Fatal编程技术网
  • go/
  • 以可读格式解码X509证书-Golang

以可读格式解码X509证书-Golang

go certificate

以可读格式解码X509证书-Golang,go,certificate,ssl-certificate,x509certificate,x509,Go,Certificate,Ssl Certificate,X509certificate,X509,我有以下代码: package main import ( "crypto/dsa" "crypto/ecdsa" "crypto/rsa" "crypto/x509" "encoding/pem" "fmt" ) func main() { // Verifying with a custom list of root certificates. const rootPEM = ` -----BEGIN CERTIFICAT

我有以下代码:

package main

import (
    "crypto/dsa"
    "crypto/ecdsa"
    "crypto/rsa"
    "crypto/x509"
    "encoding/pem"
    "fmt"
)

func main() {
    // Verifying with a custom list of root certificates.

    const rootPEM = `
-----BEGIN CERTIFICATE-----
MIIEBDCCAuygAwIBAgIDAjppMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
YWwgQ0EwHhcNMTMwNDA1MTUxNTU1WhcNMTUwNDA0MTUxNTU1WjBJMQswCQYDVQQG
EwJVUzETMBEGA1UEChMKR29vZ2xlIEluYzElMCMGA1UEAxMcR29vZ2xlIEludGVy
bmV0IEF1dGhvcml0eSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AJwqBHdc2FCROgajguDYUEi8iT/xGXAaiEZ+4I/F8YnOIe5a/mENtzJEiaB0C1NP
VaTOgmKV7utZX8bhBYASxF6UP7xbSDj0U/ck5vuR6RXEz/RTDfRK/J9U3n2+oGtv
h8DQUB8oMANA2ghzUWx//zo8pzcGjr1LEQTrfSTe5vn8MXH7lNVg8y5Kr0LSy+rE
ahqyzFPdFUuLH8gZYR/Nnag+YyuENWllhMgZxUYi+FOVvuOAShDGKuy6lyARxzmZ
EASg8GF6lSWMTlJ14rbtCMoU/M4iarNOz0YDl5cDfsCx3nuvRTPPuj5xt970JSXC
DTWJnZ37DhF5iR43xa+OcmkCAwEAAaOB+zCB+DAfBgNVHSMEGDAWgBTAephojYn7
qwVkDBF9qn1luMrMTjAdBgNVHQ4EFgQUSt0GFhu89mi1dvWBtrtiGrpagS8wEgYD
VR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwOgYDVR0fBDMwMTAvoC2g
K4YpaHR0cDovL2NybC5nZW90cnVzdC5jb20vY3Jscy9ndGdsb2JhbC5jcmwwPQYI
KwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwOi8vZ3RnbG9iYWwtb2NzcC5n
ZW90cnVzdC5jb20wFwYDVR0gBBAwDjAMBgorBgEEAdZ5AgUBMA0GCSqGSIb3DQEB
BQUAA4IBAQA21waAESetKhSbOHezI6B1WLuxfoNCunLaHtiONgaX4PCVOzf9G0JY
/iLIa704XtE7JW4S615ndkZAkNoUyHgN7ZVm2o6Gb4ChulYylYbc3GrKBIxbf/a/
zG+FA1jDaFETzf3I93k9mTXwVqO94FntT0QJo544evZG0R0SnU++0ED8Vf4GXjza
HFa9llF7b1cq26KqltyMdMKVvvBulRP/F/A8rLIQjcxz++iPAsbw+zOzlTvjwsto
WHPbqCRiOwY1nQ2pM714A5AuTHhdUDqB1O6gyHA43LL5Z/qHQF1hwFGPa4NrzQU6
yuGnBXj8ytqU0CwIPX4WecigUCAkVDNx
-----END CERTIFICATE-----`

    const certPEM = `
-----BEGIN CERTIFICATE-----
MIIDujCCAqKgAwIBAgIIE31FZVaPXTUwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE
BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl
cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwMTI5MTMyNzQzWhcNMTQwNTI5MDAwMDAw
WjBpMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN
TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEYMBYGA1UEAwwPbWFp
bC5nb29nbGUuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEfRrObuSW5T7q
5CnSEqefEmtH4CCv6+5EckuriNr1CjfVvqzwfAhopXkLrq45EQm8vkmf7W96XJhC
7ZM0dYi1/qOCAU8wggFLMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAa
BgNVHREEEzARgg9tYWlsLmdvb2dsZS5jb20wCwYDVR0PBAQDAgeAMGgGCCsGAQUF
BwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29tL0dJQUcy
LmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5jb20vb2Nz
cDAdBgNVHQ4EFgQUiJxtimAuTfwb+aUtBn5UYKreKvMwDAYDVR0TAQH/BAIwADAf
BgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAOMAwGCisG
AQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29nbGUuY29t
L0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAH6RYHxHdcGpMpFE3oxDoFnP+
gtuBCHan2yE2GRbJ2Cw8Lw0MmuKqHlf9RSeYfd3BXeKkj1qO6TVKwCh+0HdZk283
TZZyzmEOyclm3UGFYe82P/iDFt+CeQ3NpmBg+GoaVCuWAARJN/KfglbLyyYygcQq
0SgeDh8dRKUiaW3HQSoYvTvdTuqzwK4CXsr3b5/dAOY8uMuG/IAR3FgwTbZ1dtoW
RvOTa8hYiU6A475WuZKyEHcwnGYe57u2I2KbMgcKjPniocj4QzgYsVAVKW3IwaOh
yE+vPxsiUkvQHdO2fojCkY8jg70jxM+gu59tPDNbw3Uh/2Ij310FgTHsnGQMyA==
-----END CERTIFICATE-----`

    // First, create the set of root certificates. For this example we only
    // have one. It's also possible to omit this in order to use the
    // default root set of the current operating system.
    roots := x509.NewCertPool()
    ok := roots.AppendCertsFromPEM([]byte(rootPEM))
    if !ok {
        panic("failed to parse root certificate")
    }

    block, _ := pem.Decode([]byte(certPEM))
    if block == nil {
        panic("failed to parse certificate PEM")
    }
    cert, err := x509.ParseCertificate(block.Bytes)
    if err != nil {
        panic("failed to parse certificate: " + err.Error())
    }

    // I want to print cert.Raw in human readable format
    fmt.Println(string(cert.Raw))
}
然而,我不断得到这样的信息:

0I10??}E*?H??0
   0    UUS10U

140529000000Z0i1oogle Internet Authority G20
                0   UUS10U

California10U
Mountain View10U


Google Inc10U
             mail.google.com0Y0*?H?*?H?=B}?n??>??)???kG? ???DrK????
7վ??h?y
       ??9  ??I??oz\?B?4u?????O0?K0U%+0U0?mail.google.com0
                                                              U?0+\0Z0+0?http://pki.google.com/GIAG2.crt0+0?http://clients1.google.com/ocsp0U??m?`.M??-~T`??*?0
                U?00U#0?J??h?v????b?Z?/0U 00

??X?pjL?Q7??s??v??!6??,</i.google.com/GIAG2.crl0
ͦ``?jT+?I7?V??&2??*?(D?"im?A*?;?N???^??o???<?ˆ???X0M?uv?F?k?X?N??V???w0?f绶#b?2
?????C8?P)m?????O??RK?Ӷ~??#??#?Ϡ??m<3[?u!?b#?]?1?d
                                                   ?

0I10???E*?H??0
0 UUS10U
14052900000Z0I1OGLE互联网管理局G20
0 UUS10U
加州10U
山景10U
谷歌Inc10U
mail.google.com0Y0*?H*?H=B}?n>>?kG???DrK????
7վ?h?y
??9i?oz \?B?4u?O0?K0U%+0U0?mail.google.com0
U?0+\0Z0+0?http://pki.google.com/GIAG2.crt0+0?http://clients1.google.com/ocsp0U??m?`.M???-~T`??*?0
U?00U#0?J?h?v?b?Z?/0U 00
?X?pjL?Q7?s?v??!6??,在
x509.Certificate
中没有
String()String
成员函数,因此您需要自己编写一个

e、 g

当我在*.google.com PEM上运行这个时,我得到了


{[US] [Google Inc] [] [] [] [] []  Google Internet Authority G2 [{2.5.4.6 US} {2.5.4.10 Google Inc} {2.5.4.3 Google Internet Authority G2}] []}
{[US] [GeoTrust Inc.] [] [] [] [] []  GeoTrust Global CA [{2.5.4.6 US} {2.5.4.10 GeoTrust Inc.} {2.5.4.3 GeoTrust Global CA}] []}
RSA



你说的“人类可读”是什么意思?你想用PEM格式重新编码吗?@JimB你看到
fmt.Println(string(cert.Raw))
的输出是什么样子的吗?我想有一个人类可读的格式。。。您不是在打印“im?A*?;?N???^?o???”而是在打印“Raw”字段,它是原始ASN.1 DER字节。您已经将ASN.1解析为包含许多人类可读字段的
证书。

{[US] [Google Inc] [] [] [] [] []  Google Internet Authority G2 [{2.5.4.6 US} {2.5.4.10 Google Inc} {2.5.4.3 Google Internet Authority G2}] []}
{[US] [GeoTrust Inc.] [] [] [] [] []  GeoTrust Global CA [{2.5.4.6 US} {2.5.4.10 GeoTrust Inc.} {2.5.4.3 GeoTrust Global CA}] []}
RSA