2024-03-17 16:12:54 +08:00
|
|
|
|
package cert
|
|
|
|
|
|
|
|
|
|
|
|
import (
|
2025-06-17 13:10:35 +08:00
|
|
|
|
"b612.me/apps/b612/utils"
|
2024-03-17 16:12:54 +08:00
|
|
|
|
"b612.me/stario"
|
|
|
|
|
|
"b612.me/starlog"
|
2024-09-15 15:27:50 +08:00
|
|
|
|
"crypto"
|
2024-03-17 18:19:44 +08:00
|
|
|
|
"crypto/x509"
|
2024-03-17 16:12:54 +08:00
|
|
|
|
"fmt"
|
|
|
|
|
|
"github.com/spf13/cobra"
|
2025-06-13 13:05:50 +08:00
|
|
|
|
"math/big"
|
2024-03-17 16:12:54 +08:00
|
|
|
|
"os"
|
|
|
|
|
|
"path/filepath"
|
|
|
|
|
|
"time"
|
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
var country, province, city, org, orgUnit, name string
|
|
|
|
|
|
var dnsName []string
|
|
|
|
|
|
var start, end time.Time
|
|
|
|
|
|
var startStr, endStr string
|
|
|
|
|
|
var savefolder string
|
|
|
|
|
|
var promptMode bool
|
|
|
|
|
|
var isCa bool
|
|
|
|
|
|
var maxPathLenZero bool
|
|
|
|
|
|
var maxPathLen int
|
|
|
|
|
|
|
|
|
|
|
|
var caKey string
|
|
|
|
|
|
var caCert string
|
|
|
|
|
|
var csr string
|
|
|
|
|
|
var caKeyPwd string
|
|
|
|
|
|
var passwd string
|
2024-03-17 18:19:44 +08:00
|
|
|
|
var enPasswd string
|
2025-06-13 13:05:50 +08:00
|
|
|
|
var keyUsage int
|
|
|
|
|
|
var extKeyUsage []int
|
2024-03-17 16:12:54 +08:00
|
|
|
|
|
|
|
|
|
|
var Cmd = &cobra.Command{
|
|
|
|
|
|
Use: "cert",
|
|
|
|
|
|
Short: "证书生成与解析",
|
|
|
|
|
|
Long: "证书生成与解析",
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var CmdCsr = &cobra.Command{
|
|
|
|
|
|
Use: "csr",
|
|
|
|
|
|
Short: "生成证书请求",
|
|
|
|
|
|
Long: "生成证书请求",
|
|
|
|
|
|
Run: func(cmd *cobra.Command, args []string) {
|
|
|
|
|
|
var err error
|
|
|
|
|
|
if promptMode {
|
|
|
|
|
|
if country == "" {
|
|
|
|
|
|
country = stario.MessageBox("请输入国家:", "").MustString()
|
|
|
|
|
|
}
|
|
|
|
|
|
if province == "" {
|
|
|
|
|
|
province = stario.MessageBox("请输入省份:", "").MustString()
|
|
|
|
|
|
}
|
|
|
|
|
|
if city == "" {
|
|
|
|
|
|
city = stario.MessageBox("请输入城市:", "").MustString()
|
|
|
|
|
|
}
|
|
|
|
|
|
if org == "" {
|
|
|
|
|
|
org = stario.MessageBox("请输入组织:", "").MustString()
|
|
|
|
|
|
}
|
|
|
|
|
|
if orgUnit == "" {
|
|
|
|
|
|
orgUnit = stario.MessageBox("请输入组织单位:", "").MustString()
|
|
|
|
|
|
}
|
|
|
|
|
|
if name == "" {
|
|
|
|
|
|
name = stario.MessageBox("请输入通用名称:", "").MustString()
|
|
|
|
|
|
}
|
|
|
|
|
|
if dnsName == nil {
|
|
|
|
|
|
dnsName = stario.MessageBox("请输入dns名称,用逗号分割:", "").MustSliceString(",")
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2024-09-15 15:27:50 +08:00
|
|
|
|
key, err := LoadPriv(caKey, caKeyPwd)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("加载Key错误", err)
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
|
|
|
|
|
csr := outputCsr(GenerateCsr(country, province, city, org, orgUnit, name, dnsName), key)
|
2024-03-17 16:12:54 +08:00
|
|
|
|
err = os.WriteFile(savefolder+"/"+name+".csr", csr, 0644)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("保存csr文件错误", err)
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
|
|
|
|
|
starlog.Infoln("保存csr文件成功", savefolder+"/"+name+".csr")
|
|
|
|
|
|
},
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var CmdGen = &cobra.Command{
|
|
|
|
|
|
Use: "gen",
|
|
|
|
|
|
Short: "生成证书",
|
|
|
|
|
|
Long: "生成证书",
|
|
|
|
|
|
Run: func(cmd *cobra.Command, args []string) {
|
|
|
|
|
|
if caKey == "" {
|
|
|
|
|
|
starlog.Errorln("CA私钥不能为空")
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
|
|
|
|
|
if caCert == "" {
|
|
|
|
|
|
starlog.Errorln("CA证书不能为空")
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
|
|
|
|
|
if csr == "" {
|
|
|
|
|
|
starlog.Errorln("证书请求不能为空")
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
2024-09-15 15:27:50 +08:00
|
|
|
|
var caKeyRaw crypto.PrivateKey
|
|
|
|
|
|
var caCertRaw *x509.Certificate
|
|
|
|
|
|
var err error
|
|
|
|
|
|
if !isCa {
|
|
|
|
|
|
caKeyRaw, caCertRaw, err = LoadCA(caKey, caCert, caKeyPwd)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("加载CA错误", err)
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
|
|
|
|
|
} else {
|
|
|
|
|
|
caKeyRaw, err = LoadPriv(caKey, caKeyPwd)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("加载CA错误", err)
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
2024-03-17 16:12:54 +08:00
|
|
|
|
}
|
|
|
|
|
|
csrRaw, err := LoadCsr(csr)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("加载证书请求错误", err)
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
2025-06-13 13:05:50 +08:00
|
|
|
|
start, err = time.Parse(time.RFC3339, startStr)
|
2024-03-17 16:12:54 +08:00
|
|
|
|
if err != nil {
|
2025-06-13 13:05:50 +08:00
|
|
|
|
starlog.Errorln("开始时间格式错误,格式:2006-01-02T15:04:05Z07:00", err)
|
2024-03-17 16:12:54 +08:00
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
2025-06-13 13:05:50 +08:00
|
|
|
|
end, err = time.Parse(time.RFC3339, endStr)
|
2024-03-17 16:12:54 +08:00
|
|
|
|
if err != nil {
|
2025-06-13 13:05:50 +08:00
|
|
|
|
starlog.Errorln("结束时间格式错误,格式:2006-01-02T15:04:05Z07:00", err)
|
2024-03-17 16:12:54 +08:00
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
2025-06-13 13:05:50 +08:00
|
|
|
|
pubKeyRaw := csrRaw.PublicKey
|
2024-09-15 15:27:50 +08:00
|
|
|
|
certReq := &x509.Certificate{
|
2025-06-13 13:05:50 +08:00
|
|
|
|
SerialNumber: big.NewInt(time.Now().UnixNano()),
|
2024-09-15 15:27:50 +08:00
|
|
|
|
Subject: csrRaw.Subject,
|
|
|
|
|
|
IsCA: isCa,
|
|
|
|
|
|
NotBefore: start,
|
|
|
|
|
|
NotAfter: end,
|
|
|
|
|
|
MaxPathLen: maxPathLen,
|
|
|
|
|
|
MaxPathLenZero: maxPathLenZero,
|
2025-06-13 13:05:50 +08:00
|
|
|
|
DNSNames: csrRaw.DNSNames,
|
|
|
|
|
|
IPAddresses: csrRaw.IPAddresses,
|
2024-09-15 15:27:50 +08:00
|
|
|
|
}
|
2025-06-13 13:05:50 +08:00
|
|
|
|
if !isCa {
|
|
|
|
|
|
if keyUsage == 0 {
|
|
|
|
|
|
certReq.KeyUsage = x509.KeyUsageDigitalSignature | x509.KeyUsageKeyEncipherment
|
|
|
|
|
|
}
|
|
|
|
|
|
if len(extKeyUsage) == 0 {
|
|
|
|
|
|
certReq.ExtKeyUsage = []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}
|
|
|
|
|
|
}
|
|
|
|
|
|
} else {
|
|
|
|
|
|
if len(extKeyUsage) == 0 {
|
|
|
|
|
|
certReq.ExtKeyUsage = []x509.ExtKeyUsage{
|
|
|
|
|
|
x509.ExtKeyUsageAny,
|
|
|
|
|
|
x509.ExtKeyUsageServerAuth,
|
|
|
|
|
|
x509.ExtKeyUsageClientAuth,
|
|
|
|
|
|
x509.ExtKeyUsageCodeSigning,
|
|
|
|
|
|
x509.ExtKeyUsageEmailProtection,
|
|
|
|
|
|
x509.ExtKeyUsageIPSECEndSystem,
|
|
|
|
|
|
x509.ExtKeyUsageIPSECTunnel,
|
|
|
|
|
|
x509.ExtKeyUsageIPSECUser,
|
|
|
|
|
|
x509.ExtKeyUsageTimeStamping,
|
|
|
|
|
|
x509.ExtKeyUsageOCSPSigning,
|
|
|
|
|
|
x509.ExtKeyUsageMicrosoftServerGatedCrypto,
|
|
|
|
|
|
x509.ExtKeyUsageNetscapeServerGatedCrypto,
|
|
|
|
|
|
x509.ExtKeyUsageMicrosoftCommercialCodeSigning,
|
|
|
|
|
|
x509.ExtKeyUsageMicrosoftKernelCodeSigning,
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
if keyUsage == 0 {
|
|
|
|
|
|
certReq.KeyUsage = x509.KeyUsageCertSign | x509.KeyUsageCRLSign | x509.KeyUsageKeyEncipherment | x509.KeyUsageKeyAgreement | x509.KeyUsageDigitalSignature
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
if keyUsage != 0 {
|
|
|
|
|
|
certReq.KeyUsage = x509.KeyUsage(keyUsage)
|
|
|
|
|
|
}
|
|
|
|
|
|
if len(extKeyUsage) > 0 {
|
|
|
|
|
|
certReq.ExtKeyUsage = make([]x509.ExtKeyUsage, len(extKeyUsage))
|
|
|
|
|
|
for i, v := range extKeyUsage {
|
|
|
|
|
|
certReq.ExtKeyUsage[i] = x509.ExtKeyUsage(v)
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
certReq.Subject.SerialNumber = fmt.Sprint(time.Now().UnixNano())
|
2024-09-15 15:27:50 +08:00
|
|
|
|
if isCa {
|
|
|
|
|
|
caCertRaw = certReq
|
|
|
|
|
|
}
|
|
|
|
|
|
cert, err := MakeCert(caKeyRaw, caCertRaw, certReq, pubKeyRaw)
|
2024-03-17 16:12:54 +08:00
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("生成证书错误", err)
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
|
|
|
|
|
err = os.WriteFile(savefolder+"/"+csrRaw.Subject.CommonName+".crt", cert, 0644)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("保存证书错误", err)
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
starlog.Infoln("保存证书成功", savefolder+"/"+csrRaw.Subject.CommonName+".crt")
|
|
|
|
|
|
},
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2025-06-13 13:05:50 +08:00
|
|
|
|
var CmdFastGen = &cobra.Command{
|
|
|
|
|
|
Use: "fastgen",
|
|
|
|
|
|
Short: "快速生成证书",
|
|
|
|
|
|
Long: "快速生成证书",
|
|
|
|
|
|
Run: func(cmd *cobra.Command, args []string) {
|
2025-06-17 13:10:35 +08:00
|
|
|
|
if promptMode {
|
|
|
|
|
|
if fastgen.Country == "" {
|
|
|
|
|
|
fastgen.Country = stario.MessageBox("请输入国家:", "").MustString()
|
|
|
|
|
|
}
|
|
|
|
|
|
if fastgen.Province == "" {
|
|
|
|
|
|
fastgen.Province = stario.MessageBox("请输入省份:", "").MustString()
|
|
|
|
|
|
}
|
|
|
|
|
|
if fastgen.City == "" {
|
|
|
|
|
|
fastgen.City = stario.MessageBox("请输入城市:", "").MustString()
|
|
|
|
|
|
}
|
|
|
|
|
|
if fastgen.Organization == "" {
|
|
|
|
|
|
fastgen.Organization = stario.MessageBox("请输入组织:", "").MustString()
|
|
|
|
|
|
}
|
|
|
|
|
|
if fastgen.OrganizationUnit == "" {
|
|
|
|
|
|
fastgen.OrganizationUnit = stario.MessageBox("请输入组织单位:", "").MustString()
|
|
|
|
|
|
}
|
|
|
|
|
|
if fastgen.CommonName == "" {
|
|
|
|
|
|
fastgen.CommonName = stario.MessageBox("请输入通用名称:", "").MustString()
|
|
|
|
|
|
}
|
|
|
|
|
|
if fastgen.Dns == nil {
|
|
|
|
|
|
fastgen.Dns = stario.MessageBox("请输入dns名称,用逗号分割:", "").MustSliceString(",")
|
|
|
|
|
|
}
|
|
|
|
|
|
if fastgen.Type == "" {
|
|
|
|
|
|
fastgen.Type = stario.MessageBox("请输入证书类型(RSA/ECDSA):", "RSA").MustString()
|
|
|
|
|
|
}
|
|
|
|
|
|
if fastgen.Bits <= 0 {
|
|
|
|
|
|
fastgen.Bits = stario.MessageBox("请输入证书位数:", "2048").MustInt()
|
|
|
|
|
|
}
|
|
|
|
|
|
if startStr == "" {
|
|
|
|
|
|
startStr = stario.MessageBox("请输入证书开始时间,格式:2006-01-02T15:04:05Z07:00:", time.Now().Format(time.RFC3339)).MustString()
|
|
|
|
|
|
}
|
|
|
|
|
|
if endStr == "" {
|
|
|
|
|
|
endStr = stario.MessageBox("请输入证书结束时间,格式:2006-01-02T15:04:05Z07:00:", time.Now().AddDate(1, 0, 0).Format(time.RFC3339)).MustString()
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
var err error
|
|
|
|
|
|
fastgen.StartDate, err = time.Parse(time.RFC3339, startStr)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("开始时间格式错误,格式:2006-01-02T15:04:05Z07:00", err)
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
|
|
|
|
|
fastgen.EndDate, err = time.Parse(time.RFC3339, endStr)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("结束时间格式错误,格式:2006-01-02T15:04:05Z07:00", err)
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
|
|
|
|
|
if caCert != "" && caKey != "" {
|
|
|
|
|
|
fastgen.CAPriv, fastgen.CA, err = LoadCA(caKey, caCert, caKeyPwd)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("加载CA错误", err)
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
if fastgen.CAPriv == nil {
|
|
|
|
|
|
fastgen.CA, fastgen.CAPriv = utils.ToolCert("")
|
|
|
|
|
|
}
|
|
|
|
|
|
byteCrt, byteKey, err := utils.GenerateCert(fastgen)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("生成证书错误", err)
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
|
|
|
|
|
name := fastgen.CommonName
|
|
|
|
|
|
if name == "" {
|
|
|
|
|
|
name = "cert"
|
|
|
|
|
|
}
|
|
|
|
|
|
err = os.WriteFile(filepath.Join(savefolder, name+".crt"), byteCrt, 0644)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("保存证书错误", err)
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
|
|
|
|
|
starlog.Infoln("保存证书成功", filepath.Join(savefolder, name+".crt"))
|
|
|
|
|
|
err = os.WriteFile(filepath.Join(savefolder, name+".key"), byteKey, 0644)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("保存私钥错误", err)
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
|
|
|
|
|
starlog.Infoln("保存私钥成功", filepath.Join(savefolder, name+".key"))
|
2025-06-13 13:05:50 +08:00
|
|
|
|
},
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2024-03-17 16:12:54 +08:00
|
|
|
|
var CmdParse = &cobra.Command{
|
|
|
|
|
|
Use: "parse",
|
|
|
|
|
|
Short: "解析证书",
|
|
|
|
|
|
Long: "解析证书",
|
|
|
|
|
|
Run: func(cmd *cobra.Command, args []string) {
|
|
|
|
|
|
if len(args) == 0 {
|
|
|
|
|
|
starlog.Errorln("请输入证书文件")
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
|
|
|
|
|
for _, v := range args {
|
|
|
|
|
|
data, err := os.ReadFile(v)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("读取证书错误", err)
|
|
|
|
|
|
continue
|
|
|
|
|
|
}
|
|
|
|
|
|
ParseCert(data, passwd)
|
|
|
|
|
|
fmt.Println("\n-------" + v + "解析完毕---------\n")
|
|
|
|
|
|
}
|
|
|
|
|
|
},
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2025-06-17 13:10:35 +08:00
|
|
|
|
var fastgen utils.GenerateCertParams
|
|
|
|
|
|
|
2024-03-17 16:12:54 +08:00
|
|
|
|
func init() {
|
|
|
|
|
|
Cmd.AddCommand(CmdCsr)
|
|
|
|
|
|
CmdCsr.Flags().BoolVarP(&promptMode, "prompt", "P", false, "是否交互模式")
|
2025-06-17 13:10:35 +08:00
|
|
|
|
CmdCsr.Flags().StringVarP(&country, "country", "c", "", "国家")
|
|
|
|
|
|
CmdCsr.Flags().StringVarP(&province, "province", "p", "", "省份")
|
|
|
|
|
|
CmdCsr.Flags().StringVarP(&city, "city", "t", "", "城市")
|
2024-03-17 16:12:54 +08:00
|
|
|
|
CmdCsr.Flags().StringVarP(&org, "org", "o", "", "组织")
|
|
|
|
|
|
CmdCsr.Flags().StringVarP(&orgUnit, "orgUnit", "u", "", "组织单位")
|
2025-06-17 13:10:35 +08:00
|
|
|
|
CmdCsr.Flags().StringVarP(&name, "name", "n", "", "通用名称")
|
2024-03-17 16:12:54 +08:00
|
|
|
|
CmdCsr.Flags().StringSliceVarP(&dnsName, "dnsName", "d", nil, "dns名称")
|
|
|
|
|
|
CmdCsr.Flags().StringVarP(&savefolder, "savefolder", "s", "./", "保存文件夹")
|
2024-09-15 15:27:50 +08:00
|
|
|
|
CmdCsr.Flags().StringVarP(&caKey, "secret-key", "k", "", "加密私钥")
|
|
|
|
|
|
CmdCsr.Flags().StringVarP(&caKeyPwd, "secret-key-passwd", "K", "", "加密私钥的密码")
|
|
|
|
|
|
//CmdCsr.Flags().BoolVarP(&isCa, "isCa", "A", false, "是否是CA")
|
|
|
|
|
|
//CmdCsr.Flags().StringVarP(&startStr, "start", "S", time.Now().Format(time.RFC3339), "开始时间,格式:2006-01-02T15:04:05Z07:00")
|
|
|
|
|
|
//CmdCsr.Flags().StringVarP(&endStr, "end", "E", time.Now().AddDate(1, 0, 0).Format(time.RFC3339), "结束时间,格式:2006-01-02T15:04:05Z07:00")
|
|
|
|
|
|
//CmdCsr.Flags().BoolVarP(&maxPathLenZero, "maxPathLenZero", "z", false, "允许最大路径长度为0")
|
|
|
|
|
|
//CmdCsr.Flags().IntVarP(&maxPathLen, "maxPathLen", "m", 0, "最大路径长度")
|
2025-06-13 13:05:50 +08:00
|
|
|
|
CmdGen.Flags().IntVarP(&keyUsage, "keyUsage", "u", 0, "证书使用类型,默认数字0,0表示数字签名和密钥加密,1表示证书签名,2表示CRL签名,4表示密钥协商,8表示数据加密")
|
2025-06-17 13:10:35 +08:00
|
|
|
|
CmdGen.Flags().IntSliceVarP(&extKeyUsage, "extKeyUsage", "e", []int{0, 1}, "扩展证书使用类型,默认数字0和1,0表示服务器认证,1表示客户端认证,2表示代码签名,3表示电子邮件保护,4表示IPSEC终端系统,5表示IPSEC隧道,6表示IPSEC用户,7表示时间戳,8表示OCSP签名,9表示Microsoft服务器网关加密,10表示Netscape服务器网关加密,11表示Microsoft商业代码签名,12表示Microsoft内核代码签名")
|
2024-03-17 16:12:54 +08:00
|
|
|
|
CmdGen.Flags().StringVarP(&caKey, "caKey", "k", "", "CA私钥")
|
|
|
|
|
|
CmdGen.Flags().StringVarP(&caCert, "caCert", "C", "", "CA证书")
|
|
|
|
|
|
CmdGen.Flags().StringVarP(&csr, "csr", "r", "", "证书请求")
|
|
|
|
|
|
CmdGen.Flags().StringVarP(&savefolder, "savefolder", "s", "./", "保存文件夹")
|
|
|
|
|
|
CmdGen.Flags().StringVarP(&caKeyPwd, "caKeyPwd", "p", "", "CA私钥密码")
|
2024-09-15 15:27:50 +08:00
|
|
|
|
CmdGen.Flags().BoolVarP(&isCa, "isCa", "A", false, "是否是CA")
|
|
|
|
|
|
CmdGen.Flags().StringVarP(&startStr, "start", "S", time.Now().Format(time.RFC3339), "开始时间,格式:2006-01-02T15:04:05Z07:00")
|
|
|
|
|
|
CmdGen.Flags().StringVarP(&endStr, "end", "E", time.Now().AddDate(1, 0, 0).Format(time.RFC3339), "结束时间,格式:2006-01-02T15:04:05Z07:00")
|
|
|
|
|
|
CmdGen.Flags().BoolVarP(&maxPathLenZero, "maxPathLenZero", "z", false, "允许最大路径长度为0")
|
|
|
|
|
|
CmdGen.Flags().IntVarP(&maxPathLen, "maxPathLen", "m", 0, "最大路径长度")
|
2024-03-17 16:12:54 +08:00
|
|
|
|
Cmd.AddCommand(CmdGen)
|
|
|
|
|
|
|
2024-03-17 18:19:44 +08:00
|
|
|
|
CmdParse.Flags().StringVarP(&passwd, "passwd", "p", "", "pfx解密密码")
|
2024-03-17 16:12:54 +08:00
|
|
|
|
Cmd.AddCommand(CmdParse)
|
2024-06-28 15:10:58 +08:00
|
|
|
|
|
|
|
|
|
|
CmdPkcs8.Flags().StringVarP(&passwd, "passwd", "p", "", "解密密码")
|
2024-03-17 18:19:44 +08:00
|
|
|
|
CmdPkcs8.Flags().StringVarP(&savefolder, "savefolder", "s", ".", "保存文件夹")
|
2024-06-28 15:10:58 +08:00
|
|
|
|
CmdPkcs8.Flags().StringVarP(&enPasswd, "en-passwd", "P", "", "加密密码")
|
2024-03-17 16:12:54 +08:00
|
|
|
|
Cmd.AddCommand(CmdPkcs8)
|
2024-06-28 15:10:58 +08:00
|
|
|
|
CmdPkcs1.Flags().StringVarP(&passwd, "passwd", "p", "", "解密密码")
|
2024-03-17 18:19:44 +08:00
|
|
|
|
CmdPkcs1.Flags().StringVarP(&savefolder, "savefolder", "s", ".", "保存文件夹")
|
2024-06-28 15:10:58 +08:00
|
|
|
|
CmdPkcs1.Flags().StringVarP(&enPasswd, "en-passwd", "P", "", "加密密码")
|
2024-03-17 18:19:44 +08:00
|
|
|
|
Cmd.AddCommand(CmdPkcs1)
|
|
|
|
|
|
CmdPkcs12.Flags().StringVarP(&passwd, "passwd", "p", "", "pfx解密密码")
|
|
|
|
|
|
CmdPkcs12.Flags().StringVarP(&enPasswd, "pfx-passwd", "P", "", "pfx加密密码")
|
|
|
|
|
|
CmdPkcs12.Flags().StringVarP(&savefolder, "savefolder", "s", ".", "保存文件夹")
|
|
|
|
|
|
Cmd.AddCommand(CmdPkcs12)
|
|
|
|
|
|
|
2024-06-28 15:10:58 +08:00
|
|
|
|
CmdBasic.Flags().StringVarP(&passwd, "passwd", "p", "", "解密密码")
|
2024-03-17 18:19:44 +08:00
|
|
|
|
CmdBasic.Flags().StringVarP(&savefolder, "savefolder", "s", ".", "保存文件夹")
|
2024-06-28 15:10:58 +08:00
|
|
|
|
CmdBasic.Flags().StringVarP(&enPasswd, "en-passwd", "P", "", "加密密码")
|
2024-03-17 18:19:44 +08:00
|
|
|
|
Cmd.AddCommand(CmdBasic)
|
|
|
|
|
|
|
2024-06-28 15:10:58 +08:00
|
|
|
|
CmdOpenssh.Flags().StringVarP(&passwd, "passwd", "p", "", "解密密码")
|
|
|
|
|
|
CmdOpenssh.Flags().StringVarP(&savefolder, "savefolder", "s", ".", "保存文件夹")
|
|
|
|
|
|
CmdOpenssh.Flags().StringVarP(&enPasswd, "en-passwd", "P", "", "加密密码")
|
|
|
|
|
|
Cmd.AddCommand(CmdOpenssh)
|
|
|
|
|
|
|
2025-06-13 13:05:50 +08:00
|
|
|
|
CmdFastGen.Flags().BoolVarP(&promptMode, "prompt", "P", false, "是否交互模式")
|
2025-06-17 13:10:35 +08:00
|
|
|
|
CmdFastGen.Flags().StringVarP(&fastgen.Country, "country", "c", "", "国家")
|
|
|
|
|
|
CmdFastGen.Flags().StringVarP(&fastgen.Province, "province", "p", "", "省份")
|
|
|
|
|
|
CmdFastGen.Flags().StringVar(&fastgen.City, "city", "", "城市")
|
|
|
|
|
|
CmdFastGen.Flags().StringVarP(&fastgen.Organization, "org", "o", "", "组织")
|
|
|
|
|
|
CmdFastGen.Flags().StringVarP(&fastgen.OrganizationUnit, "orgUnit", "u", "", "组织单位")
|
|
|
|
|
|
CmdFastGen.Flags().StringVarP(&fastgen.CommonName, "name", "n", "", "通用名称")
|
|
|
|
|
|
CmdFastGen.Flags().StringSliceVarP(&fastgen.Dns, "dnsName", "d", nil, "dns名称")
|
2025-06-13 13:05:50 +08:00
|
|
|
|
CmdFastGen.Flags().StringVarP(&savefolder, "savefolder", "s", "./", "保存文件夹")
|
2025-06-17 13:10:35 +08:00
|
|
|
|
CmdFastGen.Flags().IntVarP(&fastgen.KeyUsage, "keyUsage", "U", 0, "证书使用类型,默认数字0,0表示数字签名和密钥加密,1表示证书签名,2表示CRL签名,4表示密钥协商,8表示数据加密")
|
|
|
|
|
|
CmdFastGen.Flags().IntSliceVarP(&fastgen.ExtendedKeyUsage, "extKeyUsage", "e", []int{0, 1}, "扩展证书使用类型,默认数字0和1,0表示服务器认证,1表示客户端认证,2表示代码签名,3表示电子邮件保护,4表示IPSEC终端系统,5表示IPSEC隧道,6表示IPSEC用户,7表示时间戳,8表示OCSP签名,9表示Microsoft服务器网关加密,10表示Netscape服务器网关加密,11表示Microsoft商业代码签名,12表示Microsoft内核代码签名")
|
|
|
|
|
|
CmdFastGen.Flags().BoolVarP(&fastgen.IsCA, "isCa", "A", false, "是否是CA")
|
2025-06-13 13:05:50 +08:00
|
|
|
|
CmdFastGen.Flags().StringVarP(&startStr, "start", "S", time.Now().Format(time.RFC3339), "开始时间,格式:2006-01-02T15:04:05Z07:00")
|
|
|
|
|
|
CmdFastGen.Flags().StringVarP(&endStr, "end", "E", time.Now().AddDate(1, 0, 0).Format(time.RFC3339), "结束时间,格式:2006-01-02T15:04:05Z07:00")
|
2025-06-17 13:10:35 +08:00
|
|
|
|
CmdFastGen.Flags().BoolVarP(&fastgen.MaxPathLengthZero, "maxPathLenZero", "z", false, "允许最大路径长度为0")
|
|
|
|
|
|
CmdFastGen.Flags().IntVarP(&fastgen.MaxPathLength, "maxPathLen", "m", 0, "最大路径长度")
|
|
|
|
|
|
CmdFastGen.Flags().StringVarP(&caKey, "caKey", "K", "", "CA私钥,可以留空")
|
|
|
|
|
|
CmdFastGen.Flags().StringVarP(&caCert, "caCert", "C", "", "CA证书,可以留空")
|
|
|
|
|
|
CmdFastGen.Flags().StringVar(&caKeyPwd, "caKeyPwd", "", "CA私钥密码")
|
|
|
|
|
|
CmdFastGen.Flags().StringVarP(&fastgen.Type, "type", "t", "RSA", "证书类型,支持RSA和ECDSA")
|
|
|
|
|
|
CmdFastGen.Flags().IntVarP(&fastgen.Bits, "bits", "b", 2048, "证书位数,默认2048")
|
|
|
|
|
|
Cmd.AddCommand(CmdFastGen)
|
2024-03-17 16:12:54 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var CmdPkcs8 = &cobra.Command{
|
|
|
|
|
|
Use: "pkcs8",
|
|
|
|
|
|
Short: "pkcs8转换",
|
|
|
|
|
|
Long: "pkcs8转换",
|
|
|
|
|
|
Run: func(cmd *cobra.Command, args []string) {
|
|
|
|
|
|
if len(args) == 0 {
|
|
|
|
|
|
starlog.Errorln("请输入证书文件")
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
|
|
|
|
|
for _, v := range args {
|
|
|
|
|
|
data, err := os.ReadFile(v)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("读取证书错误", err)
|
|
|
|
|
|
continue
|
|
|
|
|
|
}
|
2024-06-28 15:10:58 +08:00
|
|
|
|
err = Pkcs8(data, passwd, enPasswd, filepath.Base(v), savefolder)
|
2024-03-17 18:19:44 +08:00
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("pkcs8转换错误", err)
|
|
|
|
|
|
continue
|
|
|
|
|
|
}
|
|
|
|
|
|
fmt.Println("\n-------" + v + "转换完毕---------\n")
|
|
|
|
|
|
}
|
|
|
|
|
|
},
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var CmdPkcs1 = &cobra.Command{
|
|
|
|
|
|
Use: "pkcs1",
|
|
|
|
|
|
Short: "pkcs1转换",
|
|
|
|
|
|
Long: "pkcs1转换",
|
|
|
|
|
|
Run: func(cmd *cobra.Command, args []string) {
|
|
|
|
|
|
if len(args) == 0 {
|
|
|
|
|
|
starlog.Errorln("请输入证书文件")
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
|
|
|
|
|
for _, v := range args {
|
|
|
|
|
|
data, err := os.ReadFile(v)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("读取证书错误", err)
|
|
|
|
|
|
continue
|
|
|
|
|
|
}
|
2024-06-28 15:10:58 +08:00
|
|
|
|
err = Pkcs1(data, passwd, enPasswd, filepath.Base(v), savefolder)
|
2024-03-17 18:19:44 +08:00
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("pkcs1转换错误", err)
|
|
|
|
|
|
continue
|
|
|
|
|
|
}
|
|
|
|
|
|
fmt.Println("\n-------" + v + "转换完毕---------\n")
|
|
|
|
|
|
}
|
|
|
|
|
|
},
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var CmdPkcs12 = &cobra.Command{
|
|
|
|
|
|
Use: "pkcs12",
|
|
|
|
|
|
Short: "pkcs12转换",
|
|
|
|
|
|
Long: "pkcs12转换",
|
|
|
|
|
|
Run: func(cmd *cobra.Command, args []string) {
|
|
|
|
|
|
if len(args) == 0 {
|
|
|
|
|
|
starlog.Errorln("请输入证书文件")
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
|
|
|
|
|
var keys []any
|
|
|
|
|
|
var certs []x509.Certificate
|
|
|
|
|
|
|
|
|
|
|
|
for _, v := range args {
|
|
|
|
|
|
data, err := os.ReadFile(v)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("读取证书错误", err)
|
|
|
|
|
|
continue
|
|
|
|
|
|
}
|
|
|
|
|
|
key, cert, err := GetCert(data, passwd)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("证书读取错误", err)
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
|
|
|
|
|
keys = append(keys, key...)
|
|
|
|
|
|
certs = append(certs, cert...)
|
|
|
|
|
|
}
|
|
|
|
|
|
err := Pkcs12(keys, certs, enPasswd, filepath.Base(args[0]), savefolder)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("pkcs12转换错误", err)
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
|
|
|
|
|
fmt.Println("\n-------pfk转换完毕---------\n")
|
|
|
|
|
|
},
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var CmdBasic = &cobra.Command{
|
|
|
|
|
|
Use: "basic",
|
|
|
|
|
|
Short: "证书转换为基本类型",
|
|
|
|
|
|
Long: "证书转换为基本类型",
|
|
|
|
|
|
Run: func(cmd *cobra.Command, args []string) {
|
|
|
|
|
|
if len(args) == 0 {
|
|
|
|
|
|
starlog.Errorln("请输入证书文件")
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
|
|
|
|
|
for _, v := range args {
|
|
|
|
|
|
data, err := os.ReadFile(v)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("读取证书错误", err)
|
|
|
|
|
|
continue
|
|
|
|
|
|
}
|
|
|
|
|
|
err = Tran(data, passwd, filepath.Base(v), savefolder)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("证书转换错误", err)
|
|
|
|
|
|
continue
|
|
|
|
|
|
}
|
2024-03-17 16:12:54 +08:00
|
|
|
|
fmt.Println("\n-------" + v + "转换完毕---------\n")
|
|
|
|
|
|
}
|
|
|
|
|
|
},
|
|
|
|
|
|
}
|
2024-06-28 15:10:58 +08:00
|
|
|
|
|
|
|
|
|
|
var CmdOpenssh = &cobra.Command{
|
|
|
|
|
|
Use: "openssh",
|
|
|
|
|
|
Short: "openssh转换",
|
|
|
|
|
|
Long: "openssh转换",
|
|
|
|
|
|
Run: func(cmd *cobra.Command, args []string) {
|
|
|
|
|
|
if len(args) == 0 {
|
|
|
|
|
|
starlog.Errorln("请输入证书文件")
|
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
|
}
|
|
|
|
|
|
for _, v := range args {
|
|
|
|
|
|
data, err := os.ReadFile(v)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("读取证书错误", err)
|
|
|
|
|
|
continue
|
|
|
|
|
|
}
|
|
|
|
|
|
err = Openssh(data, passwd, enPasswd, filepath.Base(v), savefolder)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
starlog.Errorln("openssh转换错误", err)
|
|
|
|
|
|
continue
|
|
|
|
|
|
}
|
|
|
|
|
|
fmt.Println("\n-------" + v + "转换完毕---------\n")
|
|
|
|
|
|
}
|
|
|
|
|
|
},
|
|
|
|
|
|
}
|
