diff --git a/doxygen/input/doc_encdec.h b/doxygen/input/doc_encdec.h index 96734bdd8..ec149aef7 100644 --- a/doxygen/input/doc_encdec.h +++ b/doxygen/input/doc_encdec.h @@ -38,7 +38,7 @@ * All symmetric encryption algorithms are accessible via the generic cipher layer * (see \c mbedtls_cipher_setup()). * - * The asymmetric encryptrion algorithms are accessible via the generic public + * The asymmetric encryption algorithms are accessible via the generic public * key layer (see \c mbedtls_pk_init()). * * The following algorithms are provided: diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h index 555472089..e6f0479ca 100644 --- a/include/mbedtls/asn1write.h +++ b/include/mbedtls/asn1write.h @@ -352,7 +352,7 @@ int mbedtls_asn1_write_octet_string( unsigned char **p, const unsigned char *sta * the existing buffer to fit \p val_len. * * \return A pointer to the new / existing entry on success. - * \return \c NULL if if there was a memory allocation error. + * \return \c NULL if there was a memory allocation error. */ mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( mbedtls_asn1_named_data **list, const char *oid, size_t oid_len, diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 7f5558087..2d1e5fa2a 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -905,7 +905,7 @@ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT) && \ !defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) -#error "MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT defined, but not all prerequsites" +#error "MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT defined, but not all prerequisites" #endif #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT) && MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT != 0 diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index 5b27dda2a..5727c5eb7 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -7,7 +7,7 @@ * those definitions to define symbols used in the library code. * * Users and integrators should not edit this file, please edit - * include/mbedtls/mbedtls_config.h for MBETLS_XXX settings or + * include/mbedtls/mbedtls_config.h for MBEDTLS_XXX settings or * include/psa/crypto_config.h for PSA_WANT_XXX settings. */ /* diff --git a/include/mbedtls/lms.h b/include/mbedtls/lms.h index fe87d40a5..1179cd1b3 100644 --- a/include/mbedtls/lms.h +++ b/include/mbedtls/lms.h @@ -58,7 +58,7 @@ #define MBEDTLS_LMS_TYPE_LEN (4) #define MBEDTLS_LMS_H_TREE_HEIGHT(type) ((type) == MBEDTLS_LMS_SHA256_M32_H10 ? 10u : 0) -/* The length of a hash output, Currently only imlemented for SHA256. +/* The length of a hash output, Currently only implemented for SHA256. * Max is 32 bytes. */ #define MBEDTLS_LMS_M_NODE_BYTES(type) ((type) == MBEDTLS_LMS_SHA256_M32_H10 ? 32 : 0) @@ -82,7 +82,7 @@ extern "C" { /** The Identifier of the LMS parameter set, as per * https://www.iana.org/assignments/leighton-micali-signatures/leighton-micali-signatures.xhtml - * We are only implementing a subset of the types, particularly H10, for the sake of simplicty. + * We are only implementing a subset of the types, particularly H10, for the sake of simplicity. */ typedef enum { MBEDTLS_LMS_SHA256_M32_H10 = 0x6, @@ -90,7 +90,7 @@ typedef enum { /** The Identifier of the LMOTS parameter set, as per * https://www.iana.org/assignments/leighton-micali-signatures/leighton-micali-signatures.xhtml. - * We are only implementing a subset of the types, particularly N32_W8, for the sake of simplicty. + * We are only implementing a subset of the types, particularly N32_W8, for the sake of simplicity. */ typedef enum { MBEDTLS_LMOTS_SHA256_N32_W8 = 4 diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 826ab6459..6b2e280d4 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -1543,7 +1543,7 @@ * Requires: MBEDTLS_SSL_KEEP_PEER_CERTIFICATE * Requires: MBEDTLS_PSA_CRYPTO_C * - * Note: even though TLS 1.3 depends on PSA Crypto, and uses it unconditonally + * Note: even though TLS 1.3 depends on PSA Crypto, and uses it unconditionally * for most operations, if you want it to only use PSA for all crypto * operations, you need to also enable MBEDTLS_USE_PSA_CRYPTO; otherwise X.509 * operations, and functions that are common with TLS 1.2 (record protection, diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h index 1b87aea92..327996a9e 100644 --- a/include/mbedtls/pkcs12.h +++ b/include/mbedtls/pkcs12.h @@ -94,7 +94,7 @@ int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, * no byte order mark and with a null terminator (i.e. the * last two bytes should be 0x00 0x00). * \param pwdlen length of the password (may be 0). - * \param salt Salt buffer to use This may only be \c NULL when + * \param salt Salt buffer to use. This may only be \c NULL when * \p saltlen is 0. * \param saltlen length of the salt (may be zero) * \param mbedtls_md mbedtls_md type to use during the derivation diff --git a/include/mbedtls/pkcs7.h b/include/mbedtls/pkcs7.h index 79ab82fff..bf61a63a0 100644 --- a/include/mbedtls/pkcs7.h +++ b/include/mbedtls/pkcs7.h @@ -245,7 +245,7 @@ int mbedtls_pkcs7_signed_data_verify( mbedtls_pkcs7 *pkcs7, * \param hashlen Length of the hash. * * \note This function is different from mbedtls_pkcs7_signed_data_verify() - * in a way that it directly recieves the hash of the data. + * in a way that it directly receives the hash of the data. * * \return 0 if the signature verifies, or a negative error code on failure. */ diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 002551f03..2bfaf8f71 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -239,7 +239,7 @@ int mbedtls_rsa_import( mbedtls_rsa_context *ctx, * \param N The RSA modulus. This may be \c NULL. * \param N_len The Byte length of \p N; it is ignored if \p N == NULL. * \param P The first prime factor of \p N. This may be \c NULL. - * \param P_len The Byte length of \p P; it ns ignored if \p P == NULL. + * \param P_len The Byte length of \p P; it is ignored if \p P == NULL. * \param Q The second prime factor of \p N. This may be \c NULL. * \param Q_len The Byte length of \p Q; it is ignored if \p Q == NULL. * \param D The private exponent. This may be \c NULL. diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 3165cd56a..05ccee414 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2136,7 +2136,7 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, * the `ServerHello` contains the CID extension, too, * the CID extension will actually be put to use. * - On the Server, enabling the use of the CID through - * this call implies that that the server will look for + * this call implies that the server will look for * the CID extension in a `ClientHello` from the client, * and, if present, reply with a CID extension in its * `ServerHello`. @@ -2582,7 +2582,7 @@ static inline uintptr_t mbedtls_ssl_conf_get_user_data_n( * \note The library stores \c p without accessing it. It is the responsibility * of the caller to ensure that the pointer remains valid. * - * \param ssl The SSL context context to modify. + * \param ssl The SSL context to modify. * \param p The new value of the user data. */ static inline void mbedtls_ssl_set_user_data_p( @@ -2596,7 +2596,7 @@ static inline void mbedtls_ssl_set_user_data_p( * * You can retrieve this value later with mbedtls_ssl_get_user_data_n(). * - * \param ssl The SSL context context to modify. + * \param ssl The SSL context to modify. * \param n The new value of the user data. */ static inline void mbedtls_ssl_set_user_data_n( @@ -2613,7 +2613,7 @@ static inline void mbedtls_ssl_set_user_data_n( * called. The value is undefined if mbedtls_ssl_set_user_data_n() has * been called without a subsequent call to mbedtls_ssl_set_user_data_p(). * - * \param ssl The SSL context context to modify. + * \param ssl The SSL context to modify. * \return The current value of the user data. */ static inline void *mbedtls_ssl_get_user_data_p( @@ -2629,7 +2629,7 @@ static inline void *mbedtls_ssl_get_user_data_p( * called. The value is undefined if mbedtls_ssl_set_user_data_p() has * been called without a subsequent call to mbedtls_ssl_set_user_data_n(). * - * \param ssl The SSL context context to modify. + * \param ssl The SSL context to modify. * \return The current value of the user data. */ static inline uintptr_t mbedtls_ssl_get_user_data_n( diff --git a/include/psa/crypto.h b/include/psa/crypto.h index a71ca3fd6..03181ed33 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -525,7 +525,7 @@ psa_status_t psa_copy_key(mbedtls_svc_key_id_t source_key, * * This function destroys a key from both volatile * memory and, if applicable, non-volatile storage. Implementations shall - * make a best effort to ensure that that the key material cannot be recovered. + * make a best effort to ensure that the key material cannot be recovered. * * This function also erases any metadata such as policies and frees * resources associated with the key. @@ -3823,7 +3823,7 @@ psa_status_t psa_key_derivation_verify_bytes( * compares those bytes to an expected value, provided as key of type * #PSA_KEY_TYPE_PASSWORD_HASH. * If you view the key derivation's output as a stream of bytes, this - * function destructively reads the number of bytes corresponding the the + * function destructively reads the number of bytes corresponding to the * length of the expected value from the stream before comparing them. * The operation's capacity decreases by the number of bytes read. * diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index f0252c88c..225fb1763 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -226,7 +226,7 @@ typedef psa_status_t (*psa_drv_se_mac_finish_t)(void *op_context, * operation by comparing the resulting MAC against a provided value * * \param[in,out] op_context A hardware-specific structure for the previously - * started MAC operation to be fiinished + * started MAC operation to be finished * \param[in] p_mac The MAC value against which the resulting MAC * will be compared against * \param[in] mac_length The size in bytes of the value stored in `p_mac` @@ -337,7 +337,7 @@ typedef struct { /** Function that completes a MAC operation with a verify check */ psa_drv_se_mac_finish_verify_t MBEDTLS_PRIVATE(p_finish_verify); - /** Function that aborts a previoustly started MAC operation + /** Function that aborts a previously started MAC operation */ psa_drv_se_mac_abort_t MBEDTLS_PRIVATE(p_abort); /** Function that performs a MAC operation in one call @@ -746,7 +746,7 @@ typedef psa_status_t (*psa_drv_se_aead_encrypt_t)(psa_drv_se_context_t *drv_cont size_t ciphertext_size, size_t *p_ciphertext_length); -/** A function that peforms a secure element authenticated decryption operation +/** A function that performs a secure element authenticated decryption operation * * \param[in,out] drv_context The driver context structure. * \param[in] key_slot Slot containing the key to use @@ -1157,7 +1157,7 @@ typedef struct { * * Different key derivation algorithms require a different number of inputs. * Instead of having an API that takes as input variable length arrays, which - * can be problemmatic to manage on embedded platforms, the inputs are passed + * can be problematic to manage on embedded platforms, the inputs are passed * to the driver via a function, `psa_drv_se_key_derivation_collateral`, that * is called multiple times with different `collateral_id`s. Thus, for a key * derivation algorithm that required 3 parameter inputs, the flow would look @@ -1271,7 +1271,7 @@ typedef struct { psa_drv_se_key_derivation_collateral_t MBEDTLS_PRIVATE(p_collateral); /** Function that performs a final key derivation step */ psa_drv_se_key_derivation_derive_t MBEDTLS_PRIVATE(p_derive); - /** Function that perforsm a final key derivation or agreement and + /** Function that performs a final key derivation or agreement and * exports the key */ psa_drv_se_key_derivation_export_t MBEDTLS_PRIVATE(p_export); } psa_drv_se_key_derivation_t; diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 231ea624a..b42b2df0d 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -717,7 +717,7 @@ (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) + 11) /* Maximum size of the export encoding of an RSA key pair. - * Assumes thatthe public exponent is less than 2^32 and that the size + * Assumes that the public exponent is less than 2^32 and that the size * difference between the two primes is at most 1 bit. * * RSAPrivateKey ::= SEQUENCE { diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 739062dfe..af61aea9d 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -297,7 +297,7 @@ typedef psa_key_id_t mbedtls_svc_key_id_t; #else /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ /* Implementation-specific: The Mbed Cryptography library can be built as - * part of a multi-client service that exposes the PSA Cryptograpy API in each + * part of a multi-client service that exposes the PSA Cryptography API in each * client and encodes the client identity in the key identifier argument of * functions such as psa_open_key(). */ diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index b465ddb14..c9c1ec05f 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -2577,7 +2577,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * * This flag allows the key to be used for a MAC verification operation * or for an asymmetric signature verification operation, - * if otherwise permitted by by the key's type and policy. + * if otherwise permitted by the key's type and policy. * * For a key pair, this concerns the public key. */ @@ -2587,7 +2587,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * hash. * * This flag allows the key to be used for a key derivation operation or for - * a key agreement operation, if otherwise permitted by by the key's type and + * a key agreement operation, if otherwise permitted by the key's type and * policy. * * If this flag is present on all keys used in calls to @@ -2603,7 +2603,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * This flag allows the key to be used: * * This flag allows the key to be used in a key derivation operation, if - * otherwise permitted by by the key's type and policy. + * otherwise permitted by the key's type and policy. * * If this flag is present on all keys used in calls to * psa_key_derivation_input_key() for a key derivation operation, then it diff --git a/library/aes.c b/library/aes.c index 7d035246f..319d9bb67 100644 --- a/library/aes.c +++ b/library/aes.c @@ -1112,7 +1112,7 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, { /* We are on the last block in a decrypt operation that has * leftover bytes, so we need to use the next tweak for this block, - * and this tweak for the lefover bytes. Save the current tweak for + * and this tweak for the leftover bytes. Save the current tweak for * the leftovers and then update the current tweak for use on this, * the last full block. */ memcpy( prev_tweak, tweak, sizeof( tweak ) ); diff --git a/library/ccm.c b/library/ccm.c index 3edfba366..675783e4c 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -144,7 +144,7 @@ static int ccm_calculate_first_block_if_ready(mbedtls_ccm_context *ctx) unsigned char i; size_t len_left, olen; - /* length calulcation can be done only after both + /* length calculation can be done only after both * mbedtls_ccm_starts() and mbedtls_ccm_set_lengths() have been executed */ if( !(ctx->state & CCM_STATE__STARTED) || !(ctx->state & CCM_STATE__LENGTHS_SET) ) diff --git a/library/debug.c b/library/debug.c index 6114a460f..78ce9cedc 100644 --- a/library/debug.c +++ b/library/debug.c @@ -107,7 +107,7 @@ void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level, /* * With non-blocking I/O and examples that just retry immediately, * the logs would be quickly flooded with WANT_READ, so ignore that. - * Don't ignore WANT_WRITE however, since is is usually rare. + * Don't ignore WANT_WRITE however, since it is usually rare. */ if( ret == MBEDTLS_ERR_SSL_WANT_READ ) return; diff --git a/library/lmots.h b/library/lmots.h index 39e869925..022dcf3d4 100644 --- a/library/lmots.h +++ b/library/lmots.h @@ -139,7 +139,7 @@ int mbedtls_lmots_import_public_key( mbedtls_lmots_public_t *ctx, * this public key. * * \param ctx The initialized LMOTS context that contains the - * publc key. + * public key. * \param key The buffer into which the key will be output. Must * be at least #MBEDTLS_LMOTS_PUBLIC_KEY_LEN in size. * diff --git a/library/mps_reader.c b/library/mps_reader.c index 6f823bde1..df97b6cd1 100644 --- a/library/mps_reader.c +++ b/library/mps_reader.c @@ -530,7 +530,7 @@ int mbedtls_mps_reader_reclaim( mbedtls_mps_reader *rd, * of the accumulator. */ memmove( acc, acc + acc_backup_offset, acc_backup_len ); - /* Copy uncmmitted parts of the current fragment to the + /* Copy uncommitted parts of the current fragment to the * accumulator. */ memcpy( acc + acc_backup_len, frag + frag_backup_offset, frag_backup_len ); diff --git a/library/pkcs7.c b/library/pkcs7.c index e4238b6a3..5b22afac9 100644 --- a/library/pkcs7.c +++ b/library/pkcs7.c @@ -314,7 +314,7 @@ static int pkcs7_get_signer_info( unsigned char **p, unsigned char *end, if( ret != 0 ) goto out; - /* Asssume authenticatedAttributes is nonexistent */ + /* Assume authenticatedAttributes is nonexistent */ ret = pkcs7_get_digest_algorithm( p, end_signer, &signer->sig_alg_identifier ); if( ret != 0 ) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c73f342e2..cb5791fc7 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5998,7 +5998,7 @@ psa_status_t psa_generate_random( uint8_t *output, if( status != PSA_SUCCESS ) return( status ); /* Breaking up a request into smaller chunks is currently not supported - * for the extrernal RNG interface. */ + * for the external RNG interface. */ if( output_length != output_size ) return( PSA_ERROR_INSUFFICIENT_ENTROPY ); return( PSA_SUCCESS ); diff --git a/library/psa_crypto_se.h b/library/psa_crypto_se.h index 549dfb69e..693c3ead5 100644 --- a/library/psa_crypto_se.h +++ b/library/psa_crypto_se.h @@ -139,7 +139,7 @@ psa_status_t psa_find_se_slot_for_key( psa_se_drv_table_entry_t *driver, psa_key_slot_number_t *slot_number ); -/** Destoy a key in a secure element. +/** Destroy a key in a secure element. * * This function calls the relevant driver method to destroy a key * and updates the driver's persistent data. diff --git a/library/ssl_client.c b/library/ssl_client.c index 0f0ea1dc5..2c4ce4316 100644 --- a/library/ssl_client.c +++ b/library/ssl_client.c @@ -784,7 +784,7 @@ static int ssl_prepare_client_hello( mbedtls_ssl_context *ssl ) /* * Generate the random bytes, except when responding to a verify request - * where we MUST reuse the previoulsy generated random bytes + * where we MUST reuse the previously generated random bytes * (RFC 6347 4.2.1). */ #if defined(MBEDTLS_SSL_PROTO_DTLS) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 53d50f23c..5808cab08 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -143,7 +143,7 @@ uint32_t mbedtls_ssl_get_extension_mask( unsigned int extension_type ); MBEDTLS_SSL_EXT_MASK( TRUNCATED_HMAC ) | \ MBEDTLS_SSL_EXT_MASK( UNRECOGNIZED ) ) -/* RFC 8446 section 4.2. Allowed extensions for ClienHello */ +/* RFC 8446 section 4.2. Allowed extensions for ClientHello */ #define MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_CH \ ( MBEDTLS_SSL_EXT_MASK( SERVERNAME ) | \ MBEDTLS_SSL_EXT_MASK( MAX_FRAGMENT_LENGTH ) | \ diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 040dc80e1..e4d50dbfd 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -691,7 +691,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, int auth_done = 0; unsigned char * data; /* For an explanation of the additional data length see - * the descrpition of ssl_extract_add_data_from_record(). + * the description of ssl_extract_add_data_from_record(). */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) unsigned char add_data[23 + MBEDTLS_SSL_CID_OUT_LEN_MAX]; @@ -1289,7 +1289,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, #endif unsigned char* data; /* For an explanation of the additional data length see - * the descrpition of ssl_extract_add_data_from_record(). + * the description of ssl_extract_add_data_from_record(). */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) unsigned char add_data[23 + MBEDTLS_SSL_CID_IN_LEN_MAX]; @@ -4098,7 +4098,7 @@ static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ) if( hs == NULL ) return( -1 ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_load_buffered_messsage" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_load_buffered_message" ) ); if( ssl->state == MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC || ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC ) diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c index 5def8b6ca..7a1745205 100644 --- a/library/ssl_tls12_client.c +++ b/library/ssl_tls12_client.c @@ -1971,8 +1971,8 @@ static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl, } /* - * Note: we currently ignore the PKS identity hint, as we only allow one - * PSK to be provisionned on the client. This could be changed later if + * Note: we currently ignore the PSK identity hint, as we only allow one + * PSK to be provisioned on the client. This could be changed later if * someone needs that feature. */ *p += len; diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index ce8767c5f..6caae89b4 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -634,7 +634,7 @@ static int ssl_tls13_parse_pre_shared_key_ext( mbedtls_ssl_context *ssl, if( p_identity_len != identities_end || p_binder_len != binders_end ) { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "pre_shared_key extesion decode error" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "pre_shared_key extension decode error" ) ); MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR, MBEDTLS_ERR_SSL_DECODE_ERROR ); return( MBEDTLS_ERR_SSL_DECODE_ERROR ); diff --git a/library/x509.c b/library/x509.c index 362e03676..be8797300 100644 --- a/library/x509.c +++ b/library/x509.c @@ -233,7 +233,7 @@ static int x509_get_hash_alg( const mbedtls_x509_buf *alg, mbedtls_md_type_t *md * * RFC 4055 (which defines use of RSASSA-PSS in PKIX) states that the value * of trailerField MUST be 1, and PKCS#1 v2.2 doesn't even define any other - * option. Enfore this at parsing time. + * option. Enforce this at parsing time. */ int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md, diff --git a/library/x509_crl.c b/library/x509_crl.c index d830fcd05..dc2d2e3e2 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -1,5 +1,5 @@ /* - * X.509 Certidicate Revocation List (CRL) parsing + * X.509 Certificate Revocation List (CRL) parsing * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 diff --git a/programs/pkey/dh_genprime.c b/programs/pkey/dh_genprime.c index 331838bb4..3e81d135f 100644 --- a/programs/pkey/dh_genprime.c +++ b/programs/pkey/dh_genprime.c @@ -42,7 +42,7 @@ int main( void ) #define USAGE \ "\n usage: dh_genprime param=<>...\n" \ - "\n acceprable parameters:\n" \ + "\n acceptable parameters:\n" \ " bits=%%d default: 2048\n" #define DFL_BITS 2048 diff --git a/programs/psa/aead_demo.c b/programs/psa/aead_demo.c index c4ed0dd82..1efd13265 100644 --- a/programs/psa/aead_demo.c +++ b/programs/psa/aead_demo.c @@ -104,7 +104,7 @@ void print_buf( const char *title, uint8_t *buf, size_t len ) /* Run a PSA function and bail out if it fails. * The symbolic name of the error code can be recovered using: - * programs/psa/psa_consant_name status */ + * programs/psa/psa_constant_name status */ #define PSA_CHECK( expr ) \ do \ { \ diff --git a/programs/psa/hmac_demo.c b/programs/psa/hmac_demo.c index 6238892b4..f949a8983 100644 --- a/programs/psa/hmac_demo.c +++ b/programs/psa/hmac_demo.c @@ -81,7 +81,7 @@ void print_buf( const char *title, uint8_t *buf, size_t len ) /* Run a PSA function and bail out if it fails. * The symbolic name of the error code can be recovered using: - * programs/psa/psa_consant_name status */ + * programs/psa/psa_constant_name status */ #define PSA_CHECK( expr ) \ do \ { \ diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c index 23a34e049..d13ea2889 100644 --- a/programs/ssl/dtls_client.c +++ b/programs/ssl/dtls_client.c @@ -343,5 +343,5 @@ exit: mbedtls_exit( ret ); } #endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_SSL_PROTO_DTLS && MBEDTLS_NET_C && - MBEDTLD_TIMING_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && + MBEDTLS_TIMING_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_RSA_C && MBEDTLS_PEM_PARSE_C */ diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 1b4a94ab0..d0c41541e 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -1949,7 +1949,7 @@ int main( int argc, char *argv[] ) * is not recommended in practice. * `psk_or_ephemeral` exists in theory, we need this mode to test if * this setting work correctly. With this key exchange setting, server - * should always perform `ephemeral` handshake. `psk` or `psk_ephermal` + * should always perform `ephemeral` handshake. `psk` or `psk_ephemeral` * is not expected. */ else if( strcmp( q, "psk_or_ephemeral" ) == 0 ) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index ecb093e14..6313c522a 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -416,7 +416,7 @@ static void TimerProc( void *TimerContext ) Sleep( alarmMs ); mbedtls_timing_alarmed = 1; /* _endthread will be called implicitly on return - * That ensures execution of thread funcition's epilogue */ + * That ensures execution of thread function's epilogue */ } static void mbedtls_set_alarm( int seconds ) diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c index e3386d189..ccd130310 100644 --- a/programs/test/udp_proxy.c +++ b/programs/test/udp_proxy.c @@ -377,7 +377,7 @@ static const char *msg_type( unsigned char *msg, size_t len ) #if defined(MBEDTLS_TIMING_C) /* Return elapsed time in milliseconds since the first call */ -static unsigned ellapsed_time( void ) +static unsigned elapsed_time( void ) { static int initialized = 0; static struct mbedtls_timing_hr_time hires; @@ -413,9 +413,9 @@ static int ctx_buffer_flush( ctx_buffer *buf ) int ret; mbedtls_printf( " %05u flush %s: %u bytes, %u datagrams, last %u ms\n", - ellapsed_time(), buf->description, + elapsed_time(), buf->description, (unsigned) buf->len, buf->num_datagrams, - ellapsed_time() - buf->packet_lifetime ); + elapsed_time() - buf->packet_lifetime ); ret = mbedtls_net_send( buf->ctx, buf->data, buf->len ); @@ -427,7 +427,7 @@ static int ctx_buffer_flush( ctx_buffer *buf ) static unsigned ctx_buffer_time_remaining( ctx_buffer *buf ) { - unsigned const cur_time = ellapsed_time(); + unsigned const cur_time = elapsed_time(); if( buf->num_datagrams == 0 ) return( (unsigned) -1 ); @@ -467,7 +467,7 @@ static int ctx_buffer_append( ctx_buffer *buf, buf->len += len; if( ++buf->num_datagrams == 1 ) - buf->packet_lifetime = ellapsed_time(); + buf->packet_lifetime = elapsed_time(); return( (int) len ); } @@ -517,10 +517,10 @@ void print_packet( const packet *p, const char *why ) #if defined(MBEDTLS_TIMING_C) if( why == NULL ) mbedtls_printf( " %05u dispatch %s %s (%u bytes)\n", - ellapsed_time(), p->way, p->type, p->len ); + elapsed_time(), p->way, p->type, p->len ); else mbedtls_printf( " %05u dispatch %s %s (%u bytes): %s\n", - ellapsed_time(), p->way, p->type, p->len, why ); + elapsed_time(), p->way, p->type, p->len, why ); #else if( why == NULL ) mbedtls_printf( " dispatch %s %s (%u bytes)\n", diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index 30b389ab4..4879583ce 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -355,7 +355,7 @@ int main( int argc, char *argv[] ) if( ( ret = write_certificate_request( &req, opt.output_file, mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) { - mbedtls_printf( " failed\n ! write_certifcate_request %d", ret ); + mbedtls_printf( " failed\n ! write_certificate_request %d", ret ); goto exit; } diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index f9366fe80..a8910d7f6 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -752,7 +752,7 @@ int main( int argc, char *argv[] ) if( ret != 0 ) { mbedtls_strerror( ret, buf, sizeof(buf) ); - mbedtls_printf( " failed\n ! x509write_crt_set_basic_contraints " + mbedtls_printf( " failed\n ! x509write_crt_set_basic_constraints " "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); goto exit; } diff --git a/scripts/mbedtls_dev/bignum_data.py b/scripts/mbedtls_dev/bignum_data.py index 74d21d0ca..e6ed30005 100644 --- a/scripts/mbedtls_dev/bignum_data.py +++ b/scripts/mbedtls_dev/bignum_data.py @@ -18,7 +18,7 @@ produced them.""" import random # Functions calling these were used to produce test data and are here only for -# reproducability, they are not used by the test generation framework/classes +# reproducibility, they are not used by the test generation framework/classes try: from Cryptodome.Util.number import isPrime, getPrime #type: ignore #pylint: disable=import-error except ImportError: @@ -128,7 +128,7 @@ def __gen_safe_prime(bits, seed): randbytes. ''' rng = random.Random() - # We want reproducability across python versions + # We want reproducibility across python versions rng.seed(seed, version=2) while True: prime = 2*getPrime(bits-1, rng.randbytes)+1 #pylint: disable=no-member diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h index bc2b016db..354295091 100644 --- a/tests/include/test/psa_crypto_helpers.h +++ b/tests/include/test/psa_crypto_helpers.h @@ -189,7 +189,7 @@ psa_status_t mbedtls_test_record_status( psa_status_t status, * * Do a key policy permission extension on key usage policies always involves * permissions of other usage policies - * (like PSA_KEY_USAGE_SIGN_HASH involves PSA_KEY_USAGE_SIGN_MESSGAE). + * (like PSA_KEY_USAGE_SIGN_HASH involves PSA_KEY_USAGE_SIGN_MESSAGE). */ psa_key_usage_t mbedtls_test_update_key_usage_flags( psa_key_usage_t usage_flags ); diff --git a/tests/scripts/check_names.py b/tests/scripts/check_names.py index 396ab740d..920537e3f 100755 --- a/tests/scripts/check_names.py +++ b/tests/scripts/check_names.py @@ -629,7 +629,7 @@ class CodeParser(): self.log.info("Compiling...") symbols = [] - # Back up the config and atomically compile with the full configratuion. + # Back up the config and atomically compile with the full configuration. shutil.copy( "include/mbedtls/mbedtls_config.h", "include/mbedtls/mbedtls_config.h.bak" @@ -892,7 +892,7 @@ def main(): parser.add_argument( "-q", "--quiet", action="store_true", - help="hide unnecessary text, explanations, and highlighs" + help="hide unnecessary text, explanations, and highlights" ) args = parser.parse_args() diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index 2f0900757..b27104843 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -80,7 +80,7 @@ def automatic_dependencies(*expressions: str) -> List[str]: # A temporary hack: at the time of writing, not all dependency symbols # are implemented yet. Skip test cases for which the dependency symbols are # not available. Once all dependency symbols are available, this hack must -# be removed so that a bug in the dependency symbols proprely leads to a test +# be removed so that a bug in the dependency symbols properly leads to a test # failure. def read_implemented_dependencies(filename: str) -> FrozenSet[str]: return frozenset(symbol @@ -459,7 +459,7 @@ class StorageKey(psa_storage.Key): """Prepare to generate a key. * `usage` : The usage flags used for the key. - * `without_implicit_usage`: Flag to defide to apply the usage extension + * `without_implicit_usage`: Flag to define to apply the usage extension """ usage_flags = set(usage) if not without_implicit_usage: @@ -483,7 +483,7 @@ class StorageTestData(StorageKey): ) -> None: """Prepare to generate test data - * `description` : used for the the test case names + * `description` : used for the test case names * `expected_usage`: the usage flags generated as the expected usage flags in the test cases. CAn differ from the usage flags stored in the keys because of the usage flags extension. diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index 7d06db1aa..92db4171a 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -1,7 +1,7 @@ #!/usr/bin/env python3 """Run the PSA Crypto API compliance test suite. Clone the repo and check out the commit specified by PSA_ARCH_TEST_REPO and PSA_ARCH_TEST_REF, -then complie and run the test suite. The clone is stored at /psa-arch-tests. +then compile and run the test suite. The clone is stored at /psa-arch-tests. Known defects in either the test suite or mbedtls - identified by their test number - are ignored, while unexpected failures AND successes are reported as errors, to help keep the list of known defects as up to date as possible. diff --git a/tests/suites/test_suite_mps.function b/tests/suites/test_suite_mps.function index c40c50e69..ec1122ae4 100644 --- a/tests/suites/test_suite_mps.function +++ b/tests/suites/test_suite_mps.function @@ -295,7 +295,7 @@ void mbedtls_mps_reader_reclaim_overflow() /* This test exercises the behaviour of the MPS reader with accumulator * in the situation where upon calling mbedtls_mps_reader_reclaim(), the * uncommitted data together with the excess data missing in the last - * call to medtls_mps_reader_get() exceeds the bounds of the type + * call to mbedtls_mps_reader_get() exceeds the bounds of the type * holding the buffer length. */ diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 0c0f2ed65..dbbac764d 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -622,7 +622,7 @@ exit: * the data in to be encrypted / decrypted. If * -1, no chunking * \param expected_output Expected output - * \param is_verify If non-zero this is an verify operation. + * \param is_verify If non-zero this is a verify operation. * \param do_zero_parts If non-zero, interleave zero length chunks * with normal length chunks. * \return int Zero on failure, non-zero on success. @@ -6131,7 +6131,7 @@ void aead_multipart_state_test( int key_type_arg, data_t *key_data, psa_aead_abort( &operation ); - /* Test for calling set lengths with an plaintext length of SIZE_MAX, after setting nonce */ + /* Test for calling set lengths with a plaintext length of SIZE_MAX, after setting nonce */ PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index b89579644..b713cb284 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -748,14 +748,14 @@ void cipher_encrypt_multipart( int alg_arg, mbedtls_psa_cipher_operation_t mbedtls_operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT; - mbedtls_transparent_test_driver_cipher_operation_t tranparent_operation = + mbedtls_transparent_test_driver_cipher_operation_t transparent_operation = MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT; mbedtls_opaque_test_driver_cipher_operation_t opaque_operation = MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT; operation.ctx.mbedtls_ctx = mbedtls_operation; - operation.ctx.transparent_test_driver_ctx = tranparent_operation; + operation.ctx.transparent_test_driver_ctx = transparent_operation; operation.ctx.opaque_test_driver_ctx = opaque_operation; PSA_ASSERT( psa_crypto_init( ) ); @@ -880,14 +880,14 @@ void cipher_decrypt_multipart( int alg_arg, mbedtls_psa_cipher_operation_t mbedtls_operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT; - mbedtls_transparent_test_driver_cipher_operation_t tranparent_operation = + mbedtls_transparent_test_driver_cipher_operation_t transparent_operation = MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT; mbedtls_opaque_test_driver_cipher_operation_t opaque_operation = MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT; operation.ctx.mbedtls_ctx = mbedtls_operation; - operation.ctx.transparent_test_driver_ctx = tranparent_operation; + operation.ctx.transparent_test_driver_ctx = transparent_operation; operation.ctx.opaque_test_driver_ctx = opaque_operation; PSA_ASSERT( psa_crypto_init( ) ); diff --git a/tests/suites/test_suite_psa_crypto_generate_key.function b/tests/suites/test_suite_psa_crypto_generate_key.function index dbe9a0ecf..6dc604350 100644 --- a/tests/suites/test_suite_psa_crypto_generate_key.function +++ b/tests/suites/test_suite_psa_crypto_generate_key.function @@ -18,7 +18,7 @@ void generate_key( int key_type_arg, int bits_arg, int expected_status_arg) psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = INVALID_KEY_ID; - // key lifetiem, usage flags, algorithm are irrelevant for this test + // key lifetime, usage flags, algorithm are irrelevant for this test psa_key_type_t key_type = key_type_arg; size_t bits = bits_arg; psa_status_t expected_status = expected_status_arg; diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 08db34aa4..bb8792313 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -2,7 +2,7 @@ /* The tests in this module verify the contents of key store files. They * access internal key storage functions directly. Some of the tests depend - * on the the storage format. On the other hand, these tests treat the storage + * on the storage format. On the other hand, these tests treat the storage * subsystem as a black box, and in particular have no reliance on the * internals of the ITS implementation. * diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 7447a1d0e..0dd8b7c56 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -511,7 +511,7 @@ void mbedtls_mock_socket_close( mbedtls_mock_socket* socket ) * \p peer1 and \p peer2 must have been previously initialized by calling * mbedtls_mock_socket_init(). * - * The capacites of the internal buffers are set to \p bufsize. Setting this to + * The capacities of the internal buffers are set to \p bufsize. Setting this to * the correct value allows for simulation of MTU, sanity testing the mock * implementation and mocking TCP connections with lower memory cost. */ @@ -652,7 +652,7 @@ void mbedtls_message_socket_init( mbedtls_test_message_socket_context *ctx ) } /* - * Setup a given mesasge socket context including initialization of + * Setup a given message socket context including initialization of * input/output queues to a chosen capacity of messages. Also set the * corresponding mock socket. *