X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Fclub%2Fwpia%2Fgigi%2Fpages%2Faccount%2Fcerts%2FCertificateRequest.java;h=8a1bc5943ea8dad8c66ed7a5e360edd83278f13c;hp=4158e9ba751bce4f06d9f65f9f02045c8d80e31f;hb=376ad64d4bafc4b2db6990604758addf8fabbd3c;hpb=ca40eec05f7b3e6bd02014c30448af786aace969 diff --git a/src/club/wpia/gigi/pages/account/certs/CertificateRequest.java b/src/club/wpia/gigi/pages/account/certs/CertificateRequest.java index 4158e9ba..8a1bc594 100644 --- a/src/club/wpia/gigi/pages/account/certs/CertificateRequest.java +++ b/src/club/wpia/gigi/pages/account/certs/CertificateRequest.java @@ -16,6 +16,7 @@ import java.util.TreeSet; import club.wpia.gigi.GigiApiException; import club.wpia.gigi.crypto.SPKAC; +import club.wpia.gigi.crypto.key.KeyCheck; import club.wpia.gigi.dbObjects.Certificate; import club.wpia.gigi.dbObjects.Certificate.CSRType; import club.wpia.gigi.dbObjects.Certificate.SANType; @@ -108,7 +109,7 @@ public class CertificateRequest { this(c, csr, (CertificateProfile) null); } - public CertificateRequest(AuthorizationContext ctx, String csr, CertificateProfile cp) throws GeneralSecurityException, IOException, IOException { + public CertificateRequest(AuthorizationContext ctx, String csr, CertificateProfile cp) throws GeneralSecurityException, IOException, IOException, GigiApiException { this.ctx = ctx; if (cp != null) { profile = cp; @@ -190,6 +191,8 @@ public class CertificateRequest { } this.SANs = SANs; pk = parsed.getSubjectPublicKeyInfo(); + KeyCheck.checkKey(pk); + String sign = getSignatureAlgorithm(data); guessDigest(sign); @@ -206,12 +209,13 @@ public class CertificateRequest { throw new GigiApiException("Challenge mismatch"); } pk = parsed.getPubkey(); + KeyCheck.checkKey(pk); + String sign = getSignatureAlgorithm(data); guessDigest(sign); this.SANs = new HashSet<>(); this.csr = "SPKAC=" + cleanedSPKAC; this.csrType = CSRType.SPKAC; - } private static String getSignatureAlgorithm(byte[] data) throws IOException {