vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2025-09-11 04:09:41 +02:00
Code Issues Projects Releases Packages Wiki Activity

Replace use of PNGs with converted SVGs (where available)

Browse source 
Signed-off-by: David Runge <dave@sleepmap.de>
This commit is contained in:
David Runge 2023-12-05 12:53:05 +01:00
parent 7e11d786c2
commit 5ae3e82c18
No known key found for this signature in database
GPG key ID: 90D4B9641E092971
7 changed files with 25 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

6
book/source/05-private.md
View file

@ -18,7 +18,7 @@ This chapter is about the remaining counterpart to the elements of certificates:
In this book, we treat the private key material as logically separate from the OpenPGP certificate. A separate subsystem typically handles operations that use private key material. It is useful to think about OpenPGP certificates on one hand, and the associated private key material, on the other, as related but separate elements[^pkcs11]:
```{figure} diag/OpenPGPCert_with_privatekeystore.svg
```{figure} diag_converted/OpenPGPCert_with_privatekeystore.svg
:name: fig-openpgp-certificate-with-private-key-store
:alt: Depicts a diagram on white background with an OpenPGP Certificate and a private key store. Gray dotted lines connect the green public key symbols of the OpenPGP Certificate with red dotted private key symbols in the private key store.
@ -33,7 +33,7 @@ However, there is one exception. The cryptographic private key material is somet
Sometimes it is useful to handle OpenPGP certificates combined with private key material in the form of [*transferable secret keys (TSK)*](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-11.html#name-transferable-secret-keys). Transferable secret keys are a serialized format that combines OpenPGP certificate data with the connected private key material, stored in a single file.
```{figure} diag/TSK.svg
```{figure} diag_converted/TSK.svg
:name: fig-transferable-secret-key
:alt: Depicts a box on white background with the title "Transferable secret key". It is identical to the figure depicting an OpenPGP certificate, with the exception, that in each component key box, below the green public key symbol, also the red dotted private key symbol is shown.
@ -65,7 +65,7 @@ When protecting private key material in OpenPGP, a symmetric key is derived from
For this purpose, the OpenPGP standard defines a family of mechanisms called [string-to-key (S2K)](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-11.html#name-string-to-key-s2k-specifier). These are used to derive (high-entropy) symmetric encryption keys from (lower-entropy) passphrases, using a [key derivation function (KDF)](https://en.wikipedia.org/wiki/Key_derivation_function).
```{figure} diag/passphrase_using_S2K.png
```{figure} diag_converted/passphrase_using_S2K.svg
:name: fig-passphrase-using-s2k
:alt: Depicts a diagram on white background with the title "Converting a passphrase into a symmetric key". On the left hand side a box with dotted yellow frame and light yellow background and the text "correct horse battery staple" is shown. It is connected by a dotted yellow line with the word "Passphrase". Right of the passphrase an arrow with green dotted frame, light green background and the text "S2K mechanism (string-to-key)", pointing to the right is shown. On the right hand side the yellow symmetric key symbol is shown.