|
1 | 1 | Revision history for Perl extension Crypt::OpenSSL::RSA. |
2 | 2 |
|
| 3 | +0.38 Apr 23 2026 |
| 4 | + |
| 5 | + [Bug Fixes] |
| 6 | + - PR #103 GH #61: Re-enable PKCS#1 v1.5 padding for sign()/verify(). It |
| 7 | + was incorrectly disabled in 0.35; the Marvin attack only affects |
| 8 | + decryption, not signatures. |
| 9 | + - PR #168: Fix croak message to reference use_pkcs1_oaep_padding() (not |
| 10 | + use_pkcs1_padding()) when non-OAEP padding is used for encrypt/decrypt. |
| 11 | + - PR #165: Fix OAEP overhead calculation that was hardcoded for SHA-1; |
| 12 | + correct overhead is now computed per the configured hash algorithm. |
| 13 | + - PR #141: Reject non-RSA keys (EC, DSA, RSA-PSS) loaded via |
| 14 | + _load_rsa_key() on OpenSSL 3.x with a clear error instead of a |
| 15 | + confusing failure later. |
| 16 | + - PR #118: Fix private_encrypt() and public_decrypt() broken on OpenSSL |
| 17 | + 3.x with any padding except NO_PADDING; rsa_crypt() now distinguishes |
| 18 | + encrypt vs. sign paths. |
| 19 | + - PR #142: Free signature buffer on RSA_sign() failure on pre-3.x. |
| 20 | + - PR #164 GH #152: Drain OpenSSL error queue after _get_key_parameters() |
| 21 | + on OpenSSL 3.x so a failed optional-param lookup does not pollute the |
| 22 | + error queue for subsequent operations. |
| 23 | + - PR #161 GH #152: Cache is_private_key flag in rsaData struct to avoid a |
| 24 | + per-call BIGNUM heap allocation on OpenSSL 3.x. |
| 25 | + - PR #159 GH #155: Check return values of EVP_PKEY_get_bn_param() in |
| 26 | + _get_key_parameters(); a failed mandatory param (n or e) now croaks |
| 27 | + instead of silently returning undef. |
| 28 | + - PR #160 GH #156: Use THROW macro for make_rsa_obj() result in |
| 29 | + _new_key_from_parameters() to prevent resource leak on a NULL return. |
| 30 | + - PR #158 GH #154: Extract setup_pss_sign_ctx() helper to deduplicate |
| 31 | + PSS context setup in sign() and verify(); the two paths could previously |
| 32 | + diverge silently. |
| 33 | + - PR #157 GH #153: Eliminate duplicate NID-to-name table in |
| 34 | + get_message_digest(); fixes whirlpool on OpenSSL 3.x where the old |
| 35 | + low-level WHIRLPOOL() API path was being used instead of EVP_MD_fetch(). |
| 36 | + - PR #145: Fix BIO resource leak in extractBioString() error paths. |
| 37 | + - PR #143: Validate that a private key is present before attempting export |
| 38 | + in get_private_key_string(). |
| 39 | + - PR #140: NULL out BIGNUMs after freeing them in _new_key_from_parameters() |
| 40 | + to prevent a double-free when make_rsa_obj() fails after they are freed. |
| 41 | + - PR #137: Use BN_clear_free() (instead of BN_free()) for private key |
| 42 | + BIGNUMs in _get_key_parameters() to scrub sensitive material. |
| 43 | + - PR #136: Remove static buffer in get_message_digest() that caused |
| 44 | + thread-safety problems under Perl ithreads. |
| 45 | + - PR #134: Add Perl-level stub for use_sslv23_padding() on OpenSSL 3.x |
| 46 | + where the underlying RSA_SSLV23_PADDING constant was removed. |
| 47 | + - PR #133: Fix PSS MGF1 setup to inspect the correct padding fields |
| 48 | + (sign_pad/verify_pad) instead of p_rsa->padding, preventing wrong |
| 49 | + MGF1 hash on auto-promoted PSS operations. |
| 50 | + - PR #120: Check PEM_write_bio_* return values in key export functions |
| 51 | + so failures are reported rather than silently ignored. |
| 52 | + - PR #119: Migrate SHA* digest calls to EVP_Q_digest() on OpenSSL 3.x, |
| 53 | + replacing deprecated low-level SHA*() functions. |
| 54 | + - PR #109: Drain the full OpenSSL error queue in croakSsl() and report |
| 55 | + the last (most specific) error rather than the oldest one. |
| 56 | + - PR #104: Guard croakSsl() against a NULL error string from |
| 57 | + ERR_reason_error_string() to prevent a NULL-deref croak. |
| 58 | + - PR #76: Do not include whrlpool.h when whirlpool support is disabled. |
| 59 | + - Memory leak fixes across OpenSSL 3.x code paths (PR #75, PR #77, PR #78, |
| 60 | + PR #79, PR #80, PR #81, PR #83, PR #87, PR #90, PR #99, PR #101, PR #108, |
| 61 | + PR #112, PR #114, PR #127, PR #128, PR #129, PR #131): plugged leaks in |
| 62 | + generate_key(), sign(), verify(), rsa_crypt(), check_key(), |
| 63 | + get_public_key_string(), _new_key_from_parameters(), and |
| 64 | + _get_key_parameters() across success and error paths. |
| 65 | + |
| 66 | + [Improvements] |
| 67 | + - PR #169: Make Crypt::OpenSSL::Bignum a hard runtime requirement (moved |
| 68 | + from recommended to required in Makefile.PL and added hard import in |
| 69 | + RSA.pm); it was already required in practice for get_key_parameters(). |
| 70 | + - PR #126: new_public_key() now accepts DER-encoded public keys in addition |
| 71 | + to PEM; format is detected automatically via ASN.1 OID inspection. |
| 72 | + - PR #124: Add get_private_key_pkcs8_string() to export private keys in |
| 73 | + PKCS#8 PEM format. |
| 74 | + - PR #110: Add get_public_key_pkcs1_string() as an alias for |
| 75 | + get_public_key_string() for API symmetry with the X.509/PKCS#1 naming. |
| 76 | + - PR #111: Add optional check=>1 parameter to new_key_from_parameters() |
| 77 | + to validate the constructed key via check_key() before returning it. |
| 78 | + - PR #135: Add plaintext length pre-validation in rsa_crypt() with a |
| 79 | + descriptive croak before attempting the OpenSSL operation. |
| 80 | + - PR #151: Reject invalid (even-numbered) RSA exponents before passing |
| 81 | + them to OpenSSL, preventing a potential hang during key generation. |
| 82 | + |
| 83 | + [Maintenance] |
| 84 | + - PR #163: Add CONTRIBUTING.md and SECURITY.md to satisfy CPANTS |
| 85 | + experimental kwalitee metrics. |
| 86 | + - PR #144: Clean up Makefile.PL metadata: remove dead -DPERL5 and |
| 87 | + -DOPENSSL_NO_KRB5 defines; derive version dynamically from RSA.pm. |
| 88 | + - PR #130: Add test coverage for generate_key() with custom public |
| 89 | + exponents and exponent validation. |
| 90 | + - PR #121: Add test coverage for private_encrypt() and public_decrypt(). |
| 91 | + - PR #148: Add PKCS#1 v1.5 signing regression tests (PR #148). |
| 92 | + - PR #95: Add error-path and edge-case test coverage (t/error.t). |
| 93 | + - PR #115, PR #116: Add encrypt/decrypt and sign/verify edge-case tests. |
| 94 | + - PR #85, PR #86, PR #88, PR #91: Improve test assertions — replace bare |
| 95 | + ok() calls with is()/like() and add descriptive test names throughout. |
| 96 | + - PR #84: Add macOS CI job covering both system LibreSSL and Homebrew |
| 97 | + OpenSSL 3.x. |
| 98 | + - PR #123: Add Valgrind memory-leak detection CI job on Debian bookworm. |
| 99 | + - PR #73: Fix META URLs, remove duplicate .gitignore entries, fix |
| 100 | + build_requires; add Debian trixie (OpenSSL 3.4.x) to CI matrix. |
| 101 | + - PR #72: Bump actions/checkout from v4 to v6. |
| 102 | + - PR #82: Bump perl-actions/perl-versions from 1 to 2. |
| 103 | + - PR #70: Add Dependabot for automatic GitHub Actions version updates. |
| 104 | + - PR #69: Remove Debian buster from CI matrix (EOL). |
| 105 | + |
3 | 106 | 0.37 Oct 29 2025 |
4 | 107 | - Fix libressl bitwise logic error in RSA.xs |
5 | 108 |
|
|
0 commit comments