diff options
author | Werner Koch <wk@gnupg.org> | 2008-09-11 10:38:04 +0000 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2008-09-11 10:38:04 +0000 |
commit | 49ead26adbb5165f11b3a34f8ffef5ea7cb365d9 (patch) | |
tree | 830c69727f0e1de4fdb8c49f4d318c9705a327b5 /doc | |
parent | ce7846ac4d2f69d910d86b5b2370a11ffa3ffb9e (diff) | |
download | libgcrypt-49ead26adbb5165f11b3a34f8ffef5ea7cb365d9.tar.gz |
Implemented more self-tests.
Diffstat (limited to 'doc')
-rw-r--r-- | doc/ChangeLog | 5 | ||||
-rw-r--r-- | doc/Makefile.am | 4 | ||||
-rw-r--r-- | doc/gcrypt.texi | 19 |
3 files changed, 22 insertions, 6 deletions
diff --git a/doc/ChangeLog b/doc/ChangeLog index 7ecfd5b3..6355766c 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,8 @@ +2008-09-11 Werner Koch <wk@g10code.com> + + * gcrypt.texi (Public-Key Subsystem Architecture): Explain RSA + blinding. + 2008-09-08 Marcus Brinkmann <marcus@g10code.com> * gcrypt.texi: Some typos fixed. diff --git a/doc/Makefile.am b/doc/Makefile.am index 7862110a..f2510643 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -63,9 +63,9 @@ online: gcrypt.html gcrypt.pdf gcrypt.info cp gcrypt.info gcrypt.html/; \ else \ rsync -v gcrypt.pdf gcrypt.info \ - $${user}@cvs.gnupg.org:webspace/manuals/ ; \ + $${user}@trithemius.gnupg.org:webspace/manuals/ ; \ fi ; \ cd gcrypt.html ; \ rsync -vr --exclude='.svn' . \ - $${user}@cvs.gnupg.org:webspace/manuals/gcrypt$${dashdevel}/ + $${user}@trithemius.gnupg.org:webspace/manuals/gcrypt$${dashdevel}/ diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index c5209b28..26a9f696 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -2273,7 +2273,7 @@ function checks that this data actually can be used with the given key, does the padding and encrypts it. If the function could successfully perform the encryption, the return -value will be 0 and a a new S-expression with the encrypted result is +value will be 0 and a new S-expression with the encrypted result is allocated and assigned to the variable at the address of @var{r_ciph}. The caller is responsible to release this value using @code{gcry_sexp_release}. In case of an error, an error code is @@ -4608,9 +4608,20 @@ level code (@file{cipher/pubkey.c}). Thus the internal interface between the algorithm modules and the high level functions passes data in a custom format. The interface to the modules is published (@file{gcrypt-modules.h}) so that it can used to register external -implementations of algorithms with Libgcrypt. However, for some algorithms this -module interface is to limited and thus for the internal modules an -extra interface is sometimes used to convey more information. +implementations of algorithms with Libgcrypt. However, for some +algorithms this module interface is to limited and thus for the +internal modules an extra interface is sometimes used to convey more +information. + +By default Libgcrypt uses a blinding technique for RSA decryption to +mitigate real world timing attacks over a network: Instead of using +the RSA decryption directly, a blinded value @math{y = x r^{e} \bmod n} +is decrypted and the unblinded value @math{x' = y' r^{-1} \bmod n} +returned. The blinding value @math{r} is a random value with the size +of the modulus @math{n} and generated with @code{GCRY_STRONG_RANDOM} +random level. + + @node Symmetric Encryption Subsystem Architecture |