• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

Golang pem.Block类代码示例

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

本文整理汇总了Golang中encoding/pem.Block的典型用法代码示例。如果您正苦于以下问题:Golang Block类的具体用法?Golang Block怎么用?Golang Block使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。



在下文中一共展示了Block类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Golang代码示例。

示例1: ReadPEMData

// Read a PEM file and ask for a password to decrypt it if needed
func ReadPEMData(pemFile string, pemPass []byte) ([]byte, error) {
	pemData, err := ioutil.ReadFile(pemFile)
	if err != nil {
		return pemData, err
	}

	// We should really just get the pem.Block back here, if there's other
	// junk on the end, warn about it.
	pemBlock, rest := pem.Decode(pemData)
	if len(rest) > 0 {
		log.Warning("Didn't parse all of", pemFile)
	}

	if x509.IsEncryptedPEMBlock(pemBlock) {
		// Decrypt and get the ASN.1 DER bytes here
		pemData, err = x509.DecryptPEMBlock(pemBlock, pemPass)
		if err != nil {
			return pemData, err
		} else {
			log.Info("Decrypted", pemFile, "successfully")
		}
		// Shove the decrypted DER bytes into a new pem Block with blank headers
		var newBlock pem.Block
		newBlock.Type = pemBlock.Type
		newBlock.Bytes = pemData
		// This is now like reading in an uncrypted key from a file and stuffing it
		// into a byte stream
		pemData = pem.EncodeToMemory(&newBlock)
	}
	return pemData, nil
}
开发者ID:BrianIp,项目名称:orchestrator,代码行数:32,代码来源:ssl.go


示例2: CertificateLockFile

// CertificateLockFile adds a new certificate lock on the given Client and
// Config that ensures that a server's certificate is signed by the same CA
// from connection-to-connection. This is helpful when connecting to servers
// with self-signed certificates.
//
// If filename does not exist, the server's certificate chain will be written
// to that file. If it does exist, certificates will be read from that file and
// added to RootCAs in config's TLSConfig.
//
// Example:
//
//  if firstConnectionToServer {
//      // Allow self-signed certificates to be accepted on the initial
//      // connection.
//      config.TLSConfig.InsecureSkipVerify = true
//  }
//  gumbleutil.CertificateLockFile(client, &config, filename)
//
//  if err := client.Connect(); err != nil {
//      panic(err)
//  }
func CertificateLockFile(client *gumble.Client, config *gumble.Config, filename string) (gumble.Detacher, error) {
	if file, err := os.Open(filename); err == nil {
		defer file.Close()
		if config.TLSConfig.RootCAs == nil {
			config.TLSConfig.RootCAs = x509.NewCertPool()
		}
		if data, err := ioutil.ReadAll(file); err == nil {
			config.TLSConfig.RootCAs.AppendCertsFromPEM(data)
		}
		return nil, nil
	}

	return client.Attach(Listener{
		Connect: func(e *gumble.ConnectEvent) {
			tlsClient, ok := e.Client.Conn().(*tls.Conn)
			if !ok {
				return
			}
			serverCerts := tlsClient.ConnectionState().PeerCertificates
			file, err := os.Create(filename)
			if err != nil {
				return
			}
			block := pem.Block{
				Type: "CERTIFICATE",
			}
			for _, cert := range serverCerts {
				block.Bytes = cert.Raw
				pem.Encode(file, &block)
			}
			file.Close()
		},
	}), nil
}
开发者ID:nadams,项目名称:gomumblesoundboard,代码行数:55,代码来源:certificatelock.go


示例3: Marshal

func (pk *PrivateKey) Marshal(ss ...string) ([]byte, error) {
	var k = x509.MarshalPKCS1PrivateKey(&pk.PrivateKey)
	var block pem.Block
	block.Bytes = k
	block.Type = strings.Join(ss, " ")
	return pem.EncodeToMemory(&block), nil
}
开发者ID:wzshiming,项目名称:base,代码行数:7,代码来源:key.go


示例4: execSSH

func execSSH(url, uuid string, key *rsa.PrivateKey, args []string) error {
	f, err := ioutil.TempFile("", "runx")
	if err != nil {
		return fmt.Errorf("tmpfile: %s", err)
	}
	defer f.Close()
	var b pem.Block
	b.Type = "RSA PRIVATE KEY"
	b.Bytes = x509.MarshalPKCS1PrivateKey(key)
	if err = pem.Encode(f, &b); err != nil {
		return fmt.Errorf("pem: %s", err)
	}
	f.Seek(0, 0)
	argv := []string{
		"ssh",
		"-i" + f.Name(),
		"-oProxyCommand=hk runx [proxy]",
		"-oLocalCommand=rm " + f.Name(),
		"-oStrictHostKeyChecking=no",
		"-oUserKnownHostsFile=/dev/null",
		"[email protected]" + uuid,
	}
	env := append(os.Environ(), "RUNX_URL="+url)
	return syscall.Exec("/usr/bin/ssh", append(argv, args...), env)
}
开发者ID:kr,项目名称:runx,代码行数:25,代码来源:main.go


示例5: EncodePEM

func EncodePEM(binary []byte, blockType string, password string) (pemBlock string, err error) {

	var blk *pem.Block
	/* Awaiting Go 1.1 */
	if password != "" {
		passwordBytes := ([]byte)(password)
		blk, err = x509.EncryptPEMBlock(rand.Reader, blockType, binary, passwordBytes, x509.PEMCipherAES256)
		if err != nil {
			return
		}
	} else {
		/* */
		blk = new(pem.Block)
		blk.Type = blockType
		blk.Bytes = binary
		/* Awaiting Go 1.1 */
	}
	/* */

	buf := new(bytes.Buffer)

	err = pem.Encode(buf, blk)
	if err != nil {
		return
	}

	pemBlock = buf.String()
	return
}
开发者ID:eric-hawthorne,项目名称:relish,代码行数:29,代码来源:crypto_util.go


示例6: ToCSRBundle

// ToCSRBundle converts a byte-based raw DER certificate bundle
// to a PEM-based string certificate bundle
func (p *ParsedCSRBundle) ToCSRBundle() (*CSRBundle, error) {
	result := &CSRBundle{}
	block := pem.Block{
		Type: "CERTIFICATE REQUEST",
	}

	if p.CSRBytes != nil && len(p.CSRBytes) > 0 {
		block.Bytes = p.CSRBytes
		result.CSR = strings.TrimSpace(string(pem.EncodeToMemory(&block)))
	}

	if p.PrivateKeyBytes != nil && len(p.PrivateKeyBytes) > 0 {
		block.Bytes = p.PrivateKeyBytes
		switch p.PrivateKeyType {
		case RSAPrivateKey:
			result.PrivateKeyType = "rsa"
			block.Type = "RSA PRIVATE KEY"
		case ECPrivateKey:
			result.PrivateKeyType = "ec"
			block.Type = "EC PRIVATE KEY"
		default:
			return nil, errutil.InternalError{"Could not determine private key type when creating block"}
		}
		result.PrivateKey = strings.TrimSpace(string(pem.EncodeToMemory(&block)))
	}

	return result, nil
}
开发者ID:quixoten,项目名称:vault,代码行数:30,代码来源:types.go


示例7: GenKeyPairIfNone

func GenKeyPairIfNone(privateName string, publicName string) {
	dir, _ := filepath.Abs(filepath.Dir(os.Args[0]))
	privatekey := filepath.Join(dir, privateName)
	publickey := filepath.Join(dir, publicName)

	if _, err := os.Stat(string(privatekey)); os.IsNotExist(err) {

		log.Println("Generating JWT private key at ", string(privatekey))
		k, err := rsa.GenerateKey(rand.Reader, 2048)
		if err != nil {
			log.Fatal(err)
		}
		var private pem.Block
		private.Type = "RSA PRIVATE KEY"
		private.Bytes = x509.MarshalPKCS1PrivateKey(k)
		pp := new(bytes.Buffer)
		pem.Encode(pp, &private)
		err = ioutil.WriteFile(string(privatekey), pp.Bytes(), 0644)
		if err != nil {
			log.Fatal(err)
		}

		log.Println("Generating JWT public key at ", string(privatekey))
		var public pem.Block
		public.Type = "RSA PUBLIC KEY"
		public.Bytes, _ = x509.MarshalPKIXPublicKey(&k.PublicKey)
		ps := new(bytes.Buffer)
		pem.Encode(ps, &public)
		err = ioutil.WriteFile(string(publickey), ps.Bytes(), 0644)
		if err != nil {
			log.Fatal(err)
		}
	}

}
开发者ID:RadioTerminal,项目名称:podcaster,代码行数:35,代码来源:jwt.go


示例8: MarshalPrivate

// Given a private key and a (possibly empty) password, returns a byte
// slice containing a PEM-encoded private key in the appropriate
// OpenSSH format.
func MarshalPrivate(priv interface{}, password string) (out []byte, err error) {
	var (
		keytype Type
		der     []byte
		btype   string
	)

	switch priv.(type) {
	case *rsa.PrivateKey:
		keytype = KEY_RSA
		der = x509.MarshalPKCS1PrivateKey(priv.(*rsa.PrivateKey))
		if der == nil {
			err = ErrInvalidPrivateKey
			return
		}
		btype = "RSA PRIVATE KEY"
	case *ecdsa.PrivateKey:
		keytype = KEY_ECDSA
		der, err = marshalECDSAKey(priv.(*ecdsa.PrivateKey))
		btype = "EC PRIVATE KEY"
	case *dsa.PrivateKey:
		keytype = KEY_DSA

		dsakey := priv.(*dsa.PrivateKey)
		k := struct {
			Version int
			P       *big.Int
			Q       *big.Int
			G       *big.Int
			Priv    *big.Int
			Pub     *big.Int
		}{
			Version: 1,
			P:       dsakey.PublicKey.P,
			Q:       dsakey.PublicKey.Q,
			G:       dsakey.PublicKey.G,
			Priv:    dsakey.PublicKey.Y,
			Pub:     dsakey.X,
		}
		der, err = asn1.Marshal(k)
		if err != nil {
			return
		}
		btype = "DSA PRIVATE KEY"
	default:
		err = ErrInvalidPrivateKey
		return
	}

	if password != "" {
		out, err = encrypt(der, keytype, password)
		return
	}
	var block pem.Block
	block.Type = btype
	block.Bytes = der
	out = pem.EncodeToMemory(&block)
	return
}
开发者ID:postfix,项目名称:sshkey,代码行数:62,代码来源:sshkey.go


示例9: readPEMFile

func readPEMFile(path, passphrase string) ([]byte, error) {
	pass := []byte(passphrase)
	var blocks []*pem.Block

	content, err := ioutil.ReadFile(path)
	if err != nil {
		return nil, err
	}

	for len(content) > 0 {
		var block *pem.Block

		block, content = pem.Decode(content)
		if block == nil {
			if len(blocks) == 0 {
				return nil, errors.New("no pem file")
			}
			break
		}

		if x509.IsEncryptedPEMBlock(block) {
			var buffer []byte
			var err error
			if len(pass) == 0 {
				err = errors.New("No passphrase available")
			} else {
				// Note, decrypting pem might succeed even with wrong password, but
				// only noise will be stored in buffer in this case.
				buffer, err = x509.DecryptPEMBlock(block, pass)
			}

			if err != nil {
				logp.Err("Dropping encrypted pem '%v' block read from %v. %v",
					block.Type, path, err)
				continue
			}

			// DEK-Info contains encryption info. Remove header to mark block as
			// unencrypted.
			delete(block.Headers, "DEK-Info")
			block.Bytes = buffer
		}
		blocks = append(blocks, block)
	}

	if len(blocks) == 0 {
		return nil, errors.New("no PEM blocks")
	}

	// re-encode available, decrypted blocks
	buffer := bytes.NewBuffer(nil)
	for _, block := range blocks {
		err := pem.Encode(buffer, block)
		if err != nil {
			return nil, err
		}
	}
	return buffer.Bytes(), nil
}
开发者ID:ruflin,项目名称:beats,代码行数:59,代码来源:tls.go


示例10: byteToPEM

func byteToPEM(b []byte, t PEMType) []byte {
	var blk pem.Block = pem.Block{
		Type:    string(t),
		Headers: nil,
	}

	blk.Bytes = b
	data := pem.EncodeToMemory(&blk)
	return data
}
开发者ID:rabarar,项目名称:tls-example,代码行数:10,代码来源:gen.go


示例11: main

func main() {
	k, err := rsa.GenerateKey(rand.Reader, 768)
	if err != nil {
		log.Fatal(err)
	}
	var b pem.Block
	b.Type = "RSA PRIVATE KEY"
	b.Bytes = x509.MarshalPKCS1PrivateKey(k)
	pem.Encode(os.Stdout, &b)
}
开发者ID:kr,项目名称:runx,代码行数:10,代码来源:rsa.go


示例12: PrintPublicKey

func PrintPublicKey(pubkey crypto.PublicKey) {

	bytes, _ := x509.MarshalPKIXPublicKey(pubkey)
	block := pem.Block{}
	block.Type = "EC PUBLIC KEY"

	block.Bytes = bytes
	bytes_encoded := pem.EncodeToMemory(&block)

	log.Debugf("Public key:\n%s", string(bytes_encoded))
}
开发者ID:heipei,项目名称:nginx-sso,代码行数:11,代码来源:ssocookie.go


示例13: ExportPrivatePEM

// ExportPrivatePEM writes the RSA private key to a file in PEM format.
func ExportPrivatePEM(prv *rsa.PrivateKey, filename string) (err error) {
	cert := x509.MarshalPKCS1PrivateKey(prv)
	blk := new(pem.Block)
	blk.Type = "RSA PRIVATE KEY"
	blk.Bytes = cert
	out, err := os.Create(filename)
	if err == nil {
		err = pem.Encode(out, blk)
	}
	return
}
开发者ID:jonathanmarvens,项目名称:gocrypto,代码行数:12,代码来源:crypto.go


示例14: main

func main() {
	var blk pem.Block = pem.Block{
		Type:    "CERTIFICATE",
		Headers: nil,
	}

	ca_b, _ := ioutil.ReadFile("ca.pem")
	blk.Bytes = ca_b

	data := pem.EncodeToMemory(&blk)
	fmt.Printf("%s\n", data)
}
开发者ID:rabarar,项目名称:tls-example,代码行数:12,代码来源:encmem.go


示例15: ExportPublicPEM

// ExportPublicPEM writes the public key to a file in PEM format.
func ExportPublicPEM(pub *rsa.PublicKey, filename string) (err error) {
	cert, err := x509.MarshalPKIXPublicKey(pub)
	if err != nil {
		return
	}
	blk := new(pem.Block)
	blk.Type = "RSA PUBLIC KEY"
	blk.Bytes = cert
	out, err := os.Create(filename)
	if err == nil {
		err = pem.Encode(out, blk)
	}
	return
}
开发者ID:jonathanmarvens,项目名称:gocrypto,代码行数:15,代码来源:crypto.go


示例16: newECDSACertificateRequest

func newECDSACertificateRequest(priv *ecdsa.PrivateKey, si *SubjectInfo) (out []byte, err error) {
	var siAttr rdnSequence

	rdnAppendPrintable(si.Country, asn1CountryName, &siAttr)
	rdnAppendPrintable(si.StateOrProvince, asn1StateOrProvName, &siAttr)
	rdnAppendPrintable(si.Locality, asn1LocalityName, &siAttr)
	rdnAppendPrintable(si.OrgName, asn1OrgName, &siAttr)
	rdnAppendPrintable(si.OrgUnitName, asn1OrgUnitName, &siAttr)
	rdnAppendPrintable(si.CommonName, asn1CommonName, &siAttr)
	rdnAppendPrintable(si.Email, asn1EmailAddress, &siAttr)

	pkInfo, err := encodeECDSA(priv.PublicKey)
	if err != nil {
		return
	}
	var csrInfo = certificateRequestInfo{
		Subject: siAttr,
		PKInfo:  pkInfo,
	}

	sigData, err := asn1.Marshal(csrInfo)
	if err != nil {
		return
	}
	sum := sha256.Sum256(sigData)
	r, s, err := ecdsa.Sign(rand.Reader, priv, sum[:])
	if err != nil {
		return
	}
	ecdsaSig := ecdsaSignature{r, s}
	sig, err := asn1.Marshal(ecdsaSig)
	if err != nil {
		return
	}

	var crt = certificateRequest{
		Info:      csrInfo,
		SigAlgo:   nullAlgorithm(asn1SHA256withECDSA),
		Signature: toBitString(sig),
	}

	var block pem.Block
	block.Type = "CERTIFICATE REQUEST"
	block.Bytes, err = asn1.Marshal(crt)
	if err != nil {
		return
	}
	out = pem.EncodeToMemory(&block)
	return
}
开发者ID:postfix,项目名称:csr,代码行数:50,代码来源:encode.go


示例17: generatePrivatePem

func generatePrivatePem(prv *rsa.PrivateKey) (prvPem string, err error) {
	cert := x509.MarshalPKCS1PrivateKey(prv)
	blk := new(pem.Block)
	blk.Type = "RSA PRIVATE KEY"
	blk.Bytes = cert

	var b bytes.Buffer
	err = pem.Encode(&b, blk)
	if err != nil {
		return
	}

	prvPem = b.String()
	return
}
开发者ID:nicnys-8,项目名称:mdc,代码行数:15,代码来源:crypto.go


示例18: packageBox

// packageBox actually handles boxing. It can output either PEM-encoded or
// DER-encoded boxes.
func packageBox(lockedKey, box []byte, armour bool) (pkg []byte, err error) {
	var pkgBox = boxPackage{lockedKey, box}

	pkg, err = asn1.Marshal(pkgBox)
	if err != nil {
		fmt.Println("[!] couldn't package the box")
		return
	}

	if armour {
		var block pem.Block
		block.Type = "SSHBOX ENCRYPTED FILE"
		block.Bytes = pkg
		pkg = pem.EncodeToMemory(&block)
	}
	return
}
开发者ID:postfix,项目名称:sshbox,代码行数:19,代码来源:sshbox.go


示例19: GenerateKeyAndCSR

// GenerateKeyAndCSR generates a new PEM-encoded private key and
// certificate signature request. The keyType parameter controls what
// type of key is generated; the size parameter controls what size key
// (in bits) is generated. For ECDSA, valid key sizes are 256, 384,
// and 521; these translate to secp256v1, secp384r1, and secp521r1. The
// SubjectInfo parameter contains the information used to create the CSR.
func GenerateKeyAndCSR(keyType PublicAlgo, size int, si *SubjectInfo) (pemKey []byte, csr []byte, err error) {
	var priv interface{}
	var block pem.Block

	switch keyType {
	case RSA:
		priv, err = rsa.GenerateKey(rand.Reader, size)
		if err != nil {
			return nil, nil, err
		}
		block.Bytes = x509.MarshalPKCS1PrivateKey(priv.(*rsa.PrivateKey))
		block.Type = "RSA PRIVATE KEY"
	case ECDSA:
		var curve elliptic.Curve
		switch size {
		case 256:
			curve = elliptic.P256()
		case 384:
			curve = elliptic.P384()
		case 521:
			curve = elliptic.P521()
		default:
			err = ErrUnsupportedPrivate
			return
		}

		priv, err = ecdsa.GenerateKey(curve, rand.Reader)
		if err != nil {
			return
		}

		block.Bytes, err = x509.MarshalECPrivateKey(priv.(*ecdsa.PrivateKey))
		if err != nil {
			return
		}
		block.Type = "EC PRIVATE KEY"
	default:
		err = ErrUnsupportedPrivate
		return
	}

	pemKey = pem.EncodeToMemory(&block)
	csr, err = NewCertificateRequest(priv, si)
	return
}
开发者ID:postfix,项目名称:csr,代码行数:51,代码来源:keygen.go


示例20: CertificateLockFile

// CertificateLockFile adds a new certificate lock on the given Client that
// ensures that a server's certificate chain is the same from
// connection-to-connection. This is helpful when connecting to servers with
// self-signed certificates.
//
// If filename does not exist, the server's certificate chain will be written
// to that file. If it does exist, certificates will be read from the file and
// checked against the server's certificate chain upon connection.
//
// Example:
//
//  if allowSelfSignedCertificates {
//      config.TLSConfig.InsecureSkipVerify = true
//  }
//  gumbleutil.CertificateLockFile(client, filename)
//
//  if err := client.Connect(); err != nil {
//      panic(err)
//  }
func CertificateLockFile(client *gumble.Client, filename string) {
	client.Config.TLSVerify = func(state *tls.ConnectionState) error {
		if file, err := os.Open(filename); err == nil {
			defer file.Close()
			data, err := ioutil.ReadAll(file)
			if err != nil {
				return err
			}
			i := 0
			for block, data := pem.Decode(data); block != nil; block, data = pem.Decode(data) {
				cert, err := x509.ParseCertificate(block.Bytes)
				if err != nil {
					return err
				}
				if i >= len(state.PeerCertificates) {
					return errors.New("gumbleutil: invalid certificate chain length")
				}
				if !cert.Equal(state.PeerCertificates[i]) {
					return errors.New("gumbleutil: certificate verification failure")
				}
				i++
			}
			if i != len(state.PeerCertificates) {
				return errors.New("gumbleutil: invalid certificate chain length")
			}
			return nil
		}

		file, err := os.Create(filename)
		if err != nil {
			return err
		}
		defer file.Close()
		block := pem.Block{
			Type: "CERTIFICATE",
		}
		for _, cert := range state.PeerCertificates {
			block.Bytes = cert.Raw
			if err := pem.Encode(file, &block); err != nil {
				return err
			}
		}
		return nil
	}
}
开发者ID:GEverding,项目名称:gumble,代码行数:64,代码来源:certificatelock.go



注:本文中的encoding/pem.Block类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。


鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
Golang proto.CompactTextString函数代码示例发布时间:2022-05-24
下一篇:
Golang pem.EncodeToMemory函数代码示例发布时间:2022-05-24
热门推荐
热门话题
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap