JOSE lib maintainers could consider adding a curve check at EC JWK construction / parse time. This will stop an invalid curve attack early in its tracks, when the JWE message is being parsed, so the invalid EC JWK will not even reach the ECDH-ES decryption phase.
This extra validation is now included in Nimbus JOSE+JWT v4.36. I suppose it could also prevent other issues with having invalid EC JWK around an app. Cheers, Vladimir
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
