Skip to content
This repository has been archived by the owner on Feb 27, 2023. It is now read-only.

Commit

Permalink
Fix issue #206
Browse files Browse the repository at this point in the history 
The auth tag len for AES-CBC+HMAC algorithms should match the key size,
see RFC 7518 Section 5.2.4 and Section 5.2.5. Unfortunately this will
(as-is) cause problems with decrypting AES-CBC+HMAC ciphertexts that
were encrypted with this library that used 192-bit and 256-bit key
sizes. A future pull request could add a flag to add some sort of
compabitility flag to allow for decryption to continue working for those
cases.
  • Loading branch information
@csstaub
csstaub committed Nov 20, 2018
1 parent 9ab2713 commit ce63c22
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion symmetric.go
View file
Expand Up @@ -103,7 +103,7 @@ func newAESGCM(keySize int) contentCipher {
func newAESCBC(keySize int) contentCipher {
return &aeadContentCipher{
keyBytes: keySize * 2,
authtagBytes: 16,
authtagBytes: keySize,
getAead: func(key []byte) (cipher.AEAD, error) {
return josecipher.NewCBCHMAC(key, aes.NewCipher)
},
Expand Down

0 comments on commit ce63c22

Please sign in to comment.