From fe01914b6918107c234c3024c81b5777c0be946f Mon Sep 17 00:00:00 2001 From: Ivo Mattus Date: Thu, 28 Mar 2024 12:14:53 +0200 Subject: [PATCH] SIVA-629 Remove SecureRandom32OctetNonceSource and use SecureRandomNonceSource from DSS --- ...GenericValidationServiceConfiguration.java | 4 +- .../SecureRandom32OctetNonceSource.java | 39 ------------------- 2 files changed, 2 insertions(+), 41 deletions(-) delete mode 100644 validation-services-parent/generic-validation-service/src/main/java/ee/openeid/validation/service/generic/validator/SecureRandom32OctetNonceSource.java diff --git a/validation-services-parent/generic-validation-service/src/main/java/ee/openeid/validation/service/generic/configuration/GenericValidationServiceConfiguration.java b/validation-services-parent/generic-validation-service/src/main/java/ee/openeid/validation/service/generic/configuration/GenericValidationServiceConfiguration.java index 0be1e08c6..f979b4679 100644 --- a/validation-services-parent/generic-validation-service/src/main/java/ee/openeid/validation/service/generic/configuration/GenericValidationServiceConfiguration.java +++ b/validation-services-parent/generic-validation-service/src/main/java/ee/openeid/validation/service/generic/configuration/GenericValidationServiceConfiguration.java @@ -24,7 +24,6 @@ import ee.openeid.validation.service.generic.configuration.properties.TLevelSignatureFilterProperties; import ee.openeid.validation.service.generic.validator.RevocationFreshnessValidator; import ee.openeid.validation.service.generic.validator.RevocationFreshnessValidatorFactory; -import ee.openeid.validation.service.generic.validator.SecureRandom32OctetNonceSource; import ee.openeid.validation.service.generic.validator.TLevelSignatureOfNonListedCountryPredicate; import ee.openeid.validation.service.generic.validator.container.AsicContainerDataFileSizeValidator; import ee.openeid.validation.service.generic.validator.container.ContainerValidator; @@ -42,6 +41,7 @@ import eu.europa.esig.dss.enumerations.ASiCContainerType; import eu.europa.esig.dss.enumerations.DigestAlgorithm; import eu.europa.esig.dss.model.x509.CertificateToken; +import eu.europa.esig.dss.service.SecureRandomNonceSource; import eu.europa.esig.dss.service.http.commons.OCSPDataLoader; import eu.europa.esig.dss.service.ocsp.OnlineOCSPSource; import eu.europa.esig.dss.spi.tsl.TrustedListsCertificateSource; @@ -139,7 +139,7 @@ private static boolean isAsicContainer(Reports validationReports) { private static OnlineOCSPSource createOnlineOCSPSource() { OnlineOCSPSource onlineOCSPSource = new OnlineOCSPSource(new OCSPDataLoader()); - onlineOCSPSource.setNonceSource(new SecureRandom32OctetNonceSource()); + onlineOCSPSource.setNonceSource(new SecureRandomNonceSource()); onlineOCSPSource.setCertIDDigestAlgorithm(DigestAlgorithm.SHA1); return onlineOCSPSource; } diff --git a/validation-services-parent/generic-validation-service/src/main/java/ee/openeid/validation/service/generic/validator/SecureRandom32OctetNonceSource.java b/validation-services-parent/generic-validation-service/src/main/java/ee/openeid/validation/service/generic/validator/SecureRandom32OctetNonceSource.java deleted file mode 100644 index 231bd7def..000000000 --- a/validation-services-parent/generic-validation-service/src/main/java/ee/openeid/validation/service/generic/validator/SecureRandom32OctetNonceSource.java +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright 2023 - 2024 Riigi Infosüsteemi Amet - * - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * - * https://joinup.ec.europa.eu/software/page/eupl - * - * Unless required by applicable law or agreed to in writing, software distributed under the Licence is - * distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and limitations under the Licence. - */ - -package ee.openeid.validation.service.generic.validator; - -import eu.europa.esig.dss.service.NonceSource; - -import java.math.BigInteger; -import java.security.SecureRandom; - -public class SecureRandom32OctetNonceSource implements NonceSource { - - private final SecureRandom secureRandom = new SecureRandom(); - - @Override - public byte[] getNonceValue() { - byte[] bytes = new byte[32]; - secureRandom.nextBytes(bytes); - return bytes; - } - - @Override - public BigInteger getNonce() { - return new BigInteger(getNonceValue()); - } -}