http://github.com/latchset/jose does exactly this. I also recommend other implementations do the same.
On Wed, Apr 19, 2017 at 5:43 AM, Vladimir Dzhuvinov <[email protected]> wrote: > JOSE lib maintainers could consider adding a curve check at EC JWK > construction / parse time. This will stop an invalid curve attack early > in its tracks, when the JWE message is being parsed, so the invalid EC > JWK will not even reach the ECDH-ES decryption phase. > > This extra validation is now included in Nimbus JOSE+JWT v4.36. I > suppose it could also prevent other issues with having invalid EC JWK > around an app. > > Cheers, > > Vladimir > > > > > _______________________________________________ > jose mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/jose > _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
