php小编新一在本文中将为大家介绍如何通过Go语言从SSL证书中获取"subject/unstructuredName"的值。SSL证书是网站安全的基础,其中的"subject"字段包含了网站的相关信息。而"unstructuredName"字段则提供了进一步的详细信息。掌握如何提取这些值,可以帮助我们更好地理解和管理SSL证书,提高网站的安全性和可信度。在接下来的内容中,我们将通过示例代码和解释来详细介绍这一过程。
我正在尝试将一些 python 代码迁移到 golang。 代码需要从 ssl 证书主题获取 unstructedname 的值。
这是它在 python 中的工作原理:
from cryptography import x509 from cryptography.x509.oid import nameoid from cryptography.hazmat.backends import default_backend pem = b"""\ -----begin certificate----- miidctccalmgawibagiunjbltje6i/s9pjn8kgixyi2iw58wdqyjkozihvcnaqel bqawsteumbiga1ueawwlzxhhbxbszs5jb20xfjaubgnvbaomduv4yw1wbgusielu yy4xgtaxbgnvbasmeev4yw1wbgugrgl2axnpb24whhcnmjixmti5mtu1ndmxwhcn mzcxmti2mtu1ndmxwjcbmzelmakga1uebhmcvvmxezarbgnvbagmcknhbglmb3ju awexfjaubgnvbacmdvnhbibgcmfuy2lzy28xgjaybgnvbaomevnvbwugt3jnyw5p emf0aw9umr4whaydvqqddbvzb21llm9yz2fuaxphdglvbi5jb20xizahbgkqhkig 9w0bcqimfhnvbwugywrkaxrpb25hbcbpbmzvmiibijanbgkqhkig9w0baqefaaoc aq8amiibcgkcaqeayqprugdiaerkahbx06wobpekkz8cfyir6dv8d49eqho1xmcp avotfjsj5cktuh64885lftcghudpcw+rih0fb8tolebua9yimuqbyfnrglrz7u+g bkgyqo7w0psb7tguki7eseecvwsoygwyzksiuzbsqoauecjxog7gmr6qiutmilaq dy0wwlir7iakx0qlq8ihfy6ynf2aghet6ic9tgbkifo6hwlep4gbwwtivcd94l6l 6rnpgtyxhsmlael0jn/4qpadcixdrbnahffzbrqyo7synqjuienxevq+7esiqibv rkvt9hpaj+o/ij4z+z6xys8se3re4fsnsdxphqidaqabma0gcsqgsib3dqebcwua a4ibaqch6vxtrqubfvgahnmjpshci3jcaz/x9hl2qgxntzas3rljbd6orc+3itli vzjlwryl1hztxfecj3etvg1acknohx0rcfggnbsqsoz6oaazls6bakchbruqmhfg icdk8a1pv1cr/spbe/ujskbg548jpqcsweul1jndsnzzmjuxy+ftm2pdyisrbgxy y0spkxahukltblzghh1kimu7uuteuxdgmlccyey9/ibwtka9j/wnjc0cqc13jle8 pqvliexiovsktsgbzwyxw2p+m6qbjrc83oorwm8gnej1k2yx6jmnzlifidfit/h6 m2y3gjyqfgexupmk9toeejzpj1rb -----end certificate----- """ cert = x509.load_pem_x509_certificate(pem, default_backend()) unstructured_name = cert.subject.get_attributes_for_oid(nameoid.unstructured_name)[0].value print(unstructured_name)
此代码打印 unstructedname 的值(在本例中为“一些附加信息”)。
我在 go 中的尝试如下所示:
package main import ( "crypto/x509" "encoding/pem" "fmt" "log" ) const certRaw = `-----BEGIN CERTIFICATE----- MIIDcTCCAlmgAwIBAgIUNjbltje6I/S9PJN8KgIxyi2Iw58wDQYJKoZIhvcNAQEL BQAwSTEUMBIGA1UEAwwLZXhhbXBsZS5jb20xFjAUBgNVBAoMDUV4YW1wbGUsIElu Yy4xGTAXBgNVBAsMEEV4YW1wbGUgRGl2aXNpb24wHhcNMjIxMTI5MTU1NDMxWhcN MzcxMTI2MTU1NDMxWjCBmzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3Ju aWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xGjAYBgNVBAoMEVNvbWUgT3JnYW5p emF0aW9uMR4wHAYDVQQDDBVzb21lLm9yZ2FuaXphdGlvbi5jb20xIzAhBgkqhkiG 9w0BCQIMFHNvbWUgYWRkaXRpb25hbCBpbmZvMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAyqprugdiaERkAHbx06WobPekkZ8CFyiR6dv8D49eqHO1xmCp aVotFJSj5cktUH64885LfTCghUdPcw+rIh0fB8tOleBUA9yIMUqbYFnRgLrz7U+g bkgyQO7w0PsB7tgUKI7esEEcvWSoygWyZKSiUZBSQOAuEcJxog7GMR6QiUtmiLaq DY0Wwlir7iakX0Qlq8iHFY6yNf2aghET6IC9tGbkifO6HWLEP4gBWwtIvCd94l6L 6rNpGtYXHSmlaEL0jn/4QPADciXDrBnAhFfzBrqyO7SYNqJUiENXEvq+7ESIqibV RKvt9HpAj+O/Ij4z+Z6Xys8sE3RE4FSNSdXphQIDAQABMA0GCSqGSIb3DQEBCwUA A4IBAQCH6vxtrqUBFVgahnmjPSHci3JCaz/X9hL2QgXNTzAS3rLJBd6OrC+3ITli vzJlWryl1hzTxFEcj3EtVG1AckNOHX0RCFggNBSQSOz6oaaZlS6BAkChbRUqmHfG iCDK8A1pV1cr/SPBe/UjSkbG548JpqCSWEUL1jNDsNzZmjuXy+FTM2PDYiSRbGxY Y0SpkxAhuKltblzghh1KIMU7UutEUXDGMlCCYEY9/ibWTKa9J/WNjC0CQC13jLe8 PqVLIeXIoVSkTsgbzwYxW2P+M6QbjRC83OORwm8GnEj1k2yX6JmnzLifidFiT/h6 M2Y3gjYqfGexupmK9toEejZPj1RB -----END CERTIFICATE----- ` func main() { block, rest := pem.Decode([]byte(certRaw)) if block == nil { log.Fatalf("Decode CA PEM, %v", rest) } cert, err := x509.ParseCertificate(block.Bytes) if err != nil { log.Fatalf("parse certificate") } fmt.Println(cert.Subject.String()) // Unmarshall and print value of unstructuredName (oid: 1.2.840.113549.1.9.2) // ??? }
去游乐场:https://go.dev/play/p/vwkpdbnpq78
我找不到通过 oid 获取属性的函数。当我打印出整个主题时,我发现该值仍然是(der?)编码的。
如何解码或解组 unstructedname 的值?
非常感谢。
我认为 go 标准库没有通过 oid 获取属性的函数。不过,自己写一个看起来并不难。下面的代码基于此相关答案(以及您问题中的代码)。
这是更新后的 go playground - https://www.php.cn/link/f0eb6568ea114ba6e293f903c34d7488一个>.
package main import ( "crypto/x509" "encoding/pem" "fmt" "log" ) const certRaw = `-----BEGIN CERTIFICATE----- MIIDcTCCAlmgAwIBAgIUNjbltje6I/S9PJN8KgIxyi2Iw58wDQYJKoZIhvcNAQEL BQAwSTEUMBIGA1UEAwwLZXhhbXBsZS5jb20xFjAUBgNVBAoMDUV4YW1wbGUsIElu Yy4xGTAXBgNVBAsMEEV4YW1wbGUgRGl2aXNpb24wHhcNMjIxMTI5MTU1NDMxWhcN MzcxMTI2MTU1NDMxWjCBmzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3Ju aWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xGjAYBgNVBAoMEVNvbWUgT3JnYW5p emF0aW9uMR4wHAYDVQQDDBVzb21lLm9yZ2FuaXphdGlvbi5jb20xIzAhBgkqhkiG 9w0BCQIMFHNvbWUgYWRkaXRpb25hbCBpbmZvMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAyqprugdiaERkAHbx06WobPekkZ8CFyiR6dv8D49eqHO1xmCp aVotFJSj5cktUH64885LfTCghUdPcw+rIh0fB8tOleBUA9yIMUqbYFnRgLrz7U+g bkgyQO7w0PsB7tgUKI7esEEcvWSoygWyZKSiUZBSQOAuEcJxog7GMR6QiUtmiLaq DY0Wwlir7iakX0Qlq8iHFY6yNf2aghET6IC9tGbkifO6HWLEP4gBWwtIvCd94l6L 6rNpGtYXHSmlaEL0jn/4QPADciXDrBnAhFfzBrqyO7SYNqJUiENXEvq+7ESIqibV RKvt9HpAj+O/Ij4z+Z6Xys8sE3RE4FSNSdXphQIDAQABMA0GCSqGSIb3DQEBCwUA A4IBAQCH6vxtrqUBFVgahnmjPSHci3JCaz/X9hL2QgXNTzAS3rLJBd6OrC+3ITli vzJlWryl1hzTxFEcj3EtVG1AckNOHX0RCFggNBSQSOz6oaaZlS6BAkChbRUqmHfG iCDK8A1pV1cr/SPBe/UjSkbG548JpqCSWEUL1jNDsNzZmjuXy+FTM2PDYiSRbGxY Y0SpkxAhuKltblzghh1KIMU7UutEUXDGMlCCYEY9/ibWTKa9J/WNjC0CQC13jLe8 PqVLIeXIoVSkTsgbzwYxW2P+M6QbjRC83OORwm8GnEj1k2yX6JmnzLifidFiT/h6 M2Y3gjYqfGexupmK9toEejZPj1RB -----END CERTIFICATE----- ` func main() { block, rest := pem.Decode([]byte(certRaw)) if block == nil { log.Fatalf("Decode CA PEM, %v", rest) } cert, err := x509.ParseCertificate(block.Bytes) if err != nil { log.Fatalf("parse certificate") } // 1.2.840.113549.1.9.2 var oidUnstructuredName = []int{1, 2, 840, 113549, 1, 9, 2} var unstructuredName string for _, n := range cert.Subject.Names { if n.Type.Equal(oidUnstructuredName) { if v, ok := n.Value.(string); ok { unstructuredName = v } } } fmt.Println(unstructuredName) }
以上是Go:从 ssl 证书获取'subject/unstructeredName”的值的详细内容。更多信息请关注PHP中文网其他相关文章!