From bfd67abab7a29253ba9a99ce8fa401845d80d8f7 Mon Sep 17 00:00:00 2001
From: Paul Schaub <vanitasvitae@fsfe.org>
Date: Thu, 15 May 2025 14:49:35 +0200
Subject: [PATCH] Document KOpenPGP mitigations

---
 .../src/main/kotlin/org/pgpainless/policy/Policy.kt       | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/policy/Policy.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/policy/Policy.kt
index 2759272a..0e343cbf 100644
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/policy/Policy.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/policy/Policy.kt
@@ -37,10 +37,10 @@ class Policy(
             AlgorithmSuite.defaultAlgorithmSuite)
 
     /**
-     * Decide, whether to sanitize public key parameters when unlocking OpenPGP secret keys.
-     * OpenPGP v4 keys are susceptible to a class of attacks, where an attacker with access
-     * to the locked key material (e.g. a cloud email provider) might manipulate unprotected
-     * public key parameters of the key, leading to potential secret key leakage.
+     * Decide, whether to sanitize public key parameters when unlocking OpenPGP secret keys. OpenPGP
+     * v4 keys are susceptible to a class of attacks, where an attacker with access to the locked
+     * key material (e.g. a cloud email provider) might manipulate unprotected public key parameters
+     * of the key, leading to potential secret key leakage.
      *
      * @see [Key Overwriting (KO) Attacks against OpenPGP](https://www.kopenpgp.com/)
      */