diff options
-rw-r--r-- | id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAeIDASMetadataGenerator.java | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAeIDASMetadataGenerator.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAeIDASMetadataGenerator.java index 171d5c8e2..8faaf1874 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAeIDASMetadataGenerator.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAeIDASMetadataGenerator.java @@ -477,7 +477,7 @@ public class MOAeIDASMetadataGenerator extends MetadataGenerator { X509Certificate decryptionCertificate = engine.getDecryptionCertificate(); if (null != decryptionCertificate) { - params.setEncryptionCredential(CertificateUtil.toCredential(decryptionCertificate)); + params.setSpEncryptionCredential(CertificateUtil.toCredential(decryptionCertificate)); } params.setSigningCredential(CertificateUtil.toCredential(engine.getSigningCertificate())); params.setIdpEngine(engine); @@ -542,7 +542,10 @@ public class MOAeIDASMetadataGenerator extends MetadataGenerator { Set<String> signatureMethods = EIDASUtil.parseSemicolonSeparatedList(params.getDigestMethods()); Set<String> digestMethods = new HashSet<String>(); for (String signatureMethod : signatureMethods) { - digestMethods.add(CertificateUtil.validateDigestAlgorithm(signatureMethod)); + + //BUGFIX: eIDAS implementation does not allow MGF1 signature schemes + digestMethods.add(signatureMethod); + //digestMethods.add(CertificateUtil.validateDigestAlgorithm(signatureMethod)); } for (String digestMethod : digestMethods) { final DigestMethod dm = (DigestMethod) BuilderFactoryUtil.buildXmlObject(DigestMethod.DEF_ELEMENT_NAME); @@ -581,7 +584,7 @@ public class MOAeIDASMetadataGenerator extends MetadataGenerator { generateDigest(eidasExtensions); if (!StringUtils.isEmpty(params.getSigningMethods())) { - Set<String> signMethods = EIDASUtil.parseSemicolonSeparatedList(params.getDigestMethods()); + Set<String> signMethods = EIDASUtil.parseSemicolonSeparatedList(params.getSigningMethods()); for (String signMethod : signMethods) { final SigningMethod sm = (SigningMethod) BuilderFactoryUtil.buildXmlObject(SigningMethod.DEF_ELEMENT_NAME); |