- changed title to JWE: add support for ciphers utilizing internally-generated IVs.
JWE: add support for ciphers utilizing internally-generated IVs.
Hi Vladimir,
Encryption works well when the IV is created externally and supplied to the cipher. However, there are JCA/JCE providers that discard the supplied IV in favor of internally-generated one.
With providers like the above, the produced JWEs would be undecryptable as the recorded IV would be the Nimbus-generated one and it would be different than the actual IV generated by the provider.
Please let me know if you would be interested in a pull request -- I have a fix for the AES GCM content encryption and key wrapping algorithms.
In addition, please let me know if you require a contributor license agreement.
Thank you!
Kind regards, Dimitar
Comments (4)
-
reporter -
reporter - edited description
-
Thanks, this could be really useful. I presume especially for HSM-based JCE providers.
No contributor agreement is required. The library is Apache 2.0 licensed.
Vladimir
-
- changed status to resolved
- Log in to comment