From 448a51e7bcab5cff2e0339ab61298669c7ef0f69 Mon Sep 17 00:00:00 2001 From: Lim Xuan Ping Date: Wed, 11 Sep 2024 16:20:19 +0800 Subject: [PATCH] fix: myinfo encryptedAndSignedPersona to use enc A256GCM --- lib/express/myinfo/controllers.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/express/myinfo/controllers.js b/lib/express/myinfo/controllers.js index 95f56b9d..b7784a95 100644 --- a/lib/express/myinfo/controllers.js +++ b/lib/express/myinfo/controllers.js @@ -50,7 +50,7 @@ module.exports = const encryptedAndSignedPersona = await new jose.CompactEncrypt( Buffer.from(sign), ) - .setProtectedHeader({ alg: 'RSA-OAEP', enc: 'A128CBC-HS256' }) + .setProtectedHeader({ alg: 'RSA-OAEP', enc: 'A256GCM' }) .encrypt(publicKey) return encryptedAndSignedPersona }