diff --git a/README b/README index 0ed8661..a6587a3 100644 --- a/README +++ b/README @@ -164,6 +164,11 @@ Padding Methods Version 0.38 sets the appropriate padding for each operation unless use_no_padding is called before either operation. + Note: while "pkcs1-pss" is the effective replacement for "pkcs1" your + use case may require some additional steps. JSON Web Tokens (JWT) for + instance require the algorithm to be changed from "RS256" for "pkcs1" + (SHA1256) to "PS256" for "pkcs1-pss" (SHA-256 and MGF1 with SHA-256) + use_no_padding Use raw RSA encryption. This mode should only be used to implement cryptographically sound padding modes in the application code. diff --git a/README.md b/README.md index 4b85a6c..9d90808 100644 --- a/README.md +++ b/README.md @@ -190,6 +190,11 @@ While **use\_no\_padding** can be used for encryption or signature operations Version 0.38 sets the appropriate padding for each operation unless **use\_no\_padding** is called before either operation. +**Note:** while "pkcs1-pss" is the effective replacement for "pkcs1" your +use case may require some additional steps. JSON Web Tokens (JWT) for +instance require the algorithm to be changed from "RS256" for "pkcs1" +(SHA1256) to "PS256" for "pkcs1-pss" (SHA-256 and MGF1 with SHA-256) + - use\_no\_padding Use raw RSA encryption. This mode should only be used to implement diff --git a/RSA.pm b/RSA.pm index 346d609..42a296e 100644 --- a/RSA.pm +++ b/RSA.pm @@ -255,6 +255,11 @@ B is used for encryption operations. Version 0.38 sets the appropriate padding for each operation unless B is called before either operation. +B while C is the effective replacement for your +use case may require some additional steps. JSON Web Tokens (JWT) for +instance require the algorithm to be changed from "RS256" for "pkcs1" +(SHA1256) to "PS256" for "pkcs1-pss" (SHA-256 and MGF1 with SHA-256) + =over =item use_no_padding