Fix comment formatting for godoc.
PiperOrigin-RevId: 268985498
diff --git a/go/aead/aead.go b/go/aead/aead.go
index e6c8f3d..3398eae 100644
--- a/go/aead/aead.go
+++ b/go/aead/aead.go
@@ -13,38 +13,40 @@
////////////////////////////////////////////////////////////////////////////////
// Package aead provides implementations of the AEAD primitive.
+//
// AEAD encryption assures the confidentiality and authenticity of the data. This primitive is CPA secure.
+//
// Example:
-// package main
-
-// import (
-// "fmt"
//
-// "github.com/google/tink/go/aead"
-// "github.com/google/tink/go/keyset"
-// )
+// package main
//
-// func main() {
+// import (
+// "fmt"
//
-// kh, err := keyset.NewHandle(aead.AES256GCMKeyTemplate())
-// if err != nil {
-// // handle the error
-// }
+// "github.com/google/tink/go/aead"
+// "github.com/google/tink/go/keyset"
+// )
//
-// a := aead.New(kh)
+// func main() {
//
-// ct , err := a.Encrypt([]byte("this data needs to be encrypted"), []byte("associated data"))
-// if err != nil {
-// // handle error
-// }
+// kh, err := keyset.NewHandle(aead.AES256GCMKeyTemplate())
+// if err != nil {
+// // handle the error
+// }
//
-// pt, err := a.Decrypt(ct, []byte("associated data"))
-// if err != nil {
-// //handle error
-// }
+// a := aead.New(kh)
//
-// }
-
+// ct , err := a.Encrypt([]byte("this data needs to be encrypted"), []byte("associated data"))
+// if err != nil {
+// // handle error
+// }
+//
+// pt, err := a.Decrypt(ct, []byte("associated data"))
+// if err != nil {
+// //handle error
+// }
+//
+// }
package aead
import (
diff --git a/go/core/cryptofmt/cryptofmt.go b/go/core/cryptofmt/cryptofmt.go
index 09f3c38..ef4aecc 100644
--- a/go/core/cryptofmt/cryptofmt.go
+++ b/go/core/cryptofmt/cryptofmt.go
@@ -12,7 +12,8 @@
//
////////////////////////////////////////////////////////////////////////////////
-// Package cryptofmt provides constants and convenience methods that define the format of ciphertexts and signatures.
+// Package cryptofmt provides constants and convenience methods that define the
+// format of ciphertexts and signatures.
package cryptofmt
import (
@@ -45,11 +46,10 @@
RawPrefix = ""
)
-/*
-OutputPrefix generates the prefix of ciphertexts produced by the crypto primitive obtained from key.
-The prefix can be either empty (for RAW-type prefix), or consists of a 1-byte indicator of the type
-of the prefix, followed by 4 bytes of the key ID in big endian encoding.
-*/
+// OutputPrefix generates the prefix of ciphertexts produced by the crypto
+// primitive obtained from key. The prefix can be either empty (for RAW-type
+// prefix), or consists of a 1-byte indicator of the type of the prefix,
+// followed by 4 bytes of the key ID in big endian encoding.
func OutputPrefix(key *tinkpb.Keyset_Key) (string, error) {
switch key.OutputPrefixType {
case tinkpb.OutputPrefixType_LEGACY, tinkpb.OutputPrefixType_CRUNCHY:
diff --git a/go/core/primitiveset/primitiveset.go b/go/core/primitiveset/primitiveset.go
index 8c89966..9f7f20a 100644
--- a/go/core/primitiveset/primitiveset.go
+++ b/go/core/primitiveset/primitiveset.go
@@ -12,9 +12,12 @@
//
////////////////////////////////////////////////////////////////////////////////
-// Package primitiveset provides a container for a set of cryptographic primitives.
+// Package primitiveset provides a container for a set of cryptographic
+// primitives.
//
-// It provides also additional properties for the primitives it holds. In particular, one of the primitives in the set can be distinguished as "the primary" one.
+// It provides also additional properties for the primitives it holds. In
+// particular, one of the primitives in the set can be distinguished as "the
+// primary" one.
package primitiveset
import (
@@ -24,8 +27,8 @@
tinkpb "github.com/google/tink/proto/tink_go_proto"
)
-// Entry represents a single entry in the keyset. In addition to the actual primitive,
-// it holds the identifier and status of the primitive.
+// Entry represents a single entry in the keyset. In addition to the actual
+// primitive, it holds the identifier and status of the primitive.
type Entry struct {
Primitive interface{}
Prefix string
@@ -42,20 +45,24 @@
}
}
-// PrimitiveSet is used for supporting key rotation: primitives in a set correspond to keys in a
-// keyset. Users will usually work with primitive instances, which essentially wrap primitive
-// sets. For example an instance of an AEAD-primitive for a given keyset holds a set of
-// AEAD-primitives corresponding to the keys in the keyset, and uses the set members to do the
-// actual crypto operations: to encrypt data the primary AEAD-primitive from the set is used, and
-// upon decryption the ciphertext's prefix determines the id of the primitive from the set.
-
-// PrimitiveSet is a public to allow its use in implementations of custom primitives.
+// PrimitiveSet is used for supporting key rotation: primitives in a set
+// correspond to keys in a keyset. Users will usually work with primitive
+// instances, which essentially wrap primitive sets. For example an instance of
+// an AEAD-primitive for a given keyset holds a set of AEAD-primitives
+// corresponding to the keys in the keyset, and uses the set members to do the
+// actual crypto operations: to encrypt data the primary AEAD-primitive from
+// the set is used, and upon decryption the ciphertext's prefix determines the
+// id of the primitive from the set.
+//
+// PrimitiveSet is a public to allow its use in implementations of custom
+// primitives.
type PrimitiveSet struct {
// Primary entry.
Primary *Entry
- // The primitives are stored in a map of (ciphertext prefix, list of primitives sharing the
- // prefix). This allows quickly retrieving the primitives sharing some particular prefix.
+ // The primitives are stored in a map of (ciphertext prefix, list of
+ // primitives sharing the prefix). This allows quickly retrieving the
+ // primitives sharing some particular prefix.
Entries map[string][]*Entry
}
diff --git a/go/core/registry/registry.go b/go/core/registry/registry.go
index e6a1ecd..758a921 100644
--- a/go/core/registry/registry.go
+++ b/go/core/registry/registry.go
@@ -12,18 +12,20 @@
//
////////////////////////////////////////////////////////////////////////////////
-// Package registry provides a container that for each supported key type holds a corresponding KeyManager
-// object, which can generate new keys or instantiate the primitive corresponding to given key.
+// Package registry provides a container that for each supported key type holds
+// a corresponding KeyManager object, which can generate new keys or
+// instantiate the primitive corresponding to given key.
//
-// Registry is initialized at startup, and is later used to instantiate primitives for given keys
-// or keysets. Keeping KeyManagers for all primitives in a single Registry (rather than having a
-// separate KeyManager per primitive) enables modular construction of compound primitives from
-// "simple" ones, e.g., AES-CTR-HMAC AEAD encryption uses IND-CPA encryption and a MAC.
+// Registry is initialized at startup, and is later used to instantiate
+// primitives for given keys or keysets. Keeping KeyManagers for all primitives
+// in a single Registry (rather than having a separate KeyManager per
+// primitive) enables modular construction of compound primitives from "simple"
+// ones, e.g., AES-CTR-HMAC AEAD encryption uses IND-CPA encryption and a MAC.
//
-// Note that regular users will usually not work directly with Registry, but rather
-// via primitive factories, which in the background query the Registry for specific
-// KeyManagers. Registry is public though, to enable configurations with custom
-// primitives and KeyManagers.
+// Note that regular users will usually not work directly with Registry, but
+// rather via primitive factories, which in the background query the Registry
+// for specific KeyManagers. Registry is public though, to enable
+// configurations with custom primitives and KeyManagers.
package registry
import (
diff --git a/go/daead/daead.go b/go/daead/daead.go
index 63f72fb..3342188 100644
--- a/go/daead/daead.go
+++ b/go/daead/daead.go
@@ -13,46 +13,48 @@
////////////////////////////////////////////////////////////////////////////////
// Package daead provides implementations of the DeterministicAEAD primitive.
+//
// Unlike AEAD, implementations of this interface are not semantically secure, because
// encrypting the same plaintex always yields the same ciphertext.
+//
// Example:
//
-// package main
+// package main
//
-// import (
-// "fmt"
+// import (
+// "fmt"
//
-// "github.com/google/tink/go/daead"
-// "github.com/google/tink/go/keyset"
-// )
+// "github.com/google/tink/go/daead"
+// "github.com/google/tink/go/keyset"
+// )
//
-// func main() {
+// func main() {
//
-// kh, err := keyset.NewHandle(daead.AESSIVKeyTemplate())
-// if err != nil {
-// // handle the error
-// }
+// kh, err := keyset.NewHandle(daead.AESSIVKeyTemplate())
+// if err != nil {
+// // handle the error
+// }
//
-// d := daead.New(kh)
+// d := daead.New(kh)
//
-// ct1 , err := d.EncryptDeterministically([]byte("this data needs to be encrypted"), []byte("additional data"))
-// if err != nil {
-// // handle error
-// }
+// ct1 , err := d.EncryptDeterministically([]byte("this data needs to be encrypted"), []byte("additional data"))
+// if err != nil {
+// // handle error
+// }
//
-// pt , err := d.DecryptDeterministically(ct, []byte("additional data"))
-// if err != nil {
-// // handle error
-// }
+// pt , err := d.DecryptDeterministically(ct, []byte("additional data"))
+// if err != nil {
+// // handle error
+// }
//
-// ct2 , err := d.EncryptDeterministically([]byte("this data needs to be encrypted"), []byte("additional data"))
-// if err != nil {
-// // handle error
-// }
+// ct2 , err := d.EncryptDeterministically([]byte("this data needs to be encrypted"), []byte("additional data"))
+// if err != nil {
+// // handle error
+// }
//
-// // ct1 will be equal to ct2
+// // ct1 will be equal to ct2
//
-// }
+// }
package daead
import (
diff --git a/go/hybrid/hybrid.go b/go/hybrid/hybrid.go
index 38cf8dc..2fb9570 100644
--- a/go/hybrid/hybrid.go
+++ b/go/hybrid/hybrid.go
@@ -13,45 +13,52 @@
////////////////////////////////////////////////////////////////////////////////
// Package hybrid provides subtle implementations of the HKDF and EC primitives.
-// The functionality of Hybrid Encryption is represented as a pair of primitives (interfaces):
-// HybridEncrypt for encryption of data, and HybridDecrypt for decryption.
-// Implementations of these interfaces are secure against adaptive chosen ciphertext attacks. In
-// addition to plaintext the encryption takes an extra parameter contextInfo, which
-// usually is public data implicit from the context, but should be bound to the resulting
-// ciphertext, i.e. the ciphertext allows for checking the integrity of contextInfo (but
-// there are no guarantees wrt. the secrecy or authenticity of contextInfo).
+//
+// The functionality of Hybrid Encryption is represented as a pair of
+// primitives (interfaces):
+//
+// * HybridEncrypt for encryption of data
+//
+// * HybridDecrypt for decryption of data
+//
+// Implementations of these interfaces are secure against adaptive chosen
+// ciphertext attacks. In addition to plaintext the encryption takes an extra
+// parameter contextInfo, which usually is public data implicit from the
+// context, but should be bound to the resulting ciphertext, i.e. the
+// ciphertext allows for checking the integrity of contextInfo (but there are
+// no guarantees wrt. the secrecy or authenticity of contextInfo).
+//
// Example:
//
-// package main
+// package main
//
-// import (
-// "github.com/google/tink/go/hybrid"
-// "github.com/google/tink/go/core/registry"
-// "github.com/google/tink/go/keyset"
-// )
+// import (
+// "github.com/google/tink/go/hybrid"
+// "github.com/google/tink/go/core/registry"
+// "github.com/google/tink/go/keyset"
+// )
//
-// func main() {
+// func main() {
//
-// kh , err := keyset.NewHandle(hybrid.ECIESHKDFAES128CTRHMACSHA256KeyTemplate())
-// if err != nil {
-// //handle error
-// }
-// h := hybrid.NewHybridEncrypt(kh)
+// kh , err := keyset.NewHandle(hybrid.ECIESHKDFAES128CTRHMACSHA256KeyTemplate())
+// if err != nil {
+// //handle error
+// }
+// h := hybrid.NewHybridEncrypt(kh)
//
-// ct, err = h.Encrypt([]byte("secret message"), []byte("context info"))
-// if err != nil {
-// // handle error
-// }
+// ct, err = h.Encrypt([]byte("secret message"), []byte("context info"))
+// if err != nil {
+// // handle error
+// }
//
-// khd , err := keyset.NewHandle( .....); /// get a handle on the decryption key material
-// hd := hybrid.NewHybridDecrypt(khd)
+// khd , err := keyset.NewHandle( .....); /// get a handle on the decryption key material
+// hd := hybrid.NewHybridDecrypt(khd)
//
-// pt, err := hd.Decrypt(ct, []byte("context info"))
-// if err != nil {
-// // handle error
-// }
-// }
-
+// pt, err := hd.Decrypt(ct, []byte("context info"))
+// if err != nil {
+// // handle error
+// }
+// }
package hybrid
import (
diff --git a/go/insecurecleartextkeyset/insecurecleartextkeyset.go b/go/insecurecleartextkeyset/insecurecleartextkeyset.go
index aefb43d..62b99d9 100644
--- a/go/insecurecleartextkeyset/insecurecleartextkeyset.go
+++ b/go/insecurecleartextkeyset/insecurecleartextkeyset.go
@@ -12,10 +12,11 @@
//
////////////////////////////////////////////////////////////////////////////////
-// Package insecurecleartextkeyset provides methods to read or write cleartext keyset material.
+// Package insecurecleartextkeyset provides methods to read or write cleartext
+// keyset material.
//
-// This package contains dangerous functions, and is separate from the rest of Tink so that its
-// usage can be restricted and audited.
+// This package contains dangerous functions, and is separate from the rest of
+// Tink so that its usage can be restricted and audited.
package insecurecleartextkeyset
import (
@@ -51,8 +52,9 @@
}
// Write exports the keyset from h to the given writer w without encrypting it.
-// Storing secret key material in an unencrypted fashion is dangerous. If feasible, you should use
-// func keyset.Handle.Write() instead.
+//
+// Storing secret key material in an unencrypted fashion is dangerous. If
+// feasible, you should use func keyset.Handle.Write() instead.
func Write(h *keyset.Handle, w keyset.Writer) error {
if h == nil {
return errInvalidHandle
diff --git a/go/integration/gcpkms/gcp_kms_aead.go b/go/integration/gcpkms/gcp_kms_aead.go
index ccef83e..50f2911 100644
--- a/go/integration/gcpkms/gcp_kms_aead.go
+++ b/go/integration/gcpkms/gcp_kms_aead.go
@@ -14,6 +14,7 @@
//
////////////////////////////////////////////////////////////////////////////////
+// Package gcpkms provides integration with the Google Cloud KMS.
package gcpkms
import (
diff --git a/go/internal/internal.go b/go/internal/internal.go
index 01f4f2c..b26b74c 100644
--- a/go/internal/internal.go
+++ b/go/internal/internal.go
@@ -12,8 +12,9 @@
//
////////////////////////////////////////////////////////////////////////////////
-// Package internal provides a coordination point for package keyset, package insecurecleartextkeyset, and package testkeyset.
-// internal must only be imported by these three packages.
+// Package internal provides a coordination point for package keyset, package
+// insecurecleartextkeyset, and package testkeyset. internal must only be
+// imported by these three packages.
package internal
// KeysetHandle is a raw constructor of keyset.Handle.
diff --git a/go/keyset/keyset.go b/go/keyset/keyset.go
index dcfe765..3cf9912 100644
--- a/go/keyset/keyset.go
+++ b/go/keyset/keyset.go
@@ -12,7 +12,8 @@
//
////////////////////////////////////////////////////////////////////////////////
-// Package keyset provides methods to generate, read, write or validate keysets.
+// Package keyset provides methods to generate, read, write or validate
+// keysets.
package keyset
import (
@@ -20,14 +21,16 @@
tinkpb "github.com/google/tink/proto/tink_go_proto"
)
-// keysetHandle is used by package insecurecleartextkeyset and package testkeyset (via package internal)
-// to create a keyset.Handle from cleartext key material.
+// keysetHandle is used by package insecurecleartextkeyset and package
+// testkeyset (via package internal) to create a keyset.Handle from cleartext
+// key material.
func keysetHandle(ks *tinkpb.Keyset) *Handle {
return &Handle{ks}
}
-// keysetMaterial is used by package insecurecleartextkeyset and package testkeyset (via package internal)
-// to read the key material in a keyset.Handle.
+// keysetMaterial is used by package insecurecleartextkeyset and package
+// testkeyset (via package internal) to read the key material in a
+// keyset.Handle.
func keysetMaterial(h *Handle) *tinkpb.Keyset {
return h.ks
}
diff --git a/go/mac/mac.go b/go/mac/mac.go
index f7568f1..b75a827 100644
--- a/go/mac/mac.go
+++ b/go/mac/mac.go
@@ -13,38 +13,41 @@
////////////////////////////////////////////////////////////////////////////////
// Package mac provides implementations of the MAC primitive.
-// MAC computes a tag for a given message that can be used to authenticate a message.
-// MAC protects data integrity as well as provides for authenticity of the message.
+//
+// MAC computes a tag for a given message that can be used to authenticate a
+// message. MAC protects data integrity as well as provides for authenticity
+// of the message.
+//
// Example:
//
-// package main
+// package main
//
-// import (
-// "fmt"
+// import (
+// "fmt"
//
-// "github.com/google/tink/go/mac"
-// "github.com/google/tink/go/keyset"
-// )
+// "github.com/google/tink/go/mac"
+// "github.com/google/tink/go/keyset"
+// )
//
-// func main() {
+// func main() {
//
-// kh, err := keyset.NewHandle(mac.HMACSHA256Tag256KeyTemplate())
-// if err != nil {
-// // handle the error
-// }
+// kh, err := keyset.NewHandle(mac.HMACSHA256Tag256KeyTemplate())
+// if err != nil {
+// // handle the error
+// }
//
-// m := mac.New(kh)
+// m := mac.New(kh)
//
-// mac , err := m.ComputeMac([]byte("this data needs to be MACed"))
-// if err != nil {
-// // handle error
-// }
+// mac , err := m.ComputeMac([]byte("this data needs to be MACed"))
+// if err != nil {
+// // handle error
+// }
//
-// if m.VerifyMAC(mac, []byte("this data needs to be MACed")); err != nil {
-// //handle error
-// }
+// if m.VerifyMAC(mac, []byte("this data needs to be MACed")); err != nil {
+// //handle error
+// }
//
-// }
+// }
package mac
import (
diff --git a/go/signature/signature.go b/go/signature/signature.go
index 726218d..20ad794 100644
--- a/go/signature/signature.go
+++ b/go/signature/signature.go
@@ -12,39 +12,42 @@
//
////////////////////////////////////////////////////////////////////////////////
-// Package signature provides implementations of the Signer and Verifier primitives.
+// Package signature provides implementations of the Signer and Verifier
+// primitives.
+//
// To sign data using Tink you can use ECDSA or ED25519 key templates.
+//
// Example:
//
-// package main
+// package main
//
-// import (
-// "fmt"
+// import (
+// "fmt"
//
-// "github.com/google/tink/go/signature"
-// "github.com/google/tink/go/keyset"
-// )
+// "github.com/google/tink/go/signature"
+// "github.com/google/tink/go/keyset"
+// )
//
-// func main() {
+// func main() {
//
-// kh, err := keyset.NewHandle(signature.ECDSAP256KeyTemplate()) // other key templates can also be used
-// if err != nil {
-// // handle the error
-// }
+// kh, err := keyset.NewHandle(signature.ECDSAP256KeyTemplate()) // other key templates can also be used
+// if err != nil {
+// // handle the error
+// }
//
-// s := signature.NewSigner(kh)
+// s := signature.NewSigner(kh)
//
-// a , err := s.Sign([]byte("this data needs to be signed"))
-// if err != nil {
-// // handle error
-// }
+// a , err := s.Sign([]byte("this data needs to be signed"))
+// if err != nil {
+// // handle error
+// }
//
-// v := signature.NewVerifier(kh)
+// v := signature.NewVerifier(kh)
//
-// if err := v.Verify(a, []byte("this data needs to be signed")); err != nil {
-// // handle error
-// }
-// }
+// if err := v.Verify(a, []byte("this data needs to be signed")); err != nil {
+// // handle error
+// }
+// }
package signature
import (
diff --git a/go/subtle/daead/aes_siv.go b/go/subtle/daead/aes_siv.go
index b2fc913..263dbc7 100644
--- a/go/subtle/daead/aes_siv.go
+++ b/go/subtle/daead/aes_siv.go
@@ -12,7 +12,8 @@
//
////////////////////////////////////////////////////////////////////////////////
-// Package daead provides subtle implementations of the DeterministicAEAD primitive.
+// Package daead provides subtle implementations of the DeterministicAEAD
+// primitive.
package daead
import (
@@ -26,15 +27,17 @@
)
// AESSIV is an implemenatation of AES-SIV-CMAC as defined in
-// https://tools.ietf.org/html/rfc5297 .
-// AESSIV implements a deterministic encryption with additional
-// data (i.e. the DeterministicAEAD interface). Hence the implementation
-// below is restricted to one AD component.
+// https://tools.ietf.org/html/rfc5297.
//
-// Security:
-// =========
+// AESSIV implements a deterministic encryption with additional data (i.e. the
+// DeterministicAEAD interface). Hence the implementation below is restricted
+// to one AD component.
+//
+// Security Note:
+//
// Chatterjee, Menezes and Sarkar analyze AES-SIV in Section 5.1 of
// https://www.math.uwaterloo.ca/~ajmeneze/publications/tightness.pdf
+//
// Their analysis shows that AES-SIV is susceptible to an attack in
// a multi-user setting. Concretely, if an attacker knows the encryption
// of a message m encrypted and authenticated with k different keys,
@@ -90,7 +93,8 @@
}
// multiplyByX multiplies an element in GF(2^128) by its generator.
-// This functions is incorrectly named "doubling" in section 2.3 of RFC 5297.
+//
+// This function is incorrectly named "doubling" in section 2.3 of RFC 5297.
func multiplyByX(block []byte) {
carry := block[0] >> 7
for i := 0; i < aes.BlockSize-1; i++ {
@@ -104,8 +108,8 @@
}
}
-// EncryptDeterministically deterministically encrypts plaintext with additionalData as
-// additional authenticated data.
+// EncryptDeterministically deterministically encrypts plaintext with
+// additionalData as additional authenticated data.
func (asc *AESSIV) EncryptDeterministically(pt, aad []byte) ([]byte, error) {
siv := make([]byte, aes.BlockSize)
asc.s2v(pt, aad, siv)
@@ -119,8 +123,8 @@
return ct, nil
}
-// DecryptDeterministically deterministically decrypts ciphertext with additionalData as
-// additional authenticated data.
+// DecryptDeterministically deterministically decrypts ciphertext with
+// additionalData as additional authenticated data.
func (asc *AESSIV) DecryptDeterministically(ct, aad []byte) ([]byte, error) {
if len(ct) < aes.BlockSize {
return nil, errors.New("aes_siv: ciphertext is too short")
@@ -143,7 +147,8 @@
return pt, nil
}
-// ctrCrypt encrypts (or decrypts) the bytes in in using an SIV and writes the result to out.
+// ctrCrypt encrypts (or decrypts) the bytes in in using an SIV and writes the
+// result to out.
func (asc *AESSIV) ctrCrypt(siv, in, out []byte) error {
// siv might be used outside of ctrCrypt(), so making a copy of it.
iv := make([]byte, aes.BlockSize)
@@ -161,7 +166,8 @@
return nil
}
-// s2v is a Pseudo-Random Function (PRF) construction: https://tools.ietf.org/html/rfc5297.
+// s2v is a Pseudo-Random Function (PRF) construction:
+// https://tools.ietf.org/html/rfc5297.
func (asc *AESSIV) s2v(msg, aad, siv []byte) {
block := make([]byte, aes.BlockSize)
asc.cmac(block, block)
@@ -183,7 +189,9 @@
}
}
-// cmacLong computes CMAC(XorEnd(data, last)), where XorEnd xors the bytes in last to the last bytes in data.
+// cmacLong computes CMAC(XorEnd(data, last)), where XorEnd xors the bytes in
+// last to the last bytes in data.
+//
// The size of the data must be at least 16 bytes.
func (asc *AESSIV) cmacLong(data, last, mac []byte) {
block := make([]byte, aes.BlockSize)
diff --git a/go/subtle/kwp/kwp.go b/go/subtle/kwp/kwp.go
index 0d0e011..9c267f9 100644
--- a/go/subtle/kwp/kwp.go
+++ b/go/subtle/kwp/kwp.go
@@ -17,17 +17,18 @@
//
// The same encryption mode is also defined in RFC 5649. The NIST document is
// used here as a primary reference, since it contains a security analysis and
-// further recommendations. In particular, Section 8 of NIST SP 800 38f suggests
-// that the allowed key sizes may be restricted. The implementation in this
-// package requires that the key sizes are in the range MinWrapSize and
+// further recommendations. In particular, Section 8 of NIST SP 800 38f
+// suggests that the allowed key sizes may be restricted. The implementation in
+// this package requires that the key sizes are in the range MinWrapSize and
// MaxWrapSize.
//
// The minimum of 16 bytes has been chosen, because 128 bit keys are the
// smallest key sizes used in tink. Additionally, wrapping short keys with KWP
-// does not use the function W and hence prevents using security arguments based
-// on the assumption that W is a strong pseudorandom. One consequence of using a
-// strong pseudorandom permutation as an underlying function is that leaking
-// partial information about decrypted bytes is not useful for an attack.
+// does not use the function W and hence prevents using security arguments
+// based on the assumption that W is a strong pseudorandom. One consequence of
+// using a strong pseudorandom permutation as an underlying function is that
+// leaking partial information about decrypted bytes is not useful for an
+// attack.
//
// The upper bound for the key size is somewhat arbitrary. Setting an upper
// bound is motivated by the analysis in section A.4 of NIST SP 800 38f:
@@ -58,6 +59,7 @@
}
// NewKWP returns a KWP instance.
+//
// The key argument should be the AES wrapping key, either 16 or 32 bytes
// to select AES-128 or AES-256.
func NewKWP(wrappingKey []byte) (*KWP, error) {
diff --git a/go/subtle/mac/hmac.go b/go/subtle/mac/hmac.go
index 5ddd447..8dc3414 100644
--- a/go/subtle/mac/hmac.go
+++ b/go/subtle/mac/hmac.go
@@ -12,7 +12,7 @@
//
////////////////////////////////////////////////////////////////////////////////
-// Package mac provides subtle implementations of the Mac primitive.
+// Package mac provides subtle implementations of the MAC primitive.
package mac
import (
@@ -102,8 +102,8 @@
return tag[:h.TagSize], nil
}
-// VerifyMAC verifies whether the given MAC is a correct authentication code (MAC)
-// the given data.
+// VerifyMAC verifies whether the given MAC is a correct message authentication
+// code (MAC) the given data.
func (h *HMAC) VerifyMAC(mac []byte, data []byte) error {
if mac == nil || data == nil {
return errHMACInvalidInput
diff --git a/go/subtle/subtle.go b/go/subtle/subtle.go
index a3905db..44fa4d0 100644
--- a/go/subtle/subtle.go
+++ b/go/subtle/subtle.go
@@ -46,7 +46,7 @@
}
// ConvertCurveName converts different forms of a curve name to the
-// name that tink recognizes
+// name that tink recognizes.
func ConvertCurveName(name string) string {
switch name {
case "secp256r1", "P-256":
diff --git a/go/tink/signer.go b/go/tink/signer.go
index 9a399d4..a976b02 100644
--- a/go/tink/signer.go
+++ b/go/tink/signer.go
@@ -15,8 +15,10 @@
package tink
// Signer is the signing interface for digital signature.
-// Implementations of this interface are secure against adaptive chosen-message attacks.
-// Signing data ensures authenticity and integrity of that data, but not its secrecy.
+//
+// Implementations of this interface are secure against adaptive chosen-message
+// attacks. Signing data ensures authenticity and integrity of that data, but
+// not its secrecy.
type Signer interface {
// Computes the digital signature for data.
Sign(data []byte) ([]byte, error)
diff --git a/go/tink/verifier.go b/go/tink/verifier.go
index 88aacc7..d458db2 100644
--- a/go/tink/verifier.go
+++ b/go/tink/verifier.go
@@ -15,8 +15,10 @@
package tink
// Verifier is the verifying interface for digital signature.
-// Implementations of this interface are secure against adaptive chosen-message attacks.
-// Signing data ensures authenticity and integrity of that data, but not its secrecy.
+//
+// Implementations of this interface are secure against adaptive chosen-message
+// attacks. Signing data ensures authenticity and integrity of that data, but
+// not its secrecy.
type Verifier interface {
// Verifies returns nil if signature is a valid signature for data; otherwise returns an error.
Verify(signature, data []byte) error