From f8c9612785af22c55c05708c985c6e7345123c50 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 17 Sep 2025 16:55:00 +0200 Subject: chore(core): update IAIK libs --- .../invoke/XMLSignatureVerificationInvoker.java | 59 ++++++++++------------ 1 file changed, 26 insertions(+), 33 deletions(-) (limited to 'moaSig/moa-sig-lib/src') diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java index b97cc95..2973b36 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java @@ -110,34 +110,27 @@ import iaik.xml.crypto.utils.URIException; public class XMLSignatureVerificationInvoker { /** The single instance of this class. */ - private static XMLSignatureVerificationInvoker instance = null; + private static final XMLSignatureVerificationInvoker INSTANCE = new XMLSignatureVerificationInvoker(); - private static Set FILTERED_REF_TYPES; - - static { - FILTERED_REF_TYPES = new HashSet(); - FILTERED_REF_TYPES.add(DsigManifest.XML_DSIG_MANIFEST_TYPE); - FILTERED_REF_TYPES.add(SecurityLayerManifest.SECURITY_LAYER_MANIFEST_TYPE); - FILTERED_REF_TYPES.add(SecurityLayerManifest.SECURITY_LAYER_MANIFEST_TYPE_OLD); - FILTERED_REF_TYPES.add(XMLConstants.NAMESPACE_ETSI_STRING + "SignedProperties"); - FILTERED_REF_TYPES.add("http://uri.etsi.org/01903#SignedProperties"); - } + private static final Set FILTERED_REF_TYPES = Set.of( + DsigManifest.XML_DSIG_MANIFEST_TYPE, + SecurityLayerManifest.SECURITY_LAYER_MANIFEST_TYPE, + SecurityLayerManifest.SECURITY_LAYER_MANIFEST_TYPE_OLD, + XMLConstants.NAMESPACE_ETSI_STRING + "SignedProperties", + "http://uri.etsi.org/01903#SignedProperties"); /** * Get the single instance of this class. - * + * * @return The single instance of this class. */ - public static synchronized XMLSignatureVerificationInvoker getInstance() { - if (instance == null) { - instance = new XMLSignatureVerificationInvoker(); - } - return instance; + public static XMLSignatureVerificationInvoker getInstance() { + return INSTANCE; } /** * Create a new XMLSignatureCreationInvoker. - * + * * Protected to disallow multiple instances. */ protected XMLSignatureVerificationInvoker() { @@ -146,8 +139,8 @@ public class XMLSignatureVerificationInvoker { /** * Process the VerifyXMLSignatureRequest message and invoke the * XMLSignatureVerificationModule. - * - * @param request A VerifyXMLSignatureRequest API object + * + * @param request A VerifyXMLSignatureRequest API object * containing the data for verifying an XML signature. * @return A VerifyXMLSignatureResponse containing the answert * to the VerifyXMLSignatureRequest. MOA schema @@ -307,16 +300,16 @@ public class XMLSignatureVerificationInvoker { /** * Checks if the signer certificate matches one of the allowed signer * certificates specified in the provided trustProfile. - * + * * @param result The result produced by the * XMLSignatureVerificationModule. - * + * * @param trustProfile The trust profile the signer certificate is validated * against. - * + * * @return The overal result of the certificate validation for the signer * certificate. - * + * * @throws MOAException if one of the signer certificates specified in the * trustProfile cannot be read from the file * system. @@ -392,7 +385,7 @@ public class XMLSignatureVerificationInvoker { /** * Select the dsig:Signature DOM element within the signature * environment. - * + * * @param signatureEnvironment The signature environment containing the * dsig:Signature. * @param request The VerifyXMLSignatureRequest @@ -425,7 +418,7 @@ public class XMLSignatureVerificationInvoker { /** * Build the supplemental data objects contained in the * VerifyXMLSignatureRequest. - * + * * @param supplements A List of * XMLDataObjectAssociations containing the * supplement data. @@ -458,7 +451,7 @@ public class XMLSignatureVerificationInvoker { /** * Get the supplemental data contained in the * VerifyXMLSignatureRequest. - * + * * @param request The VerifyXMLSignatureRequest containing the * supplemental data. * @return A List of XMLDataObjectAssociation objects @@ -490,7 +483,7 @@ public class XMLSignatureVerificationInvoker { /** * Perform additional validations of the * XMLSignatureVerificationResult. - * + * *

* In particular, it is verified that: *

    @@ -500,7 +493,7 @@ public class XMLSignatureVerificationInvoker { *
  • The hash values of the TransformParameters are valid.
    • *
*

- * + * * @param request The VerifyXMLSignatureRequest containing the * signature to verify. * @param result The result produced by @@ -605,7 +598,7 @@ public class XMLSignatureVerificationInvoker { * Get all Transforms contained in all the * VerifyTransformsInfoProfiles of the given * ReferenceInfo. - * + * * @param refInfo The ReferenceInfo object containing the * transformations. * @return A List of Lists. Each of the @@ -637,7 +630,7 @@ public class XMLSignatureVerificationInvoker { /** * Build the Set of all TransformParameter URIs. - * + * * @param transformParameters The List of * TransformParameters, as provided to * the verification. @@ -658,7 +651,7 @@ public class XMLSignatureVerificationInvoker { /** * Build a mapping between TransformParameter URIs (a * String and dsig:HashValue (a byte[]). - * + * * @param request The VerifyXMLSignatureRequest. * @return Map The resulting mapping. * @throws MOAApplicationException An error occurred accessing one of the @@ -703,7 +696,7 @@ public class XMLSignatureVerificationInvoker { * Filter the ReferenceInfos returned by the * VerifyXMLSignatureResult for comparison with the * ReferenceInfo elements in the request. - * + * * @param referenceInfos The ReferenceInfos from the * VerifyXMLSignatureResult. * @return A List of all ReferenceInfos whose type is -- cgit v1.2.3