Merge pull request tlsfuzzer#254 from MartinThoma/typos

Fix typos

NEWS

@@ -1,4 +1,4 @@
-* Relase 0.17.0 (27 May 2021)
+* Release 0.17.0 (27 May 2021)
 
 New API:
 * Keys that use explicit curve parameters can now be read and written.
@@ -38,13 +38,13 @@ Bug fix:
   `PointJacobi`, `VerifyingKey`, and `SigningKey` so that it behaves
   consistently and in the expected way both in Python 2 and Python 3.
 * Implement lock-less algorithm inside PointJacobi for keeping shared state
-  so that when calculation is aborted with KeyboardInterrupt, the state doesn't
-  become corrupted (this fixes the occasional breakage of ecdsa in interactive
-  shells).
+  so that when a calculation is aborted with KeyboardInterrupt, the state
+  doesn't become corrupted (this fixes the occasional breakage of ecdsa in
+  interactive shells).
 
 New features:
 * The `speed.py` script now provides performance for signature verification
-  without use of precomputation.
+  without the use of precomputation.
 * New curves supported: secp112r1, secp112r2, secp128r1, secp160r1.
 
 Performance:
@@ -89,11 +89,11 @@ Support for reading and writing private keys in PKCS#8 format.
 
 New API:
 `to_pem` and `to_der` now accept new parameter, `format`, to specify
-the format of the encoded files, either the dafault, legacy "ssleay", or
+the format of the encoded files, either the default, legacy `ssleay`, or
 the new `pkcs8` to use PKCS#8. Note that only unencrypted PKCS#8 files are
 supported.
 Add `allow_truncate` to `verify` in `VerifyingKey`, it defaults to True,
-when specified as False, use of large hashes smaller than curves will be
+when specified as False, the use of large hashes smaller than curves will be
 disallowed (as it was in 0.14.1 and earlier).
 
 Bug fix:
@@ -108,7 +108,7 @@ as such.
 Maintenance:
 Ensure that version checks will work with Python 4.
 Format the source with black.
-Fix uses of `assert_` in test suite.
+Fix uses of `assert_` in the test suite.
 Use newer Ubuntu in Travis to test against OpenSSL 1.1.1 (and thus
 test the interoperability of ECDH code in Travis).
 
@@ -131,24 +131,24 @@ New API:
 `ecdsa.ecdh` module and `ECDH` class.
 `PointJacobi` added.
 `VerifyingKey.verify_digest`, `SigningKey.sign_digest` and
-`SigningKey.sign_digest_deterministic` methods now accept `allow_truncate`
-argument to enable use of hashes larger than the curve order.
+`SigningKey.sign_digest_deterministic` methods now accept the `allow_truncate`
+argument to enable the use of hashes larger than the curve order.
 `VerifyingKey` `from_pem` and `from_der` now accept `hashfunc` parameter
 like other `from*` methods.
-`VerifyingKey` has `precompute` method now.
+`VerifyingKey` has the `precompute` method now.
 `VerifyingKey.from_public_point` may now not perform validation of public
-point when `validate_point=False` argument is passed to method.
+point when `validate_point=False` argument is passed to the method.
 `CurveFp` constructor now accepts the `h` parameter - the cofactor of the
-elliptic curve, it's used for selection of algorithm of public point
+elliptic curve, it's used for the selection of algorithm of public point
 verification.
 
 Performance:
-`randrange` now will now perform much fewer calls to system random number
+`randrange` now will perform much fewer calls to the system random number
 generator.
 `PointJacobi` introduced and used as the underlying implementation; speeds up
 the library by a factor of about 20.
-Library has now optional dependencies on `gmpy` and `gmpy2`. When they are
-availbale, the elliptic curve calculations will be about 3 times faster.
+The library has now optional dependencies on `gmpy` and `gmpy2`. When they are
+available, the elliptic curve calculations will be about 3 times faster.
 
 Maintenance:
 expected minimum version of `six` module (1.9.0) is now specified explicitly
@@ -173,13 +173,13 @@ Make `SigningKey.sign_digest_deterministic` use default object hashfunc when
 none was provided.
 `encode_integer` now works for large integers.
 Make `encode_oid` and `remove_object` correctly handle OBJECT IDENTIFIERs
-with large second subidentifier and padding in encoded subidentifiers.
+with large second sub-identifier and padding in encoded sub-identifiers.
 
 New features:
-Deterministic signature methods now accept `extra_entropy` parameter to further
-randomise the selection of `k` (the nonce) for signature, as specified in
-RFC6979.
-Recovery of public key from signature is now supported.
+Deterministic signature methods now accept the `extra_entropy` parameter to
+further randomise the selection of `k` (the nonce) for signature, as specified
+in RFC6979.
+Recovery of the public key from signature is now supported.
 Support for SEC1/X9.62 formatted keys, all three encodings are supported:
 "uncompressed", "compressed" and "hybrid". Both string, and PEM/DER will
 automatically accept them, if the size of the key matches the curve.
@@ -204,7 +204,7 @@ added.
 `VerifyingKey`: `__repr__` is now supported
 
 Deprecations:
-Python 2.5 is not supported any more - dead code removal.
+Python 2.5 is not supported anymore - dead code removal.
 `from ecdsa.keys import *` will now import only objects defined in that module.
 Trying to decode a malformed point using `VerifyingKey.from_string`
 will rise now the `MalformedPointError` exception (that inherits from
@@ -223,10 +223,10 @@ modular_exp: will emit `DeprecationWarning`
 
 Hardening:
 Deterministic signatures now verify that the signature won't leak private
-key through very unlikely selection of `k` value (the nonce).
+key through a very unlikely selection of `k` value (the nonce).
 Nonce bit size hiding was added (hardening against Minerva attack). Please
-note that it DOES NOT make library secure against side channel attacks (timing
-attacks).
+note that it DOES NOT make the library secure against side-channel attacks
+(timing attacks).
 
 Performance:
 The public key in key generation is not verified twice now, making key
@@ -311,14 +311,15 @@ hashfunc=sha256 in each time they call sign() or verify().
 
 Fix test failure against OpenSSL-1.0.0 (previous versions only worked against
 openssl-0.9.8 or earlier). Increase python requirement to py2.5 or later
-(still no py3 compatibility, but work is underway). Replace use of obsolete
+(still no py3 compatibility, but work is underway). Replace the use of obsolete
 'sha' library with modern 'hashlib'. Clean up unit test runner (stop using
 subprocesses).
 
 * Release 0.6 (15 Oct 2010)
 
-Small packaging changes: extract version number from git, add 'setup.py test'
-command, set exit code correctly on test failure. Fix pyflakes warnings.
+Small packaging changes: extract the version number from git, add
+'setup.py test' command, set exit code correctly on test failure. Fix pyflakes
+warnings.
 
 * Release 0.5 (27 Apr 2010)
 

README.md

@@ -39,7 +39,7 @@ curves over prime fields.
 ## Dependencies
 
 This library uses only Python and the 'six' package. It is compatible with
-Python 2.6, 2.7 and 3.3+. It also supports execution on the alternative
+Python 2.6, 2.7, and 3.3+. It also supports execution on alternative
 implementations like pypy and pypy3.
 
 If `gmpy2` or `gmpy` is installed, they will be used for faster arithmetic.
@@ -78,7 +78,7 @@ pip install ecdsa[gmpy]
 The following table shows how long this library takes to generate keypairs
 (`keygen`), to sign data (`sign`), to verify those signatures (`verify`),
 to derive a shared secret (`ecdh`), and
-to verify the signatures with no key specific precomputation (`no PC verify`).
+to verify the signatures with no key-specific precomputation (`no PC verify`).
 All those values are in seconds.
 For convenience, the inverses of those values are also provided:
 how many keys per second can be generated (`keygen/s`), how many signatures
@@ -87,7 +87,7 @@ per second (`verify/s`), how many shared secrets can be derived per second
 (`ecdh/s`), and how many signatures with no key specific
 precomputation can be verified per second (`no PC verify/s`). The size of raw
 signature (generally the smallest
-way a signature can be encoded) is also provided in the `siglen` column.
+the way a signature can be encoded) is also provided in the `siglen` column.
 Use `tox -e speed` to generate this table on your own computer.
 On an Intel Core i7 4790K @ 4.0GHz I'm getting the following performance:
 
@@ -176,8 +176,8 @@ On the same machine I'm getting the following performance with `gmpy2`:
 (there's also `gmpy` version, execute it using `tox -e speedgmpy`)
 
 For comparison, a highly optimised implementation (including curve-specific
-assembly for some curves), like the one in OpenSSL 1.1.1d, provides following
-performance numbers on the same machine.
+assembly for some curves), like the one in OpenSSL 1.1.1d, provides the
+following performance numbers on the same machine.
 Run `openssl speed ecdsa` and `openssl speed ecdh` to reproduce it:
 ```
                               sign    verify    sign/s verify/s
@@ -247,7 +247,7 @@ OpenSSL. [pyca/cryptography](https://cryptography.io) is one example of such
 a wrapper. The primary use-case of this library is as a portable library for
 interoperability testing and as a teaching tool.
 
-**This library does not protect against side channel attacks.**
+**This library does not protect against side-channel attacks.**
 
 Do not allow attackers to measure how long it takes you to generate a keypair
 or sign a message. Do not allow attackers to run code on the same physical
@@ -262,7 +262,7 @@ operation with a private key will be sufficient to completely
 reconstruct the private key**.
 
 Please also note that any Pure-python cryptographic library will be vulnerable
-to the same side channel attacks. This is because Python does not provide
+to the same side-channel attacks. This is because Python does not provide
 side-channel secure primitives (with the exception of
 [`hmac.compare_digest()`][3]), making side-channel secure programming
 impossible.
@@ -363,7 +363,7 @@ vk2 = VerifyingKey.from_pem(vk_pem)
 There are a couple of different ways to compute a signature. Fundamentally,
 ECDSA takes a number that represents the data being signed, and returns a
 pair of numbers that represent the signature. The `hashfunc=` argument to
-`sk.sign()` and `vk.verify()` is used to turn an arbitrary string into
+`sk.sign()` and `vk.verify()` is used to turn an arbitrary string into a
 fixed-length digest, which is then turned into a number that ECDSA can sign,
 and both sign and verify must use the same approach. The default value is
 `hashlib.sha1`, but if you use NIST256p or a longer curve, you can use