RSA.xs:218: OpenSSL error: sslv3 rollback attack

Question

RSA.xs:218: OpenSSL error: sslv3 rollback attack

Closed this issue 5 years ago · 1 comments

Code that has worked for years is now getting an error when decrypting a string. Is there something new that I need to do to support the latest openssl?

$rsa = Crypt::OpenSSL::RSA->new_private_key($privkeytext);
$rsa->use_sslv23_padding();
$clrText = $rsa->decrypt($encString);

The private key is id_rsa.pem format
Text encrypted using a public key in id_rsa.pub.pem format

Answer 1 · 2019-10-29T19:49:52.000Z

Changed to $rsa->use_pkcs1_padding();

And that fixed it.