Merged, Thanks! On Sat, Feb 14, 2026 at 04:16:58PM +0000, David Carlier wrote: > Subject: [PATCH] BUG/MEDIUM: jwe: fix timing side-channel and dead code in > JWE decryption > Fix two issues in JWE token processing: > > - Replace memcmp() with CRYPTO_memcmp() for authentication tag > verification in build_and_check_tag() to prevent timing > side-channel attacks. Also add a tag length validation check > before the comparison to avoid potential buffer over-read when > the decoded tag length doesn't match the expected HMAC half. > > - Remove unreachable break statement after JWE_ALG_A256GCMKW case > in decrypt_cek_aesgcmkw().
-- William Lallemand
