- changed component to Crypto package
-
assigned issue to
Mitigate MMA attacks on JWE RSA1_5 alg
Issue #23
resolved
See JOSE WG message
http://www.ietf.org/mail-archive/web/jose/current/msg01832.html
Comments (5)
-
reporter -
reporter - changed status to open
-
reporter - changed status to resolved
Added basic protection in commit 0e2cc15.
-
From Juraj:
if (alg.equals(JWEAlgorithm.RSA1_5)) { int keyLength = cmkBitLength(readOnlyJWEHeader.getEncryptionMethod()); SecretKey randomCMK = AES.generateAESCMK(keyLength); try { cmk = RSA1_5.decryptCMK(privateKey, encryptedKey.decode(), keyLength); } catch (Exception e) { // Protect against MMA attack by generating random CMK on failure, // see http://www.ietf.org/mail-archive/web/jose/current/msg01832.html cmk = randomCMK; } }
-
reporter Done in commit f74ec03 :)
- Log in to comment