Closed eserte closed 5 years ago
Another one: UNCLEANDY/GPLVote-SignDoc-Client-0.9.tgz
Also fails with Crypt::OpenSSL::RSA 0.30: ANTHONYU/Mail-DomainKeys-1.0.tar.gz
Also: KGRENNAN/Net-OAuth-0.28.tar.gz (mentioned in https://rt.cpan.org/Ticket/Display.html?id=125482 )
I highly suspect the root cause is https://github.com/toddr/Crypt-OpenSSL-RSA/commit/1149369250b667ff22df50c72a3fce4476636315
@toddr Did you mean 13df4d34e7cbc9d067f863ddb94260a26df3c9e6 ?
Yes. Guess I need to get back to this. Sorry it fell through the cracks. It's possible the previously mentioned tests are too rigid. I'd need to look at them but have not found the time to do so.
I think this is a duplicate of #14.
I suspect many other modules that use Crypt::OpenSSL::RSA didn't set the hash algorithm explicitly and so relied on the default setting (sha1). When the Crypt::OpenSSL::RSA default was changed to sha256 many tests which expected test results based on using sha1 broke.
I'm going to switch the default back to its original and provide an easier way to specify it. The new method should be encouraged not enforced.
This has been fixed in 65ff114cae2ed17abea12304d195614f5dec01dd and released to CPAN as 0.31
I already opened an issue for a new failure of Authen-NZRealMe (https://github.com/catalyst/Authen-NZRealMe/issues/5) and now stumbled over the next failure: RIZEN/AWS-SNS-Verify-0.0102.tar.gz fails, according to statistical analysis also because of Crypt::OpenSSL::RSA 0.30.