From aa9e546638fb461da0f0149d2a5d31cbf0829ef0 Mon Sep 17 00:00:00 2001
From: Sun Yimin <emmansun@users.noreply.github.com>
Date: Thu, 16 Jun 2022 16:40:00 +0800
Subject: [PATCH] SM9: update readme and supplement comment

---
 sm9/README.md |  8 +++++++-
 sm9/sm9.go    | 28 +++++++++++++++-------------
 2 files changed, 22 insertions(+), 14 deletions(-)

diff --git a/sm9/README.md b/sm9/README.md
index f19a4ed..6a80047 100644
--- a/sm9/README.md
+++ b/sm9/README.md
@@ -1,5 +1,11 @@
-SM9 current performance:
+## SM9 current supported functions:
+1.Keys generation  
+2.Sign/Verify    
+3.Key Exchange  
+4.Wrap/Unwrap Key  
+5.Encryption/Decryption (XOR mode)
 
+## SM9 current performance:
 
 **SM9 Sign Benchmark**
 
diff --git a/sm9/sm9.go b/sm9/sm9.go
index 2e1fdd4..cd4ed46 100644
--- a/sm9/sm9.go
+++ b/sm9/sm9.go
@@ -497,19 +497,21 @@ func (priv *EncryptPrivateKey) Decrypt(uid, ciphertext []byte) ([]byte, error) {
 }
 
 // KeyExchange key exchange struct, include internal stat in whole key exchange flow.
+// Initiator's flow will be: NewKeyExchange -> InitKeyExchange -> transmission -> ConfirmResponder
+// Responder's flow will be: NewKeyExchange -> waiting ... -> RepondKeyExchange -> transmission -> ConfirmInitiator
 type KeyExchange struct {
-	genSignature bool
-	keyLength    int
-	privateKey   *EncryptPrivateKey
-	uid          []byte
-	peerUID      []byte
-	r            *big.Int
-	secret       *bn256.G1
-	peerSecret   *bn256.G1
-	g1           *bn256.GT
-	g2           *bn256.GT
-	g3           *bn256.GT
-	key          []byte
+	genSignature bool               // control the optional sign/verify step triggered by responsder
+	keyLength    int                // key length
+	privateKey   *EncryptPrivateKey // owner's encryption private key
+	uid          []byte             // owner uid
+	peerUID      []byte             // peer uid
+	r            *big.Int           // random which will be used to compute secret
+	secret       *bn256.G1          // generated secret which will be passed to peer
+	peerSecret   *bn256.G1          // received peer's secret
+	g1           *bn256.GT          // internal state which will be used when compute the key and signature
+	g2           *bn256.GT          // internal state which will be used when compute the key and signature
+	g3           *bn256.GT          // internal state which will be used when compute the key and signature
+	key          []byte             // key will be used after key agreement
 }
 
 // NewKeyExchange create one new KeyExchange object
@@ -523,7 +525,7 @@ func NewKeyExchange(priv *EncryptPrivateKey, uid, peerUID []byte, keyLen int, ge
 	return ke
 }
 
-// GetKey return key after key alignment
+// GetKey return key after key agreement
 func (ke *KeyExchange) GetKey() []byte {
 	return ke.key
 }