PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2025-09-09 18:29:39 +02:00
Code Issues Releases Wiki Activity

Document KOpenPGP mitigations

Browse source
This commit is contained in:
Paul Schaub 2025-05-15 14:49:35 +02:00
parent aa4ffbaba5
commit bfd67abab7
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
1 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
pgpainless-core/src/main/kotlin/org/pgpainless/policy/Policy.kt
View file

@ -37,10 +37,10 @@ class Policy(
AlgorithmSuite.defaultAlgorithmSuite)
/**
* Decide, whether to sanitize public key parameters when unlocking OpenPGP secret keys.
* OpenPGP v4 keys are susceptible to a class of attacks, where an attacker with access
* to the locked key material (e.g. a cloud email provider) might manipulate unprotected
* public key parameters of the key, leading to potential secret key leakage.
* Decide, whether to sanitize public key parameters when unlocking OpenPGP secret keys. OpenPGP
* v4 keys are susceptible to a class of attacks, where an attacker with access to the locked
* key material (e.g. a cloud email provider) might manipulate unprotected public key parameters
* of the key, leading to potential secret key leakage.
*
* @see [Key Overwriting (KO) Attacks against OpenPGP](https://www.kopenpgp.com/)
*/