[gnutls-devel] GnuTLS | Behavioral PKCS#1 v1.5 decryption oracle (Ok/Err bit) (#1901)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Tue Jun 9 12:01:18 CEST 2026
Alicja Kario (@mention me if you need reply) commented: https://gitlab.com/gnutls/gnutls/-/work_items/1901#note_3436648783
Sorry @eslerm, I remembered that we fixed it, I misremembered how we fixed it in GnuTLS.
Yes, the API in GnuTLS can be used securely, it's just hard to do. Implicit rejection would be nice for calling applications but given that RSA PKCS#1v1.5 encryption is on the way out, it may be better to remove it than to add implicit rejection.
So, I agree on triaging it as a enhancement.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/work_items/1901#note_3436648783
You're receiving this email because of your account on gitlab.com. Unsubscribe from this thread: https://gitlab.com/-/sent_notifications/5-4lvle22pkqwkvpabn8b44aydx-a84t7/unsubscribe | Manage all notifications: https://gitlab.com/-/profile/notifications | Help: https://gitlab.com/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20260609/cebf12d8/attachment.html>
More information about the Gnutls-devel
mailing list