|
|
|
|
package cert
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"b612.me/starcrypto"
|
|
|
|
|
"b612.me/starlog"
|
|
|
|
|
"crypto/dsa"
|
|
|
|
|
"crypto/ecdh"
|
|
|
|
|
"crypto/ecdsa"
|
|
|
|
|
"crypto/ed25519"
|
|
|
|
|
"crypto/rand"
|
|
|
|
|
"crypto/rsa"
|
|
|
|
|
"crypto/x509"
|
|
|
|
|
"encoding/pem"
|
|
|
|
|
"errors"
|
|
|
|
|
"fmt"
|
|
|
|
|
"golang.org/x/crypto/ssh"
|
|
|
|
|
"os"
|
|
|
|
|
"reflect"
|
|
|
|
|
"software.sslmate.com/src/go-pkcs12"
|
|
|
|
|
"strings"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func ParseCert(data []byte, pwd string) {
|
|
|
|
|
oriData := data
|
|
|
|
|
{
|
|
|
|
|
pems, err := pkcs12.ToPEM(data, pwd)
|
|
|
|
|
if err == nil {
|
|
|
|
|
for _, v := range pems {
|
|
|
|
|
switch v.Type {
|
|
|
|
|
case "CERTIFICATE":
|
|
|
|
|
cert, err := x509.ParseCertificate(v.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
starlog.Green("这是一个PKCS12文件\n")
|
|
|
|
|
starlog.Green("-----证书信息-----\n\n")
|
|
|
|
|
starlog.Green("证书版本:%d\n", cert.Version)
|
|
|
|
|
starlog.Green("证书序列号:%d\n", cert.SerialNumber)
|
|
|
|
|
starlog.Green("证书签发者:%s\n", cert.Issuer)
|
|
|
|
|
starlog.Green("证书开始时间:%s\n", cert.NotBefore)
|
|
|
|
|
starlog.Green("证书结束时间:%s\n", cert.NotAfter)
|
|
|
|
|
starlog.Green("证书扩展:%+v\n", cert.Extensions)
|
|
|
|
|
starlog.Green("证书签名算法:%s\n", cert.SignatureAlgorithm)
|
|
|
|
|
starlog.Green("证书签名:%x\n", cert.Signature)
|
|
|
|
|
starlog.Green("证书公钥:%+v\n", cert.PublicKey)
|
|
|
|
|
starlog.Green("证书公钥算法:%s\n", cert.PublicKeyAlgorithm)
|
|
|
|
|
starlog.Green("证书密钥用法:%v\n", keyUsageToStrings(cert.KeyUsage))
|
|
|
|
|
starlog.Green("证书扩展密钥用法:%v\n", extKeyUsageToStrings(cert.ExtKeyUsage))
|
|
|
|
|
starlog.Green("证书是否CA:%t\n", cert.IsCA)
|
|
|
|
|
starlog.Green("证书最大路径长度:%d\n", cert.MaxPathLen)
|
|
|
|
|
starlog.Green("证书最大路径长度是否为0:%t\n", cert.MaxPathLenZero)
|
|
|
|
|
starlog.Green("证书是否根证书:%t\n", cert.BasicConstraintsValid)
|
|
|
|
|
starlog.Green("证书国家:%+v\n", cert.Subject.Country)
|
|
|
|
|
starlog.Green("证书省份:%+v\n", cert.Subject.Province)
|
|
|
|
|
starlog.Green("证书城市:%+v\n", cert.Subject.Locality)
|
|
|
|
|
starlog.Green("证书组织:%+v\n", cert.Subject.Organization)
|
|
|
|
|
starlog.Green("证书组织单位:%+v\n", cert.Subject.OrganizationalUnit)
|
|
|
|
|
starlog.Green("证书通用名称:%s\n", cert.Subject.CommonName)
|
|
|
|
|
starlog.Green("证书DNS:%+v\n", cert.DNSNames)
|
|
|
|
|
starlog.Green("证书主题:%s\n", cert.Subject.String())
|
|
|
|
|
starlog.Green("-----公钥信息-----\n\n")
|
|
|
|
|
pub := cert.PublicKey
|
|
|
|
|
switch n := pub.(type) {
|
|
|
|
|
case *rsa.PublicKey:
|
|
|
|
|
starlog.Green("公钥算法为RSA\n")
|
|
|
|
|
starlog.Green("公钥位数:%d\n", n.Size())
|
|
|
|
|
starlog.Green("公钥长度:%d\n", n.N.BitLen())
|
|
|
|
|
starlog.Green("公钥指数:%d\n", n.E)
|
|
|
|
|
case *ecdsa.PublicKey:
|
|
|
|
|
starlog.Green("公钥算法为ECDSA\n")
|
|
|
|
|
starlog.Green("公钥位数:%d\n", n.Curve.Params().BitSize)
|
|
|
|
|
starlog.Green("公钥曲线:%s\n", n.Curve.Params().Name)
|
|
|
|
|
starlog.Green("公钥长度:%d\n", n.Params().BitSize)
|
|
|
|
|
starlog.Green("公钥公钥X:%d\n", n.X)
|
|
|
|
|
starlog.Green("公钥公钥Y:%d\n", n.Y)
|
|
|
|
|
case *dsa.PublicKey:
|
|
|
|
|
starlog.Green("公钥算法为DSA\n")
|
|
|
|
|
starlog.Green("公钥公钥Y:%d\n", n.Y)
|
|
|
|
|
case *ecdh.PublicKey:
|
|
|
|
|
starlog.Green("公钥算法为ECDH\n")
|
|
|
|
|
case *ed25519.PublicKey:
|
|
|
|
|
starlog.Green("公钥算法为ED25519\n")
|
|
|
|
|
default:
|
|
|
|
|
starlog.Green("未知公钥类型\n")
|
|
|
|
|
}
|
|
|
|
|
case "PRIVATE KEY":
|
|
|
|
|
priv, err := x509.ParsePKCS8PrivateKey(v.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
priv, err = x509.ParsePKCS1PrivateKey(v.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
priv, err = x509.ParseECPrivateKey(v.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
starlog.Errorf("解析私钥错误:%s\n", err)
|
|
|
|
|
continue
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("这是一个ECDSA私钥\n")
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("这是一个PKCS1私钥\n")
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("这是一个PKCS8私钥\n")
|
|
|
|
|
}
|
|
|
|
|
starlog.Green("-----私钥信息-----\n\n")
|
|
|
|
|
switch n := priv.(type) {
|
|
|
|
|
case *rsa.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个RSA私钥\n")
|
|
|
|
|
starlog.Green("私钥位数:%d\n", n.Size())
|
|
|
|
|
starlog.Green("私钥长度:%d\n", n.N.BitLen())
|
|
|
|
|
starlog.Green("私钥指数:%d\n", n.E)
|
|
|
|
|
starlog.Green("私钥系数:%d\n", n.D)
|
|
|
|
|
starlog.Green("私钥质数p:%d\n", n.Primes[0])
|
|
|
|
|
starlog.Green("私钥质数q:%d\n", n.Primes[1])
|
|
|
|
|
starlog.Green("私钥系数dP:%d\n", n.Precomputed.Dp)
|
|
|
|
|
starlog.Green("私钥系数dQ:%d\n", n.Precomputed.Dq)
|
|
|
|
|
starlog.Green("私钥系数qInv:%d\n", n.Precomputed.Qinv)
|
|
|
|
|
case *ecdsa.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个ECDSA私钥\n")
|
|
|
|
|
starlog.Green("私钥位数:%d\n", n.Curve.Params().BitSize)
|
|
|
|
|
starlog.Green("私钥曲线:%s\n", n.Curve.Params().Name)
|
|
|
|
|
starlog.Green("私钥长度:%d\n", n.Params().BitSize)
|
|
|
|
|
starlog.Green("私钥系数:%d\n", n.D)
|
|
|
|
|
starlog.Green("私钥公钥X:%d\n", n.PublicKey.X)
|
|
|
|
|
starlog.Green("私钥公钥Y:%d\n", n.PublicKey.Y)
|
|
|
|
|
case *dsa.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个DSA私钥\n")
|
|
|
|
|
starlog.Green("私钥系数:%d\n", n.X)
|
|
|
|
|
starlog.Green("私钥公钥Y:%d\n", n.Y)
|
|
|
|
|
case *ed25519.PrivateKey, ed25519.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个ED25519私钥\n")
|
|
|
|
|
case *ecdh.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个ECDH私钥\n")
|
|
|
|
|
default:
|
|
|
|
|
starlog.Green("未知私钥类型\n")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
idx := 0
|
|
|
|
|
for {
|
|
|
|
|
idx++
|
|
|
|
|
block, rest := pem.Decode(data)
|
|
|
|
|
if block == nil {
|
|
|
|
|
if idx == 1 {
|
|
|
|
|
starlog.Errorf("未知文件类型\n")
|
|
|
|
|
}
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
fmt.Println("\n--------------------------------\n")
|
|
|
|
|
data = rest
|
|
|
|
|
rt := 0
|
|
|
|
|
switch block.Type {
|
|
|
|
|
case "CERTIFICATE":
|
|
|
|
|
rt = 1
|
|
|
|
|
starlog.Green("这是一个证书文件\n")
|
|
|
|
|
fallthrough
|
|
|
|
|
case "CERTIFICATE REQUEST":
|
|
|
|
|
if rt == 0 {
|
|
|
|
|
starlog.Green("这是一个证书请求文件\n")
|
|
|
|
|
}
|
|
|
|
|
cert, err := x509.ParseCertificate(block.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
starlog.Errorf("解析证书错误:%s\n", err)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
starlog.Green("证书版本:%d\n", cert.Version)
|
|
|
|
|
starlog.Green("证书序列号:%d\n", cert.SerialNumber)
|
|
|
|
|
starlog.Green("证书签发者:%s\n", cert.Issuer)
|
|
|
|
|
starlog.Green("证书开始时间:%s\n", cert.NotBefore)
|
|
|
|
|
starlog.Green("证书结束时间:%s\n", cert.NotAfter)
|
|
|
|
|
starlog.Green("证书扩展:%+v\n", cert.Extensions)
|
|
|
|
|
starlog.Green("证书签名算法:%s\n", cert.SignatureAlgorithm)
|
|
|
|
|
starlog.Green("证书签名:%x\n", cert.Signature)
|
|
|
|
|
starlog.Green("证书公钥:%+v\n", cert.PublicKey)
|
|
|
|
|
starlog.Green("证书公钥算法:%s\n", cert.PublicKeyAlgorithm)
|
|
|
|
|
starlog.Green("证书密钥用法:%v\n", keyUsageToStrings(cert.KeyUsage))
|
|
|
|
|
starlog.Green("证书扩展密钥用法:%v\n", extKeyUsageToStrings(cert.ExtKeyUsage))
|
|
|
|
|
starlog.Green("证书是否CA:%t\n", cert.IsCA)
|
|
|
|
|
starlog.Green("证书最大路径长度:%d\n", cert.MaxPathLen)
|
|
|
|
|
starlog.Green("证书最大路径长度是否为0:%t\n", cert.MaxPathLenZero)
|
|
|
|
|
starlog.Green("证书是否根证书:%t\n", cert.BasicConstraintsValid)
|
|
|
|
|
starlog.Green("证书国家:%+v\n", cert.Subject.Country)
|
|
|
|
|
starlog.Green("证书省份:%+v\n", cert.Subject.Province)
|
|
|
|
|
starlog.Green("证书城市:%+v\n", cert.Subject.Locality)
|
|
|
|
|
starlog.Green("证书组织:%+v\n", cert.Subject.Organization)
|
|
|
|
|
starlog.Green("证书组织单位:%+v\n", cert.Subject.OrganizationalUnit)
|
|
|
|
|
starlog.Green("证书通用名称:%s\n", cert.Subject.CommonName)
|
|
|
|
|
starlog.Green("证书DNS:%+v\n", cert.DNSNames)
|
|
|
|
|
starlog.Green("证书主题:%s\n", cert.Subject.String())
|
|
|
|
|
pub := cert.PublicKey
|
|
|
|
|
switch n := pub.(type) {
|
|
|
|
|
case *rsa.PublicKey:
|
|
|
|
|
starlog.Green("公钥算法为RSA\n")
|
|
|
|
|
starlog.Green("公钥位数:%d\n", n.Size())
|
|
|
|
|
starlog.Green("公钥长度:%d\n", n.N.BitLen())
|
|
|
|
|
starlog.Green("公钥指数:%d\n", n.E)
|
|
|
|
|
case *ecdsa.PublicKey:
|
|
|
|
|
starlog.Green("公钥算法为ECDSA\n")
|
|
|
|
|
starlog.Green("公钥位数:%d\n", n.Curve.Params().BitSize)
|
|
|
|
|
starlog.Green("公钥曲线:%s\n", n.Curve.Params().Name)
|
|
|
|
|
starlog.Green("公钥长度:%d\n", n.Params().BitSize)
|
|
|
|
|
starlog.Green("公钥公钥X:%d\n", n.X)
|
|
|
|
|
starlog.Green("公钥公钥Y:%d\n", n.Y)
|
|
|
|
|
case *dsa.PublicKey:
|
|
|
|
|
starlog.Green("公钥算法为DSA\n")
|
|
|
|
|
starlog.Green("公钥公钥Y:%d\n", n.Y)
|
|
|
|
|
case *ecdh.PublicKey:
|
|
|
|
|
starlog.Green("公钥算法为ECDH\n")
|
|
|
|
|
case *ed25519.PublicKey, ed25519.PublicKey:
|
|
|
|
|
starlog.Green("公钥算法为ED25519\n")
|
|
|
|
|
default:
|
|
|
|
|
starlog.Green("未知公钥类型\n")
|
|
|
|
|
}
|
|
|
|
|
continue
|
|
|
|
|
case "PRIVATE KEY":
|
|
|
|
|
starlog.Infof("这是一个私钥文件\n")
|
|
|
|
|
priv, err := x509.ParsePKCS8PrivateKey(block.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
priv, err = x509.ParsePKCS1PrivateKey(block.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
priv, err = x509.ParseECPrivateKey(block.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
starlog.Errorf("解析私钥错误:%s\n", err)
|
|
|
|
|
continue
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("这是一个ECDSA私钥\n")
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("这是一个PKCS1私钥\n")
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("这是一个PKCS8私钥\n")
|
|
|
|
|
}
|
|
|
|
|
switch n := priv.(type) {
|
|
|
|
|
case *rsa.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个RSA私钥\n")
|
|
|
|
|
starlog.Green("私钥位数:%d\n", n.Size())
|
|
|
|
|
starlog.Green("私钥长度:%d\n", n.N.BitLen())
|
|
|
|
|
starlog.Green("私钥指数:%d\n", n.E)
|
|
|
|
|
starlog.Green("私钥系数:%d\n", n.D)
|
|
|
|
|
starlog.Green("私钥质数p:%d\n", n.Primes[0])
|
|
|
|
|
starlog.Green("私钥质数q:%d\n", n.Primes[1])
|
|
|
|
|
starlog.Green("私钥系数dP:%d\n", n.Precomputed.Dp)
|
|
|
|
|
starlog.Green("私钥系数dQ:%d\n", n.Precomputed.Dq)
|
|
|
|
|
starlog.Green("私钥系数qInv:%d\n", n.Precomputed.Qinv)
|
|
|
|
|
case *ecdsa.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个ECDSA私钥\n")
|
|
|
|
|
starlog.Green("私钥位数:%d\n", n.Curve.Params().BitSize)
|
|
|
|
|
starlog.Green("私钥曲线:%s\n", n.Curve.Params().Name)
|
|
|
|
|
starlog.Green("私钥长度:%d\n", n.Params().BitSize)
|
|
|
|
|
starlog.Green("私钥系数:%d\n", n.D)
|
|
|
|
|
starlog.Green("私钥公钥X:%d\n", n.PublicKey.X)
|
|
|
|
|
starlog.Green("私钥公钥Y:%d\n", n.PublicKey.Y)
|
|
|
|
|
case *dsa.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个DSA私钥\n")
|
|
|
|
|
starlog.Green("私钥系数:%d\n", n.X)
|
|
|
|
|
starlog.Green("私钥公钥Y:%d\n", n.Y)
|
|
|
|
|
case ed25519.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个ED25519私钥\n")
|
|
|
|
|
sshPub, _ := starcrypto.EncodeSSHPublicKey(n.Public())
|
|
|
|
|
starlog.Green("公钥:%s\n", string(sshPub))
|
|
|
|
|
case *ed25519.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个ED25519私钥\n")
|
|
|
|
|
sshPub, _ := starcrypto.EncodeSSHPublicKey(n.Public())
|
|
|
|
|
starlog.Green("公钥:%s\n", string(sshPub))
|
|
|
|
|
case ecdh.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个ECDH私钥\n")
|
|
|
|
|
default:
|
|
|
|
|
starlog.Infof("不支持的私钥类型:%v\n", reflect.TypeOf(n))
|
|
|
|
|
}
|
|
|
|
|
continue
|
|
|
|
|
|
|
|
|
|
case "PUBLIC KEY":
|
|
|
|
|
starlog.Infof("这是一个公钥文件\n")
|
|
|
|
|
pub, err := x509.ParsePKIXPublicKey(block.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
pub, err = x509.ParsePKCS1PublicKey(block.Bytes)
|
|
|
|
|
starlog.Green("这是一个PKCS1公钥\n")
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("这是一个PKIX公钥\n")
|
|
|
|
|
}
|
|
|
|
|
switch n := pub.(type) {
|
|
|
|
|
case *rsa.PublicKey:
|
|
|
|
|
starlog.Green("这是一个RSA公钥\n")
|
|
|
|
|
starlog.Green("公钥位数:%d\n", n.Size())
|
|
|
|
|
starlog.Green("公钥长度:%d\n", n.N.BitLen())
|
|
|
|
|
starlog.Green("公钥指数:%d\n", n.E)
|
|
|
|
|
case *ecdsa.PublicKey:
|
|
|
|
|
starlog.Green("这是一个ECDSA公钥\n")
|
|
|
|
|
starlog.Green("公钥位数:%d\n", n.Curve.Params().BitSize)
|
|
|
|
|
starlog.Green("公钥曲线:%s\n", n.Curve.Params().Name)
|
|
|
|
|
starlog.Green("公钥长度:%d\n", n.Params().BitSize)
|
|
|
|
|
starlog.Green("公钥公钥X:%d\n", n.X)
|
|
|
|
|
starlog.Green("公钥公钥Y:%d\n", n.Y)
|
|
|
|
|
case *ecdh.PublicKey:
|
|
|
|
|
starlog.Green("这是一个ECDH公钥\n")
|
|
|
|
|
case *ed25519.PublicKey:
|
|
|
|
|
starlog.Green("这是一个ED25519公钥\n")
|
|
|
|
|
case *dsa.PublicKey:
|
|
|
|
|
starlog.Green("这是一个DSA公钥\n")
|
|
|
|
|
starlog.Green("公钥公钥Y:%d\n", n.Y)
|
|
|
|
|
default:
|
|
|
|
|
starlog.Green("未知公钥类型\n")
|
|
|
|
|
}
|
|
|
|
|
continue
|
|
|
|
|
case "RSA PRIVATE KEY":
|
|
|
|
|
n, err := x509.ParsePKCS1PrivateKey(block.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
starlog.Errorf("解析私钥错误:%s\n", err)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
starlog.Infof("这是一个RSA私钥文件\n")
|
|
|
|
|
starlog.Green("私钥位数:%d\n", n.Size())
|
|
|
|
|
starlog.Green("私钥长度:%d\n", n.N.BitLen())
|
|
|
|
|
starlog.Green("私钥指数:%d\n", n.E)
|
|
|
|
|
starlog.Green("私钥系数:%d\n", n.D)
|
|
|
|
|
starlog.Green("私钥质数p:%d\n", n.Primes[0])
|
|
|
|
|
starlog.Green("私钥质数q:%d\n", n.Primes[1])
|
|
|
|
|
starlog.Green("私钥系数dP:%d\n", n.Precomputed.Dp)
|
|
|
|
|
starlog.Green("私钥系数dQ:%d\n", n.Precomputed.Dq)
|
|
|
|
|
starlog.Green("私钥系数qInv:%d\n", n.Precomputed.Qinv)
|
|
|
|
|
case "RSA PUBLIC KEY":
|
|
|
|
|
n, err := x509.ParsePKCS1PublicKey(block.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
starlog.Errorf("解析公钥错误:%s\n", err)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
starlog.Green("这是一个RSA公钥\n")
|
|
|
|
|
starlog.Green("公钥位数:%d\n", n.Size())
|
|
|
|
|
starlog.Green("公钥长度:%d\n", n.N.BitLen())
|
|
|
|
|
starlog.Green("公钥指数:%d\n", n.E)
|
|
|
|
|
case "EC PRIVATE KEY":
|
|
|
|
|
n, err := x509.ParseECPrivateKey(block.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
starlog.Errorf("解析私钥错误:%s\n", err)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
starlog.Green("这是一个ECDSA私钥\n")
|
|
|
|
|
starlog.Green("私钥位数:%d\n", n.Curve.Params().BitSize)
|
|
|
|
|
starlog.Green("私钥曲线:%s\n", n.Curve.Params().Name)
|
|
|
|
|
starlog.Green("私钥长度:%d\n", n.Params().BitSize)
|
|
|
|
|
starlog.Green("私钥系数:%d\n", n.D)
|
|
|
|
|
starlog.Green("私钥公钥X:%d\n", n.PublicKey.X)
|
|
|
|
|
starlog.Green("私钥公钥Y:%d\n", n.PublicKey.Y)
|
|
|
|
|
case "EC PUBLIC KEY":
|
|
|
|
|
p, err := x509.ParsePKIXPublicKey(block.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
starlog.Errorf("解析公钥错误:%s\n", err)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
n := p.(*ecdsa.PublicKey)
|
|
|
|
|
starlog.Green("这是一个ECDSA公钥\n")
|
|
|
|
|
starlog.Green("公钥位数:%d\n", n.Curve.Params().BitSize)
|
|
|
|
|
starlog.Green("公钥曲线:%s\n", n.Curve.Params().Name)
|
|
|
|
|
starlog.Green("公钥长度:%d\n", n.Params().BitSize)
|
|
|
|
|
starlog.Green("公钥公钥X:%d\n", n.X)
|
|
|
|
|
starlog.Green("公钥公钥Y:%d\n", n.Y)
|
|
|
|
|
case "OPENSSH PRIVATE KEY":
|
|
|
|
|
starlog.Infof("这是一个OpenSSH私钥文件\n")
|
|
|
|
|
var priv interface{}
|
|
|
|
|
var err error
|
|
|
|
|
if pwd == "" {
|
|
|
|
|
priv, err = ssh.ParseRawPrivateKey(oriData)
|
|
|
|
|
if err != nil {
|
|
|
|
|
starlog.Errorf("解析OPENSSH私钥错误:%s\n", err)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
priv, err = ssh.ParseRawPrivateKeyWithPassphrase(oriData, []byte(pwd))
|
|
|
|
|
if err != nil {
|
|
|
|
|
starlog.Errorf("解析OPENSSH私钥错误:%s\n", err)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
switch n := priv.(type) {
|
|
|
|
|
case *rsa.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个RSA私钥\n")
|
|
|
|
|
starlog.Green("私钥位数:%d\n", n.Size())
|
|
|
|
|
starlog.Green("私钥长度:%d\n", n.N.BitLen())
|
|
|
|
|
starlog.Green("私钥指数:%d\n", n.E)
|
|
|
|
|
starlog.Green("私钥系数:%d\n", n.D)
|
|
|
|
|
starlog.Green("私钥质数p:%d\n", n.Primes[0])
|
|
|
|
|
starlog.Green("私钥质数q:%d\n", n.Primes[1])
|
|
|
|
|
starlog.Green("私钥系数dP:%d\n", n.Precomputed.Dp)
|
|
|
|
|
starlog.Green("私钥系数dQ:%d\n", n.Precomputed.Dq)
|
|
|
|
|
starlog.Green("私钥系数qInv:%d\n", n.Precomputed.Qinv)
|
|
|
|
|
case *ecdsa.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个ECDSA私钥\n")
|
|
|
|
|
starlog.Green("私钥位数:%d\n", n.Curve.Params().BitSize)
|
|
|
|
|
starlog.Green("私钥曲线:%s\n", n.Curve.Params().Name)
|
|
|
|
|
starlog.Green("私钥长度:%d\n", n.Params().BitSize)
|
|
|
|
|
starlog.Green("私钥系数:%d\n", n.D)
|
|
|
|
|
starlog.Green("私钥公钥X:%d\n", n.PublicKey.X)
|
|
|
|
|
starlog.Green("私钥公钥Y:%d\n", n.PublicKey.Y)
|
|
|
|
|
case *dsa.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个DSA私钥\n")
|
|
|
|
|
starlog.Green("私钥系数:%d\n", n.X)
|
|
|
|
|
starlog.Green("私钥公钥Y:%d\n", n.Y)
|
|
|
|
|
case ed25519.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个ED25519私钥\n")
|
|
|
|
|
sshPub, _ := starcrypto.EncodeSSHPublicKey(n.Public())
|
|
|
|
|
starlog.Green("公钥:%s\n", string(sshPub))
|
|
|
|
|
case *ed25519.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个ED25519私钥\n")
|
|
|
|
|
sshPub, _ := starcrypto.EncodeSSHPublicKey(n.Public())
|
|
|
|
|
starlog.Green("公钥:%s\n", string(sshPub))
|
|
|
|
|
case ecdh.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个ECDH私钥\n")
|
|
|
|
|
default:
|
|
|
|
|
starlog.Infof("不支持的私钥类型:%v\n", reflect.TypeOf(n))
|
|
|
|
|
}
|
|
|
|
|
continue
|
|
|
|
|
case "OPENSSH PUBLIC KEY":
|
|
|
|
|
starlog.Infof("这是一个OPENSSH公钥文件\n")
|
|
|
|
|
pub, err := ssh.ParsePublicKey(block.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
starlog.Errorf("解析公钥错误:%s\n", err)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
starlog.Green("公钥算法:%s\n", pub.Type())
|
|
|
|
|
continue
|
|
|
|
|
default:
|
|
|
|
|
starlog.Infof("不支持的证书文件类型:%v\n", reflect.TypeOf(block))
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func keyUsageToStrings(keyUsage x509.KeyUsage) string {
|
|
|
|
|
var usages []string
|
|
|
|
|
|
|
|
|
|
if keyUsage&x509.KeyUsageDigitalSignature != 0 {
|
|
|
|
|
usages = append(usages, "Digital Signature")
|
|
|
|
|
}
|
|
|
|
|
if keyUsage&x509.KeyUsageContentCommitment != 0 {
|
|
|
|
|
usages = append(usages, "Content Commitment")
|
|
|
|
|
}
|
|
|
|
|
if keyUsage&x509.KeyUsageKeyEncipherment != 0 {
|
|
|
|
|
usages = append(usages, "Key Encipherment")
|
|
|
|
|
}
|
|
|
|
|
if keyUsage&x509.KeyUsageDataEncipherment != 0 {
|
|
|
|
|
usages = append(usages, "Data Encipherment")
|
|
|
|
|
}
|
|
|
|
|
if keyUsage&x509.KeyUsageKeyAgreement != 0 {
|
|
|
|
|
usages = append(usages, "Key Agreement")
|
|
|
|
|
}
|
|
|
|
|
if keyUsage&x509.KeyUsageCertSign != 0 {
|
|
|
|
|
usages = append(usages, "Certificate Signing")
|
|
|
|
|
}
|
|
|
|
|
if keyUsage&x509.KeyUsageCRLSign != 0 {
|
|
|
|
|
usages = append(usages, "CRL Signing")
|
|
|
|
|
}
|
|
|
|
|
if keyUsage&x509.KeyUsageEncipherOnly != 0 {
|
|
|
|
|
usages = append(usages, "Encipher Only")
|
|
|
|
|
}
|
|
|
|
|
if keyUsage&x509.KeyUsageDecipherOnly != 0 {
|
|
|
|
|
usages = append(usages, "Decipher Only")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return strings.Join(usages, ", ")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func extKeyUsageToStrings(extKeyUsages []x509.ExtKeyUsage) string {
|
|
|
|
|
var usages []string
|
|
|
|
|
|
|
|
|
|
for _, extKeyUsage := range extKeyUsages {
|
|
|
|
|
switch extKeyUsage {
|
|
|
|
|
case x509.ExtKeyUsageAny:
|
|
|
|
|
usages = append(usages, "Any")
|
|
|
|
|
case x509.ExtKeyUsageServerAuth:
|
|
|
|
|
usages = append(usages, "Server Authentication")
|
|
|
|
|
case x509.ExtKeyUsageClientAuth:
|
|
|
|
|
usages = append(usages, "Client Authentication")
|
|
|
|
|
case x509.ExtKeyUsageCodeSigning:
|
|
|
|
|
usages = append(usages, "Code Signing")
|
|
|
|
|
case x509.ExtKeyUsageEmailProtection:
|
|
|
|
|
usages = append(usages, "Email Protection")
|
|
|
|
|
case x509.ExtKeyUsageIPSECEndSystem:
|
|
|
|
|
usages = append(usages, "IPSEC End System")
|
|
|
|
|
case x509.ExtKeyUsageIPSECTunnel:
|
|
|
|
|
usages = append(usages, "IPSEC Tunnel")
|
|
|
|
|
case x509.ExtKeyUsageIPSECUser:
|
|
|
|
|
usages = append(usages, "IPSEC User")
|
|
|
|
|
case x509.ExtKeyUsageTimeStamping:
|
|
|
|
|
usages = append(usages, "Time Stamping")
|
|
|
|
|
case x509.ExtKeyUsageOCSPSigning:
|
|
|
|
|
usages = append(usages, "OCSP Signing")
|
|
|
|
|
case x509.ExtKeyUsageMicrosoftServerGatedCrypto:
|
|
|
|
|
usages = append(usages, "Microsoft Server Gated Crypto")
|
|
|
|
|
case x509.ExtKeyUsageNetscapeServerGatedCrypto:
|
|
|
|
|
usages = append(usages, "Netscape Server Gated Crypto")
|
|
|
|
|
default:
|
|
|
|
|
usages = append(usages, fmt.Sprintf("Unknown(%d)", extKeyUsage))
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return strings.Join(usages, ", ")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func GetCert(data []byte, pwd string) ([]any, []x509.Certificate, error) {
|
|
|
|
|
var oriData = data
|
|
|
|
|
var common []any
|
|
|
|
|
var certs []x509.Certificate
|
|
|
|
|
{
|
|
|
|
|
pems, err := pkcs12.ToPEM(data, pwd)
|
|
|
|
|
if err == nil {
|
|
|
|
|
for _, v := range pems {
|
|
|
|
|
switch v.Type {
|
|
|
|
|
case "CERTIFICATE":
|
|
|
|
|
cert, err := x509.ParseCertificate(v.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
starlog.Green("这是一个PKCS12文件\n")
|
|
|
|
|
pub := cert.PublicKey
|
|
|
|
|
switch pub.(type) {
|
|
|
|
|
case *rsa.PublicKey:
|
|
|
|
|
starlog.Green("公钥算法为RSA\n")
|
|
|
|
|
case *ecdsa.PublicKey:
|
|
|
|
|
starlog.Green("公钥算法为ECDSA\n")
|
|
|
|
|
case *dsa.PublicKey:
|
|
|
|
|
starlog.Green("公钥算法为DSA\n")
|
|
|
|
|
case *ecdh.PublicKey:
|
|
|
|
|
starlog.Green("公钥算法为ECDH\n")
|
|
|
|
|
case *ed25519.PublicKey:
|
|
|
|
|
starlog.Green("公钥算法为ED25519\n")
|
|
|
|
|
default:
|
|
|
|
|
starlog.Green("未知公钥类型\n")
|
|
|
|
|
}
|
|
|
|
|
common = append(common, pub)
|
|
|
|
|
certs = append(certs, *cert)
|
|
|
|
|
case "PRIVATE KEY":
|
|
|
|
|
priv, err := x509.ParsePKCS8PrivateKey(v.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
priv, err = x509.ParsePKCS1PrivateKey(v.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
priv, err = x509.ParseECPrivateKey(v.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
starlog.Errorf("解析私钥错误:%s\n", err)
|
|
|
|
|
continue
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("这是一个ECDSA私钥\n")
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("这是一个PKCS1私钥\n")
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("这是一个PKCS8私钥\n")
|
|
|
|
|
}
|
|
|
|
|
starlog.Green("-----私钥信息-----\n\n")
|
|
|
|
|
switch n := priv.(type) {
|
|
|
|
|
case *rsa.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个RSA私钥\n")
|
|
|
|
|
starlog.Green("私钥位数:%d\n", n.Size())
|
|
|
|
|
case *ecdsa.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个ECDSA私钥\n")
|
|
|
|
|
starlog.Green("私钥位数:%d\n", n.Curve.Params().BitSize)
|
|
|
|
|
case *dsa.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个DSA私钥\n")
|
|
|
|
|
case ed25519.PrivateKey, *ed25519.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个ED25519私钥\n")
|
|
|
|
|
case ecdh.PrivateKey, *ecdh.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个ECDH私钥\n")
|
|
|
|
|
default:
|
|
|
|
|
starlog.Green("未知私钥类型\n")
|
|
|
|
|
}
|
|
|
|
|
common = append(common, priv)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
return common, certs, nil
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
idx := 0
|
|
|
|
|
for {
|
|
|
|
|
idx++
|
|
|
|
|
block, rest := pem.Decode(data)
|
|
|
|
|
if block == nil {
|
|
|
|
|
if idx == 1 {
|
|
|
|
|
starlog.Errorf("未知文件类型\n")
|
|
|
|
|
return common, certs, errors.New("未知文件类型")
|
|
|
|
|
}
|
|
|
|
|
return common, certs, nil
|
|
|
|
|
}
|
|
|
|
|
data = rest
|
|
|
|
|
rt := 0
|
|
|
|
|
switch block.Type {
|
|
|
|
|
case "CERTIFICATE":
|
|
|
|
|
rt = 1
|
|
|
|
|
starlog.Green("这是一个证书文件\n")
|
|
|
|
|
fallthrough
|
|
|
|
|
case "CERTIFICATE REQUEST":
|
|
|
|
|
if rt == 0 {
|
|
|
|
|
starlog.Green("这是一个证书请求文件\n")
|
|
|
|
|
}
|
|
|
|
|
cert, err := x509.ParseCertificate(block.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
starlog.Errorf("解析证书错误:%s\n", err)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
common = append(common, cert.PublicKey)
|
|
|
|
|
certs = append(certs, *cert)
|
|
|
|
|
pub := cert.PublicKey
|
|
|
|
|
switch pub.(type) {
|
|
|
|
|
case *rsa.PublicKey:
|
|
|
|
|
starlog.Green("公钥算法为RSA\n")
|
|
|
|
|
case *ecdsa.PublicKey:
|
|
|
|
|
starlog.Green("公钥算法为ECDSA\n")
|
|
|
|
|
case *dsa.PublicKey:
|
|
|
|
|
starlog.Green("公钥算法为DSA\n")
|
|
|
|
|
case *ecdh.PublicKey:
|
|
|
|
|
starlog.Green("公钥算法为ECDH\n")
|
|
|
|
|
case *ed25519.PublicKey:
|
|
|
|
|
starlog.Green("公钥算法为ED25519\n")
|
|
|
|
|
default:
|
|
|
|
|
starlog.Green("未知公钥类型\n")
|
|
|
|
|
}
|
|
|
|
|
continue
|
|
|
|
|
case "PRIVATE KEY":
|
|
|
|
|
starlog.Infof("这是一个私钥文件\n")
|
|
|
|
|
priv, err := x509.ParsePKCS8PrivateKey(block.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
priv, err = x509.ParsePKCS1PrivateKey(block.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
priv, err = x509.ParseECPrivateKey(block.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
starlog.Errorf("解析私钥错误:%s\n", err)
|
|
|
|
|
continue
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("这是一个ECDSA私钥\n")
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("这是一个PKCS1私钥\n")
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("这是一个PKCS8私钥\n")
|
|
|
|
|
}
|
|
|
|
|
switch n := priv.(type) {
|
|
|
|
|
case *rsa.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个RSA私钥\n")
|
|
|
|
|
starlog.Green("私钥位数:%d\n", n.Size())
|
|
|
|
|
case *ecdsa.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个ECDSA私钥\n")
|
|
|
|
|
starlog.Green("私钥位数:%d\n", n.Curve.Params().BitSize)
|
|
|
|
|
case *dsa.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个DSA私钥\n")
|
|
|
|
|
case ed25519.PrivateKey, *ed25519.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个ED25519私钥\n")
|
|
|
|
|
case ecdh.PrivateKey:
|
|
|
|
|
starlog.Green("这是一个ECDH私钥\n")
|
|
|
|
|
default:
|
|
|
|
|
starlog.Green("未知私钥类型\n")
|
|
|
|
|
}
|
|
|
|
|
common = append(common, priv)
|
|
|
|
|
continue
|
|
|
|
|
case "PUBLIC KEY":
|
|
|
|
|
starlog.Infof("这是一个公钥文件\n")
|
|
|
|
|
pub, err := x509.ParsePKIXPublicKey(block.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
pub, err = x509.ParsePKCS1PublicKey(block.Bytes)
|
|
|
|
|
starlog.Green("这是一个PKCS1公钥\n")
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("这是一个PKIX公钥\n")
|
|
|
|
|
}
|
|
|
|
|
common = append(common, pub)
|
|
|
|
|
switch n := pub.(type) {
|
|
|
|
|
case *rsa.PublicKey:
|
|
|
|
|
starlog.Green("这是一个RSA公钥\n")
|
|
|
|
|
starlog.Green("公钥位数:%d\n", n.Size())
|
|
|
|
|
case *ecdsa.PublicKey:
|
|
|
|
|
starlog.Green("这是一个ECDSA公钥\n")
|
|
|
|
|
starlog.Green("公钥位数:%d\n", n.Curve.Params().BitSize)
|
|
|
|
|
|
|
|
|
|
case *dsa.PublicKey:
|
|
|
|
|
starlog.Green("这是一个DSA公钥\n")
|
|
|
|
|
case *ecdh.PublicKey:
|
|
|
|
|
starlog.Green("这是一个ECDH公钥\n")
|
|
|
|
|
case *ed25519.PublicKey:
|
|
|
|
|
starlog.Green("这是一个ED25519公钥\n")
|
|
|
|
|
default:
|
|
|
|
|
starlog.Green("未知公钥类型\n")
|
|
|
|
|
}
|
|
|
|
|
return common, certs, nil
|
|
|
|
|
case "RSA PRIVATE KEY":
|
|
|
|
|
n, err := x509.ParsePKCS1PrivateKey(block.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
starlog.Errorf("解析私钥错误:%s\n", err)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
starlog.Infof("这是一个RSA私钥文件\n")
|
|
|
|
|
starlog.Green("私钥位数:%d\n", n.Size())
|
|
|
|
|
starlog.Green("私钥长度:%d\n", n.N.BitLen())
|
|
|
|
|
starlog.Green("私钥指数:%d\n", n.E)
|
|
|
|
|
starlog.Green("私钥系数:%d\n", n.D)
|
|
|
|
|
starlog.Green("私钥质数p:%d\n", n.Primes[0])
|
|
|
|
|
starlog.Green("私钥质数q:%d\n", n.Primes[1])
|
|
|
|
|
starlog.Green("私钥系数dP:%d\n", n.Precomputed.Dp)
|
|
|
|
|
starlog.Green("私钥系数dQ:%d\n", n.Precomputed.Dq)
|
|
|
|
|
starlog.Green("私钥系数qInv:%d\n", n.Precomputed.Qinv)
|
|
|
|
|
common = append(common, n)
|
|
|
|
|
case "RSA PUBLIC KEY":
|
|
|
|
|
n, err := x509.ParsePKCS1PublicKey(block.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
starlog.Errorf("解析公钥错误:%s\n", err)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
starlog.Green("这是一个RSA公钥\n")
|
|
|
|
|
starlog.Green("公钥位数:%d\n", n.Size())
|
|
|
|
|
starlog.Green("公钥长度:%d\n", n.N.BitLen())
|
|
|
|
|
starlog.Green("公钥指数:%d\n", n.E)
|
|
|
|
|
common = append(common, n)
|
|
|
|
|
case "EC PRIVATE KEY":
|
|
|
|
|
n, err := x509.ParseECPrivateKey(block.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
starlog.Errorf("解析私钥错误:%s\n", err)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
starlog.Green("这是一个ECDSA私钥\n")
|
|
|
|
|
starlog.Green("私钥位数:%d\n", n.Curve.Params().BitSize)
|
|
|
|
|
starlog.Green("私钥曲线:%s\n", n.Curve.Params().Name)
|
|
|
|
|
starlog.Green("私钥长度:%d\n", n.Params().BitSize)
|
|
|
|
|
starlog.Green("私钥系数:%d\n", n.D)
|
|
|
|
|
starlog.Green("私钥公钥X:%d\n", n.PublicKey.X)
|
|
|
|
|
starlog.Green("私钥公钥Y:%d\n", n.PublicKey.Y)
|
|
|
|
|
common = append(common, n)
|
|
|
|
|
case "EC PUBLIC KEY":
|
|
|
|
|
p, err := x509.ParsePKIXPublicKey(block.Bytes)
|
|
|
|
|
if err != nil {
|
|
|
|
|
starlog.Errorf("解析公钥错误:%s\n", err)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
n := p.(*ecdsa.PublicKey)
|
|
|
|
|
starlog.Green("这是一个ECDSA公钥\n")
|
|
|
|
|
starlog.Green("公钥位数:%d\n", n.Curve.Params().BitSize)
|
|
|
|
|
starlog.Green("公钥曲线:%s\n", n.Curve.Params().Name)
|
|
|
|
|
starlog.Green("公钥长度:%d\n", n.Params().BitSize)
|
|
|
|
|
starlog.Green("公钥公钥X:%d\n", n.X)
|
|
|
|
|
starlog.Green("公钥公钥Y:%d\n", n.Y)
|
|
|
|
|
common = append(common, n)
|
|
|
|
|
case "OPENSSH PRIVATE KEY":
|
|
|
|
|
starlog.Infof("这是一个OpenSSH私钥文件\n")
|
|
|
|
|
var priv interface{}
|
|
|
|
|
var err error
|
|
|
|
|
if pwd == "" {
|
|
|
|
|
priv, err = ssh.ParseRawPrivateKey(oriData)
|
|
|
|
|
if err != nil {
|
|
|
|
|
starlog.Errorf("解析私钥错误:%s\n", err)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
priv, err = ssh.ParseRawPrivateKeyWithPassphrase(oriData, []byte(pwd))
|
|
|
|
|
if err != nil {
|
|
|
|
|
starlog.Errorf("解析私钥错误:%s\n", err)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
switch n := priv.(type) {
|
|
|
|
|
case *rsa.PrivateKey:
|
|
|
|
|
common = append(common, n)
|
|
|
|
|
starlog.Green("这是一个RSA私钥\n")
|
|
|
|
|
starlog.Green("私钥位数:%d\n", n.Size())
|
|
|
|
|
starlog.Green("私钥长度:%d\n", n.N.BitLen())
|
|
|
|
|
case *ecdsa.PrivateKey:
|
|
|
|
|
common = append(common, n)
|
|
|
|
|
starlog.Green("这是一个ECDSA私钥\n")
|
|
|
|
|
starlog.Green("私钥位数:%d\n", n.Curve.Params().BitSize)
|
|
|
|
|
case *dsa.PrivateKey:
|
|
|
|
|
common = append(common, n)
|
|
|
|
|
starlog.Green("这是一个DSA私钥\n")
|
|
|
|
|
case ed25519.PrivateKey, *ed25519.PrivateKey:
|
|
|
|
|
common = append(common, n)
|
|
|
|
|
starlog.Green("这是一个ED25519私钥\n")
|
|
|
|
|
case ecdh.PrivateKey:
|
|
|
|
|
common = append(common, n)
|
|
|
|
|
starlog.Green("这是一个ECDH私钥\n")
|
|
|
|
|
default:
|
|
|
|
|
starlog.Green("未知私钥类型\n")
|
|
|
|
|
}
|
|
|
|
|
continue
|
|
|
|
|
default:
|
|
|
|
|
starlog.Infof("未知证书文件类型\n")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func Pkcs8(data []byte, pwd, newPwd string, originName string, outpath string) error {
|
|
|
|
|
keys, _, err := GetCert(data, pwd)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
fmt.Println(len(keys))
|
|
|
|
|
for _, v := range keys {
|
|
|
|
|
if v == nil {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
switch n := v.(type) {
|
|
|
|
|
case *ecdsa.PrivateKey, *rsa.PrivateKey, *dsa.PrivateKey, ed25519.PrivateKey, *ed25519.PrivateKey, ecdh.PrivateKey:
|
|
|
|
|
var key interface{} = n
|
|
|
|
|
if reflect.TypeOf(n) == reflect.TypeOf(&ed25519.PrivateKey{}) {
|
|
|
|
|
fmt.Println("1")
|
|
|
|
|
key = *(n.(*ed25519.PrivateKey))
|
|
|
|
|
}
|
|
|
|
|
fmt.Println("2")
|
|
|
|
|
data, err = x509.MarshalPKCS8PrivateKey(key)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
fmt.Println("3")
|
|
|
|
|
var block *pem.Block
|
|
|
|
|
if newPwd != "" {
|
|
|
|
|
block, err = x509.EncryptPEMBlock(rand.Reader, "PRIVATE KEY", data, []byte(newPwd), x509.PEMCipherAES256)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
block = &pem.Block{Type: "PRIVATE KEY", Bytes: data}
|
|
|
|
|
}
|
|
|
|
|
fmt.Println("4")
|
|
|
|
|
err = os.WriteFile(outpath+"/"+originName+".pkcs8", pem.EncodeToMemory(block), 0644)
|
|
|
|
|
if err != nil {
|
|
|
|
|
fmt.Println("5")
|
|
|
|
|
return err
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("已将私钥保存到%s\n", outpath+"/"+originName+".pkcs8")
|
|
|
|
|
}
|
|
|
|
|
fmt.Println("6")
|
|
|
|
|
case *ecdsa.PublicKey, *rsa.PublicKey, *dsa.PublicKey, *ed25519.PublicKey, *ecdh.PublicKey:
|
|
|
|
|
data, err = x509.MarshalPKIXPublicKey(n)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
err = os.WriteFile(outpath+"/"+originName+".pub.pkcs8", pem.EncodeToMemory(&pem.Block{Type: "PUBLIC KEY", Bytes: data}), 0644)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("已将公钥保存到%s\n", outpath+"/"+originName+".pub.pkcs8")
|
|
|
|
|
}
|
|
|
|
|
default:
|
|
|
|
|
return fmt.Errorf("未知的密钥类型:%v", reflect.TypeOf(n))
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func Pkcs1(data []byte, pwd, newPwd string, originName string, outpath string) error {
|
|
|
|
|
keys, _, err := GetCert(data, pwd)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
for idx, v := range keys {
|
|
|
|
|
if v == nil {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
switch n := v.(type) {
|
|
|
|
|
case *rsa.PrivateKey:
|
|
|
|
|
data = x509.MarshalPKCS1PrivateKey(n)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
var block *pem.Block
|
|
|
|
|
if newPwd != "" {
|
|
|
|
|
block, err = x509.EncryptPEMBlock(rand.Reader, "RSA PRIVATE KEY", data, []byte(newPwd), x509.PEMCipherAES256)
|
|
|
|
|
} else {
|
|
|
|
|
block = &pem.Block{Type: "RSA PRIVATE KEY", Bytes: data}
|
|
|
|
|
}
|
|
|
|
|
err = os.WriteFile(fmt.Sprintf("%s/%s_%v.pkcs1", outpath, originName, idx), pem.EncodeToMemory(block), 0644)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("已将私钥保存到%s\n", fmt.Sprintf("%s/%s_%v.pkcs1", outpath, originName, idx))
|
|
|
|
|
}
|
|
|
|
|
case *rsa.PublicKey:
|
|
|
|
|
data = x509.MarshalPKCS1PublicKey(n)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
err = os.WriteFile(fmt.Sprintf("%s/%s_%v.pub.pkcs1", outpath, originName, idx), pem.EncodeToMemory(&pem.Block{Type: "RSA PUBLIC KEY", Bytes: data}), 0644)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("已将公钥保存到%s\n", fmt.Sprintf("%s/%s_%v.pub.pkcs1", outpath, originName, idx))
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func Pkcs12(keys []any, certs []x509.Certificate, enPwd string, originName string, outpath string) error {
|
|
|
|
|
var priv any
|
|
|
|
|
for _, v := range keys {
|
|
|
|
|
if v == nil {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
switch n := v.(type) {
|
|
|
|
|
case *ecdsa.PrivateKey, *rsa.PrivateKey, *dsa.PrivateKey, ed25519.PrivateKey, ecdh.PrivateKey, *ed25519.PrivateKey, *ecdh.PrivateKey:
|
|
|
|
|
priv = n
|
|
|
|
|
if reflect.TypeOf(n) == reflect.TypeOf(&ed25519.PrivateKey{}) {
|
|
|
|
|
priv = *(n.(*ed25519.PrivateKey))
|
|
|
|
|
}
|
|
|
|
|
break
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if priv == nil {
|
|
|
|
|
return errors.New("未找到私钥")
|
|
|
|
|
}
|
|
|
|
|
if len(certs) == 0 {
|
|
|
|
|
return errors.New("未找到证书")
|
|
|
|
|
}
|
|
|
|
|
mainCert := certs[0]
|
|
|
|
|
var certChain []*x509.Certificate
|
|
|
|
|
for _, v := range certs[1:] {
|
|
|
|
|
certChain = append(certChain, &v)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pfxData, err := pkcs12.Encode(rand.Reader, priv, &mainCert, certChain, enPwd)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
err = os.WriteFile(outpath+"/"+originName+".pfx", pfxData, 0644)
|
|
|
|
|
if err != nil {
|
|
|
|
|
starlog.Errorf("保存失败:%s\n", err)
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
starlog.Green("已将PKCS12文件保存到%s\n", outpath+"/"+originName+".pfx")
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func Tran(data []byte, pwd string, originName string, outpath string) error {
|
|
|
|
|
keys, _, err := GetCert(data, pwd)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
for idx, v := range keys {
|
|
|
|
|
if v == nil {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
switch n := v.(type) {
|
|
|
|
|
case *ecdsa.PrivateKey, *rsa.PrivateKey:
|
|
|
|
|
data, err = starcrypto.EncodePrivateKey(n, "")
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
err = os.WriteFile(fmt.Sprintf("%s/%s_%v.tran.key", outpath, originName, idx), data, 0644)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("已将私钥保存到%s\n", fmt.Sprintf("%s/%s_%v.tran.key", outpath, originName, idx))
|
|
|
|
|
}
|
|
|
|
|
case *ecdsa.PublicKey, *rsa.PublicKey:
|
|
|
|
|
data, err = starcrypto.EncodePublicKey(n)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
err = os.WriteFile(fmt.Sprintf("%s/%s_%v.tran.pub", outpath, originName, idx), data, 0644)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("已将公钥保存到%s\n", fmt.Sprintf("%s/%s_%v.tran.pub", outpath, originName, idx))
|
|
|
|
|
}
|
|
|
|
|
case *dsa.PrivateKey, ed25519.PrivateKey, ecdh.PrivateKey:
|
|
|
|
|
data, err = x509.MarshalPKCS8PrivateKey(n)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
err = os.WriteFile(outpath+"/"+originName+".tran.key", pem.EncodeToMemory(&pem.Block{Type: "PRIVATE KEY", Bytes: data}), 0644)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("已将私钥保存到%s\n", outpath+"/"+originName+".tran.key")
|
|
|
|
|
}
|
|
|
|
|
case *dsa.PublicKey, ed25519.PublicKey, ecdh.PublicKey:
|
|
|
|
|
data, err = x509.MarshalPKIXPublicKey(n)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
err = os.WriteFile(outpath+"/"+originName+".tran.pub", pem.EncodeToMemory(&pem.Block{Type: "PUBLIC KEY", Bytes: data}), 0644)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("已将公钥保存到%s\n", outpath+"/"+originName+".tran.pub")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func Openssh(data []byte, pwd, newPwd string, originName string, outpath string) error {
|
|
|
|
|
keys, _, err := GetCert(data, pwd)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
for _, v := range keys {
|
|
|
|
|
if v == nil {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
var block *pem.Block
|
|
|
|
|
switch n := v.(type) {
|
|
|
|
|
case *ecdsa.PrivateKey, *rsa.PrivateKey, *dsa.PrivateKey, ed25519.PrivateKey, ecdh.PrivateKey, *ed25519.PrivateKey, *ecdh.PrivateKey:
|
|
|
|
|
var key interface{} = n
|
|
|
|
|
if reflect.TypeOf(n) == reflect.TypeOf(&ed25519.PrivateKey{}) {
|
|
|
|
|
key = *(n.(*ed25519.PrivateKey))
|
|
|
|
|
}
|
|
|
|
|
if newPwd == "" {
|
|
|
|
|
block, err = ssh.MarshalPrivateKey(key, "")
|
|
|
|
|
} else {
|
|
|
|
|
block, err = ssh.MarshalPrivateKeyWithPassphrase(key, "", []byte(newPwd))
|
|
|
|
|
}
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
err = os.WriteFile(outpath+"/"+originName+".openssh", pem.EncodeToMemory(block), 0644)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("已将私钥保存到%s\n", outpath+"/"+originName+".openssh")
|
|
|
|
|
}
|
|
|
|
|
case *ecdsa.PublicKey, *rsa.PublicKey, *dsa.PublicKey, ed25519.PublicKey, ecdh.PublicKey:
|
|
|
|
|
sk, err := ssh.NewPublicKey(n)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
data = ssh.MarshalAuthorizedKey(sk)
|
|
|
|
|
err = os.WriteFile(outpath+"/"+originName+".pub.openssh", data, 0644)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
} else {
|
|
|
|
|
starlog.Green("已将公钥保存到%s\n", outpath+"/"+originName+".pub.openssh")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|