分类导航

Go 发布时间：2022-04-09 发布网站：大佬教程 code.js-code.com

大佬教程收集整理的这篇文章主要介绍了Golang1.7.3使用x509标准库创建自签名证书和签发名其他证书，大佬教程大佬觉得挺不错的，现在分享给大家，也给大家做个参考。

主代码:
@H_616_2@package rsa

@H_616_2@import (
    "crypto/rand"
    "crypto/rsa"
    "crypto/x509"
    "crypto/x509/pkix"
    "encoding/pem"
    "io/IoUtil"
    "math/big"
    rd "math/rand"
    "os"
    "time"
)

@H_616_2@func init() {
    rd.Seed(time.Now().UnixNano())
}

@H_616_2@type CerTinformation @H_616_2@struct {
    Country            []String
    Organization       []String
    OrganizationalUnit []String
    EmailAddress       []String
    province           []String
    Locality           []String
    CommonName         String
    CrtName,KeyName   String
    IsCA               bool
    Names              []pkix.AttributeTypeAndValue
}

@H_616_2@func CreateCRT(RootCa *x509.Certificate,RootKey *rsa.PrivateKey,info CerTinformation) error {
    Crt := newCertificate(info)
    Key,err := rsa.GenerateKey(rand.Reader, 2048)
    @H_616_2@if err != nil {
        @H_616_2@return err
    }

    @H_616_2@var buf []byte
    @H_616_2@if RootCa == nil || RootKey == nil {
        //创建自签名证书
        buf,err = x509.CreateCertificate(rand.Reader,Crt,&Key.PublicKey,Key)
    } @H_616_2@else {
        //使用根证书签名
        buf,RootCa,RootKey)
    }
    @H_616_2@if err != nil {
        @H_616_2@return err
    }

    err = write(info.CrtName,"CERTIFICATE",buf)
    @H_616_2@if err != nil {
        @H_616_2@return err
    }

    buf = x509.MarshalPKCS1PrivateKey(Key)
    @H_616_2@return write(info.KeyName,"PRIVATE KEY",buf)
}
//编码写入文件
@H_616_2@func write(filename,Type String,p []byte) error {
    File,err := os.Create(fileName)
    @H_616_2@defer File.Close()
    @H_616_2@if err != nil {
        @H_616_2@return err
    }
    @H_616_2@var b *pem.block = &pem.block{Bytes: p,Type: TypE}
    @H_616_2@return pem.Encode(File,b)
}

@H_616_2@func Parse(crtPath,keyPath String) (rootcertificate *x509.Certificate,rootPrivateKey *rsa.PrivateKey,err error) {
    rootcertificate,err = ParseCrt(crtPath)
    @H_616_2@if err != nil {
        @H_616_2@return
    }
    rootPrivateKey,err = ParseKey(keyPath)
    @H_616_2@return
}

@H_616_2@func ParseCrt(path String) (*x509.Certificate,error) {
    buf,err := IoUtil.ReadFile(path)
    @H_616_2@if err != nil {
        @H_616_2@return nil,err
    }
    p := &pem.block{}
    p,buf = pem.Decode(buf)
    @H_616_2@return x509.ParseCertificate(p.bytes)
}

@H_616_2@func ParseKey(path String) (*rsa.PrivateKey,err
    }
    p,buf := pem.Decode(buf)
    @H_616_2@return x509.ParsePKCS1PrivateKey(p.bytes)
}

@H_616_2@func newCertificate(info CerTinformation) *x509.Certificate {
    @H_616_2@return &x509.Certificate{
        serialnumber: big.NewInt(rd.Int63()),Subject: pkix.Name{
            Country:            info.Country,Organization:       info.organization,OrganizationalUnit: info.organizationalUnit,province:           info.province,CommonName:         info.CommonName,Locality:           info.Locality,ExtraNames:         info.Names,},NotBefore:             time.Now(),//证书的开始时间
        NotAfter:              time.Now().AddDate(20, 0, 0),//证书的结束时间
        BasicConsTraintsValid: true,//基本的有效性约束
        IsCA:           info.IsCA,//是否是根证书
        ExtKeyUsage:    []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth,x509.ExtKeyUsageServerAuth},//证书用途
        KeyUsage:       x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,EmailAddresses: info.EmailAddress,}
}

测试代码:
package rsa

import (
    "crypto/x509/pkix"
    "encoding/asn1"
    "os"
    "tesTing"
)

func test_crt(t *tesTing.T) {
    baseinfo := CerTinformation{Country: []String{"CN"},Organization: []String{"WS"},IsCA: @H_616_2@true,OrganizationalUnit: []String{"work-stacks"},EmailAddress: []String{"czxichen@163.com"},Locality: []String{"SuZhou"},province: []String{"JiangSu"},CommonName: "Work-Stacks",CrtName: "test_root.crt",KeyName: "test_root.key"}

    err := CreateCRT(@H_616_2@nil,@H_616_2@nil,baseinfo)
    @H_616_2@if err != @H_616_2@nil {
        t.Log("Create crt error,Error info:",err)
        @H_616_2@return
    }
    crTinfo := baseinfo
    crTinfo.IsCA = @H_616_2@false
    crTinfo.CrtName = "test_server.crt"
    crTinfo.KeyName = "test_server.key"
    crTinfo.Names = []pkix.AttributeTypeAndValue{{asn1.objectIdentifier{2,1,3},"MAC_ADDR"}} //添加扩展字段用来做自定义使用

    crt,pri,err := Parse(baseinfo.CrtName,baseinfo.KeyName)
    @H_616_2@if err != @H_616_2@nil {
        t.Log("Parse crt error,err)
        @H_616_2@return
    }
    err = CreateCRT(crt,crTinfo)
    @H_616_2@if err != @H_616_2@nil {
        t.Log("Create crt error,err)
    }
    os.Remove(baseinfo.CrtName)
    os.Remove(baseinfo.KeyName)
    os.Remove(crTinfo.CrtName)
    os.Remove(crTinfo.KeyName)
}

大佬总结

以上是大佬教程为你收集整理的Golang1.7.3使用x509标准库创建自签名证书和签发名其他证书全部内容，希望文章能够帮你解决Golang1.7.3使用x509标准库创建自签名证书和签发名其他证书所遇到的程序开发问题。

如果觉得大佬教程网站内容还不错，欢迎将大佬教程推荐给程序员好友。

本图文内容来源于网友网络收集整理提供，作为学习参考使用，版权属于原作者。
如您有任何意见或建议可联系处理。小编QQ：384754419，请注明来意。

标签：1 3 509 7 golang golang1.7.3 x x509 使用其他创建名库标准签名证书

上一篇: Golang的Semicolons 下一篇:使用golang快速开发微信公众平台...

猜你在找的Go相关文章

【第十二期】腾讯后台实习初试、复试、HR面经 (许愿OC) 2022-04-13
golang http的按序号发送，按序号接收 2019-10-06
Golang 常用字符串处理方法汇总 2019-10-06
关于GOROOT、GOPATH、GOBIN、project目录 2019-10-06
golang把io.ReadCloser类型转化为[]byte 2019-10-06
go-xorm使用mssql的小实例 2019-10-06
godbc中使用mssql的小实例 2019-10-06
golang-otto JS解释器 2019-10-06
golang-beego的使用 2019-10-06
golang-数据库详解 2019-10-06