summaryrefslogtreecommitdiff
path: root/eaaf_modules/eaaf_module_auth_sl20
diff options
context:
space:
mode:
Diffstat (limited to 'eaaf_modules/eaaf_module_auth_sl20')
-rw-r--r--eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/Constants.java2
-rw-r--r--eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java10
2 files changed, 10 insertions, 2 deletions
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/Constants.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/Constants.java
index 74d67d01..b454558a 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/Constants.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/Constants.java
@@ -36,6 +36,8 @@ public class Constants {
CONFIG_PROP_PREFIX + ".security.truststore.path";
public static final String CONFIG_PROP_SECURITY_TRUSTSTORE_PASSWORD =
CONFIG_PROP_PREFIX + ".security.truststore.password";
+ public static final String CONFIG_PROP_SECURITY_TRUSTSTORE_NEED_VALID_CERTIFICATE =
+ CONFIG_PROP_PREFIX + ".security.truststore.need.valid.certificate";
public static final String CONFIG_PROP_SECURITY_SIG_ALG_RSA =
CONFIG_PROP_PREFIX + ".security.sigalg.rsa";
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java
index 4e939d55..668ce09a 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java
@@ -154,8 +154,8 @@ public class JsonSecurityUtils implements IJoseTools {
public VerificationResult validateSignature(@Nonnull final String serializedContent,
@Nonnull final List<X509Certificate> trustedCerts, @Nonnull final AlgorithmConstraints constraints)
throws JoseException, IOException {
-
- final JwsResult result = JoseUtils.validateSignature(serializedContent, trustedCerts, constraints);
+ final JwsResult result = JoseUtils.validateSignature(serializedContent, trustedCerts, constraints,
+ isValidCertificateNeeded());
return new VerificationResult(
JsonMapper.getMapper().readTree(result.getFullJoseHeader().getFullHeaderAsJsonString()),
JsonMapper.getMapper().readTree(result.getPayLoad()),
@@ -413,4 +413,10 @@ public class JsonSecurityUtils implements IJoseTools {
}
+ private boolean isValidCertificateNeeded() {
+ return authConfig.getBasicConfigurationBoolean(
+ Constants.CONFIG_PROP_SECURITY_TRUSTSTORE_NEED_VALID_CERTIFICATE, true);
+
+ }
+
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-30 23:50:03 +0000