6 files changed, 63 insertions, 19 deletions

diff --git a/id/ConfigWebTool/pom.xml b/id/ConfigWebTool/pom.xml
index e30cad73b..ec027b497 100644
--- a/id/ConfigWebTool/pom.xml
+++ b/id/ConfigWebTool/pom.xml
@@ -104,10 +104,22 @@
         <dependency>
             <groupId>org.opensaml</groupId>
             <artifactId>opensaml</artifactId>
+            <exclusions>
+							<exclusion>
+								<groupId>org.slf4j</groupId>
+								<artifactId>log4j-over-slf4j</artifactId>
+							</exclusion>
+						</exclusions>
         </dependency>
         <dependency>
             <groupId>org.opensaml</groupId>
             <artifactId>xmltooling</artifactId>
+            <exclusions>
+							<exclusion>
+								<groupId>org.slf4j</groupId>
+								<artifactId>log4j-over-slf4j</artifactId>
+							</exclusion>
+						</exclusions>
         </dependency>
 
         <dependency>
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index a8ffd10bc..00d128ca5 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -226,11 +226,23 @@
 	<dependency>

   		<groupId>org.opensaml</groupId>

   		<artifactId>opensaml</artifactId>

-  	</dependency>  		

+  		<exclusions>

+				<exclusion>

+					<groupId>org.slf4j</groupId>

+					<artifactId>log4j-over-slf4j</artifactId>

+				</exclusion>

+			</exclusions>

+  </dependency>  		

 	<dependency>

 		<groupId>org.opensaml</groupId>

 		<artifactId>xmltooling</artifactId>

-	</dependency>

+		<exclusions>

+			<exclusion>

+				<groupId>org.slf4j</groupId>

+				<artifactId>log4j-over-slf4j</artifactId>

+			</exclusion>

+		</exclusions>

+	</dependency>  		

 

 <!-- 	<dependency>

 			<groupId>regexp</groupId>

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
index 80afd9f82..db36356c0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
@@ -3,7 +3,6 @@
 
 package at.gv.egovernment.moa.id.auth;
 
-import iaik.cms.ecc.IaikEccProvider;
 import iaik.pki.PKIException;
 import iaik.pki.jsse.IAIKX509TrustManager;
 import iaik.security.ecc.provider.ECCProvider;
@@ -11,12 +10,9 @@ import iaik.security.provider.IAIK;
 
 import java.io.IOException;
 import java.security.GeneralSecurityException;
-import java.security.Security;
-import java.util.Properties;
 
 import javax.activation.CommandMap;
 import javax.activation.MailcapCommandMap;
-import javax.mail.Session;
 import javax.net.ssl.SSLSocketFactory;
 
 import at.gv.egovernment.moa.id.config.ConfigurationException;
@@ -119,8 +115,8 @@ public class MOAIDAuthInitializer {
             Logger.warn(MOAIDMessageProvider.getInstance().getMessage(
                     "init.01", null), e);
         }
-
-        IAIK.addAsProvider();
+        
+        IAIK.addAsProvider();                
         ECCProvider.addAsProvider();
         
         // Initializes SSLSocketFactory store
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
index 2b687a0c8..284a77126 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
@@ -53,6 +53,7 @@ import iaik.utils.RFC2253NameParserException;
 import iaik.x509.X509Certificate;
 import iaik.x509.X509ExtensionInitException;
 
+import java.security.InvalidKeyException;
 import java.security.PublicKey;
 import java.security.interfaces.RSAPublicKey;
 import java.util.ArrayList;
@@ -266,14 +267,25 @@ public class VerifyXMLSignatureResponseValidator {
       }
       
       //compare ECDSAPublicKeys
-      if((idl.getPublicKey()[i] instanceof iaik.security.ecc.ecdsa.ECPublicKey) && 
-         (pubKeySignature instanceof iaik.security.ecc.ecdsa.ECPublicKey)) {
+      if( ( (idl.getPublicKey()[i] instanceof java.security.interfaces.ECPublicKey) || 
+    		  (idl.getPublicKey()[i] instanceof iaik.security.ecc.ecdsa.ECPublicKey)) && 
+         ( (pubKeySignature instanceof java.security.interfaces.ECPublicKey) || 
+        		(pubKeySignature instanceof iaik.security.ecc.ecdsa.ECPublicKey) ) ) {
 
-          ECPublicKey ecdsaPubKeySignature = (ECPublicKey) pubKeySignature;
-          ECPublicKey ecdsakey = (ECPublicKey) pubKeysIdentityLink[i];
+		try {
+			ECPublicKey ecdsaPubKeySignature = new ECPublicKey(pubKeySignature.getEncoded());
+			ECPublicKey ecdsakey = new ECPublicKey(pubKeysIdentityLink[i].getEncoded());
+			
+	        if(ecdsakey.equals(ecdsaPubKeySignature))
+	              found = true;
+			
+		} catch (InvalidKeyException e) {
+			Logger.warn("ECPublicKey can not parsed into a iaik.ECPublicKey", e);
+			throw new ValidateException("validator.09", null);
+		}
           
-          if(ecdsakey.equals(ecdsaPubKeySignature))
-              found = true;
+          
+
       }
       
 //  		Logger.debug("IDL-Pubkey=" + idl.getPublicKey()[i].getClass().getName()
diff --git a/id/server/stork2-commons/pom.xml b/id/server/stork2-commons/pom.xml
index d0fd5a1ad..555d6cec7 100644
--- a/id/server/stork2-commons/pom.xml
+++ b/id/server/stork2-commons/pom.xml
@@ -13,13 +13,21 @@
 	<properties>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<stork.version>1.4.0</stork.version>
-		<opensaml.version>2.6.2</opensaml.version>
+		<opensaml.version>2.6.3</opensaml.version>
 	</properties>
 	<version>${stork.version}</version>
   <description>
         The STORKCommons library provides beans, Java Interfaces and utility classes to integrate PEPS and SAML Engine.
   </description>
    
+  <repositories>
+		<repository>
+			<id>shibboleth.internet2.edu</id>
+			<name>Internet2</name>
+			<url>https://build.shibboleth.net/nexus/content/groups/public/</url>
+		</repository>
+	</repositories> 
+   
 	<dependencies>
 
 		<!-- Joda -->
@@ -55,8 +63,8 @@
 		</dependency>
 
 		<dependency>
-			<groupId>org.opensaml</groupId>
-			<artifactId>opensaml</artifactId>
+  		<groupId>org.opensaml</groupId>
+  		<artifactId>opensaml</artifactId>
 			<exclusions>
 				<exclusion>
 				    <groupId>org.slf4j</groupId>
diff --git a/id/server/stork2-saml-engine/pom.xml b/id/server/stork2-saml-engine/pom.xml
index 89ddab22a..30f2bff7c 100644
--- a/id/server/stork2-saml-engine/pom.xml
+++ b/id/server/stork2-saml-engine/pom.xml
@@ -49,12 +49,12 @@
 			<groupId>eu.stork</groupId>

 			<artifactId>Commons</artifactId>

 			<version>${commons.version}</version>

-			<exclusions>

+<!-- 			<exclusions>

 				<exclusion>

 					<groupId>org.bouncycastle</groupId>

 					<artifactId>bcprov-jdk16</artifactId>				

 				</exclusion>

-			</exclusions>

+			</exclusions> -->

 		</dependency>

 

 		<dependency>

@@ -82,6 +82,10 @@
 					<groupId>org.slf4j</groupId>

 					<artifactId>jul-to-slf4j</artifactId>

 				</exclusion>

+				<exclusion>

+					<artifactId>bcprov-jdk15on</artifactId>

+					<groupId>org.bouncycastle</groupId>

+				</exclusion>

 			</exclusions>

 		</dependency>