aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2017-03-14 08:35:56 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2017-03-14 08:35:56 +0100
commit583b352de3eda9dd57f427c9d59aa1c395f182a2 (patch)
tree77d3998eb55c2ac9699514908a7a1e0c60295ef7
parenta924ffced08d9ffef2ff8b20bb6be483bfe6f5d9 (diff)
downloadmoa-id-spss-583b352de3eda9dd57f427c9d59aa1c395f182a2.tar.gz
moa-id-spss-583b352de3eda9dd57f427c9d59aa1c395f182a2.tar.bz2
moa-id-spss-583b352de3eda9dd57f427c9d59aa1c395f182a2.zip
workaround to fix possible problem with OpenSAML SecureRandomIdentifierGenerator in combination with JDK 8.121 and IAIK_JCE that cause in a java.lang.ArrayIndexOutOfBoundsException
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java16
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java12
2 files changed, 26 insertions, 2 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java
index 9d57c2bae..28a85b4af 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java
@@ -46,6 +46,8 @@ import org.opensaml.xml.io.Marshaller;
import org.opensaml.xml.io.MarshallingException;
import org.w3c.dom.Document;
+import at.gv.egovernment.moa.id.util.Random;
+
public class SAML2Utils {
public static <T> T createSAMLObject(final Class<T> clazz) {
@@ -66,7 +68,19 @@ public class SAML2Utils {
}
public static String getSecureIdentifier() {
- return idGenerator.generateIdentifier();
+ return "_".concat(Random.nextHexRandom16());
+
+ /*Bug-Fix: There are open problems with RandomNumberGenerator via Java SPI and Java JDK 8.121
+ * Generation of a 16bit Random identifier FAILES with an Caused by: java.lang.ArrayIndexOutOfBoundsException
+ * Caused by: java.lang.ArrayIndexOutOfBoundsException
+ at iaik.security.random.o.engineNextBytes(Unknown Source)
+ at iaik.security.random.SecRandomSpi.engineNextBytes(Unknown Source)
+ at java.security.SecureRandom.nextBytes(SecureRandom.java:468)
+ at org.opensaml.common.impl.SecureRandomIdentifierGenerator.generateIdentifier(SecureRandomIdentifierGenerator.java:62)
+ at org.opensaml.common.impl.SecureRandomIdentifierGenerator.generateIdentifier(SecureRandomIdentifierGenerator.java:56)
+ at at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils.getSecureIdentifier(SAML2Utils.java:69)
+ */
+ //return idGenerator.generateIdentifier();
}
private static SecureRandomIdentifierGenerator idGenerator;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java
index ba45a3679..1f9050a31 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java
@@ -114,11 +114,21 @@ public class Random {
*
* @return random hex encoded value [256bit]
*/
- public static String nextHexRandom() {
+ public static String nextHexRandom32() {
return new String(Hex.encodeHex(nextByteRandom(32))); // 32 bytes = 256 bits
}
+ /**
+ * Creates a new random number [128bit], and encode it as hex value.
+ *
+ * @return random hex encoded value [128bit]
+ */
+ public static String nextHexRandom16() {
+ return new String(Hex.encodeHex(nextByteRandom(16))); // 16 bytes = 128 bits
+
+ }
+
/**
* Creates a new random number [64bit], to be used as an ID.
*