Fix #12 Allow pickling of keys.

Pickling is now possible, with the added note that one should never unpickle from an untrusted or unauthenticated source.
author: Sybren A. Stüvel <sybren@stuvel.eu> 2016-01-22 15:41:40 +0100
committer: Sybren A. Stüvel <sybren@stuvel.eu> 2016-01-22 15:41:40 +0100
commit: 4bc9733b78cd115a742b9486ab11ccbdcb9ca001 (patch)
tree: 53df23ee4826dcfa00cc835cd437df6b8acb4d2f /doc
parent: f1c55540438fb88dbbc30c9c3bf7c4d82f5d59a2 (diff)
download: rsa-git-4bc9733b78cd115a742b9486ab11ccbdcb9ca001.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/doc/reference.rst b/doc/reference.rst
index d80416a..ce9c1b9 100644
--- a/doc/reference.rst
+++ b/doc/reference.rst
@@ -21,6 +21,14 @@ Functions
 Classes
 --------------------------------------------------
 
+.. note::
+
+    Storing public and private keys via the `pickle` module is possible.
+    However, it is insecure to load a key from an untrusted source.
+    The pickle module is not secure against erroneous or maliciously
+    constructed data. Never unpickle data received from an untrusted
+    or unauthenticated source.
+
 .. autoclass:: rsa.PublicKey
     :members:
     :inherited-members:
author	Sybren A. Stüvel <sybren@stuvel.eu>	2016-01-22 15:41:40 +0100
committer	Sybren A. Stüvel <sybren@stuvel.eu>	2016-01-22 15:41:40 +0100
commit	4bc9733b78cd115a742b9486ab11ccbdcb9ca001 (patch)
tree	53df23ee4826dcfa00cc835cd437df6b8acb4d2f /doc
parent	f1c55540438fb88dbbc30c9c3bf7c4d82f5d59a2 (diff)
download	rsa-git-4bc9733b78cd115a742b9486ab11ccbdcb9ca001.tar.gz