修复证书格式
This commit is contained in:
xmdhs
parent
50234d7070
commit
ffc9370ca4
@ -89,7 +89,7 @@ func ProvidePriKey(c config.Config) (*rsa.PrivateKey, error) {
|
||||
}
|
||||
|
||||
func ProvidePubKey(pri *rsa.PrivateKey) (yggdrasil.PubRsaKey, error) {
|
||||
s, err := sign.NewAuthlibSignWithKey(pri).GetPubKey()
|
||||
s, err := sign.NewAuthlibSignWithKey(pri).GetPKIXPubKeyWithOutRsa()
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("ProvidePubKey: %w", err)
|
||||
}
|
||||
|
||||
@ -279,7 +279,7 @@ func (y *Yggdrasil) PlayerCertificates(ctx context.Context, token string) (yggdr
|
||||
|
||||
s := sign.NewAuthlibSignWithKey(rsa2048)
|
||||
priKey := lo.Must(s.GetPriKey())
|
||||
pubKey := lo.Must(s.GetPubKey())
|
||||
pubKey := lo.Must(s.GetPKIXPubKey())
|
||||
|
||||
expiresAt := time.Now().Add(24 * time.Hour)
|
||||
expiresAtUnix := expiresAt.UnixMilli()
|
||||
|
||||
@ -1,7 +1,6 @@
|
||||
package sign
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"crypto"
|
||||
"crypto/rsa"
|
||||
"crypto/sha1"
|
||||
@ -23,10 +22,14 @@ func NewAuthlibSign(prikey []byte) (*AuthlibSign, error) {
|
||||
if b == nil {
|
||||
return nil, fmt.Errorf("NewAuthlibSign: %w", ErrPem)
|
||||
}
|
||||
priv, err := x509.ParsePKCS1PrivateKey(b.Bytes)
|
||||
p, err := x509.ParsePKCS8PrivateKey(b.Bytes)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("NewAuthlibSign: %w", err)
|
||||
}
|
||||
priv, ok := p.(*rsa.PrivateKey)
|
||||
if !ok {
|
||||
return nil, fmt.Errorf("NewAuthlibSign: %w", ErrPem)
|
||||
}
|
||||
return &AuthlibSign{
|
||||
key: priv,
|
||||
}, nil
|
||||
@ -42,32 +45,39 @@ func (a *AuthlibSign) GetKey() *rsa.PrivateKey {
|
||||
return a.key
|
||||
}
|
||||
|
||||
func (a *AuthlibSign) GetPubKey() (string, error) {
|
||||
derBytes := x509.MarshalPKCS1PublicKey(&a.key.PublicKey)
|
||||
func (a *AuthlibSign) getPKIXPubKey(typeStr string) (string, error) {
|
||||
derBytes, err := x509.MarshalPKIXPublicKey(&a.key.PublicKey)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("getPKIXPubKey: %w", err)
|
||||
}
|
||||
pemKey := &pem.Block{
|
||||
Type: "PUBLIC KEY",
|
||||
Type: typeStr,
|
||||
Bytes: derBytes,
|
||||
}
|
||||
bw := &bytes.Buffer{}
|
||||
err := pem.Encode(bw, pemKey)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("GetPubKey: %w", err)
|
||||
}
|
||||
return bw.String(), nil
|
||||
return string(pem.EncodeToMemory(pemKey)), nil
|
||||
}
|
||||
|
||||
// PKIX PUBLIC KEY
|
||||
func (a *AuthlibSign) GetPKIXPubKeyWithOutRsa() (string, error) {
|
||||
return a.getPKIXPubKey("PUBLIC KEY")
|
||||
}
|
||||
|
||||
// PKIX RSA PUBLIC KEY
|
||||
func (a *AuthlibSign) GetPKIXPubKey() (string, error) {
|
||||
return a.getPKIXPubKey("RSA PUBLIC KEY")
|
||||
}
|
||||
|
||||
// PKCS #8
|
||||
func (a *AuthlibSign) GetPriKey() (string, error) {
|
||||
derBytes := x509.MarshalPKCS1PrivateKey(a.key)
|
||||
derBytes, err := x509.MarshalPKCS8PrivateKey(a.key)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("GetPriKey: %w", err)
|
||||
}
|
||||
pemKey := &pem.Block{
|
||||
Type: "PRIVATE KEY",
|
||||
Type: "RSA PRIVATE KEY",
|
||||
Bytes: derBytes,
|
||||
}
|
||||
bw := &bytes.Buffer{}
|
||||
err := pem.Encode(bw, pemKey)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("GetPubKey: %w", err)
|
||||
}
|
||||
return bw.String(), nil
|
||||
return string(pem.EncodeToMemory(pemKey)), nil
|
||||
}
|
||||
|
||||
func (a *AuthlibSign) Sign(data []byte) (string, error) {
|
||||
|
||||
@ -24,7 +24,7 @@ func TestAuthlibSign(t *testing.T) {
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
pub, err := as.GetPubKey()
|
||||
pub, err := as.GetPKIXPubKey()
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user