OXIESEC PANEL
- Current Dir:
/
/
opt
/
golang
/
1.22.0
/
src
/
crypto
/
x509
Server IP: 191.96.63.230
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
02/02/2024 06:09:55 PM
rwxr-xr-x
📄
boring.go
993 bytes
02/02/2024 06:09:55 PM
rw-r--r--
📄
boring_test.go
3.75 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
cert_pool.go
8.93 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
cert_pool_test.go
2.25 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
example_test.go
5.32 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
hybrid_pool_test.go
3.72 KB
02/02/2024 06:09:55 PM
rw-r--r--
📁
internal
-
02/02/2024 06:09:55 PM
rwxr-xr-x
📄
name_constraints_test.go
44.92 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
notboring.go
258 bytes
02/02/2024 06:09:55 PM
rw-r--r--
📄
oid.go
5.75 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
oid_test.go
3.7 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
parser.go
36.57 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
parser_test.go
2.63 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
pem_decrypt.go
7.2 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
pem_decrypt_test.go
8.92 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
pkcs1.go
4.66 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
pkcs8.go
5.8 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
pkcs8_test.go
8.95 KB
02/02/2024 06:09:55 PM
rw-r--r--
📁
pkix
-
02/02/2024 06:09:55 PM
rwxr-xr-x
📄
platform_root_cert.pem
749 bytes
02/02/2024 06:09:55 PM
rw-r--r--
📄
platform_root_key.pem
227 bytes
02/02/2024 06:09:55 PM
rw-r--r--
📄
platform_test.go
7.28 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
root.go
2.03 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_aix.go
410 bytes
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_bsd.go
748 bytes
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_darwin.go
3.48 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_darwin_test.go
3.7 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_linux.go
1.11 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_plan9.go
828 bytes
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_solaris.go
538 bytes
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_test.go
2.62 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_unix.go
2.67 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_unix_test.go
6.07 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_wasm.go
373 bytes
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_windows.go
8.74 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_windows_test.go
3.43 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
sec1.go
4.58 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
sec1_test.go
5.36 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
test-file.crt
1.9 KB
02/02/2024 06:09:55 PM
rw-r--r--
📁
testdata
-
02/02/2024 06:09:55 PM
rwxr-xr-x
📄
verify.go
35.3 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
verify_test.go
108.97 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
x509.go
82.3 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
x509_test.go
159.96 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
x509_test_import.go
1.7 KB
02/02/2024 06:09:55 PM
rw-r--r--
Editing: sec1.go
Close
// Copyright 2012 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package x509 import ( "crypto/ecdh" "crypto/ecdsa" "crypto/elliptic" "encoding/asn1" "errors" "fmt" "math/big" ) const ecPrivKeyVersion = 1 // ecPrivateKey reflects an ASN.1 Elliptic Curve Private Key Structure. // References: // // RFC 5915 // SEC1 - http://www.secg.org/sec1-v2.pdf // // Per RFC 5915 the NamedCurveOID is marked as ASN.1 OPTIONAL, however in // most cases it is not. type ecPrivateKey struct { Version int PrivateKey []byte NamedCurveOID asn1.ObjectIdentifier `asn1:"optional,explicit,tag:0"` PublicKey asn1.BitString `asn1:"optional,explicit,tag:1"` } // ParseECPrivateKey parses an EC private key in SEC 1, ASN.1 DER form. // // This kind of key is commonly encoded in PEM blocks of type "EC PRIVATE KEY". func ParseECPrivateKey(der []byte) (*ecdsa.PrivateKey, error) { return parseECPrivateKey(nil, der) } // MarshalECPrivateKey converts an EC private key to SEC 1, ASN.1 DER form. // // This kind of key is commonly encoded in PEM blocks of type "EC PRIVATE KEY". // For a more flexible key format which is not EC specific, use // [MarshalPKCS8PrivateKey]. func MarshalECPrivateKey(key *ecdsa.PrivateKey) ([]byte, error) { oid, ok := oidFromNamedCurve(key.Curve) if !ok { return nil, errors.New("x509: unknown elliptic curve") } return marshalECPrivateKeyWithOID(key, oid) } // marshalECPrivateKeyWithOID marshals an EC private key into ASN.1, DER format and // sets the curve ID to the given OID, or omits it if OID is nil. func marshalECPrivateKeyWithOID(key *ecdsa.PrivateKey, oid asn1.ObjectIdentifier) ([]byte, error) { if !key.Curve.IsOnCurve(key.X, key.Y) { return nil, errors.New("invalid elliptic key public key") } privateKey := make([]byte, (key.Curve.Params().N.BitLen()+7)/8) return asn1.Marshal(ecPrivateKey{ Version: 1, PrivateKey: key.D.FillBytes(privateKey), NamedCurveOID: oid, PublicKey: asn1.BitString{Bytes: elliptic.Marshal(key.Curve, key.X, key.Y)}, }) } // marshalECDHPrivateKey marshals an EC private key into ASN.1, DER format // suitable for NIST curves. func marshalECDHPrivateKey(key *ecdh.PrivateKey) ([]byte, error) { return asn1.Marshal(ecPrivateKey{ Version: 1, PrivateKey: key.Bytes(), PublicKey: asn1.BitString{Bytes: key.PublicKey().Bytes()}, }) } // parseECPrivateKey parses an ASN.1 Elliptic Curve Private Key Structure. // The OID for the named curve may be provided from another source (such as // the PKCS8 container) - if it is provided then use this instead of the OID // that may exist in the EC private key structure. func parseECPrivateKey(namedCurveOID *asn1.ObjectIdentifier, der []byte) (key *ecdsa.PrivateKey, err error) { var privKey ecPrivateKey if _, err := asn1.Unmarshal(der, &privKey); err != nil { if _, err := asn1.Unmarshal(der, &pkcs8{}); err == nil { return nil, errors.New("x509: failed to parse private key (use ParsePKCS8PrivateKey instead for this key format)") } if _, err := asn1.Unmarshal(der, &pkcs1PrivateKey{}); err == nil { return nil, errors.New("x509: failed to parse private key (use ParsePKCS1PrivateKey instead for this key format)") } return nil, errors.New("x509: failed to parse EC private key: " + err.Error()) } if privKey.Version != ecPrivKeyVersion { return nil, fmt.Errorf("x509: unknown EC private key version %d", privKey.Version) } var curve elliptic.Curve if namedCurveOID != nil { curve = namedCurveFromOID(*namedCurveOID) } else { curve = namedCurveFromOID(privKey.NamedCurveOID) } if curve == nil { return nil, errors.New("x509: unknown elliptic curve") } k := new(big.Int).SetBytes(privKey.PrivateKey) curveOrder := curve.Params().N if k.Cmp(curveOrder) >= 0 { return nil, errors.New("x509: invalid elliptic curve private key value") } priv := new(ecdsa.PrivateKey) priv.Curve = curve priv.D = k privateKey := make([]byte, (curveOrder.BitLen()+7)/8) // Some private keys have leading zero padding. This is invalid // according to [SEC1], but this code will ignore it. for len(privKey.PrivateKey) > len(privateKey) { if privKey.PrivateKey[0] != 0 { return nil, errors.New("x509: invalid private key length") } privKey.PrivateKey = privKey.PrivateKey[1:] } // Some private keys remove all leading zeros, this is also invalid // according to [SEC1] but since OpenSSL used to do this, we ignore // this too. copy(privateKey[len(privateKey)-len(privKey.PrivateKey):], privKey.PrivateKey) priv.X, priv.Y = curve.ScalarBaseMult(privateKey) return priv, nil }