From db34ae5f14e40e383a06b5067ee6d57de52e924b Mon Sep 17 00:00:00 2001
From: Jan Luebbe <jlu@pengutronix.de>
Date: Fri, 9 May 2025 09:56:26 +0200
Subject: [PATCH] Fix some typos in the man pages

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27590)

(cherry picked from commit 8fd0d230fdf80f7b6a3ee6c1197923600ce45c6a)
---
 doc/man3/CMS_get0_SignerInfos.pod    | 2 +-
 doc/man3/EVP_PKEY_encapsulate.pod    | 4 ++--
 doc/man3/EVP_PKEY_new.pod            | 4 ++--
 doc/man3/EVP_PKEY_sign.pod           | 2 +-
 doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod | 2 +-
 doc/man3/SSL_set_quic_tls_cbs.pod    | 2 +-
 doc/man3/X509_STORE_CTX_new.pod      | 2 +-
 doc/man3/X509_check_purpose.pod      | 2 +-
 8 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/doc/man3/CMS_get0_SignerInfos.pod b/doc/man3/CMS_get0_SignerInfos.pod
index 385726ced35..29fb683c09b 100644
--- a/doc/man3/CMS_get0_SignerInfos.pod
+++ b/doc/man3/CMS_get0_SignerInfos.pod
@@ -38,7 +38,7 @@ CMS_SignerInfo_cert_cmp() compares the certificate B<cert> against the signer
 identifier B<si>. It returns zero if the comparison is successful and non zero
 if not.
 
-CMS_SignerInfo_set1_signer_cert() sets the signers certificate of B<si> to
+CMS_SignerInfo_set1_signer_cert() sets the signer's certificate of B<si> to
 B<signer>.
 
 =head1 NOTES
diff --git a/doc/man3/EVP_PKEY_encapsulate.pod b/doc/man3/EVP_PKEY_encapsulate.pod
index a82eaded592..e37599c4c41 100644
--- a/doc/man3/EVP_PKEY_encapsulate.pod
+++ b/doc/man3/EVP_PKEY_encapsulate.pod
@@ -30,14 +30,14 @@ key that is used during encapsulation.
 
 The EVP_PKEY_encapsulate() function performs a public key encapsulation
 operation using I<ctx>.
-The shared secret writen to I<genkey> can be used as an input for key
+The shared secret written to I<genkey> can be used as an input for key
 derivation, typically for various symmetric algorithms.
 Its size is written to I<genkeylen>, which must be initialised to the
 size of the provided buffer.
 
 The ciphertext written to I<wrappedkey> is an encapsulated form, which
 is expected to be only usable by the holder of the private key corresponding
-to wthe public key associated with I<ctx>.
+to the public key associated with I<ctx>.
 This ciphertext is then communicated to the private-key holder, who can use
 L<EVP_PKEY_decapsulate(3)> to securely recover the same shared secret.
 
diff --git a/doc/man3/EVP_PKEY_new.pod b/doc/man3/EVP_PKEY_new.pod
index eccc21aac63..72d129deff2 100644
--- a/doc/man3/EVP_PKEY_new.pod
+++ b/doc/man3/EVP_PKEY_new.pod
@@ -174,7 +174,7 @@ C<ML-DSA-87>,
 B<ML-KEM-512>,
 B<ML-KEM-768> and
 B<ML-KEM-1024>
-keys, which don't have legacy numeric I<NID> assigments, but their raw form is
+keys, which don't have legacy numeric I<NID> assignments, but their raw form is
 nevertheless available.
 
 
@@ -198,7 +198,7 @@ C<ML-DSA-87>,
 B<ML-KEM-512>,
 B<ML-KEM-768> and
 B<ML-KEM-1024>
-keys, which don't have legacy numeric I<NID> assigments, but their raw form is
+keys, which don't have legacy numeric I<NID> assignments, but their raw form is
 nevertheless available.
 
 EVP_PKEY_new_CMAC_key() works in the same way as EVP_PKEY_new_raw_private_key()
diff --git a/doc/man3/EVP_PKEY_sign.pod b/doc/man3/EVP_PKEY_sign.pod
index b88a9893f52..d258226804e 100644
--- a/doc/man3/EVP_PKEY_sign.pod
+++ b/doc/man3/EVP_PKEY_sign.pod
@@ -40,7 +40,7 @@ signing a pre-computed message digest using the algorithm given by I<algo> and
 the key given through L<EVP_PKEY_CTX_new(3)> or L<EVP_PKEY_CTX_new_from_pkey(3)>.
 A context I<ctx> without a pre-loaded key cannot be used with this function.
 This function provides almost the same functionality as EVP_PKEY_sign_init_ex(),
-but is uniquely intended to be used with a pre-computed messsage digest, and
+but is uniquely intended to be used with a pre-computed message digest, and
 allows pre-determining the exact conditions for that message digest, if a
 composite signature algorithm (such as RSA-SHA256) was fetched.
 Following a call to this function, setting parameters that modifies the digest
diff --git a/doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod b/doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod
index 6c095c0ee0e..0f700c118f5 100644
--- a/doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod
+++ b/doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod
@@ -109,7 +109,7 @@ On success, the function verifies the decrypted data as signed data,
 using the trust store I<ts> and any untrusted certificates in I<extra>.
 Doing so, it checks for the purpose "CMP Key Generation Authority" (cmKGA).
 
-OSSL_CRMF_ENCRYPTEDKEY_init_envdata() returns I<OSSL_CRMF_ENCRYPTEDKEY>, intialized with 
+OSSL_CRMF_ENCRYPTEDKEY_init_envdata() returns I<OSSL_CRMF_ENCRYPTEDKEY>, initialized with
 the enveloped data I<envdata>.
 
 OSSL_CRMF_ENCRYPTEDVALUE_decrypt() decrypts the encrypted value in the given
diff --git a/doc/man3/SSL_set_quic_tls_cbs.pod b/doc/man3/SSL_set_quic_tls_cbs.pod
index 618cc29bc74..75d217bdeaa 100644
--- a/doc/man3/SSL_set_quic_tls_cbs.pod
+++ b/doc/man3/SSL_set_quic_tls_cbs.pod
@@ -110,7 +110,7 @@ ever be read by OpenSSL.
 
 The OSSL_FUNC_SSL_QUIC_TLS_yield_secret_fn callback (function id
 B<OSSL_FUNC_SSL_QUIC_TLS_YIELD_SECRET>) is called when a new secret has been
-established. The I<prot_level> argument identies the TLS protection level and
+established. The I<prot_level> argument identities the TLS protection level and
 will be one of B<OSSL_RECORD_PROTECTION_LEVEL_NONE>,
 B<OSSL_RECORD_PROTECTION_LEVEL_EARLY>, B<OSSL_RECORD_PROTECTION_LEVEL_HANDSHAKE>
 or B<OSSL_RECORD_PROTECTION_LEVEL_APPLICATION>. The I<direction> will either be
diff --git a/doc/man3/X509_STORE_CTX_new.pod b/doc/man3/X509_STORE_CTX_new.pod
index c219cee9d62..4810d48a01a 100644
--- a/doc/man3/X509_STORE_CTX_new.pod
+++ b/doc/man3/X509_STORE_CTX_new.pod
@@ -85,7 +85,7 @@ If I<ctx> is NULL nothing is done.
 X509_STORE_CTX_init() sets up I<ctx> for a subsequent verification operation.
 
 X509_STORE_CTX_init() initializes the internal state and resources of the
-given I<ctx>. Among others, it sets the verification parameters associcated
+given I<ctx>. Among others, it sets the verification parameters associated
 with the method name C<default>, which includes the C<any> purpose,
 and takes over callback function pointers from I<trust_store> (unless NULL).
 It must be called before each call to L<X509_verify_cert(3)> or
diff --git a/doc/man3/X509_check_purpose.pod b/doc/man3/X509_check_purpose.pod
index 4e152be8fa5..59440dc013d 100644
--- a/doc/man3/X509_check_purpose.pod
+++ b/doc/man3/X509_check_purpose.pod
@@ -80,7 +80,7 @@ Unless the id stays the same for an existing entry, I<id> must be fresh,
 which can be achieved by using the result of X509_PURPOSE_get_unused_id().
 The function also sets in the entry the trust id I<trust>, the given I<flags>,
 the purpose (long) name I<name>, the short name I<sname>, the purpose checking
-funktion I<ck> of type B<int (*) (const X509_PURPOSE *, const X509 *, int)>,
+function I<ck> of type B<int (*) (const X509_PURPOSE *, const X509 *, int)>,
 and its user data I<arg> which may be retrieved via the B<X509_PURPOSE> pointer.
 
 X509_PURPOSE_cleanup() removes all purposes that are not pre-defined.
-- 
2.47.3