Module: JWA

Defined in:: lib/jwa/algorithms/key_management/ecdh_es.rb,
lib/jwa.rb,
lib/jwa/cipher.rb,
lib/jwa/version.rb,
lib/jwa/support/pbkdf2.rb,
lib/jwa/support/concat_kdf.rb,
lib/jwa/algorithms/key_management.rb,
lib/jwa/algorithms/content_encryption.rb,
lib/jwa/algorithms/key_management/pbes2.rb,
lib/jwa/algorithms/key_management/rsa15.rb,
lib/jwa/algorithms/key_management/aes_kw.rb,
lib/jwa/algorithms/key_management/a128_kw.rb,
lib/jwa/algorithms/key_management/a192_kw.rb,
lib/jwa/algorithms/key_management/a256_kw.rb,
lib/jwa/algorithms/key_management/rsa_oaep.rb,
lib/jwa/algorithms/key_management/aes_gcm_kw.rb,
lib/jwa/algorithms/key_management/ecdh_es_kw.rb,
lib/jwa/algorithms/content_encryption/aes_gcm.rb,
lib/jwa/algorithms/key_management/a128_gcm_kw.rb,
lib/jwa/algorithms/key_management/a192_gcm_kw.rb,
lib/jwa/algorithms/key_management/a256_gcm_kw.rb,
lib/jwa/algorithms/content_encryption/a128_gcm.rb,
lib/jwa/algorithms/content_encryption/a192_gcm.rb,
lib/jwa/algorithms/content_encryption/a256_gcm.rb,
lib/jwa/algorithms/content_encryption/aes_cbc_hs.rb,
lib/jwa/algorithms/key_management/ecdh_es_a128_kw.rb,
lib/jwa/algorithms/key_management/ecdh_es_a192_kw.rb,
lib/jwa/algorithms/key_management/ecdh_es_a256_kw.rb,
lib/jwa/algorithms/content_encryption/a128_cbc_hs256.rb,
lib/jwa/algorithms/content_encryption/a192_cbc_hs384.rb,
lib/jwa/algorithms/content_encryption/a256_cbc_hs512.rb,
lib/jwa/algorithms/key_management/pbes_hs256_a128_kw.rb,
lib/jwa/algorithms/key_management/pbes_hs384_a192_kw.rb,
lib/jwa/algorithms/key_management/pbes_hs512_a256_kw.rb

Overview

This implementation is protected by the attack described at:

http://blogs.adobe.com/security/2017/03/critical-vulnerability-uncovered-in-json-encryption.html

The Ruby wrapper around OpenSSL raises an OpenSSL::PKey::EC::Point error if an attempt is made to initialize a public key with coordinates that do not reside on the wanted curve.

Defined Under Namespace

Modules: Algorithms, Cipher, Support Classes: BadDecrypt

Constant Summary collapse

VERSION =

'0.1.0'.freeze