- if (csr != null) {
- PKCS10 parsed = parseCSR(csr);
- out.println(parsed.getSubjectName().getCommonName());
- out.println(parsed.getSubjectName().getCountry());
- out.println("CSR DN: " + parsed.getSubjectName() + "<br/>");
- PublicKey pk = parsed.getSubjectPublicKeyInfo();
- out.println("Type: " + pk.getAlgorithm() + "<br/>");
- if (pk instanceof RSAPublicKey) {
- out.println("Exponent: " + ((RSAPublicKey) pk).getPublicExponent() + "<br/>");
- out.println("Length: " + ((RSAPublicKey) pk).getModulus().bitLength());
- } else if (pk instanceof DSAPublicKey) {
- DSAPublicKey dpk = (DSAPublicKey) pk;
- out.println("Length: " + dpk.getY().bitLength() + "<br/>");
- out.println(dpk.getParams());
- } else if (pk instanceof ECPublicKey) {
- ECPublicKey epk = (ECPublicKey) pk;
- out.println("Length-x: " + epk.getW().getAffineX().bitLength() + "<br/>");
- out.println("Length-y: " + epk.getW().getAffineY().bitLength() + "<br/>");
- out.println(epk.getParams().getCurve());
- }
- out.println("<br/>digest: sha256<br/>");
- this.csr = csr;
- this.csrType = CSRType.CSR;
- } else if (spkac != null) {
- String cleanedSPKAC = "SPKAC=" + spkac.replaceAll("[\r\n]", "");
- try {
- checkSPKAC(cleanedSPKAC, spkacChallange);
- this.csr = cleanedSPKAC;
+ try {
+ if (csr != null) {
+ byte[] data = PEM.decode("(NEW )?CERTIFICATE REQUEST", csr);
+ PKCS10 parsed = new PKCS10(data);
+
+ out.println(parsed.getSubjectName().getCommonName());
+ out.println(parsed.getSubjectName().getCountry());
+ out.println("CSR DN: " + parsed.getSubjectName() + "<br/>");
+ PublicKey pk = parsed.getSubjectPublicKeyInfo();
+ checkKeyStrength(pk, out);
+ String sign = getSignatureAlgorithm(data);
+ out.println("<br/>digest: " + sign + "<br/>");
+
+ this.csr = csr;
+ this.csrType = CSRType.CSR;
+ } else if (spkac != null) {
+ String cleanedSPKAC = spkac.replaceAll("[\r\n]", "");
+ byte[] data = Base64.getDecoder().decode(cleanedSPKAC);
+ SPKAC parsed = new SPKAC(data);
+ if ( !parsed.getChallenge().equals(spkacChallange)) {
+ throw new GigiApiException("Challange mismatch");
+ }
+ checkKeyStrength(parsed.getPubkey(), out);
+ String sign = getSignatureAlgorithm(data);
+ out.println("<br/>digest: " + sign + "<br/>");
+
+ // spkacChallange
+ this.csr = "SPKAC=" + cleanedSPKAC;