Manual review: applying CuleX's advice

diff --git a/doc/man/man3/crypto_lock_init.3monocypher b/doc/man/man3/crypto_lock_init.3monocypher
index e9fef4df676140e16071475914e33c518521e646..2dde8c6b24335c836dcf3536cc127c2bd681f9c4 100644 (file)
--- a/doc/man/man3/crypto_lock_init.3monocypher
+++ b/doc/man/man3/crypto_lock_init.3monocypher
@@ -75,13 +75,12 @@ This interface uses four steps:
 .It
 Initialisation with
 .Fn crypto_lock_init .
-This sets up a context for encryption or decryption (the same function
-is used for both).
+This sets up a context for encryption or decryption.
+The same function is used for both.
 .It
 Authentication with
 .Fn crypto_lock_auth .
 This authenticates (or verifies) additional data, if any.
-This step is optional.
 .It
 Update, with
 .Fn crypto_lock_update
@@ -111,7 +110,7 @@ It is meant as a building block.
 Used with
 .Fn crypto_lock_auth ,
 it enables various AEAD constructions.
-Most users don't need it.
+Most users do not need it.
 Prefer
 .Fn crypto_lock_update
 and
@@ -133,7 +132,7 @@ The
 function returns 0 on success or -1 if the message was corrupted.
 Corruption can happen because of transmission errors, programmer
 error, or attacker interference.
-.Em Always check the return value.
+.Em Always check the return value .
 .Sh EXAMPLES
 Encryption:
 .Bd -literal -offset indent
@@ -197,7 +196,7 @@ if (crypto_unlock_final(&ctx, mac)) {
 }
 .Ed
 .Pp
-In place Encryption (without additional data for clarity):
+In-place Encryption (without additional data for clarity):
 .Bd -literal -offset indent
 const uint8_t key   [ 32]; /* session key                 */
 const uint8_t nonce [ 32]; /* unique per session key      */

diff --git a/doc/man/man3/crypto_sign.3monocypher b/doc/man/man3/crypto_sign.3monocypher
index ba5e62c74a7e32a2bac7cba0e45dd0565edf65c1..e7562d6fa91a99a90bb4d26ce0fd0a0063083d13 100644 (file)
--- a/doc/man/man3/crypto_sign.3monocypher
+++ b/doc/man/man3/crypto_sign.3monocypher
@@ -9,11 +9,11 @@
 .Sh SYNOPSIS
 .In monocypher.h
 .Ft void
-.Ft void
 .Fo crypto_sign_public_key
 .Fa "uint8_t public_key[32]"
 .Fa "const uint8_t secret_key[32]"
 .Fc
+.Ft void
 .Fo crypto_sign
 .Fa "uint8_t signature[64]"
 .Fa "const uint8_t secret_key[32]"
@@ -44,20 +44,19 @@ the same as those used for
 .Xr crypto_key_exchange 3monocypher .
 Do not use the same private key for both purposes.
 .Pp
-The
 .Fn crypto_sign
-function signs a message with
+signs a message with
 .Fa secret_key .
 The public key is optional, and will be recomputed if not provided.
-This doubles execution time.
+This recomputation doubles the execution time.
 .Pp
-The
 .Fn crypto_check
-function checks that a given signature is genuine.
+checks that a given signature is genuine.
 Meaning, only someone who had the private key could have signed the
 message.
 .Pp
-It does
+.Fn crypto_check
+does
 .Em not
 run in constant time.
 It does not have to in most threat models, because nothing is secret:
@@ -120,7 +119,7 @@ crypto_check(signature, pk, message, 500);
 .Xr crypto_lock 3monocypher ,
 .Xr intro 3monocypher
 .Sh STANDARDS
-These functions implement EdDSA with curve25519 and Blake2b.
+These functions implement EdDSA with Curve25519 and Blake2b.
 This is the same as Ed25519, with Blake2b instead of SHA-512.
 Ed25519 is described in RFC 7748.
 .Sh SECURITY CONSIDERATIONS
@@ -130,6 +129,6 @@ This requires hardware access.
 If attackers are expected to have such access and the relevant
 equipment, use
 .Fn crypto_check
-to verify the signature.
+to verify the signature before sending it away.
 This verification reduces the speed of the whole operation by a factor
 of 3, and only provides an incomplete protection.