EVP_KDF_CTRL_SET_PBKDF2_PKCS5_MODE.
[Shane Lontis]
- *) Default cipher lists/suites are now avaialble via a function, the
+ *) Default cipher lists/suites are now available via a function, the
#defines are deprecated.
[Todd Short]
SSL_set_ciphersuites()
[Matt Caswell]
- *) Memory allocation failures consistenly add an error to the error
+ *) Memory allocation failures consistently add an error to the error
stack.
[Rich Salz]
#### iPhoneOS/iOS
#
-# It takes recent enough XCode to use following two targets. It shouldn't
+# It takes recent enough Xcode to use following two targets. It shouldn't
# be a problem by now, but if they don't work, original targets below
# that depend on manual definition of environment variables should still
# work...
# Windows OneCore targets.
#
-# OneCore is new API stability "contract" that transends Desktop, IoT and
+# OneCore is new API stability "contract" that transcends Desktop, IoT and
# Mobile[?] Windows editions. It's a set up "umbrella" libraries that
# export subset of Win32 API that are common to all Windows 10 devices.
#
our @generated =
sort ( ( grep { defined $unified_info{generate}->{$_} }
sort keys %generatables ),
- # Scripts are assumed to be generated, so add thhem too
+ # Scripts are assumed to be generated, so add them too
( grep { defined $unified_info{sources}->{$_} }
@{$unified_info{scripts}} ) );
goto done;
}
BIO_printf(bio_err, ", Salt length: %d, Cost(N): %ld, "
- "Block size(r): %ld, Paralelizm(p): %ld",
+ "Block size(r): %ld, Parallelism(p): %ld",
ASN1_STRING_length(kdf->salt),
ASN1_INTEGER_get(kdf->costParameter),
ASN1_INTEGER_get(kdf->blockSize),
}
buflen = lengths[size_num - 1];
- if (buflen < 36) /* size of random vector in RSA bencmark */
+ if (buflen < 36) /* size of random vector in RSA benchmark */
buflen = 36;
buflen += MAX_MISALIGNMENT + 1;
loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
}
/*
* If expected wasn't set at this point, it means the map
- * isn't syncronised with the possible options leading here.
+ * isn't synchronised with the possible options leading here.
*/
OPENSSL_assert(expected != 0);
}
An empty tree is represented by a NULL root pointer. Inserting a value at
index 0 results in the allocation of a top level node full of null pointers
except for the single pointer to the user's data (N = SA_BLOCK_MAX for
-breviety):
+brevity):
+----+
|Root|
# Implement AES_set_[en|de]crypt_key. Key schedule setup is avoided
# for 128-bit keys, if hardware support is detected.
-# Januray 2009.
+# January 2009.
#
# Add support for hardware AES192/256 and reschedule instructions to
# minimize/avoid Address Generation Interlock hazard and to favour
# dual-issue z10 pipeline. This gave ~25% improvement on z10 and
# almost 50% on z9. The gain is smaller on z10, because being dual-
# issue z10 makes it impossible to eliminate the interlock condition:
-# critial path is not long enough. Yet it spends ~24 cycles per byte
+# critical path is not long enough. Yet it spends ~24 cycles per byte
# processed with 128-bit key.
#
# Unlike previous version hardware support detection takes place only
}
c = y / 100;
y %= 100;
- /* Zeller's congruance */
+ /* Zeller's congruence */
tm->tm_wday = (d + (13 * m) / 5 + y + y / 4 + c / 4 + 5 * c + 6) % 7;
}
* reasons. When BIO_CTRL_DGRAM_SET_PEEK_MODE was first defined its value
* was incorrectly clashing with BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE. The
* value has been updated to a non-clashing value. However to preserve
- * binary compatiblity we now respond to both the old value and the new one
+ * binary compatibility we now respond to both the old value and the new one
*/
case BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE:
case BIO_CTRL_DGRAM_SET_PEEK_MODE:
#if 0
/*
* The bn_div_3_words entry point is re-used for constant-time interface.
- * Implementation is retained as hystorical reference.
+ * Implementation is retained as historical reference.
*/
.align 5
.globl bn_div_3_words
*
* - availability of constant-time bn_div_3_words;
* - dividend is at least as "wide" as divisor, limb-wise, zero-padded
- * if so requied, which shouldn't be a privacy problem, because
+ * if so required, which shouldn't be a privacy problem, because
* divisor's length is considered public;
*/
int bn_div_fixed_top(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num,
(b) > 23 ? 3 : 1)
/*
- * BN_mod_exp_mont_conttime is based on the assumption that the L1 data cache
+ * BN_mod_exp_mont_consttime is based on the assumption that the L1 data cache
* line width of the target processor is at least the following value.
*/
# define MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH ( 64 )
* one bit longer than the modulus.
*
* There are some concerns about the efficacy of doing this. More
- * specificly refer to the discussion starting with:
+ * specifically refer to the discussion starting with:
* https://github.com/openssl/openssl/pull/7486#discussion_r228323705
* The fix is to rework BN so these gymnastics aren't required.
*/
################################# reduction
mulx 8*0+128(%r14), $t0, $t1
- adcx $t0, $acc3 # guranteed to be zero
+ adcx $t0, $acc3 # guaranteed to be zero
adox $t1, $acc4
mulx 8*1+128(%r14), $t0, $t1
and $t0,$t0,$t1
sldi $a3,$a3,1
add $t0,$t0,$t1 # compare to modulus in the same go
- srdi $a3,$a3,1 # most signifcant bit cleared
+ srdi $a3,$a3,1 # most significant bit cleared
addc $a0,$a0,$t0
addze $a1,$a1
sradi $t0,$a3,63 # most significant bit -> mask
sldi $a3,$a3,1
andc $t0,$t1,$t0
- srdi $a3,$a3,1 # most signifcant bit cleared
+ srdi $a3,$a3,1 # most significant bit cleared
subi $rp,$rp,1
subfc $a0,$t0,$a0
int (*field_div) (const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
const BIGNUM *b, BN_CTX *);
/*-
- * 'field_inv' computes the multipicative inverse of a in the field,
+ * 'field_inv' computes the multiplicative inverse of a in the field,
* storing the result in r.
*
* If 'a' is zero (or equivalent), you'll get an EC_R_CANNOT_INVERT error.
* ffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb
* 71e913863f7, in that case the penultimate intermediate is -9G and
* the final digit is also -9G. Since this only happens for a single
- * scalar, the timing leak is irrelevent. (Any attacker who wanted to
+ * scalar, the timing leak is irrelevant. (Any attacker who wanted to
* check whether a secret scalar was that exact value, can already do
* so.)
*/
X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_ED25519), V_ASN1_UNDEF, NULL);
if (alg2)
X509_ALGOR_set0(alg2, OBJ_nid2obj(NID_ED25519), V_ASN1_UNDEF, NULL);
- /* Algorithm idetifiers set: carry on as normal */
+ /* Algorithm identifiers set: carry on as normal */
return 3;
}
EVP_R_ONLY_ONESHOT_SUPPORTED:177:only oneshot supported
EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE:150:\
operation not supported for this keytype
-EVP_R_OPERATON_NOT_INITIALIZED:151:operaton not initialized
+EVP_R_OPERATON_NOT_INITIALIZED:151:operation not initialized
EVP_R_PARAMETER_TOO_LARGE:187:parameter too large
EVP_R_PARTIALLY_OVERLAPPING:162:partially overlapping buffers
EVP_R_PBKDF2_ERROR:181:pbkdf2 error
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
"operation not supported for this keytype"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATON_NOT_INITIALIZED),
- "operaton not initialized"},
+ "operation not initialized"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARAMETER_TOO_LARGE),
"parameter too large"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARTIALLY_OVERLAPPING),
* destructor for threads terminating before libcrypto is initialized or
* after it's de-initialized. Access to the key doesn't have to be
* serialized for the said threads, because they didn't use libcrypto
- * and it doesn't matter if they pick "impossible" or derefernce real
+ * and it doesn't matter if they pick "impossible" or dereference real
* key value and pull NULL past initialization in the first thread that
* intends to use libcrypto.
*/
/*
* A hashing implementation that appears to be based on the linear hashing
- * alogrithm:
+ * algorithm:
* https://en.wikipedia.org/wiki/Linear_hashing
*
* Litwin, Witold (1980), "Linear hashing: A new tool for file and table
* addressing", Proc. 6th Conference on Very Large Databases: 212-223
- * http://hackthology.com/pdfs/Litwin-1980-Linear_Hashing.pdf
+ * https://hackthology.com/pdfs/Litwin-1980-Linear_Hashing.pdf
*
- * From the wikipedia article "Linear hashing is used in the BDB Berkeley
+ * From the Wikipedia article "Linear hashing is used in the BDB Berkeley
* database system, which in turn is used by many software systems such as
* OpenLDAP, using a C implementation derived from the CACM article and first
* published on the Usenet in 1988 by Esmond Pitt."
addi $t1,$ctx,`48+(12^$BIG_ENDIAN)`
bl __poly1305_splat
- bl __poly1305_mul # caclulate r^2
+ bl __poly1305_mul # calculate r^2
addi $t1,$ctx,`48+(4^$BIG_ENDIAN)`
bl __poly1305_splat
- bl __poly1305_mul # caclulate r^3
+ bl __poly1305_mul # calculate r^3
addi $t1,$ctx,`48+(8^$BIG_ENDIAN)`
bl __poly1305_splat
- bl __poly1305_mul # caclulate r^4
+ bl __poly1305_mul # calculate r^4
addi $t1,$ctx,`48+(0^$BIG_ENDIAN)`
bl __poly1305_splat
/*
* NIST SP800-90Ar1 section 9.1 says you can combine getting the entropy
* and nonce in 1 call by increasing the entropy with 50% and increasing
- * the minimum length to accomadate the length of the nonce.
+ * the minimum length to accommodate the length of the nonce.
* We do this in case a nonce is require and get_nonce is NULL.
*/
if (drbg->min_noncelen > 0 && drbg->get_nonce == NULL) {
/* TODO(3.0): Do we need to handle this somehow in the FIPS module? */
/*
- * RAND_close_seed_files() ensures that any seed file decriptors are
+ * RAND_close_seed_files() ensures that any seed file descriptors are
* closed after use.
*/
void RAND_keep_random_devices_open(int keep)
*
* This strategy has the following goals:
*
- * 1. 1024-bit factors are effcient when using 3072 and 4096-bit key
+ * 1. 1024-bit factors are efficient when using 3072 and 4096-bit key
* 2. stay the same logic with normal 2-prime key
*/
bitse -= bitsr[i];
# over 2x than 32-bit code. X[16] resides on stack, but access to it
# is scheduled for L2 latency and staged through 32 least significant
# bits of %l0-%l7. The latter is done to achieve 32-/64-bit ABI
-# duality. Nevetheless it's ~40% faster than SHA256, which is pretty
+# duality. Nevertheless it's ~40% faster than SHA256, which is pretty
# good [optimal coefficient is 50%].
#
# SHA512 on UltraSPARC T1.
/*
* B1: verify whether r' in [1,n-1], verification failed if not
- * B2: vefify whether s' in [1,n-1], verification failed if not
+ * B2: verify whether s' in [1,n-1], verification failed if not
* B3: set M'~=ZA || M'
* B4: calculate e'=Hv(M'~)
* B5: calculate t = (r' + s') modn, verification failed if t=0
* B6: calculate the point (x1', y1')=[s']G + [t]PA
- * B7: calculate R=(e'+x1') modn, verfication pass if yes, otherwise failed
+ * B7: calculate R=(e'+x1') modn, verification pass if yes, otherwise failed
*/
ECDSA_SIG_get0(sig, &r, &s);
#include "internal/sparse_array.h"
/*
- * How many bits are used to index each level in the tree structre?
+ * How many bits are used to index each level in the tree structure?
* This setting determines the number of pointers stored in each node of the
* tree used to represent the sparse array. Having more pointers reduces the
* depth of the tree but potentially wastes more memory. That is, this is a
typedef int (*file_eof_fn)(void *handler_ctx);
/*
* The destroy_ctx function is used to destroy the handler_ctx that was
- * intiated by a repeatable try_decode fuction. This is only used when
+ * initiated by a repeatable try_decode function. This is only used when
* the handler is marked repeatable.
*/
typedef void (*file_destroy_ctx_fn)(void **handler_ctx);
};
/*
- * Public key decoder. Only supports SubjectPublicKeyInfo formated keys.
+ * Public key decoder. Only supports SubjectPublicKeyInfo formatted keys.
*/
static OSSL_STORE_INFO *try_decode_PUBKEY(const char *pem_name,
const char *pem_header,
server-cmod.exe : server-cmod.obj
server-conf.exe : server-conf.obj
-# Stoopid MMS doesn't infer this automatically...
+# MMS doesn't infer this automatically...
client-arg.obj : client-arg.c
client-conf.obj : client-conf.c
saccept.obj : saccept.c
EVP_CIPHER_CTX *ctx;
int outlen, tmplen, rv;
unsigned char outbuf[1024];
- printf("AES GCM Derypt:\n");
+ printf("AES GCM Decrypt:\n");
printf("Ciphertext:\n");
BIO_dump_fp(stdout, gcm_ct, sizeof(gcm_ct));
ctx = EVP_CIPHER_CTX_new();
library to be added and removed dynamically.
Each such data item must have a corresponding CRYPTO_EX_DATA index
associated with it. Unlike normal CRYPTO_EX_DATA objects we use static indexes
-to identify data items. These are mapped transparetnly to CRYPTO_EX_DATA dynamic
+to identify data items. These are mapped transparently to CRYPTO_EX_DATA dynamic
indexes internally to the implementation.
See the example further down to see how that's done.
This function is expected to set the method's reference count to 1.
-=item desctruct()
+=item destruct()
Decrement the I<method>'s reference count, and destruct it when
the reference count reaches zero.
=item *
-If no intialization function was given with ossl_provider_new(), a
+If no initialization function was given with ossl_provider_new(), a
loadable module with the I<name> that was given to ossl_provider_new()
will be located and loaded, then the symbol B<OSSL_provider_init> will
be located in that module, and called.
=item B<cipher:string>
-Used by CMAC and GMAC to specifiy the cipher algorithm.
+Used by CMAC and GMAC to specify the cipher algorithm.
For CMAC it must be one of AES-128-CBC, AES-192-CBC, AES-256-CBC or
DES-EDE3-CBC.
For GMAC it should be a GCM mode cipher e.g. AES-128-GCM.
functions free any existing value and set the pointer to the specified value.
The B<ADMISSION> type has an authority name, authority object, and a
-stack of B<PROFSSION_INFO> items.
+stack of B<PROFESSION_INFO> items.
The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(),
and ADMISSIONS_get0_professionInfos()
functions return pointers to those values within the object.
flag set can have unexpected outcome when the reads and writes to the
BIO are intertwined. As documented above the BIO will be reset to the
state after the last completed write operation. The effects of reads
-preceeding that write operation cannot be undone.
+preceding that write operation cannot be undone.
Calling BIO_get_mem_ptr() prior to a BIO_reset() call with
BIO_FLAGS_NONCLEAR_RST set has the same effect as a write operation.
The digest B<type> may be NULL if the signing algorithm supports it.
-No B<EVP_PKEY_CTX> will be created by EVP_DigsetSignInit() if the passed B<ctx>
+No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit() if the passed B<ctx>
has already been assigned one via L<EVP_MD_CTX_set_ctx(3)>. See also L<SM2(7)>.
Only EVP_PKEY types that support signing can be used with these functions. This
inside EVP_DigestVerifyInit() and it will be freed automatically when the
EVP_MD_CTX is freed).
-No B<EVP_PKEY_CTX> will be created by EVP_DigsetSignInit() if the passed B<ctx>
+No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit() if the passed B<ctx>
has already been assigned one via L<EVP_MD_CTX_set_ctx(3)>. See also L<SM2(7)>.
EVP_DigestVerifyUpdate() hashes B<cnt> bytes of data at B<d> into the
Where an application that previously used implicit fetch is converted to use
explicit fetch care should be taken with the L<EVP_MD_CTX_md(3)> function.
-Specifically, this function returns the EVP_MD object orginally passed to
+Specifically, this function returns the EVP_MD object originally passed to
EVP_DigestInit_ex() (or other similar function). With implicit fetch the
returned EVP_MD object is guaranteed to be available throughout the application
lifetime. However, with explicit fetch EVP_MD objects are reference counted.
EVP_MD_meth_free(md);
Note that in the above example the property string "legacy=yes" is optional
-since, assuming no other providers have been loaded, the only implmentation of
+since, assuming no other providers have been loaded, the only implementation of
the "whirlpool" algorithm is in the "legacy" provider. Also note that the
default provider should be explicitly loaded if it is required in addition to
other providers:
=item EVP_md5_sha1()
-A hash algorithm of SSL v3 that combines MD5 with SHA-1 as decirbed in RFC
+A hash algorithm of SSL v3 that combines MD5 with SHA-1 as described in RFC
6101.
WARNING: this algorithm is not intended for non-SSL usage.
OSSL_CRMF_pbm_new() generates a PBM (Password-Based MAC) based on given PBM
parameters B<pbmp>, message B<msg>, and secret B<sec>, along with the respective
-lengths B<msglen> and B<seclen>. On success writes the adddress of the newly
+lengths B<msglen> and B<seclen>. On success writes the address of the newly
allocated MAC via the B<mac> reference parameter and writes the length via the
B<maclen> reference parameter unless it its NULL.
The value is copied to the address B<val>.
Type coercion takes place as discussed in the NOTES section.
-OSSL_PARAM_set_TYPE() stores a value B<val> of type B<TYPE> into the paramter
+OSSL_PARAM_set_TYPE() stores a value B<val> of type B<TYPE> into the parameter
B<p>.
Type coercion takes place as discussed in the NOTES section.
The BIGNUM referenced by B<val> is updated and is allocated if B<*val> is
B<NULL>.
-OSSL_PARAM_set_BN() stores the BIGNUM B<val> into the param
ater B<p>.
+OSSL_PARAM_set_BN() stores the BIGNUM B<val> into the param
eter B<p>.
OSSL_PARAM_get_utf8_string() retrieves a UTF8 string from the parameter
pointed to by B<p>.
takes a B<UI_METHOD> and associated data, to be used any time
something needs to be prompted for.
Furthermore, this function is expected to initialize what needs to be
-initialized, to create a privata data store (B<OSSL_STORE_LOADER_CTX>, see
+initialized, to create a private data store (B<OSSL_STORE_LOADER_CTX>, see
above), and to return it.
If something goes wrong, this function is expected to return NULL.
OSSL_STORE_supports_search() checks if the loader of the given OSSL_STORE
context supports the given search type.
-See L<OSSL_STORE_SEARCH/SUPPORED CRITERION TYPES> for information on the
+See L<OSSL_STORE_SEARCH/SUPPORTED CRITERION TYPES> for information on the
supported search criterion types.
OSSL_STORE_expect() and OSSL_STORE_find I<must> be called before the first
The derivation function is disabled during initialization by calling the
RAND_DRBG_set() function with the RAND_DRBG_FLAG_CTR_NO_DF flag.
For more information on the derivation function and when it can be omitted,
-see [NIST SP 800-90A Rev. 1]. Roughly speeking it can be omitted if the random
+see [NIST SP 800-90A Rev. 1]. Roughly speaking it can be omitted if the random
source has "full entropy", i.e., contains 8 bits of entropy per byte.
Even if a nonce is required, the B<get_nonce>() and B<cleanup_nonce>()
SSL_CTX_set_ciphersuites() is used to configure the available TLSv1.3
ciphersuites for B<ctx>. This is a simple colon (":") separated list of TLSv1.3
-ciphersuite names in order of perference. Valid TLSv1.3 ciphersuite names are:
+ciphersuite names in order of preference. Valid TLSv1.3 ciphersuite names are:
=over 4
The SSL_set_srp_server_param_pw() function sets all SRP parameters for the
connection B<s> by generating a random salt and a password verifier.
-B<user> is the username, B<pass> the password and B<grp> the SRP group paramters
+B<user> is the username, B<pass> the password and B<grp> the SRP group parameters
identifier for L<SRP_get_default_gN(3)>.
The SSL_get_srp_g() function returns the SRP group generator for B<s>, or from
SSL_SESSION_set1_hostname,
SSL_SESSION_get0_alpn_selected,
SSL_SESSION_set1_alpn_selected
-- get and set SNI and ALPN data ssociated with a session
+- get and set SNI and ALPN data associated with a session
=head1 SYNOPSIS
=item E<lt> 0
The write operation was not successful, because either the connection was
-closed, an error occured or action must be taken by the calling process.
+closed, an error occurred or action must be taken by the calling process.
Call SSL_get_error() with the return value to find out the reason.
=back
during the execution of a key establishment scheme) and fixedinfo.
SSKDF is also informally referred to as 'Concat KDF'.
-=head2 Auxilary function
+=head2 Auxiliary function
The implementation uses a selectable auxiliary function H, which can be one of:
=over 4
-=item EVP_KDF_SSHKDF_TYPE_ININITAL_IV_CLI_TO_SRV
+=item EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV
The Initial IV from client to server.
A single char of value 65 (ASCII char 'A').
-=item EVP_KDF_SSHKDF_TYPE_ININITAL_IV_SRV_TO_CLI
+=item EVP_KDF_SSHKDF_TYPE_INITIAL_IV_SRV_TO_CLI
The Initial IV from server to client
A single char of value 66 (ASCII char 'B').
EVP_KDF_ctrl_str() type string: "type"
The value is a string of length one character. The only valid values
-are the numerical values of the ASCII caracters: "A" (65) to "F" (70).
+are the numerical values of the ASCII characters: "A" (65) to "F" (70).
=back
if (EVP_KDF_CTX_set1_sshkdf_session_id(kctx, session_id, 32) <= 0)
/* Error */
if (EVP_KDF_CTX_set_sshkdf_type(kctx,
- EVP_KDF_SSHKDF_TYPE_ININITAL_IV_CLI_TO_SRV) <= 0)
+ EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV) <= 0)
/* Error */
if (EVP_KDF_derive(kctx, out, &outlen) <= 0)
/* Error */
=head1 NOTES
-X963KDF is very similar to the SSKDF that uses a digest as the auxilary function,
+X963KDF is very similar to the SSKDF that uses a digest as the auxiliary function,
X963KDF appends the counter to the secret, whereas SSKDF prepends the counter.
A context for X963KDF can be obtained by calling:
match counts in favor of the algorithm.
More details about that in the B<Lookups> section.
A I<property query> is a sequence of comma separated property query clauses.
-The full syntax for property queries appears below, but the available syntatic
+The full syntax for property queries appears below, but the available syntactic
features are:
=over 4
the local clause overrides the context clause.
It is possible for a local property query to remove a clause in the context
-property query by preceeding the property name with a '-'.
+property query by preceding the property name with a '-'.
For example, a context property query that contains "fips=yes" would normally
result in implementations that have "fips=yes".
enum devcrypto_accelerated_t {
DEVCRYPTO_NOT_ACCELERATED = -1, /* software implemented */
- DEVCRYPTO_ACCELERATION_UNKNOWN = 0, /* acceleration support unkown */
+ DEVCRYPTO_ACCELERATION_UNKNOWN = 0, /* acceleration support unknown */
DEVCRYPTO_ACCELERATED = 1 /* hardware accelerated */
} accelerated;
int ossl_method_store_set_global_properties(OSSL_METHOD_STORE *store,
const char *prop_query);
-/* proeprty query cache functions */
+/* property query cache functions */
int ossl_method_store_cache_get(OSSL_METHOD_STORE *store, int nid,
const char *prop_query, void **result);
int ossl_method_store_cache_set(OSSL_METHOD_STORE *store, int nid,
* function defined via DEFINE_ONCE_STATIC where both functions use the same
* CRYPTO_ONCE object to synchronise. Where an alternative initialiser function
* is used only one of the primary or the alternative initialiser function will
- * ever be called - and that function will be called exactly once. Definitition
+ * ever be called - and that function will be called exactly once. Definition
* of an alternative initialiser function MUST occur AFTER the definition of the
- * primiary initialiser function.
+ * primary initialiser function.
*
* Typical usage might be:
*
* if (var == NOT_YET_INITIALIZED)
* var = function_returning_same_value();
*
- * This does work provided that loads and stores are single-instuction
+ * This does work provided that loads and stores are single-instruction
* operations (and integer ones are on *all* supported platforms), but
* it upsets Thread Sanitizer. Suggested solution is
*
int expected_type; /* expected type after set/set_string_gmt */
int check_result; /* check result */
time_t t; /* expected time_t*/
- int cmp_result; /* compariston to baseline result */
- int convert_result; /* convertion result */
+ int cmp_result; /* comparison to baseline result */
+ int convert_result; /* conversion result */
};
static struct testdata tbl_testdata_pos[] = {
* Personalisation string tests
*/
- /* Test detection of too large personlisation string */
+ /* Test detection of too large personalisation string */
if (!init(drbg, td, &t)
|| RAND_DRBG_instantiate(drbg, td->pers, drbg->max_perslen + 1) > 0)
goto err;
/*
* Create the connection. We use "create_bare_ssl_connection" here so that
- * we can force the connection to not do "SSL_read" once partly conencted.
+ * we can force the connection to not do "SSL_read" once partly connected.
* We don't want to accidentally read the dummy records we injected because
* they will fail to decrypt.
*/
md = NULL;
/*
- * Explicitly asking for the default implementation should succeeed except
+ * Explicitly asking for the default implementation should succeed except
* in test 4 where the default provider is not loaded.
*/
md = EVP_MD_fetch(ctx, "SHA256", "default=yes");
double p2;
/*
* Documented as an arbitrarly large unsigned integer.
- * The data size must be large enough to accomodate.
+ * The data size must be large enough to accommodate.
* Assumed data type OSSL_PARAM_UNSIGNED_INTEGER
*/
BIGNUM *p3;
/*
* Documented as a C string.
- * The data size must be large enough to accomodate.
+ * The data size must be large enough to accommodate.
* Assumed data type OSSL_PARAM_UTF8_STRING
*/
char *p4;
/* In all our tests, these are variables that get manipulated as parameters
*
- * These arrays consistenly do nothing with the "p2" parameter, and
+ * These arrays consistently do nothing with the "p2" parameter, and
* always include a "foo" parameter. This is to check that the
* set_params and get_params calls ignore the lack of parameters that
* the application isn't interested in, as well as ignore parameters
/*
* We attempt to read some data on the client side which we expect to fail.
* This will ensure we have received the NewSessionTicket in TLSv1.3 where
- * appropriate. We do this twice because there are 2 NewSesionTickets.
+ * appropriate. We do this twice because there are 2 NewSessionTickets.
*/
for (i = 0; i < 2; i++) {
if (SSL_read_ex(clientssl, &buf, sizeof(buf), &readbytes) > 0) {
#define KEYLEN 16
/*
- * Based on the test vectors availble in:
+ * Based on the test vectors available in:
* https://tools.ietf.org/html/draft-ietf-tls-tls13-vectors-06
*/
=item B<create =E<gt> 0|1>
-When set to 1 (or any value that perl preceives as true), the subdirectory
+When set to 1 (or any value that perl perceives as true), the subdirectory
will be created if it doesn't already exist. This happens before BLOCK
is executed.
=item B<cleanup =E<gt> 0|1>
-When set to 1 (or any value that perl preceives as true), the subdirectory
+When set to 1 (or any value that perl perceives as true), the subdirectory
will be cleaned out and removed. This happens both before and after BLOCK
is executed.
projects / oweals / openssl.git / commitdiff