diff --git a/modules/saml/lib/IdP/SAML2.php b/modules/saml/lib/IdP/SAML2.php
index 507570ef54e850473efc4a7a41d8887d7efa881d..d093da4e09a50a40bcdc6ce374b36320d85a569b 100644
--- a/modules/saml/lib/IdP/SAML2.php
+++ b/modules/saml/lib/IdP/SAML2.php
@@ -920,7 +920,7 @@ class sspmod_saml_IdP_SAML2 {
 			}
 
 			/* Extract the public key from the certificate for encryption. */
-			$key = new XMLSecurityKey(XMLSecurityKey::RSA_1_5, array('type'=>'public'));
+			$key = new XMLSecurityKey(XMLSecurityKey::RSA_OAEP_MGF1P, array('type'=>'public'));
 			$key->loadKey($pemKey);
 		}
 
diff --git a/modules/saml/lib/Message.php b/modules/saml/lib/Message.php
index 105c54cd3efb04d7a457e0ad641c99117b5bb191..c5ad1b5b1991eb6c678ff9c7f7365a66a8fc8ae2 100644
--- a/modules/saml/lib/Message.php
+++ b/modules/saml/lib/Message.php
@@ -738,7 +738,7 @@ class sspmod_saml_Message {
 				$pemKey = "-----BEGIN CERTIFICATE-----\n" .
 					chunk_split($key['X509Certificate'], 64) .
 					"-----END CERTIFICATE-----\n";
-				$key = new XMLSecurityKey(XMLSecurityKey::RSA_1_5, array('type'=>'public'));
+				$key = new XMLSecurityKey(XMLSecurityKey::RSA_OAEP_MGF1P, array('type'=>'public'));
 				$key->loadKey($pemKey);
 				return $key;
 			}