1. connect2id Avatar connect2id
  2. Crypto
  3. Nimbus-JOSE-JWT
  4. Issues

RSA_OAEP key wrap modes are not compliant with the FIPS

Issue #564 resolved
Pankaj Yadav created an issue
  1. https://bitbucket.org/connect2id/nimbus-jose-jwt/src/ba873c354f1b2f214345e63d663115193d4772c2/src/main/java/com/nimbusds/jose/crypto/impl/RSA_OAEP.java#lines-100:103

‌ The cipher mode should be Cipher.UNWRAP_MODE instead of Cipher.DECRYPT_MODE

  1. Similarly, https://bitbucket.org/connect2id/nimbus-jose-jwt/src/ba873c354f1b2f214345e63d663115193d4772c2/src/main/java/com/nimbusds/jose/crypto/impl/RSA_OAEP.java#lines-68

‌ The cipher mode should be Cipher.WRAP_MODE instead of Cipher.ENCRYPT_MODE

Using DERYPT_MODE or ENCRYPT_MODE for key wrap operations will give exceptions in FIPS mode.

Comments (2)

  2. Vladimir Dzhuvinov

    Released in:

    9.41 (2024-09-10)
    * JWEHeader receives typed support for the "iss" (issuer), "sub" (subject)
      and "aud" (audience) claims as replicated JWE header parameters.
    * Updates the JWE encryption with "PBES2-HS256+A128KW",
      "PBES2-HS384+A192KW" and "PBES2-HS512+A256KW" to use a JCA provider
      instead of a local PBKDF2 implementation. "PBKDF2WithHmacSHA256" support
      is available since Java 8 and Android API level 26 (iss #561).
    * For "RSA-OAEP" and "RSA-OAEP-256" the cipher mode should be either WRAP
      or UNWRAP, not ENCRYPT or DECRYPT. Otherwise it will throw an exception
      when used with a FIPS provider (iss #564).

  3. Log in to comment
Assignee
Type
bug
Priority
major
Status
resolved
Component
JWT
Milestone
Votes
0
Watchers
1
Jira: the preferred issue tracker for Bitbucket. Join the team!