travis_terminate 1;
fi
- if ! git diff --exit-code; then
- echo -e '\052\052 FAILED -- UPDATED FILES NOT COMMITED';
+ echo -e '\052\052 FAILED -- UPDATED FILES NOT COMMITTED';
travis_terminate 1;
fi
- if test -n "$GENERATE" && ! $make build_all_generated; then
# primarily because vendor assembler can't assemble our modules
# with -KPIC flag. As result it, assembly support, was not even
# available as option. But its lack means lack of side-channel
- # resistant code, which is incompatible with security by todays
+ # resistant code, which is incompatible with security by today's
# standards. Fortunately gcc is readily available prepackaged
# option, which we can firmly point at...
#
debug => "/DEBUG/TRACEBACK",
release => "/NODEBUG/NOTRACEBACK"),
# Because of dso_cflags below, we can't set the generic |cflags| here,
- # as it can't be overriden, so we set separate C flags for libraries
+ # as it can't be overridden, so we set separate C flags for libraries
# and binaries instead.
bin_cflags => add("/NAMES=(AS_IS,SHORTENED)/EXTERN_MODEL=STRICT_REFDEF"),
lib_cflags => add("/NAMES=(AS_IS,SHORTENED)/EXTERN_MODEL=STRICT_REFDEF"),
HASHBANGPERL
The command string for the Perl executable to insert in the
- #! line of perl scripts that will be publically installed.
+ #! line of perl scripts that will be publicly installed.
Default: /usr/bin/env perl
Note: the value of this variable is added to the same scripts
on all platforms, but it's only relevant on Unix-like platforms.
-# Auxilliary program source
+# Auxiliary program source
IF[{- $config{target} =~ /^(?:VC-|mingw)/ -}]
# It's called 'init', but doesn't have much 'init' in it...
$AUXLIBAPPSSRC=win32_init.c
(*salt_p)[i] = cov_2char[(*salt_p)[i] & 0x3f]; /* 6 bits */
(*salt_p)[i] = 0;
# ifdef CHARSET_EBCDIC
- /* The password encryption funtion will convert back to ASCII */
+ /* The password encryption function will convert back to ASCII */
ascii2ebcdic(*salt_p, *salt_p, saltlen);
# endif
}
# nothing one can do and the result appears optimal. CCM result is
# identical to CBC, because CBC-MAC is essentially CBC encrypt without
# saving output. CCM CTR "stays invisible," because it's neatly
-# interleaved wih CBC-MAC. This provides ~30% improvement over
+# interleaved with CBC-MAC. This provides ~30% improvement over
# "straightforward" CCM implementation with CTR and CBC-MAC performed
# disjointly. Parallelizable modes practically achieve the theoretical
# limit.
# - code was made position-independent;
# - rounds were folded into a loop resulting in >5x size reduction
# from 12.5KB to 2.2KB;
-# - above was possibile thanks to mixcolumns() modification that
+# - above was possible thanks to mixcolumns() modification that
# allowed to feed its output back to aesenc[last], this was
# achieved at cost of two additional inter-registers moves;
# - some instruction reordering and interleaving;
/*
* Outputs the DER encoding of a DSA-Sig-Value or ECDSA-Sig-Value to pkt. pkt
* may be initialised with a NULL buffer which enables pkt to be used to
- * calulate how many bytes would be needed.
+ * calculate how many bytes would be needed.
*
* Returns 1 on success or 0 on error.
*/
! technique.
!
! The macro also loads address sbox 1 to 5 to global 1 to 5, address
-! sbox 6 to local6, and addres sbox 8 to out3.
+! sbox 6 to local6, and address sbox 8 to out3.
!
-! Rotates the halfs 3 left to bring the sbox bits in convenient positions.
+! Rotates the halves 3 left to bring the sbox bits in convenient positions.
!
! Loads key first round from address in parameter 5 to out0, out1.
!
! After the original LibDES initial permutation, the resulting left
! is in the variable initially used for right and vice versa. The macro
-! implements the possibility to keep the halfs in the original registers.
+! implements the possibility to keep the halves in the original registers.
!
! parameter 1 left
! parameter 2 right
add %o7,global1,global1
sub global1,.PIC.DES_SPtrans-.des_and,out2
- ! Set sbox address 1 to 6 and rotate halfs 3 left
+ ! Set sbox address 1 to 6 and rotate halves 3 left
! Errors caught by destest? Yes. Still? *NO*
!sethi %hi(DES_SPtrans), global1 ! address sbox 1
PROP_R_NOT_AN_IDENTIFIER:103:not an identifier
PROP_R_NOT_AN_OCTAL_DIGIT:104:not an octal digit
PROP_R_NOT_A_DECIMAL_DIGIT:105:not a decimal digit
-PROP_R_NO_MATCHING_STRING_DELIMETER:106:no matching string delimeter
+PROP_R_NO_MATCHING_STRING_DELIMITER:106:no matching string delimiter
PROP_R_NO_VALUE:107:no value
PROP_R_PARSE_FAILED:108:parse failed
PROP_R_STRING_TOO_LONG:109:string too long
if (type->prov == NULL) {
#ifdef FIPS_MODE
- /* We only do explict fetches inside the FIPS module */
+ /* We only do explicit fetches inside the FIPS module */
EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR);
return 0;
#else
} icv;
unsigned char k[32];
} kmac_param;
- /* KMAC-AES paramater block - end */
+ /* KMAC-AES parameter block - end */
union {
unsigned long long g[2];
return 0;
/*
- * Impose a limit of 2^20 blocks per data unit as specifed by
+ * Impose a limit of 2^20 blocks per data unit as specified by
* IEEE Std 1619-2018. The earlier and obsolete IEEE Std 1619-2007
* indicated that this was a SHOULD NOT rather than a MUST NOT.
* NIST SP 800-38E mandates the same limit.
if (cipher->prov == NULL) {
#ifdef FIPS_MODE
- /* We only do explict fetches inside the FIPS module */
+ /* We only do explicit fetches inside the FIPS module */
EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
return 0;
#else
}
/*
- * TODO(3.0) Re-evalutate the names, it's possible that we find these to be
+ * TODO(3.0) Re-evaluate the names, it's possible that we find these to be
* better:
*
* EVP_PKEY_param_settable()
"not an octal digit"},
{ERR_PACK(ERR_LIB_PROP, 0, PROP_R_NOT_A_DECIMAL_DIGIT),
"not a decimal digit"},
- {ERR_PACK(ERR_LIB_PROP, 0, PROP_R_NO_MATCHING_STRING_DELIMETER),
- "no matching string delimeter"},
+ {ERR_PACK(ERR_LIB_PROP, 0, PROP_R_NO_MATCHING_STRING_DELIMITER),
+ "no matching string delimiter"},
{ERR_PACK(ERR_LIB_PROP, 0, PROP_R_NO_VALUE), "no value"},
{ERR_PACK(ERR_LIB_PROP, 0, PROP_R_PARSE_FAILED), "parse failed"},
{ERR_PACK(ERR_LIB_PROP, 0, PROP_R_STRING_TOO_LONG), "string too long"},
s++;
}
if (*s == '\0') {
- ERR_raise_data(ERR_LIB_PROP, PROP_R_NO_MATCHING_STRING_DELIMETER,
+ ERR_raise_data(ERR_LIB_PROP, PROP_R_NO_MATCHING_STRING_DELIMITER,
"HERE-->%c%s", delim, *t);
return 0;
}
/*
* Handle the cases of a missing value and a query with no corresponding
- * definition. The former fails for any comparision except inequality,
+ * definition. The former fails for any comparison except inequality,
* the latter is treated as a comparison against the Boolean false.
*/
if (q[i].type == PROPERTY_TYPE_VALUE_UNDEFINED) {
/*
* Add process id, thread id, and a high resolution timestamp
* (where available, which is OpenVMS v8.4 and up) to ensure that
- * the nonce is unique whith high probability for different process
+ * the nonce is unique with high probability for different process
* instances.
*/
data.pid = getpid();
/*
* Add process id, thread id, and a high resolution timestamp to
- * ensure that the nonce is unique whith high probability for
+ * ensure that the nonce is unique with high probability for
* different process instances.
*/
data.pid = GetCurrentProcessId();
if (shift >= 0) {
/*
* We don't have all the bits. bn_inv_sqrt_2 contains a rounded up
- * value, so there is a very low probabilty that we'll reject a valid
+ * value, so there is a very low probability that we'll reject a valid
* value.
*/
if (!BN_lshift(low, low, shift))
/*
* |ser| value NULL is valid, and signifies that there is no serializer.
* This is useful to provide fallback mechanisms.
- * Funtions that want to verify if there is a serializer can do so with
+ * Functions that want to verify if there is a serializer can do so with
* OSSL_SERIALIZER_CTX_get_serializer()
*/
OSSL_SERIALIZER_CTX *OSSL_SERIALIZER_CTX_new(OSSL_SERIALIZER *ser)
stopping the stop handler is called (while on that thread) and the code can
clean up the value stored in the thread local variable.
-A new stop handler is registerd using the function ossl_init_thread_start().
+A new stop handler is registered using the function ossl_init_thread_start().
The I<index> parameter should be a unique value that can be used to identify a
set of common stop handlers and is passed in a later call to
ossl_init_thread_deregister. If no later call to ossl_init_thread_deregister is
This may be NULL, and is perfectly valid, as it denotes the default
global library context.
-ossl_provider_teardown() doesnt't return any value.
+ossl_provider_teardown() doesn't return any value.
ossl_provider_gettable_params() returns a pointer to a constant
I<OSSL_PARAM> array if this function is available in the provider,
(programs, libraries, modules or scripts) are to be produced, and from
what sources.
-Intermediate files, such as object files, are seldom refered to at
+Intermediate files, such as object files, are seldom referred to at
all. They sometimes can be, if there's a need, but this should happen
very rarely, and support for that sort of thing is added on as-needed
basis.
DEPEND[libfoo.a]{weak}=libfoo.a libcookie.a
-This is useful in complex dependecy trees where two libraries can be
+This is useful in complex dependency trees where two libraries can be
used as alternatives for each other. In this example, C<lib1.a> and
C<lib2.a> have alternative implementations of the same thing, and
C<libmandatory.a> has unresolved references to that same thing, and is
=item B<-xcertform> B<DER>|B<PEM>, B<-xkeyform> B<DER>|B<PEM>
-The input format for the extra certifcate and key, respectively.
+The input format for the extra certificate and key, respectively.
See L<openssl(1)/Format Options> for details.
=back
ASYNC_WAIT_CTX_get_changed_fds, ASYNC_WAIT_CTX_clear_fd,
ASYNC_WAIT_CTX_set_callback, ASYNC_WAIT_CTX_get_callback and
ASYNC_WAIT_CTX_set_status all return 1 on success or 0 on error.
-ASYNC_WAIT_CTX_get_status() returs the engine status.
+ASYNC_WAIT_CTX_get_status() returns the engine status.
=head1 NOTES
error in the thread's error queue.
The values that can be given are the filename I<file>, line in the
file I<line> and the name of the function I<func> where the error
-occured.
+occurred.
The names must be constant, this function will only save away the
pointers, not copy the strings.
=head1 DESCRIPTION
ERR_raise() adds a new error to the thread's error queue. The
-error occured in the library B<lib> for the reason given by the
+error occurred in the library B<lib> for the reason given by the
B<reason> code. Furthermore, the name of the file, the line, and name
-of the function where the error occured is saved with the error
+of the function where the error occurred is saved with the error
record.
ERR_raise_data() does the same thing as ERR_raise(), but also lets the
EVP_CIPHER_gettable_params(), EVP_CIPHER_gettable_ctx_params(), and
EVP_CIPHER_settable_ctx_params() get a constant B<OSSL_PARAM> array
-that decribes the retrievable and settable parameters, i.e. parameters
+that describes the retrievable and settable parameters, i.e. parameters
that can be used with EVP_CIPHER_get_params(), EVP_CIPHER_CTX_get_params()
and EVP_CIPHER_CTX_set_params(), respectively.
See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as parameter descriptor.
EVP_KDF_gettable_params(), EVP_KDF_gettable_ctx_params() and
EVP_KDF_settable_ctx_params() get a constant B<OSSL_PARAM> array that
-decribes the retrievable and settable parameters, i.e. parameters that
+describes the retrievable and settable parameters, i.e. parameters that
can be used with EVP_KDF_get_params(), EVP_KDF_CTX_get_params()
and EVP_KDF_CTX_set_params(), respectively.
See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as parameter descriptor.
EVP_MAC_gettable_params(), EVP_MAC_gettable_ctx_params() and
EVP_MAC_settable_ctx_params() get a constant B<OSSL_PARAM> array that
-decribes the retrievable and settable parameters, i.e. parameters that
+describes the retrievable and settable parameters, i.e. parameters that
can be used with EVP_MAC_get_params(), EVP_MAC_CTX_get_params()
and EVP_MAC_CTX_set_params(), respectively.
See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as parameter descriptor.
=back
EVP_PKEY_CTX_gettable_params() and EVP_PKEY_CTX_settable_params() gets a
-constant B<OSSL_PARAM> array that decribes the gettable and
+constant B<OSSL_PARAM> array that describes the gettable and
settable parameters for the current algorithm implementation, i.e. parameters
that can be used with EVP_PKEY_CTX_get_params() and EVP_PKEY_CTX_set_params()
respectively.
Otherwise, it yields "(unknown function)".
The macro B<OPENSSL_MSTR> yields the expansion of the macro given as argument,
-which is useful for concatentation with string constants.
+which is useful for concatenation with string constants.
The macro B<OPENSSL_MSTR_HELPER> is an auxiliary macro for this purpose.
=head1 RETURN VALUES
=item C<OSSL_TRACE_CATEGORY_TLS>
-Traces the TLS/SSL protocoll.
+Traces the TLS/SSL protocol.
=item C<OSSL_TRACE_CATEGORY_TLS_CIPHER>
-Traces the ciphers used by the TLS/SSL protocoll.
+Traces the ciphers used by the TLS/SSL protocol.
=item C<OSSL_TRACE_CATEGORY_ENGINE_CONF>
=head1 RETURN VALUES
-RAND_set_rand_method() returns 1 on success and 0 on failue.
+RAND_set_rand_method() returns 1 on success and 0 on failure.
RAND_get_rand_method() and RAND_OpenSSL() return pointers to the respective
methods.
The callback should return B<SSL_ERROR_NONE> to proceed with the server key exchange,
B<SSL3_AL_FATAL> for a fatal error or any value < 0 for a retryable error.
In the event of a B<SSL3_AL_FATAL> the alert flag given by B<*al> will be sent
-back. By default this will be B<SSL_AD_UNKOWN_PSK_IDENTITY>.
+back. By default this will be B<SSL_AD_UNKNOWN_PSK_IDENTITY>.
The SSL_CTX_set_srp_client_pwd_callback() function sets the client password
callback on the client.
=item B<OPENSSL_CONF>
-Specfies the path to a configuration file.
+Specifies the path to a configuration file.
See L<openssl(1)> and L<config(5)>.
=item B<OPENSSL_ENGINES>
sets debugging information in the current thread specific error
record.
The debugging information includes the name of the file I<file>, the
-line I<line> and the function name I<func> where the error occured.
+line I<line> and the function name I<func> where the error occurred.
This corresponds to the OpenSSL function L<ERR_set_debug(3)>.
arguments I<args>, which are treated in the same manner as with
BIO_vsnprintf().
I<file> and I<line> may also be passed to indicate exactly where the
-error occured or was reported.
+error occurred or was reported.
This corresponds to the OpenSSL function L<ERR_vset_error(3)>.
Setting a TLS fixed IV changes a cipher to encrypt/decrypt TLS records.
TLS records are encrypted/decrypted using a single OP_cipher_cipher call per
record.
-For a record decryption the first bytes of the input buffer will be the explict
+For a record decryption the first bytes of the input buffer will be the explicit
part of the IV and the final bytes of the input buffer will be the AEAD tag.
The length of the explicit part of the IV and the tag length will depend on the
cipher in use and will be defined in the RFC for the relevant ciphersuite.
structure for holding context information during a key exchange operation.
A pointer to this context will be passed back in a number of the other key
exchange operation function calls.
-The param
ater I<provctx> is the provider context generated during provider
+The param
eter I<provctx> is the provider context generated during provider
initialisation (see L<provider(7)>).
OP_keyexch_freectx() is passed a pointer to the provider side key exchange
=head2 Shared Secret Derivation Functions
OP_keyexch_init() initialises a key exchange operation given a provider side key
-exchange context in the I<ctx> paramter, and a pointer to a provider key object
+exchange context in the I<ctx> parameter, and a pointer to a provider key object
in the I<provkey> parameter. The key object should have been previously
generated, loaded or imported into the provider using the key management
(OSSL_OP_KEYMGMT) operation (see provider-keymgmt(7)>.
=back
OP_keyexch_settable_ctx_params() gets a constant B<OSSL_PARAM> array that
-decribes the settable parameters, i.e. parameters that can be used with
+describes the settable parameters, i.e. parameters that can be used with
OP_signature_set_ctx_params().
See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as parameter descriptor.
structure for holding context information during a mac operation.
A pointer to this context will be passed back in a number of the other mac
operation function calls.
-The param
ater I<provctx> is the provider context generated during provider
+The param
eter I<provctx> is the provider context generated during provider
initialisation (see L<provider(7)>).
OP_mac_freectx() is passed a pointer to the provider side mac context in
=head2 Encryption/Decryption Functions
OP_mac_init() initialises a mac operation given a newly created provider
-side mac context in the I<mctx> paramter.
+side mac context in the I<mctx> parameter.
OP_mac_update() is called to supply data for MAC computation of a previously
initialised mac operation.
=back
OP_signature_gettable_ctx_params() and OP_signature_settable_ctx_params() get a
-constant B<OSSL_PARAM> array that decribes the gettable and settable parameters,
+constant B<OSSL_PARAM> array that describes the gettable and settable parameters,
i.e. parameters that can be used with OP_signature_get_ctx_params() and
OP_signature_set_ctx_params() respectively.
See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as parameter descriptor.
# define PROP_R_NOT_AN_IDENTIFIER 103
# define PROP_R_NOT_AN_OCTAL_DIGIT 104
# define PROP_R_NOT_A_DECIMAL_DIGIT 105
-# define PROP_R_NO_MATCHING_STRING_DELIMETER 106
+# define PROP_R_NO_MATCHING_STRING_DELIMITER 106
# define PROP_R_NO_VALUE 107
# define PROP_R_PARSE_FAILED 108
# define PROP_R_STRING_TOO_LONG 109
* Names:
* for any function base name 'foo' (uppercase form 'FOO'), we will have
* the following:
- * - a macro for the identity with the name OSSL_FUNC_'FOO' or derivates
+ * - a macro for the identity with the name OSSL_FUNC_'FOO' or derivatives
* thereof (to be specified further down)
* - a function signature typedef with the name OSSL_'foo'_fn
* - a function pointer extractor function with the name OSSL_'foo'
# needed both by non-legacy and legacy code.
#
# libimplementations.a Contains all non-legacy implementations.
-# liblegacy.a Contains all legacy implementaions.
+# liblegacy.a Contains all legacy implementations.
#
# libfips.a Contains all things needed to support
# FIPS implementations, such as code from
return 0;
/*
- * Impose a limit of 2^20 blocks per data unit as specifed by
+ * Impose a limit of 2^20 blocks per data unit as specified by
* IEEE Std 1619-2018. The earlier and obsolete IEEE Std 1619-2007
* indicated that this was a SHOULD NOT rather than a MUST NOT.
* NIST SP 800-38E mandates the same limit.
#include "prov/implementations.h"
#include "prov/providercommonerr.h"
-/* TODO (3.0) Figure out what flags are requred */
+/* TODO (3.0) Figure out what flags are required */
#define TDES_WRAP_FLAGS (EVP_CIPH_WRAP_MODE | EVP_CIPH_CUSTOM_IV)
* SSLfatal() for internal errors, but not otherwise.
*
* Returns:
- * 0: (in non-constant time) if the record is publically invalid (i.e. too
+ * 0: (in non-constant time) if the record is publicly invalid (i.e. too
* short etc).
* 1: if the record's padding is valid / the encryption was successful.
* -1: if the record's padding is invalid or, if sending, an internal error
* internal errors, but not otherwise.
*
* Returns:
- * 0: (in non-constant time) if the record is publically invalid (i.e. too
+ * 0: (in non-constant time) if the record is publicly invalid (i.e. too
* short etc).
* 1: if the record's padding is valid / the encryption was successful.
* -1: if the record's padding/AEAD-authenticator is invalid or, if sending,
} else if ((bs != 1) && sending) {
padnum = bs - (reclen[ctr] % bs);
- /* Add weird padding of upto 256 bytes */
+ /* Add weird padding of up to 256 bytes */
if (padnum > MAX_PADDING) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_ENC,
enc_err = s->method->ssl3_enc->enc(s, rr, 1, 0);
/*-
* enc_err is:
- * 0: (in non-constant time) if the record is publically invalid.
+ * 0: (in non-constant time) if the record is publicly invalid.
* 1: if the padding is valid
* -1: if the padding is invalid
*/
* internal errors, but not otherwise.
*
* Returns:
- * 0: (in non-constant time) if the record is publically invalid (i.e. too
+ * 0: (in non-constant time) if the record is publicly invalid (i.e. too
* short etc).
* 1: if the record encryption was successful.
* -1: if the record's AEAD-authenticator is invalid or, if sending,
unsigned char hash[EVP_MAX_MD_SIZE * 2];
size_t hashlen;
/*
- * Digest cached records keeping record buffer (if present): this wont
+ * Digest cached records keeping record buffer (if present): this won't
* affect client auth because we're freezing the buffer at the same
* point (after client key exchange and before certificate verify)
*/
n_success += test_rand_range_single(i);
if (TEST_int_ge(n_success, binomial_critical))
return 1;
- TEST_note("This test is expeced to fail by chance 0.01%% of the time.");
+ TEST_note("This test is expected to fail by chance 0.01%% of the time.");
return 0;
}
# Most of all, ../apps/lib/apps.c needs to be divided in smaller pieces to
# be useful here.
#
-# Auxilliary program source (copied from ../apps/build.info)
+# Auxiliary program source (copied from ../apps/build.info)
IF[{- $config{target} =~ /^(?:VC-|mingw)/ -}]
# It's called 'init', but doesn't have much 'init' in it...
$AUXLIBAPPSSRC=../apps/lib/win32_init.c
my $markup_re =
qr/( # Capture group
[BIL]< # The start of what we recurse on
- (?:(?-1)|.)*? # recurse the whole regexp (refering to
+ (?:(?-1)|.)*? # recurse the whole regexp (referring to
# the last opened capture group, i.e. the
# start of this regexp), or pick next
# character. Do NOT be greedy!
=item B<< filter => FILTERFUNCTION >>
-FILTERFUNTION is a reference to a function that takes one argument, which
+FILTERFUNCTION is a reference to a function that takes one argument, which
is every OpenSSL::Ordinals::Item element available.
=back
} else {
# It's a bit counter-intuitive spot to make next connection to
# the s_server. Rationale is that established connection works
- # as syncronization point, in sense that this way we know that
+ # as synchronization point, in sense that this way we know that
# s_server is actually done with current session...
$self->connect_to_server();
}
projects / openssl.git / commitdiff