]*name=\"SPKAC\" [^>]*challenge=\"([^\"]*)\"/>"));
SPKAC spk = new SPKAC((X509Key) kp.getPublic(), challenge + (correctChallenge ? "" : "b"));
Signature sign = Signature.getInstance("SHA512WithRSA");
sign.initSign(kp.getPrivate());
try {
String[] res = fillOutFormDirect("SPKAC=" + URLEncoder.encode(Base64.getEncoder().encodeToString(spk.getEncoded(sign)), "UTF-8"));
if ( !correctChallenge) {
fail("Should not succeed with wrong challenge.");
}
assertArrayEquals(new String[] {
"client", CertificateRequest.DEFAULT_CN, "", Digest.SHA512.toString()
}, res);
} catch (OnPageError e) {
String error = fetchStartErrorMessage(e.getMessage());
assertTrue(error, error.startsWith("Challenge mismatch"));
}
return csrf;
}
private PKCS10Attributes buildAtts(ObjectIdentifier[] ekuOIDs, GeneralNameInterface... SANs) throws IOException {
CertificateExtensions attributeValue = new CertificateExtensions();
GeneralNames names = new GeneralNames();
for (GeneralNameInterface name : SANs) {
names.add(new GeneralName(name));
}
attributeValue.set("SANs", new SubjectAlternativeNameExtension(names));
PKCS10Attributes atts = new PKCS10Attributes(new PKCS10Attribute[] {
new PKCS10Attribute(PKCS9Attribute.EXTENSION_REQUEST_OID, attributeValue)
});
ExtendedKeyUsageExtension eku = new ExtendedKeyUsageExtension(//
new Vector<>(Arrays.asList(ekuOIDs)));
attributeValue.set("eku", eku);
return atts;
}
private final URL ncert = new URL("https://" + getServerName() + CertificateAdd.PATH);
private String[] fillOutForm(String pem) throws IOException {
HttpURLConnection uc = (HttpURLConnection) ncert.openConnection();
uc.setRequestProperty("Cookie", cookie);
csrf = getCSRF(uc);
return fillOutFormDirect(pem);
}
private String[] fillOutFormDirect(String pem) throws IOException {
HttpURLConnection uc = (HttpURLConnection) ncert.openConnection();
uc.setRequestProperty("Cookie", cookie);
uc.setDoOutput(true);
uc.getOutputStream().write(("csrf=" + URLEncoder.encode(csrf, "UTF-8") + "&" + pem).getBytes("UTF-8"));
uc.getOutputStream().flush();
return extractFormData(uc);
}
private String[] extractFormData(HttpURLConnection uc) throws IOException, Error {
String result = IOUtils.readURL(uc);
if (hasError().matches(result)) {
throw new OnPageError(result);
}
String profileKey = extractPattern(result, Pattern.compile("