update at 2023/08/14
This commit is contained in:
114
tools/cmsign/cmsign.go
Normal file
114
tools/cmsign/cmsign.go
Normal file
@@ -0,0 +1,114 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"crypto"
|
||||
"crypto/rand"
|
||||
"crypto/rsa"
|
||||
"crypto/sha256"
|
||||
"crypto/x509"
|
||||
"encoding/base64"
|
||||
"encoding/pem"
|
||||
"flag"
|
||||
"fmt"
|
||||
"os"
|
||||
)
|
||||
|
||||
var UserName *string
|
||||
|
||||
func init() {
|
||||
//cfile := flag.String("c", defaultConfigFile, "config file")
|
||||
//pv := flag.Bool("v", false, "print version")
|
||||
//ph := flag.Bool("h", false, "print help")
|
||||
UserName = flag.String("u", "omc", "user name")
|
||||
|
||||
flag.Parse()
|
||||
// if *pv {
|
||||
// os.Exit(0)
|
||||
// }
|
||||
// if *ph {
|
||||
// flag.Usage()
|
||||
// os.Exit(0)
|
||||
// }
|
||||
|
||||
//ReadConfig(*cfile)
|
||||
}
|
||||
|
||||
func main() {
|
||||
// 假设你已经有了CMCA证书私钥和userName登录用户名
|
||||
privateKeyBytes, err := os.ReadFile("./private_key.pem")
|
||||
if err != nil {
|
||||
fmt.Println("Failed to read private key file:", err)
|
||||
return
|
||||
}
|
||||
//userName := "omc"
|
||||
|
||||
// 解析私钥
|
||||
privateKey, err := parsePrivateKey(privateKeyBytes)
|
||||
if err != nil {
|
||||
fmt.Println("Failed to parse private key:", err)
|
||||
return
|
||||
}
|
||||
|
||||
// 对用户名进行签名
|
||||
signature, err := sign(privateKey, *UserName)
|
||||
if err != nil {
|
||||
fmt.Println("Failed to sign username:", err)
|
||||
return
|
||||
}
|
||||
|
||||
// 将签名按Base64编码格式化输出
|
||||
signatureBase64 := base64.StdEncoding.EncodeToString(signature)
|
||||
fmt.Println("Signature:", signatureBase64)
|
||||
}
|
||||
|
||||
// 解析私钥
|
||||
// func parsePrivateKey(privateKeyBytes []byte) (*rsa.PrivateKey, error) {
|
||||
// privateKey, err := parsePrivateKey(privateKeyBytes)
|
||||
// if err != nil {
|
||||
// return nil, err
|
||||
// }
|
||||
// return privateKey, nil
|
||||
// }
|
||||
|
||||
// 解析私钥
|
||||
func parsePrivateKey(privateKeyBytes []byte) (*rsa.PrivateKey, error) {
|
||||
block, _ := pem.Decode(privateKeyBytes)
|
||||
if block == nil {
|
||||
return nil, fmt.Errorf("failed to decode private key")
|
||||
}
|
||||
|
||||
//privateKey, err := x509.ParsePKCS8PrivateKey(block.Bytes)
|
||||
privateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
// rsaPrivateKey, ok := privateKey.(*rsa.PrivateKey)
|
||||
// if !ok {
|
||||
// return nil, fmt.Errorf("private key is not RSA")
|
||||
// }
|
||||
|
||||
return privateKey, nil
|
||||
}
|
||||
|
||||
// 对数据进行签名
|
||||
func sign(privateKey *rsa.PrivateKey, data string) ([]byte, error) {
|
||||
hashed := sha256.Sum256([]byte(data))
|
||||
signature, err := rsa.SignPKCS1v15(rand.Reader, privateKey, crypto.SHA256, hashed[:])
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return signature, nil
|
||||
}
|
||||
|
||||
func readPrivateKey() {
|
||||
// 读取私钥文件
|
||||
privateKeyBytes, err := os.ReadFile("./private_key.pem")
|
||||
if err != nil {
|
||||
fmt.Println("Failed to read private key file:", err)
|
||||
return
|
||||
}
|
||||
|
||||
// 输出私钥内容
|
||||
fmt.Println(string(privateKeyBytes))
|
||||
}
|
||||
Reference in New Issue
Block a user