Hi, Can we change openssl_public_encrypt() and openssl_private_decrypt() from defaulting to PKCS1v1.5 padding, in favor of defaulting to OAEP?
I'll create an RFC for this later. It will just prevent a lot of issues. To wit: - https://framework.zend.com/security/advisory/ZF2015-10 - https://github.com/garyr/portunus/blob/89853c180c85c71baac7015cb77ff8ddae129942/src/Portunus/Crypt/RSA/PrivateKey.php#L20 - https://github.com/NorseBlue/Sikker/blob/c158bab1e676d751e5228cb17ecf9593c6b94e95/src/Asymmetric/Keys/PrivateKey.php#L72 If we can't stop PHP developers who aren't cryptographers from writing their own high-level RSA implementation, we can at least make it safer by default. Scott Arciszewski Chief Development Officer Paragon Initiative Enterprises <https://paragonie.com>
