[jira] [Created] (CB-12441) RSA algorithm is missing the OAEP padding

Sahil (JIRA) Thu, 09 Feb 2017 07:06:06 -0800

Sahil created CB-12441:
--------------------------

             Summary: RSA algorithm is missing the OAEP padding
                 Key: CB-12441
                 URL: https://issues.apache.org/jira/browse/CB-12441
             Project: Apache Cordova
          Issue Type: Bug
            Reporter: Sahil



We have used cordova for an android hybrid app edvelopment and found following 
error in VARACODE security scan
Attack Vector: javax.crypto.Cipher.getInstance

Description: This usage of the RSA algorithm is missing the OAEP padding 
scheme, which effectively weakens the encryption.

Remediation: Use OAEP padding scheme when using RSA algorithm for 
encryption/decryption.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@cordova.apache.org
For additional commands, e-mail: issues-h...@cordova.apache.org

[jira] [Created] (CB-12441) RSA algorithm is missing the OAEP padding

Reply via email to