upstream/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-04-14 13:36:51 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 14
keycloak/services/src
History
Awambeng Rodrick b99f1b5842 fix(oid4vc): use SecureRandom for nonce and time claim generation 
- replace non-cryptographic PRNG usage (java.util.Random, Math.random)
- use SecureRandom in JwtCNonceHandler for nonce length generation
- use SecureRandom in TimeClaimNormalizer for time claim randomization
- introduce centralized secure random utility (SecretGenerator)
- ensure uniform and unpredictable randomness in security-sensitive flows

Closes #47271

Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>

Address review comments from @IngridPuppet

Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>
2026-03-26 17:44:47 +01:00
..
docs Add raw OpenApi documentation files to rest-api documentation (#22940) 2023-12-21 12:07:33 +01:00
main fix(oid4vc): use SecureRandom for nonce and time claim generation 2026-03-26 17:44:47 +01:00
test fix(oid4vc): use SecureRandom for nonce and time claim generation 2026-03-26 17:44:47 +01:00