100 files changed, 265 insertions, 265 deletions
diff --git a/src/lib/libcrypto/aes/asm/aes-586.pl b/src/lib/libcrypto/aes/asm/aes-586.pl
index 3ba8a26eaa..c5ae3f6903 100644
--- a/src/lib/libcrypto/aes/asm/aes-586.pl
+++ b/src/lib/libcrypto/aes/asm/aes-586.pl
@@ -48,8 +48,8 @@
 # better performance on most recent �-archs...
 #
 # Third version adds AES_cbc_encrypt implementation, which resulted in
-# up to 40% performance imrovement of CBC benchmark results. 40% was
+# up to 40% performance improvement of CBC benchmark results. 40% was
-# observed on P4 core, where "overall" imrovement coefficient, i.e. if
+# observed on P4 core, where "overall" improvement coefficient, i.e. if
 # compared to PIC generated by GCC and in CBC mode, was observed to be
 # as large as 4x:-) CBC performance is virtually identical to ECB now
 # and on some platforms even better, e.g. 17.6 "small" cycles/byte on
@@ -228,7 +228,7 @@ $small_footprint=1;	# $small_footprint=1 code is ~5% slower [on
                        # contention and in hope to "collect" 5% back
                        # in real-life applications...
-$vertical_spin=0;       # shift "verticaly" defaults to 0, because of
+$vertical_spin=0;       # shift "vertically" defaults to 0, because of
                        # its proof-of-concept status...
 # Note that there is no decvert(), as well as last encryption round is
 # performed with "horizontal" shifts. This is because this "vertical"
diff --git a/src/lib/libcrypto/aes/asm/aes-mips.pl b/src/lib/libcrypto/aes/asm/aes-mips.pl
index 2f6ff74ffe..b95d1afd5a 100644
--- a/src/lib/libcrypto/aes/asm/aes-mips.pl
+++ b/src/lib/libcrypto/aes/asm/aes-mips.pl
@@ -106,7 +106,7 @@ my ($i0,$i1,$i2,$i3)=($at,$t0,$t1,$t2);
 my ($t0,$t1,$t2,$t3,$t4,$t5,$t6,$t7,$t8,$t9,$t10,$t11) = map("\$$_",(12..23));
 my ($key0,$cnt)=($gp,$fp);
-# instuction ordering is "stolen" from output from MIPSpro assembler
+# instruction ordering is "stolen" from output from MIPSpro assembler
 # invoked with -mips3 -O3 arguments...
 $code.=<<___;
 .align  5
diff --git a/src/lib/libcrypto/aes/asm/aes-ppc.pl b/src/lib/libcrypto/aes/asm/aes-ppc.pl
index 7c52cbe5f9..91a46f60ed 100644
--- a/src/lib/libcrypto/aes/asm/aes-ppc.pl
+++ b/src/lib/libcrypto/aes/asm/aes-ppc.pl
@@ -19,7 +19,7 @@
 # February 2010
 #
 # Rescheduling instructions to favour Power6 pipeline gave 10%
-# performance improvement on the platfrom in question (and marginal
+# performance improvement on the platform in question (and marginal
 # improvement even on others). It should be noted that Power6 fails
 # to process byte in 18 cycles, only in 23, because it fails to issue
 # 4 load instructions in two cycles, only in 3. As result non-compact
diff --git a/src/lib/libcrypto/aes/asm/aesni-sha1-x86_64.pl b/src/lib/libcrypto/aes/asm/aesni-sha1-x86_64.pl
index bc6c8f3fc0..880bcc2d58 100644
--- a/src/lib/libcrypto/aes/asm/aesni-sha1-x86_64.pl
+++ b/src/lib/libcrypto/aes/asm/aesni-sha1-x86_64.pl
@@ -250,7 +250,7 @@ ___
    $r++;       unshift(@rndkey,pop(@rndkey));
 };
-sub Xupdate_ssse3_16_31()               # recall that $Xi starts wtih 4
+sub Xupdate_ssse3_16_31()               # recall that $Xi starts with 4
 { use integer;
  my $body = shift;
  my @insns = (&$body,&$body,&$body,&$body);    # 40 instructions
@@ -767,7 +767,7 @@ ___
    $r++;       unshift(@rndkey,pop(@rndkey));
 };
-sub Xupdate_avx_16_31()         # recall that $Xi starts wtih 4
+sub Xupdate_avx_16_31()         # recall that $Xi starts with 4
 { use integer;
  my $body = shift;
  my @insns = (&$body,&$body,&$body,&$body);    # 40 instructions
diff --git a/src/lib/libcrypto/aes/asm/aesni-x86_64.pl b/src/lib/libcrypto/aes/asm/aesni-x86_64.pl
index f0b30109ae..a849073728 100644
--- a/src/lib/libcrypto/aes/asm/aesni-x86_64.pl
+++ b/src/lib/libcrypto/aes/asm/aesni-x86_64.pl
@@ -52,7 +52,7 @@
 # nothing one can do and the result appears optimal. CCM result is
 # identical to CBC, because CBC-MAC is essentially CBC encrypt without
 # saving output. CCM CTR "stays invisible," because it's neatly
-# interleaved wih CBC-MAC. This provides ~30% improvement over
+# interleaved with CBC-MAC. This provides ~30% improvement over
 # "straghtforward" CCM implementation with CTR and CBC-MAC performed
 # disjointly. Parallelizable modes practically achieve the theoretical
 # limit.
@@ -136,7 +136,7 @@
 # asymptotic, if it can be surpassed, isn't it? What happens there?
 # Rewind to CBC paragraph for the answer. Yes, out-of-order execution
 # magic is responsible for this. Processor overlaps not only the
-# additional instructions with AES ones, but even AES instuctions
+# additional instructions with AES ones, but even AES instructions
 # processing adjacent triplets of independent blocks. In the 6x case
 # additional instructions  still claim disproportionally small amount
 # of additional cycles, but in 8x case number of instructions must be
@@ -1350,7 +1350,7 @@ ___
        movdqa  @tweak[5],@tweak[$i]
        paddq   @tweak[5],@tweak[5]             # psllq 1,$tweak
        pand    $twmask,$twres                  # isolate carry and residue
-        pcmpgtd @tweak[5],$twtmp                # broadcat upper bits
+        pcmpgtd @tweak[5],$twtmp                # broadcast upper bits
        pxor    $twres,@tweak[5]
 ___
    }
@@ -1456,7 +1456,7 @@ $code.=<<___;
         aesenc         $rndkey0,$inout0
        pand    $twmask,$twres                  # isolate carry and residue
         aesenc         $rndkey0,$inout1
-        pcmpgtd @tweak[5],$twtmp                # broadcat upper bits
+        pcmpgtd @tweak[5],$twtmp                # broadcast upper bits
         aesenc         $rndkey0,$inout2
        pxor    $twres,@tweak[5]
         aesenc         $rndkey0,$inout3
@@ -1471,7 +1471,7 @@ $code.=<<___;
         aesenc         $rndkey1,$inout0
        pand    $twmask,$twres                  # isolate carry and residue
         aesenc         $rndkey1,$inout1
-        pcmpgtd @tweak[5],$twtmp                # broadcat upper bits
+        pcmpgtd @tweak[5],$twtmp                # broadcast upper bits
         aesenc         $rndkey1,$inout2
        pxor    $twres,@tweak[5]
         aesenc         $rndkey1,$inout3
@@ -1485,7 +1485,7 @@ $code.=<<___;
         aesenclast     $rndkey0,$inout0
        pand    $twmask,$twres                  # isolate carry and residue
         aesenclast     $rndkey0,$inout1
-        pcmpgtd @tweak[5],$twtmp                # broadcat upper bits
+        pcmpgtd @tweak[5],$twtmp                # broadcast upper bits
         aesenclast     $rndkey0,$inout2
        pxor    $twres,@tweak[5]
         aesenclast     $rndkey0,$inout3
@@ -1499,7 +1499,7 @@ $code.=<<___;
         xorps  `16*0`(%rsp),$inout0            # output^=tweak
        pand    $twmask,$twres                  # isolate carry and residue
         xorps  `16*1`(%rsp),$inout1
-        pcmpgtd @tweak[5],$twtmp                # broadcat upper bits
+        pcmpgtd @tweak[5],$twtmp                # broadcast upper bits
        pxor    $twres,@tweak[5]
        xorps   `16*2`(%rsp),$inout2
@@ -1750,7 +1750,7 @@ ___
        movdqa  @tweak[5],@tweak[$i]
        paddq   @tweak[5],@tweak[5]             # psllq 1,$tweak
        pand    $twmask,$twres                  # isolate carry and residue
-        pcmpgtd @tweak[5],$twtmp                # broadcat upper bits
+        pcmpgtd @tweak[5],$twtmp                # broadcast upper bits
        pxor    $twres,@tweak[5]
 ___
    }
@@ -1856,7 +1856,7 @@ $code.=<<___;
         aesdec         $rndkey0,$inout0
        pand    $twmask,$twres                  # isolate carry and residue
         aesdec         $rndkey0,$inout1
-        pcmpgtd @tweak[5],$twtmp                # broadcat upper bits
+        pcmpgtd @tweak[5],$twtmp                # broadcast upper bits
         aesdec         $rndkey0,$inout2
        pxor    $twres,@tweak[5]
         aesdec         $rndkey0,$inout3
@@ -1871,7 +1871,7 @@ $code.=<<___;
         aesdec         $rndkey1,$inout0
        pand    $twmask,$twres                  # isolate carry and residue
         aesdec         $rndkey1,$inout1
-        pcmpgtd @tweak[5],$twtmp                # broadcat upper bits
+        pcmpgtd @tweak[5],$twtmp                # broadcast upper bits
         aesdec         $rndkey1,$inout2
        pxor    $twres,@tweak[5]
         aesdec         $rndkey1,$inout3
@@ -1885,7 +1885,7 @@ $code.=<<___;
         aesdeclast     $rndkey0,$inout0
        pand    $twmask,$twres                  # isolate carry and residue
         aesdeclast     $rndkey0,$inout1
-        pcmpgtd @tweak[5],$twtmp                # broadcat upper bits
+        pcmpgtd @tweak[5],$twtmp                # broadcast upper bits
         aesdeclast     $rndkey0,$inout2
        pxor    $twres,@tweak[5]
         aesdeclast     $rndkey0,$inout3
@@ -1899,7 +1899,7 @@ $code.=<<___;
         xorps  `16*0`(%rsp),$inout0            # output^=tweak
        pand    $twmask,$twres                  # isolate carry and residue
         xorps  `16*1`(%rsp),$inout1
-        pcmpgtd @tweak[5],$twtmp                # broadcat upper bits
+        pcmpgtd @tweak[5],$twtmp                # broadcast upper bits
        pxor    $twres,@tweak[5]
        xorps   `16*2`(%rsp),$inout2
@@ -2520,7 +2520,7 @@ ___
 #       Vinodh Gopal <vinodh.gopal@intel.com>
 #       Kahraman Akdemir
 #
-# Agressively optimized in respect to aeskeygenassist's critical path
+# Aggressively optimized in respect to aeskeygenassist's critical path
 # and is contained in %xmm0-5 to meet Win64 ABI requirement.
 #
 $code.=<<___;
@@ -2602,7 +2602,7 @@ __aesni_set_encrypt_key:
 .align  16
 .L14rounds:
-        movups  16($inp),%xmm2                  # remaning half of *userKey
+        movups  16($inp),%xmm2                  # remaining half of *userKey
        mov     \$13,$bits                      # 14 rounds for 256
        lea     16(%rax),%rax
        $movkey %xmm0,($key)                    # round 0
@@ -2862,7 +2862,7 @@ xts_se_handler:
        mov     56($disp),%r11          # disp->HandlerData
        mov     0(%r11),%r10d           # HandlerData[0]
-        lea     (%rsi,%r10),%r10        # prologue lable
+        lea     (%rsi,%r10),%r10        # prologue label
        cmp     %r10,%rbx               # context->Rip<prologue label
        jb      .Lcommon_seh_tail
diff --git a/src/lib/libcrypto/aes/asm/bsaes-x86_64.pl b/src/lib/libcrypto/aes/asm/bsaes-x86_64.pl
index 41b90f0844..14dc2c02e7 100644
--- a/src/lib/libcrypto/aes/asm/bsaes-x86_64.pl
+++ b/src/lib/libcrypto/aes/asm/bsaes-x86_64.pl
@@ -20,7 +20,7 @@
 # - code was made position-independent;
 # - rounds were folded into a loop resulting in >5x size reduction
 #   from 12.5KB to 2.2KB;
-# - above was possibile thanks to mixcolumns() modification that
+# - above was possible thanks to mixcolumns() modification that
 #   allowed to feed its output back to aesenc[last], this was
 #   achieved at cost of two additional inter-registers moves;
 # - some instruction reordering and interleaving;
diff --git a/src/lib/libcrypto/arc4random/getentropy_aix.c b/src/lib/libcrypto/arc4random/getentropy_aix.c
index 7fb857e6d2..9d085cf503 100644
--- a/src/lib/libcrypto/arc4random/getentropy_aix.c
+++ b/src/lib/libcrypto/arc4random/getentropy_aix.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: getentropy_aix.c,v 1.8 2021/10/24 21:24:20 deraadt Exp $      */
+/*      $OpenBSD: getentropy_aix.c,v 1.9 2022/12/26 07:18:50 jmc Exp $  */
 /*
 * Copyright (c) 2015 Michael Felt <aixtools@gmail.com>
@@ -21,7 +21,7 @@
 * http://man.openbsd.org/getentropy.2
 */
 /*
- * -lperfstat is needed for the psuedo entropy data
+ * -lperfstat is needed for the pseudo entropy data
 */
 #include <sys/mman.h>
diff --git a/src/lib/libcrypto/arch/aarch64/opensslconf.h b/src/lib/libcrypto/arch/aarch64/opensslconf.h
index ab3e2d89b0..748ed8f8b4 100644
--- a/src/lib/libcrypto/arch/aarch64/opensslconf.h
+++ b/src/lib/libcrypto/arch/aarch64/opensslconf.h
@@ -60,7 +60,7 @@
 /* Only one for the following should be defined */
 /* The prime number generation stuff may not work when
 * EIGHT_BIT but I don't care since I've only used this mode
- * for debuging the bignum libraries */
+ * for debugging the bignum libraries */
 #define SIXTY_FOUR_BIT_LONG
 #undef SIXTY_FOUR_BIT
 #undef THIRTY_TWO_BIT
@@ -90,7 +90,7 @@
 #endif
 /* This helps C compiler generate the correct code for multiple functional
- * units.  It reduces register dependancies at the expense of 2 more
+ * units.  It reduces register dependencies at the expense of 2 more
 * registers */
 #ifndef DES_RISC1
 #undef DES_RISC1
@@ -105,7 +105,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
 #endif
 /* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
+ * Very much CPU dependent */
 #ifndef DES_UNROLL
 #define DES_UNROLL
 #endif
diff --git a/src/lib/libcrypto/arch/alpha/opensslconf.h b/src/lib/libcrypto/arch/alpha/opensslconf.h
index a1331118f4..47f2aa8f21 100644
--- a/src/lib/libcrypto/arch/alpha/opensslconf.h
+++ b/src/lib/libcrypto/arch/alpha/opensslconf.h
@@ -60,7 +60,7 @@
 /* Only one for the following should be defined */
 /* The prime number generation stuff may not work when
 * EIGHT_BIT but I don't care since I've only used this mode
- * for debuging the bignum libraries */
+ * for debugging the bignum libraries */
 #define SIXTY_FOUR_BIT_LONG
 #undef SIXTY_FOUR_BIT
 #undef THIRTY_TWO_BIT
@@ -88,7 +88,7 @@
 #endif
 /* This helps C compiler generate the correct code for multiple functional
- * units.  It reduces register dependancies at the expense of 2 more
+ * units.  It reduces register dependencies at the expense of 2 more
 * registers */
 #ifndef DES_RISC1
 #undef DES_RISC1
@@ -103,7 +103,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
 #endif
 /* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
+ * Very much CPU dependent */
 #ifndef DES_UNROLL
 #undef DES_UNROLL
 #endif
diff --git a/src/lib/libcrypto/arch/amd64/opensslconf.h b/src/lib/libcrypto/arch/amd64/opensslconf.h
index f8cbb5d652..5cad089a8b 100644
--- a/src/lib/libcrypto/arch/amd64/opensslconf.h
+++ b/src/lib/libcrypto/arch/amd64/opensslconf.h
@@ -85,7 +85,7 @@
 #endif
 /* This helps C compiler generate the correct code for multiple functional
- * units.  It reduces register dependancies at the expense of 2 more
+ * units.  It reduces register dependencies at the expense of 2 more
 * registers */
 #ifndef DES_RISC1
 #undef DES_RISC1
@@ -100,7 +100,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
 #endif
 /* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
+ * Very much CPU dependent */
 #ifndef DES_UNROLL
 #define DES_UNROLL
 #endif
diff --git a/src/lib/libcrypto/arch/arm/opensslconf.h b/src/lib/libcrypto/arch/arm/opensslconf.h
index 78cd6d856f..f17d3d2803 100644
--- a/src/lib/libcrypto/arch/arm/opensslconf.h
+++ b/src/lib/libcrypto/arch/arm/opensslconf.h
@@ -60,7 +60,7 @@
 /* Only one for the following should be defined */
 /* The prime number generation stuff may not work when
 * EIGHT_BIT but I don't care since I've only used this mode
- * for debuging the bignum libraries */
+ * for debugging the bignum libraries */
 #undef SIXTY_FOUR_BIT_LONG
 #undef SIXTY_FOUR_BIT
 #define THIRTY_TWO_BIT
@@ -90,7 +90,7 @@
 #endif
 /* This helps C compiler generate the correct code for multiple functional
- * units.  It reduces register dependancies at the expense of 2 more
+ * units.  It reduces register dependencies at the expense of 2 more
 * registers */
 #ifndef DES_RISC1
 #undef DES_RISC1
@@ -105,7 +105,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
 #endif
 /* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
+ * Very much CPU dependent */
 #ifndef DES_UNROLL
 #define DES_UNROLL
 #endif
diff --git a/src/lib/libcrypto/arch/hppa/opensslconf.h b/src/lib/libcrypto/arch/hppa/opensslconf.h
index 78cd6d856f..f17d3d2803 100644
--- a/src/lib/libcrypto/arch/hppa/opensslconf.h
+++ b/src/lib/libcrypto/arch/hppa/opensslconf.h
@@ -60,7 +60,7 @@
 /* Only one for the following should be defined */
 /* The prime number generation stuff may not work when
 * EIGHT_BIT but I don't care since I've only used this mode
- * for debuging the bignum libraries */
+ * for debugging the bignum libraries */
 #undef SIXTY_FOUR_BIT_LONG
 #undef SIXTY_FOUR_BIT
 #define THIRTY_TWO_BIT
@@ -90,7 +90,7 @@
 #endif
 /* This helps C compiler generate the correct code for multiple functional
- * units.  It reduces register dependancies at the expense of 2 more
+ * units.  It reduces register dependencies at the expense of 2 more
 * registers */
 #ifndef DES_RISC1
 #undef DES_RISC1
@@ -105,7 +105,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
 #endif
 /* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
+ * Very much CPU dependent */
 #ifndef DES_UNROLL
 #define DES_UNROLL
 #endif
diff --git a/src/lib/libcrypto/arch/i386/opensslconf.h b/src/lib/libcrypto/arch/i386/opensslconf.h
index bf439696d8..3b3827cdb1 100644
--- a/src/lib/libcrypto/arch/i386/opensslconf.h
+++ b/src/lib/libcrypto/arch/i386/opensslconf.h
@@ -60,7 +60,7 @@
 /* Only one for the following should be defined */
 /* The prime number generation stuff may not work when
 * EIGHT_BIT but I don't care since I've only used this mode
- * for debuging the bignum libraries */
+ * for debugging the bignum libraries */
 #undef SIXTY_FOUR_BIT_LONG
 #undef SIXTY_FOUR_BIT
 #define THIRTY_TWO_BIT
@@ -90,7 +90,7 @@
 #endif
 /* This helps C compiler generate the correct code for multiple functional
- * units.  It reduces register dependancies at the expense of 2 more
+ * units.  It reduces register dependencies at the expense of 2 more
 * registers */
 #ifndef DES_RISC1
 #define DES_RISC1
@@ -105,7 +105,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
 #endif
 /* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
+ * Very much CPU dependent */
 #ifndef DES_UNROLL
 #define DES_UNROLL
 #endif
diff --git a/src/lib/libcrypto/arch/m88k/opensslconf.h b/src/lib/libcrypto/arch/m88k/opensslconf.h
index 78cd6d856f..f17d3d2803 100644
--- a/src/lib/libcrypto/arch/m88k/opensslconf.h
+++ b/src/lib/libcrypto/arch/m88k/opensslconf.h
@@ -60,7 +60,7 @@
 /* Only one for the following should be defined */
 /* The prime number generation stuff may not work when
 * EIGHT_BIT but I don't care since I've only used this mode
- * for debuging the bignum libraries */
+ * for debugging the bignum libraries */
 #undef SIXTY_FOUR_BIT_LONG
 #undef SIXTY_FOUR_BIT
 #define THIRTY_TWO_BIT
@@ -90,7 +90,7 @@
 #endif
 /* This helps C compiler generate the correct code for multiple functional
- * units.  It reduces register dependancies at the expense of 2 more
+ * units.  It reduces register dependencies at the expense of 2 more
 * registers */
 #ifndef DES_RISC1
 #undef DES_RISC1
@@ -105,7 +105,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
 #endif
 /* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
+ * Very much CPU dependent */
 #ifndef DES_UNROLL
 #define DES_UNROLL
 #endif
diff --git a/src/lib/libcrypto/arch/mips64/opensslconf.h b/src/lib/libcrypto/arch/mips64/opensslconf.h
index 226951eded..ed1204c8c1 100644
--- a/src/lib/libcrypto/arch/mips64/opensslconf.h
+++ b/src/lib/libcrypto/arch/mips64/opensslconf.h
@@ -60,7 +60,7 @@
 /* Only one for the following should be defined */
 /* The prime number generation stuff may not work when
 * EIGHT_BIT but I don't care since I've only used this mode
- * for debuging the bignum libraries */
+ * for debugging the bignum libraries */
 #define SIXTY_FOUR_BIT_LONG
 #undef SIXTY_FOUR_BIT
 #undef THIRTY_TWO_BIT
@@ -90,7 +90,7 @@
 #endif
 /* This helps C compiler generate the correct code for multiple functional
- * units.  It reduces register dependancies at the expense of 2 more
+ * units.  It reduces register dependencies at the expense of 2 more
 * registers */
 #ifndef DES_RISC1
 #undef DES_RISC1
@@ -105,7 +105,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
 #endif
 /* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
+ * Very much CPU dependent */
 #ifndef DES_UNROLL
 #undef DES_UNROLL
 #endif
diff --git a/src/lib/libcrypto/arch/powerpc/opensslconf.h b/src/lib/libcrypto/arch/powerpc/opensslconf.h
index 78cd6d856f..f17d3d2803 100644
--- a/src/lib/libcrypto/arch/powerpc/opensslconf.h
+++ b/src/lib/libcrypto/arch/powerpc/opensslconf.h
@@ -60,7 +60,7 @@
 /* Only one for the following should be defined */
 /* The prime number generation stuff may not work when
 * EIGHT_BIT but I don't care since I've only used this mode
- * for debuging the bignum libraries */
+ * for debugging the bignum libraries */
 #undef SIXTY_FOUR_BIT_LONG
 #undef SIXTY_FOUR_BIT
 #define THIRTY_TWO_BIT
@@ -90,7 +90,7 @@
 #endif
 /* This helps C compiler generate the correct code for multiple functional
- * units.  It reduces register dependancies at the expense of 2 more
+ * units.  It reduces register dependencies at the expense of 2 more
 * registers */
 #ifndef DES_RISC1
 #undef DES_RISC1
@@ -105,7 +105,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
 #endif
 /* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
+ * Very much CPU dependent */
 #ifndef DES_UNROLL
 #define DES_UNROLL
 #endif
diff --git a/src/lib/libcrypto/arch/powerpc64/opensslconf.h b/src/lib/libcrypto/arch/powerpc64/opensslconf.h
index f8cbb5d652..5cad089a8b 100644
--- a/src/lib/libcrypto/arch/powerpc64/opensslconf.h
+++ b/src/lib/libcrypto/arch/powerpc64/opensslconf.h
@@ -85,7 +85,7 @@
 #endif
 /* This helps C compiler generate the correct code for multiple functional
- * units.  It reduces register dependancies at the expense of 2 more
+ * units.  It reduces register dependencies at the expense of 2 more
 * registers */
 #ifndef DES_RISC1
 #undef DES_RISC1
@@ -100,7 +100,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
 #endif
 /* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
+ * Very much CPU dependent */
 #ifndef DES_UNROLL
 #define DES_UNROLL
 #endif
diff --git a/src/lib/libcrypto/arch/riscv64/opensslconf.h b/src/lib/libcrypto/arch/riscv64/opensslconf.h
index ab3e2d89b0..748ed8f8b4 100644
--- a/src/lib/libcrypto/arch/riscv64/opensslconf.h
+++ b/src/lib/libcrypto/arch/riscv64/opensslconf.h
@@ -60,7 +60,7 @@
 /* Only one for the following should be defined */
 /* The prime number generation stuff may not work when
 * EIGHT_BIT but I don't care since I've only used this mode
- * for debuging the bignum libraries */
+ * for debugging the bignum libraries */
 #define SIXTY_FOUR_BIT_LONG
 #undef SIXTY_FOUR_BIT
 #undef THIRTY_TWO_BIT
@@ -90,7 +90,7 @@
 #endif
 /* This helps C compiler generate the correct code for multiple functional
- * units.  It reduces register dependancies at the expense of 2 more
+ * units.  It reduces register dependencies at the expense of 2 more
 * registers */
 #ifndef DES_RISC1
 #undef DES_RISC1
@@ -105,7 +105,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
 #endif
 /* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
+ * Very much CPU dependent */
 #ifndef DES_UNROLL
 #define DES_UNROLL
 #endif
diff --git a/src/lib/libcrypto/arch/sh/opensslconf.h b/src/lib/libcrypto/arch/sh/opensslconf.h
index 78cd6d856f..f17d3d2803 100644
--- a/src/lib/libcrypto/arch/sh/opensslconf.h
+++ b/src/lib/libcrypto/arch/sh/opensslconf.h
@@ -60,7 +60,7 @@
 /* Only one for the following should be defined */
 /* The prime number generation stuff may not work when
 * EIGHT_BIT but I don't care since I've only used this mode
- * for debuging the bignum libraries */
+ * for debugging the bignum libraries */
 #undef SIXTY_FOUR_BIT_LONG
 #undef SIXTY_FOUR_BIT
 #define THIRTY_TWO_BIT
@@ -90,7 +90,7 @@
 #endif
 /* This helps C compiler generate the correct code for multiple functional
- * units.  It reduces register dependancies at the expense of 2 more
+ * units.  It reduces register dependencies at the expense of 2 more
 * registers */
 #ifndef DES_RISC1
 #undef DES_RISC1
@@ -105,7 +105,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
 #endif
 /* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
+ * Very much CPU dependent */
 #ifndef DES_UNROLL
 #define DES_UNROLL
 #endif
diff --git a/src/lib/libcrypto/arch/sparc/opensslconf.h b/src/lib/libcrypto/arch/sparc/opensslconf.h
index 78cd6d856f..f17d3d2803 100644
--- a/src/lib/libcrypto/arch/sparc/opensslconf.h
+++ b/src/lib/libcrypto/arch/sparc/opensslconf.h
@@ -60,7 +60,7 @@
 /* Only one for the following should be defined */
 /* The prime number generation stuff may not work when
 * EIGHT_BIT but I don't care since I've only used this mode
- * for debuging the bignum libraries */
+ * for debugging the bignum libraries */
 #undef SIXTY_FOUR_BIT_LONG
 #undef SIXTY_FOUR_BIT
 #define THIRTY_TWO_BIT
@@ -90,7 +90,7 @@
 #endif
 /* This helps C compiler generate the correct code for multiple functional
- * units.  It reduces register dependancies at the expense of 2 more
+ * units.  It reduces register dependencies at the expense of 2 more
 * registers */
 #ifndef DES_RISC1
 #undef DES_RISC1
@@ -105,7 +105,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
 #endif
 /* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
+ * Very much CPU dependent */
 #ifndef DES_UNROLL
 #define DES_UNROLL
 #endif
diff --git a/src/lib/libcrypto/arch/sparc64/opensslconf.h b/src/lib/libcrypto/arch/sparc64/opensslconf.h
index 226951eded..ed1204c8c1 100644
--- a/src/lib/libcrypto/arch/sparc64/opensslconf.h
+++ b/src/lib/libcrypto/arch/sparc64/opensslconf.h
@@ -60,7 +60,7 @@
 /* Only one for the following should be defined */
 /* The prime number generation stuff may not work when
 * EIGHT_BIT but I don't care since I've only used this mode
- * for debuging the bignum libraries */
+ * for debugging the bignum libraries */
 #define SIXTY_FOUR_BIT_LONG
 #undef SIXTY_FOUR_BIT
 #undef THIRTY_TWO_BIT
@@ -90,7 +90,7 @@
 #endif
 /* This helps C compiler generate the correct code for multiple functional
- * units.  It reduces register dependancies at the expense of 2 more
+ * units.  It reduces register dependencies at the expense of 2 more
 * registers */
 #ifndef DES_RISC1
 #undef DES_RISC1
@@ -105,7 +105,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
 #endif
 /* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
+ * Very much CPU dependent */
 #ifndef DES_UNROLL
 #undef DES_UNROLL
 #endif
diff --git a/src/lib/libcrypto/asn1/a_mbstr.c b/src/lib/libcrypto/asn1/a_mbstr.c
index 06b674ef41..32b39ad5db 100644
--- a/src/lib/libcrypto/asn1/a_mbstr.c
+++ b/src/lib/libcrypto/asn1/a_mbstr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: a_mbstr.c,v 1.25 2022/11/26 16:08:50 tb Exp $ */
+/* $OpenBSD: a_mbstr.c,v 1.26 2022/12/26 07:18:51 jmc Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 1999.
 */
@@ -276,7 +276,7 @@ traverse_string(const unsigned char *p, int len, int inform,
                case MBSTRING_BMP:
                        value = *p++ << 8;
                        value |= *p++;
-                        /* BMP is explictly defined to not support surrogates */
+                        /* BMP is explicitly defined to not support surrogates */
                        if (UNICODE_IS_SURROGATE(value))
                                return -1;
                        len -= 2;
diff --git a/src/lib/libcrypto/asn1/tasn_utl.c b/src/lib/libcrypto/asn1/tasn_utl.c
index 86cd42eec7..ae546edd4b 100644
--- a/src/lib/libcrypto/asn1/tasn_utl.c
+++ b/src/lib/libcrypto/asn1/tasn_utl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tasn_utl.c,v 1.17 2022/05/12 19:55:58 jsing Exp $ */
+/* $OpenBSD: tasn_utl.c,v 1.18 2022/12/26 07:18:51 jmc Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2000.
 */
@@ -100,7 +100,7 @@ asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it)
 /* Do reference counting. The value 'op' decides what to do.
 * if it is +1 then the count is incremented. If op is 0 count is
 * set to 1. If op is -1 count is decremented and the return value
- * is the current refrence count or 0 if no reference count exists.
+ * is the current reference count or 0 if no reference count exists.
 */
 int
diff --git a/src/lib/libcrypto/bio/bss_dgram.c b/src/lib/libcrypto/bio/bss_dgram.c
index fa6e2db917..0d70daa20e 100644
--- a/src/lib/libcrypto/bio/bss_dgram.c
+++ b/src/lib/libcrypto/bio/bss_dgram.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bss_dgram.c,v 1.43 2022/01/07 09:02:17 tb Exp $ */
+/* $OpenBSD: bss_dgram.c,v 1.44 2022/12/26 07:18:51 jmc Exp $ */
 /* 
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
@@ -214,7 +214,7 @@ dgram_adjust_rcv_timeout(BIO *b)
                        timeleft.tv_usec = 1;
                }
-                /* Adjust socket timeout if next handhake message timer
+                /* Adjust socket timeout if next handshake message timer
                 * will expire earlier.
                 */
                if ((data->socket_timeout.tv_sec == 0 &&
diff --git a/src/lib/libcrypto/bn/asm/co-586.pl b/src/lib/libcrypto/bn/asm/co-586.pl
index 57101a6bd7..37d79cc0c1 100644
--- a/src/lib/libcrypto/bn/asm/co-586.pl
+++ b/src/lib/libcrypto/bn/asm/co-586.pl
@@ -28,17 +28,17 @@ sub mul_add_c
        &mul("edx");
        &add($c0,"eax");
-         &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0;        # laod next a
+         &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0;        # load next a
         &mov("eax",&wparam(0)) if $pos > 0;                    # load r[]
         ###
        &adc($c1,"edx");
-         &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0;        # laod next b
+         &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0;        # load next b
-         &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1;        # laod next b
+         &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1;        # load next b
         ###
        &adc($c2,0);
         # is pos > 1, it means it is the last loop 
         &mov(&DWP($i*4,"eax","",0),$c0) if $pos > 0;           # save r[];
-        &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1;         # laod next a
+        &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1;         # load next a
        }
 sub sqr_add_c
diff --git a/src/lib/libcrypto/bn/asm/mips.pl b/src/lib/libcrypto/bn/asm/mips.pl
index 215c9a7483..02d43e15b0 100644
--- a/src/lib/libcrypto/bn/asm/mips.pl
+++ b/src/lib/libcrypto/bn/asm/mips.pl
@@ -15,7 +15,7 @@
 # This is drop-in MIPS III/IV ISA replacement for crypto/bn/bn_asm.c.
 #
 # The module is designed to work with either of the "new" MIPS ABI(5),
-# namely N32 or N64, offered by IRIX 6.x. It's not ment to work under
+# namely N32 or N64, offered by IRIX 6.x. It's not meant to work under
 # IRIX 5.x not only because it doesn't support new ABIs but also
 # because 5.x kernels put R4x00 CPU into 32-bit mode and all those
 # 64-bit instructions (daddu, dmultu, etc.) found below gonna only
diff --git a/src/lib/libcrypto/bn/asm/modexp512-x86_64.pl b/src/lib/libcrypto/bn/asm/modexp512-x86_64.pl
index 4317282835..2e71a7f03d 100644
--- a/src/lib/libcrypto/bn/asm/modexp512-x86_64.pl
+++ b/src/lib/libcrypto/bn/asm/modexp512-x86_64.pl
@@ -1307,7 +1307,7 @@ end_main_loop_a3b:
         movdqa %xmm3, (+$tmp16_offset+16*3)(%rsp)
         call   mont_reduce
-        # If result > m, subract m
+        # If result > m, subtract m
        # load result into r15:r8
         mov    (+$pResult_offset)(%rsp), %rax
         mov    (+8*0)(%rax), %r8
diff --git a/src/lib/libcrypto/bn/asm/pa-risc2W.s b/src/lib/libcrypto/bn/asm/pa-risc2W.s
index a99545754d..a91f3ea5af 100644
--- a/src/lib/libcrypto/bn/asm/pa-risc2W.s
+++ b/src/lib/libcrypto/bn/asm/pa-risc2W.s
@@ -783,7 +783,7 @@ $00000012
    COPY    %r0,%r10                           ; ret = 0
    MTSARCM %r31                               ; i to shift
    DEPD,Z  %r3,%sar,64,%r3                    ; d <<= i;
-    SUBI    64,%r31,%r19                       ; 64 - i; redundent
+    SUBI    64,%r31,%r19                       ; 64 - i; redundant
    MTSAR   %r19                               ; (64 -i) to shift
    SHRPD   %r4,%r5,%sar,%r4                   ; l>> (64-i)
    MTSARCM %r31                               ; i to shift
diff --git a/src/lib/libcrypto/bn/asm/parisc-mont.pl b/src/lib/libcrypto/bn/asm/parisc-mont.pl
index fcfdee1f1f..6da9574adf 100644
--- a/src/lib/libcrypto/bn/asm/parisc-mont.pl
+++ b/src/lib/libcrypto/bn/asm/parisc-mont.pl
@@ -116,7 +116,7 @@ $fp="%r3";
 $hi1="%r2";
 $hi0="%r1";
-$xfer=$n0;      # accomodates [-16..15] offset in fld[dw]s
+$xfer=$n0;      # accommodates [-16..15] offset in fld[dw]s
 $fm0="%fr4";    $fti=$fm0;
 $fbi="%fr5L";
diff --git a/src/lib/libcrypto/bn/asm/ppc.pl b/src/lib/libcrypto/bn/asm/ppc.pl
index 1249ce2299..34e38d8f6a 100644
--- a/src/lib/libcrypto/bn/asm/ppc.pl
+++ b/src/lib/libcrypto/bn/asm/ppc.pl
@@ -34,7 +34,7 @@
 #dsa  512 bits   0.0087s   0.0106s    114.3     94.5
 #dsa 1024 bits   0.0256s   0.0313s     39.0     32.0    
 #
-#       Same bechmark with this assembler code:
+#       Same benchmark with this assembler code:
 #
 #rsa  512 bits   0.0056s   0.0005s    178.6   2049.2
 #rsa 1024 bits   0.0283s   0.0015s     35.3    674.1
diff --git a/src/lib/libcrypto/bn/asm/ppc64-mont.pl b/src/lib/libcrypto/bn/asm/ppc64-mont.pl
index a14e769ad0..a9291f4bf7 100644
--- a/src/lib/libcrypto/bn/asm/ppc64-mont.pl
+++ b/src/lib/libcrypto/bn/asm/ppc64-mont.pl
@@ -919,7 +919,7 @@ $code.=<<___;
        std     $t3,-16($tp)            ; tp[j-1]
        std     $t5,-8($tp)             ; tp[j]
-        add     $carry,$carry,$ovf      ; comsume upmost overflow
+        add     $carry,$carry,$ovf      ; consume upmost overflow
        add     $t6,$t6,$carry          ; can not overflow
        srdi    $carry,$t6,16
        add     $t7,$t7,$carry
diff --git a/src/lib/libcrypto/bn/asm/sparcv9-mont.pl b/src/lib/libcrypto/bn/asm/sparcv9-mont.pl
index b8fb1e8a25..fb44c01443 100644
--- a/src/lib/libcrypto/bn/asm/sparcv9-mont.pl
+++ b/src/lib/libcrypto/bn/asm/sparcv9-mont.pl
@@ -13,7 +13,7 @@
 # for undertaken effort are multiple. First of all, UltraSPARC is not
 # the whole SPARCv9 universe and other VIS-free implementations deserve
 # optimized code as much. Secondly, newly introduced UltraSPARC T1,
-# a.k.a. Niagara, has shared FPU and concurrent FPU-intensive pathes,
+# a.k.a. Niagara, has shared FPU and concurrent FPU-intensive paths,
 # such as sparcv9a-mont, will simply sink it. Yes, T1 is equipped with
 # several integrated RSA/DSA accelerator circuits accessible through
 # kernel driver [only(*)], but having decent user-land software
diff --git a/src/lib/libcrypto/bn/asm/sparcv9a-mont.pl b/src/lib/libcrypto/bn/asm/sparcv9a-mont.pl
index a14205f2f0..4ebe15c5c0 100755
--- a/src/lib/libcrypto/bn/asm/sparcv9a-mont.pl
+++ b/src/lib/libcrypto/bn/asm/sparcv9a-mont.pl
@@ -51,7 +51,7 @@
 #
 # Modulo-scheduled inner loops allow to interleave floating point and
 # integer instructions and minimize Read-After-Write penalties. This
-# results in *further* 20-50% perfromance improvement [depending on
+# results in *further* 20-50% performance improvement [depending on
 # key length, more for longer keys] on USI&II cores and 30-80% - on
 # USIII&IV.
@@ -867,7 +867,7 @@ ___
 $code =~ s/\`([^\`]*)\`/eval($1)/gem;
 # Below substitution makes it possible to compile without demanding
-# VIS extentions on command line, e.g. -xarch=v9 vs. -xarch=v9a. I
+# VIS extensions on command line, e.g. -xarch=v9 vs. -xarch=v9a. I
 # dare to do this, because VIS capability is detected at run-time now
 # and this routine is not called on CPU not capable to execute it. Do
 # note that fzeros is not the only VIS dependency! Another dependency
diff --git a/src/lib/libcrypto/bn/asm/x86-gf2m.pl b/src/lib/libcrypto/bn/asm/x86-gf2m.pl
index 97d9136260..9715b2158f 100644
--- a/src/lib/libcrypto/bn/asm/x86-gf2m.pl
+++ b/src/lib/libcrypto/bn/asm/x86-gf2m.pl
@@ -142,7 +142,7 @@ $R="mm0";
         &xor   ($a4,$a2);              # a2=a4^a2^a4
         &mov   (&DWP(5*4,"esp"),$a1);  # a1^a4
         &xor   ($a4,$a1);              # a1^a2^a4
-        &sar    (@i[1],31);             # broardcast 30th bit
+        &sar    (@i[1],31);             # broadcast 30th bit
        &and    ($lo,$b);
         &mov   (&DWP(6*4,"esp"),$a2);  # a2^a4
        &and    (@i[1],$b);
diff --git a/src/lib/libcrypto/bn/asm/x86-mont.pl b/src/lib/libcrypto/bn/asm/x86-mont.pl
index a0bdd5787e..e6c04739b1 100755
--- a/src/lib/libcrypto/bn/asm/x86-mont.pl
+++ b/src/lib/libcrypto/bn/asm/x86-mont.pl
@@ -69,7 +69,7 @@ $frame=32;				# size of above frame rounded up to 16n
        &lea    ("esp",&DWP(-$frame,"esp","edi",4));    # alloca($frame+4*(num+2))
        &neg    ("edi");
-        # minimize cache contention by arraning 2K window between stack
+        # minimize cache contention by arranging 2K window between stack
        # pointer and ap argument [np is also position sensitive vector,
        # but it's assumed to be near ap, as it's allocated at ~same
        # time].
@@ -267,7 +267,7 @@ if (0) {
        &xor    ("eax","eax");  # signal "not fast enough [yet]"
        &jmp    (&label("just_leave"));
        # While the below code provides competitive performance for
-        # all key lengthes on modern Intel cores, it's still more
+        # all key lengths on modern Intel cores, it's still more
        # than 10% slower for 4096-bit key elsewhere:-( "Competitive"
        # means compared to the original integer-only assembler.
        # 512-bit RSA sign is better by ~40%, but that's about all
diff --git a/src/lib/libcrypto/bn/asm/x86/comba.pl b/src/lib/libcrypto/bn/asm/x86/comba.pl
index dc4ec97ff5..762412974a 100644
--- a/src/lib/libcrypto/bn/asm/x86/comba.pl
+++ b/src/lib/libcrypto/bn/asm/x86/comba.pl
@@ -16,17 +16,17 @@ sub mul_add_c
        &mul("edx");
        &add($c0,"eax");
-         &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0;        # laod next a
+         &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0;        # load next a
         &mov("eax",&wparam(0)) if $pos > 0;                    # load r[]
         ###
        &adc($c1,"edx");
-         &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0;        # laod next b
+         &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0;        # load next b
-         &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1;        # laod next b
+         &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1;        # load next b
         ###
        &adc($c2,0);
         # is pos > 1, it means it is the last loop 
         &mov(&DWP($i*4,"eax","",0),$c0) if $pos > 0;           # save r[];
-        &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1;         # laod next a
+        &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1;         # load next a
        }
 sub sqr_add_c
diff --git a/src/lib/libcrypto/bn/asm/x86_64-gf2m.pl b/src/lib/libcrypto/bn/asm/x86_64-gf2m.pl
index 3ecb425dad..24dacb1e9c 100644
--- a/src/lib/libcrypto/bn/asm/x86_64-gf2m.pl
+++ b/src/lib/libcrypto/bn/asm/x86_64-gf2m.pl
@@ -59,7 +59,7 @@ _mul_1x1:
        sar     \$63,$i0                # broadcast 62nd bit
        lea     (,$a1,4),$a4
        and     $b,$a
-        sar     \$63,$i1                # boardcast 61st bit
+        sar     \$63,$i1                # broadcast 61st bit
        mov     $a,$hi                  # $a is $lo
        shl     \$63,$lo
        and     $b,$i0
diff --git a/src/lib/libcrypto/bn/bn_div.c b/src/lib/libcrypto/bn/bn_div.c
index a62e74da5d..d0adc4688f 100644
--- a/src/lib/libcrypto/bn/bn_div.c
+++ b/src/lib/libcrypto/bn/bn_div.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_div.c,v 1.28 2022/11/26 16:08:51 tb Exp $ */
+/* $OpenBSD: bn_div.c,v 1.29 2022/12/26 07:18:51 jmc Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -327,7 +327,7 @@ BN_div_internal(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor
                l0 = bn_mul_words(tmp->d, sdiv->d, div_n, q);
                tmp->d[div_n] = l0;
                wnum.d--;
-                /* ingore top values of the bignums just sub the two
+                /* ignore top values of the bignums just sub the two
                 * BN_ULONG arrays with bn_sub_words */
                if (bn_sub_words(wnum.d, wnum.d, tmp->d, div_n + 1)) {
                        /* Note: As we have considered only the leading
diff --git a/src/lib/libcrypto/bn/bn_gcd.c b/src/lib/libcrypto/bn/bn_gcd.c
index f3a23701b1..0d8bdf07eb 100644
--- a/src/lib/libcrypto/bn/bn_gcd.c
+++ b/src/lib/libcrypto/bn/bn_gcd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_gcd.c,v 1.19 2022/12/01 02:58:31 jsing Exp $ */
+/* $OpenBSD: bn_gcd.c,v 1.20 2022/12/26 07:18:51 jmc Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -301,7 +301,7 @@ BN_mod_inverse_internal(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, BN_CTX *ct
                /* Binary inversion algorithm; requires odd modulus.
                 * This is faster than the general algorithm if the modulus
                 * is sufficiently small (about 400 .. 500 bits on 32-bit
-                 * sytems, but much more on 64-bit systems) */
+                 * systems, but much more on 64-bit systems) */
                int shift;
                while (!BN_is_zero(B)) {
diff --git a/src/lib/libcrypto/bn/bn_x931p.c b/src/lib/libcrypto/bn/bn_x931p.c
index b14e9810dd..e73c416e3f 100644
--- a/src/lib/libcrypto/bn/bn_x931p.c
+++ b/src/lib/libcrypto/bn/bn_x931p.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_x931p.c,v 1.14 2022/11/26 16:08:51 tb Exp $ */
+/* $OpenBSD: bn_x931p.c,v 1.15 2022/12/26 07:18:51 jmc Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2005.
 */
@@ -80,7 +80,7 @@ bn_x931_derive_pi(BIGNUM *pi, const BIGNUM *Xpi, BN_CTX *ctx, BN_GENCB *cb)
        for (;;) {
                i++;
                BN_GENCB_call(cb, 0, i);
-                /* NB 27 MR is specificed in X9.31 */
+                /* NB 27 MR is specified in X9.31 */
                is_prime = BN_is_prime_fasttest_ex(pi, 27, ctx, 1, cb);
                if (is_prime < 0)
                        return 0;
@@ -205,8 +205,8 @@ err:
        return ret;
 }
-/* Generate pair of paramters Xp, Xq for X9.31 prime generation.
+/* Generate pair of parameters Xp, Xq for X9.31 prime generation.
- * Note: nbits paramter is sum of number of bits in both.
+ * Note: nbits parameter is sum of number of bits in both.
 */
 int
diff --git a/src/lib/libcrypto/cmac/cmac.c b/src/lib/libcrypto/cmac/cmac.c
index e7b343e216..7135f5306e 100644
--- a/src/lib/libcrypto/cmac/cmac.c
+++ b/src/lib/libcrypto/cmac/cmac.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cmac.c,v 1.12 2022/11/26 16:08:51 tb Exp $ */
+/* $OpenBSD: cmac.c,v 1.13 2022/12/26 07:18:51 jmc Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project.
 */
@@ -167,7 +167,7 @@ CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
                ctx->nlast_block = 0;
                return 1;
        }
-        /* Initialiase context */
+        /* Initialise context */
        if (cipher && !EVP_EncryptInit_ex(&ctx->cctx, cipher, impl, NULL, NULL))
                return 0;
        /* Non-NULL key means initialisation complete */
diff --git a/src/lib/libcrypto/comp/c_zlib.c b/src/lib/libcrypto/comp/c_zlib.c
index 6aac97e451..9db0ae26bc 100644
--- a/src/lib/libcrypto/comp/c_zlib.c
+++ b/src/lib/libcrypto/comp/c_zlib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: c_zlib.c,v 1.24 2022/12/24 07:12:09 tb Exp $ */
+/* $OpenBSD: c_zlib.c,v 1.25 2022/12/26 07:18:51 jmc Exp $ */
 /*
 * ---------------------------------------------------------------------------
 * Major patches to this file were contributed by
@@ -143,7 +143,7 @@ static int zlib_stateful_expand_block(COMP_CTX *ctx, unsigned char *out,
    unsigned int olen, unsigned char *in, unsigned int ilen);
-/* memory allocations functions for zlib intialization */
+/* memory allocations functions for zlib initialization */
 static void*
 zlib_zalloc(void* opaque, unsigned int no, unsigned int size)
 {
@@ -297,7 +297,7 @@ COMP_zlib(void)
 #ifdef ZLIB
        {
                /* init zlib_stateful_ex_idx here so that in a multi-process
-                 * application it's enough to intialize openssl before forking
+                 * application it's enough to initialize openssl before forking
                 * (idx will be inherited in all the children) */
                if (zlib_stateful_ex_idx == -1) {
                        CRYPTO_w_lock(CRYPTO_LOCK_COMP);
diff --git a/src/lib/libcrypto/crypto.h b/src/lib/libcrypto/crypto.h
index 3b00f039fa..066f6246f6 100644
--- a/src/lib/libcrypto/crypto.h
+++ b/src/lib/libcrypto/crypto.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: crypto.h,v 1.57 2022/09/11 17:26:51 tb Exp $ */
+/* $OpenBSD: crypto.h,v 1.58 2022/12/26 07:18:50 jmc Exp $ */
 /* ====================================================================
 * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
 *
@@ -248,8 +248,8 @@ DECLARE_STACK_OF(void)
 * The current classes are SSL_CTX, SSL, SSL_SESSION, and a few more */
 typedef struct crypto_ex_data_func_st {
-        long argl;      /* Arbitary long */
+        long argl;      /* Arbitrary long */
-        void *argp;     /* Arbitary void * */
+        void *argp;     /* Arbitrary void * */
        CRYPTO_EX_new *new_func;
        CRYPTO_EX_free *free_func;
        CRYPTO_EX_dup *dup_func;
@@ -540,7 +540,7 @@ void ERR_load_CRYPTO_strings(void);
 #define _OPENSSL_INIT_FLAG_NOOP                 0x80000000L
 /*
- * These are provided for compatibiliy, but have no effect
+ * These are provided for compatibility, but have no effect
 * on how LibreSSL is initialized.
 */
 #define OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS     _OPENSSL_INIT_FLAG_NOOP
diff --git a/src/lib/libcrypto/des/asm/des_enc.m4 b/src/lib/libcrypto/des/asm/des_enc.m4
index 7303d40052..3fbb026dd3 100644
--- a/src/lib/libcrypto/des/asm/des_enc.m4
+++ b/src/lib/libcrypto/des/asm/des_enc.m4
@@ -124,7 +124,7 @@ changequote({,})
 ! technique.
 !
 ! The macro also loads address sbox 1 to 5 to global 1 to 5, address
-! sbox 6 to local6, and addres sbox 8 to out3.
+! sbox 6 to local6, and address sbox 8 to out3.
 !
 ! Rotates the halfs 3 left to bring the sbox bits in convenient positions.
 !
@@ -266,7 +266,7 @@ define(ip_macro, {
 ! other half (use).
 !
 ! In this version we do two rounds in a loop repeated 7 times
-! and two rounds seperately.
+! and two rounds separately.
 !
 ! One half has the bits for the sboxes in the following positions:
 !
diff --git a/src/lib/libcrypto/dh/dh_ameth.c b/src/lib/libcrypto/dh/dh_ameth.c
index d21a8ddd07..a0bcf8a761 100644
--- a/src/lib/libcrypto/dh/dh_ameth.c
+++ b/src/lib/libcrypto/dh/dh_ameth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh_ameth.c,v 1.25 2022/11/26 16:08:51 tb Exp $ */
+/* $OpenBSD: dh_ameth.c,v 1.26 2022/12/26 07:18:51 jmc Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2006.
 */
@@ -177,7 +177,7 @@ err:
 /*
 * PKCS#8 DH is defined in PKCS#11 of all places. It is similar to DH in
- * that the AlgorithmIdentifier contains the paramaters, the private key
+ * that the AlgorithmIdentifier contains the parameters, the private key
 * is explcitly included and the pubkey must be recalculated.
 */
diff --git a/src/lib/libcrypto/dso/dso.h b/src/lib/libcrypto/dso/dso.h
index ae07b0a5f7..c3963a8e01 100644
--- a/src/lib/libcrypto/dso/dso.h
+++ b/src/lib/libcrypto/dso/dso.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: dso.h,v 1.13 2022/07/12 14:42:49 kn Exp $ */
+/* $OpenBSD: dso.h,v 1.14 2022/12/26 07:18:51 jmc Exp $ */
 /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
 * project 2000.
 */
@@ -109,14 +109,14 @@ typedef struct dso_st DSO;
 /* The function prototype used for method functions (or caller-provided
 * callbacks) that transform filenames. They are passed a DSO structure pointer
- * (or NULL if they are to be used independantly of a DSO object) and a
+ * (or NULL if they are to be used independently of a DSO object) and a
 * filename to transform. They should either return NULL (if there is an error
 * condition) or a newly allocated string containing the transformed form that
 * the caller will need to free with free() when done. */
 typedef char* (*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *);
 /* The function prototype used for method functions (or caller-provided
 * callbacks) that merge two file specifications. They are passed a
- * DSO structure pointer (or NULL if they are to be used independantly of
+ * DSO structure pointer (or NULL if they are to be used independently of
 * a DSO object) and two file specifications to merge. They should
 * either return NULL (if there is an error condition) or a newly allocated
 * string containing the result of merging that the caller will need
@@ -285,7 +285,7 @@ DSO_METHOD *DSO_METHOD_dlfcn(void);
 * containing 'addr' into 'sz' large caller-provided 'path' and
 * returns the number of characters [including trailing zero]
 * written to it. If 'sz' is 0 or negative, 'path' is ignored and
- * required amount of charachers [including trailing zero] to
+ * required amount of characters [including trailing zero] to
 * accommodate pathname is returned. If 'addr' is NULL, then
 * pathname of cryptolib itself is returned. Negative or zero
 * return value denotes error.
diff --git a/src/lib/libcrypto/ec/asm/ecp_nistz256-armv4.pl b/src/lib/libcrypto/ec/asm/ecp_nistz256-armv4.pl
index f3205d673a..9e6c65905f 100644
--- a/src/lib/libcrypto/ec/asm/ecp_nistz256-armv4.pl
+++ b/src/lib/libcrypto/ec/asm/ecp_nistz256-armv4.pl
@@ -1,5 +1,5 @@
 #! /usr/bin/env perl
-# $OpenBSD: ecp_nistz256-armv4.pl,v 1.1 2016/11/04 17:33:19 miod Exp $
+# $OpenBSD: ecp_nistz256-armv4.pl,v 1.2 2022/12/26 07:18:51 jmc Exp $
 #
 # Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
 #
@@ -179,7 +179,7 @@ __ecp_nistz256_add:
        @ if a+b >= modulus, subtract modulus.
        @
        @ But since comparison implies subtraction, we subtract
-        @ modulus and then add it back if subraction borrowed.
+        @ modulus and then add it back if subtraction borrowed.
        subs    $a0,$a0,#-1
        sbcs    $a1,$a1,#-1
@@ -1090,7 +1090,7 @@ __ecp_nistz256_add_self:
        @ if a+b >= modulus, subtract modulus.
        @
        @ But since comparison implies subtraction, we subtract
-        @ modulus and then add it back if subraction borrowed.
+        @ modulus and then add it back if subtraction borrowed.
        subs    $a0,$a0,#-1
        sbcs    $a1,$a1,#-1
diff --git a/src/lib/libcrypto/ec/asm/ecp_nistz256-sparcv9.pl b/src/lib/libcrypto/ec/asm/ecp_nistz256-sparcv9.pl
index 044eb457b6..49460fefdc 100644
--- a/src/lib/libcrypto/ec/asm/ecp_nistz256-sparcv9.pl
+++ b/src/lib/libcrypto/ec/asm/ecp_nistz256-sparcv9.pl
@@ -1,5 +1,5 @@
 #! /usr/bin/env perl
-# $OpenBSD: ecp_nistz256-sparcv9.pl,v 1.1 2016/11/04 17:33:20 miod Exp $
+# $OpenBSD: ecp_nistz256-sparcv9.pl,v 1.2 2022/12/26 07:18:51 jmc Exp $
 #
 # Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
 #
@@ -350,7 +350,7 @@ __ecp_nistz256_add:
        ! if a+b >= modulus, subtract modulus.
        !
        ! But since comparison implies subtraction, we subtract
-        ! modulus and then add it back if subraction borrowed.
+        ! modulus and then add it back if subtraction borrowed.
        subcc   @acc[0],-1,@acc[0]
        subccc  @acc[1],-1,@acc[1]
@@ -1805,7 +1805,7 @@ $code.=<<___;
         srlx   $acc0,32,$t1
        addxccc $acc3,$t2,$acc2         ! +=acc[0]*0xFFFFFFFF00000001
         sub    $acc0,$t0,$t2           ! acc0*0xFFFFFFFF00000001, low part
-        addxc   %g0,$t3,$acc3           ! cant't overflow
+        addxc   %g0,$t3,$acc3           ! can't overflow
 ___
 }
 $code.=<<___;
diff --git a/src/lib/libcrypto/ec/ec.h b/src/lib/libcrypto/ec/ec.h
index 9a7c5de8a5..8cafc5522f 100644
--- a/src/lib/libcrypto/ec/ec.h
+++ b/src/lib/libcrypto/ec/ec.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec.h,v 1.29 2022/11/10 16:37:51 jsing Exp $ */
+/* $OpenBSD: ec.h,v 1.30 2022/12/26 07:18:51 jmc Exp $ */
 /*
 * Originally written by Bodo Moeller for the OpenSSL project.
 */
@@ -232,7 +232,7 @@ int EC_METHOD_get_field_type(const EC_METHOD *meth);
 *  \param  order      the order of the group generated by the generator.
 *  \param  cofactor   the index of the sub-group generated by the generator
 *                     in the group of all points on the elliptic curve.
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor);
@@ -246,7 +246,7 @@ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
 *  \param  group  EC_GROUP object
 *  \param  order  BIGNUM to which the order is copied
 *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
@@ -256,7 +256,7 @@ int EC_GROUP_order_bits(const EC_GROUP *group);
 *  \param  group     EC_GROUP object
 *  \param  cofactor  BIGNUM to which the cofactor is copied
 *  \param  ctx       BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
@@ -293,7 +293,7 @@ int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
 *  \param  a      BIGNUM with parameter a of the equation
 *  \param  b      BIGNUM with parameter b of the equation
 *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
@@ -303,7 +303,7 @@ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, co
 *  \param  a      BIGNUM for parameter a of the equation
 *  \param  b      BIGNUM for parameter b of the equation
 *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
@@ -314,7 +314,7 @@ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *
 *  \param  a      BIGNUM with parameter a of the equation
 *  \param  b      BIGNUM with parameter b of the equation
 *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
@@ -324,7 +324,7 @@ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, c
 *  \param  a      BIGNUM for parameter a of the equation
 *  \param  b      BIGNUM for parameter b of the equation
 *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
 #endif
@@ -430,7 +430,7 @@ void EC_POINT_clear_free(EC_POINT *point);
 /** Copies EC_POINT object
 *  \param  dst  destination EC_POINT object
 *  \param  src  source EC_POINT object
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
@@ -451,7 +451,7 @@ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
 /** Sets a point to infinity (neutral element)
 *  \param  group  underlying EC_GROUP object
 *  \param  point  EC_POINT to set to infinity
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
@@ -478,7 +478,7 @@ int EC_POINT_get_Jprojective_coordinates(const EC_GROUP *group,
 *  \param  y      BIGNUM with the y-coordinate
 *  \param  z      BIGNUM with the z-coordinate
 *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
        const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx);
@@ -490,7 +490,7 @@ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
 *  \param  y      BIGNUM for the y-coordinate
 *  \param  z      BIGNUM for the z-coordinate
 *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
        const EC_POINT *p, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx);
@@ -501,7 +501,7 @@ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
 *  \param  x      BIGNUM with the x-coordinate
 *  \param  y      BIGNUM with the y-coordinate
 *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
        const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
@@ -512,7 +512,7 @@ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
 *  \param  x      BIGNUM for the x-coordinate
 *  \param  y      BIGNUM for the y-coordinate
 *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
        const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
@@ -523,7 +523,7 @@ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
 *  \param  x      BIGNUM with x-coordinate
 *  \param  y_bit  integer with the y-Bit (either 0 or 1)
 *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
        const BIGNUM *x, int y_bit, BN_CTX *ctx);
@@ -535,7 +535,7 @@ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
 *  \param  x      BIGNUM with the x-coordinate
 *  \param  y      BIGNUM with the y-coordinate
 *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
        const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
@@ -546,7 +546,7 @@ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
 *  \param  x      BIGNUM for the x-coordinate
 *  \param  y      BIGNUM for the y-coordinate
 *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
        const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
@@ -557,7 +557,7 @@ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
 *  \param  x      BIGNUM with x-coordinate
 *  \param  y_bit  integer with the y-Bit (either 0 or 1)
 *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
        const BIGNUM *x, int y_bit, BN_CTX *ctx);
@@ -584,7 +584,7 @@ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
 *  \param  buf    memory buffer with the encoded ec point
 *  \param  len    length of the encoded ec point
 *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
        const unsigned char *buf, size_t len, BN_CTX *ctx);
@@ -610,7 +610,7 @@ EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *,
 *  \param  a      EC_POINT object with the first summand
 *  \param  b      EC_POINT object with the second summand
 *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
@@ -619,7 +619,7 @@ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC
 *  \param  r      EC_POINT object for the result (r = 2 * a)
 *  \param  a      EC_POINT object 
 *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
@@ -627,7 +627,7 @@ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *
 *  \param  group  underlying EC_GROUP object
 *  \param  a      EC_POINT object to be inverted (it's used for the result as well)
 *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
@@ -662,11 +662,11 @@ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[],
 *  \param  group  underlying EC_GROUP object
 *  \param  r      EC_POINT object for the result
 *  \param  n      BIGNUM with the multiplier for the group generator (optional)
- *  \param  num    number futher summands
+ *  \param  num    number further summands
 *  \param  p      array of size num of EC_POINT objects
 *  \param  m      array of size num of BIGNUM objects
 *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num, const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx);
@@ -677,14 +677,14 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t nu
 *  \param  q      EC_POINT object with the first factor of the second summand
 *  \param  m      BIGNUM with the second factor of the second summand
 *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
 /** Stores multiples of generator for faster point multiplication
 *  \param  group  EC_GROUP object
 *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
+ *  \return 1 on success and 0 if an error occurred
 */
 int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
@@ -869,8 +869,8 @@ int EC_KEY_generate_key(EC_KEY *key);
 */
 int EC_KEY_check_key(const EC_KEY *key);
-/** Sets a public key from affine coordindates performing
+/** Sets a public key from affine coordinates performing
- *  neccessary NIST PKV tests.
+ *  necessary NIST PKV tests.
 *  \param  key  the EC_KEY object
 *  \param  x    public key x coordinate
 *  \param  y    public key y coordinate
@@ -914,7 +914,7 @@ int i2d_ECPrivateKey(EC_KEY *key, unsigned char **out);
 EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len);
 /** Encodes ec parameter and stores the result in a buffer.
- *  \param  key  the EC_KEY object with ec paramters to encode
+ *  \param  key  the EC_KEY object with ec parameters to encode
 *  \param  out  the buffer for the result (if NULL the function returns number
 *               of bytes needed).
 *  \return 1 on success and 0 if an error occurred.
diff --git a/src/lib/libcrypto/ec/ecp_nistp224.c b/src/lib/libcrypto/ec/ecp_nistp224.c
index 59781b75c3..caa4c3facf 100644
--- a/src/lib/libcrypto/ec/ecp_nistp224.c
+++ b/src/lib/libcrypto/ec/ecp_nistp224.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecp_nistp224.c,v 1.29 2022/11/26 16:08:52 tb Exp $ */
+/* $OpenBSD: ecp_nistp224.c,v 1.30 2022/12/26 07:18:51 jmc Exp $ */
 /*
 * Written by Emilia Kasper (Google) for the OpenSSL project.
 */
@@ -72,7 +72,7 @@ typedef uint128_t widelimb;
 typedef limb felem[4];
 typedef widelimb widefelem[7];
-/* Field element represented as a byte arrary.
+/* Field element represented as a byte array.
 * 28*8 = 224 bits is also the group order size for the elliptic curve,
 * and we also use this type for scalars for point multiplication.
  */
diff --git a/src/lib/libcrypto/ec/ecp_nistp256.c b/src/lib/libcrypto/ec/ecp_nistp256.c
index 275015b98d..e218b0c68c 100644
--- a/src/lib/libcrypto/ec/ecp_nistp256.c
+++ b/src/lib/libcrypto/ec/ecp_nistp256.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecp_nistp256.c,v 1.28 2022/11/26 16:08:52 tb Exp $ */
+/* $OpenBSD: ecp_nistp256.c,v 1.29 2022/12/26 07:18:51 jmc Exp $ */
 /*
 * Written by Adam Langley (Google) for the OpenSSL project
 */
@@ -1223,7 +1223,7 @@ copy_small_conditional(felem out, const smallfelem in, limb mask)
        }
 }
-/* point_add calcuates (x1, y1, z1) + (x2, y2, z2)
+/* point_add calculates (x1, y1, z1) + (x2, y2, z2)
 *
 * The method is taken from:
 *   http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#addition-add-2007-bl,
diff --git a/src/lib/libcrypto/ec/ecp_nistp521.c b/src/lib/libcrypto/ec/ecp_nistp521.c
index 20b5885ab7..caeea14911 100644
--- a/src/lib/libcrypto/ec/ecp_nistp521.c
+++ b/src/lib/libcrypto/ec/ecp_nistp521.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecp_nistp521.c,v 1.29 2022/11/26 16:08:52 tb Exp $ */
+/* $OpenBSD: ecp_nistp521.c,v 1.30 2022/12/26 07:18:51 jmc Exp $ */
 /*
 * Written by Adam Langley (Google) for the OpenSSL project
 */
@@ -1034,7 +1034,7 @@ felem_contract(felem out, const felem in)
 * elliptic curve group itself. Points on the curve are represented in Jacobian
 * coordinates */
-/* point_double calcuates 2*(x_in, y_in, z_in)
+/* point_double calculates 2*(x_in, y_in, z_in)
 *
 * The method is taken from:
 *   http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#doubling-dbl-2001-b
@@ -1143,7 +1143,7 @@ copy_conditional(felem out, const felem in, limb mask)
        }
 }
-/* point_add calcuates (x1, y1, z1) + (x2, y2, z2)
+/* point_add calculates (x1, y1, z1) + (x2, y2, z2)
 *
 * The method is taken from
 *   http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#addition-add-2007-bl,
diff --git a/src/lib/libcrypto/ecdsa/ecdsa.h b/src/lib/libcrypto/ecdsa/ecdsa.h
index 29ee8729ed..3f0eb3b66f 100644
--- a/src/lib/libcrypto/ecdsa/ecdsa.h
+++ b/src/lib/libcrypto/ecdsa/ecdsa.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecdsa.h,v 1.12 2022/07/12 14:42:49 kn Exp $ */
+/* $OpenBSD: ecdsa.h,v 1.13 2022/12/26 07:18:51 jmc Exp $ */
 /**
 * \file   crypto/ecdsa/ecdsa.h Include file for the OpenSSL ECDSA functions
 * \author Written by Nils Larsch for the OpenSSL project
@@ -156,7 +156,7 @@ ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
 *  \param  dgst     pointer to the hash value to sign
 *  \param  dgstlen  length of the hash value
 *  \param  kinv     BIGNUM with a pre-computed inverse k (optional)
- *  \param  rp       BIGNUM with a pre-computed rp value (optioanl),
+ *  \param  rp       BIGNUM with a pre-computed rp value (optional),
 *                   see ECDSA_sign_setup
 *  \param  eckey    EC_KEY object containing a private EC key
 *  \return pointer to a ECDSA_SIG structure or NULL if an error occurred
@@ -233,7 +233,7 @@ int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
 *  \param  sig      buffer to hold the DER encoded signature
 *  \param  siglen   pointer to the length of the returned signature
 *  \param  kinv     BIGNUM with a pre-computed inverse k (optional)
- *  \param  rp       BIGNUM with a pre-computed rp value (optioanl),
+ *  \param  rp       BIGNUM with a pre-computed rp value (optional),
 *                   see ECDSA_sign_setup
 *  \param  eckey    EC_KEY object containing a private EC key
 *  \return 1 on success and 0 otherwise
diff --git a/src/lib/libcrypto/engine/README b/src/lib/libcrypto/engine/README
index 6b69b70f57..bc4a9041ff 100644
--- a/src/lib/libcrypto/engine/README
+++ b/src/lib/libcrypto/engine/README
@@ -122,7 +122,7 @@ use by EVP_MD code. Ditto for tb_rsa.c, tb_dsa.c, etc. These instantiations of
 ENGINE_TABLE essentially provide linker-separation of the classes so that even
 if ENGINEs implement *all* possible algorithms, an application using only
 EVP_CIPHER code will link at most code relating to EVP_CIPHER, tb_cipher.c, core
-ENGINE code that is independant of class, and of course the ENGINE
+ENGINE code that is independent of class, and of course the ENGINE
 implementation that the application loaded. It will *not* however link any
 class-specific ENGINE code for digests, RSA, etc nor will it bleed over into
 other APIs, such as the RSA/DSA/etc library code.
@@ -188,7 +188,7 @@ state will be unchanged. Thus, no cleanup is required unless registration takes
 place. ENGINE_cleanup() will simply iterate across a list of registered cleanup
 callbacks calling each in turn, and will then internally delete its own storage
 (a STACK). When a cleanup callback is next registered (eg. if the cleanup() is
-part of a gracefull restart and the application wants to cleanup all state then
+part of a graceful restart and the application wants to cleanup all state then
 start again), the internal STACK storage will be freshly allocated. This is much
 the same as the situation in the ENGINE_TABLE instantiations ... NULL is the
 initialised state, so only modification operations (not queries) will cause that
diff --git a/src/lib/libcrypto/engine/eng_aesni.c b/src/lib/libcrypto/engine/eng_aesni.c
index 586f74792a..cce4203bc4 100644
--- a/src/lib/libcrypto/engine/eng_aesni.c
+++ b/src/lib/libcrypto/engine/eng_aesni.c
@@ -1,6 +1,6 @@
-/* $OpenBSD: eng_aesni.c,v 1.11 2018/04/14 07:18:37 tb Exp $ */
+/* $OpenBSD: eng_aesni.c,v 1.12 2022/12/26 07:18:51 jmc Exp $ */
 /*
- * Support for Intel AES-NI intruction set
+ * Support for Intel AES-NI instruction set
 *   Author: Huang Ying <ying.huang@intel.com>
 *
 * Intel AES-NI is a new set of Single Instruction Multiple Data
diff --git a/src/lib/libcrypto/engine/eng_list.c b/src/lib/libcrypto/engine/eng_list.c
index b29b4102e4..451c8616ef 100644
--- a/src/lib/libcrypto/engine/eng_list.c
+++ b/src/lib/libcrypto/engine/eng_list.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: eng_list.c,v 1.24 2019/01/19 01:07:00 tb Exp $ */
+/* $OpenBSD: eng_list.c,v 1.25 2022/12/26 07:18:51 jmc Exp $ */
 /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
 * project 2000.
 */
@@ -223,7 +223,7 @@ ENGINE_get_next(ENGINE *e)
        CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
        ret = e->next;
        if (ret) {
-                /* Return a valid structural refernce to the next ENGINE */
+                /* Return a valid structural reference to the next ENGINE */
                ret->struct_ref++;
                engine_ref_debug(ret, 0, 1)
        }
diff --git a/src/lib/libcrypto/engine/eng_padlock.c b/src/lib/libcrypto/engine/eng_padlock.c
index 0281ab810c..50b5fb780d 100644
--- a/src/lib/libcrypto/engine/eng_padlock.c
+++ b/src/lib/libcrypto/engine/eng_padlock.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: eng_padlock.c,v 1.16 2018/04/14 07:18:37 tb Exp $ */
+/* $OpenBSD: eng_padlock.c,v 1.17 2022/12/26 07:18:51 jmc Exp $ */
 /*
 * Support for VIA PadLock Advanced Cryptography Engine (ACE)
 * Written by Michal Ludvig <michal@logix.cz>
@@ -285,7 +285,7 @@ struct padlock_cipher_data {
 * Essentially this variable belongs in thread local storage.
 * Having this variable global on the other hand can only cause
 * few bogus key reloads [if any at all on single-CPU system],
- * so we accept the penatly...
+ * so we accept the penalty...
 */
 static volatile struct padlock_cipher_data *padlock_saved_context;
 #endif
@@ -872,7 +872,7 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
                chunk = PADLOCK_CHUNK;
        if (out_misaligned) {
-                /* optmize for small input */
+                /* optimize for small input */
                allocated = (chunk < nbytes ? PADLOCK_CHUNK : nbytes);
                out = alloca(0x10 + allocated);
                out = NEAREST_ALIGNED(out);
diff --git a/src/lib/libcrypto/engine/eng_table.c b/src/lib/libcrypto/engine/eng_table.c
index a8aded5aaf..0e7ea3b698 100644
--- a/src/lib/libcrypto/engine/eng_table.c
+++ b/src/lib/libcrypto/engine/eng_table.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: eng_table.c,v 1.9 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: eng_table.c,v 1.10 2022/12/26 07:18:52 jmc Exp $ */
 /* ====================================================================
 * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
 *
@@ -163,7 +163,7 @@ engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
                        fnd->funct = NULL;
                        (void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd);
                }
-                /* A registration shouldn't add duplciate entries */
+                /* A registration shouldn't add duplicate entries */
                (void)sk_ENGINE_delete_ptr(fnd->sk, e);
                /* if 'setdefault', this ENGINE goes to the head of the list */
                if (!sk_ENGINE_push(fnd->sk, e))
@@ -193,7 +193,7 @@ int_unregister_cb_doall_arg(ENGINE_PILE *pile, ENGINE *e)
 {
        int n;
-        /* Iterate the 'c->sk' stack removing any occurance of 'e' */
+        /* Iterate the 'c->sk' stack removing any occurrence of 'e' */
        while ((n = sk_ENGINE_find(pile->sk, e)) >= 0) {
                (void)sk_ENGINE_delete(pile->sk, n);
                pile->uptodate = 0;
diff --git a/src/lib/libcrypto/engine/engine.h b/src/lib/libcrypto/engine/engine.h
index 5c21647fe3..41f05d48af 100644
--- a/src/lib/libcrypto/engine/engine.h
+++ b/src/lib/libcrypto/engine/engine.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: engine.h,v 1.34 2022/07/12 14:42:49 kn Exp $ */
+/* $OpenBSD: engine.h,v 1.35 2022/12/26 07:18:52 jmc Exp $ */
 /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
 * project 2000.
 */
@@ -631,7 +631,7 @@ typedef struct st_dynamic_MEM_fns {
        dyn_MEM_free_cb                         free_cb;
 } dynamic_MEM_fns;
 /* FIXME: Perhaps the memory and locking code (crypto.h) should declare and use
- * these types so we (and any other dependant code) can simplify a bit?? */
+ * these types so we (and any other dependent code) can simplify a bit?? */
 typedef void (*dyn_lock_locking_cb)(int, int, const char *, int);
 typedef int (*dyn_lock_add_lock_cb)(int*, int, int, const char *, int);
 typedef struct CRYPTO_dynlock_value *(*dyn_dynlock_create_cb)(
diff --git a/src/lib/libcrypto/err/err.c b/src/lib/libcrypto/err/err.c
index 349140543b..403fcd4607 100644
--- a/src/lib/libcrypto/err/err.c
+++ b/src/lib/libcrypto/err/err.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: err.c,v 1.49 2022/08/29 06:49:24 jsing Exp $ */
+/* $OpenBSD: err.c,v 1.50 2022/12/26 07:18:52 jmc Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1075,7 +1075,7 @@ ERR_get_state(void)
                        ERR_STATE_free(ret); /* could not insert it */
                        return (&fallback);
                }
-                /* If a race occured in this function and we came second, tmpp
+                /* If a race occurred in this function and we came second, tmpp
                 * is the first one that we just replaced. */
                if (tmpp)
                        ERR_STATE_free(tmpp);
diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c
index 1fa25cd4fb..7c129f025d 100644
--- a/src/lib/libcrypto/evp/digest.c
+++ b/src/lib/libcrypto/evp/digest.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: digest.c,v 1.35 2022/11/26 16:08:52 tb Exp $ */
+/* $OpenBSD: digest.c,v 1.36 2022/12/26 07:18:52 jmc Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -140,7 +140,7 @@ EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
        /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
         * so this context may already have an ENGINE! Try to avoid releasing
         * the previous handle, re-querying for an ENGINE, and having a
-         * reinitialisation, when it may all be unecessary. */
+         * reinitialisation, when it may all be unnecessary. */
        if (ctx->engine && ctx->digest && (!type ||
            (type && (type->type == ctx->digest->type))))
                goto skip_to_init;
diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c
index d1defc4643..c64390d599 100644
--- a/src/lib/libcrypto/evp/evp_enc.c
+++ b/src/lib/libcrypto/evp/evp_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_enc.c,v 1.48 2022/11/26 16:08:52 tb Exp $ */
+/* $OpenBSD: evp_enc.c,v 1.49 2022/12/26 07:18:52 jmc Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -98,7 +98,7 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
        /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
         * so this context may already have an ENGINE! Try to avoid releasing
         * the previous handle, re-querying for an ENGINE, and having a
-         * reinitialisation, when it may all be unecessary. */
+         * reinitialisation, when it may all be unnecessary. */
        if (ctx->engine && ctx->cipher &&
            (!cipher || (cipher && (cipher->nid == ctx->cipher->nid))))
                goto skip_to_init;
diff --git a/src/lib/libcrypto/evp/pmeth_lib.c b/src/lib/libcrypto/evp/pmeth_lib.c
index e4abdc4aec..bec899cef1 100644
--- a/src/lib/libcrypto/evp/pmeth_lib.c
+++ b/src/lib/libcrypto/evp/pmeth_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pmeth_lib.c,v 1.26 2022/11/26 16:08:53 tb Exp $ */
+/* $OpenBSD: pmeth_lib.c,v 1.27 2022/12/26 07:18:52 jmc Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2006.
 */
@@ -173,7 +173,7 @@ int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
        } else
                e = ENGINE_get_pkey_meth_engine(id);
-        /* If an ENGINE handled this method look it up. Othewise
+        /* If an ENGINE handled this method look it up. Otherwise
         * use internal tables.
         */
diff --git a/src/lib/libcrypto/man/PKCS7_dataFinal.3 b/src/lib/libcrypto/man/PKCS7_dataFinal.3
index e2e088d9d9..1a01b2ff61 100644
--- a/src/lib/libcrypto/man/PKCS7_dataFinal.3
+++ b/src/lib/libcrypto/man/PKCS7_dataFinal.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: PKCS7_dataFinal.3,v 1.2 2020/06/03 13:41:27 schwarze Exp $
+.\" $OpenBSD: PKCS7_dataFinal.3,v 1.3 2022/12/26 07:18:52 jmc Exp $
 .\"
 .\" Copyright (c) 2020 Ingo Schwarze <schwarze@openbsd.org>
 .\"
@@ -14,7 +14,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: June 3 2020 $
+.Dd $Mdocdate: December 26 2022 $
 .Dt PKCS7_DATAFINAL 3
 .Os
 .Sh NAME
@@ -122,7 +122,7 @@ Signing or digesting is requested and
 is not configured to store a detached signature,
 but does not contain the required field to store the content either.
 .It
-At least one signer lacks a useable digest algorithm.
+At least one signer lacks a usable digest algorithm.
 .It
 Signing or digesting fails.
 .It
diff --git a/src/lib/libcrypto/man/PKCS7_final.3 b/src/lib/libcrypto/man/PKCS7_final.3
index 7c9e51521a..775b84d984 100644
--- a/src/lib/libcrypto/man/PKCS7_final.3
+++ b/src/lib/libcrypto/man/PKCS7_final.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: PKCS7_final.3,v 1.2 2020/06/04 10:24:27 schwarze Exp $
+.\" $OpenBSD: PKCS7_final.3,v 1.3 2022/12/26 07:18:52 jmc Exp $
 .\"
 .\" Copyright (c) 2020 Ingo Schwarze <schwarze@openbsd.org>
 .\"
@@ -14,7 +14,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: June 4 2020 $
+.Dd $Mdocdate: December 26 2022 $
 .Dt PKCS7_FINAL 3
 .Os
 .Sh NAME
@@ -172,7 +172,7 @@ Signing or digesting is requested and
 is not configured to store a detached signature, but does not contain
 the required field to store the content either.
 .It
-At least one signer lacks a useable digest algorithm.
+At least one signer lacks a usable digest algorithm.
 .It
 A cipher is required but none is configured.
 .It
diff --git a/src/lib/libcrypto/man/X509_check_trust.3 b/src/lib/libcrypto/man/X509_check_trust.3
index 286dcdd5b9..be4489e946 100644
--- a/src/lib/libcrypto/man/X509_check_trust.3
+++ b/src/lib/libcrypto/man/X509_check_trust.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: X509_check_trust.3,v 1.6 2022/09/10 10:22:46 jsg Exp $
+.\" $OpenBSD: X509_check_trust.3,v 1.7 2022/12/26 07:18:52 jmc Exp $
 .\"
 .\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org>
 .\"
@@ -14,7 +14,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: September 10 2022 $
+.Dd $Mdocdate: December 26 2022 $
 .Dt X509_CHECK_TRUST 3
 .Os
 .Sh NAME
@@ -140,7 +140,7 @@ identifiers, the standard algorithm is modified:
 and
 .Xr X509_add1_trust_object 3
 settings are completely ignored
-and all steps before the compatibility step are skippped.
+and all steps before the compatibility step are skipped.
 The
 .Fa certificate
 is trusted if and only if it is self-signed.
diff --git a/src/lib/libcrypto/md32_common.h b/src/lib/libcrypto/md32_common.h
index 0dca61710f..a8b0d9ab74 100644
--- a/src/lib/libcrypto/md32_common.h
+++ b/src/lib/libcrypto/md32_common.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: md32_common.h,v 1.22 2016/11/04 13:56:04 miod Exp $ */
+/* $OpenBSD: md32_common.h,v 1.23 2022/12/26 07:18:50 jmc Exp $ */
 /* ====================================================================
 * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
 *
@@ -316,7 +316,7 @@ int HASH_FINAL (unsigned char *md, HASH_CTX *c)
 #if defined(__alpha) || defined(__sparcv9) || defined(__mips)
 #define MD32_REG_T long
 /*
- * This comment was originaly written for MD5, which is why it
+ * This comment was originally written for MD5, which is why it
 * discusses A-D. But it basically applies to all 32-bit digests,
 * which is why it was moved to common header file.
 *
diff --git a/src/lib/libcrypto/modes/asm/ghash-x86.pl b/src/lib/libcrypto/modes/asm/ghash-x86.pl
index 83c727e07f..27492597ad 100644
--- a/src/lib/libcrypto/modes/asm/ghash-x86.pl
+++ b/src/lib/libcrypto/modes/asm/ghash-x86.pl
@@ -86,7 +86,7 @@
 # where Tproc is time required for Karatsuba pre- and post-processing,
 # is more realistic estimate. In this case it gives ... 1.91 cycles.
 # Or in other words, depending on how well we can interleave reduction
-# and one of the two multiplications the performance should be betwen
+# and one of the two multiplications the performance should be between
 # 1.91 and 2.16. As already mentioned, this implementation processes
 # one byte out of 8KB buffer in 2.10 cycles, while x86_64 counterpart
 # - in 2.02. x86_64 performance is better, because larger register
@@ -700,7 +700,7 @@ sub mmx_loop() {
    &pxor       ($red[1],$red[1]);
    &pxor       ($red[2],$red[2]);
-    # Just like in "May" verson modulo-schedule for critical path in
+    # Just like in "May" version modulo-schedule for critical path in
    # 'Z.hi ^= rem_8bit[Z.lo&0xff^((u8)H[nhi]<<4)]<<48'. Final 'pxor'
    # is scheduled so late that rem_8bit[] has to be shifted *right*
    # by 16, which is why last argument to pinsrw is 2, which
@@ -1087,7 +1087,7 @@ my ($Xhi,$Xi) = @_;
        &movdqu         (&QWP(0,$Xip),$Xi);
 &function_end("gcm_ghash_clmul");
-} else {                # Algorith 5. Kept for reference purposes.
+} else {                # Algorithm 5. Kept for reference purposes.
 sub reduction_alg5 {    # 19/16 times faster than Intel version
 my ($Xhi,$Xi)=@_;
diff --git a/src/lib/libcrypto/modes/ctr128.c b/src/lib/libcrypto/modes/ctr128.c
index 9dd8c0c55e..eadb80449c 100644
--- a/src/lib/libcrypto/modes/ctr128.c
+++ b/src/lib/libcrypto/modes/ctr128.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ctr128.c,v 1.8 2022/11/26 16:08:53 tb Exp $ */
+/* $OpenBSD: ctr128.c,v 1.9 2022/12/26 07:18:52 jmc Exp $ */
 /* ====================================================================
 * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
 *
@@ -109,7 +109,7 @@ ctr128_inc_aligned(unsigned char *counter)
 * This algorithm assumes that the counter is in the x lower bits
 * of the IV (ivec), and that the application has full control over
 * overflow and the rest of the IV.  This implementation takes NO
- * responsability for checking that the counter doesn't overflow
+ * responsibility for checking that the counter doesn't overflow
 * into the rest of the IV when incremented.
 */
 void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
@@ -228,7 +228,7 @@ void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
                (*func)(in,out,blocks,key,ivec);
                /* (*ctr) does not update ivec, caller does: */
                PUTU32(ivec+12,ctr32);
-                /* ... overflow was detected, propogate carry. */
+                /* ... overflow was detected, propagate carry. */
                if (ctr32 == 0) ctr96_inc(ivec);
                blocks *= 16;
                len -= blocks;
diff --git a/src/lib/libcrypto/objects/obj_dat.c b/src/lib/libcrypto/objects/obj_dat.c
index b42d0e5e9c..6adc4068a3 100644
--- a/src/lib/libcrypto/objects/obj_dat.c
+++ b/src/lib/libcrypto/objects/obj_dat.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: obj_dat.c,v 1.50 2022/11/26 16:08:53 tb Exp $ */
+/* $OpenBSD: obj_dat.c,v 1.51 2022/12/26 07:18:52 jmc Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -251,7 +251,7 @@ static IMPLEMENT_LHASH_DOALL_FN(cleanup2, ADDED_OBJ)
 static IMPLEMENT_LHASH_DOALL_FN(cleanup3, ADDED_OBJ)
 /* The purpose of obj_cleanup_defer is to avoid EVP_cleanup() attempting
- * to use freed up OIDs. If neccessary the actual freeing up of OIDs is
+ * to use freed up OIDs. If necessary the actual freeing up of OIDs is
 * delayed.
 */
@@ -320,7 +320,7 @@ OBJ_add_object(const ASN1_OBJECT *obj)
                        ao[i]->type = i;
                        ao[i]->obj = o;
                        aop = lh_ADDED_OBJ_insert(added, ao[i]);
-                        /* memory leak, buit should not normally matter */
+                        /* memory leak, but should not normally matter */
                        free(aop);
                }
        }
diff --git a/src/lib/libcrypto/objects/objects.txt b/src/lib/libcrypto/objects/objects.txt
index 283686f9ff..4ce86ac88e 100644
--- a/src/lib/libcrypto/objects/objects.txt
+++ b/src/lib/libcrypto/objects/objects.txt
@@ -842,7 +842,7 @@ internet 6		: snmpv2		: SNMPv2
 # Documents refer to "internet 7" as "mail". This however leads to ambiguities
 # with RFC2798, Section 9.1.3, where "mail" is defined as the short name for
 # rfc822Mailbox. The short name is therefore here left out for a reason.
-# Subclasses of "mail", e.g. "MIME MHS" don't consitute a problem, as
+# Subclasses of "mail", e.g. "MIME MHS" don't constitute a problem, as
 # references are realized via long name "Mail" (with capital M).
 internet 7              :                       : Mail
diff --git a/src/lib/libcrypto/ocsp/ocsp_cl.c b/src/lib/libcrypto/ocsp/ocsp_cl.c
index bcc484c3c5..7747020221 100644
--- a/src/lib/libcrypto/ocsp/ocsp_cl.c
+++ b/src/lib/libcrypto/ocsp/ocsp_cl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ocsp_cl.c,v 1.21 2022/01/07 09:45:52 tb Exp $ */
+/* $OpenBSD: ocsp_cl.c,v 1.22 2022/12/26 07:18:52 jmc Exp $ */
 /* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
 * project. */
@@ -215,7 +215,7 @@ OCSP_response_get1_basic(OCSP_RESPONSE *resp)
        return ASN1_item_unpack(rb->response, &OCSP_BASICRESP_it);
 }
-/* Return number of OCSP_SINGLERESP reponses present in
+/* Return number of OCSP_SINGLERESP responses present in
 * a basic response.
 */
 int
diff --git a/src/lib/libcrypto/ocsp/ocsp_ext.c b/src/lib/libcrypto/ocsp/ocsp_ext.c
index 829495bcf3..9605d859b4 100644
--- a/src/lib/libcrypto/ocsp/ocsp_ext.c
+++ b/src/lib/libcrypto/ocsp/ocsp_ext.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ocsp_ext.c,v 1.21 2022/11/26 16:08:53 tb Exp $ */
+/* $OpenBSD: ocsp_ext.c,v 1.22 2022/12/26 07:18:52 jmc Exp $ */
 /* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
 * project. */
@@ -321,7 +321,7 @@ OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc)
 /* Nonce handling functions */
-/* Add a nonce to an extension stack. A nonce can be specificed or if NULL
+/* Add a nonce to an extension stack. A nonce can be specified or if NULL
 * a random nonce will be generated.
 * Note: OpenSSL 0.9.7d and later create an OCTET STRING containing the
 * nonce, previous versions used the raw nonce.
diff --git a/src/lib/libcrypto/ossl_typ.h b/src/lib/libcrypto/ossl_typ.h
index d8e2d92ae4..78eb7e92ba 100644
--- a/src/lib/libcrypto/ossl_typ.h
+++ b/src/lib/libcrypto/ossl_typ.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ossl_typ.h,v 1.21 2022/01/14 08:59:30 tb Exp $ */
+/* $OpenBSD: ossl_typ.h,v 1.22 2022/12/26 07:18:50 jmc Exp $ */
 /* ====================================================================
 * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
 *
@@ -170,7 +170,7 @@ typedef struct DIST_POINT_st DIST_POINT;
 typedef struct ISSUING_DIST_POINT_st ISSUING_DIST_POINT;
 typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS;
-/* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */
+/* If placed in pkcs12.h, we end up with a circular dependency with pkcs7.h */
 #define DECLARE_PKCS12_STACK_OF(type) /* Nothing */
 #define IMPLEMENT_PKCS12_STACK_OF(type) /* Nothing */
diff --git a/src/lib/libcrypto/perlasm/readme b/src/lib/libcrypto/perlasm/readme
index 57d61fda1e..a7876bcc95 100644
--- a/src/lib/libcrypto/perlasm/readme
+++ b/src/lib/libcrypto/perlasm/readme
@@ -1,5 +1,5 @@
 The perl scripts in this directory are my 'hack' to generate
-multiple different assembler formats via the one origional script.
+multiple different assembler formats via the one original script.
 The way to use this library is to start with adding the path to this directory
 and then include it.
diff --git a/src/lib/libcrypto/perlasm/x86_64-xlate.pl b/src/lib/libcrypto/perlasm/x86_64-xlate.pl
index 5f7f585549..bc9d78eb02 100755
--- a/src/lib/libcrypto/perlasm/x86_64-xlate.pl
+++ b/src/lib/libcrypto/perlasm/x86_64-xlate.pl
@@ -291,7 +291,7 @@ my %globals;
 }
 { package register;     # pick up registers, which start with %.
    sub re {
-        my      $class = shift; # muliple instances...
+        my      $class = shift; # multiple instances...
        my      $self = {};
        local   *line = shift;
        undef   $ret;
@@ -879,7 +879,7 @@ close STDOUT;
 # (#)   Nth argument, volatile
 #
 # In Unix terms top of stack is argument transfer area for arguments
-# which could not be accomodated in registers. Or in other words 7th
+# which could not be accommodated in registers. Or in other words 7th
 # [integer] argument resides at 8(%rsp) upon function entry point.
 # 128 bytes above %rsp constitute a "red zone" which is not touched
 # by signal handlers and can be used as temporal storage without
@@ -896,7 +896,7 @@ close STDOUT;
 # the area above user stack pointer in true asynchronous manner...
 #
 # All the above means that if assembler programmer adheres to Unix
-# register and stack layout, but disregards the "red zone" existense,
+# register and stack layout, but disregards the "red zone" existence,
 # it's possible to use following prologue and epilogue to "gear" from
 # Unix to Win64 ABI in leaf functions with not more than 6 arguments.
 #
diff --git a/src/lib/libcrypto/pkcs7/pk7_doit.c b/src/lib/libcrypto/pkcs7/pk7_doit.c
index 5cd95cdf91..3e2d4c2119 100644
--- a/src/lib/libcrypto/pkcs7/pk7_doit.c
+++ b/src/lib/libcrypto/pkcs7/pk7_doit.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pk7_doit.c,v 1.49 2022/11/26 16:08:53 tb Exp $ */
+/* $OpenBSD: pk7_doit.c,v 1.50 2022/12/26 07:18:52 jmc Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -534,7 +534,7 @@ PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
                /* If we haven't got a certificate try each ri in turn */
                if (pcert == NULL) {
                        /* Always attempt to decrypt all rinfo even
-                         * after sucess as a defence against MMA timing
+                         * after success as a defence against MMA timing
                         * attacks.
                         */
                        for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
diff --git a/src/lib/libcrypto/rc2/version b/src/lib/libcrypto/rc2/version
index a69ff35a43..8ca161a613 100644
--- a/src/lib/libcrypto/rc2/version
+++ b/src/lib/libcrypto/rc2/version
@@ -1,7 +1,7 @@
 1.1 23/08/96 - eay
        Changed RC2_set_key() so it now takes another argument.  Many
        thanks to Peter Gutmann <pgut01@cs.auckland.ac.nz> for the
-        clarification and origional specification of RC2.  BSAFE uses
+        clarification and original specification of RC2.  BSAFE uses
        this last parameter, 'bits'.  It the key is 128 bits, BSAFE
        also sets this parameter to 128.  The old behaviour can be
        duplicated by setting this parameter to 1024.
diff --git a/src/lib/libcrypto/rc4/asm/rc4-586.pl b/src/lib/libcrypto/rc4/asm/rc4-586.pl
index 03f0cff467..f3c3e117bc 100644
--- a/src/lib/libcrypto/rc4/asm/rc4-586.pl
+++ b/src/lib/libcrypto/rc4/asm/rc4-586.pl
@@ -123,7 +123,7 @@ if ($alt=0) {
        push    (@XX,shift(@XX))                        if ($i>=0);
  }
 } else {
-  # Using pinsrw here improves performane on Intel CPUs by 2-3%, but
+  # Using pinsrw here improves performance on Intel CPUs by 2-3%, but
  # brings down AMD by 7%...
  $RC4_loop_mmx = sub {
    my $i=shift;
@@ -144,7 +144,7 @@ if ($alt=0) {
        &movd   ($i>0?"mm1":"mm2",&DWP(0,$dat,$ty,4));
        # (*)   This is the key to Core2 and Westmere performance.
-        #       Whithout movz out-of-order execution logic confuses
+        #       Without movz out-of-order execution logic confuses
        #       itself and fails to reorder loads and stores. Problem
        #       appears to be fixed in Sandy Bridge...
  }
diff --git a/src/lib/libcrypto/rc4/asm/rc4-x86_64.pl b/src/lib/libcrypto/rc4/asm/rc4-x86_64.pl
index 2135b38ef8..18a967e546 100755
--- a/src/lib/libcrypto/rc4/asm/rc4-x86_64.pl
+++ b/src/lib/libcrypto/rc4/asm/rc4-x86_64.pl
@@ -50,7 +50,7 @@
 # As was shown by Zou Nanhai loop unrolling can improve Intel EM64T
 # performance by >30% [unlike P4 32-bit case that is]. But this is
 # provided that loads are reordered even more aggressively! Both code
-# pathes, AMD64 and EM64T, reorder loads in essentially same manner
+# paths, AMD64 and EM64T, reorder loads in essentially same manner
 # as my IA-64 implementation. On Opteron this resulted in modest 5%
 # improvement [I had to test it], while final Intel P4 performance
 # achieves respectful 432MBps on 2.8GHz processor now. For reference.
@@ -81,7 +81,7 @@
 # The only code path that was not modified is P4-specific one. Non-P4
 # Intel code path optimization is heavily based on submission by Maxim
 # Perminov, Maxim Locktyukhin and Jim Guilford of Intel. I've used
-# some of the ideas even in attempt to optmize the original RC4_INT
+# some of the ideas even in attempt to optimize the original RC4_INT
 # code path... Current performance in cycles per processed byte (less
 # is better) and improvement coefficients relative to previous
 # version of this module are:
diff --git a/src/lib/libcrypto/ripemd/README b/src/lib/libcrypto/ripemd/README
index 5e18d45866..ab1d7a4c0c 100644
--- a/src/lib/libcrypto/ripemd/README
+++ b/src/lib/libcrypto/ripemd/README
@@ -8,7 +8,7 @@ this point I will not bother right now.  I believe the trick will be
 to remove my 'copy X array onto stack' until inside the RIP1() finctions the
 first time round.  To do this I need another register and will only have one
 temporary one.  A bit tricky....  I can also cleanup the saving of the 5 words
-after the first half of the calculation.  I should read the origional
+after the first half of the calculation.  I should read the original
 value, add then write.  Currently I just save the new and read the origioal.
 I then read both at the end.  Bad.
diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c
index f6c3092dc4..a19201727e 100644
--- a/src/lib/libcrypto/rsa/rsa_eay.c
+++ b/src/lib/libcrypto/rsa/rsa_eay.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_eay.c,v 1.55 2022/11/26 16:08:54 tb Exp $ */
+/* $OpenBSD: rsa_eay.c,v 1.56 2022/12/26 07:18:52 jmc Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -716,7 +716,7 @@ RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
                BIGNUM p, q;
                /*
-                 * Make sure BN_mod_inverse in Montgomery intialization uses the
+                 * Make sure BN_mod_inverse in Montgomery initialization uses the
                 * BN_FLG_CONSTTIME flag
                 */
                BN_init(&p);
diff --git a/src/lib/libcrypto/sha/asm/sha1-586.pl b/src/lib/libcrypto/sha/asm/sha1-586.pl
index d29ed84706..1de5e2650e 100644
--- a/src/lib/libcrypto/sha/asm/sha1-586.pl
+++ b/src/lib/libcrypto/sha/asm/sha1-586.pl
@@ -28,7 +28,7 @@
 # P4            +85%(!)                 +45%
 #
 # As you can see Pentium came out as looser:-( Yet I reckoned that
-# improvement on P4 outweights the loss and incorporate this
+# improvement on P4 outweighs the loss and incorporate this
 # re-tuned code to 0.9.7 and later.
 # ----------------------------------------------------------------
 #                                       <appro@fy.chalmers.se>
@@ -511,14 +511,14 @@ my $_ror=sub { &ror(@_) };
 #
 # Temporary registers usage. X[2] is volatile at the entry and at the
 # end is restored from backtrace ring buffer. X[3] is expected to
-# contain current K_XX_XX constant and is used to caclulate X[-1]+K
+# contain current K_XX_XX constant and is used to calculate X[-1]+K
 # from previous round, it becomes volatile the moment the value is
 # saved to stack for transfer to IALU. X[4] becomes volatile whenever
 # X[-4] is accumulated and offloaded to backtrace ring buffer, at the
 # end it is loaded with next K_XX_XX [which becomes X[3] in next
 # round]...
 #
-sub Xupdate_ssse3_16_31()               # recall that $Xi starts wtih 4
+sub Xupdate_ssse3_16_31()               # recall that $Xi starts with 4
 { use integer;
  my $body = shift;
  my @insns = (&$body,&$body,&$body,&$body);    # 40 instructions
@@ -940,7 +940,7 @@ my $_ror=sub { &shrd(@_[0],@_) };
        &vmovdqa(&QWP(0+32,"esp"),@X[2]);
        &jmp    (&label("loop"));
-sub Xupdate_avx_16_31()         # recall that $Xi starts wtih 4
+sub Xupdate_avx_16_31()         # recall that $Xi starts with 4
 { use integer;
  my $body = shift;
  my @insns = (&$body,&$body,&$body,&$body);    # 40 instructions
diff --git a/src/lib/libcrypto/sha/asm/sha1-sparcv9a.pl b/src/lib/libcrypto/sha/asm/sha1-sparcv9a.pl
index e65291bbd9..e81a4dcb05 100644
--- a/src/lib/libcrypto/sha/asm/sha1-sparcv9a.pl
+++ b/src/lib/libcrypto/sha/asm/sha1-sparcv9a.pl
@@ -544,7 +544,7 @@ ___
 # Purpose of these subroutines is to explicitly encode VIS instructions,
 # so that one can compile the module without having to specify VIS
-# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
+# extensions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
 # Idea is to reserve for option to produce "universal" binary and let
 # programmer detect if current CPU is VIS capable at run-time.
 sub unvis {
diff --git a/src/lib/libcrypto/sha/asm/sha1-thumb.pl b/src/lib/libcrypto/sha/asm/sha1-thumb.pl
index 7c9ea9b029..553e9cedb5 100644
--- a/src/lib/libcrypto/sha/asm/sha1-thumb.pl
+++ b/src/lib/libcrypto/sha/asm/sha1-thumb.pl
@@ -14,7 +14,7 @@
 # The code does not present direct interest to OpenSSL, because of low
 # performance. Its purpose is to establish _size_ benchmark. Pretty
 # useless one I must say, because 30% or 88 bytes larger ARMv4 code
-# [avialable on demand] is almost _twice_ as fast. It should also be
+# [available on demand] is almost _twice_ as fast. It should also be
 # noted that in-lining of .Lcommon and .Lrotate improves performance
 # by over 40%, while code increases by only 10% or 32 bytes. But once
 # again, the goal was to establish _size_ benchmark, not performance.
diff --git a/src/lib/libcrypto/sha/asm/sha1-x86_64.pl b/src/lib/libcrypto/sha/asm/sha1-x86_64.pl
index 147d21570b..cc8ef5337d 100755
--- a/src/lib/libcrypto/sha/asm/sha1-x86_64.pl
+++ b/src/lib/libcrypto/sha/asm/sha1-x86_64.pl
@@ -368,7 +368,7 @@ sub AUTOLOAD()		# thunk [simplified] 32-bit style perlasm
    $code .= "\t$opcode\t".join(',',$arg,reverse @_)."\n";
 }
-sub Xupdate_ssse3_16_31()               # recall that $Xi starts wtih 4
+sub Xupdate_ssse3_16_31()               # recall that $Xi starts with 4
 { use integer;
  my $body = shift;
  my @insns = (&$body,&$body,&$body,&$body);    # 40 instructions
@@ -779,7 +779,7 @@ $code.=<<___;
        jmp     .Loop_avx
 ___
-sub Xupdate_avx_16_31()         # recall that $Xi starts wtih 4
+sub Xupdate_avx_16_31()         # recall that $Xi starts with 4
 { use integer;
  my $body = shift;
  my @insns = (&$body,&$body,&$body,&$body);    # 40 instructions
diff --git a/src/lib/libcrypto/sha/asm/sha512-x86_64.pl b/src/lib/libcrypto/sha/asm/sha512-x86_64.pl
index feb0f9e776..bc4b2e7487 100755
--- a/src/lib/libcrypto/sha/asm/sha512-x86_64.pl
+++ b/src/lib/libcrypto/sha/asm/sha512-x86_64.pl
@@ -34,7 +34,7 @@
 # level parallelism, on a given CPU implementation in this case.
 #
 # Special note on Intel EM64T. While Opteron CPU exhibits perfect
-# perfromance ratio of 1.5 between 64- and 32-bit flavors [see above],
+# performance ratio of 1.5 between 64- and 32-bit flavors [see above],
 # [currently available] EM64T CPUs apparently are far from it. On the
 # contrary, 64-bit version, sha512_block, is ~30% *slower* than 32-bit
 # sha256_block:-( This is presumably because 64-bit shifts/rotates
diff --git a/src/lib/libcrypto/sparccpuid.S b/src/lib/libcrypto/sparccpuid.S
index b913e3dddb..757e015704 100644
--- a/src/lib/libcrypto/sparccpuid.S
+++ b/src/lib/libcrypto/sparccpuid.S
@@ -263,7 +263,7 @@ _sparcv9_vis1_instrument:
        sub     %o3,%o2,%o2
        sub     %o4,%o3,%o3
-        ! find minumum value
+        ! find minimum value
        cmp     %o0,%o1
        .word   0x38680002      !bgu,a  %xcc,.+8
        mov     %o1,%o0
diff --git a/src/lib/libcrypto/ui/ui.h b/src/lib/libcrypto/ui/ui.h
index ee27fd2a49..0f662455ed 100644
--- a/src/lib/libcrypto/ui/ui.h
+++ b/src/lib/libcrypto/ui/ui.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ui.h,v 1.15 2022/12/17 21:59:39 tb Exp $ */
+/* $OpenBSD: ui.h,v 1.16 2022/12/26 07:18:52 jmc Exp $ */
 /* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
 * project 2001.
 */
@@ -276,7 +276,7 @@ const UI_METHOD *UI_null(void);
 *                      display a dialog box after it has been built.
 *      a reader        This function is called to read a given prompt,
 *                      maybe from the tty, maybe from a field in a
- *                      window.  Note that it's called wth all string
+ *                      window.  Note that it's called with all string
 *                      structures, not only the prompt ones, so it must
 *                      check such things itself.
 *      a closer        This function closes the session, maybe by closing
diff --git a/src/lib/libcrypto/whrlpool/asm/wp-mmx.pl b/src/lib/libcrypto/whrlpool/asm/wp-mmx.pl
index cb2381c22b..0ff8e5b612 100644
--- a/src/lib/libcrypto/whrlpool/asm/wp-mmx.pl
+++ b/src/lib/libcrypto/whrlpool/asm/wp-mmx.pl
@@ -59,19 +59,19 @@ sub LL()
                                        unshift(@_,pop(@_));
                                  }
                                }
-        else                    { die "unvalid SCALE value"; }
+        else                    { die "invalid SCALE value"; }
 }
 sub scale()
 {       if      ($SCALE==2)     { &lea(@_[0],&DWP(0,@_[1],@_[1])); }
        elsif   ($SCALE==8)     { &lea(@_[0],&DWP(0,"",@_[1],8));  }
-        else                    { die "unvalid SCALE value";       }
+        else                    { die "invalid SCALE value";       }
 }
 sub row()
 {       if      ($SCALE==2)     { ((8-shift)&7); }
        elsif   ($SCALE==8)     { (8*shift);     }
-        else                    { die "unvalid SCALE value"; }
+        else                    { die "invalid SCALE value"; }
 }
 $tbl="ebp";
diff --git a/src/lib/libcrypto/x509/pcy_tree.c b/src/lib/libcrypto/x509/pcy_tree.c
index be563d2677..050503bdf3 100644
--- a/src/lib/libcrypto/x509/pcy_tree.c
+++ b/src/lib/libcrypto/x509/pcy_tree.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pcy_tree.c,v 1.4 2022/11/26 16:08:54 tb Exp $ */
+/* $OpenBSD: pcy_tree.c,v 1.5 2022/12/26 07:18:53 jmc Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2004.
 */
@@ -131,7 +131,7 @@ tree_print(char *str, X509_POLICY_TREE *tree, X509_POLICY_LEVEL *curr)
 #endif
 /* Initialize policy tree. Return values:
- *  0 Some internal error occured.
+ *  0 Some internal error occurred.
 * -1 Inconsistent or invalid extensions in certificates.
 *  1 Tree initialized OK.
 *  2 Policy tree is empty.
diff --git a/src/lib/libcrypto/x509/x509.h b/src/lib/libcrypto/x509/x509.h
index 7795181efc..0ff66587b9 100644
--- a/src/lib/libcrypto/x509/x509.h
+++ b/src/lib/libcrypto/x509/x509.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509.h,v 1.90 2022/07/12 14:42:50 kn Exp $ */
+/* $OpenBSD: x509.h,v 1.91 2022/12/26 07:18:53 jmc Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -893,7 +893,7 @@ int 		X509_NAME_get_text_by_NID(X509_NAME *name, int nid,
 int             X509_NAME_get_text_by_OBJ(X509_NAME *name,
                        const ASN1_OBJECT *obj, char *buf,int len);
-/* NOTE: you should be passsing -1, not 0 as lastpos.  The functions that use
+/* NOTE: you should be passing -1, not 0 as lastpos.  The functions that use
 * lastpos, search after that position on. */
 int             X509_NAME_get_index_by_NID(const X509_NAME *name, int nid,
                        int lastpos);
diff --git a/src/lib/libcrypto/x509/x509_constraints.c b/src/lib/libcrypto/x509/x509_constraints.c
index 1b79383de0..346cab0a40 100644
--- a/src/lib/libcrypto/x509/x509_constraints.c
+++ b/src/lib/libcrypto/x509/x509_constraints.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_constraints.c,v 1.30 2022/11/28 07:22:15 tb Exp $ */
+/* $OpenBSD: x509_constraints.c,v 1.31 2022/12/26 07:18:53 jmc Exp $ */
 /*
 * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
 *
@@ -192,7 +192,7 @@ x509_constraints_names_dup(struct x509_constraints_names *names)
 * 5890 compliant A-labels (see RFC 6066 section 3). This is more
 * permissive to allow for a leading '.'  for a subdomain based
 * constraint, as well as allowing for '_' which is commonly accepted
- * by nonconformant DNS implementaitons.
+ * by nonconformant DNS implementations.
 *
 * if "wildcards" is set it allows '*' to occur in the string at the end of a
 * component.
@@ -587,7 +587,7 @@ x509_constraints_sandns(char *sandns, size_t dlen, char *constraint, size_t len)
 * returns 1 if the domain and constraint match.
 * returns 0 otherwise.
 *
- * an empty constraint matches everyting.
+ * an empty constraint matches everything.
 * constraint will be matched against the domain as a suffix if it
 * starts with a '.'.
 * domain will be matched against the constraint as a suffix if it
@@ -651,10 +651,10 @@ x509_constraints_uri(uint8_t *uri, size_t ulen, uint8_t *constraint,
 }
 /*
- * Verify a validated address of size alen with a validated contraint
+ * Verify a validated address of size alen with a validated constraint
 * of size constraint_len. returns 1 if matching, 0 if not.
 * Addresses are assumed to be pre-validated for a length of 4 and 8
- * respectively for ipv4 addreses and constraints, and a length of
+ * respectively for ipv4 addresses and constraints, and a length of
 * 16 and 32 respectively for ipv6 address constraints by the caller.
 */
 int
@@ -909,7 +909,7 @@ x509_constraints_extract_names(struct x509_constraints_names *names,
                        vname = NULL;
                }
                /*
-                 * Include the CN as a hostname to be checked againt
+                 * Include the CN as a hostname to be checked against
                 * name constraints if it looks like a hostname.
                 */
                while (include_cn &&
@@ -1210,7 +1210,7 @@ x509_constraints_check(struct x509_constraints_names *names,
 /*
 * Walk a validated chain of X509 certs, starting at the leaf, and
 * validate the name constraints in the chain. Intended for use with
- * the legacy X509 validtion code in x509_vfy.c
+ * the legacy X509 validation code in x509_vfy.c
 *
 * returns 1 if the constraints are ok, 0 otherwise, setting error and
 * depth
diff --git a/src/lib/libcrypto/x509/x509_issuer_cache.c b/src/lib/libcrypto/x509/x509_issuer_cache.c
index 4f78e1e69b..f7fbd54ca7 100644
--- a/src/lib/libcrypto/x509/x509_issuer_cache.c
+++ b/src/lib/libcrypto/x509/x509_issuer_cache.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_issuer_cache.c,v 1.3 2022/06/27 14:23:40 beck Exp $ */
+/* $OpenBSD: x509_issuer_cache.c,v 1.4 2022/12/26 07:18:53 jmc Exp $ */
 /*
 * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
 *
@@ -75,7 +75,7 @@ x509_issuer_cache_set_max(size_t max)
 /*
 * Free the oldest entry in the issuer cache. Returns 1
- * if an entry was successfuly freed, 0 otherwise. Must
+ * if an entry was successfully freed, 0 otherwise. Must
 * be called with x509_issuer_tree_mutex held.
 */
 void
diff --git a/src/lib/libcrypto/x509/x509_ncons.c b/src/lib/libcrypto/x509/x509_ncons.c
index cc7f59cd0a..c7e4e6ed9f 100644
--- a/src/lib/libcrypto/x509/x509_ncons.c
+++ b/src/lib/libcrypto/x509/x509_ncons.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_ncons.c,v 1.7 2022/11/26 16:08:55 tb Exp $ */
+/* $OpenBSD: x509_ncons.c,v 1.8 2022/12/26 07:18:53 jmc Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project.
 */
@@ -482,7 +482,7 @@ nc_email(ASN1_IA5STRING *eml, ASN1_IA5STRING *base)
        if (!emlat)
                return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
-        /* Special case: inital '.' is RHS match */
+        /* Special case: initial '.' is RHS match */
        if (!baseat && (*baseptr == '.')) {
                if (eml->length > base->length) {
                        emlptr += eml->length - base->length;
@@ -543,7 +543,7 @@ nc_uri(ASN1_IA5STRING *uri, ASN1_IA5STRING *base)
        if (hostlen == 0)
                return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
-        /* Special case: inital '.' is RHS match */
+        /* Special case: initial '.' is RHS match */
        if (*baseptr == '.') {
                if (hostlen > base->length) {
                        p = hostptr + hostlen - base->length;
diff --git a/src/lib/libcrypto/x509/x509_utl.c b/src/lib/libcrypto/x509/x509_utl.c
index 525939d4ca..aa18efe2c5 100644
--- a/src/lib/libcrypto/x509/x509_utl.c
+++ b/src/lib/libcrypto/x509/x509_utl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_utl.c,v 1.4 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509_utl.c,v 1.5 2022/12/26 07:18:53 jmc Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project.
 */
@@ -723,7 +723,7 @@ skip_prefix(const unsigned char **p, size_t *plen, const unsigned char *subject,
 * "equal_nocase" function is a hand-rolled strncasecmp that does not
 * allow \0 in the pattern. Since an embedded \0 is likely a sign of
 * problems, we simply don't allow it in either case, and then we use
- * standard libc funcitons.
+ * standard libc functions.
 */
 /* Compare using strncasecmp */
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c
index 9392b1f41e..f6c7c21f5f 100644
--- a/src/lib/libcrypto/x509/x509_vfy.c
+++ b/src/lib/libcrypto/x509/x509_vfy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vfy.c,v 1.109 2022/12/01 05:20:30 tb Exp $ */
+/* $OpenBSD: x509_vfy.c,v 1.110 2022/12/26 07:18:53 jmc Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -312,7 +312,7 @@ X509_verify_cert_legacy_build_chain(X509_STORE_CTX *ctx, int *bad, int *out_ok)
                if (ctx->untrusted != NULL) {
                        /*
                         * If we do not find a non-expired untrusted cert, peek
-                         * ahead and see if we can satisify this from the trusted
+                         * ahead and see if we can satisfy this from the trusted
                         * store. If not, see if we have an expired untrusted cert.
                         */
                        xtmp = find_issuer(ctx, sktmp, x, 0);
diff --git a/src/lib/libcrypto/x509/x509_vfy.h b/src/lib/libcrypto/x509/x509_vfy.h
index 9a9d6c0a1c..27ed484291 100644
--- a/src/lib/libcrypto/x509/x509_vfy.h
+++ b/src/lib/libcrypto/x509/x509_vfy.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vfy.h,v 1.56 2022/12/01 05:27:04 tb Exp $ */
+/* $OpenBSD: x509_vfy.h,v 1.57 2022/12/26 07:18:53 jmc Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -255,7 +255,7 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
 /* Do not check certificate or CRL validity against current time. */
 #define X509_V_FLAG_NO_CHECK_TIME               0x200000
-/* Force the use of the legacy certificate verifcation */
+/* Force the use of the legacy certificate verification */
 #define X509_V_FLAG_LEGACY_VERIFY               0x400000
 #define X509_VP_FLAG_DEFAULT                    0x1
diff --git a/src/lib/libcrypto/x509/x509name.c b/src/lib/libcrypto/x509/x509name.c
index 14e2deb84f..19a253da4d 100644
--- a/src/lib/libcrypto/x509/x509name.c
+++ b/src/lib/libcrypto/x509/x509name.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509name.c,v 1.29 2022/11/26 16:08:55 tb Exp $ */
+/* $OpenBSD: x509name.c,v 1.30 2022/12/26 07:18:53 jmc Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -123,7 +123,7 @@ X509_NAME_get_index_by_NID(const X509_NAME *name, int nid, int lastpos)
 }
 LCRYPTO_ALIAS(X509_NAME_get_index_by_NID)
-/* NOTE: you should be passsing -1, not 0 as lastpos */
+/* NOTE: you should be passing -1, not 0 as lastpos */
 int
 X509_NAME_get_index_by_OBJ(const X509_NAME *name, const ASN1_OBJECT *obj,
    int lastpos)
diff --git a/src/lib/libcrypto/x86cpuid.pl b/src/lib/libcrypto/x86cpuid.pl
index 8b9570fc72..0fc906a3e9 100644
--- a/src/lib/libcrypto/x86cpuid.pl
+++ b/src/lib/libcrypto/x86cpuid.pl
@@ -190,7 +190,7 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
 &set_label("spin");
        &lea    ("ebx",&DWP(0,"eax","ecx"));
        &nop    ();
-        &data_word(0x1ab10ff0); # lock; cmpxchg %ebx,(%edx)     # %eax is envolved and is always reloaded
+        &data_word(0x1ab10ff0); # lock; cmpxchg %ebx,(%edx)     # %eax is involved and is always reloaded
        &jne    (&label("spin"));
        &mov    ("eax","ebx");  # OpenSSL expects the new value
        &pop    ("ebx");