Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug in calculating authentication tag #8

Closed
apasquale opened this issue Mar 27, 2017 · 1 comment
Closed

Bug in calculating authentication tag #8

apasquale opened this issue Mar 27, 2017 · 1 comment
Assignees
@francescobbo
Labels
bug

Comments

@apasquale
Copy link

Hi, I found an issue while trying to decrypt something with enc: A256CBC-HS512 which was encrypted by another library. I was getting 'Authentication tag verification failed' with this library but not on others.

After hunting down the differences on how the tag was calculated I narrowed it down to this line

According to RFC 7516 JSON Web Encryption (JWE)

The octet string AL, which is the number of bits in AAD expressed as a big-endian 64-bit unsigned integer

I made the changes to both decrypt and encrypt in my fork, but was unable to figure out how to fix all the failing tests in spec/jwe/enc_spec.rbso haven't raised a PR.
@excpt excpt added the bug label Mar 27, 2017
@francescobbo francescobbo self-assigned this Apr 2, 2017
@francescobbo
Copy link
Member

Good catch. Working on it right now!

👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@francescobbo francescobbo

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@excpt @apasquale @francescobbo