• Simo Sorce's avatar
    The Pbes2 algorithm accepts only bytes or string · 906e9a25
    Simo Sorce authored
    The Pbes2 algorithm is supposed to get a low entropy password so we break
    the interface so that JWK keys are not accepted at all.
    
    This is in order to avoid potential confusion in users where a low entropy
    password is coerced into an "oct" key and then potentially used as a high
    entropy symmetric key with other algorithms yielding very poor security.
    
    By making password mutually eclusive with keys we try to avoid this mistakes
    by users.
    Signed-off-by: default avatarSimo Sorce <simo@redhat.com>
    Closes #40
    906e9a25
tests-cookbook.py 50.9 KB