From 828e31e12cb18dc11d694b1e22c2d3b33b56a5b9 Mon Sep 17 00:00:00 2001
From: Paul Schaub <vanitasvitae@fsfe.org>
Date: Thu, 15 May 2025 14:31:40 +0200
Subject: [PATCH] Document KOpenPGP mitigations

---
 .../src/main/kotlin/org/pgpainless/policy/Policy.kt       | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/policy/Policy.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/policy/Policy.kt
index 9b23074f..2759272a 100644
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/policy/Policy.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/policy/Policy.kt
@@ -36,6 +36,14 @@ class Policy(
             NotationRegistry(),
             AlgorithmSuite.defaultAlgorithmSuite)
 
+    /**
+     * Decide, whether to sanitize public key parameters when unlocking OpenPGP secret keys.
+     * OpenPGP v4 keys are susceptible to a class of attacks, where an attacker with access
+     * to the locked key material (e.g. a cloud email provider) might manipulate unprotected
+     * public key parameters of the key, leading to potential secret key leakage.
+     *
+     * @see [Key Overwriting (KO) Attacks against OpenPGP](https://www.kopenpgp.com/)
+     */
     var enableKeyParameterValidation = false
 
     fun copy() = Builder(this)