Fix thread-safety by creating a new DigestCalculator each time SubjectCertificateNotRevokedValidator.getCertificateId() is called

WE2-1068

Signed-off-by: Mart Somermaa <[email protected]>

Author: mrts

src/main/java/eu/webeid/security/validator/certvalidators/SubjectCertificateNotRevokedValidator.java

@@ -60,7 +60,6 @@
 public final class SubjectCertificateNotRevokedValidator {
 
     private static final Logger LOG = LoggerFactory.getLogger(SubjectCertificateNotRevokedValidator.class);
-    private static final DigestCalculator DIGEST_CALCULATOR = DigestCalculatorImpl.sha1();
 
     private final SubjectCertificateTrustedValidator trustValidator;
     private final OcspClient ocspClient;
@@ -197,7 +196,8 @@ private static void checkNonce(OCSPReq request, BasicOCSPResp response) throws U
 
     private static CertificateID getCertificateId(X509Certificate subjectCertificate, X509Certificate issuerCertificate) throws CertificateEncodingException, IOException, OCSPException {
         final BigInteger serial = subjectCertificate.getSerialNumber();
-        return new CertificateID(DIGEST_CALCULATOR,
+        final DigestCalculator digestCalculator = DigestCalculatorImpl.sha1();
+        return new CertificateID(digestCalculator,
             new X509CertificateHolder(issuerCertificate.getEncoded()), serial);
     }