Fix test for sha1 digest issue and croak on use_pkcs1_padding

timlegge · timlegge · commit d35f36c03310 · 2025-10-29T17:57:26.000-03:00
diff --git a/RSA.pm b/RSA.pm
@@ -245,13 +245,9 @@ Encrypting user data directly with RSA is insecure.
 
 PKCS #1 v1.5 padding has been disabled as it is nearly impossible to use this
 padding method in a secure manner.  It is known to be vulnerable to timing
-based side channel attacks.
-L<Marvin Attack|https://github.com/tomato42/marvin-toolkit/blob/master/README.md>
-
-use_pkcs1_padding() now sets the padding method to use_pkcs1_pss_padding. 
+based side channel attacks.  use_pkcs1_padding() results in a fatal error.
 
-B<Note>: RSA-PSS cannot be used for encryption/decryption and results in a
-fatal error.  Call C<use_pkcs1_oaep_padding> for encryption operations. 
+L<Marvin Attack|https://github.com/tomato42/marvin-toolkit/blob/master/README.md>
 
 =item use_pkcs1_oaep_padding
 
@@ -267,6 +263,9 @@ should be used as a replacement for RSA-PKCS#1 v1.5.  The module specifies
 the message digest being requested and the appropriate mgf1 setting and
 salt length for the digest.
 
+B<Note>: RSA-PSS cannot be used for encryption/decryption and results in a
+fatal error.  Call C<use_pkcs1_oaep_padding> for encryption operations. 
+
 =item use_sslv23_padding
 
 Use C<PKCS #1 v1.5> padding with an SSL-specific modification that
diff --git a/RSA.xs b/RSA.xs
@@ -931,7 +931,7 @@ void
 use_pkcs1_padding(p_rsa)
     rsaData* p_rsa;
   CODE:
-    p_rsa->padding = RSA_PKCS1_PSS_PADDING;
+    croak("PKCS#1 1.5 is disabled as it is known to be vulnerable to marvin attacks.");
 
 void
 use_pkcs1_oaep_padding(p_rsa)
diff --git a/t/rsa.t b/t/rsa.t
@@ -37,6 +37,7 @@ sub _Test_Sign_And_Verify {
     my $sig = eval { $rsa->sign($plaintext) };
   SKIP: {
         skip "OpenSSL error: illegal or unsupported padding mode - $hash", 5 if $@ =~ /illegal or unsupported padding mode/i;
+        skip "OpenSSL error: invalid digest - $hash", 5 if $@ =~ /invalid digest/i;
         ok( $rsa_pub->verify( $plaintext, $sig ), "rsa_pub verify $hash");
 
         my $false_sig = unpack "H*", $sig;
@@ -121,7 +122,7 @@ _check_for_croak(
 
 $plaintext .= $plaintext x 5;
 
-my @paddings = qw/pkcs1 pkcs1_oaep pkcs1_pss/;
+my @paddings = qw/pkcs1_oaep pkcs1_pss/;
 foreach my $padding (@paddings) {
   my $p = "use_$padding\_padding";
 
