1 files changed, 39 insertions, 34 deletions

diff --git a/src/scram.erl b/src/scram.erl
index cfb86e5b0..94b3324fd 100644
--- a/src/scram.erl
+++ b/src/scram.erl
@@ -25,58 +25,63 @@
 %%%----------------------------------------------------------------------
 
 -module(scram).
+
 -author('stephen.roettger@googlemail.com').
 
 %% External exports
--export([salted_password/3,
-	 stored_key/1,
-	 server_key/1,
-	 server_signature/2,
-	 client_signature/2,
-	 client_key/1,
-	 client_key/2
-	]).
-
 %% ejabberd doesn't implement SASLPREP, so we use the similar RESOURCEPREP instead
+-export([salted_password/3, stored_key/1, server_key/1,
+	 server_signature/2, client_signature/2, client_key/1,
+	 client_key/2]).
+
+-spec salted_password(binary(), binary(), non_neg_integer()) -> binary().
+
 salted_password(Password, Salt, IterationCount) ->
-	hi(jlib:resourceprep(Password), Salt, IterationCount).
+    hi(jlib:resourceprep(Password), Salt, IterationCount).
+
+-spec client_key(binary()) -> binary().
 
 client_key(SaltedPassword) ->
-	crypto:sha_mac(SaltedPassword, "Client Key").
+    crypto:sha_mac(SaltedPassword, <<"Client Key">>).
 
-stored_key(ClientKey) ->
-	crypto:sha(ClientKey).
+-spec stored_key(binary()) -> binary().
+
+stored_key(ClientKey) -> crypto:sha(ClientKey).
+
+-spec server_key(binary()) -> binary().
 
 server_key(SaltedPassword) ->
-	crypto:sha_mac(SaltedPassword, "Server Key").
+    crypto:sha_mac(SaltedPassword, <<"Server Key">>).
+
+-spec client_signature(binary(), binary()) -> binary().
 
 client_signature(StoredKey, AuthMessage) ->
-	crypto:sha_mac(StoredKey, AuthMessage).
+    crypto:sha_mac(StoredKey, AuthMessage).
+
+-spec client_key(binary(), binary()) -> binary().
 
 client_key(ClientProof, ClientSignature) ->
-	list_to_binary(lists:zipwith(fun(X, Y) ->
-					X bxor Y
-				  end,
-				  binary_to_list(ClientProof),
-				  binary_to_list(ClientSignature))).
+    list_to_binary(lists:zipwith(fun (X, Y) -> X bxor Y end,
+				 binary_to_list(ClientProof),
+				 binary_to_list(ClientSignature))).
+
+-spec server_signature(binary(), binary()) -> binary().
 
 server_signature(ServerKey, AuthMessage) ->
-	crypto:sha_mac(ServerKey, AuthMessage).
+    crypto:sha_mac(ServerKey, AuthMessage).
 
 hi(Password, Salt, IterationCount) ->
-	U1 = crypto:sha_mac(Password, string:concat(binary_to_list(Salt), [0,0,0,1])),
-	list_to_binary(lists:zipwith(fun(X, Y) ->
-					X bxor Y
-				  end,
-				  binary_to_list(U1),
-				  binary_to_list(hi_round(Password, U1, IterationCount-1)))).
+    U1 = crypto:sha_mac(Password, <<Salt/binary, 0, 0, 0, 1>>),
+    list_to_binary(lists:zipwith(fun (X, Y) -> X bxor Y end,
+				 binary_to_list(U1),
+				 binary_to_list(hi_round(Password, U1,
+							 IterationCount - 1)))).
 
 hi_round(Password, UPrev, 1) ->
-	crypto:sha_mac(Password, UPrev);
+    crypto:sha_mac(Password, UPrev);
 hi_round(Password, UPrev, IterationCount) ->
-	U = crypto:sha_mac(Password, UPrev),
-	list_to_binary(lists:zipwith(fun(X, Y) ->
-					X bxor Y
-				  end,
-				  binary_to_list(U),
-				  binary_to_list(hi_round(Password, U, IterationCount-1)))).
+    U = crypto:sha_mac(Password, UPrev),
+    list_to_binary(lists:zipwith(fun (X, Y) -> X bxor Y end,
+				 binary_to_list(U),
+				 binary_to_list(hi_round(Password, U,
+							 IterationCount - 1)))).