NodeJS获取SubjectPublicKeyInfo

huangapple go评论115阅读模式
英文:

NodeJS get SubjectPublicKeyInfo

问题

我尝试将这段Go代码转换为NodeJS。这段Go代码下载给定主机的TLS证书,并为主题公钥信息创建一个哈希值。

func Fingerprint(c *x509.Certificate) string {
    digest := sha256.Sum256(c.RawSubjectPublicKeyInfo)
    return base64.StdEncoding.EncodeToString(digest[:])
}

func fromServer(server string) error {
    conn, err := tls.Dial("tcp", server, &tls.Config{
        InsecureSkipVerify: true,
    })

    if err != nil {return err}

    for _, cert := range conn.ConnectionState().PeerCertificates {
        fmt.Println(Fingerprint(cert))
    }

    return nil
}

完整代码

我写了以下代码:

function fingerprint(cert) {
    const digest = crypto.createHash('sha256').update(cert).digest();
    return Buffer.from(digest).toString('base64');
}

function fromServer(server) {
    const socket = tls.connect({ host: server.split(':')[0], port: server.split(':')[1], rejectUnauthorized: false }, () => {
        const cert = socket.getPeerCertificate();
        // console.log(fingerprint(cert.??))
        
        socket.end();
    });
}

我的问题是,我找不到用于指纹的值。在Go代码中,我使用fmt.Println(hex.EncodeToString(c.RawSubjectPublicKeyInfo))记录了RawSubjectPublicKeyInfo的值,而在NodeJS中,我无法找到它的"独立"值或将原始证书转换的方法。

英文:

I try to convert this Go code into NodeJS. The Go code downloads the tls cert for a given host and creates a hash for the subject pulic key info.

func Fingerprint(c *x509.Certificate) string {
	digest := sha256.Sum256(c.RawSubjectPublicKeyInfo)
	return base64.StdEncoding.EncodeToString(digest[:])
}

func fromServer(server string) error {
	conn, err := tls.Dial("tcp", server, &tls.Config{
		InsecureSkipVerify: true,
	})

	if err != nil {return err}

	for _, cert := range conn.ConnectionState().PeerCertificates {
		fmt.Println(Fingerprint(cert))
	}

	return nil
}

Full Code

I came up with this code

function fingerprint(cert) {
    const digest = crypto.createHash('sha256').update(cert).digest();
    return Buffer.from(digest).toString('base64');
}

function fromServer(server) {
    const socket = tls.connect({ host: server.split(':')[0], port: server.split(':')[1], rejectUnauthorized: false }, () => {
        const cert = socket.getPeerCertificate();
        // console.log(fingerprint(cert.??))
        
        socket.end();
    });
}

My problem is that i cant find the value the is used for the fingerprint. In Go i logged theRawSubjectPublicKeyInfo with fmt.Println(hex.EncodeToString(c.RawSubjectPublicKeyInfo)) and the value is part of the NodeJS cert.raw.toString('hex') but i didn't found it "standalone" or a way to convert the raw cert.

答案1

得分: 1

这个文档没有具体说明,但是.pubkey是一个包含(DER编码的)SPKI的Buffer,这正是你想要的。至少从dockerhub的node:10-alpine版本开始有这个属性;8或更低版本似乎没有。

英文:

The doc isn't specific, but .pubkey is a Buffer containing (DER-encoded) SPKI, which is what you want. At least since the version in dockerhub's node:10-alpine; 8 or lower doesn't seem to have it.

huangapple
  • 本文由 发表于 2023年4月24日 07:14:29
  • 转载请务必保留本文链接:https://go.coder-hub.com/76087702.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定