update libraries

 - opensaml > 2.6.3
 - iaik-moa > 1.51
 - iaik_jce_full > 5.2
 - iaik_cms > 5.0

2 files changed, 20 insertions, 12 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
index 80afd9f82..db36356c0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
@@ -3,7 +3,6 @@
 
 package at.gv.egovernment.moa.id.auth;
 
-import iaik.cms.ecc.IaikEccProvider;
 import iaik.pki.PKIException;
 import iaik.pki.jsse.IAIKX509TrustManager;
 import iaik.security.ecc.provider.ECCProvider;
@@ -11,12 +10,9 @@ import iaik.security.provider.IAIK;
 
 import java.io.IOException;
 import java.security.GeneralSecurityException;
-import java.security.Security;
-import java.util.Properties;
 
 import javax.activation.CommandMap;
 import javax.activation.MailcapCommandMap;
-import javax.mail.Session;
 import javax.net.ssl.SSLSocketFactory;
 
 import at.gv.egovernment.moa.id.config.ConfigurationException;
@@ -119,8 +115,8 @@ public class MOAIDAuthInitializer {
             Logger.warn(MOAIDMessageProvider.getInstance().getMessage(
                     "init.01", null), e);
         }
-
-        IAIK.addAsProvider();
+        
+        IAIK.addAsProvider();                
         ECCProvider.addAsProvider();
         
         // Initializes SSLSocketFactory store
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
index 2b687a0c8..284a77126 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
@@ -53,6 +53,7 @@ import iaik.utils.RFC2253NameParserException;
 import iaik.x509.X509Certificate;
 import iaik.x509.X509ExtensionInitException;
 
+import java.security.InvalidKeyException;
 import java.security.PublicKey;
 import java.security.interfaces.RSAPublicKey;
 import java.util.ArrayList;
@@ -266,14 +267,25 @@ public class VerifyXMLSignatureResponseValidator {
       }
       
       //compare ECDSAPublicKeys
-      if((idl.getPublicKey()[i] instanceof iaik.security.ecc.ecdsa.ECPublicKey) && 
-         (pubKeySignature instanceof iaik.security.ecc.ecdsa.ECPublicKey)) {
+      if( ( (idl.getPublicKey()[i] instanceof java.security.interfaces.ECPublicKey) || 
+    		  (idl.getPublicKey()[i] instanceof iaik.security.ecc.ecdsa.ECPublicKey)) && 
+         ( (pubKeySignature instanceof java.security.interfaces.ECPublicKey) || 
+        		(pubKeySignature instanceof iaik.security.ecc.ecdsa.ECPublicKey) ) ) {
 
-          ECPublicKey ecdsaPubKeySignature = (ECPublicKey) pubKeySignature;
-          ECPublicKey ecdsakey = (ECPublicKey) pubKeysIdentityLink[i];
+		try {
+			ECPublicKey ecdsaPubKeySignature = new ECPublicKey(pubKeySignature.getEncoded());
+			ECPublicKey ecdsakey = new ECPublicKey(pubKeysIdentityLink[i].getEncoded());
+			
+	        if(ecdsakey.equals(ecdsaPubKeySignature))
+	              found = true;
+			
+		} catch (InvalidKeyException e) {
+			Logger.warn("ECPublicKey can not parsed into a iaik.ECPublicKey", e);
+			throw new ValidateException("validator.09", null);
+		}
           
-          if(ecdsakey.equals(ecdsaPubKeySignature))
-              found = true;
+          
+
       }
       
 //  		Logger.debug("IDL-Pubkey=" + idl.getPublicKey()[i].getClass().getName()