From 4e60eceb9ef96db5dd70c381149bab30c5f26907 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Thu, 2 Aug 2012 10:48:17 +0000
Subject: [PATCH] Change encryption to use the rsa-oaep-mgf1p key padding.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3137 44740490-163a-0410-bde0-09ae8108e29a
---
 modules/saml/lib/IdP/SAML2.php | 2 +-
 modules/saml/lib/Message.php   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/saml/lib/IdP/SAML2.php b/modules/saml/lib/IdP/SAML2.php
index 507570ef5..d093da4e0 100644
--- a/modules/saml/lib/IdP/SAML2.php
+++ b/modules/saml/lib/IdP/SAML2.php
@@ -920,7 +920,7 @@ class sspmod_saml_IdP_SAML2 {
 			}
 
 			/* Extract the public key from the certificate for encryption. */
-			$key = new XMLSecurityKey(XMLSecurityKey::RSA_1_5, array('type'=>'public'));
+			$key = new XMLSecurityKey(XMLSecurityKey::RSA_OAEP_MGF1P, array('type'=>'public'));
 			$key->loadKey($pemKey);
 		}
 
diff --git a/modules/saml/lib/Message.php b/modules/saml/lib/Message.php
index 105c54cd3..c5ad1b5b1 100644
--- a/modules/saml/lib/Message.php
+++ b/modules/saml/lib/Message.php
@@ -738,7 +738,7 @@ class sspmod_saml_Message {
 				$pemKey = "-----BEGIN CERTIFICATE-----\n" .
 					chunk_split($key['X509Certificate'], 64) .
 					"-----END CERTIFICATE-----\n";
-				$key = new XMLSecurityKey(XMLSecurityKey::RSA_1_5, array('type'=>'public'));
+				$key = new XMLSecurityKey(XMLSecurityKey::RSA_OAEP_MGF1P, array('type'=>'public'));
 				$key->loadKey($pemKey);
 				return $key;
 			}
-- 
GitLab