-
Notifications
You must be signed in to change notification settings - Fork 232
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use correct iv size (#281) #300
Conversation
Use a 12 byte IV for GCM based algorithms and 16 byte IV for CBC based ones. This makes a JWE compatible with other libraries based on OpenSSL which can only use a 12 byte IV for GCM.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Very nice
Please fix it, this problem is very annoying |
Confirming this issue is preventing validation of generated JWEs for non-CBC algorithms. |
Folks - is there a concern for resolving this issue? I've opened the following issue for However, the primary maintainer of that package (who also opened this issue) has identified that There are only two block cipher modes supported in As such, this change should be safe to merge. Can we please illustrate our concerns/problems so that this can be fixed promptly? (This replicates my comment from #281 here) |
@panva @mikhaililin21027 Any advice on how we can fix these linting issues that are blocking a merge? |
I'm not a maintainer here. |
I've created another PR with an equivalent change: #355 |
I have merged changes from the other PR. As such, I am closing this PR in favor of #355. |
Use a 12 byte IV for GCM based algorithms and 16 byte IV for CBC based ones. This makes a JWE compatible with other libraries based on OpenSSL which can only use a 12 byte IV for GCM.