From 3c05ccc6b998acfbc6d57285a979bf60db8e208c Mon Sep 17 00:00:00 2001
From: ajmetz <github@unitedgames.co.uk>
Date: Tue, 30 Sep 2025 17:50:28 +0100
Subject: [PATCH] Fixes Git Issue 102 via commenting out line in
 lib/Crypt/LE.pm

[ 30/SEP/2025 AJMETZ ] - commented out line 674 ( $key->use_pkcs1_padding; ) following advice expressed
in discussion of Git Issue 102 [ https://github.com/do-know/Crypt-LE/issues/102 ]
and feedback on an earlier pull request [ https://github.com/do-know/Crypt-LE/pull/103#pullrequestreview-3220666378 ].
This will effectively delegate to Crypt::OpenSSL::RSA to set a default padding,
and avoid the likes of errors such as: "PKCS#1 1.5 is disabled as it is known to be vulnerable to marvin attacks."
---
 lib/Crypt/LE.pm | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/lib/Crypt/LE.pm b/lib/Crypt/LE.pm
index b395360..cc4ba8d 100644
--- a/lib/Crypt/LE.pm
+++ b/lib/Crypt/LE.pm
@@ -671,7 +671,11 @@ sub _set_key {
     my $pem = $key->get_private_key_string;
     my ($n, $e) = $key->get_key_parameters;
     return $self->_status(INVALID_DATA, "Key modulus is divisible by a small prime and will be rejected.") if $self->_is_divisible($n);
-    $key->use_pkcs1_padding;
+    #$key->use_pkcs1_padding; # [ 30/SEP/2025 AJMETZ ] - commented out following advice expressed 
+                              # in discussion of Git Issue 102 [ https://github.com/do-know/Crypt-LE/issues/102 ] 
+                              # and feedback on an earlier pull request [ https://github.com/do-know/Crypt-LE/pull/103#pullrequestreview-3220666378 ].
+                              # This will effectively delegate to Crypt::OpenSSL::RSA to set a default padding,
+                              # and avoid the likes of errors such as: "PKCS#1 1.5 is disabled as it is known to be vulnerable to marvin attacks."
     $key->use_sha256_hash;
     $self->{key_params} = { n => $n, e => $e };
     $self->{key} = $key;