summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java8
-rw-r--r--eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/SecurePendingRequestIdGenerationStrategy.java2
2 files changed, 5 insertions, 5 deletions
diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java
index a63fb998..e5003e2f 100644
--- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java
+++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java
@@ -4,8 +4,6 @@ import java.nio.charset.StandardCharsets;
import java.security.Provider;
import java.util.Base64;
-import javax.annotation.Nonnull;
-import javax.annotation.PostConstruct;
import javax.crypto.SecretKey;
import org.apache.commons.lang3.StringUtils;
@@ -31,6 +29,8 @@ import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
import at.gv.egiz.eaaf.core.impl.credential.SymmetricKeyConfiguration;
import at.gv.egiz.eaaf.core.impl.credential.SymmetricKeyConfiguration.SymmetricKeyType;
import at.gv.egiz.eaaf.core.impl.data.Pair;
+import jakarta.annotation.Nonnull;
+import jakarta.annotation.PostConstruct;
import lombok.extern.slf4j.Slf4j;
/**
@@ -178,9 +178,9 @@ public class AuthenticatedEncryptionPendingRequestIdGenerationStrategy
JsonWebEncryption encToken = new JsonWebEncryption();
encToken.setContentEncryptionAlgorithmConstraints(new AlgorithmConstraints(
- ConstraintType.WHITELIST, ContentEncryptionAlgorithmIdentifiers.AES_128_GCM));
+ ConstraintType.PERMIT, ContentEncryptionAlgorithmIdentifiers.AES_128_GCM));
encToken.setAlgorithmConstraints(new AlgorithmConstraints(
- ConstraintType.WHITELIST,
+ ConstraintType.PERMIT,
KeyManagementAlgorithmIdentifiers.DIRECT,
KeyManagementAlgorithmIdentifiers.A128GCMKW
));
diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/SecurePendingRequestIdGenerationStrategy.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/SecurePendingRequestIdGenerationStrategy.java
index 5cac4cb0..8da773f8 100644
--- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/SecurePendingRequestIdGenerationStrategy.java
+++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/SecurePendingRequestIdGenerationStrategy.java
@@ -6,7 +6,6 @@ import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;
-import javax.annotation.PostConstruct;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
@@ -30,6 +29,7 @@ import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
import at.gv.egiz.eaaf.core.impl.credential.SymmetricKeyConfiguration;
import at.gv.egiz.eaaf.core.impl.credential.SymmetricKeyConfiguration.SymmetricKeyType;
+import jakarta.annotation.PostConstruct;
/**
* PendingRequestId generation strategy based on signed tokens that facilitates