1berry/ruby
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[ruby/openssl] Call out insecure PKCS #1 v1.5 default padding for RSA

Browse Source 
https://github.com/ruby/openssl/commit/fd5eaa6dfc
This commit is contained in:
Bart de Water 2022-10-08 07:53:57 -04:00 committed by Kazuki Yamaguchi
parent aecc470a33
commit 6166fa612c
1 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
ext/openssl/lib/openssl/pkey.rb
View File

@ -363,7 +363,8 @@ module OpenSSL::PKey
# rsa.private_encrypt(string, padding) -> String # rsa.private_encrypt(string, padding) -> String
# #
# Encrypt +string+ with the private key. +padding+ defaults to # Encrypt +string+ with the private key. +padding+ defaults to
# PKCS1_PADDING. The encrypted string output can be decrypted using # PKCS1_PADDING, which is known to be insecure but is kept for backwards
# compatibility. The encrypted string output can be decrypted using
# #public_decrypt. # #public_decrypt.
# #
# <b>Deprecated in version 3.0</b>. # <b>Deprecated in version 3.0</b>.
@ -386,7 +387,8 @@ module OpenSSL::PKey
# rsa.public_decrypt(string, padding) -> String # rsa.public_decrypt(string, padding) -> String
# #
# Decrypt +string+, which has been encrypted with the private key, with the # Decrypt +string+, which has been encrypted with the private key, with the
# public key. +padding+ defaults to PKCS1_PADDING. # public key. +padding+ defaults to PKCS1_PADDING which is known to be
# insecure but is kept for backwards compatibility.
# #
# <b>Deprecated in version 3.0</b>. # <b>Deprecated in version 3.0</b>.
# Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw, and # Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw, and
@ -407,7 +409,8 @@ module OpenSSL::PKey
# rsa.public_encrypt(string, padding) -> String # rsa.public_encrypt(string, padding) -> String
# #
# Encrypt +string+ with the public key. +padding+ defaults to # Encrypt +string+ with the public key. +padding+ defaults to
# PKCS1_PADDING. The encrypted string output can be decrypted using # PKCS1_PADDING, which is known to be insecure but is kept for backwards
# compatibility. The encrypted string output can be decrypted using
# #private_decrypt. # #private_decrypt.
# #
# <b>Deprecated in version 3.0</b>. # <b>Deprecated in version 3.0</b>.
@ -428,7 +431,8 @@ module OpenSSL::PKey
# rsa.private_decrypt(string, padding) -> String # rsa.private_decrypt(string, padding) -> String
# #
# Decrypt +string+, which has been encrypted with the public key, with the # Decrypt +string+, which has been encrypted with the public key, with the
# private key. +padding+ defaults to PKCS1_PADDING. # private key. +padding+ defaults to PKCS1_PADDING, which is known to be
# insecure but is kept for backwards compatibility.
# #
# <b>Deprecated in version 3.0</b>. # <b>Deprecated in version 3.0</b>.
# Consider using PKey::PKey#encrypt and PKey::PKey#decrypt instead. # Consider using PKey::PKey#encrypt and PKey::PKey#decrypt instead.