handle bug in boundcycastle implementation (certificate eMail identifier)

1 files changed, 12 insertions, 7 deletions

diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java
index 1ca857e9e..59f665449 100644
--- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java
@@ -229,13 +229,18 @@ public class SignSW implements SAMLEngineSignI {
 
 				final String serialNum = certificate.getSerialNumber().toString(16);
 
-				X509Principal issuerDN = new X509Principal(certificate.getIssuerDN().getName());
-				X509Principal issuerDNConf = new X509Principal(issuer);
-
-				if (serialNum.equalsIgnoreCase(serialNumber) && X509PrincipalUtil.X509equals(issuerDN, issuerDNConf)) {
-					alias = aliasCert;
-					find = true;
-				}
+				try {
+					X509Principal issuerDN = new X509Principal(certificate.getIssuerDN().getName());
+					X509Principal issuerDNConf = new X509Principal(issuer);
+
+					if (serialNum.equalsIgnoreCase(serialNumber) && X509PrincipalUtil.X509equals(issuerDN, issuerDNConf)) {
+						alias = aliasCert;
+						find = true;
+					}
+					
+				 } catch (Exception ex) {
+	                    LOG.error("Exception during signing: " + ex.getMessage());     // Added as a workaround for Bouncycastle email error
+	             }
 			}
 			if (!find) {
 				throw new SAMLEngineException("Certificate cannot be found in keystore ");