gpt4 book ai didi

Golang Mqtt 客户端 TLS 实现

转载 作者:行者123 更新时间:2023-12-05 04:38:35 25 4
gpt4 key购买 nike

我尝试将 tls 配置添加到“github.com/eclipse/paho.mqtt.golang”客户端包。但是在配置 pems 从文件加载。我想使用 pem 作为字符串格式。例如,一个对象具有“caPem”键及其值 CA pem 作为字符串。

func NewTLSConfig(cACertificate, clientCertificate, clientKey string) *tls.Config {

certpool := x509.NewCertPool()

pemCerts, err := ioutil.ReadFile("/ca.pem")
if err == nil {
certpool.AppendCertsFromPEM(pemCerts)
}

cert, err := tls.LoadX509KeyPair("/client.pem", "/client.key")
if err != nil {
panic(err)
}

cert.Leaf, err = x509.ParseCertificate(cert.Certificate[0])
if err != nil {
panic(err)
}
fmt.Println(cert.Leaf)

return &tls.Config{

RootCAs: certpool,

ClientAuth: tls.RequestClientCert,

ClientCAs: nil,

InsecureSkipVerify: false,

Certificates: []tls.Certificate{cert},
}
}

正如您在上面的代码中看到的,pemCerts 从文件中获取公钥。函数参数“caCertificate...”是字符串。我只想像“pemCerts := caCertificate”一样使用它们。我怎样才能实现这个

最佳答案

举个例子,说明如何做到这一点。它确实假定字符串中的 PEM block 不超过 1 个。如果这样做,您应该调整它以多次调用 strPEMToPubCert

( playground link )

package main

import (
"crypto/x509"
"encoding/pem"
"errors"
"fmt"
)

func main() {
var pubPEMData = `-----BEGIN CERTIFICATE-----
MIIG9TCCBd2gAwIBAgISBLS106X/pLzr6OgL1QIQaFjHMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMTEyMDUxNDE1NTJaFw0yMjAzMDUxNDE1NTFaMB4xHDAaBgNVBAMM
Eyouc3RhY2tleGNoYW5nZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCad2WyTsmxXwoyz/iQST49XuSAciGr8GcyUtrestK82l4uHvU0/eCsxkUa
nT6xpm60l9OaAXCjJHEl9+0qKOUQ8+FJzr4W9PuiALE1E6j5mpYk3FRERZwX+AFZ
dN2G1rSb+uZvDSiR9eUikj0ueR5TTA+ZUsNLaByE+/EzcUqja9Qxyq7zkizSolxy
/RVTRPB2BaDkGY4I46avu8PJPm6R3skp0L96MnWSDVtJhIGc5lisoUEozrlTbTuT
SfBvPAAIqFT6702LJqFIF5rW04++GrEBh6S1I+17IZxneTMcorx0sYmXVzRGvz6e
0nOfXo6a80hAFgs+vci3UWEze7vrAgMBAAGjggQXMIIEEzAOBgNVHQ8BAf8EBAMC
BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAw
HQYDVR0OBBYEFMbQN0TT6bdr8CA4WpQ9UwT/XKTZMB8GA1UdIwQYMBaAFBQusxe3
WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0
cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5j
ci5vcmcvMIIB5AYDVR0RBIIB2zCCAdeCDyouYXNrdWJ1bnR1LmNvbYISKi5ibG9n
b3ZlcmZsb3cuY29tghIqLm1hdGhvdmVyZmxvdy5uZXSCGCoubWV0YS5zdGFja2V4
Y2hhbmdlLmNvbYIYKi5tZXRhLnN0YWNrb3ZlcmZsb3cuY29tghEqLnNlcnZlcmZh
dWx0LmNvbYINKi5zc3RhdGljLm5ldIITKi5zdGFja2V4Y2hhbmdlLmNvbYITKi5z
dGFja292ZXJmbG93LmNvbYIVKi5zdGFja292ZXJmbG93LmVtYWlsgg8qLnN1cGVy
dXNlci5jb22CDWFza3VidW50dS5jb22CEGJsb2dvdmVyZmxvdy5jb22CEG1hdGhv
dmVyZmxvdy5uZXSCFG9wZW5pZC5zdGFja2F1dGguY29tgg9zZXJ2ZXJmYXVsdC5j
b22CC3NzdGF0aWMubmV0gg1zdGFja2FwcHMuY29tgg1zdGFja2F1dGguY29tghFz
dGFja2V4Y2hhbmdlLmNvbYISc3RhY2tvdmVyZmxvdy5ibG9nghFzdGFja292ZXJm
bG93LmNvbYITc3RhY2tvdmVyZmxvdy5lbWFpbIIRc3RhY2tzbmlwcGV0cy5uZXSC
DXN1cGVydXNlci5jb20wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMB
AQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEF
BgorBgEEAdZ5AgQCBIH2BIHzAPEAdwDfpV6raIJPH2yt7rhfTj5a6s2iEqRqXo47
EsAgRFwqcwAAAX2LKmpMAAAEAwBIMEYCIQC1jB7OwpQiHacbVnEZgWegpCOksm6Z
TYkTjXCmIo9m1AIhAPjs+1PPNr/avFzSydhUROI+Rvqx0iZqXzNc24PIOXjBAHYA
KXm+8J45OSHwVnOfY6V35b5XfZxgCvj5TV0mXCVdx4QAAAF9iypqRAAABAMARzBF
AiEA0oJ418l3aDXj4EVAtzf5o2nUdYiZiH7pLvA1hd7ZSKUCICFeACPl73NNLSzR
7yoKEV6nO7Zlk4rUd/fUyROY35OMMA0GCSqGSIb3DQEBCwUAA4IBAQB+hvmbEaHF
jEkSZiTllNe+XWtfz6TiWIugoqdDL67app49ZTTZ94oLRGxybm62nBIEX/2gCRgd
fqnDecg4BWIyl2jti73eKkmt9+pcCDqZ1JcbW8rDLmZJnzdcC0o739BGRq/ufP5R
Fb8qXAap2VH/29MQImxB166PsAb9rKdS1kNSfg4Zsu7nisg7q47dyzZMT9cTbajf
D/T6hl30nHOyJFvny5vYwDLtiNg5BJ2xZzZFh4B73mY53jjN2EXn4S5LI9J+0NmY
dic7TY+lsttvfrJ+cySMO7E1T1SkgEgHtfsadlRRWNFl80R91sS98FHbhBg/MSMk
yAm4xgff5rYD
-----END CERTIFICATE-----`

crt, _, err := strPEMToPubCert(pubPEMData)
if err != nil {
panic(err)
}

fmt.Println(crt.DNSNames)
}

func strPEMToPubCert(pemStr string) (*x509.Certificate, []byte, error) {
block, rest := pem.Decode([]byte(pemStr))
if block == nil || block.Type != "CERTIFICATE" {
return nil, rest, errors.New("failed to decode PEM block containing certificate")
}

cert, err := x509.ParseCertificate(block.Bytes)
if err != nil {
return nil, rest, err
}

return cert, rest, nil
}

关于Golang Mqtt 客户端 TLS 实现,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/70569324/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com