diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2015-09-01 10:30:05 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2015-09-01 10:30:05 +0200 |
commit | 4c8933e8f1a6221da53591c9be68841b1ca90a28 (patch) | |
tree | bdb2a5894c6cc37bd5bf851601ece0b37f26c5c6 /id/server/stork2-saml-engine/src | |
parent | d1a572b986616206ebb577ea345f2abf7e9d269c (diff) | |
download | moa-id-spss-4c8933e8f1a6221da53591c9be68841b1ca90a28.tar.gz moa-id-spss-4c8933e8f1a6221da53591c9be68841b1ca90a28.tar.bz2 moa-id-spss-4c8933e8f1a6221da53591c9be68841b1ca90a28.zip |
handle bug in boundcycastle implementation (certificate eMail identifier)
Diffstat (limited to 'id/server/stork2-saml-engine/src')
-rw-r--r-- | id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java index 1ca857e9e..59f665449 100644 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java @@ -229,13 +229,18 @@ public class SignSW implements SAMLEngineSignI { final String serialNum = certificate.getSerialNumber().toString(16); - X509Principal issuerDN = new X509Principal(certificate.getIssuerDN().getName()); - X509Principal issuerDNConf = new X509Principal(issuer); - - if (serialNum.equalsIgnoreCase(serialNumber) && X509PrincipalUtil.X509equals(issuerDN, issuerDNConf)) { - alias = aliasCert; - find = true; - } + try { + X509Principal issuerDN = new X509Principal(certificate.getIssuerDN().getName()); + X509Principal issuerDNConf = new X509Principal(issuer); + + if (serialNum.equalsIgnoreCase(serialNumber) && X509PrincipalUtil.X509equals(issuerDN, issuerDNConf)) { + alias = aliasCert; + find = true; + } + + } catch (Exception ex) { + LOG.error("Exception during signing: " + ex.getMessage()); // Added as a workaround for Bouncycastle email error + } } if (!find) { throw new SAMLEngineException("Certificate cannot be found in keystore "); |