From 164a541b9384cf4f2bee84c2b9b9feede6d65cca Mon Sep 17 00:00:00 2001
From: Dimitri Papadopoulos
 <3234522+DimitriPapadopoulos@users.noreply.github.com>
Date: Fri, 22 Dec 2023 14:37:12 +0100
Subject: [PATCH] Fix new typos found by codespell

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23133)
---
 crypto/bio/bss_dgram.c                        | 2 +-
 crypto/cmp/cmp_server.c                       | 2 +-
 crypto/evp/evp_enc.c                          | 2 +-
 crypto/modes/asm/aes-gcm-avx512.pl            | 2 +-
 crypto/sm4/asm/vpsm4-armv8.pl                 | 2 +-
 crypto/sm4/asm/vpsm4_ex-armv8.pl              | 2 +-
 doc/internal/man3/ossl_method_construct.pod   | 2 +-
 include/internal/quic_srtm.h                  | 2 +-
 providers/implementations/keymgmt/dsa_kmgmt.c | 2 +-
 ssl/ssl_lib.c                                 | 2 +-
 ssl/statem/extensions_srvr.c                  | 2 +-
 test/recipes/70-test_tls13alerts.t            | 2 +-
 test/sslapitest.c                             | 4 ++--
 13 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/crypto/bio/bss_dgram.c b/crypto/bio/bss_dgram.c
index 5195634fdf..4dd55ab337 100644
--- a/crypto/bio/bss_dgram.c
+++ b/crypto/bio/bss_dgram.c
@@ -98,7 +98,7 @@
     || M_METHOD == M_METHOD_WSARECVMSG
 #  if defined(__APPLE__)
     /*
-     * CMSG_SPACE is not a constant expresson on OSX even though POSIX
+     * CMSG_SPACE is not a constant expression on OSX even though POSIX
      * says it's supposed to be. This should be adequate.
      */
 #   define BIO_CMSG_ALLOC_LEN   64
diff --git a/crypto/cmp/cmp_server.c b/crypto/cmp/cmp_server.c
index 4e2ca09966..53c41bc96e 100644
--- a/crypto/cmp/cmp_server.c
+++ b/crypto/cmp/cmp_server.c
@@ -25,7 +25,7 @@ struct ossl_cmp_srv_ctx_st
     OSSL_CMP_CTX *ctx; /* CMP client context reused for transactionID etc. */
     void *custom_ctx;  /* application-specific server context */
     int certReqId;     /* of ir/cr/kur, OSSL_CMP_CERTREQID_NONE for p10cr */
-    int polling;       /* current tranaction is in polling mode */
+    int polling;       /* current transaction is in polling mode */
 
     OSSL_CMP_SRV_cert_request_cb_t process_cert_request;
     OSSL_CMP_SRV_rr_cb_t process_rr;
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index a199529712..c289b2f7b0 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -253,7 +253,7 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx,
             memcpy(q++, p, sizeof(*q));
 
         /*
-         * Note that OSSL_CIPHER_PARAM_AEAD_IVLEN is a synomym for
+         * Note that OSSL_CIPHER_PARAM_AEAD_IVLEN is a synonym for
          * OSSL_CIPHER_PARAM_IVLEN so both are covered here.
          */
         p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_IVLEN);
diff --git a/crypto/modes/asm/aes-gcm-avx512.pl b/crypto/modes/asm/aes-gcm-avx512.pl
index 9f9124373b..e150c9aa05 100644
--- a/crypto/modes/asm/aes-gcm-avx512.pl
+++ b/crypto/modes/asm/aes-gcm-avx512.pl
@@ -2007,7 +2007,7 @@ sub INITIAL_BLOCKS_PARTIAL_GHASH {
   my $ZT8             = $_[20];    # [clobbered] ZMM temporary
   my $PBLOCK_LEN      = $_[21];    # [in] partial block length
   my $GH              = $_[22];    # [in] ZMM with hi product part
-  my $GM              = $_[23];    # [in] ZMM with mid prodcut part
+  my $GM              = $_[23];    # [in] ZMM with mid product part
   my $GL              = $_[24];    # [in] ZMM with lo product part
 
   my $label_suffix = $label_count++;
diff --git a/crypto/sm4/asm/vpsm4-armv8.pl b/crypto/sm4/asm/vpsm4-armv8.pl
index ee96046b95..eae3704992 100755
--- a/crypto/sm4/asm/vpsm4-armv8.pl
+++ b/crypto/sm4/asm/vpsm4-armv8.pl
@@ -937,7 +937,7 @@ ___
 $code.=<<___;
 	ld1	{$ivec1.4s},[$ivp]
 	ld1	{@datax[0].4s,@datax[1].4s,@datax[2].4s,@datax[3].4s},[$inp],#64
-	// note ivec1 and vtmpx[3] are resuing the same register
+	// note ivec1 and vtmpx[3] are reusing the same register
 	// care needs to be taken to avoid conflict
 	eor	@vtmp[0].16b,@vtmp[0].16b,$ivec1.16b
 	ld1	{@vtmpx[0].4s,@vtmpx[1].4s,@vtmpx[2].4s,@vtmpx[3].4s},[$inp],#64
diff --git a/crypto/sm4/asm/vpsm4_ex-armv8.pl b/crypto/sm4/asm/vpsm4_ex-armv8.pl
index 27dd25aa53..b7f1a66222 100644
--- a/crypto/sm4/asm/vpsm4_ex-armv8.pl
+++ b/crypto/sm4/asm/vpsm4_ex-armv8.pl
@@ -927,7 +927,7 @@ ___
 $code.=<<___;
 	ld1	{$ivec1.4s},[$ivp]
 	ld1	{@datax[0].4s,@datax[1].4s,@datax[2].4s,@datax[3].4s},[$inp],#64
-	// note ivec1 and vtmpx[3] are resuing the same register
+	// note ivec1 and vtmpx[3] are reusing the same register
 	// care needs to be taken to avoid conflict
 	eor	@vtmp[0].16b,@vtmp[0].16b,$ivec1.16b
 	ld1	{@vtmpx[0].4s,@vtmpx[1].4s,@vtmpx[2].4s,@vtmpx[3].4s},[$inp],#64
diff --git a/doc/internal/man3/ossl_method_construct.pod b/doc/internal/man3/ossl_method_construct.pod
index 3683798b06..603930dc1f 100644
--- a/doc/internal/man3/ossl_method_construct.pod
+++ b/doc/internal/man3/ossl_method_construct.pod
@@ -93,7 +93,7 @@ This default store should be stored in the library context I<libctx>.
 The method to be looked up should be identified with data found in I<data>
 (which is the I<mcm_data> that was passed to ossl_construct_method()).
 In other words, the ossl_method_construct() caller is entirely responsible
-for ensuring the necesssary data is made available.
+for ensuring the necessary data is made available.
 
 Optionally, I<prov> may be given as a search criterion, to narrow down the
 search of a method belonging to just one provider.
diff --git a/include/internal/quic_srtm.h b/include/internal/quic_srtm.h
index 830c399275..d60c285e22 100644
--- a/include/internal/quic_srtm.h
+++ b/include/internal/quic_srtm.h
@@ -26,7 +26,7 @@
  * The stateless reset token manager is responsible for mapping stateless reset
  * tokens to connections. It is used to identify stateless reset tokens in
  * incoming packets. In this regard it can be considered an alternate "routing"
- * mechanism for incoming packets, and is somewhat analagous with the LCIDM,
+ * mechanism for incoming packets, and is somewhat analogous with the LCIDM,
  * except that it uses SRTs to route rather than DCIDs.
  *
  * The SRTM specifically stores a bidirectional mapping of the form
diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c b/providers/implementations/keymgmt/dsa_kmgmt.c
index 3fdc78432b..88a2feda57 100644
--- a/providers/implementations/keymgmt/dsa_kmgmt.c
+++ b/providers/implementations/keymgmt/dsa_kmgmt.c
@@ -479,7 +479,7 @@ static int dsa_gen_set_params(void *genctx, const OSSL_PARAM params[])
         }
 
         /*
-         * Ony assign context gen_type if it was set by dsa_gen_type_name2id
+         * Only assign context gen_type if it was set by dsa_gen_type_name2id
          * must be in range:
          * DSA_PARAMGEN_TYPE_FIPS_186_4 <= gen_type <= DSA_PARAMGEN_TYPE_FIPS_DEFAULT
          */
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index cf59d2dfa5..13326d8925 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -343,7 +343,7 @@ static int dane_tlsa_add(SSL_DANE *dane,
                 /*
                  * The Full(0) certificate decodes to a seemingly valid X.509
                  * object with a plausible key, so the TLSA record is well
-                 * formed.  However, we don't actually need the certifiate for
+                 * formed.  However, we don't actually need the certificate for
                  * usages PKIX-EE(1) or DANE-EE(3), because at least the EE
                  * certificate is always presented by the peer.  We discard the
                  * certificate, and just use the TLSA data as an opaque blob
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index c4287bd853..21db977c88 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -582,7 +582,7 @@ int tls_parse_ctos_psk_kex_modes(SSL_CONNECTION *s, PACKET *pkt,
          * mode. DHE PSK will not be used for sure, because in any case where
          * it would be supported (i.e. if a key share is present), NO_DHE would
          * be supported as well. As the latter is preferred it would be
-         * choosen. By removing DHE PSK here, we don't have to deal with the
+         * chosen. By removing DHE PSK here, we don't have to deal with the
          * SSL_OP_PREFER_NO_DHE_KEX option in any other place.
          */
         s->ext.psk_kex_mode = TLSEXT_KEX_MODE_FLAG_KE;
diff --git a/test/recipes/70-test_tls13alerts.t b/test/recipes/70-test_tls13alerts.t
index e71fd23edb..152e6cc130 100644
--- a/test/recipes/70-test_tls13alerts.t
+++ b/test/recipes/70-test_tls13alerts.t
@@ -39,7 +39,7 @@ $proxy->filter(\&alert_filter);
 $proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
 plan tests => 1;
 my $alert = TLSProxy::Message->alert();
-ok(TLSProxy::Message->fail() && !$alert->server() && !$alert->encrypted(), "Client sends an unecrypted alert");
+ok(TLSProxy::Message->fail() && !$alert->server() && !$alert->encrypted(), "Client sends an unencrypted alert");
 
 sub alert_filter
 {
diff --git a/test/sslapitest.c b/test/sslapitest.c
index e2c4563fd3..021b50e8e5 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -5597,7 +5597,7 @@ static int test_tls13_psk(int idx)
 /*
  * Test TLS1.3 connection establishment succeeds with various configurations of
  * the options `SSL_OP_ALLOW_NO_DHE_KEX` and `SSL_OP_PREFER_NO_DHE_KEX`.
- * The verification of whether the right KEX mode is choosen is not covered by
+ * The verification of whether the right KEX mode is chosen is not covered by
  * this test but by `test_tls13kexmodes`.
  *
  * Tests (idx & 1): Server has `SSL_OP_ALLOW_NO_DHE_KEX` set.
@@ -11316,7 +11316,7 @@ static int test_data_retry(void)
         if (!TEST_int_eq(SSL_get_error(clientssl, 0), SSL_ERROR_WANT_WRITE))
             goto end;
 
-        /* Allow one write to progess, but the next one to signal retry */
+        /* Allow one write to progress, but the next one to signal retry */
         if (!TEST_true(BIO_ctrl(bretry, MAYBE_RETRY_CTRL_SET_RETRY_AFTER_CNT, 1,
                                 NULL)))
             goto end;
-- 
2.34.1