gpt4 book ai didi

戈朗 : verify x509 certificate was signed using private key that corresponds to the specified public key

转载 作者:IT王子 更新时间:2023-10-29 01:09:12 29 4
gpt4 key购买 nike

我想验证 X509 证书以确保它是由与公钥相对应的私钥签名的:

var publicKey *rsa.PublicKey = getPublicKey()
var certificate *x509.Certificate = getCertificate()
certificate.CheckSignature(...)

在我看来,certificate.CheckSignature 方法是正确的方法,但我无法弄清楚它需要的参数,并想寻求社区的帮助。

顺便说一句,我能够在 java 中做同样的事情(在两个相邻的项目上工作)。它看起来像这样:

RSAPublicKey publicKey = getPublicKey();
X509Certificate certificate = X509CertUtils.parse(...);

// Verifies that this certificate was signed using the
// private key that corresponds to the specified public key.
certificate.verify(publicKey);

我很感激现场的任何提示!

最佳答案

谢谢罗曼,我已经设法让它像这样工作了:

hash := sha1.New()
hash.Write(certificate.RawTBSCertificate)
hashData := hash.Sum(nil)
rsa.VerifyPKCS1v15(dsPublicKey, crypto.SHA1, hashData, certificate.Signature)

所以,这基本上是您推荐的,但改用了 sha1 哈希 - 这就是我在本地生成的证书所获得的。我还设法通过将证书的公钥与我要验证的 key 临时交换来使其正常工作:

certificate.PublicKey = certificateAuthorityPublicKey
certificate.CheckSignature(x509.SHA1WithRSA, certificate.RawTBSCertificate, certificate.Signature)

第二种方法当然看起来有点乱,但它们都按预期工作......

想知道是否可以在运行时判断它是 SHA1 还是 SHA256?

关于戈朗 : verify x509 certificate was signed using private key that corresponds to the specified public key,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/42559806/

29 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com