aboutsummaryrefslogtreecommitdiff
path: root/doc/index.md
diff options
context:
space:
mode:
Diffstat (limited to 'doc/index.md')
-rw-r--r--doc/index.md10
1 files changed, 5 insertions, 5 deletions
diff --git a/doc/index.md b/doc/index.md
index c664ba1..0d570e6 100644
--- a/doc/index.md
+++ b/doc/index.md
@@ -1,7 +1,7 @@
# Project Wycheproof
This page describes the goals and strategies of project Wycheproof. See
-[README](../README.md) for introduction to the project.
+[README](../README.md) for an introduction to the project.
## Defense in depth
@@ -33,7 +33,7 @@ rather than exploitability. Examples:
One of the goals of Wycheproof is to test for compatibility issues.
Switching JCE providers should not introduce vulnerabilities simply because
-the solution was developed with another provider.
+the solution was developed by another provider.
An example for this was the following observation: When using AES-GCM then
javax.crypto.CipherInputStream worked sort of with JCE and
@@ -49,10 +49,10 @@ cryptographic libraries based on the bugs found would be biased:
* Libraries used internally in Google get more attention.
Serious vulnerabilities in these libraries should be fixed at the time the
tests are added to Wycheproof. On the other hand it is also likely that
- tests find a larger number of bugs in thsese libraries when old versions are
+ tests find a larger number of bugs in these libraries when old versions are
tested.
* Tests often check for expected behaviour and compatibility.
- Excpected behaviour is often defined by a prominent library.
+ Expected behaviour is often defined by a prominent library.
Pointing out such problems can therefore penalize smaller third party
libraries.
* We are working toward covering as many potential vulnerabilities as possible
@@ -71,7 +71,7 @@ We should promote robust interfaces with the goal to simplify
the use of the library, codereviews of applications using the
library and testing the library.
-* When cryptrographic primitives require randomness then the random
+* When cryptographic primitives require randomness then the random
numbers should be chosen by the library. It shouldn't be possible
for a user to provide randomness. If the library itself chooses the
randomness then it is possible (at least to some degree) to check
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-30 23:24:02 +0000