2e27b70 Use RSA-OAEP instead of RSA PKCS#1 v1.5

1 file Authored by cheimes 2 years ago , Committed by mbasti 2 years ago ,
    Use RSA-OAEP instead of RSA PKCS#1 v1.5
    
    jwcrypto's RSA1-5 (PKCS#1 v1.5) is vulnerable to padding oracle
    side-channel attacks. OAEP (PKCS#1 v2.0) is a safe, more modern
    alternative.
    
    https://fedorahosted.org/freeipa/ticket/6278
    
    Signed-off-by: Christian Heimes <cheimes@redhat.com>
    Reviewed-By: Martin Basti <mbasti@redhat.com>
    
        
file modified
+1 -1