mirror of
https://github.com/openbsd/ports.git
synced 2026-06-17 23:13:55 +02:00
tb
d057b7c2e1
Attacks on the Marvin attack were too aggressive and 0.35 disabled the widely used PKCS#1 v1.5 padding outright, when only decryption is problematic due to the padding oracle. Signing is fine and required for many things, among other things TLS and DNSSEC. Version 0.35 disabled PKCS#1 v1.5 padding entirely to mitigate the Marvin attack. However, the Marvin attack only affects PKCS#1 v1.5 decryption (padding oracle), not signatures. Version 0.38 re-enables use_pkcs1_padding() for use with sign() and verify(), while keeping it disabled for encrypt() and decrypt(). PKCS1_OAEP should be used for encryption and either PKCS1_PSS or PKCS1 can be used for signing. https://metacpan.org/pod/Crypt::OpenSSL::RSA