PKCS#1 1.5 is disabled as it is known to be vulnerable to marvin attacks

[frubat]

Hello,

When trying to use le.pl on my Debian machine - it gives me this error:
PKCS#1 1.5 is disabled as it is known to be vulnerable to marvin attacks. at /usr/local/share/perl/5.32.1/Crypt/LE.pm line 674.

It was forking fine for few years, but now it stopped working completely. I'm unable t orenew the certs or create a new ones..

le.pl -key account.key -csr /var/www/cert/somedomain.csr -csr-key /var/www/cert/somedomain.key -crt /var/www/cert/somedomain.crt -domains some.domain.pl -path /var/www/dummy/.well-known/acme-challenge -generate-missing -live -renew 10 -unlink 2025/05/09 14:09:59 [ Crypt::LE client v0.40 started. ] 2025/05/09 14:09:59 Generating a new account key PKCS#1 1.5 is disabled as it is known to be vulnerable to marvin attacks. at /usr/local/share/perl/5.32.1/Crypt/LE.pm line 674.

Is there any solution available? I've tried to google how to enable support PKCS1 v1.5 in OpenSSL, but it seems that it's undocumented.

[guest20]

I⁎ can't really read XS, but the error message comes from this software:
https://github.com/cpan-authors/Crypt-OpenSSL-RSA/blob/0792f93952a7d093a98bf13a6d910d499563ff77/RSA.xs#L924C1-L929C1

One can see from the git-blame button on that page, or from the change log that this change is 3 days old:

https://metacpan.org/dist/Crypt-OpenSSL-RSA/changes

... so you can likely get away with pinning Crypt::OpenSSL::RSA to the previous version for now‡. I'd do that with a cpanfile with exact version specs, but you might do by blocking the corresponding version of the debian package (since this version might upset other perl programs on your system too)

I think there's also a debian crypto-policies tool that might have a say in which dist is installed, but I'm less sure about that.

__
⁎. just some rando with a github account, not the project maintainer
‡. check with your security team, not medical, technical nor legal advice, void where prohibited, check local guides.

[Refizul]

I think the fix is relatively easy.
In line 654 of LE.pm change $key->use_pkcs1_padding; to $key->use_pkcs1_oaep_padding;

Hope that helps. For me it did the trick.

[frubat]

Thank you for your replies. I've downgraded the Crypt::OpenSSL::RSA module to version 0.34 for now and it started to work again. Will wait for an updated version of Crypt::LE module to update RSA back to 0.35 :)

[Alexander-ARTV]

I think the fix is relatively easy. In line 654 of LE.pm change $key->use_pkcs1_padding; to $key->use_pkcs1_oaep_padding;

Hope that helps. For me it did the trick.

use_pkcs1_oaep_padding is the current default for Crypt::OpenSSL::RSA. Because of this, commenting out that line works also. Would it be a better idea to solve it this way and let OpenSSL choose, rather than explicitly specifying the padding? Maybe another future headache can be avoided this way.