Asymmetric cipher with insecure padding used in android kotlin

[vinaykumarIndia]

Describe the bug

• I have implemented com.microsoft.identity.client:msal library:5.8.2 android kotlin i got a high security issue while test our apk :-
• The app uses the RSA algorithm without Optimal Asymmetric Encryption Padding (OAEP), which weakens the encryption and,

therefore, makes it easier for the attackers to decrypt the data.

• RSA encrypts the provided data deterministically. It means that when the same message and encryption key are used as input, the algorithm produces the same output ciphertext every time:

Smartphone (please complete the following information):

• Android Version: 28+
• MSAL Version - 5.8.2

[HanishaChowdary]

@vinaykumarIndia - could you please share more data on the references to Google Tink library here in this scenario?

[shahzaibj]

@vinaykumarIndia Can you tell us more about the security issues / warnings you are getting? Which tool is generated these warnings? Is it inside Play Console? or some custom tool?