diff options
author | Thomas <> | 2022-09-22 12:54:43 +0200 |
---|---|---|
committer | Thomas <> | 2022-09-22 12:54:43 +0200 |
commit | 94539b8fd8e69b1034f6d6f7d811d8f73fc2aca0 (patch) | |
tree | 874b10cc29dc77ea54da104557b7d6709963750e /eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/data | |
parent | b1fe465e4fe83c5c6445cb96d7cdedea0b885081 (diff) | |
download | EAAF-Components-94539b8fd8e69b1034f6d6f7d811d8f73fc2aca0.tar.gz EAAF-Components-94539b8fd8e69b1034f6d6f7d811d8f73fc2aca0.tar.bz2 EAAF-Components-94539b8fd8e69b1034f6d6f7d811d8f73fc2aca0.zip |
fix(sl20): refactor signature and encryption validation because it can be skipped
- SBA Pentest finds a pattern that skip security validation SBA(202209-10.2)
Diffstat (limited to 'eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/data')
-rw-r--r-- | eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/data/VerificationResult.java | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/data/VerificationResult.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/data/VerificationResult.java index 0f88e251..169dee40 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/data/VerificationResult.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/data/VerificationResult.java @@ -7,7 +7,7 @@ import com.fasterxml.jackson.databind.JsonNode; public class VerificationResult { - private Boolean validSigned = null; + private Boolean validSigned = false; private List<X509Certificate> certs = null; private JsonNode header = null; private JsonNode payload = null; |