Minor comment improvements

Author: tleonhardt

aes_gcm.c

@@ -25,7 +25,7 @@ to help you with making an AES key generator for your key.
 #define TAG_BYTES 16
 
 int main(void)
-{   
+{
     mbedtls_ctr_drbg_context ctr_drbg;
     mbedtls_entropy_context entropy;
     mbedtls_gcm_context gcm;
@@ -156,6 +156,5 @@ int main(void)
     // Free the GCM context and underlying cipher sub-context
     mbedtls_gcm_free(&gcm);
 
-    // TODO: Perform any cleanup of mbed TLS resources necessary
     return ret;
 }

aes_gcm_cryptography.py

@@ -10,8 +10,8 @@
 Additional means of verifying integrity such as HMAC are not necessary.
 
 NOTE: There is a better way to do AES-GCM in Cryptography version 2.0 or newer using the AES-GCM construction which is
-composed of the AES block cipher utilizing GCM mode.  But Debian 9 comes with Cryptograhpy 1.7.
-The way presented here is compatible with both versions.
+composed of the AES block cipher utilizing GCM mode.  This version is intended to be compatible with version 1.7
+or newer of the Cryptography module.
 """
 import os
 

aesgcm_file.c

@@ -1,7 +1,8 @@
 /*
  * AES-256 file encryption program using Galois Counter Mode (GCM)
  *
- * It has been greatly simplified in the interests of readability at the cost of not being cross-platform compatible.
+ * It has been greatly simplified in the interests of readability at the cost of not necessarily being cross-platform
+ * compatible to ARM platforms.  Tis code is intended to work on Windows, macOS, and Linux.
  */
 #if !defined(MBEDTLS_CONFIG_FILE)
 #include "mbedtls/config.h"
@@ -403,7 +404,6 @@ int main( int argc, char *argv[] )
     // Free the GCM context and underlying cipher sub-context
     mbedtls_gcm_free(&gcm_ctx);
 
-
     return( ret );
 
 }

aesgcm_file.py

@@ -10,8 +10,7 @@
 Additional means of verifying integrity such as HMAC are not necessary.
 
 NOTE: There is a better way to do AES-GCM in Cryptography version 2.0 or newer using the AES-GCM construction which is
-composed of the AES block cipher utilizing GCM mode.  But Debian 9 comes with Cryptograhpy 1.7.
-The way presented here is compatible with both versions.
+composed of the AES block cipher utilizing GCM mode.  This should be compatible with Cryptograhpy 1.7 or newer.
 
 This is intended to be used in conjunction with teh "aesgcm_file.c" example code for demonstrating interoperability
 between Python's Cryptography module and the mbed TLS C library for AES-256 in GCM mode.

ecdh.c

@@ -5,7 +5,7 @@
  *
  * Curve25519 is very fast, but only uses 256 bits (128 bits of security) even though it is highly respected as being
  * safe by pretty much everyone.  This curve is suitable for an asymmetric ECDH key exchange used to derive a 128-bit
- * key for use with a symmetric cipher such as AES-128.Python's Cryptography module doesn't have support for curve25519
+ * key for use with a symmetric cipher such as AES-128. Python's Cryptography module doesn't have support for curve25519
  * until version 2.0 and even then it only supports it with a bleeding-edge version of OpenSSL.
  *
  * Elliptic Curve SECP384R1 is a 384-bit NIST curve over a prime field.  This is a curve with intermediate performance
@@ -304,7 +304,7 @@ int main( int argc, char *argv[] )
     }
     mbedtls_printf( " ok\n" );
 
-    // TODO: Use a Key Derivation Function (KDF) to derive a 256-bit AES key from the 521-bit shared secret
+    // TODO: Use a Key Derivation Function (KDF) to derive a 256-bit AES key and an IV from the 521-bit shared secret
 
 
 exit:

kdf.c

@@ -9,7 +9,7 @@
  * v2.0, also published as Internet Engineering Task Force's RFC 2898.  It supercedes PBKDF1, which could only produce
  * keys up to 160 bits long.
  *
- * There are better KDF functions availble which address weaknesses in PBDKF2, but PBKDF2 is widely available in most
+ * There are better KDF functions available which address weaknesses in PBDKF2, but PBKDF2 is widely available in most
  * libraries.
  *
  * PBKDF2 applies a pseudorandom function, such as a hash-based message authentication code (HMAC), to the input

kdf.py

@@ -1,12 +1,7 @@
 #!/usr/bin/env python3
 # coding=utf-8
 """
-This is a simple example of doing an elliptic curve Diffie-Hellman ECDH) key exchange.
-
-It allows two parties to jointly agree on a shared secret using an insecure channel.
-
-NOTE: Cryptography version 2.0 in combination with very new versions of OpenSSL support a simpler
-interface to use Curve25519 via from cryptography.hazmat.primitives.asymmetric.x25519 import X25519PrivateKey
+This is a simple Key Derivation Function (KDF) example using Python's cryptography module.
 """
 import sys
 

nacl_symmetric_gen.py

@@ -7,8 +7,9 @@
  * These routines use the XSalsa20 stream cipher for encryption and the Poly1305 MAC for authentication
  * in pre-packaged set of routines for doing authenticated encryption using symmetric keys.
  *
- * NOTE: This is NOT an AEAD (Authenticated Encryption with Additional Data) mode because the MAC computation
- * is done over the encrypted ciphertext and does not include any additional data.
+ * NOTE: While this is an AE (Authenticated Encryption) mode, this is NOT an AEAD (Authenticated Encryption with
+ Additional Data) mode because the MAC computation is just done over the encrypted ciphertext and does not include any
+ additional data.
  *
  * XSalsa20 is a stream cipher based upon Salsa20 but with a much longer nonce: 192 bits instead of 64 bits.
  *

sodium/ed25519_sodium_pynacl.c

@@ -1,6 +1,6 @@
 /* Round trip unit test of using libsodium Ed25519 digital signature code along with PyNacl digital signature code
  *
- * 0) Uses a hard-coded signing key seed generated by PyNacl to reconstruct signaing and verifying keys in libsodium
+ * 0) Uses a hard-coded signing key seed generated by PyNacl to reconstruct signing and verifying keys in libsodium
  * 1) Reconstructs the signing and verifying keys from this in libsodium
  * 2) Signs a test message
  * 3) Verifies the signature of this test message
@@ -86,4 +86,4 @@ int main(int argc, char *argv[])
     }
 
     return ret;
-}
+}