将模数指数转换为X.509证书的Go语言代码。

huangapple
go评论92阅读模式
英文:

Go Language Convert Modulus exponent to X.509 certificate

问题

我看到了很多关于如何将X.509转换为指数模数的示例,但我没有看到反向的示例。

我从密钥端点获取的值如下所示:

{
  "keys": [
    {
      "alg": "RS256",
      "e": "AQAB",
      "n": "ok6rvXu95337IxsDXrKzlIqw_I_zPDG8JyEw2CTOtNMoDi1QzpXQVMGj2snNEmvNYaCTmFf51I-EDgeFLLexr40jzBXlg72quV4aw4yiNuxkigW0gMA92OmaT2jMRIdDZM8mVokoxyPfLub2YnXHFq0XuUUgkX_TlutVhgGbyPN0M12teYZtMYo2AUzIRggONhHvnibHP0CPWDjCwSfp3On1Recn4DPxbn3DuGslF2myalmCtkujNcrhHLhwYPP-yZFb8e0XSNTcQvXaQxAqmnWH6NXcOtaeWMQe43PNTAyNinhndgI8ozG3Hz-1NzHssDH_yk6UYFSszhDbWAzyqw",
      "kid": "wyMwK4A6CL9Qw11uofVeyQ119XyX-xykymkkXygZ5OM",
      "kty": "RSA",
      "use": "sig"
    },
    {
      "alg": "RS256",
      "e": "AQAB",
      "n": "nXv6FSAcMjuanQ2hIIUb8Vkqe94t98kPh2T8-0j6-Jq8pOclgKdtVeIZcBE9F_XiuJvg4b6WVs-uvA-pS8mmMvQ21xU5Q_37Cojv8v_QlHWETHwEJdXXiY2Xq5LgXDSwEhhdDZHSMQYDuvhp_P6nl2LNqqUvJkjoFWcnn2btgSIUQROIaDdxtx7_2h4oUi5u11BGSF2SZZiEpDAKT08Htv3uwXdwDA6ll99fbi8X8RmH5oY_tIZTeIzu50qHxElPewoYO8QrJYsO9oFcCPMHGxYWjXQEa-QZYgo0wS9zRIkeJc5kshc4-9Uhv2DVIjk_-ofGlML9ieggGyillBKptw",
      "kid": "GRF55Lbzgg4sANCmER-sm55eX_qUOpY8UTptDmDG_6U",
      "kty": "RSA",
      "use": "sig"
    }
  ]
}

我认为这是密钥:

ok6rvXu95337IxsDXrKzlIqw_I_zPDG8JyEw2CTOtNMoDi1QzpXQVMGj2snNEmvNYaCTmFf51I-EDgeFLLexr40jzBXlg72quV4aw4yiNuxkigW0gMA92OmaT2jMRIdDZM8mVokoxyPfLub2YnXHFq0XuUUgkX_TlutVhgGbyPN0M12teYZtMYo2AUzIRggONhHvnibHP0CPWDjCwSfp3On1Recn4DPxbn3DuGslF2myalmCtkujNcrhHLhwYPP-yZFb8e0XSNTcQvXaQxAqmnWH6NXcOtaeWMQe43PNTAyNinhndgI8ozG3Hz-1NzHssDH_yk6UYFSszhDbWAzyqw

var key = "ok6rvXu95337IxsDXrKzlIqw_I_zPDG8JyEw2CTOtNMoDi1QzpXQVMGj2snNEmvNYaCTmFf51I-EDgeFLLexr40jzBXlg72quV4aw4yiNuxkigW0gMA92OmaT2jMRIdDZM8mVokoxyPfLub2YnXHFq0XuUUgkX_TlutVhgGbyPN0M12teYZtMYo2AUzIRggONhHvnibHP0CPWDjCwSfp3On1Recn4DPxbn3DuGslF2myalmCtkujNcrhHLhwYPP-yZFb8e0XSNTcQvXaQxAqmnWH6NXcOtaeWMQe43PNTAyNinhndgI8ozG3Hz-1NzHssDH_yk6UYFSszhDbWAzyqw"

预期输出

我正在尝试将其转换为以下格式的.PEM:

-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDfu6fJMNQNy13wCYvlIuKPBfBt
BHgeAeUbrn4JVmuAJGnQ2i08RizbWPzbckWQX8IXQJkYykCU1YJ+Y98tLPo/276c
zJLaFXhwe4qzocQ52SXSMTTTGN51CgYEAfNY4PJTU3gayahC0iYkV0CHuT8liVsEdV67X0DXMBpCAjNSwIDAQAB
-----END PUBLIC KEY----- –

如果有人能指导我如何在Go语言中完成这个任务,我将不胜感激。我还会将其放在Go Lang playground上,以便其他人可以使用。

英文:

I have seen a lot of examples of how to convert a X.509 to Exponent Modulus, but I have not seen the reverse.

The values I have from my key endpoint look like this:

{
  "keys": [
    {
      "alg": "RS256",
      "e": "AQAB",
      "n": "ok6rvXu95337IxsDXrKzlIqw_I_zPDG8JyEw2CTOtNMoDi1QzpXQVMGj2snNEmvNYaCTmFf51I-EDgeFLLexr40jzBXlg72quV4aw4yiNuxkigW0gMA92OmaT2jMRIdDZM8mVokoxyPfLub2YnXHFq0XuUUgkX_TlutVhgGbyPN0M12teYZtMYo2AUzIRggONhHvnibHP0CPWDjCwSfp3On1Recn4DPxbn3DuGslF2myalmCtkujNcrhHLhwYPP-yZFb8e0XSNTcQvXaQxAqmnWH6NXcOtaeWMQe43PNTAyNinhndgI8ozG3Hz-1NzHssDH_yk6UYFSszhDbWAzyqw",
      "kid": "wyMwK4A6CL9Qw11uofVeyQ119XyX-xykymkkXygZ5OM",
      "kty": "RSA",
      "use": "sig"
    },
    {
      "alg": "RS256",
      "e": "AQAB",
      "n": "nXv6FSAcMjuanQ2hIIUb8Vkqe94t98kPh2T8-0j6-Jq8pOclgKdtVeIZcBE9F_XiuJvg4b6WVs-uvA-pS8mmMvQ21xU5Q_37Cojv8v_QlHWETHwEJdXXiY2Xq5LgXDSwEhhdDZHSMQYDuvhp_P6nl2LNqqUvJkjoFWcnn2btgSIUQROIaDdxtx7_2h4oUi5u11BGSF2SZZiEpDAKT08Htv3uwXdwDA6ll99fbi8X8RmH5oY_tIZTeIzu50qHxElPewoYO8QrJYsO9oFcCPMHGxYWjXQEa-QZYgo0wS9zRIkeJc5kshc4-9Uhv2DVIjk_-ofGlML9ieggGyillBKptw",
      "kid": "GRF55Lbzgg4sANCmER-sm55eX_qUOpY8UTptDmDG_6U",
      "kty": "RSA",
      "use": "sig"
    }
  ]
}

I think this is the Key:

ok6rvXu95337IxsDXrKzlIqw_I_zPDG8JyEw2CTOtNMoDi1QzpXQVMGj2snNEmvNYaCTmFf51I-EDgeFLLexr40jzBXlg72quV4aw4yiNuxkigW0gMA92OmaT2jMRIdDZM8mVokoxyPfLub2YnXHFq0XuUUgkX_TlutVhgGbyPN0M12teYZtMYo2AUzIRggONhHvnibHP0CPWDjCwSfp3On1Recn4DPxbn3DuGslF2myalmCtkujNcrhHLhwYPP-yZFb8e0XSNTcQvXaQxAqmnWH6NXcOtaeWMQe43PNTAyNinhndgI8ozG3Hz-1NzHssDH_yk6UYFSszhDbWAzyqw

var key = "ok6rvXu95337IxsDXrKzlIqw_I_zPDG8JyEw2CTOtNMoDi1QzpXQVMGj2snNEmvNYaCTmFf51I-EDgeFLLexr40jzBXlg72quV4aw4yiNuxkigW0gMA92OmaT2jMRIdDZM8mVokoxyPfLub2YnXHFq0XuUUgkX_TlutVhgGbyPN0M12teYZtMYo2AUzIRggONhHvnibHP0CPWDjCwSfp3On1Recn4DPxbn3DuGslF2myalmCtkujNcrhHLhwYPP-yZFb8e0XSNTcQvXaQxAqmnWH6NXcOtaeWMQe43PNTAyNinhndgI8ozG3Hz-1NzHssDH_yk6UYFSszhDbWAzyqw"

Expected Output

I'm trying to convert into .PEM format like this

-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDfu6fJMNQNy13wCYvlIuKPBfBt
BHgeAeUbrn4JVmuAJGnQ2i08RizbWPzbckWQX8IXQJkYykCU1YJ+Y98tLPo/276c
zJLaFXhwe4qzocQ52SXSMTTTGN51CgYEAfNY4PJTU3gayahC0iYkV0CHuT8liVsEdV67X0DXMBpCAjNSwIDAQAB
-----END PUBLIC KEY----- –

If anyone can point me in the right direction to do this in the GO language would be appreciated. I'll also put it on the Go Lang playground so others can use it.

答案1

得分: 9

你可以直接将值放入rsa.PublicKey中,这样就可以直接使用。由于你想将其编码为 pem 编码的 x.509,你可以使用x509.MarshalPKIXPublicKey函数将 der 块编组,并使用 pem 包进行编码。

在将示例中的第一个密钥解组为jwk之后:

// 解码 n 的 base64 字节
nb, err := base64.RawURLEncoding.DecodeString(jwk["n"])
if err != nil {
    log.Fatal(err)
}

e := 65537
// 默认指数通常为 65537,因此只需比较 base64 的 [1,0,1] 或 [0,1,0,1]
if jwk["e"] != "AQAB" && jwk["e"] != "AAEAAQ" {
    // 仍然需要解码大端整数
    log.Fatal("需要解码 e:", jwk["e"])
}

pk := &rsa.PublicKey{
    N: new(big.Int).SetBytes(nb),
    E: e,
}

der, err := x509.MarshalPKIXPublicKey(pk)
if err != nil {
    log.Fatal(err)
}

block := &pem.Block{
    Type:  "RSA PUBLIC KEY",
    Bytes: der,
}

var out bytes.Buffer
pem.Encode(&out, block)
fmt.Println(out.String())

这将输出:

-----BEGIN RSA PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAok6rvXu95337IxsDXrKz
lIqw/I/zPDG8JyEw2CTOtNMoDi1QzpXQVMGj2snNEmvNYaCTmFf51I+EDgeFLLex
r40jzBXlg72quV4aw4yiNuxkigW0gMA92OmaT2jMRIdDZM8mVokoxyPfLub2YnXH
Fq0XuUUgkX/TlutVhgGbyPN0M12teYZtMYo2AUzIRggONhHvnibHP0CPWDjCwSfp
3On1Recn4DPxbn3DuGslF2myalmCtkujNcrhHLhwYPP+yZFb8e0XSNTcQvXaQxAq
mnWH6NXcOtaeWMQe43PNTAyNinhndgI8ozG3Hz+1NzHssDH/yk6UYFSszhDbWAzy
qwIDAQAB
-----END RSA PUBLIC KEY-----

链接:https://play.golang.org/p/Ch6Nr9F6Ik

英文:

You can put the values directly into an rsa.PublicKey, which can be used as is. Since you want to encode that as a pem encoded x.509, you can use the x509.MarshalPKIXPublicKey function to marshal the der block, and encode that with the pem package.

After unmarshaling the first key in your example to jwk:

// decode the base64 bytes for n
nb, err := base64.RawURLEncoding.DecodeString(jwk["n"])
if err != nil {
	log.Fatal(err)
}

e := 65537
// The default exponent is usually 65537, so just compare the
// base64 for [1,0,1] or [0,1,0,1]
if jwk["e"] != "AQAB" && jwk["e"] != "AAEAAQ" {
	// still need to decode the big-endian int
	log.Fatal("need to deocde e:", jwk["e"])
}

pk := &rsa.PublicKey{
	N: new(big.Int).SetBytes(nb),
	E: e,
}

der, err := x509.MarshalPKIXPublicKey(pk)
if err != nil {
	log.Fatal(err)
}

block := &pem.Block{
	Type:  "RSA PUBLIC KEY",
	Bytes: der,
}

var out bytes.Buffer
pem.Encode(&out, block)
fmt.Println(out.String())

Which will output:

-----BEGIN RSA PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAok6rvXu95337IxsDXrKz
lIqw/I/zPDG8JyEw2CTOtNMoDi1QzpXQVMGj2snNEmvNYaCTmFf51I+EDgeFLLex
r40jzBXlg72quV4aw4yiNuxkigW0gMA92OmaT2jMRIdDZM8mVokoxyPfLub2YnXH
Fq0XuUUgkX/TlutVhgGbyPN0M12teYZtMYo2AUzIRggONhHvnibHP0CPWDjCwSfp
3On1Recn4DPxbn3DuGslF2myalmCtkujNcrhHLhwYPP+yZFb8e0XSNTcQvXaQxAq
mnWH6NXcOtaeWMQe43PNTAyNinhndgI8ozG3Hz+1NzHssDH/yk6UYFSszhDbWAzy
qwIDAQAB
-----END RSA PUBLIC KEY-----

https://play.golang.org/p/Ch6Nr9F6Ik

huangapple
  • 本文由 发表于 2016年12月14日 01:22:51
  • 转载请务必保留本文链接:https://go.coder-hub.com/41127019.html
  • certificate
  • go
  • pem
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定