diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2022-05-03 12:42:58 +0200 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2022-05-03 12:42:58 +0200 |
commit | 9e5539536f436df31b8f8f452150fba06f3c96a7 (patch) | |
tree | ee7a8e7eb1ae3a8c3cd09609b893c37be32dfc80 /openpgp/src/parse.rs | |
parent | 4a42790cd784bffb74d3e798a62c71b4cf920be5 (diff) |
openpgp: Make the stern warning sterner, add reference.
Diffstat (limited to 'openpgp/src/parse.rs')
-rw-r--r-- | openpgp/src/parse.rs | 22 |
1 files changed, 18 insertions, 4 deletions
diff --git a/openpgp/src/parse.rs b/openpgp/src/parse.rs index d84ebba4..6729c206 100644 --- a/openpgp/src/parse.rs +++ b/openpgp/src/parse.rs @@ -5229,12 +5229,26 @@ impl<'a> PacketParser<'a> { /// /// This functions returns rich errors in case the decryption /// fails. In combination with certain asymmetric algorithms - /// (RSA), this may lead to compromise of secret key material. - /// See [Section 14 of RFC 4880]. Do not relay these errors in - /// situations where an attacker can request decryption of - /// messages in an automated fashion. + /// (RSA), this may lead to compromise of secret key material or + /// (partial) recovery of the message's plain text. See [Section + /// 14 of RFC 4880]. /// /// [Section 14 of RFC 4880]: https://tools.ietf.org/html/rfc4880#section-14 + /// + /// DO NOT relay these errors in situations where an attacker can + /// request decryption of messages in an automated fashion. The + /// API of the streaming [`Decryptor`] prevents leaking rich + /// decryption errors. + /// + /// [`Decryptor`]: stream::Decryptor + /// + /// Nevertheless, decrypting messages that do not use an + /// authenticated encryption mode in an automated fashion that + /// relays or leaks information to a third party is NEVER SAFE due + /// to unavoidable format oracles, see [Format Oracles on + /// OpenPGP]. + /// + /// [Format Oracles on OpenPGP]: https://www.ssi.gouv.fr/uploads/2015/05/format-Oracles-on-OpenPGP.pdf pub fn decrypt(&mut self, algo: SymmetricAlgorithm, key: &SessionKey) -> Result<()> { |