堆栈内存溢出
  简体   繁体   English

如何显示网站证书的公钥

[英]How to show the public key for a website certificate

 原文  2019-01-27 00:37:12       ssl/ go/ ssl-certificate

问题描述

I've created a Go program to connect to a website and get the certificates it uses. 我创建了一个Go程序来连接到网站并获取其使用的证书。 I'm not sure how to get the correct representation of the public key. 我不确定如何获得公钥的正确表示。

I can fetch the certificate and I can type check on Certificate.PublicKey. 我可以获取证书,并且可以在Certificate.PublicKey上键入check。 Once I understand it's rsa.PublicKey or ecdsa.PublicKey I'd need to print the hex representation of it. 一旦了解了rsa.PublicKey或ecdsa.PublicKey,我就需要打印它的十六进制表示形式。 

switch cert.PublicKey.(type) {
case *rsa.PublicKey:
    logrus.Error("this is RSA")
    // TODO: print hex representation of key
case *ecdsa.PublicKey:
    logrus.Error("this is ECDSA")
    // TODO: print hex representation of key
default:
    fmt.Println("it's something else")
}

I'd expect it to print something like: 我希望它能打印出类似以下内容: 

04 4B F9 47 1B A8 A8 CB A4 C6 C0 2D 45 DE 43 F3 BC F5 D2 98 F4 25 90 6F 13 0D 78 1A AC 05 B4 DF 7B F6 06 5C 80 97 9A 53 06 D0 DB 0E 15 AD 03 DE 14 09 D3 77 54 B1 4E 15 A8 AF E3 FD DC 9D AD E0 C5

1 个解决方案

解决方案1
 2  2019-01-27 01:39:42

it seems you are asking for the sha1 sum of the certificates involved. 看来您要索取所涉及证书的sha1总和。 here is a working example that asks for a host:port and prints the sums of the certificates involved 这是一个要求提供host:port并打印所涉及证书总和的工作示例 

package main

import (
        "crypto/sha1"
        "crypto/tls"
        "fmt"
        "log"
        "os"
)

func main() {
        if len(os.Args) != 2 {
                log.Panic("call with argument of host:port")
        }
        log.SetFlags(log.Lshortfile)

        conf := &tls.Config{
                //InsecureSkipVerify: true,
        }
        fmt.Printf("dialing:%s\n", os.Args[1])
        conn, err := tls.Dial("tcp", os.Args[1], conf)
        if err != nil {
                log.Println(err)
                return
        }
        defer conn.Close()
        for i, v := range conn.ConnectionState().PeerCertificates {
                //edit: use %X for uppercase hex printing
                fmt.Printf("cert %d sha1 fingerprint:%x \n", i, sha1.Sum(v.Raw))
        }
}

run as: 运行为: 

./golang-tls www.google.com:443
dialing:www.google.com:443
cert 0 sha1 fingerprint:34781c3be98cf958f514aecb1ae2e4e866effe34
cert 1 sha1 fingerprint:eeacbd0cb452819577911e1e6203db262f84a318

for general notions on SSL i have found this stackexchange answer to be extremely valuable. 对于SSL的一般概念,我发现这个stackexchange答案非常有价值。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在iOS上固定证书的公钥 - How to pin the Public key of a certificate on iOS 如何生成用于加密的 SSL 证书和公钥? - How to generate SSL certificate & public key for encryption? 存储公钥以进行证书固定的安全性如何? - How safe is storing public key for certificate pinning? 如何使公钥保持静态,但旋转证书 - How to keep public key static, but rotate the certificate 如何获取颁发者证书的指纹或公钥? - How to get Thumbprint or Public Key of Issuer Certificate? 证书颁发机构 (CA) 如何验证公钥证书中主题的身份? - How is the identitiy of a subject in a Public Key Certificate verified by the Certificate Authority (CA)? 如何从根证书生成公共证书,私钥? - How to generate public certificate, private key from root certificate? 如何从天青自动化的证书中获取公钥 - how to get public key from certificate on azure automation 如何使用加密 api 获取颁发者证书公钥 - How to get issuer certificate public key using crypto api 如何识别我的SSL公钥证书? - how can I identify my SSL public key certificate?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM