diff options
Diffstat (limited to 'eaaf_core_utils')
2 files changed, 5 insertions, 5 deletions
diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java index a63fb998..e5003e2f 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java @@ -4,8 +4,6 @@ import java.nio.charset.StandardCharsets; import java.security.Provider; import java.util.Base64; -import javax.annotation.Nonnull; -import javax.annotation.PostConstruct; import javax.crypto.SecretKey; import org.apache.commons.lang3.StringUtils; @@ -31,6 +29,8 @@ import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory; import at.gv.egiz.eaaf.core.impl.credential.SymmetricKeyConfiguration; import at.gv.egiz.eaaf.core.impl.credential.SymmetricKeyConfiguration.SymmetricKeyType; import at.gv.egiz.eaaf.core.impl.data.Pair; +import jakarta.annotation.Nonnull; +import jakarta.annotation.PostConstruct; import lombok.extern.slf4j.Slf4j; /** @@ -178,9 +178,9 @@ public class AuthenticatedEncryptionPendingRequestIdGenerationStrategy JsonWebEncryption encToken = new JsonWebEncryption(); encToken.setContentEncryptionAlgorithmConstraints(new AlgorithmConstraints( - ConstraintType.WHITELIST, ContentEncryptionAlgorithmIdentifiers.AES_128_GCM)); + ConstraintType.PERMIT, ContentEncryptionAlgorithmIdentifiers.AES_128_GCM)); encToken.setAlgorithmConstraints(new AlgorithmConstraints( - ConstraintType.WHITELIST, + ConstraintType.PERMIT, KeyManagementAlgorithmIdentifiers.DIRECT, KeyManagementAlgorithmIdentifiers.A128GCMKW )); diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/SecurePendingRequestIdGenerationStrategy.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/SecurePendingRequestIdGenerationStrategy.java index 5cac4cb0..8da773f8 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/SecurePendingRequestIdGenerationStrategy.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/SecurePendingRequestIdGenerationStrategy.java @@ -6,7 +6,6 @@ import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.Base64; -import javax.annotation.PostConstruct; import javax.crypto.Mac; import javax.crypto.SecretKey; @@ -30,6 +29,7 @@ import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException; import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory; import at.gv.egiz.eaaf.core.impl.credential.SymmetricKeyConfiguration; import at.gv.egiz.eaaf.core.impl.credential.SymmetricKeyConfiguration.SymmetricKeyType; +import jakarta.annotation.PostConstruct; /** * PendingRequestId generation strategy based on signed tokens that facilitates |