summaryrefslogtreecommitdiff
path: root/eaaf_modules/eaaf_module_moa-sig
diff options
context:
space:
mode:
Diffstat (limited to 'eaaf_modules/eaaf_module_moa-sig')
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/checks/spotbugs-exclude.xml14
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/pom.xml10
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/MoaSigInitializer.java3
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/SignatureCreationService.java2
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/SignatureVerificationService.java9
5 files changed, 29 insertions, 9 deletions
diff --git a/eaaf_modules/eaaf_module_moa-sig/checks/spotbugs-exclude.xml b/eaaf_modules/eaaf_module_moa-sig/checks/spotbugs-exclude.xml
new file mode 100644
index 00000000..30b9c014
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/checks/spotbugs-exclude.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<FindBugsFilter>
+ <Match>
+ <OR>
+ <Class name="at.gv.egiz.eaaf.modules.sigverify.moasig.impl.data.GenericSignatureVerificationResponse" />
+ <Class name="at.gv.egiz.eaaf.modules.sigverify.moasig.impl.data.VerifyPdfSignatureResponse" />
+ <Class name="at.gv.egiz.eaaf.modules.sigverify.moasig.impl.parser.VerifyXmlSignatureResponseParser" />
+ </OR>
+ <OR>
+ <Bug pattern="EI_EXPOSE_REP" />
+ <Bug pattern="EI_EXPOSE_REP2" />
+ </OR>
+ </Match>
+</FindBugsFilter>
diff --git a/eaaf_modules/eaaf_module_moa-sig/pom.xml b/eaaf_modules/eaaf_module_moa-sig/pom.xml
index 613e841d..c8a30654 100644
--- a/eaaf_modules/eaaf_module_moa-sig/pom.xml
+++ b/eaaf_modules/eaaf_module_moa-sig/pom.xml
@@ -221,7 +221,15 @@
</filesets>
</configuration>
</plugin>
-
+ <plugin>
+ <groupId>com.github.spotbugs</groupId>
+ <artifactId>spotbugs-maven-plugin</artifactId>
+ <version>${spotbugs-maven-plugin.version}</version>
+ <configuration>
+ <failOnError>true</failOnError>
+ <excludeFilterFile>checks/spotbugs-exclude.xml</excludeFilterFile>
+ </configuration>
+ </plugin>
</plugins>
</build>
</project>
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/MoaSigInitializer.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/MoaSigInitializer.java
index 006f48c2..f4c68230 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/MoaSigInitializer.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/MoaSigInitializer.java
@@ -7,8 +7,6 @@ import java.security.Security;
import java.util.Iterator;
import java.util.Map.Entry;
-import javax.annotation.PostConstruct;
-
import org.springframework.beans.factory.annotation.Autowired;
import at.gv.egiz.eaaf.modules.sigverify.moasig.api.data.ISchemaRessourceProvider;
@@ -21,6 +19,7 @@ import at.gv.egovernment.moaspss.util.DOMUtils;
import iaik.asn1.structures.AlgorithmID;
import iaik.security.ec.provider.ECCelerate;
import iaik.security.provider.IAIK;
+import jakarta.annotation.PostConstruct;
import lombok.Getter;
import lombok.extern.slf4j.Slf4j;
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/SignatureCreationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/SignatureCreationService.java
index 0d8b7975..b0ff765c 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/SignatureCreationService.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/SignatureCreationService.java
@@ -1,6 +1,5 @@
package at.gv.egiz.eaaf.modules.sigverify.moasig.impl;
-import javax.annotation.PostConstruct;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -9,6 +8,7 @@ import org.springframework.stereotype.Service;
import at.gv.egiz.eaaf.modules.sigverify.moasig.api.ISignatureCreationService;
import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureCreationInvoker;
import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureCreationInvoker;
+import jakarta.annotation.PostConstruct;
@Service(value = "moaSigCreateService")
public class SignatureCreationService extends AbstractSignatureService
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/SignatureVerificationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/SignatureVerificationService.java
index 1f8bf3b8..9904b1ea 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/SignatureVerificationService.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/SignatureVerificationService.java
@@ -3,20 +3,18 @@ package at.gv.egiz.eaaf.modules.sigverify.moasig.impl;
import java.io.ByteArrayInputStream;
import java.security.cert.CertificateEncodingException;
import java.util.ArrayList;
+import java.util.Base64;
import java.util.Collections;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
-import javax.annotation.PostConstruct;
-
import org.apache.commons.lang3.time.DateFormatUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.lang.Nullable;
import org.springframework.stereotype.Service;
-import org.springframework.util.Base64Utils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -44,6 +42,7 @@ import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker;
import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker;
import at.gv.egovernment.moaspss.util.Constants;
+import jakarta.annotation.PostConstruct;
/**
* MOA-Sig based signature verification implementation.
@@ -425,7 +424,7 @@ public class SignatureVerificationService extends AbstractSignatureService
verifySignatureEnvironmentElem.appendChild(base64ContentElem);
// insert the base64 encoded signature
- String base64EncodedAssertion = Base64Utils.encodeToString(signature);
+ String base64EncodedAssertion = Base64.getEncoder().encodeToString(signature);
// replace all '\r' characters by no char.
final StringBuffer replaced = new StringBuffer();
for (int i = 0; i < base64EncodedAssertion.length(); i++) {
@@ -485,7 +484,7 @@ public class SignatureVerificationService extends AbstractSignatureService
final Element content = requestDoc_.createElementNS(MOA_NS_URI, "Content");
content.setAttribute("Reference", reference);
final Element b64content = requestDoc_.createElementNS(MOA_NS_URI, "Base64Content");
- b64content.setTextContent(Base64Utils.encodeToString(contentBytes));
+ b64content.setTextContent(Base64.getEncoder().encodeToString(signature));
content.appendChild(b64content);
supplementProfile.appendChild(content);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-11 00:21:35 +0000