Doc typos. Copyright notice, comment tidying

Still need to get copyright notices everwhere, I suppose.
currantlabs · Nov 18, 2017 · 47130de · 47130de
1 parent 093429a
commit 47130de
Show file tree

Hide file tree

Showing 4 changed files with 28 additions and 58 deletions.
diff --git a/doc.go b/doc.go
@@ -1,3 +1,8 @@
+/**
+ ** Copyright 2017 AgileBits, Inc.
+ ** Licensed under the Apache License, Version 2.0 (the "License").
+ **/
+
 /*
 Package srp Secure Remote Password protocol
 
@@ -30,10 +35,10 @@ secret such as a password. Because the verifier can used like a password hash wi
 respect to cracking, the derivation of x should be designed to resist password cracking
 if the verifier compromised.
 
-The client and the server must both use the same Diffie-Hellman group to peform
+The client and the server must both use the same Diffie-Hellman group to perform
 their computations.
 
-The server and the client send an ephemeral public key to each other
+The server and the client each send an ephemeral public key to each other
 (The client sends A; the server sends B)
 With their private knowledge of their own ephemeral secrets (a or b) and their
 private knowledge of x (for the client) and v (for the server) along with public
@@ -48,14 +53,15 @@ for KDF)
 	N    A large safe prime (N = 2q+1, where q is prime)
 	     All arithmetic is done modulo N.
   	g    A generator modulo N
-  	k    Multiplier parameter (k = H(N, g) in SRP-6a, k = 3 for legacy SRP-6)
+  	k    Multiplier parameter (k = H(N, g) in SRP-6a;
+             k = 3 for legacy SRP-6; k is a hash of the session ID within 1Password
   	H()  One-way hash function
   	^    (Modular) Exponentiation
   	u    Random scrambling parameter
   	a,b  Secret ephemeral values
   	A,B  Public ephemeral values
   	x    Long term client secret (derived via KDF)
-	v    Long term server Verifier
+	v    Long term server Verifier (derived from x)
 	s    Salt for key derivation function
 	I    User identifiers (username, account ID, etc)
 	KDF()    Key Derivation Function
@@ -93,18 +99,18 @@ The key derivation function, KDF()
 	The server then stores {I, s, v} long term. v needs to be protected in the same way that
 	a password hash should be protected.
 
-User's security responsibilites
+User's security responsibilities
 
 The consumer is responsible for
 
 1. Both: Checking whether methods have returned without error.
-This is particularly of SRP.Key() and SetOthersPublic()
+This is particularly true of SRP.Key() and SetOthersPublic()
 
 2. Client: Using an appropriate key derivation function for deriving x
 from the user's password (and nudging user toward a good password)
 
 3. Server: Storing the v (send by the client on first enrollment) securely.
-A caputured v can be used to masquarade as the server and be used like a password hash in a password cracking attempt
+A captured v can be used to masquerade as the server and be used like a password hash in a password cracking attempt
 
 4. Both: Proving to each other that both have the same key.
 */

diff --git a/example_sharedkey_test.go b/example_sharedkey_test.go
@@ -187,7 +187,7 @@ func Example() {
 
 	// If the message is successfully decrypted, then client and server
 	// can talk to each other using the key they derived
-	fmt.Printf("%s\n", message)
+	fmt.Printf("S -> C: %s\n", message)
 	// Output: Hi client! Will you be my Valentine?
 
 	// Client must generate a new nonce for all messages it sends.
@@ -207,7 +207,7 @@ func Example() {
 		fmt.Printf("Decryption failed: %s", err)
 		log.Fatal(err)
 	}
-	fmt.Printf("%s\n", plainReply)
-	// Output: Hi client! Will you be my Valentine?
-	// Send me chocolate, not bits!
+	fmt.Printf("C -> S: %s\n", plainReply)
+	// Output: S -> C: Hi client! Will you be my Valentine?
+	// C -> S: Send me chocolate, not bits!
 }
diff --git a/kdf_test.go b/kdf_test.go
@@ -1,3 +1,8 @@
+/**
+ ** Copyright 2017 AgileBits, Inc.
+ ** Licensed under the Apache License, Version 2.0 (the "License").
+ **/
+
 package srp
 
 import (
@@ -36,50 +41,3 @@ func TestKDFRFC5054(t *testing.T) {
 	}
 
 }
-
-type kdfTestVector struct {
-	sk           string
-	alg          string
-	iterations   int
-	method       string
-	saltB64      string
-	mp           string
-	email        string
-	expectedXhex string
-}
-
-var kh = kdfTestVector{
-	sk:      "A3-X5ZKSD-673PE8-CHH5Z-NAJMJ-5YFPF-3N5JP",
-	alg:     "PBES2-HS256",
-	method:  "SRP-4096",
-	saltB64: "BW28BWLu6w9y2unDFwHnKg",
-	mp:      "snowdrop ax organism pam",
-	email:   "kevinhayestest@icloud.com",
-
-	expectedXhex: "5b401cd715a53a0f2bb27de5554c2dde94d72680ac924094c5adbb74b8355b24",
-}
-
-/* from B5Book:/server/api/v1/srp.html
-
-email address: kevinhayestest@icloud.com
-password (hashed with SHA256, base64URLEncoded (with trailing '=' characters trimmed): tWkOikZrlNbt4r6CwzJP8EBLDaTEfNj6nRMKZ6k2UKI
-    (original password unhashed: snowdrop ax organism pam)
-Secret Key: A3-X5ZKSD-673PE8-CHH5Z-NAJMJ-5YFPF-3N5JP
-auth params:
-{
-    alg = "PBES2-HS256";
-    iterations = 100000;
-    method = "SRP-4096";
-    salt = BW28BWLu6w9y2unDFwHnKg;
-}
-
-SRP Verifier =
-facbcd929a8aa1273cd59b05e10e81dfff4fa188cdf8f9e65b0013b35fe261f180794598faa20ca0da4a96e69026beb109c85ea565ba95fb67c7287f4c2254a120166758220ff64634fba1671798055163ee1669fca1808901c747320717b30b6aea97141de027b4728187ae54bcca6cef656b670e178af9e121678a2f891073f2775c1073825c826f02908f2343dc404b9b67ccd4da72ca732f99d3bb349cdb0e8b4d78bfa79a88bb7175a55e14845bc4ddbdba5b84c736fca94012fecbe1caf4396c7a0dcd447b4346676f817cfdf65d3aaf8a9b2190455c78f62556343b8dcf49809a65ac0052e4039a22218c178c502203cf84d386b18f30a93789d2d96004afa652967bc4426cf26b01a1a5ff7bfa80353e78d24376e250d08cbf1ce8b41fa020ee8e293af0a57384d2a529f2ee601f7b0a0339301dfc716ae07bde740dc95c29d18c6f6991845ef1eb4bfe2db666c4d54bffddef13170ee6c5b41feb2291edb5f2ce2d6fa7d2c9efcdd5123b40fb7a618498d2821341ff251ba03c19ecdb9dacd47b845e8131aab4a624bf8453943153b0a3d586d6a5f2ac8890a463987ec2b2d347ef2a7abec2a26094325fac8e07dd45879ae19bfaf33ab149ee86103a97e35fa27c776e117a29cbd032a46c67fb46adec4f5e903a087548ec7f70d0d3b92fb1bfcf9773cf69c63f1b21b3baebb33f1a3114d0847048f37065f406b2
-
-PBKDF2 Derived = a3361b5791bc9f0bb874cefb7d0c6420224d6fd76ae801d7885ec294ce653aa4
-Derived Combined Secret Key = 5b401cd715a53a0f2bb27de5554c2dde94d72680ac924094c5adbb74b8355b24
-
-*/
-
-/* We don't have anything to test.
- */
diff --git a/srp.go b/srp.go
@@ -1,6 +1,12 @@
 package srp
 
 // package documentation is in doc.go
+
+/**
+ ** Copyright 2017 AgileBits, Inc.
+ ** Licensed under the Apache License, Version 2.0 (the "License").
+ **/
+
 import (
 	"crypto/sha256"
 	"fmt"