RSA paddings

[stronny]

Please support different paddings for private_decrypt() method. Currently it requires PKCS1, but it should either be OAEP, or configurable with the key item, or it should try all known paddings until one of them works.

Usecase: I need to generate chef-vault compatible jsons from a browser; native APIs do not support RSA-PKCS1 due to security concerns that should also apply to chef-vault. Even if you handwave external compatibility away, PKCS1 padding is old and less secure.