[Security] Using PKCS1_v1_5 is dangeorus.

[spblue4422]

Hi, while I'm reviewing your code, I noticed that you're using algorithm PKCS1_v1_5 on encryption.

awesome-python-login-model/baidu/util.py

Lines 11 to 15 in b458a09

	def encrypt_pwd(password, public_key):
	rsa_key = RSA.importKey(public_key)
	encryptor = Cipher_pkcs1_v1_5.new(rsa_key)
	cipher = b64encode(encryptor.encrypt(password.encode('utf-8')))
	return cipher.decode('utf-8')

According to RFC 8017, PKCS_v1_5 is not recommended anymore, instead PKCS1_OAEP is recommended.

Update for this would be significantly helpful to security.
We would appreciate it if you could review the code and proceed with the update if it is deemed insecure.

Thank you.

[laixiangqiang]

这是来自QQ邮箱的假期自动回复邮件。   您好，我最近正在休假中，无法亲自回复您的邮件。我将在假期结束后，尽快给您回复。