1. connect2id Avatar connect2id
  2. Crypto
  3. Nimbus-JOSE-JWT
  4. Issues

JWE: add support for ciphers utilizing internally-generated IVs.

Issue #193 resolved
Dimitar A. Stoikov created an issue

Hi Vladimir,

Encryption works well when the IV is created externally and supplied to the cipher. However, there are JCA/JCE providers that discard the supplied IV in favor of internally-generated one.

With providers like the above, the produced JWEs would be undecryptable as the recorded IV would be the Nimbus-generated one and it would be different than the actual IV generated by the provider.

Please let me know if you would be interested in a pull request -- I have a fix for the AES GCM content encryption and key wrapping algorithms.

In addition, please let me know if you require a contributor license agreement.

Thank you!

Kind regards, Dimitar

Comments (4)

  3. Vladimir Dzhuvinov

    Thanks, this could be really useful. I presume especially for HSM-based JCE providers.

    No contributor agreement is required. The library is Apache 2.0 licensed.

    Vladimir

  5. Log in to comment
Assignee
Type
bug
Priority
minor
Status
resolved
Component
Crypto package
Milestone
4.0
Votes
0
Watchers
1
Jira: the preferred issue tracker for Bitbucket. Join the team!