From 86241863a1aebdc16e3bc273b63e5ce00fb86645 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Mon, 2 Nov 2020 12:23:29 +0100
Subject: change order of IAIK CryptoProvider registration Update JWS and JWE
 impl. to mitigate problems if IAIK and BC provider are loaded

---
 .../egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java   | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

(limited to 'eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java')

diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java
index 27f06276..58e3e41c 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java
@@ -14,6 +14,7 @@ import javax.annotation.Nonnull;
 import javax.annotation.PostConstruct;
 
 import org.apache.commons.lang3.StringUtils;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
 import org.jose4j.jca.ProviderContext;
 import org.jose4j.jwa.AlgorithmConstraints;
 import org.jose4j.jwa.AlgorithmConstraints.ConstraintType;
@@ -223,10 +224,15 @@ public class JsonSecurityUtils implements IJoseTools {
       if (keyStore.getSecond() != null) {
         log.trace("Injecting special Java Security Provider: {}", keyStore.getSecond().getName());
         final ProviderContext providerCtx = new ProviderContext();
-        providerCtx.getSuppliedKeyProviderContext().setGeneralProvider(
-            keyStore.getSecond().getName());
+        providerCtx.getSuppliedKeyProviderContext().setGeneralProvider(keyStore.getSecond().getName());
+        providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME);
         receiverJwe.setProviderContext(providerCtx);
 
+      } else {
+        final ProviderContext providerCtx = new ProviderContext();
+        providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME);
+        receiverJwe.setProviderContext(providerCtx);
+        
       }
 
       // validate key from header against key from config
-- 
cgit v1.2.3