journal: add references to SSKG paper FSS is based on

diff --git a/man/journalctl.xml b/man/journalctl.xml
index 7a8d4b2dcc3ecd2d34240f1bafdce75894167df5..564634b757da04f9d77f2ff80d53271b9e49eb96 100644 (file)
--- a/man/journalctl.xml
+++ b/man/journalctl.xml
@@ -593,7 +593,10 @@
                                 sealing key is stored in the journal
                                 data directory and shall remain on the
                                 host. The verification key should be
                                 sealing key is stored in the journal
                                 data directory and shall remain on the
                                 host. The verification key should be

-                                stored externally.</para></listitem>
+                                stored externally. Also see the
+                                <option>Seal=</option> option in
+                                <citerefentry><refentrytitle>journald.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+                                for details.</para></listitem>

                         </varlistentry>
 
                         <varlistentry>
                         </varlistentry>
 
                         <varlistentry>

diff --git a/man/journald.conf.xml b/man/journald.conf.xml
index fe47fdffec70c0a0b7d41ede80644ce86cfb220b..26f47f89757f37af713077b0c2d080539df21071 100644 (file)
--- a/man/journald.conf.xml
+++ b/man/journald.conf.xml
@@ -130,9 +130,15 @@
                                 by
                                 <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s
                                 <option>--setup-keys</option>
                                 by
                                 <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s
                                 <option>--setup-keys</option>

-                                command), forward secure sealing (FSS) for
-                                all persistent journal files is
-                                enabled.</para></listitem>
+                                command), forward secure sealing (FSS)
+                                for all persistent journal files is
+                                enabled. FSS is based on <ulink
+                                url="http://eprint.iacr.org/2013/397">Seekable
+                                Sequential Key Generators</ulink> by
+                                G. A. Marson and B. Poettering and
+                                may be used to protect journal files
+                                from unnoticed
+                                alteration.</para></listitem>

                         </varlistentry>
 
                         <varlistentry>
                         </varlistentry>
 
                         <varlistentry>

diff --git a/src/journal/fsprg.c b/src/journal/fsprg.c
index 6817a629c83926dbab12af23359a92805f1f8412..dd9a24256147278dd99436fa0d7a5e80291fb6c2 100644 (file)
--- a/src/journal/fsprg.c
+++ b/src/journal/fsprg.c
@@ -19,7 +19,13 @@
  * License along with this library; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  * 02110-1301  USA
  * License along with this library; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  * 02110-1301  USA

+ */
+
+/*
+ * See "Practical Secure Logging: Seekable Sequential Key Generators"
+ * by G. A. Marson, B. Poettering for details:

  *
  *

+ * http://eprint.iacr.org/2013/397

  */
 
 #include <gcrypt.h>
  */
 
 #include <gcrypt.h>