From 69b5c1a9bc2ec7f68e9770452f8ca26b2e2e90e3 Mon Sep 17 00:00:00 2001
From: c0de <c0de@c0de.dev>
Date: Fri, 6 Oct 2023 20:01:36 -0500
Subject: [PATCH] Add a warning about ROCA

---
 src/dev/c0de/smartpgp/PGPKey.java | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/dev/c0de/smartpgp/PGPKey.java b/src/dev/c0de/smartpgp/PGPKey.java
index fb04863..60be583 100644
--- a/src/dev/c0de/smartpgp/PGPKey.java
+++ b/src/dev/c0de/smartpgp/PGPKey.java
@@ -179,6 +179,14 @@ public final class PGPKey {
         return Util.getShort(attributes, (short)3);
     }
 
+    /*
+     * !!! WARNING !!! - Read this if your JavaCard is Infineon SLE78 
+     * The API called by this function is flawed and vulnerable to ROCA.
+     * Malicious actors are able to determine the private key using ONLY the public key.
+     * 
+     * It's HIGHLY recommended that you do NOT use this API; Instead, you
+     * should generate your private key off-device, then import it later
+     */
     private final KeyPair generateRSA() {
         final PrivateKey priv = (PrivateKey)KeyBuilder.buildKey(KeyBuilder.TYPE_RSA_CRT_PRIVATE, rsaModulusBitSize(), false);
         final RSAPublicKey pub = (RSAPublicKey)KeyBuilder.buildKey(KeyBuilder.TYPE_RSA_PUBLIC, rsaModulusBitSize(), false);