keycloak

mirror of https://github.com/keycloak/keycloak.git synced 2026-04-08 18:50:36 -04:00

History

Awambeng Rodrick b99f1b5842 fix(oid4vc): use SecureRandom for nonce and time claim generation - replace non-cryptographic PRNG usage (java.util.Random, Math.random) - use SecureRandom in JwtCNonceHandler for nonce length generation - use SecureRandom in TimeClaimNormalizer for time claim randomization - introduce centralized secure random utility (SecretGenerator) - ensure uniform and unpredictable randomness in security-sensitive flows Closes #47271 Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com> Address review comments from @IngridPuppet Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>	2026-03-26 17:44:47 +01:00
..
src	fix(oid4vc): use SecureRandom for nonce and time claim generation	2026-03-26 17:44:47 +01:00
pom.xml	Downgrade Java for client libraries to 8	2024-09-20 17:01:01 +02:00

Awambeng Rodrick b99f1b5842 fix(oid4vc): use SecureRandom for nonce and time claim generation

- replace non-cryptographic PRNG usage (java.util.Random, Math.random)
- use SecureRandom in JwtCNonceHandler for nonce length generation
- use SecureRandom in TimeClaimNormalizer for time claim randomization
- introduce centralized secure random utility (SecretGenerator)
- ensure uniform and unpredictable randomness in security-sensitive flows

Closes #47271

Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>

Address review comments from @IngridPuppet

Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>

2026-03-26 17:44:47 +01:00

src

fix(oid4vc): use SecureRandom for nonce and time claim generation

2026-03-26 17:44:47 +01:00

pom.xml

Downgrade Java for client libraries to 8

2024-09-20 17:01:01 +02:00