cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Move TODOs into issue

Browse Source
This commit is contained in:
Dominik Schürmann
2015-08-10 10:26:58 +02:00
parent 3d8eda6e3e
commit 8719938306
1 changed files with 0 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSecurityConstants.java
View File

@@ -38,19 +38,6 @@ import java.util.HashSet;
*/ */
public class PgpSecurityConstants { public class PgpSecurityConstants {
/*
* TODO:
* 1. Check binding signatures for requirements on import! throw out binding signatures with insecure
* signatures (bit length, hash algo)
*
* - put checks for curve OIDs and algorithm tags into import instead of PgpDecryptVerify?
* - check signingRing in PgpDecryptVerify?
* - ECC checks https://tools.ietf.org/html/rfc6637#section-13
* - check encryption algo used for encrypting secret keys?
* - check S2K security?
* - check for min rsa/dsa/elgamal/ecc requirements in key creation backend
*/
/** /**
* Whitelist of accepted symmetric encryption algorithms * Whitelist of accepted symmetric encryption algorithms
* all other algorithms are rejected with OpenPgpDecryptionResult.RESULT_INSECURE * all other algorithms are rejected with OpenPgpDecryptionResult.RESULT_INSECURE