Fix a number of typos
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Co-authored-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/ChangeLog b/ChangeLog
index 8f952b7..dc6e451 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -49,7 +49,7 @@
* Remove the MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
compile-time option, which was off by default. Users should not trust
certificates signed with SHA-1 due to the known attacks against SHA-1.
- If needed, SHA-1 cerificates can still be verified by using a custom
+ If needed, SHA-1 certificates can still be verified by using a custom
verification profile.
* Removed deprecated things in psa/crypto_compat.h. Fixes #4284
diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md
index b487541..2d031c6 100644
--- a/docs/3.0-migration-guide.md
+++ b/docs/3.0-migration-guide.md
@@ -30,7 +30,7 @@
- The function `mbedtls_md_init_ctx()` was removed; please use
`mbedtls_md_setup()` instead.
- The functions `mbedtls_xxx_process()` were removed. You normally don't need
- to call that from application code. However it you do (or it you want to
+ to call that from application code. However if you do (or if you want to
provide your own version of that function), please use
`mbedtls_internal_xxx_process()` instead, and check the return value.
@@ -47,7 +47,7 @@
---------------------------------------------------------
Some constants and types that were present in beta versions of the PSA Crypto
-API were removed from in version 1.0 of specification. Please switch to the new
+API were removed from version 1.0 of specification. Please switch to the new
names provided by the 1.0 specification instead.
Internal / alt-focused headers were moved to a private location
@@ -108,7 +108,7 @@
disabled by default.
This only affects users who called the HAVEGE modules directly (not
-recommended), or users who used it though the entropy module but had it as the
+recommended), or users who used it through the entropy module but had it as the
only source of entropy. If you're in that case, please declare OS or hardware
RNG interfaces with `mbedtls_entropy_add_source()` and/or use an entropy seed
file created securely during device provisioning. See
@@ -121,7 +121,7 @@
This doesn't affect people using the default configuration as it was already
disabled by default.
-This only affects TLS servers that have clients who send a SSLv2 ClientHello.
+This only affects TLS servers that have clients who send an SSLv2 ClientHello.
These days clients are very unlikely to do that. If you have a client that
does, please try contacting them and encouraging them to upgrade their
software.
@@ -134,7 +134,7 @@
This only affects TLS users who explicitly enabled `MBEDTLS_SSL_PROTO_SSL3`
and relied on that version in order to communicate with peers that are not up
-to date. If one of your peers in in that case, please try contacting them and
+to date. If one of your peers is in that case, please try contacting them and
encouraging them to upgrade their software.
Remove support for compatibility with old Mbed TLS's truncated HMAC
@@ -143,10 +143,10 @@
This doesn't affect people using the default configuration as it was already
disabled by default.
-This only affects TLS users enabled `MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT` and
+This only affects TLS users who enabled `MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT` and
used the Truncated HMAC extension to communicate with peers using old version
of Mbed TLS. Please consider using a CCM-8 ciphersuite instead of the
-Truncated HMAC extension, or convicing your peer to upgrade their version of
+Truncated HMAC extension, or convincing your peer to upgrade their version of
Mbed TLS.
Remove support for TLS record-level compression