security: add secure mode and padding scheme

src/main/java/emu/grasscutter/auth/DefaultAuthenticators.java

@@ -103,7 +103,7 @@ public final class DefaultAuthenticators {
                 KeyFactory keyFactory = KeyFactory.getInstance("RSA");
                 RSAPrivateKey private_key = (RSAPrivateKey) keyFactory.generatePrivate(keySpec);
 
-                Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
+                Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
 
                 cipher.init(Cipher.DECRYPT_MODE, private_key);
 

src/main/java/emu/grasscutter/server/packet/recv/HandlerGetPlayerTokenReq.java

@@ -113,7 +113,7 @@ public class HandlerGetPlayerTokenReq extends PacketHandler {
         if (req.getKeyId() > 0) {
             var encryptSeed = session.getEncryptSeed();
             try {
-                var cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
+                var cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
                 cipher.init(Cipher.DECRYPT_MODE, Crypto.CUR_SIGNING_KEY);
 
                 var clientSeedEncrypted = Utils.base64Decode(req.getClientRandKey());

src/main/java/emu/grasscutter/utils/Crypto.java

@@ -10,6 +10,7 @@ import java.security.spec.*;
 import java.util.*;
 import java.util.regex.Pattern;
 import javax.crypto.Cipher;
+import javax.crypto.NoSuchPaddingException;
 
 public final class Crypto {
 
@@ -100,8 +101,8 @@ public final class Crypto {
         if (key_id == null) {
             throw new Exception("Key ID was not set");
         }
+        Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
 
-        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
         cipher.init(Cipher.ENCRYPT_MODE, EncryptionKeys.get(Integer.valueOf(key_id)));
 
         // Encrypt regionInfo in chunks