search

confidential-containers / trustee

Attestation and Secret Delivery Components
Apache License 2.0
67 stars 88 forks source link

JWE encryption is missing base64url-encoded protected header as AEAD #583

Open deeglaze opened 1 day ago

deeglaze commented 1 day ago

Describe the bug

The JWE protected_header is not protected AEAD as expected by the RFC for JWE.

How to reproduce

n/a

CoCo version information

all

What TEE are you seeing the problem on

Snp

Failing command and relevant log output

No response