可用于获取支付宝根证书序列号,本代码也适用于获取应用证书序列号,亲测有效
话不多说,直接上代码
首先看一下支付宝java版sdk解析思路:
支付宝根证书有四部分构成,但不是说每一部分都能用的到,根据java版sdk来看,只有oid值以1.2.840.11359.1.1开头的参与根证书序列号的拼接
golang代码:
func GetCertRootSn(certPath string) (string, error) {
certData, err := ioutil.ReadFile(certPath)
if err != nil {
return "", err
}
strs := strings.Split(string(certData), "-----END CERTIFICATE-----")
var cert bytes.Buffer
for i := 0; i < len(strs); i++ {
if strs[i] == "" {
continue
}
if blo, _ := pem.Decode([]byte(strs[i] + "-----END CERTIFICATE-----")); blo != nil {
c, err := x509.ParseCertificate(blo.Bytes)
if err != nil {
continue
}
if _, ok := alog[c.SignatureAlgorithm.String()]; !ok {
continue
}
si := c.Issuer.String() + c.SerialNumber.String()
if cert.String() == "" {
cert.WriteString(utils.MD5(si))
} else {
cert.WriteString("_")
cert.WriteString(utils.MD5(si))
}
}
}
return cert.String(), nil
}
"MD2-RSA" "MD5-RSA" "SHA1-RSA" "SHA256-RSA" "SHA384-RSA" "SHA512-RSA" "SHA256-RSAPSS" "SHA384-RSAPSS" "SHA512-RSAPSS" var alog map[string]string = map[string]string{
"MD2-RSA": "MD2WithRSA",
"MD5-RSA": "MD5WithRSA",
"SHA1-RSA": "SHA1WithRSA",
"SHA256-RSA": "SHA256WithRSA",
"SHA384-RSA": "SHA384WithRSA",
"SHA512-RSA": "SHA512WithRSA",
"SHA256-RSAPSS": "SHA256WithRSAPSS",
"SHA384-RSAPSS": "SHA384WithRSAPSS",
"SHA512-RSAPSS": "SHA512WithRSAPSS",
}
到这里就结束了;