8285380: Fix typos in security

Reviewed-by: weijun, wetmore

src/java.security.jgss/macosx/native/libosxkrb5/nativeccache.c

@@ -593,7 +593,7 @@ jobject BuildAddressList(JNIEnv *env, krb5_address **addresses) {
         if (address == NULL) {
             return (jobject) NULL;
         }
-        // Add the HostAddress to the arrray.
+        // Add the HostAddress to the array.
         (*env)->SetObjectArrayElement(env, address_list, index, address);
 
         if ((*env)->ExceptionCheck(env)) {

src/java.security.jgss/share/classes/javax/security/auth/kerberos/EncryptionKey.java

@@ -141,7 +141,7 @@ public byte[] getEncoded() {
     /**
      * Destroys this key by clearing out the key material of this key.
      *
-     * @throws DestroyFailedException if some error occurs while destorying
+     * @throws DestroyFailedException if some error occurs while destroying
      * this key.
      */
     @Override

src/java.security.jgss/share/classes/javax/security/auth/kerberos/KerberosKey.java

@@ -244,7 +244,7 @@ public final byte[] getEncoded() {
     /**
      * Destroys this key by clearing out the key material of this secret key.
      *
-     * @throws DestroyFailedException if some error occurs while destorying
+     * @throws DestroyFailedException if some error occurs while destroying
      * this key.
      */
     public void destroy() throws DestroyFailedException {

src/java.security.jgss/share/classes/javax/security/auth/kerberos/KeyImpl.java

@@ -75,7 +75,7 @@ public KeyImpl(byte[] keyBytes,
      * @param principal the principal from which to derive the salt
      * @param password the password that should be used to compute the
      * key.
-     * @param algorithm the name for the algorithm that this key wil be
+     * @param algorithm the name for the algorithm that this key will be
      * used for. This parameter may be null in which case "DES" will be
      * assumed.
      */

src/java.security.jgss/share/classes/org/ietf/jgss/GSSException.java

@@ -249,7 +249,7 @@ public GSSException (int majorCode) {
      * specific major string for it.
      *
      * @param majorCode the fatal error code causing this exception.
-     * @param majorString an expicit message to be included in this exception
+     * @param majorString an explicit message to be included in this exception
      */
     GSSException (int majorCode, String majorString) {
 

src/java.security.jgss/share/classes/sun/security/jgss/GSSHeader.java

@@ -45,7 +45,7 @@
 
 /*
  * The RFC states that implementations should explicitly follow the
- * encoding scheme descibed in this section rather than use ASN.1
+ * encoding scheme described in this section rather than use ASN.1
  * compilers. However, we should consider removing duplicate ASN.1
  * like code from here and depend on sun.security.util if possible.
  */
@@ -131,7 +131,7 @@ public int getMechTokenLength() {
 
     /**
      * Used to obtain the length of the encoding of this GSSHeader.
-     * @return the lenght of the encoding of this GSSHeader instance.
+     * @return the length of the encoding of this GSSHeader instance.
      */
     public int getLength() {
         int lenField = mechOidBytes.length + mechTokenLength;

src/java.security.jgss/share/classes/sun/security/jgss/ProviderList.java

@@ -396,9 +396,9 @@ public synchronized void addProviderAtEnd(Provider p, Oid mechOid)
     }
 
     /**
-     * Helper routine to go through all properties contined in a
+     * Helper routine to go through all properties continued in a
      * provider and add its mechanisms to the list of supported
-     * mechanisms. If no default mechanism has been assinged so far,
+     * mechanisms. If no default mechanism has been assigned so far,
      * it sets the default MechanismFactory and Oid as well.
      * @param p the provider to query
      * @return true if there is at least one mechanism that this

src/java.security.jgss/share/classes/sun/security/jgss/TokenTracker.java

@@ -108,7 +108,7 @@ private int getIntervalIndex(int number) {
      * The following represents the number line with positions of
      * initNumber, windowStart, expectedNumber marked on it. Regions in
      * between them show the different sequencing and replay state
-     * possibilites for tokens that fall in there.
+     * possibilities for tokens that fall in there.
      *
      *  (1)      windowStart
      *           initNumber               expectedNumber
@@ -277,7 +277,7 @@ private void add(int number, int prevEntryPos) {
 
         /*
          * At this point we know that the number will start a new interval
-         * which needs to be added to the list. We might have to recyle an
+         * which needs to be added to the list. We might have to recycle an
          * older entry in the list.
          */
 
@@ -353,7 +353,7 @@ public String toString() {
 
     /**
      * An entry in the list that represents the sequence of received
-     * tokens. Each entry is actaully an interval of numbers, all of which
+     * tokens. Each entry is actually an interval of numbers, all of which
      * have been received.
      */
     class Entry {

src/java.security.jgss/share/classes/sun/security/jgss/krb5/CipherHelper.java

@@ -987,7 +987,7 @@ private final Cipher getInitializedDes(boolean encryptMode, byte[] key,
      * @param len the length of the encrypted data
      * @param dataOutBuf the output buffer where the application data
      * should be writte
-     * @param dataOffset the offser where the application data should
+     * @param dataOffset the offset where the application data should
      * be written.
      * @throws GSSException is an error occurs while decrypting the
      * data
@@ -1078,7 +1078,7 @@ private void desCbcDecrypt(WrapToken token, byte[] key, byte[] cipherText,
      * @param len the length of the ciphertext data
      * @param dataOutBuf the output buffer where the application data
      * should be writte
-     * @param dataOffset the offser where the application data should
+     * @param dataOffset the offset where the application data should
      * be written.
      * @throws GSSException is an error occurs while decrypting the
      * data

src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5InitCredential.java

@@ -147,7 +147,7 @@ private Krb5InitCredential(Krb5NameElement name,
                 .kerberosTicketSetServerAlias(this, serverAlias);
         this.name = name;
         // A delegated cred does not have all fields set. So do not try to
-        // creat new Credentials out of the delegatedCred.
+        // create new Credentials out of the delegatedCred.
         this.krb5Credentials = delegatedCred;
     }
 

src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5NameElement.java

@@ -322,7 +322,7 @@ public Oid getGSSNameType() {
      * @return the Oid for the format of the printed name
      */
     public Oid getStringNameType() {
-        // XXX For NT_EXPORT_NAME return a different name type. Infact,
+        // XXX For NT_EXPORT_NAME return a different name type. In fact,
         // don't even store NT_EXPORT_NAME in the cons.
         return (gssNameType);
     }

src/java.security.jgss/share/classes/sun/security/jgss/krb5/MessageToken.java

@@ -65,7 +65,7 @@
  * </pre>
  * Where "s" indicates the size of the checksum.
  * <p>
- * As always, this is preceeded by a GSSHeader.
+ * As always, this is preceded by a GSSHeader.
  *
  * @author Mayank Upadhyay
  * @author Ram Marti
@@ -141,7 +141,7 @@ abstract class MessageToken extends Krb5Token {
 
     /**
      * Constructs a MessageToken from a byte array. If there are more bytes
-     * in the array than needed, the extra bytes are simply ignroed.
+     * in the array than needed, the extra bytes are simply ignored.
      *
      * @param tokenId the token id that should be contained in this token as
      * it is read.
@@ -536,7 +536,7 @@ protected static final int getTokenSize(CipherHelper ch)
     }
 
     /**
-     * Obtains the conext key that is associated with this token.
+     * Obtains the context key that is associated with this token.
      * @return the context key
      */
     /*

src/java.security.jgss/share/classes/sun/security/jgss/krb5/SubjectComber.java

@@ -181,7 +181,7 @@ private static <T> Object findAux(Subject subject, String serverPrincipal,
                                 } catch (DestroyFailedException dfe) {
                                     if (DEBUG) {
                                         System.out.println("Expired ticket not" +
-                                                " detroyed successfully. " + dfe);
+                                                " destroyed successfully. " + dfe);
                                     }
                                 }
                             }

src/java.security.jgss/share/classes/sun/security/jgss/spi/GSSContextSpi.java

@@ -62,7 +62,7 @@
  * On the other hands, tokens used for per-message calls are generated
  * entirely by the mechanism. It is possible that the mechanism chooses to
  * encase inner-level per-message tokens in a header similar to that used
- * for initial tokens, however, this is upto the mechanism to do. The token
+ * for initial tokens, however, this is up to the mechanism to do. The token
  * to/from the per-message calls are opaque to the GSS-Framework.
  * </strong>
  * <p>
@@ -81,7 +81,7 @@
  * the token directly form an InputStream but output it to some byte[] for
  * the application to process. Unfortunately the high level GSS bindings
  * do not contain overloaded forms of wrap() and unwrap() that do just
- * this, however we have accomodated those cases here with the expectation
+ * this, however we have accommodated those cases here with the expectation
  * that this will be rolled into the high level bindings sooner or later.
  *
  * @author Mayank Upadhyay
@@ -161,7 +161,7 @@ public interface GSSContextSpi {
      * <p>
      * All overloaded forms of GSSContext.initSecContext() can be handled
      * with this mechanism level initSecContext. Since the output token
-     * from this method is a fixed size, not exeedingly large, and a one
+     * from this method is a fixed size, not exceedingly large, and a one
      * time deal, an overloaded form that takes an OutputStream has not
      * been defined. The GSS-Framwork can write the returned byte[] to any
      * application provided OutputStream. Similarly, any application input
@@ -202,7 +202,7 @@ public byte[] initSecContext(InputStream is, int mechTokenSize)
      * <p>
      * All overloaded forms of GSSContext.acceptSecContext() can be handled
      * with this mechanism level acceptSecContext. Since the output token
-     * from this method is a fixed size, not exeedingly large, and a one
+     * from this method is a fixed size, not exceedingly large, and a one
      * time deal, an overloaded form that takes an OutputStream has not
      * been defined. The GSS-Framwork can write the returned byte[] to any
      * application provided OutputStream. Similarly, any application input

src/java.security.jgss/share/classes/sun/security/jgss/spi/MechanismFactory.java

@@ -102,12 +102,12 @@ public interface MechanismFactory {
      * @param initLifetime indicates the lifetime (in seconds) that is
      * requested for this credential to be used at the context initiator's
      * end. This value should be ignored if the usage is
-     * ACCEPT_ONLY. Predefined contants are available in the
+     * ACCEPT_ONLY. Predefined constants are available in the
      * org.ietf.jgss.GSSCredential interface.
      * @param acceptLifetime indicates the lifetime (in seconds) that is
      * requested for this credential to be used at the context acceptor's
      * end. This value should be ignored if the usage is
-     * INITIATE_ONLY. Predefined contants are available in the
+     * INITIATE_ONLY. Predefined constants are available in the
      * org.ietf.jgss.GSSCredential interface.
      * @param usage One of the values GSSCredential.INIATE_ONLY,
      * GSSCredential.ACCEPT_ONLY, and GSSCredential.INITIATE_AND_ACCEPT.
@@ -169,7 +169,7 @@ public GSSNameSpi getNameElement(byte[] name, Oid nameType)
      * mechanism's choice should be assumed to be the context initiator and
      * that default credentials should be applied.
      * @param lifetime the requested lifetime (in seconds) for the security
-     * context. Predefined contants are available in the
+     * context. Predefined constants are available in the
      * org.ietf.jgss.GSSContext interface.
      * @throws GSSException if any of the errors described in RFC 2743 in
      * the GSS_Init_Sec_Context call occur.
@@ -184,8 +184,8 @@ public GSSContextSpi getMechanismContext(GSSNameSpi peer,
      *
      * @param myAcceptorCred a credential element for the context acceptor
      * obtained previously from this mechanism. The identity of the context
-     * acceptor cna be obtained from this credential. Passing a value of
-     * null here indicates that tha default entity of the mechanism's
+     * acceptor can be obtained from this credential. Passing a value of
+     * null here indicates that the default entity of the mechanism's
      * choice should be assumed to be the context acceptor and default
      * credentials should be applied.
      *

src/java.security.jgss/share/classes/sun/security/jgss/spnego/SpNegoContext.java

@@ -356,7 +356,7 @@ public final byte[] initSecContext(InputStream is, int mechTokenSize)
                 // pull out mechanism
                 internal_mech = targToken.getSupportedMech();
                 if (internal_mech == null) {
-                    // return wth failure
+                    // return with failure
                     throw new GSSException(errorCode, -1,
                                 "supported mechanism from server is null");
                 }
@@ -696,7 +696,7 @@ private Oid[] getAvailableMechs() {
     }
 
     /**
-     * get ther DER encoded MechList
+     * get the DER encoded MechList
      */
     private byte[] getEncodedMechs(Oid[] mechSet)
         throws IOException, GSSException {
@@ -911,7 +911,7 @@ private byte[] GSS_acceptSecContext(byte[] token) throws GSSException {
     }
 
     /**
-     * This routine compares the recieved mechset to the mechset that
+     * This routine compares the received mechset to the mechset that
      * this server can support. It looks sequentially through the mechset
      * and the first one that matches what the server can support is
      * chosen as the negotiated mechanism. If one is found, negResult

src/java.security.jgss/share/classes/sun/security/krb5/Checksum.java

@@ -187,7 +187,7 @@ public Checksum(DerValue encoding) throws Asn1Exception, IOException {
      * specification available at
      * <a href="http://www.ietf.org/rfc/rfc4120.txt">
      * http://www.ietf.org/rfc/rfc4120.txt</a>.
-     * @return byte array of enocded Checksum.
+     * @return byte array of encoded Checksum.
      * @exception Asn1Exception if an error occurs while decoding an
      * ASN1 encoded data.
      * @exception IOException if an I/O error occurs while reading

src/java.security.jgss/share/classes/sun/security/krb5/Config.java

@@ -104,7 +104,7 @@ public class Config {
 
     private static boolean DEBUG = sun.security.krb5.internal.Krb5.DEBUG;
 
-    // these are used for hexdecimal calculation.
+    // these are used for hexadecimal calculation.
     private static final int BASE16_0 = 1;
     private static final int BASE16_1 = 16;
     private static final int BASE16_2 = 16 * 16;
@@ -275,7 +275,7 @@ public String get(String... keys) {
     /**
      * Gets the boolean value for the specified keys. Returns TRUE if the
      * string value is "yes", or "true", FALSE if "no", or "false", or null
-     * if otherwise or not defined. The comparision is case-insensitive.
+     * if otherwise or not defined. The comparison is case-insensitive.
      *
      * @param keys the keys, see {@link #get(String...)}
      * @return the boolean value, or null if there is no value defined or the

src/java.security.jgss/share/classes/sun/security/krb5/EncryptionKey.java

@@ -112,7 +112,7 @@ public static EncryptionKey[] acquireSecretKeys(PrincipalName princ,
 
         if (princ == null)
             throw new IllegalArgumentException(
-                "Cannot have null pricipal name to look in keytab.");
+                "Cannot have null principal name to look in keytab.");
 
         // KeyTab getInstance(keytab) will call KeyTab.getInstance()
         // if keytab is null

src/java.security.jgss/share/classes/sun/security/krb5/internal/EncASRepPart.java

@@ -65,7 +65,7 @@ public EncASRepPart(
                 Krb5.KRB_ENC_AS_REP_PART
                 );
         //may need to use Krb5.KRB_ENC_TGS_REP_PART to mimic
-        //behavior of other implementaions, instead of above
+        //behavior of other implementations, instead of above
     }
 
     public EncASRepPart(byte[] data) throws Asn1Exception,

src/java.security.jgss/share/classes/sun/security/krb5/internal/ccache/MemoryCredentialsCache.java

@@ -37,7 +37,7 @@
 
 //Windows supports the "API: cache" type, which is a shared memory cache.  This is
 //implemented by krbcc32.dll as part of the MIT Kerberos for Win32 distribution.
-//MemoryCredentialsCache will provide future functions to access shared memeory cache on
+//MemoryCredentialsCache will provide future functions to access shared memory cache on
 //Windows platform. Native code implementation may be necessary.
 /**
  * This class extends CredentialsCache. It is used for accessing data in shared memory

src/java.security.jgss/share/classes/sun/security/krb5/internal/crypto/dk/DkCrypto.java

@@ -470,7 +470,7 @@ byte[] dk(byte[] key, byte[] constant)
      * must be expanded with n-fold() so it can be encrypted.  If the output
      * of E is shorter than k bits it is fed back into the encryption as
      * many times as necessary.  The construct is as follows (where |
-     * indicates concatentation):
+     * indicates concatenation):
      *
      * K1 = E(Key, n-fold(Constant), initial-cipher-state)
      * K2 = E(Key, K1, initial-cipher-state)

src/java.security.jgss/share/classes/sun/security/krb5/internal/ktab/KeyTab.java

@@ -86,7 +86,7 @@ public class KeyTab implements KeyTabConstants {
     /**
      * Constructs a KeyTab object.
      *
-     * If there is any I/O error or format errot during the loading, the
+     * If there is any I/O error or format error during the loading, the
      * isValid flag is set to false, and all half-read entries are dismissed.
      * @param filename path name for the keytab file, must not be null
      */

src/java.security.jgss/share/classes/sun/security/krb5/internal/util/KrbDataInputStream.java

@@ -36,7 +36,7 @@
 import java.io.IOException;
 
 /**
- * This class implements a buffered input stream. It provides methods to read a chunck
+ * This class implements a buffered input stream. It provides methods to read a chunk
  * of data from underlying data stream.
  *
  * @author Yanni Zhang

src/java.security.jgss/share/classes/sun/security/krb5/internal/util/KrbDataOutputStream.java

@@ -35,7 +35,7 @@
 import java.io.OutputStream;
 
 /**
- * This class implements a buffered output stream. It provides methods to write a chunck of
+ * This class implements a buffered output stream. It provides methods to write a chunk of
  * bytes to underlying data stream.
  *
  * @author Yanni Zhang

src/java.security.jgss/windows/classes/sun/security/krb5/internal/tools/Kinit.java

@@ -117,7 +117,7 @@ public static void main(String[] args) {
     /**
      * Constructs a new Kinit object.
      * @param args array of ticket request options.
-     * Avaiable options are: -f, -p, -c, principal, password.
+     * Available options are: -f, -p, -c, principal, password.
      * @exception IOException if an I/O error occurs.
      * @exception RealmException if the Realm could not be instantiated.
      * @exception KrbException if error occurs during Kerberos operation.

src/java.security.jgss/windows/classes/sun/security/krb5/internal/tools/Ktab.java

@@ -469,7 +469,7 @@ void printHelp() {
                 + "    kvno. If \"all\" is specified, delete all keys. If \"old\" is specified,\n"
                 + "    delete all keys except those with the highest kvno. Default action\n"
                 + "    is \"all\". If <etype> is specified, only keys of this encryption type\n"
-                + "    are deleted. <etype> should be specified as the numberic value etype\n"
+                + "    are deleted. <etype> should be specified as the numeric value etype\n"
                 + "    defined in RFC 3961, section 8. A prompt to confirm the deletion is\n"
                 + "    displayed unless -f is specified.");
         System.out.println();

src/java.security.jgss/windows/native/libw2k_lsa_auth/NativeCreds.c

@@ -1006,7 +1006,7 @@ jobject BuildTicketFlags(JNIEnv *env, PULONG flags) {
     jobject ticketFlags = NULL;
     jbyteArray ary;
     /*
-     * mdu: Convert the bytes to nework byte order before copying
+     * mdu: Convert the bytes to network byte order before copying
      * them to a Java byte array.
      */
     ULONG nlflags = htonl(*flags);