diff options
author | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-11-02 12:23:29 +0100 |
---|---|---|
committer | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-11-02 12:23:29 +0100 |
commit | 86241863a1aebdc16e3bc273b63e5ce00fb86645 (patch) | |
tree | d47207005cc1193764d15e175b862b7532972f4a /eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java | |
parent | fcd49e74d74ce2fb23e6de77fde9b58a14525a70 (diff) | |
download | EAAF-Components-86241863a1aebdc16e3bc273b63e5ce00fb86645.tar.gz EAAF-Components-86241863a1aebdc16e3bc273b63e5ce00fb86645.tar.bz2 EAAF-Components-86241863a1aebdc16e3bc273b63e5ce00fb86645.zip |
change order of IAIK CryptoProvider registration
Update JWS and JWE impl. to mitigate problems if IAIK and BC provider are loaded
Diffstat (limited to 'eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java')
-rw-r--r-- | eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java index 27f06276..58e3e41c 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java @@ -14,6 +14,7 @@ import javax.annotation.Nonnull; import javax.annotation.PostConstruct; import org.apache.commons.lang3.StringUtils; +import org.bouncycastle.jce.provider.BouncyCastleProvider; import org.jose4j.jca.ProviderContext; import org.jose4j.jwa.AlgorithmConstraints; import org.jose4j.jwa.AlgorithmConstraints.ConstraintType; @@ -223,10 +224,15 @@ public class JsonSecurityUtils implements IJoseTools { if (keyStore.getSecond() != null) { log.trace("Injecting special Java Security Provider: {}", keyStore.getSecond().getName()); final ProviderContext providerCtx = new ProviderContext(); - providerCtx.getSuppliedKeyProviderContext().setGeneralProvider( - keyStore.getSecond().getName()); + providerCtx.getSuppliedKeyProviderContext().setGeneralProvider(keyStore.getSecond().getName()); + providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME); receiverJwe.setProviderContext(providerCtx); + } else { + final ProviderContext providerCtx = new ProviderContext(); + providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME); + receiverJwe.setProviderContext(providerCtx); + } // validate key from header against key from config |