diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 967668080..1c3f14e82 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -560,7 +560,7 @@
  *
  * This setting requires compiling with clang -fsanitize=memory.
  *
- * Uncomment to enable testing of the constant-flow nature of seletected code.
+ * Uncomment to enable testing of the constant-flow nature of selected code.
  */
 //#define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
 
diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index 60ba22419..c435f7a9c 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -882,11 +882,11 @@ int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
  *                          to a readable buffer of \p max_data_len bytes.
  * \param data_len_secret   The length of the data to process in \p data.
  *                          This must be no less than \p min_data_len and no
- *                          greated than \p max_data_len.
+ *                          greater than \p max_data_len.
  * \param min_data_len      The minimal length of \p data in bytes.
  * \param max_data_len      The maximal length of \p data in bytes.
  * \param output            The HMAC will be written here. This must point to
- *                          a writeable buffer of sufficient size to hold the
+ *                          a writable buffer of sufficient size to hold the
  *                          HMAC value.
  *
  * \retval 0