Coming in cold here but that error seems incorrect. This isn’t a feature that was removed in Node, it’s an issue with some OpenSSL installation. From the Node docs:
Using crypto.constants.RSA_PKCS1_PADDING in crypto.privateDecrypt() requires OpenSSL to support implicit rejection (rsa_pkcs1_implicit_rejection).
Testing locally, this works for me: An example of RSA Encryption implemented in Node.js · GitHub even when I switch to using crypto.constants.RSA_PKCS1_PADDING for the padding for both encryption and decryption. I am on OpenSSL 3.4.0 and Node 23.6.1.
The tricky thing with using a site setting is that clients won’t know which padding the specific instance is supporting. That makes compatibility across instances/services harder to understand.
I think we should clarify the existing implementation, i.e. explicitly note that we are using RSA_PKCS1_PADDING and then think about an upgrade. Maybe we need to introduce versioning to this endpoint, so that clients can neatly use the right padding before/after said version.