diff options
Diffstat (limited to 'lib')
-rw-r--r-- | lib/keyringer/functions | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/lib/keyringer/functions b/lib/keyringer/functions index dc1ce0f..9fea828 100644 --- a/lib/keyringer/functions +++ b/lib/keyringer/functions @@ -368,15 +368,19 @@ function keyringer_check_recipients { echo "Fatal: please set the full GPG signature hash for key ID $recipient:" cat <<-EOF -Recipients file can't have 32-bit keyids (e.g. DEADBEEF or DECAF123). These -are trivial to spoof. With a few gigs of disk space and a day of time on -cheap, readily-available hardware, it's possible to build keys to match every -possible 32-bit keyid. The search space just isn't big enough. - -If you're going to specify keys by keyid, they should be specified by full -160-bit OpenPGP fingerprint. It would be very bad if someone spoofed a keyID -and caused another participant in a keyringer instance to reencrypt a secret -store to the spoofed key in addition to your own. +Please provide a full OpenPGP fingerprint, for example: + + john@doe.com ABCD1234ABCD12345678ABCD1234ABCD12345678 + +Short key ids (for example, DEADBEEF or DECAF123) are not allowed in +recipient files because they are easy to spoof. Researchers have proven +that it is possible to build fake keys to match any possible short key +id by using a few gigabytes of disk space, and a day of computation on +common hardware. + +Otherwise, the encryption can be broken, if someone spoofs a short key +id, and causes a participant in a keyringer repository to encrypt +secrets to a fake key. EOF exit 1 else |