PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-06-25 21:14:49 +02:00
Code Issues Releases Wiki Activity

Add cure53 audit report

Browse source
This commit is contained in:
Paul Schaub 2021-12-20 14:36:49 +01:00
parent a006cb5ec5
commit 3c802183f0
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
2 changed files with 8 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

BIN
assets/Audit-PGPainless.pdf Normal file
View file

Binary file not shown.

8
index.md
View file

@ -80,6 +80,14 @@ This allows PGPainless to be used as a command line application for encryption/d
More importantly though, this allows to plug PGPainless into the [Sequoia OpenPGP Interoperability Test Suite](https://tests.sequoia-pgp.org/). More importantly though, this allows to plug PGPainless into the [Sequoia OpenPGP Interoperability Test Suite](https://tests.sequoia-pgp.org/).
This extensive test suite demonstrates how closely PGPainless is following the standard, especially when it comes to signature verification. This extensive test suite demonstrates how closely PGPainless is following the standard, especially when it comes to signature verification.
## Security Audits
In late 2021, PGPainless was subject to an extensive security audit by the the pentesting
team of [Cure53](https://cure53.de). The audit was generously sponsored and arranged by [FlowCrypt.com](https://flowcrypt.com)!
Results of the audit [are publicly available here](assets/Audit-PGPainless.pdf).
Wherever possible, findings of the audit have been fixed in a timely manner.
## Forever Free Software ## Forever Free Software
PGPainless is licensed under the Apache License 2.0 and this will never change. PGPainless is licensed under the Apache License 2.0 and this will never change.