File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 4545//! ```
4646//!
4747//! ## PKCS#1 v1.5 encryption
48+ //!
49+ //! <div class="warning">
50+ //! <b>Warning:</b>
51+ //! See security notes in the <code><a href="./pkcs1v15/index.html">pkcs1v15</a></code> module.
52+ //! </div>
53+ //!
4854//! ```
4955//! use rsa::{RsaPrivateKey, RsaPublicKey, Pkcs1v15Encrypt};
5056//!
6672//!
6773//! ## PKCS#1 v1.5 signatures
6874//!
75+ //! <div class="warning">
76+ //! <b>Warning:</b>
77+ //! See security notes in the <code><a href="./pkcs1v15/index.html">pkcs1v15</a></code> module.
78+ //! </div>
79+ //!
6980//! Note: requires `sha2` feature of `rsa` crate is enabled.
7081//!
7182#![ cfg_attr( feature = "sha2" , doc = "```" ) ]
Original file line number Diff line number Diff line change 11//! PKCS#1 v1.5 support as described in [RFC8017 § 8.2].
22//!
3+ //! <div class="warning">
4+ //! <b>Warning</b>
5+ //!
6+ //! PKCS#1 v1.5 padding has a longstanding history of issues generally classed as
7+ //! [Bleichenbacher Attacks] which were originally discovered in 1998 but keep reappearing in
8+ //! various forms again and again over the course of decades, including most recently in the 2023
9+ //! [Marvin Attack], which the `rsa` crate is [still vulnerable] to.
10+ //!
11+ //! These attacks can result in complete plaintext recovery for encryption, or signature forgery,
12+ //! leading to a total failure of either confidentiality or integrity.
13+ //!
14+ //! Unless explicitly needed for compatibility reasons, we recommend against using PKCS#1 v1.5,
15+ //! and suggest using [PSS][`super::pss`] or [OAEP][`super::oaep`] instead (if there is a
16+ //! requirement to use RSA).
17+ //! </div>
18+ //!
19+ //! [Bleichenbacher Attacks]: https://en.wikipedia.org/wiki/Adaptive_chosen-ciphertext_attack#Practical_attacks
20+ //! [Marvin Attack]: https://people.redhat.com/~hkario/marvin/
21+ //! [still vulnerable]: https://github.com/RustCrypto/RSA/issues/626
22+ //!
323//! # Usage
424//!
525//! See [code example in the toplevel rustdoc](../index.html#pkcs1-v15-signatures).
You can’t perform that action at this time.
0 commit comments