
-    /* Convert time and offset into julian day and seconds */
+    /* Convert time and offset into Julian day and seconds */
     if (!julian_adj(tm, off_day, offset_sec, &time_jd, &time_sec))
         return 0;
 
diff --git a/crypto/objects/o_names.c b/crypto/objects/o_names.c
index 6939b9a..0a07379 100644
--- a/crypto/objects/o_names.c
+++ b/crypto/objects/o_names.c
@@ -10,7 +10,7 @@
 #include "obj_lcl.h"
 
 /*
- * Later versions of DEC C has started to add lnkage information to certain
+ * Later versions of DEC C has started to add linkage information to certain
  * functions, which makes it tricky to use them as values to regular function
  * pointers.  One way is to define a macro that takes care of casting them
  * correctly.
diff --git a/crypto/ocsp/ocsp_cl.c b/crypto/ocsp/ocsp_cl.c
index 0e6810a..e8eaaff 100644
--- a/crypto/ocsp/ocsp_cl.c
+++ b/crypto/ocsp/ocsp_cl.c
@@ -4,7 +4,7 @@
  */
 
 /*
- * History: This file was transfered to Richard Levitte from CertCo by Kathy
+ * History: This file was transferred to Richard Levitte from CertCo by Kathy
  * Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
  * patch kit.
  */
@@ -142,7 +142,7 @@ int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert)
 }
 
 /*
- * Sign an OCSP request set the requestorName to the subjec name of an
+ * Sign an OCSP request set the requestorName to the subject name of an
  * optional signers certificate and include one or more optional certificates
  * in the request. Behaves like PKCS7_sign().
  */
@@ -222,7 +222,7 @@ ASN1_OCTET_STRING *OCSP_resp_get0_signature(OCSP_BASICRESP *bs)
 }
 
 /*
- * Return number of OCSP_SINGLERESP reponses present in a basic response.
+ * Return number of OCSP_SINGLERESP responses present in a basic response.
  */
 
 int OCSP_resp_count(OCSP_BASICRESP *bs)
diff --git a/crypto/ocsp/ocsp_ext.c b/crypto/ocsp/ocsp_ext.c
index b012744..854da8e 100644
--- a/crypto/ocsp/ocsp_ext.c
+++ b/crypto/ocsp/ocsp_ext.c
@@ -4,7 +4,7 @@
  */
 
 /*
- * History: This file was transfered to Richard Levitte from CertCo by Kathy
+ * History: This file was transferred to Richard Levitte from CertCo by Kathy
  * Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
  * patch kit.
  */
@@ -291,7 +291,7 @@ int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc)
 /* Nonce handling functions */
 
 /*
- * Add a nonce to an extension stack. A nonce can be specificed or if NULL a
+ * Add a nonce to an extension stack. A nonce can be specified or if NULL a
  * random nonce will be generated. Note: OpenSSL 0.9.7d and later create an
  * OCTET STRING containing the nonce, previous versions used the raw nonce.
  */
diff --git a/crypto/ocsp/ocsp_lcl.h b/crypto/ocsp/ocsp_lcl.h
index d626a3e..df4ff40 100644
--- a/crypto/ocsp/ocsp_lcl.h
+++ b/crypto/ocsp/ocsp_lcl.h
@@ -4,7 +4,7 @@
  */
 
 /*
- * History: This file was transfered to Richard Levitte from CertCo by Kathy
+ * History: This file was transferred to Richard Levitte from CertCo by Kathy
  * Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
  * patch kit.
  */
diff --git a/crypto/ocsp/ocsp_lib.c b/crypto/ocsp/ocsp_lib.c
index 54cacfb..1aaa290 100644
--- a/crypto/ocsp/ocsp_lib.c
+++ b/crypto/ocsp/ocsp_lib.c
@@ -4,7 +4,7 @@
  */
 
 /*
- * History: This file was transfered to Richard Levitte from CertCo by Kathy
+ * History: This file was transferred to Richard Levitte from CertCo by Kathy
  * Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
  * patch kit.
  */
diff --git a/crypto/ocsp/ocsp_prn.c b/crypto/ocsp/ocsp_prn.c
index 7524576..ff006cb 100644
--- a/crypto/ocsp/ocsp_prn.c
+++ b/crypto/ocsp/ocsp_prn.c
@@ -4,7 +4,7 @@
  */
 
 /*
- * History: This file was originally part of ocsp.c and was transfered to
+ * History: This file was originally part of ocsp.c and was transferred to
  * Richard Levitte from CertCo by Kathy Weinhold in mid-spring 2000 to be
  * included in OpenSSL or released as a patch kit.
  */
diff --git a/crypto/ocsp/ocsp_vfy.c b/crypto/ocsp/ocsp_vfy.c
index 5601feb..fa4fde5 100644
--- a/crypto/ocsp/ocsp_vfy.c
+++ b/crypto/ocsp/ocsp_vfy.c
@@ -288,7 +288,7 @@ static int ocsp_check_ids(STACK_OF(OCSP_SINGLERESP) *sresp, OCSP_CERTID **ret)
         tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId;
         /* Check to see if IDs match */
         if (OCSP_id_issuer_cmp(cid, tmpid)) {
-            /* If algoritm mismatch let caller deal with it */
+            /* If algorithm mismatch let caller deal with it */
             if (OBJ_cmp(tmpid->hashAlgorithm.algorithm,
                         cid->hashAlgorithm.algorithm))
                 return 2;
diff --git a/crypto/perlasm/x86_64-xlate.pl b/crypto/perlasm/x86_64-xlate.pl
index aae8288..87f6956 100755
--- a/crypto/perlasm/x86_64-xlate.pl
+++ b/crypto/perlasm/x86_64-xlate.pl
@@ -302,7 +302,7 @@ my %globals;
 }
 { package register;	# pick up registers, which start with %.
     sub re {
-	my	$class = shift;	# muliple instances...
+	my	$class = shift;	# multiple instances...
 	my	$self = {};
 	local	*line = shift;
 	undef	$ret;
@@ -950,7 +950,7 @@ close STDOUT;
 # (#)	Nth argument, volatile
 #
 # In Unix terms top of stack is argument transfer area for arguments
-# which could not be accomodated in registers. Or in other words 7th
+# which could not be accommodated in registers. Or in other words 7th
 # [integer] argument resides at 8(%rsp) upon function entry point.
 # 128 bytes above %rsp constitute a "red zone" which is not touched
 # by signal handlers and can be used as temporal storage without
diff --git a/crypto/pkcs12/p12_kiss.c b/crypto/pkcs12/p12_kiss.c
index c53736d..59c84a0 100644
--- a/crypto/pkcs12/p12_kiss.c
+++ b/crypto/pkcs12/p12_kiss.c
@@ -75,7 +75,7 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
  * Parse and decrypt a PKCS#12 structure returning user key, user cert and
  * other (CA) certs. Note either ca should be NULL, *ca should be NULL, or it
  * should point to a valid STACK structure. pkey and cert can be passed
- * unitialised.
+ * uninitialised.
  */
 
 int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
index 9b6b0b5..7a7e16b 100644
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -323,7 +323,7 @@ static int rand_add(const void *buf, int num, double add)
             /*
              * Parallel threads may interfere with this, but always each byte
              * of the new state is the XOR of some previous value of its and
-             * local_md (itermediate values may be lost). Alway using locking
+             * local_md (intermediate values may be lost). Alway using locking
              * could hurt performance more than necessary given that
              * conflicts occur only when the total seeding is longer than the
              * random state.
diff --git a/crypto/rand/rand_win.c b/crypto/rand/rand_win.c
index 75bf33a..bf85d37 100644
--- a/crypto/rand/rand_win.c
+++ b/crypto/rand/rand_win.c
@@ -122,7 +122,7 @@
 
 /*
  * Limit the time spent walking through the heap, processes, threads and
- * modules to a maximum of 1000 miliseconds each, unless CryptoGenRandom
+ * modules to a maximum of 1000 milliseconds each, unless CryptoGenRandom
  * failed
  */
 # define MAXDELAY 1000
diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
index 2a1c74a..959aa23 100644
--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
@@ -569,7 +569,7 @@ static ASN1_STRING *rsa_ctx_to_pss(EVP_PKEY_CTX *pkctx)
 
 /*
  * From PSS AlgorithmIdentifier set public key parameters. If pkey isn't NULL
- * then the EVP_MD_CTX is setup and initalised. If it is NULL parameters are
+ * then the EVP_MD_CTX is setup and initialised. If it is NULL parameters are
  * passed to pkctx instead.
  */
 
diff --git a/crypto/rsa/rsa_ossl.c b/crypto/rsa/rsa_ossl.c
index 0752f5f..b6b7dac 100644
--- a/crypto/rsa/rsa_ossl.c
+++ b/crypto/rsa/rsa_ossl.c
@@ -729,7 +729,7 @@ static int rsa_ossl_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
         BIGNUM *p = NULL, *q = NULL;
 
         /*
-         * Make sure BN_mod_inverse in Montgomery intialization uses the
+         * Make sure BN_mod_inverse in Montgomery initialization uses the
          * BN_FLG_CONSTTIME flag (unless RSA_FLAG_NO_CONSTTIME is set)
          */
         if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
diff --git a/crypto/sha/asm/sha1-mb-x86_64.pl b/crypto/sha/asm/sha1-mb-x86_64.pl
index d460a20..9de3f15 100644
--- a/crypto/sha/asm/sha1-mb-x86_64.pl
+++ b/crypto/sha/asm/sha1-mb-x86_64.pl
@@ -479,7 +479,7 @@ $code.=<<___;
 	jnz	.Loop_grande
 
 .Ldone:
-	mov	`$REG_SZ*17`(%rsp),%rax		# orignal %rsp
+	mov	`$REG_SZ*17`(%rsp),%rax		# original %rsp
 ___
 $code.=<<___ if ($win64);
 	movaps	-0xb8(%rax),%xmm6
@@ -539,7 +539,7 @@ $code.=<<___;
 	movdqa	K_XX_XX+0x80(%rip),$BSWAP	# byte-n-word swap
 
 .Loop_grande_shaext:
-	mov	$num,`$REG_SZ*17+8`(%rsp)	# orignal $num
+	mov	$num,`$REG_SZ*17+8`(%rsp)	# original $num
 	xor	$num,$num
 ___
 for($i=0;$i<2;$i++) {
@@ -1117,7 +1117,7 @@ $code.=<<___;
 	jnz	.Loop_grande_avx
 
 .Ldone_avx:
-	mov	`$REG_SZ*17`(%rsp),%rax		# orignal %rsp
+	mov	`$REG_SZ*17`(%rsp),%rax		# original %rsp
 	vzeroupper
 ___
 $code.=<<___ if ($win64);
@@ -1272,7 +1272,7 @@ $code.=<<___;
 	#jnz	.Loop_grande_avx2
 
 .Ldone_avx2:
-	mov	`$REG_SZ*17`(%rsp),%rax		# orignal %rsp
+	mov	`$REG_SZ*17`(%rsp),%rax		# original %rsp
 	vzeroupper
 ___
 $code.=<<___ if ($win64);
diff --git a/crypto/sha/asm/sha1-mips.pl b/crypto/sha/asm/sha1-mips.pl
index 3408493..e228f6c 100644
--- a/crypto/sha/asm/sha1-mips.pl
+++ b/crypto/sha/asm/sha1-mips.pl
@@ -325,7 +325,7 @@ $code.=<<___ if ($i<79);
 ___
 }
 
-$FRAMESIZE=16;	# large enough to accomodate NUBI saved registers
+$FRAMESIZE=16;	# large enough to accommodate NUBI saved registers
 $SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0xc0fff008 : 0xc0ff0000;
 
 $code=<<___;
diff --git a/crypto/sha/asm/sha256-mb-x86_64.pl b/crypto/sha/asm/sha256-mb-x86_64.pl
index 3bf1791..65df8e6 100644
--- a/crypto/sha/asm/sha256-mb-x86_64.pl
+++ b/crypto/sha/asm/sha256-mb-x86_64.pl
@@ -383,7 +383,7 @@ $code.=<<___;
 	jnz	.Loop_grande
 
 .Ldone:
-	mov	`$REG_SZ*17`(%rsp),%rax		# orignal %rsp
+	mov	`$REG_SZ*17`(%rsp),%rax		# original %rsp
 ___
 $code.=<<___ if ($win64);
 	movaps	-0xb8(%rax),%xmm6
@@ -443,7 +443,7 @@ $code.=<<___;
 	lea	K256_shaext+0x80(%rip),$Tbl
 
 .Loop_grande_shaext:
-	mov	$num,`$REG_SZ*17+8`(%rsp)	# orignal $num
+	mov	$num,`$REG_SZ*17+8`(%rsp)	# original $num
 	xor	$num,$num
 ___
 for($i=0;$i<2;$i++) {
@@ -1062,7 +1062,7 @@ $code.=<<___;
 	jnz	.Loop_grande_avx
 
 .Ldone_avx:
-	mov	`$REG_SZ*17`(%rsp),%rax		# orignal %rsp
+	mov	`$REG_SZ*17`(%rsp),%rax		# original %rsp
 	vzeroupper
 ___
 $code.=<<___ if ($win64);
@@ -1238,7 +1238,7 @@ $code.=<<___;
 	#jnz	.Loop_grande_avx2
 
 .Ldone_avx2:
-	mov	`$REG_SZ*17`(%rsp),%rax		# orignal %rsp
+	mov	`$REG_SZ*17`(%rsp),%rax		# original %rsp
 	vzeroupper
 ___
 $code.=<<___ if ($win64);
diff --git a/crypto/sha/sha256.c b/crypto/sha/sha256.c
index b30df22..d7d33d5 100644
--- a/crypto/sha/sha256.c
+++ b/crypto/sha/sha256.c
@@ -91,7 +91,7 @@ int SHA224_Final(unsigned char *md, SHA256_CTX *c)
  * default: case below covers for it. It's not clear however if it's
  * permitted to truncate to amount of bytes not divisible by 4. I bet not,
  * but if it is, then default: case shall be extended. For reference.
- * Idea behind separate cases for pre-defined lenghts is to let the
+ * Idea behind separate cases for pre-defined lengths is to let the
  * compiler decide if it's appropriate to unroll small loops.
  */
 #define HASH_MAKE_STRING(c,s)   do {    \
diff --git a/crypto/sha/sha_locl.h b/crypto/sha/sha_locl.h
index ae447ff..87e69d8 100644
--- a/crypto/sha/sha_locl.h
+++ b/crypto/sha/sha_locl.h
@@ -163,7 +163,7 @@ int HASH_INIT(SHA_CTX *c)
 # ifndef MD32_XARRAY
   /*
    * Originally X was an array. As it's automatic it's natural
-   * to expect RISC compiler to accomodate at least part of it in
+   * to expect RISC compiler to accommodate at least part of it in
    * the register bank, isn't it? Unfortunately not all compilers
    * "find" this expectation reasonable:-( On order to make such
    * compilers generate better code I replace X[] with a bunch of
diff --git a/crypto/srp/srp_lib.c b/crypto/srp/srp_lib.c
index 457947b..aefc490 100644
--- a/crypto/srp/srp_lib.c
+++ b/crypto/srp/srp_lib.c
@@ -333,7 +333,7 @@ static SRP_gN knowngN[] = {
 # define KNOWN_GN_NUMBER sizeof(knowngN) / sizeof(SRP_gN)
 
 /*
- * Check if G and N are kwown parameters. The values have been generated
+ * Check if G and N are known parameters. The values have been generated
  * from the ietf-tls-srp draft version 8
  */
 char *SRP_check_known_gN_param(BIGNUM *g, BIGNUM *N)
diff --git a/crypto/ui/ui_lib.c b/crypto/ui/ui_lib.c
index 0823ae8..08e6c7b 100644
--- a/crypto/ui/ui_lib.c
+++ b/crypto/ui/ui_lib.c
@@ -163,7 +163,7 @@ static int general_allocate_string(UI *ui, const char *prompt,
             s->_.string_data.result_maxsize = maxsize;
             s->_.string_data.test_buf = test_buf;
             ret = sk_UI_STRING_push(ui->strings, s);
-            /* sk_push() returns 0 on error.  Let's addapt that */
+            /* sk_push() returns 0 on error.  Let's adapt that */
             if (ret <= 0)
                 ret--;
         } else
@@ -207,7 +207,7 @@ static int general_allocate_boolean(UI *ui,
                 s->_.boolean_data.cancel_chars = cancel_chars;
                 ret = sk_UI_STRING_push(ui->strings, s);
                 /*
-                 * sk_push() returns 0 on error. Let's addapt that
+                 * sk_push() returns 0 on error. Let's adapt that
                  */
                 if (ret <= 0)
                     ret--;
diff --git a/crypto/whrlpool/wp_block.c b/crypto/whrlpool/wp_block.c
index 7e49383..dc652e8 100644
--- a/crypto/whrlpool/wp_block.c
+++ b/crypto/whrlpool/wp_block.c
@@ -146,7 +146,7 @@ typedef unsigned long long u64;
  * one quadword load. One can argue that that many single-byte loads
  * is too excessive, as one could load a quadword and "milk" it for
  * eight 8-bit values instead. Well, yes, but in order to do so *and*
- * avoid excessive loads you have to accomodate a handful of 64-bit
+ * avoid excessive loads you have to accommodate a handful of 64-bit
  * values in the register bank and issue a bunch of shifts and mask.
  * It's a tradeoff: loads vs. shift and mask in big register bank[!].
  * On most CPUs eight single-byte loads are faster and I let other
diff --git a/crypto/whrlpool/wp_dgst.c b/crypto/whrlpool/wp_dgst.c
index bb99799..eeb420c 100644
--- a/crypto/whrlpool/wp_dgst.c
+++ b/crypto/whrlpool/wp_dgst.c
@@ -48,7 +48,7 @@
  *
  * Unlike authors' reference implementation, block processing
  * routine whirlpool_block is designed to operate on multi-block
- * input. This is done for perfomance.
+ * input. This is done for performance.
  */
 
 #include "wp_locl.h"
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index 2e3fd6a..69a3fb3 100644
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -458,7 +458,7 @@ int X509_chain_check_suiteb(int *perror_depth, X509 *x, STACK_OF(X509) *chain,
             i--;
         /*
          * If we have LOS error and flags changed then we are signing P-384
-         * with P-256. Use more meaninggul error.
+         * with P-256. Use more meaningful error.
          */
         if (rv == X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED && flags != tflags)
             rv = X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256;
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index f16be8a..113c116 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -2474,7 +2474,7 @@ static int dane_match(X509_STORE_CTX *ctx, X509 *cert, int depth)
 
     /*
      * If we've previously matched a PKIX-?? record, no need to test any
-     * furher PKIX-?? records,  it remains to just build the PKIX chain.
+     * further PKIX-?? records,  it remains to just build the PKIX chain.
      * Had the match been a DANE-?? record, we'd be done already.
      */
     if (dane->mdpth >= 0)
@@ -2505,7 +2505,7 @@ static int dane_match(X509_STORE_CTX *ctx, X509 *cert, int depth)
      *
      * As soon as we find a match at any given depth, we stop, because either
      * we've matched a DANE-?? record and the peer is authenticated, or, after
-     * exhausing all DANE-?? records, we've matched a PKIX-?? record, which is
+     * exhausting all DANE-?? records, we've matched a PKIX-?? record, which is
      * sufficient for DANE, and what remains to do is ordinary PKIX validation.
      */
     recnum = (dane->umask & mask) ? sk_danetls_record_num(dane->trecs) : 0;
diff --git a/crypto/x509/x509name.c b/crypto/x509/x509name.c
index 475f5bc..2a5e1ce 100644
--- a/crypto/x509/x509name.c
+++ b/crypto/x509/x509name.c
@@ -109,7 +109,7 @@ int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos)
     return (X509_NAME_get_index_by_OBJ(name, obj, lastpos));
 }
 
-/* NOTE: you should be passsing -1, not 0 as lastpos */
+/* NOTE: you should be passing -1, not 0 as lastpos */
 int X509_NAME_get_index_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int lastpos)
 {
     int n;
diff --git a/crypto/x509/x_name.c b/crypto/x509/x_name.c
index 9133e3c..5e6abeb 100644
--- a/crypto/x509/x_name.c
+++ b/crypto/x509/x_name.c
@@ -324,7 +324,7 @@ static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval,
  * it all strings are converted to UTF8, leading, trailing and multiple
  * spaces collapsed, converted to lower case and the leading SEQUENCE header
  * removed. In future we could also normalize the UTF8 too. By doing this
- * comparison of Name structures can be rapidly perfomed by just using
+ * comparison of Name structures can be rapidly performed by just using
  * memcmp() of the canonical encoding. By omitting the leading SEQUENCE name
  * constraints of type dirName can also be checked with a simple memcmp().
  */
diff --git a/crypto/x509v3/v3_addr.c b/crypto/x509v3/v3_addr.c
index 13aa7a8..7ffafa5 100644
--- a/crypto/x509v3/v3_addr.c
+++ b/crypto/x509v3/v3_addr.c
@@ -360,7 +360,7 @@ static int IPAddressOrRange_cmp(const IPAddressOrRange *a,
 
 /*
  * IPv4-specific closure over IPAddressOrRange_cmp, since sk_sort()
- * comparision routines are only allowed two arguments.
+ * comparison routines are only allowed two arguments.
  */
 static int v4IPAddressOrRange_cmp(const IPAddressOrRange *const *a,
                                   const IPAddressOrRange *const *b)
@@ -370,7 +370,7 @@ static int v4IPAddressOrRange_cmp(const IPAddressOrRange *const *a,
 
 /*
  * IPv6-specific closure over IPAddressOrRange_cmp, since sk_sort()
- * comparision routines are only allowed two arguments.
+ * comparison routines are only allowed two arguments.
  */
 static int v6IPAddressOrRange_cmp(const IPAddressOrRange *const *a,
                                   const IPAddressOrRange *const *b)
@@ -704,7 +704,7 @@ int v3_addr_get_range(IPAddressOrRange *aor,
 }
 
 /*
- * Sort comparision function for a sequence of IPAddressFamily.
+ * Sort comparison function for a sequence of IPAddressFamily.
  *
  * The last paragraph of RFC 3779 2.2.3.3 is slightly ambiguous about
  * the ordering: I can read it as meaning that IPv6 without a SAFI
diff --git a/crypto/x509v3/v3_asid.c b/crypto/x509v3/v3_asid.c
index 3e10d7e..78673ce 100644
--- a/crypto/x509v3/v3_asid.c
+++ b/crypto/x509v3/v3_asid.c
@@ -164,7 +164,7 @@ static int i2r_ASIdentifiers(const X509V3_EXT_METHOD *method,
 }
 
 /*
- * Sort comparision function for a sequence of ASIdOrRange elements.
+ * Sort comparison function for a sequence of ASIdOrRange elements.
  */
 static int ASIdOrRange_cmp(const ASIdOrRange *const *a_,
                            const ASIdOrRange *const *b_)
@@ -720,7 +720,7 @@ static int asid_contains(ASIdOrRanges *parent, ASIdOrRanges *child)
 }
 
 /*
- * Test whether a is a subet of b.
+ * Test whether a is a subset of b.
  */
 int v3_asid_subset(ASIdentifiers *a, ASIdentifiers *b)
 {
diff --git a/crypto/x509v3/v3_ncons.c b/crypto/x509v3/v3_ncons.c
index dcd6590..31e37a0 100644
--- a/crypto/x509v3/v3_ncons.c
+++ b/crypto/x509v3/v3_ncons.c
@@ -405,7 +405,7 @@ static int nc_email(ASN1_IA5STRING *eml, ASN1_IA5STRING *base)
     const char *emlat = strchr(emlptr, '@');
     if (!emlat)
         return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
-    /* Special case: inital '.' is RHS match */
+    /* Special case: initial '.' is RHS match */
     if (!baseat && (*baseptr == '.')) {
         if (eml->length > base->length) {
             emlptr += eml->length - base->length;
@@ -465,7 +465,7 @@ static int nc_uri(ASN1_IA5STRING *uri, ASN1_IA5STRING *base)
     if (hostlen == 0)
         return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
 
-    /* Special case: inital '.' is RHS match */
+    /* Special case: initial '.' is RHS match */
     if (*baseptr == '.') {
         if (hostlen > base->length) {
             p = hostptr + hostlen - base->length;
diff --git a/demos/x509/README b/demos/x509/README
index 88f9d6c..b9e66e7 100644
--- a/demos/x509/README
+++ b/demos/x509/README
@@ -1,3 +1,3 @@
-This directory contains examples of how to contruct
+This directory contains examples of how to construct
 various X509 structures. Certificates, certificate requests
 and CRLs.
diff --git a/doc/apps/x509.pod b/doc/apps/x509.pod
index 7dde927..a742fec 100644
--- a/doc/apps/x509.pod
+++ b/doc/apps/x509.pod
@@ -467,7 +467,7 @@ B<sep_comma_plus>, B<dn_rev> and B<sname>.
 a oneline format which is more readable than RFC2253. It is equivalent to
 specifying the  B<esc_2253>, B<esc_ctrl>, B<esc_msb>, B<utf8>, B<dump_nostr>,
 B<dump_der>, B<use_quote>, B<sep_comma_plus_space>, B<space_eq> and B<sname>
-options.  This is the I<default> of no name options are given explicitely.
+options.  This is the I<default> of no name options are given explicitly.
 
 =item B<multiline>
 
diff --git a/doc/crypto/ASN1_INTEGER_get_int64.pod b/doc/crypto/ASN1_INTEGER_get_int64.pod
index a9e38f8..3259530 100644
--- a/doc/crypto/ASN1_INTEGER_get_int64.pod
+++ b/doc/crypto/ASN1_INTEGER_get_int64.pod
@@ -85,9 +85,9 @@ an appropriate C integer type.
 
 =head1 BUGS
 
-The ambigious return values of ASN1_INTEGER_get() and ASN1_ENUMERATED_get()
+The ambiguous return values of ASN1_INTEGER_get() and ASN1_ENUMERATED_get()
 mean these functions should be avoided if possible. They are retained for
-compatibility. Normally the ambigious return values are not legitimate
+compatibility. Normally the ambiguous return values are not legitimate
 values for the fields they represent.
 
 =head1 RETURN VALUES
diff --git a/doc/crypto/ASYNC_start_job.pod b/doc/crypto/ASYNC_start_job.pod
index 256cc43..5297f86 100644
--- a/doc/crypto/ASYNC_start_job.pod
+++ b/doc/crypto/ASYNC_start_job.pod
@@ -139,9 +139,9 @@ ASYNC_block_pause() twice then you must call ASYNC_unblock_pause() twice in
 order to reenable pausing. If these functions are called while there is no
 currently active job then they have no effect. This functionality can be useful
 to avoid deadlock scenarios. For example during the execution of an ASYNC_JOB an
-application aquires a lock. It then calls some cryptographic function which
+application acquires a lock. It then calls some cryptographic function which
 invokes ASYNC_pause_job(). This returns control back to the code that created
-the ASYNC_JOB. If that code then attempts to aquire the same lock before
+the ASYNC_JOB. If that code then attempts to acquire the same lock before
 resuming the original job then a deadlock can occur. By calling
 ASYNC_block_pause() immediately after aquiring the lock and
 ASYNC_unblock_pause() immediately before releasing it then this situation cannot
@@ -154,7 +154,7 @@ ASYNC_init and ASYNC_init_thread return 1 on success or 0 otherwise.
 ASYNC_start_job returns one of ASYNC_ERR, ASYNC_NO_JOBS, ASYNC_PAUSE or
 ASYNC_FINISH as described above.
 
-ASYNC_pause_job returns 0 if an error occured or 1 on success. If called when
+ASYNC_pause_job returns 0 if an error occurred or 1 on success. If called when
 not within the context of an ASYNC_JOB then this is counted as success so 1 is
 returned.
 
diff --git a/doc/crypto/EC_GROUP_copy.pod b/doc/crypto/EC_GROUP_copy.pod
index 938092e..3af5bbf 100644
--- a/doc/crypto/EC_GROUP_copy.pod
+++ b/doc/crypto/EC_GROUP_copy.pod
@@ -58,8 +58,8 @@ EC_GROUP object.
 
 EC_GROUP_method_of obtains the EC_METHOD of B<group>.
 
-EC_GROUP_set_generator sets curve paramaters that must be agreed by all participants using the curve. These
-paramaters include the B<generator>, the B<order> and the B<cofactor>. The B<generator> is a well defined point on the
+EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These
+parameters include the B<generator>, the B<order> and the B<cofactor>. The B<generator> is a well defined point on the
 curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and
 n-1 where n is the B<order>. The B<order> multiplied by the B<cofactor> gives the number of points on the curve.
 
diff --git a/doc/crypto/OCSP_cert_to_id.pod b/doc/crypto/OCSP_cert_to_id.pod
index 8eb1844..ac11ba7 100644
--- a/doc/crypto/OCSP_cert_to_id.pod
+++ b/doc/crypto/OCSP_cert_to_id.pod
@@ -55,7 +55,7 @@ otherwise.
 
 OCSP_CERTID_free() does not return a value.
 
-OCSP_id_get0_info() returns 1 for sucess and 0 for failure.
+OCSP_id_get0_info() returns 1 for success and 0 for failure.
 
 =head1 NOTES
 
diff --git a/doc/crypto/X509V3_get_d2i.pod b/doc/crypto/X509V3_get_d2i.pod
index 8ae1708..accc9f4 100644
--- a/doc/crypto/X509V3_get_d2i.pod
+++ b/doc/crypto/X509V3_get_d2i.pod
@@ -77,7 +77,7 @@ of a certificate a CRL or a CRL entry respectively.
 =head1 NOTES
 
 In almost all cases an extension can occur at most once and multiple
-occurences is an error. Therefore the B<idx> parameter is usually B<NULL>.
+occurrences is an error. Therefore the B<idx> parameter is usually B<NULL>.
 
 The B<flags> parameter may be one of the following values.
 
diff --git a/doc/openssl-c-indent.el b/doc/openssl-c-indent.el
index 144a915..cedf135 100644
--- a/doc/openssl-c-indent.el
+++ b/doc/openssl-c-indent.el
@@ -28,7 +28,7 @@
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; Note, it could be easy to inherit from the "gnu" style...  however,
 ;; one never knows if that style will change somewhere in the future,
-;; so I've chosen to copy the "gnu" style values explicitely instead
+;; so I've chosen to copy the "gnu" style values explicitly instead
 ;; and mark them with a comment.                // RLevitte 2015-08-31
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 
diff --git a/doc/ssl/SSL_CTX_set1_sigalgs.pod b/doc/ssl/SSL_CTX_set1_sigalgs.pod
index 5786ea1..a63076c 100644
--- a/doc/ssl/SSL_CTX_set1_sigalgs.pod
+++ b/doc/ssl/SSL_CTX_set1_sigalgs.pod
@@ -80,14 +80,14 @@ The use of MD5 as a digest is strongly discouraged due to security weaknesses.
 
 =head1 EXAMPLES
 
-Set supported signature algoritms to SHA256 with ECDSA and SHA256 with RSA
+Set supported signature algorithms to SHA256 with ECDSA and SHA256 with RSA
 using an array:
 
     const int slist[] = {NID_sha256, EVP_PKEY_EC, NID_sha256, EVP_PKEY_RSA};
 
     SSL_CTX_set1_sigalgs(ctx, slist, 4);
 
-Set supported signature algoritms to SHA256 with ECDSA and SHA256 with RSA
+Set supported signature algorithms to SHA256 with ECDSA and SHA256 with RSA
 using a string:
 
     SSL_CTX_set1_sigalgs_list(ctx, "ECDSA+SHA256:RSA+SHA256");
diff --git a/include/openssl/dso.h b/include/openssl/dso.h
index 180163f..c122997 100644
--- a/include/openssl/dso.h
+++ b/include/openssl/dso.h
@@ -338,7 +338,7 @@ DSO_METHOD *DSO_METHOD_vms(void);
  * 'addr' into 'sz' large caller-provided 'path' and returns the number of
  * characters [including trailing zero] written to it. If 'sz' is 0 or
  * negative, 'path' is ignored and required amount of charachers [including
- * trailing zero] to accomodate pathname is returned. If 'addr' is NULL, then
+ * trailing zero] to accommodate pathname is returned. If 'addr' is NULL, then
  * pathname of cryptolib itself is returned. Negative or zero return value
  * denotes error.
  */
diff --git a/include/openssl/e_os2.h b/include/openssl/e_os2.h
index 159e0b3..04e1c05 100644
--- a/include/openssl/e_os2.h
+++ b/include/openssl/e_os2.h
@@ -206,8 +206,8 @@ extern "C" {
 /*-
  * Definitions of OPENSSL_GLOBAL and OPENSSL_EXTERN, to define and declare
  * certain global symbols that, with some compilers under VMS, have to be
- * defined and declared explicitely with globaldef and globalref.
- * Definitions of OPENSSL_EXPORT and OPENSSL_EXTERN, to define and declare
+ * defined and declared explicitly with globaldef and globalref.
+ * Definitions of OPENSSL_EXPORT and OPENSSL_IMPORT, to define and declare
  * DLL exports and imports for compilers under Win32.  These are a little
  * more complicated to use.  Basically, for any library that exports some
  * global variables, the following code must be present in the header file
diff --git a/include/openssl/ocsp.h b/include/openssl/ocsp.h
index 08b7d47..02fd6b0 100644
--- a/include/openssl/ocsp.h
+++ b/include/openssl/ocsp.h
@@ -4,7 +4,7 @@
  */
 
 /*
- * History: This file was transfered to Richard Levitte from CertCo by Kathy
+ * History: This file was transferred to Richard Levitte from CertCo by Kathy
  * Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
  * patch kit.
  */
diff --git a/include/openssl/ui.h b/include/openssl/ui.h
index 17c2254..3d1507e 100644
--- a/include/openssl/ui.h
+++ b/include/openssl/ui.h
@@ -128,7 +128,7 @@ void UI_free(UI *ui);
    added, so the result is *not* a string.
 
    On success, the all return an index of the added information.  That index
-   is usefull when retrieving results with UI_get0_result(). */
+   is useful when retrieving results with UI_get0_result(). */
 int UI_add_input_string(UI *ui, const char *prompt, int flags,
                         char *result_buf, int minsize, int maxsize);
 int UI_dup_input_string(UI *ui, const char *prompt, int flags,
diff --git a/ssl/statem/statem.c b/ssl/statem/statem.c
index 576ea18..08ae21a 100644
--- a/ssl/statem/statem.c
+++ b/ssl/statem/statem.c
@@ -511,7 +511,7 @@ static void init_read_state_machine(SSL *s)
  * READ_STATE_POST_PROCESS is an optional step that may occur if some post
  * processing activity performed on the message may block.
  *
- * Any of the above states could result in an NBIO event occuring in which case
+ * Any of the above states could result in an NBIO event occurring in which case
  * control returns to the calling application. When this function is recalled we
  * will resume in the same state where we left off.
  */
@@ -702,7 +702,7 @@ static void init_write_state_machine(SSL *s)
  * WRITE_STATE_TRANSITION transitions the state of the handshake state machine
 
  * WRITE_STATE_PRE_WORK performs any work necessary to prepare the later
- * sending of the message. This could result in an NBIO event occuring in
+ * sending of the message. This could result in an NBIO event occurring in
  * which case control returns to the calling application. When this function
  * is recalled we will resume in the same state where we left off.
  *


More information about the openssl-commits mailing list