Fix additional misspellings found by codespell

Remaining hits seem to be hex data, certificates, and other miscellaneous exceptions. List generated by running codespell -w -L keypair,Keypair,KeyPair,keyPair,ciph,nd Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2025-05-09 19:31:18 +08:00 · 2022-04-13 14:28:52 -04:00 · 2022-04-13 14:28:52 -04:00 · 5c65c5781f
commit 5c65c5781f
parent e27e96dd5d
17 changed files with 21 additions and 21 deletions
--- a/docs/architecture/psa-migration/psa-limitations.md
+++ b/docs/architecture/psa-migration/psa-limitations.md
@ -84,7 +84,7 @@ the hash algorithm potentially used to hash the message being signed:
  - most commonly MGF1, which in turn is parametrized by a hash algorithm
 - a salt length
 - a trailer field - the value is fixed to 0xBC by PKCS#1 v2.1, but was left
-  configurable in the original scheme; 0xBC is used everywhere in pratice.
+  configurable in the original scheme; 0xBC is used everywhere in practice.
 Both the existing `mbedtls_` API and the PSA API support only MGF1 as the
 generation function (and only 0xBC as the trailer field), but there are
@ -317,7 +317,7 @@ strong security arguments, so it's unclear whether it would be accepted.
 HKDF: Expand not exposed on its own (TLS 1.3)
 ---------------------------------------------
-The HKDF function uses and Extract-then-Expand approch, that is:
+The HKDF function uses and Extract-then-Expand approach, that is:
        HKDF(x, ...) = HKDF-Expand(HKDF-Extract(x, ...), ...)
--- a/include/mbedtls/asn1.h
+++ b/include/mbedtls/asn1.h
@ -228,7 +228,7 @@ mbedtls_asn1_named_data;
 * \return      0 if successful.
 * \return      #MBEDTLS_ERR_ASN1_OUT_OF_DATA if the ASN.1 element
 *              would end beyond \p end.
- * \return      #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparseable.
+ * \return      #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparsable.
 */
 int mbedtls_asn1_get_len( unsigned char **p,
                          const unsigned char *end,
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@ -150,7 +150,7 @@
 #endif
 #if defined(MBEDTLS_PKCS5_C) && !defined(MBEDTLS_MD_C)
-#error "MBEDTLS_PKCS5_C defined, but not all prerequesites"
+#error "MBEDTLS_PKCS5_C defined, but not all prerequisites"
 #endif
 #if defined(MBEDTLS_PKCS12_C) && !defined(MBEDTLS_MD_C)
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@ -1576,7 +1576,7 @@
 * unless you know for sure amplification cannot be a problem in the
 * environment in which your server operates.
 *
- * \warning Disabling this can ba a security risk! (see above)
+ * \warning Disabling this can be a security risk! (see above)
 *
 * Requires: MBEDTLS_SSL_PROTO_DTLS
 *
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -2735,7 +2735,7 @@ void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode );
 *                 ones going through the authentication-decryption phase.
 *
 * \note           This is a security trade-off related to the fact that it's
- *                 often relatively easy for an active attacker ot inject UDP
+ *                 often relatively easy for an active attacker to inject UDP
 *                 datagrams. On one hand, setting a low limit here makes it
 *                 easier for such an attacker to forcibly terminated a
 *                 connection. On the other hand, a high limit or no limit
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@ -3783,7 +3783,7 @@ psa_status_t psa_key_derivation_output_key(
 *
 * \param[in,out] operation The key derivation operation object to read from.
 * \param[in] expected_output Buffer containing the expected derivation output.
- * \param output_length     Length ot the expected output; this is also the
+ * \param output_length     Length of the expected output; this is also the
 *                          number of bytes that will be read.
 *
 * \retval #PSA_SUCCESS
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@ -4810,7 +4810,7 @@ static psa_status_t psa_generate_derived_ecc_key_weierstrass_helper(
        /* 4. If k > N - 2, discard the result and return to step 1.
        *    Result of comparison is returned. When it indicates error
-        *    then this fuction is called again.
+        *    then this function is called again.
        */
        MBEDTLS_MPI_CHK( mbedtls_mpi_lt_mpi_ct( &diff_N_2, &k, &key_out_of_range ) );
    }
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@ -1854,7 +1854,7 @@ static inline int mbedtls_ssl_tls12_named_group_is_ecdhe( uint16_t named_group )
            named_group == MBEDTLS_SSL_IANA_TLS_GROUP_BP384R1   ||
            named_group == MBEDTLS_SSL_IANA_TLS_GROUP_BP512R1   ||
            named_group == MBEDTLS_SSL_IANA_TLS_GROUP_X448      ||
-            /* Below deprected curves should be removed with notice to users */
+            /* Below deprecated curves should be removed with notice to users */
            named_group == MBEDTLS_SSL_IANA_TLS_GROUP_SECP192K1 ||
            named_group == MBEDTLS_SSL_IANA_TLS_GROUP_SECP192R1 ||
            named_group == MBEDTLS_SSL_IANA_TLS_GROUP_SECP224K1 ||
@ -2167,7 +2167,7 @@ static inline int mbedtls_ssl_sig_alg_is_supported(
 #endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 /* Corresponding PSA algorithm for MBEDTLS_CIPHER_NULL.
- * Same value is used fo PSA_ALG_CATEGORY_CIPHER, hence it is
+ * Same value is used for PSA_ALG_CATEGORY_CIPHER, hence it is
 * guaranteed to not be a valid PSA algorithm identifier.
 */
 #define MBEDTLS_SSL_NULL_CIPHER 0x04000000
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -2918,7 +2918,7 @@ static int ssl_prepare_handshake_step( mbedtls_ssl_context *ssl )
     * In the case of TLS 1.3, handshake step handlers do not send data to the
     * peer. Data are only sent here and through
     * `mbedtls_ssl_handle_pending_alert` in case an error that triggered an
-     * alert occured.
+     * alert occurred.
     */
    if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 )
        return( ret );
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@ -982,7 +982,7 @@ static int ssl_tls13_get_sig_alg_from_pk( mbedtls_ssl_context *ssl,
 #endif /* MBEDTLS_RSA_C */
        default:
            MBEDTLS_SSL_DEBUG_MSG( 1,
-                                   ( "unkown signature type : %u", sig ) );
+                                   ( "unknown signature type : %u", sig ) );
            break;
    }
    return( -1 );
--- a/programs/psa/aead_demo.c
+++ b/programs/psa/aead_demo.c
@ -156,7 +156,7 @@ static psa_status_t aead_prepare( const char *info,
        return( PSA_ERROR_INVALID_ARGUMENT );
    }
-    /* Prepare key attibutes */
+    /* Prepare key attributes */
    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
    psa_set_key_algorithm( &attributes, *alg );
--- a/scripts/generate_driver_wrappers.py
+++ b/scripts/generate_driver_wrappers.py
@ -1,7 +1,7 @@
 #!/usr/bin/env python3
 """Generate library/psa_crypto_driver_wrappers.c
-   This module is invoked by the build sripts to auto generate the
+   This module is invoked by the build scripts to auto generate the
   psa_crypto_driver_wrappers.c based on template files in
   script/data_files/driver_templates/.
 """
--- a/scripts/generate_ssl_debug_helpers.py
+++ b/scripts/generate_ssl_debug_helpers.py
@ -289,7 +289,7 @@ class SignatureAlgorithmDefinition:
            {translation_table}
                }};
-                return "UNKOWN";
+                return "UNKNOWN";
            }}''')
        body = body.format(translation_table='\n'.join(translation_table))
        return body
--- a/tests/scripts/generate_psa_tests.py
+++ b/tests/scripts/generate_psa_tests.py
@ -923,7 +923,7 @@ class TestGenerator:
        filename = self.filename_for(basename)
        test_case.write_data_file(filename, test_cases)
-    # Note that targets whose name containns 'test_format' have their content
+    # Note that targets whose name contains 'test_format' have their content
    # validated by `abi_check.py`.
    TARGETS = {
        'test_suite_psa_crypto_generate_key.generated':
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@ -10839,7 +10839,7 @@ run_test    "TLS 1.3: Client authentication, client alg not in server list - ope
            -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
            -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
            -c "signature algorithm not in received or offered list." \
-            -C "unkown pk type"
+            -C "unknown pk type"
 requires_gnutls_tls1_3
 requires_gnutls_next_no_ticket
@ -10857,7 +10857,7 @@ run_test    "TLS 1.3: Client authentication, client alg not in server list - gnu
            -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
            -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
            -c "signature algorithm not in received or offered list." \
-            -C "unkown pk type"
+            -C "unknown pk type"
 # Test using an opaque private key for client authentication
 requires_openssl_tls1_3
--- a/tests/suites/test_suite_ecdh.function
+++ b/tests/suites/test_suite_ecdh.function
@ -262,7 +262,7 @@ void ecdh_restart( int id, data_t *dA, data_t *dB, data_t *z,
    rnd_info_B.buf = dB->x;
    rnd_info_B.length = dB->len;
-    /* The ECDH context is not guaranteed ot have an mbedtls_ecp_group structure
+    /* The ECDH context is not guaranteed to have an mbedtls_ecp_group structure
     * in every configuration, therefore we load it separately. */
    TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@ -168,12 +168,12 @@ void pk_psa_utils( int key_is_rsa )
    if( key_is_rsa )
    {
-        bitlen = 1024; /* harcoded in genkey() */
+        bitlen = 1024; /* hardcoded in genkey() */
        key = pk_psa_genkey_rsa();
    }
    else
    {
-        bitlen = 256; /* harcoded in genkey() */
+        bitlen = 256; /* hardcoded in genkey() */
        key = pk_psa_genkey_ecc();
    }
    if( mbedtls_svc_key_id_is_null( key ) )