== Why is this an issue?

Without OAEP in RSA encryption, it takes less work for an attacker to decrypt the data or infer patterns from the ciphertext. This rule logs an issue when ``++openssl_public_encrypt++`` is used with one the following padding constants: ``++OPENSSL_NO_PADDING++`` or ``++OPENSSL_PKCS1_PADDING++`` or ``++OPENSSL_SSLV23_PADDING++``.

=== Noncompliant code example

[source,php]
----
function encrypt($data, $key) {
  $crypted='';
  openssl_public_encrypt($data, $crypted, $key, OPENSSL_NO_PADDING); // Noncompliant
  return $crypted;
}
----

=== Compliant solution

[source,php]
----
function encrypt($data, $key) {
  $crypted='';
  openssl_public_encrypt($data, $crypted, $key, OPENSSL_PKCS1_OAEP_PADDING);
  return $crypted;
}
----

include::../see.adoc[]

ifdef::env-github,rspecator-view[]

'''
== Implementation Specification
(visible only on this page)

=== Message

Use an RSA algorithm with a OAEP padding: OPENSSL_PKCS1_OAEP_PADDING.


'''
== Comments And Links
(visible only on this page)

=== on 16 Jul 2018, 14:28:55 Pierre-Yves Nicolas wrote:
The code examples are not consistent with the description in the parent RSPEC: 

____
This rule logs an issue as soon as a literal value starts with RSA/NONE.
____

include::../comments-and-links.adoc[]

endif::env-github,rspecator-view[]