- changed status to resolved
RSA_OAEP key wrap modes are not compliant with the FIPS
Issue #564
resolved
The cipher mode should be Cipher.UNWRAP_MODE
instead of Cipher.DECRYPT_MODE
The cipher mode should be Cipher.WRAP_MODE
instead of Cipher.ENCRYPT_MODE
Using DERYPT_MODE
or ENCRYPT_MODE
for key wrap operations will give exceptions in FIPS mode.
Comments (2)
-
-
Released in:
9.41 (2024-09-10) * JWEHeader receives typed support for the "iss" (issuer), "sub" (subject) and "aud" (audience) claims as replicated JWE header parameters. * Updates the JWE encryption with "PBES2-HS256+A128KW", "PBES2-HS384+A192KW" and "PBES2-HS512+A256KW" to use a JCA provider instead of a local PBKDF2 implementation. "PBKDF2WithHmacSHA256" support is available since Java 8 and Android API level 26 (iss #561). * For "RSA-OAEP" and "RSA-OAEP-256" the cipher mode should be either WRAP or UNWRAP, not ENCRYPT or DECRYPT. Otherwise it will throw an exception when used with a FIPS provider (iss #564).
- Log in to comment
Fixed in 397e062fd6720f795ed6428dcc0a4ae859e424af (via PR).
Change log: