Spelling

abe/cpabe/tkn20/example_test.go

@@ -50,7 +50,7 @@ func checkPolicy(in map[string][]string) bool {
 
 func Example() {
 	policyStr := `(occupation: doctor) and (country: US)`
-	invalidPolicyStr := `(ocupation: doctor) and (country: pacific)`
+	invalidPolicyStr := `(title: doctor) and (country: pacific)`
 	msgStr := `must have the precious 🎃`
 	wrongAttrsMap := map[string]string{"occupation": "doctor", "country": "croatia"}
 	rightAttrsMap := map[string]string{"occupation": "doctor", "country": "US", "age": "16"}
@@ -124,7 +124,7 @@ func Example() {
 		log.Fatalf("decryption using right attrs should have succeeded, plaintext: %s", pt)
 	}
 	if !bytes.Equal(pt, []byte(msgStr)) {
-		log.Fatalf("recoverd plaintext: %s is not equal to original msg: %s", pt, msgStr)
+		log.Fatalf("recovered plaintext: %s is not equal to original msg: %s", pt, msgStr)
 	}
 	fmt.Println("Successfully recovered plaintext")
 	// Output: (occupation:doctor and country:US)

abe/cpabe/tkn20/internal/tkn/bk.go

@@ -243,7 +243,7 @@ func (p *Policy) ExtractFromCiphertext(ct []byte) error {
 	}
 	macData, _, err := removeLenPrefixed(rest)
 	if err != nil {
-		return fmt.Errorf("invalid ciphetext")
+		return fmt.Errorf("invalid ciphertext")
 	}
 	C1, _, err := removeLenPrefixed(macData)
 	if err != nil {

abe/cpabe/tkn20/internal/tkn/matrixGT_test.go

@@ -157,7 +157,7 @@ func TestExpGTLinearity(t *testing.T) {
 	absum.add(aexp, bexp)
 	abexp.exp(ab)
 	if !abexp.Equal(absum) {
-		t.Fatal("linearity of exponentation broken")
+		t.Fatal("linearity of exponentiation broken")
 	}
 }
 

abe/cpabe/tkn20/internal/tkn/tk.go

@@ -352,7 +352,7 @@ func (hdr *ciphertextHeader) marshalBinary() ([]byte, error) {
 	ret = appendLenPrefixed(ret, c1Bytes)
 
 	// Now we need to indicate how long c2, c3, c3neg are.
-	// Each array will be the same size (or nil), so with more work we can specalize
+	// Each array will be the same size (or nil), so with more work we can specialize
 	// but for now we will ignore that.
 
 	c2Len := len(hdr.c2)

abe/cpabe/tkn20/tkn20_test.go

@@ -108,7 +108,7 @@ func TestEndToEndEncryption(t *testing.T) {
 				t.Fatalf("extracted policy doesn't match original")
 			}
 			if sat != npol2.Satisfaction(attrs) {
-				t.Fatalf("round triped policy doesn't match original")
+				t.Fatalf("round tripped policy doesn't match original")
 			}
 			ctSat := attrs.CouldDecrypt(ct)
 			pt, err := sk.Decrypt(ct)

blindsign/blindrsa/brsa.go

@@ -35,8 +35,8 @@ type randomBRSAVerifier struct {
 	hash hash.Hash
 }
 
-// A determinsiticBRSAVerifier is a BRSAVerifier that supports deterministic signatures.
-type determinsiticBRSAVerifier struct {
+// A deterministicBRSAVerifier is a BRSAVerifier that supports deterministic signatures.
+type deterministicBRSAVerifier struct {
 	// Public key of the Signer
 	pk *rsa.PublicKey
 
@@ -64,20 +64,20 @@ type Verifier interface {
 	Hash() hash.Hash
 }
 
-// NewDeterministicVerifier creates a new DeterminsiticBRSAVerifier using the corresponding Signer parameters.
+// NewDeterministicVerifier creates a new DeterministicBRSAVerifier using the corresponding Signer parameters.
 // This corresponds to the RSABSSA-SHA384-PSSZERO-Deterministic variant. See the specification for more details:
 // https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-rsa-blind-signatures#name-rsabssa-variants
 func NewDeterministicVerifier(pk *rsa.PublicKey, hash crypto.Hash) Verifier {
 	h := common.ConvertHashFunction(hash)
-	return determinsiticBRSAVerifier{
+	return deterministicBRSAVerifier{
 		pk:         pk,
 		cryptoHash: hash,
 		hash:       h,
 	}
 }
 
 // Hash returns the hash function associated with the BRSAVerifier.
-func (v determinsiticBRSAVerifier) Hash() hash.Hash {
+func (v deterministicBRSAVerifier) Hash() hash.Hash {
 	return v.hash
 }
 
@@ -130,7 +130,7 @@ func fixedBlind(message, salt []byte, r, rInv *big.Int, pk *rsa.PublicKey, hash
 //
 // See the specification for more details:
 // https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-rsa-blind-signatures-02#section-5.1.1
-func (v determinsiticBRSAVerifier) Blind(random io.Reader, message []byte) ([]byte, VerifierState, error) {
+func (v deterministicBRSAVerifier) Blind(random io.Reader, message []byte) ([]byte, VerifierState, error) {
 	if random == nil {
 		return nil, VerifierState{}, common.ErrInvalidRandomness
 	}
@@ -144,7 +144,7 @@ func (v determinsiticBRSAVerifier) Blind(random io.Reader, message []byte) ([]by
 }
 
 // FixedBlind runs the Blind function with fixed blind and salt inputs.
-func (v determinsiticBRSAVerifier) FixedBlind(message, blind, salt []byte) ([]byte, VerifierState, error) {
+func (v deterministicBRSAVerifier) FixedBlind(message, blind, salt []byte) ([]byte, VerifierState, error) {
 	if blind == nil {
 		return nil, VerifierState{}, common.ErrInvalidRandomness
 	}
@@ -162,7 +162,7 @@ func (v determinsiticBRSAVerifier) FixedBlind(message, blind, salt []byte) ([]by
 }
 
 // Verify verifies the input (message, signature) pair and produces an error upon failure.
-func (v determinsiticBRSAVerifier) Verify(message, signature []byte) error {
+func (v deterministicBRSAVerifier) Verify(message, signature []byte) error {
 	return common.VerifyMessageSignature(message, signature, 0, keys.NewBigPublicKey(v.pk), v.cryptoHash)
 }
 

dh/csidh/csidh.go

@@ -66,7 +66,7 @@ func (s *fpRngGen) randFp(v *fp, rng io.Reader) {
 // cofactorMul helper implements batch cofactor multiplication as described
 // in the ia.cr/2018/383 (algo. 3). Returns tuple of two booleans, first indicates
 // if function has finished successfully. In case first return value is true,
-// second return value indicates if curve represented by coffactor 'a' is
+// second return value indicates if curve represented by cofactor 'a' is
 // supersingular.
 // Implementation uses divide-and-conquer strategy and recursion in order to
 // speed up calculation of Q_i = [(p+1)/l_i] * P.

dh/csidh/curve.go

@@ -24,7 +24,7 @@ func xAdd(PaQ, P, Q, PdQ *point) {
 }
 
 // xDbl implements point doubling on a Montgomery curve
-// E(x): x^3 + A*x^2 + x by using x-coordinate onlyh arithmetic.
+// E(x): x^3 + A*x^2 + x by using x-coordinate only arithmetic.
 //
 //	x(Q) = [2]*x(P)
 //
@@ -48,7 +48,7 @@ func xDbl(Q, P, A *point) {
 
 // xDblAdd implements combined doubling of point P
 // and addition of points P and Q on a Montgomery curve
-// E(x): x^3 + A*x^2 + x by using x-coordinate onlyh arithmetic.
+// E(x): x^3 + A*x^2 + x by using x-coordinate only arithmetic.
 //
 //	x(PaP) = x(2*P)
 //	x(PaQ) = x(P+Q)

dh/sidh/internal/templates/core.gotemp

@@ -9,7 +9,7 @@ import (
 )
 
 // -----------------------------------------------------------------------------
-// Functions for traversing isogeny trees acoording to strategy. Key type 'A' is
+// Functions for traversing isogeny trees according to strategy. Key type 'A' is
 //
 
 // Traverses isogeny tree in order to compute xR, xP, xQ and xQmP needed
@@ -252,7 +252,7 @@ func DeriveSecretA(ss, prv []byte, pub3Pt *[3]Fp2) {
 	// Traverse isogeny tree
 	traverseTreeSharedKeyA(&cparam, &xR)
 
-	// Calculate j-invariant on isogeneus curve
+	// Calculate j-invariant on isogenous curve
 	c := phi.GenerateCurve(&xR)
 	RecoverCurveCoefficients4(&cparam, &c)
 	Jinvariant(&cparam, &jInv)
@@ -290,7 +290,7 @@ func DeriveSecretB(ss, prv []byte, pub3Pt *[3]Fp2)  {
 	// Traverse isogeny tree
 	traverseTreeSharedKeyB(&cparam, &xR)
 
-	// Calculate j-invariant on isogeneus curve
+	// Calculate j-invariant on isogenous curve
 	c := phi.GenerateCurve(&xR)
 	RecoverCurveCoefficients3(&cparam, &c)
 	Jinvariant(&cparam, &jInv)

dh/sidh/internal/templates/curve.gotemp

@@ -48,7 +48,7 @@ func Jinvariant(cparams *ProjectiveCurveParameters, j *Fp2) {
 }
 
 // Given affine points x(P), x(Q) and x(Q-P) in a extension field F_{p^2}, function
-// recorvers projective coordinate A of a curve. This is Algorithm 10 from SIKE.
+// recovers projective coordinate A of a curve. This is Algorithm 10 from SIKE.
 func RecoverCoordinateA(curve *ProjectiveCurveParameters, xp, xq, xr *Fp2) {
 	var t0, t1 Fp2
 

dh/sidh/sidh_test.go

@@ -582,13 +582,13 @@ func BenchmarkSharedSecretBobP434(b *testing.B) {
 func ExamplePrivateKey() {
 	// import "github.com/cloudflare/circl/dh/sidh"
 
-	// Allice's key pair
+	// Alice's key pair
 	prvA := NewPrivateKey(Fp503, KeyVariantSidhA)
 	pubA := NewPublicKey(Fp503, KeyVariantSidhA)
 	// Bob's key pair
 	prvB := NewPrivateKey(Fp503, KeyVariantSidhB)
 	pubB := NewPublicKey(Fp503, KeyVariantSidhB)
-	// Generate keypair for Allice
+	// Generate keypair for Alice
 	err := prvA.Generate(rand.Reader)
 	if err != nil {
 		fmt.Print(err)
@@ -603,11 +603,11 @@ func ExamplePrivateKey() {
 	// Buffers storing shared secret
 	ssA := make([]byte, prvA.SharedSecretSize())
 	ssB := make([]byte, prvA.SharedSecretSize())
-	// Allice calculates shared secret with hers private
+	// Alice calculates shared secret with hers private
 	// key and Bob's public key
 	prvA.DeriveSecret(ssA[:], pubB)
 	// Bob calculates shared secret with hers private
-	// key and Allice's public key
+	// key and Alice's public key
 	prvB.DeriveSecret(ssB[:], pubA)
 	// Check if ssA == ssB
 	fmt.Printf("%t\n", bytes.Equal(ssA, ssB))

dh/sidh/sike_test.go

@@ -338,7 +338,7 @@ func testKAT(t *testing.T, v sikeVec) {
 		}
 
 		err := v.kem.Decapsulate(ssGot, prvKey, pubKey, ct)
-		CheckNoErr(t, err, "sike test: can't perform degcapsulation KAT")
+		CheckNoErr(t, err, "sike test: can't perform decapsulation KAT")
 		if !bytes.Equal(ssGot, ssExpected) {
 			t.Fatalf("KAT decapsulation failed\n")
 		}
@@ -530,13 +530,13 @@ func BenchmarkEncaps(b *testing.B) { benchSike(b, &tdataSike, benchmarkEncaps) }
 func BenchmarkDecaps(b *testing.B) { benchSike(b, &tdataSike, benchmarkDecaps) }
 
 func ExampleKEM() {
-	// Allice's key pair
+	// Alice's key pair
 	prvA := NewPrivateKey(Fp503, KeyVariantSike)
 	pubA := NewPublicKey(Fp503, KeyVariantSike)
 	// Bob's key pair
 	prvB := NewPrivateKey(Fp503, KeyVariantSike)
 	pubB := NewPublicKey(Fp503, KeyVariantSike)
-	// Generate keypair for Allice
+	// Generate keypair for Alice
 	err := prvA.Generate(rand.Reader)
 	if err != nil {
 		panic(err)
@@ -555,7 +555,7 @@ func ExampleKEM() {
 	ct := make([]byte, kem.CiphertextSize())
 	ssE := make([]byte, kem.SharedSecretSize())
 	ssD := make([]byte, kem.SharedSecretSize())
-	// Allice performs encapsulation with Bob's public key
+	// Alice performs encapsulation with Bob's public key
 	err = kem.Encapsulate(ct, ssE, pubB)
 	if err != nil {
 		panic(err)
@@ -567,12 +567,12 @@ func ExampleKEM() {
 	}
 	fmt.Printf("%t\n", bytes.Equal(ssE, ssD))
 
-	// Bob performs encapsulation with Allices's public key
+	// Bob performs encapsulation with Alice's public key
 	err = kem.Encapsulate(ct, ssE, pubA)
 	if err != nil {
 		panic(err)
 	}
-	// Allice performs decapsulation with hers key pair
+	// Alice performs decapsulation with hers key pair
 	err = kem.Decapsulate(ssD, prvA, pubA, ct)
 	if err != nil {
 		panic(err)

ecc/bls12381/ff/doc.go

@@ -19,7 +19,7 @@
 //
 // # Fp4
 //
-// Fp4 is GF(p^4)=Fp2[t]/(t^2-(u+1)). We use the repesentation  a[1]v+a[0].
+// Fp4 is GF(p^4)=Fp2[t]/(t^2-(u+1)). We use the representation  a[1]v+a[0].
 // There is no fixed external form.
 //
 // # Fp6

ecc/bls12381/g1Isog.go

@@ -28,7 +28,7 @@ func (p *isogG1Point) IsOnCurve() bool {
 }
 
 // sswu implements the Simplified Shallue-van de Woestijne-Ulas method for
-// maping a field element to a point on the isogenous curve.
+// mapping a field element to a point on the isogenous curve.
 func (p *isogG1Point) sswu(u *ff.Fp) {
 	// Method in Appendix-G.2.1 of
 	// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-11

ecc/bls12381/g2Isog.go

@@ -28,7 +28,7 @@ func (p *isogG2Point) IsOnCurve() bool {
 }
 
 // sswu implements the Simplified Shallue-van de Woestijne-Ulas method for
-// maping a field element to a point on the isogenous curve.
+// mapping a field element to a point on the isogenous curve.
 func (p *isogG2Point) sswu(u *ff.Fp2) {
 	// Method in Appendix-G.2.3 of
 	// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-11