Refer to RFCs consistently.

We were a mix of "RFC1234" and "RFC 1234". Apparently there is actually
an answer for this, which is with a space textually and without a space
in the citation/reference tag:
https://datatracker.ietf.org/doc/html/rfc7322#section-3.5

Change-Id: I0c44023163fe3a2a3ffe28cbc644d4c952dc8f1e
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/48965
Reviewed-by: Adam Langley <agl@google.com>

crypto/asn1/a_strex.c

@@ -279,7 +279,7 @@ static int do_hex_dump(BIO *out, unsigned char *buf, int buflen)
 /*
  * "dump" a string. This is done when the type is unknown, or the flags
  * request it. We can either dump the content octets or the entire DER
- * encoding. This uses the RFC2253 #01234 format.
+ * encoding. This uses the RFC 2253 #01234 format.
  */
 
 static int do_dump(unsigned long lflags, BIO *out, const ASN1_STRING *str)

crypto/asn1/a_strnid.c

@@ -118,7 +118,7 @@ ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,
  * Now the tables and helper functions for the string table:
  */
 
-/* size limits: this stuff is taken straight from RFC3280 */
+/* size limits: this stuff is taken straight from RFC 3280 */
 
 #define ub_name                         32768
 #define ub_common_name                  64

crypto/asn1/asn1_test.cc

@@ -584,7 +584,7 @@ TEST(ASN1Test, StringPrintEx) {
        ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB,
        "\\00\\0A\\80\\FF\\,\\+\\\"\\\\\\<\\>\\;"},
 
-      // When quoted, fewer characters need to be escaped in RFC2253.
+      // When quoted, fewer characters need to be escaped in RFC 2253.
       {V_ASN1_T61STRING,
        {0, '\n', 0x80, 0xff, ',', '+', '"', '\\', '<', '>', ';'},
        0,
@@ -600,13 +600,13 @@ TEST(ASN1Test, StringPrintEx) {
            ASN1_STRFLGS_ESC_QUOTE,
        "\\00\\0A\\80\\FF\\\"\\\\"},
 
-      // RFC2253 only escapes spaces at the start and end of a string.
+      // RFC 2253 only escapes spaces at the start and end of a string.
       {V_ASN1_T61STRING, StringToVector("   "), 0, ASN1_STRFLGS_ESC_2253,
        "\\  \\ "},
       {V_ASN1_T61STRING, StringToVector("   "), 0,
        ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_QUOTE, "\"   \""},
 
-      // RFC2253 only escapes # at the start of a string.
+      // RFC 2253 only escapes # at the start of a string.
       {V_ASN1_T61STRING, StringToVector("###"), 0, ASN1_STRFLGS_ESC_2253,
        "\\###"},
       {V_ASN1_T61STRING, StringToVector("###"), 0,
@@ -682,7 +682,7 @@ TEST(ASN1Test, StringPrintEx) {
       // |ASN1_STRFLGS_UTF8_CONVERT| still converts these bytes to UTF-8.
       //
       // TODO(davidben): This seems like a bug. Although it's unclear because
-      // the non-RFC2253 options aren't especially sound. Can we just remove
+      // the non-RFC-2253 options aren't especially sound. Can we just remove
       // them?
       {V_ASN1_OCTET_STRING, {0xff}, 0, ASN1_STRFLGS_UTF8_CONVERT, "\xc3\xbf"},
       {-1, {0xff}, 0, ASN1_STRFLGS_UTF8_CONVERT, "\xc3\xbf"},

crypto/asn1/charmap.pl

@@ -62,17 +62,17 @@ my ($i, @arr);
 # Set up an array with the type of ASCII characters
 # Each set bit represents a character property.
 
-# RFC2253 character properties
+# RFC 2253 character properties
 my $RFC2253_ESC = 1;	# Character escaped with \
 my $ESC_CTRL	= 2;	# Escaped control character
-# These are used with RFC1779 quoting using "
+# These are used with RFC 1779 quoting using "
 my $NOESC_QUOTE	= 8;	# Not escaped if quoted
 my $PSTRING_CHAR = 0x10;	# Valid PrintableString character
 my $RFC2253_FIRST_ESC = 0x20; # Escaped with \ if first character
 my $RFC2253_LAST_ESC = 0x40;  # Escaped with \ if last character
 
 for($i = 0; $i < 128; $i++) {
-	# Set the RFC2253 escape characters (control)
+	# Set the RFC 2253 escape characters (control)
 	$arr[$i] = 0;
 	if(($i < 32) || ($i > 126)) {
 		$arr[$i] |= $ESC_CTRL;
@@ -88,7 +88,7 @@ for($i = 0; $i < 128; $i++) {
 
 # Now setup the rest
 
-# Remaining RFC2253 escaped characters
+# Remaining RFC 2253 escaped characters
 
 $arr[ord(" ")] |= $NOESC_QUOTE | $RFC2253_FIRST_ESC | $RFC2253_LAST_ESC;
 $arr[ord("#")] |= $NOESC_QUOTE | $RFC2253_FIRST_ESC;

crypto/cipher_extra/test/cipher_tests.txt

@@ -271,7 +271,7 @@ Plaintext =
 Ciphertext =
 
 
-# AES Counter test vectors from RFC3686
+# AES Counter test vectors from RFC 3686
 Cipher = AES-128-CTR
 Key = AE6852F8121067CC4BF7A5765577F39E
 IV = 00000030000000000000000000000001

crypto/fipsmodule/md4/md4.c

@@ -72,7 +72,7 @@ uint8_t *MD4(const uint8_t *data, size_t len, uint8_t out[MD4_DIGEST_LENGTH]) {
   return out;
 }
 
-// Implemented from RFC1186 The MD4 Message-Digest Algorithm.
+// Implemented from RFC 1186 The MD4 Message-Digest Algorithm.
 
 int MD4_Init(MD4_CTX *md4) {
   OPENSSL_memset(md4, 0, sizeof(MD4_CTX));

crypto/fipsmodule/modes/gcm_nohw.c

@@ -193,7 +193,7 @@ static void gcm_mul64_nohw(uint64_t *out_lo, uint64_t *out_hi, uint64_t a,
 #endif  // BORINGSSL_HAS_UINT128
 
 void gcm_init_nohw(u128 Htable[16], const uint64_t Xi[2]) {
-  // We implement GHASH in terms of POLYVAL, as described in RFC8452. This
+  // We implement GHASH in terms of POLYVAL, as described in RFC 8452. This
   // avoids a shift by 1 in the multiplication, needed to account for bit
   // reversal losing a bit after multiplication, that is,
   // rev128(X) * rev128(Y) = rev255(X*Y).

crypto/hmac_extra/hmac_tests.txt

@@ -5,7 +5,7 @@ Key =
 Input = "More text test vectors to stuff up EBCDIC machines :-)"
 Output = e9139d1e6ee064ef8cf514fc7dc83e86
 
-# HMAC tests from RFC2104
+# HMAC tests from RFC 2104
 HMAC = MD5
 Key = 0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
 Input = "Hi There"

crypto/obj/objects.txt

@@ -364,7 +364,7 @@ rsadsi 2 5		: MD5			: md5
 rsadsi 2 6		:			: hmacWithMD5
 rsadsi 2 7		:			: hmacWithSHA1
 
-# From RFC4231
+# From RFC 4231
 rsadsi 2 8		:			: hmacWithSHA224
 rsadsi 2 9		:			: hmacWithSHA256
 rsadsi 2 10		:			: hmacWithSHA384
@@ -492,7 +492,7 @@ id-kp 6			: ipsecTunnel		: IPSec Tunnel
 id-kp 7			: ipsecUser		: IPSec User
 !Cname time-stamp
 id-kp 8			: timeStamping		: Time Stamping
-# From OCSP spec RFC2560
+# From OCSP spec RFC 2560
 !Cname OCSP-sign
 id-kp 9			: OCSPSigning		: OCSP Signing
 id-kp 10		: DVCS			: dvcs
@@ -776,7 +776,7 @@ id-ce 55		: targetInformation	: X509v3 AC Targeting
 !Cname no-rev-avail
 id-ce 56		: noRevAvail		: X509v3 No Revocation Available
 
-# From RFC5280
+# From RFC 5280
 ext-key-usage 0		: anyExtendedKeyUsage	: Any Extended Key Usage
 
 
@@ -820,7 +820,7 @@ internet 4		: private		: Private
 internet 5		: security		: Security
 internet 6		: snmpv2		: SNMPv2
 # Documents refer to "internet 7" as "mail". This however leads to ambiguities
-# with RFC2798, Section 9.1.3, where "mail" is defined as the short name for
+# with RFC 2798, Section 9.1.3, where "mail" is defined as the short name for
 # rfc822Mailbox. The short name is therefore here left out for a reason.
 # Subclasses of "mail", e.g. "MIME MHS" don't consitute a problem, as
 # references are realized via long name "Mail" (with capital M).
@@ -1313,7 +1313,7 @@ ISO-US 10046 2 1	: dhpublicnumber		: X9.42 DH
 1 3 36 3 3 2 8 1 1 13 : brainpoolP512r1
 1 3 36 3 3 2 8 1 1 14 : brainpoolP512t1
 
-# ECDH schemes from RFC5753
+# ECDH schemes from RFC 5753
 !Alias x9-63-scheme 1 3 133 16 840 63 0
 !Alias secg-scheme certicom-arc 1
 

crypto/pkcs8/pkcs8_x509.c

@@ -1180,7 +1180,7 @@ PKCS12 *PKCS12_create(const char *password, const char *name,
   }
 
   // PKCS#12 is a very confusing recursive data format, built out of another
-  // recursive data format. Section 5.1 of RFC7292 describes the encoding
+  // recursive data format. Section 5.1 of RFC 7292 describes the encoding
   // algorithm, but there is no clear overview. A quick summary:
   //
   // PKCS#7 defines a ContentInfo structure, which is a overgeneralized typed

crypto/x509/x509_test.cc

@@ -3059,7 +3059,7 @@ TEST(X509Test, X509AlgorExtract) {
 
 // Test the various |X509_ATTRIBUTE| creation functions.
 TEST(X509Test, Attribute) {
-  // The friendlyName attribute has a BMPString value. See RFC2985,
+  // The friendlyName attribute has a BMPString value. See RFC 2985,
   // section 5.5.1.
   static const uint8_t kTest1[] = {0x26, 0x03};  // U+2603 SNOWMAN
   static const uint8_t kTest1UTF8[] = {0xe2, 0x98, 0x83};

crypto/x509/x509_vfy.c

@@ -1403,12 +1403,12 @@ static int check_crl_path(X509_STORE_CTX *ctx, X509 *x)
 }
 
 /*
- * RFC3280 says nothing about the relationship between CRL path and
+ * RFC 3280 says nothing about the relationship between CRL path and
  * certificate path, which could lead to situations where a certificate could
- * be revoked or validated by a CA not authorised to do so. RFC5280 is more
+ * be revoked or validated by a CA not authorised to do so. RFC 5280 is more
  * strict and states that the two paths must end in the same trust anchor,
  * though some discussions remain... until this is resolved we use the
- * RFC5280 version
+ * RFC 5280 version
  */
 
 static int check_crl_chain(X509_STORE_CTX *ctx,
@@ -1919,8 +1919,8 @@ int X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time)
     int i, day, sec, ret = 0;
 
     /*
-     * Note that ASN.1 allows much more slack in the time format than RFC5280.
+     * Note that ASN.1 allows much more slack in the time format than RFC 5280.
-     * In RFC5280, the representation is fixed:
+     * In RFC 5280, the representation is fixed:
      * UTCTime: YYMMDDHHMMSSZ
      * GeneralizedTime: YYYYMMDDHHMMSSZ
      *

crypto/x509/x_x509.c

@@ -128,14 +128,14 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
             }
         }
 
-        /* Per RFC5280, section 4.1.2.8, these fields require v2 or v3. */
+        /* Per RFC 5280, section 4.1.2.8, these fields require v2 or v3. */
         if (version == 0 && (ret->cert_info->issuerUID != NULL ||
                              ret->cert_info->subjectUID != NULL)) {
             OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_FOR_VERSION);
             return 0;
         }
 
-        /* Per RFC5280, section 4.1.2.9, extensions require v3. */
+        /* Per RFC 5280, section 4.1.2.9, extensions require v3. */
         if (version != 2 && ret->cert_info->extensions != NULL) {
             OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_FOR_VERSION);
             return 0;

crypto/x509v3/pcy_data.c

@@ -79,7 +79,7 @@ void policy_data_free(X509_POLICY_DATA *data)
 /*
  * Create a data based on an existing policy. If 'id' is NULL use the oid in
  * the policy, otherwise use 'id'. This behaviour covers the two types of
- * data in RFC3280: data with from a CertificatePolcies extension and
+ * data in RFC 3280: data with from a CertificatePolcies extension and
  * additional data with just the qualifiers of anyPolicy and ID from another
  * source.
  */

crypto/x509v3/pcy_int.h

@@ -65,7 +65,7 @@ DEFINE_STACK_OF(X509_POLICY_DATA)
 
 /*
  * This structure and the field names correspond to the Policy 'node' of
- * RFC3280. NB this structure contains no pointers to parent or child data:
+ * RFC 3280. NB this structure contains no pointers to parent or child data:
  * X509_POLICY_NODE contains that. This means that the main policy data can
  * be kept static and cached with the certificate.
  */

crypto/x509v3/pcy_tree.c

@@ -332,7 +332,7 @@ static int tree_link_matching_nodes(X509_POLICY_LEVEL *curr,
 }
 
 /*
- * This corresponds to RFC3280 6.1.3(d)(1): link any data from
+ * This corresponds to RFC 3280 6.1.3(d)(1): link any data from
  * CertificatePolicies onto matching parent or anyPolicy if no match.
  */
 
@@ -365,7 +365,7 @@ static int tree_link_nodes(X509_POLICY_LEVEL *curr,
 }
 
 /*
- * This corresponds to RFC3280 6.1.3(d)(2): Create new data for any unmatched
+ * This corresponds to RFC 3280 6.1.3(d)(2): Create new data for any unmatched
  * policies in the parent and link to anyPolicy.
  */
 
@@ -500,7 +500,7 @@ static int tree_prune(X509_POLICY_TREE *tree, X509_POLICY_LEVEL *curr)
     if (curr->flags & X509_V_FLAG_INHIBIT_MAP) {
         for (i = sk_X509_POLICY_NODE_num(nodes) - 1; i >= 0; i--) {
             node = sk_X509_POLICY_NODE_value(nodes, i);
-            /* Delete any mapped data: see RFC3280 XXXX */
+            /* Delete any mapped data: see RFC 3280 XXXX */
             if (node->data->flags & POLICY_DATA_FLAG_MAP_MASK) {
                 node->parent->nchild--;
                 OPENSSL_free(node);

crypto/x509v3/v3_utl.c

@@ -1120,7 +1120,7 @@ int X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags)
 
 /*
  * Convert IP addresses both IPv4 and IPv6 into an OCTET STRING compatible
- * with RFC3280.
+ * with RFC 3280.
  */
 
 ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc)

include/openssl/asn1.h

@@ -384,7 +384,7 @@ OPENSSL_EXPORT int ASN1_mbstring_ncopy(ASN1_STRING **out, const uint8_t *in,
 // in several forms:
 //
 // Some BIT STRINGs represent a bitmask of named bits, such as the X.509 key
-// usage extension in RFC5280, section 4.2.1.3. For such bit strings, DER
+// usage extension in RFC 5280, section 4.2.1.3. For such bit strings, DER
 // imposes an additional restriction that trailing zero bits are removed. Some
 // functions like |ASN1_BIT_STRING_set_bit| help in maintaining this.
 //
@@ -523,10 +523,10 @@ OPENSSL_EXPORT BIGNUM *ASN1_ENUMERATED_to_BN(const ASN1_ENUMERATED *ai,
 // epoch would be "19700101000000Z" for a GeneralizedTime and "700101000000Z"
 // for a UTCTime.
 //
-// ASN.1 does not define how to interpret UTCTime's two-digit year. RFC5280
+// ASN.1 does not define how to interpret UTCTime's two-digit year. RFC 5280
 // defines it as a range from 1950 to 2049 for X.509. The library uses the
-// RFC5280 interpretation. It does not currently enforce the restrictions from
+// RFC 5280 interpretation. It does not currently enforce the restrictions from
-// BER, and the additional restrictions from RFC5280, but future versions may.
+// BER, and the additional restrictions from RFC 5280, but future versions may.
 // Callers should not rely on fractional seconds and non-UTC time zones.
 //
 // The |ASN1_TIME| typedef represents the X.509 Time type, which is a CHOICE of
@@ -606,7 +606,7 @@ OPENSSL_EXPORT int ASN1_TIME_diff(int *out_days, int *out_seconds,
                                   const ASN1_TIME *from, const ASN1_TIME *to);
 
 // ASN1_TIME_set represents |t| as a GeneralizedTime or UTCTime and writes
-// the result to |s|. As in RFC5280, section 4.1.2.5, it uses UTCTime when the
+// the result to |s|. As in RFC 5280, section 4.1.2.5, it uses UTCTime when the
 // time fits and GeneralizedTime otherwise. It returns |s| on success and NULL
 // on error. If |s| is NULL, it returns a newly-allocated |ASN1_TIME| instead.
 //
@@ -614,7 +614,7 @@ OPENSSL_EXPORT int ASN1_TIME_diff(int *out_days, int *out_seconds,
 OPENSSL_EXPORT ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
 
 // ASN1_TIME_adj adds |offset_day| days and |offset_sec| seconds to
-// |t| and writes the result to |s|. As in RFC5280, section 4.1.2.5, it uses
+// |t| and writes the result to |s|. As in RFC 5280, section 4.1.2.5, it uses
 // UTCTime when the time fits and GeneralizedTime otherwise. It returns |s| on
 // success and NULL on error. If |s| is NULL, it returns a newly-allocated
 // |ASN1_GENERALIZEDTIME| instead.
@@ -774,7 +774,7 @@ OPENSSL_EXPORT int ASN1_TIME_print(BIO *out, const ASN1_TIME *a);
 // replaced with '.'.
 OPENSSL_EXPORT int ASN1_STRING_print(BIO *out, const ASN1_STRING *str);
 
-// ASN1_STRFLGS_ESC_2253 causes characters to be escaped as in RFC2253, section
+// ASN1_STRFLGS_ESC_2253 causes characters to be escaped as in RFC 2253, section
 // 2.4.
 #define ASN1_STRFLGS_ESC_2253 1
 
@@ -805,7 +805,7 @@ OPENSSL_EXPORT int ASN1_STRING_print(BIO *out, const ASN1_STRING *str);
 #define ASN1_STRFLGS_SHOW_TYPE 0x40
 
 // ASN1_STRFLGS_DUMP_ALL causes all strings to be printed as a hexdump, using
-// RFC2253 hexstring notation, such as "#0123456789ABCDEF".
+// RFC 2253 hexstring notation, such as "#0123456789ABCDEF".
 #define ASN1_STRFLGS_DUMP_ALL 0x80
 
 // ASN1_STRFLGS_DUMP_UNKNOWN behaves like |ASN1_STRFLGS_DUMP_ALL| but only
@@ -815,11 +815,11 @@ OPENSSL_EXPORT int ASN1_STRING_print(BIO *out, const ASN1_STRING *str);
 
 // ASN1_STRFLGS_DUMP_DER causes hexdumped strings (as determined by
 // |ASN1_STRFLGS_DUMP_ALL| or |ASN1_STRFLGS_DUMP_UNKNOWN|) to print the entire
-// DER element as in RFC2253, rather than only the contents of the
+// DER element as in RFC 2253, rather than only the contents of the
 // |ASN1_STRING|.
 #define ASN1_STRFLGS_DUMP_DER 0x200
 
-// ASN1_STRFLGS_RFC2253 causes the string to be escaped as in RFC2253,
+// ASN1_STRFLGS_RFC2253 causes the string to be escaped as in RFC 2253,
 // additionally escaping control characters.
 #define ASN1_STRFLGS_RFC2253                                              \
   (ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | \

include/openssl/tls1.h

@@ -181,26 +181,26 @@ extern "C" {
 #define TLS1_AD_NO_APPLICATION_PROTOCOL 120
 #define TLS1_AD_ECH_REQUIRED 121  // draft-ietf-tls-esni-10
 
-// ExtensionType values from RFC6066
+// ExtensionType values from RFC 6066
 #define TLSEXT_TYPE_server_name 0
 #define TLSEXT_TYPE_status_request 5
 
-// ExtensionType values from RFC4492
+// ExtensionType values from RFC 4492
 #define TLSEXT_TYPE_ec_point_formats 11
 
-// ExtensionType values from RFC5246
+// ExtensionType values from RFC 5246
 #define TLSEXT_TYPE_signature_algorithms 13
 
-// ExtensionType value from RFC5764
+// ExtensionType value from RFC 5764
 #define TLSEXT_TYPE_srtp 14
 
-// ExtensionType value from RFC7301
+// ExtensionType value from RFC 7301
 #define TLSEXT_TYPE_application_layer_protocol_negotiation 16
 
-// ExtensionType value from RFC7685
+// ExtensionType value from RFC 7685
 #define TLSEXT_TYPE_padding 21
 
-// ExtensionType value from RFC7627
+// ExtensionType value from RFC 7627
 #define TLSEXT_TYPE_extended_master_secret 23
 
 // ExtensionType value from draft-ietf-quic-tls. Drafts 00 through 32 use
@@ -210,7 +210,7 @@ extern "C" {
 // use the value 57 which was officially registered with IANA.
 #define TLSEXT_TYPE_quic_transport_parameters_legacy 0xffa5
 
-// ExtensionType value from RFC9000
+// ExtensionType value from RFC 9000
 #define TLSEXT_TYPE_quic_transport_parameters 57
 
 // TLSEXT_TYPE_quic_transport_parameters_standard is an alias for
@@ -219,13 +219,13 @@ extern "C" {
 #define TLSEXT_TYPE_quic_transport_parameters_standard \
   TLSEXT_TYPE_quic_transport_parameters
 
-// ExtensionType value from RFC8879
+// ExtensionType value from RFC 8879
 #define TLSEXT_TYPE_cert_compression 27
 
-// ExtensionType value from RFC4507
+// ExtensionType value from RFC 4507
 #define TLSEXT_TYPE_session_ticket 35
 
-// ExtensionType values from RFC8446
+// ExtensionType values from RFC 8446
 #define TLSEXT_TYPE_supported_groups 10
 #define TLSEXT_TYPE_pre_shared_key 41
 #define TLSEXT_TYPE_early_data 42
@@ -236,7 +236,7 @@ extern "C" {
 #define TLSEXT_TYPE_signature_algorithms_cert 50
 #define TLSEXT_TYPE_key_share 51
 
-// ExtensionType value from RFC5746
+// ExtensionType value from RFC 5746
 #define TLSEXT_TYPE_renegotiate 0xff01
 
 // ExtensionType value from draft-ietf-tls-subcerts.
@@ -252,7 +252,7 @@ extern "C" {
 #define TLSEXT_TYPE_ech_is_inner 0xda09
 #define TLSEXT_TYPE_ech_outer_extensions 0xfd00
 
-// ExtensionType value from RFC6962
+// ExtensionType value from RFC 6962
 #define TLSEXT_TYPE_certificate_timestamp 18
 
 // This is not an IANA defined extension number
@@ -313,7 +313,7 @@ extern "C" {
 #define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x03000065
 #define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA 0x03000066
 
-// AES ciphersuites from RFC3268
+// AES ciphersuites from RFC 3268
 
 #define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F
 #define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030
@@ -337,7 +337,7 @@ extern "C" {
 #define TLS1_CK_DH_RSA_WITH_AES_128_SHA256 0x0300003F
 #define TLS1_CK_DHE_DSS_WITH_AES_128_SHA256 0x03000040
 
-// Camellia ciphersuites from RFC4132
+// Camellia ciphersuites from RFC 4132
 #define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000041
 #define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000042
 #define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000043
@@ -354,7 +354,7 @@ extern "C" {
 #define TLS1_CK_ADH_WITH_AES_128_SHA256 0x0300006C
 #define TLS1_CK_ADH_WITH_AES_256_SHA256 0x0300006D
 
-// Camellia ciphersuites from RFC4132
+// Camellia ciphersuites from RFC 4132
 #define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000084
 #define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000085
 #define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000086
@@ -362,7 +362,7 @@ extern "C" {
 #define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000088
 #define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA 0x03000089
 
-// SEED ciphersuites from RFC4162
+// SEED ciphersuites from RFC 4162
 #define TLS1_CK_RSA_WITH_SEED_SHA 0x03000096
 #define TLS1_CK_DH_DSS_WITH_SEED_SHA 0x03000097
 #define TLS1_CK_DH_RSA_WITH_SEED_SHA 0x03000098
@@ -370,7 +370,7 @@ extern "C" {
 #define TLS1_CK_DHE_RSA_WITH_SEED_SHA 0x0300009A
 #define TLS1_CK_ADH_WITH_SEED_SHA 0x0300009B
 
-// TLS v1.2 GCM ciphersuites from RFC5288
+// TLS v1.2 GCM ciphersuites from RFC 5288
 #define TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 0x0300009C
 #define TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 0x0300009D
 #define TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 0x0300009E
@@ -384,7 +384,7 @@ extern "C" {
 #define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6
 #define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7
 
-// ECC ciphersuites from RFC4492
+// ECC ciphersuites from RFC 4492
 #define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001
 #define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002
 #define TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA 0x0300C003
@@ -426,7 +426,7 @@ extern "C" {
 #define TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA 0x0300C021
 #define TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA 0x0300C022
 
-// ECDH HMAC based ciphersuites from RFC5289
+// ECDH HMAC based ciphersuites from RFC 5289
 
 #define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256 0x0300C023
 #define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384 0x0300C024
@@ -437,7 +437,7 @@ extern "C" {
 #define TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256 0x0300C029
 #define TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384 0x0300C02A
 
-// ECDH GCM based ciphersuites from RFC5289
+// ECDH GCM based ciphersuites from RFC 5289
 #define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02B
 #define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02C
 #define TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02D
@@ -473,7 +473,7 @@ extern "C" {
 #define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA "EXP1024-DHE-DSS-RC4-SHA"
 #define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA"
 
-// AES ciphersuites from RFC3268
+// AES ciphersuites from RFC 3268
 #define TLS1_TXT_RSA_WITH_AES_128_SHA "AES128-SHA"
 #define TLS1_TXT_DH_DSS_WITH_AES_128_SHA "DH-DSS-AES128-SHA"
 #define TLS1_TXT_DH_RSA_WITH_AES_128_SHA "DH-RSA-AES128-SHA"
@@ -488,7 +488,7 @@ extern "C" {
 #define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AES256-SHA"
 #define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AES256-SHA"
 
-// ECC ciphersuites from RFC4492
+// ECC ciphersuites from RFC 4492
 #define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA "ECDH-ECDSA-NULL-SHA"
 #define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA "ECDH-ECDSA-RC4-SHA"
 #define TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA "ECDH-ECDSA-DES-CBC3-SHA"
@@ -540,7 +540,7 @@ extern "C" {
 #define TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA "SRP-RSA-AES-256-CBC-SHA"
 #define TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA "SRP-DSS-AES-256-CBC-SHA"
 
-// Camellia ciphersuites from RFC4132
+// Camellia ciphersuites from RFC 4132
 #define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA "CAMELLIA128-SHA"
 #define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA "DH-DSS-CAMELLIA128-SHA"
 #define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA "DH-RSA-CAMELLIA128-SHA"
@@ -555,7 +555,7 @@ extern "C" {
 #define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA"
 #define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA"
 
-// SEED ciphersuites from RFC4162
+// SEED ciphersuites from RFC 4162
 #define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA"
 #define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA"
 #define TLS1_TXT_DH_RSA_WITH_SEED_SHA "DH-RSA-SEED-SHA"
@@ -578,7 +578,7 @@ extern "C" {
 #define TLS1_TXT_ADH_WITH_AES_128_SHA256 "ADH-AES128-SHA256"
 #define TLS1_TXT_ADH_WITH_AES_256_SHA256 "ADH-AES256-SHA256"
 
-// TLS v1.2 GCM ciphersuites from RFC5288
+// TLS v1.2 GCM ciphersuites from RFC 5288
 #define TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 "AES128-GCM-SHA256"
 #define TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 "AES256-GCM-SHA384"
 #define TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 "DHE-RSA-AES128-GCM-SHA256"
@@ -592,7 +592,7 @@ extern "C" {
 #define TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 "ADH-AES128-GCM-SHA256"
 #define TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 "ADH-AES256-GCM-SHA384"
 
-// ECDH HMAC based ciphersuites from RFC5289
+// ECDH HMAC based ciphersuites from RFC 5289
 
 #define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 "ECDHE-ECDSA-AES128-SHA256"
 #define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 "ECDHE-ECDSA-AES256-SHA384"
@@ -603,7 +603,7 @@ extern "C" {
 #define TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 "ECDH-RSA-AES128-SHA256"
 #define TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 "ECDH-RSA-AES256-SHA384"
 
-// ECDH GCM based ciphersuites from RFC5289
+// ECDH GCM based ciphersuites from RFC 5289
 #define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 \
   "ECDHE-ECDSA-AES128-GCM-SHA256"
 #define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 \

include/openssl/x509.h

@@ -261,7 +261,7 @@ DEFINE_STACK_OF(X509_TRUST)
 #define XN_FLAG_SEP_MASK (0xf << 16)
 
 #define XN_FLAG_COMPAT 0  // Traditional SSLeay: use old X509_NAME_print
-#define XN_FLAG_SEP_COMMA_PLUS (1 << 16)  // RFC2253 ,+
+#define XN_FLAG_SEP_COMMA_PLUS (1 << 16)  // RFC 2253 ,+
 #define XN_FLAG_SEP_CPLUS_SPC (2 << 16)   // ,+ spaced: more readable
 #define XN_FLAG_SEP_SPLUS_SPC (3 << 16)   // ;+ spaced
 #define XN_FLAG_SEP_MULTILINE (4 << 16)   // One line per field
@@ -280,13 +280,13 @@ DEFINE_STACK_OF(X509_TRUST)
 #define XN_FLAG_SPC_EQ (1 << 23)  // Put spaces round '='
 
 // This determines if we dump fields we don't recognise:
-// RFC2253 requires this.
+// RFC 2253 requires this.
 
 #define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24)
 
 #define XN_FLAG_FN_ALIGN (1 << 25)  // Align field names to 20 characters
 
-// Complete set of RFC2253 flags
+// Complete set of RFC 2253 flags
 
 #define XN_FLAG_RFC2253                                             \
   (ASN1_STRFLGS_RFC2253 | XN_FLAG_SEP_COMMA_PLUS | XN_FLAG_DN_REV | \
@@ -463,7 +463,7 @@ OPENSSL_EXPORT void X509_get0_uids(const X509 *x509,
 #define X509_extract_key(x) X509_get_pubkey(x)
 
 // X509_get_pathlen returns path length constraint from the basic constraints
-// extension in |x509|. (See RFC5280, section 4.2.1.9.) It returns -1 if the
+// extension in |x509|. (See RFC 5280, section 4.2.1.9.) It returns -1 if the
 // constraint is not present, or if some extension in |x509| was invalid.
 //
 // Note that decoding an |X509| object will not check for invalid extensions. To
@@ -1144,7 +1144,7 @@ OPENSSL_EXPORT void X509_REQ_get0_signature(const X509_REQ *req,
 // a known NID.
 OPENSSL_EXPORT int X509_REQ_get_signature_nid(const X509_REQ *req);
 
-// i2d_re_X509_REQ_tbs serializes the CertificationRequestInfo (see RFC2986)
+// i2d_re_X509_REQ_tbs serializes the CertificationRequestInfo (see RFC 2986)
 // portion of |req|. If |outp| is NULL, nothing is written. Otherwise, if
 // |*outp| is not NULL, the result is written to |*outp|, which must have enough
 // space available, and |*outp| is advanced just past the output. If |outp| is
@@ -1171,7 +1171,7 @@ OPENSSL_EXPORT EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
 
 // X509_REQ_extension_nid returns one if |nid| is a supported CSR attribute type
 // for carrying extensions and zero otherwise. The supported types are
-// |NID_ext_req| (pkcs-9-at-extensionRequest from RFC2985) and |NID_ms_ext_req|
+// |NID_ext_req| (pkcs-9-at-extensionRequest from RFC 2985) and |NID_ms_ext_req|
 // (a Microsoft szOID_CERT_EXTENSIONS variant).
 OPENSSL_EXPORT int X509_REQ_extension_nid(int nid);
 
@@ -1179,7 +1179,7 @@ OPENSSL_EXPORT int X509_REQ_extension_nid(int nid);
 // returns a newly-allocated |STACK_OF(X509_EXTENSION)| containing the result.
 // It returns NULL on error, or if |req| did not request extensions.
 //
-// This function supports both pkcs-9-at-extensionRequest from RFC2985 and the
+// This function supports both pkcs-9-at-extensionRequest from RFC 2985 and the
 // Microsoft szOID_CERT_EXTENSIONS variant.
 OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
 

include/openssl/x509v3.h

@@ -657,7 +657,7 @@ OPENSSL_EXPORT void *X509V3_EXT_d2i(const X509_EXTENSION *ext);
 // extension, or -1 if not found. If |out_idx| is non-NULL, duplicate extensions
 // are not treated as an error. Callers, however, should not rely on this
 // behavior as it may be removed in the future. Duplicate extensions are
-// forbidden in RFC5280.
+// forbidden in RFC 5280.
 //
 // WARNING: This function is difficult to use correctly. Callers should pass a
 // non-NULL |out_critical| and check both the return value and |*out_critical|
@@ -787,7 +787,7 @@ OPENSSL_EXPORT uint32_t X509_get_key_usage(X509 *x);
 OPENSSL_EXPORT uint32_t X509_get_extended_key_usage(X509 *x);
 
 // X509_get0_subject_key_id returns |x509|'s subject key identifier, if present.
-// (See RFC5280, section 4.2.1.2.) It returns NULL if the extension is not
+// (See RFC 5280, section 4.2.1.2.) It returns NULL if the extension is not
 // present or if some extension in |x509| was invalid.
 //
 // Note that decoding an |X509| object will not check for invalid extensions. To
@@ -796,7 +796,7 @@ OPENSSL_EXPORT uint32_t X509_get_extended_key_usage(X509 *x);
 OPENSSL_EXPORT const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x509);
 
 // X509_get0_authority_key_id returns keyIdentifier of |x509|'s authority key
-// identifier, if the extension and field are present. (See RFC5280,
+// identifier, if the extension and field are present. (See RFC 5280,
 // section 4.2.1.1.) It returns NULL if the extension is not present, if it is
 // present but lacks a keyIdentifier field, or if some extension in |x509| was
 // invalid.
@@ -808,7 +808,7 @@ OPENSSL_EXPORT const ASN1_OCTET_STRING *X509_get0_authority_key_id(X509 *x509);
 
 // X509_get0_authority_issuer returns the authorityCertIssuer of |x509|'s
 // authority key identifier, if the extension and field are present. (See
-// RFC5280, section 4.2.1.1.) It returns NULL if the extension is not present,
+// RFC 5280, section 4.2.1.1.) It returns NULL if the extension is not present,
 // if it is present but lacks a authorityCertIssuer field, or if some extension
 // in |x509| was invalid.
 //
@@ -819,7 +819,7 @@ OPENSSL_EXPORT const GENERAL_NAMES *X509_get0_authority_issuer(X509 *x509);
 
 // X509_get0_authority_serial returns the authorityCertSerialNumber of |x509|'s
 // authority key identifier, if the extension and field are present. (See
-// RFC5280, section 4.2.1.1.) It returns NULL if the extension is not present,
+// RFC 5280, section 4.2.1.1.) It returns NULL if the extension is not present,
 // if it is present but lacks a authorityCertSerialNumber field, or if some
 // extension in |x509| was invalid.
 //

ssl/encrypted_client_hello.cc

@@ -436,7 +436,7 @@ static bool is_ipv4_address(Span<const uint8_t> in) {
 }
 
 bool ssl_is_valid_ech_public_name(Span<const uint8_t> public_name) {
-  // See draft-ietf-tls-esni-11, Section 4 and RFC5890, Section 2.3.1. The
+  // See draft-ietf-tls-esni-11, Section 4 and RFC 5890, Section 2.3.1. The
   // public name must be a dot-separated sequence of LDH labels and not begin or
   // end with a dot.
   auto copy = public_name;

ssl/internal.h

@@ -2315,7 +2315,7 @@ bool tls12_check_peer_sigalg(const SSL_HANDSHAKE *hs, uint8_t *out_alert,
 
 #define TLSEXT_CHANNEL_ID_SIZE 128
 
-// From RFC4492, used in encoding the curve type in ECParameters
+// From RFC 4492, used in encoding the curve type in ECParameters
 #define NAMED_CURVE_TYPE 3
 
 struct CERT {

ssl/ssl_cipher.cc

@@ -234,7 +234,7 @@ static constexpr SSL_CIPHER kCiphers[] = {
      SSL_HANDSHAKE_MAC_DEFAULT,
     },
 
-    // GCM ciphersuites from RFC5288
+    // GCM ciphersuites from RFC 5288
 
     // Cipher 9C
     {
@@ -346,7 +346,7 @@ static constexpr SSL_CIPHER kCiphers[] = {
      SSL_HANDSHAKE_MAC_DEFAULT,
     },
 
-    // GCM based TLS v1.2 ciphersuites from RFC5289
+    // GCM based TLS v1.2 ciphersuites from RFC 5289
 
     // Cipher C02B
     {

ssl/test/runner/common.go

@@ -176,7 +176,7 @@ const (
 	CertTypeRSAFixedDH = 3 // A certificate containing a static DH key
 	CertTypeDSSFixedDH = 4 // A certificate containing a static DH key
 
-	// See RFC4492 sections 3 and 5.5.
+	// See RFC 4492 sections 3 and 5.5.
 	CertTypeECDSASign      = 64 // A certificate containing an ECDSA-capable public key, signed with ECDSA.
 	CertTypeRSAFixedECDH   = 65 // A certificate containing an ECDH-capable public key, signed with RSA.
 	CertTypeECDSAFixedECDH = 66 // A certificate containing an ECDH-capable public key, signed with ECDSA.

ssl/tls13_server.cc

@@ -270,7 +270,7 @@ static enum ssl_ticket_aead_result_t select_session(
     return ssl_ticket_aead_ignore_ticket;
   }
 
-  // Per RFC8446, section 4.2.9, servers MUST abort the handshake if the client
+  // Per RFC 8446, section 4.2.9, servers MUST abort the handshake if the client
   // sends pre_shared_key without psk_key_exchange_modes.
   CBS unused;
   if (!ssl_client_hello_get_extension(client_hello, &unused,

util/fetch_ech_config_list.go

@@ -175,7 +175,7 @@ func dnsQueryForHTTPS(domain string) ([][]byte, error) {
 		// Verify that this response answers the question that we asked in the
 		// query. If the resolver encountered any CNAMEs, it's not guaranteed
 		// that the response will contain a question with the same QNAME as our
-		// query. However, RFC8499 Section 4 indicates that in general use, the
+		// query. However, RFC 8499 Section 4 indicates that in general use, the
 		// response's QNAME should match the query, so we will make that
 		// assumption.
 		q, err := p.Question()