diff --git a/cryptobin/ca/ca.go b/cryptobin/ca/ca.go index 5616a220..7ba2f39d 100644 --- a/cryptobin/ca/ca.go +++ b/cryptobin/ca/ca.go @@ -7,6 +7,7 @@ import ( "crypto/elliptic" "github.com/deatil/go-cryptobin/x509" + "github.com/deatil/go-cryptobin/pubkey/gost" ) // public key type @@ -26,6 +27,8 @@ func (typ PublicKeyType) String() string { return "EdDSA" case KeyTypeSM2: return "SM2" + case KeyTypeGost: + return "Gost" default: return "unknown KeyType value " + strconv.Itoa(int(typ)) } @@ -38,6 +41,7 @@ const ( KeyTypeECDSA KeyTypeEdDSA KeyTypeSM2 + KeyTypeGost ) // Options @@ -51,6 +55,9 @@ type Options struct { // ecc curve Curve elliptic.Curve + // gost curve + GostCurve *gost.Curve + // generates RSA private key bit size Bits int } @@ -93,6 +100,7 @@ func NewCA() CA { PublicKeyType: KeyTypeRSA, ParameterSizes: dsa.L1024N160, Curve: elliptic.P256(), + GostCurve: gost.CurveDefault(), Bits: 2048, }, Errors: make([]error, 0), diff --git a/cryptobin/ca/ca_test.go b/cryptobin/ca/ca_test.go index ec2b01f5..5328338a 100644 --- a/cryptobin/ca/ca_test.go +++ b/cryptobin/ca/ca_test.go @@ -12,6 +12,7 @@ import ( "crypto/x509/pkix" "crypto/elliptic" + "github.com/deatil/go-cryptobin/pubkey/gost" cryptobin_x509 "github.com/deatil/go-cryptobin/x509" cryptobin_test "github.com/deatil/go-cryptobin/tool/test" ) @@ -446,6 +447,40 @@ func Test_GenerateKey(t *testing.T) { assertEqual(pubkey22, obj.GetPublicKey(), "Test_GenerateKey-FromPublicKey") }) + t.Run("GenerateGostKey", func(t *testing.T) { + obj := New(). + SetPublicKeyType("Gost"). + SetGostCurve("IdGostR34102001CryptoProAParamSet"). + GenerateKey() + + prikey := obj.CreatePrivateKey().ToKeyString() + pubkey := obj.CreatePublicKey().ToKeyString() + + assertError(obj.Error(), "Test_GenerateKey") + assertNotEmpty(prikey, "Test_GenerateKey-prikey") + assertNotEmpty(pubkey, "Test_GenerateKey-pubkey") + + pass := []byte("12345678") + prikey2 := obj.CreatePrivateKeyWithPassword(pass).ToKeyString() + + assertNotEmpty(prikey2, "Test_GenerateKey-prikey2") + + prikey22 := New(). + FromPrivateKey([]byte(prikey)). + GetPrivateKey() + assertEqual(prikey22, obj.GetPrivateKey(), "Test_GenerateKey-FromPrivateKey") + + prikey223 := New(). + FromPrivateKeyWithPassword([]byte(prikey2), pass). + GetPrivateKey() + assertEqual(prikey223, obj.GetPrivateKey(), "Test_GenerateKey-FromPrivateKeyWithPassword") + + pubkey22 := New(). + FromPublicKey([]byte(pubkey)). + GetPublicKey() + assertEqual(pubkey22, obj.GetPublicKey(), "Test_GenerateKey-FromPublicKey") + }) + t.Run("GenerateRSAKey 2", func(t *testing.T) { obj := New(). SetGenerateType("RSA"). @@ -545,6 +580,18 @@ func Test_GenerateKey2(t *testing.T) { assertNotEmpty(pubkey, "Test_GenerateKey2-pubkey") }) + t.Run("GenerateGostKey", func(t *testing.T) { + obj := New(). + GenerateGostKey("Idtc26gost34102012256paramSetB") + + prikey := obj.CreatePrivateKey().ToKeyString() + pubkey := obj.CreatePublicKey().ToKeyString() + + assertError(obj.Error(), "Test_GenerateKey2") + assertNotEmpty(prikey, "Test_GenerateKey2-prikey") + assertNotEmpty(pubkey, "Test_GenerateKey2-pubkey") + }) + } var prikey = ` @@ -710,6 +757,7 @@ func Test_Get(t *testing.T) { PublicKeyType: KeyTypeRSA, ParameterSizes: dsa.L1024N160, Curve: elliptic.P256(), + GostCurve: gost.CurveIdGostR34102001CryptoProAParamSet(), Bits: 2048, } @@ -735,6 +783,7 @@ func Test_Get(t *testing.T) { assertEqual(newCA2.GetOptions(), opts, "Test_Get-GetOptions") assertEqual(newCA2.GetParameterSizes(), dsa.L1024N160, "Test_Get-GetParameterSizes") assertEqual(newCA2.GetCurve(), elliptic.P256(), "Test_Get-GetCurve") + assertEqual(newCA2.GetGostCurve(), gost.CurveIdGostR34102001CryptoProAParamSet(), "Test_Get-GetGostCurve") assertEqual(newCA2.GetBits(), 2048, "Test_Get-GetBits") assertEqual(newCA2.GetKeyData(), []byte("test-keyData"), "Test_Get-GetKeyData") @@ -806,6 +855,12 @@ func Test_With(t *testing.T) { tmp = newCA.SetCurve("P521") assertEqual(tmp.options.Curve, elliptic.P521(), "Test_Get-SetCurve") + tmp = newCA.WithGostCurve(gost.CurveIdtc26gost34102012256paramSetB()) + assertEqual(tmp.options.GostCurve, gost.CurveIdtc26gost34102012256paramSetB(), "Test_Get-WithGostCurve") + + tmp = newCA.SetGostCurve("IdGostR34102001CryptoProXchBParamSet") + assertEqual(tmp.options.GostCurve, gost.CurveIdGostR34102001CryptoProXchBParamSet(), "Test_Get-SetGostCurve") + tmp = newCA.WithBits(2048) assertEqual(tmp.options.Bits, 2048, "Test_Get-WithBits") diff --git a/cryptobin/ca/create.go b/cryptobin/ca/create.go index 494f030f..c1c7535e 100644 --- a/cryptobin/ca/create.go +++ b/cryptobin/ca/create.go @@ -15,6 +15,7 @@ import ( "github.com/deatil/go-cryptobin/pkcs8" "github.com/deatil/go-cryptobin/pkcs12" "github.com/deatil/go-cryptobin/gm/sm2" + "github.com/deatil/go-cryptobin/pubkey/gost" cryptobin_x509 "github.com/deatil/go-cryptobin/x509" pubkey_dsa "github.com/deatil/go-cryptobin/pubkey/dsa" ) @@ -133,6 +134,8 @@ func (this CA) CreatePrivateKey() CA { privateKeyBytes, err = x509.MarshalPKCS8PrivateKey(privateKey) case *sm2.PrivateKey: privateKeyBytes, err = sm2.MarshalPrivateKey(privateKey) + case *gost.PrivateKey: + privateKeyBytes, err = gost.MarshalPrivateKey(privateKey) default: err = fmt.Errorf("unsupported private key type: %T", privateKey) } @@ -177,6 +180,8 @@ func (this CA) CreatePrivateKeyWithPassword(password []byte, opts ...any) CA { privateKeyBytes, err = x509.MarshalPKCS8PrivateKey(prikey) case *sm2.PrivateKey: privateKeyBytes, err = sm2.MarshalPrivateKey(prikey) + case *gost.PrivateKey: + privateKeyBytes, err = gost.MarshalPrivateKey(prikey) default: err = errors.New("privateKey error.") } @@ -223,6 +228,8 @@ func (this CA) CreatePublicKey() CA { publicKeyBytes, err = x509.MarshalPKIXPublicKey(pubkey) case *sm2.PublicKey: publicKeyBytes, err = sm2.MarshalPublicKey(pubkey) + case *gost.PublicKey: + publicKeyBytes, err = gost.MarshalPublicKey(pubkey) default: err = errors.New("privateKey error.") } diff --git a/cryptobin/ca/from.go b/cryptobin/ca/from.go index 3412e7d3..b99aa6fd 100644 --- a/cryptobin/ca/from.go +++ b/cryptobin/ca/from.go @@ -11,6 +11,7 @@ import ( "github.com/deatil/go-cryptobin/x509" "github.com/deatil/go-cryptobin/pkcs12" "github.com/deatil/go-cryptobin/gm/sm2" + "github.com/deatil/go-cryptobin/pubkey/gost" ) // Generate Key with Reader @@ -53,6 +54,14 @@ func (this CA) GenerateKeyWithSeed(reader io.Reader) CA { return this.AppendError(err) } + this.privateKey = privateKey + this.publicKey = &privateKey.PublicKey + case KeyTypeGost: + privateKey, err := gost.GenerateKey(reader, this.options.GostCurve) + if err != nil { + return this.AppendError(err) + } + this.privateKey = privateKey this.publicKey = &privateKey.PublicKey } @@ -260,10 +269,21 @@ func GenerateEdDSAKey() CA { func (this CA) GenerateSM2Key() CA { return this.SetPublicKeyType("SM2"). GenerateKey() - } // Generate SM2 Key func GenerateSM2Key() CA { return defaultCA.GenerateSM2Key() } + +// Generate Gost key +func (this CA) GenerateGostKey(curve string) CA { + return this.SetPublicKeyType("Gost"). + SetGostCurve(curve). + GenerateKey() +} + +// Generate Gost Key +func GenerateGostKey(curve string) CA { + return defaultCA.GenerateGostKey(curve) +} diff --git a/cryptobin/ca/get.go b/cryptobin/ca/get.go index bf55140e..3cae5b4e 100644 --- a/cryptobin/ca/get.go +++ b/cryptobin/ca/get.go @@ -10,6 +10,7 @@ import ( "github.com/deatil/go-cryptobin/x509" "github.com/deatil/go-cryptobin/gm/sm2" + "github.com/deatil/go-cryptobin/pubkey/gost" ) // 获取 cert @@ -40,6 +41,8 @@ func (this CA) GetPrivateKeyType() PublicKeyType { return KeyTypeEdDSA case *sm2.PrivateKey: return KeyTypeSM2 + case *gost.PrivateKey: + return KeyTypeGost } return KeyTypeUnknown @@ -63,6 +66,8 @@ func (this CA) GetPublicKeyType() PublicKeyType { return KeyTypeEdDSA case *sm2.PublicKey: return KeyTypeSM2 + case *gost.PublicKey: + return KeyTypeGost } return KeyTypeUnknown @@ -83,6 +88,11 @@ func (this CA) GetCurve() elliptic.Curve { return this.options.Curve } +// 获取 Curve +func (this CA) GetGostCurve() *gost.Curve { + return this.options.GostCurve +} + // get Options Bits func (this CA) GetBits() int { return this.options.Bits diff --git a/cryptobin/ca/parse.go b/cryptobin/ca/parse.go index 85163e84..85fe1960 100644 --- a/cryptobin/ca/parse.go +++ b/cryptobin/ca/parse.go @@ -10,6 +10,7 @@ import ( "github.com/deatil/go-cryptobin/pkcs8" "github.com/deatil/go-cryptobin/gm/sm2" + "github.com/deatil/go-cryptobin/pubkey/gost" cryptobin_x509 "github.com/deatil/go-cryptobin/x509" pubkey_dsa "github.com/deatil/go-cryptobin/pubkey/dsa" ) @@ -27,6 +28,10 @@ var ( oidPublicKeyDSA = asn1.ObjectIdentifier{1, 2, 840, 10040, 4, 1} oidPublicKeyECDSA = asn1.ObjectIdentifier{1, 2, 840, 10045, 2, 1} oidPublicKeyEd25519 = asn1.ObjectIdentifier{1, 3, 101, 112} + + oidGOSTPublicKey = asn1.ObjectIdentifier{1, 2, 643, 2, 2, 19} + oidGost2012PublicKey256 = asn1.ObjectIdentifier{1, 2, 643, 7, 1, 1, 1, 1} + oidGost2012PublicKey512 = asn1.ObjectIdentifier{1, 2, 643, 7, 1, 1, 1, 2} ) type pkcs8Info struct { @@ -80,6 +85,10 @@ func (this CA) ParsePKCS8PrivateKeyFromPEM(key []byte) (crypto.PrivateKey, error } case privKey.Algo.Algorithm.Equal(oidPublicKeyEd25519): parsedKey, err = x509.ParsePKCS8PrivateKey(block.Bytes) + case privKey.Algo.Algorithm.Equal(oidGOSTPublicKey), + privKey.Algo.Algorithm.Equal(oidGost2012PublicKey256), + privKey.Algo.Algorithm.Equal(oidGost2012PublicKey512): + parsedKey, err = gost.ParsePrivateKey(block.Bytes) default: return nil, ErrPrivateKeyError } @@ -135,6 +144,10 @@ func (this CA) ParsePKCS8PrivateKeyFromPEMWithPassword(key []byte, password []by } case privKey.Algo.Algorithm.Equal(oidPublicKeyEd25519): parsedKey, err = x509.ParsePKCS8PrivateKey(blockDecrypted) + case privKey.Algo.Algorithm.Equal(oidGOSTPublicKey), + privKey.Algo.Algorithm.Equal(oidGost2012PublicKey256), + privKey.Algo.Algorithm.Equal(oidGost2012PublicKey512): + parsedKey, err = gost.ParsePrivateKey(blockDecrypted) default: return nil, ErrPrivateKeyError } @@ -185,6 +198,10 @@ func (this CA) ParsePKCS8PublicKeyFromPEM(key []byte) (crypto.PublicKey, error) } case pubkey.Algo.Algorithm.Equal(oidPublicKeyEd25519): parsedKey, err = x509.ParsePKIXPublicKey(block.Bytes) + case pubkey.Algo.Algorithm.Equal(oidGOSTPublicKey), + pubkey.Algo.Algorithm.Equal(oidGost2012PublicKey256), + pubkey.Algo.Algorithm.Equal(oidGost2012PublicKey512): + parsedKey, err = gost.ParsePublicKey(block.Bytes) default: return nil, ErrPublicKeyError } diff --git a/cryptobin/ca/with.go b/cryptobin/ca/with.go index 770ec75f..3fbc8ea8 100644 --- a/cryptobin/ca/with.go +++ b/cryptobin/ca/with.go @@ -6,6 +6,7 @@ import ( "crypto/elliptic" "github.com/deatil/go-cryptobin/x509" + "github.com/deatil/go-cryptobin/pubkey/gost" ) // 设置 cert @@ -52,7 +53,7 @@ func (this CA) WithPublicKeyType(keyType PublicKeyType) CA { // set public key type // params: -// [ RSA | DSA | ECDSA | EdDSA | SM2 ] +// [ RSA | DSA | ECDSA | EdDSA | SM2 | Gost ] func (this CA) SetPublicKeyType(keyType string) CA { switch keyType { case "RSA": @@ -65,6 +66,8 @@ func (this CA) SetPublicKeyType(keyType string) CA { this.options.PublicKeyType = KeyTypeEdDSA case "SM2": this.options.PublicKeyType = KeyTypeSM2 + case "Gost": + this.options.PublicKeyType = KeyTypeGost } return this @@ -126,6 +129,69 @@ func (this CA) SetCurve(curve string) CA { return this } +// 设置曲线类型 +// set gost curve +func (this CA) WithGostCurve(curve *gost.Curve) CA { + this.options.GostCurve = curve + + return this +} + +// 设置曲线类型 +// set gost curve +// 可选参数 / params: +// IdGostR34102001TestParamSet +// IdGostR34102001CryptoProAParamSet +// IdGostR34102001CryptoProBParamSet +// IdGostR34102001CryptoProCParamSet +// IdGostR34102001CryptoProXchAParamSet +// IdGostR34102001CryptoProXchBParamSet +// Idtc26gost34102012256paramSetA +// Idtc26gost34102012256paramSetB +// Idtc26gost34102012256paramSetC +// Idtc26gost34102012256paramSetD +// Idtc26gost34102012512paramSetTest +// Idtc26gost34102012512paramSetA +// Idtc26gost34102012512paramSetB +// Idtc26gost34102012512paramSetC +func (this CA) SetGostCurve(curve string) CA { + switch curve { + case "IdGostR34102001TestParamSet": + this.options.GostCurve = gost.CurveIdGostR34102001TestParamSet() + case "IdGostR34102001CryptoProAParamSet": + this.options.GostCurve = gost.CurveIdGostR34102001CryptoProAParamSet() + case "IdGostR34102001CryptoProBParamSet": + this.options.GostCurve = gost.CurveIdGostR34102001CryptoProBParamSet() + case "IdGostR34102001CryptoProCParamSet": + this.options.GostCurve = gost.CurveIdGostR34102001CryptoProCParamSet() + + case "IdGostR34102001CryptoProXchAParamSet": + this.options.GostCurve = gost.CurveIdGostR34102001CryptoProXchAParamSet() + case "IdGostR34102001CryptoProXchBParamSet": + this.options.GostCurve = gost.CurveIdGostR34102001CryptoProXchBParamSet() + + case "Idtc26gost34102012256paramSetA": + this.options.GostCurve = gost.CurveIdtc26gost34102012256paramSetA() + case "Idtc26gost34102012256paramSetB": + this.options.GostCurve = gost.CurveIdtc26gost34102012256paramSetB() + case "Idtc26gost34102012256paramSetC": + this.options.GostCurve = gost.CurveIdtc26gost34102012256paramSetC() + case "Idtc26gost34102012256paramSetD": + this.options.GostCurve = gost.CurveIdtc26gost34102012256paramSetD() + + case "Idtc26gost34102012512paramSetTest": + this.options.GostCurve = gost.CurveIdtc26gost34102012512paramSetTest() + case "Idtc26gost34102012512paramSetA": + this.options.GostCurve = gost.CurveIdtc26gost34102012512paramSetA() + case "Idtc26gost34102012512paramSetB": + this.options.GostCurve = gost.CurveIdtc26gost34102012512paramSetB() + case "Idtc26gost34102012512paramSetC": + this.options.GostCurve = gost.CurveIdtc26gost34102012512paramSetC() + } + + return this +} + // RSA private key bit size func (this CA) WithBits(bits int) CA { this.options.Bits = bits diff --git a/pkcs12/p12_decode.go b/pkcs12/p12_decode.go index b858d287..d9faa87e 100644 --- a/pkcs12/p12_decode.go +++ b/pkcs12/p12_decode.go @@ -200,6 +200,67 @@ func (this *PKCS12) GetPrivateKeyBytes() (prikey []byte, attrs PKCS12Attributes, return privateKeys[0].Data(), privateKeys[0].Attrs(), nil } +type allPrivateKeyData struct { + Attrs PKCS12Attributes + Data crypto.PrivateKey +} + +func (this *PKCS12) GetAllPrivateKey() (prikeys []allPrivateKeyData, err error) { + privateKeys, ok := this.parsedData["privateKey"] + if !ok { + err = errors.New("no data") + return + } + + if len(privateKeys) == 0 { + err = errors.New("no data") + return + } + + prikeys = make([]allPrivateKeyData, 0) + + for _, key := range privateKeys { + parsedKey, err := ParsePKCS8PrivateKey(key.Data()) + if err == nil { + prikeys = append(prikeys, allPrivateKeyData{ + Attrs: key.Attrs(), + Data: parsedKey, + }) + } + } + + return prikeys, nil +} + +type allPrivateKeyDataBytes struct { + Attrs PKCS12Attributes + Data []byte +} + +func (this *PKCS12) GetAllPrivateKeyBytes() (prikeys []allPrivateKeyDataBytes, err error) { + privateKeys, ok := this.parsedData["privateKey"] + if !ok { + err = errors.New("no data") + return + } + + if len(privateKeys) == 0 { + err = errors.New("no data") + return + } + + prikeys = make([]allPrivateKeyDataBytes, 0) + + for _, key := range privateKeys { + prikeys = append(prikeys, allPrivateKeyDataBytes{ + Attrs: key.Attrs(), + Data: key.Data(), + }) + } + + return prikeys, nil +} + func (this *PKCS12) GetCert() (cert *x509.Certificate, attrs PKCS12Attributes, err error) { certs, ok := this.parsedData["cert"] if !ok { diff --git a/pkcs12/p12_encode.go b/pkcs12/p12_encode.go index 6152c9d3..3d1e631a 100644 --- a/pkcs12/p12_encode.go +++ b/pkcs12/p12_encode.go @@ -110,9 +110,8 @@ func (this *PKCS12) AddSecretKey(secretKey []byte) { this.secretKey = secretKey } -//=============== +// =============== -// 获取证书签名 func (this *PKCS12) makeLocalKeyIdAttr(data []byte) (PKCS12Attribute, error) { var fingerprint []byte diff --git a/pkcs12/pkcs12_test.go b/pkcs12/pkcs12_test.go index 7a77ca1d..3e28257e 100644 --- a/pkcs12/pkcs12_test.go +++ b/pkcs12/pkcs12_test.go @@ -2009,3 +2009,98 @@ func test_NewPfx_Check(t *testing.T, pfx string) { assertNotEmpty(certificate, "Test_NewPfx_Check-pfxData") assertError(err, "Test_NewPfx_Check-pfxData") } + +var testJKS_PKCS12 = ` +-----BEGIN Data----- +MIIJwAIBAzCCCWoGCSqGSIb3DQEHAaCCCVsEgglXMIIJUzCCBaoGCSqGSIb3DQEHAaCCBZsEggWXMIIF +kzCCBY8GCyqGSIb3DQEMCgECoIIFQDCCBTwwZgYJKoZIhvcNAQUNMFkwOAYJKoZIhvcNAQUMMCsEFEYR +RtUZUrqNGBQ6z4p53YQupKQyAgInEAIBIDAMBggqhkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQavPAx3oF +AWoZoBMq+YmwCASCBNDJx+L59fH66a9RXYy1cEmx239yHvlyEiewdCXKVJtXawAFgpUoeD581gTN15+M +Fhi3tjLX3Wa/7Of5cagLxU6n/RhaPJ7TPqOA2bL/wKcR1gZJsomKfLpv9YC94Fw/LcYARg3Nx7LMZOBM +AkDq0IJy65Mu127AVrxq3VllwhIOrOeStgYpAl/Osv+rYEcjZL+JC1JBBVQY4Drf3GRbL43fvx/yHQpI +Z33P79GsI1joXlox585SFgnw44kISHvfHVRDHaQDLeLQtTRpbyMpb3umDz0SUs5FpV3WatlYpaKjq9jG +5PQFfxqidJlvjo0584istxqfDCXbxU5YS1LDu59p+Svez4uBvBu2h9lsSU8DZp6TfV6tSKpLlZOSj6n2 +o+mnWyrz4maIcWqmSOgS3/i2fLGpCgIeBsda8/aXM9UFOPmmkzHn0EuWv7Zvthuz4RJvAOzclss4NYQN +8Jp0zymj55DGtYbnT10i5PyCbLPQA+LUuoNKAHK5eAnqhjY/Zo8Akus2y4EEUwxk4Dv88olbPaqWNpI7 +YiMjVvxV/Mks4D+5GlEFtLqc3DxAc3UQdSreF/nu4dNp4J7bgKoNv1kUOj1VGuQucBWCKTuZH+2E0an7 +WkroYi5QSlb/8d8FpE2R6rjnRcYudSyweSeukNRAR0zdTOLSmAwSEAKs52TB3RMvukZTgfuCAdm0JtxM +8agDs3/GunUxSLpKEKUs0kZ2tkYuvWHgaheSeIakLIeOJmVKG6ZkJxfov0Nx0xlFQ6JheBC8tzAeQYnR +4W7C9SGXB58C000oN/1x7rXf9S53ZAwiIEX/VNe7j0AREoKVaWzM4C8ht/yN6u5SSXp/NFPRPj88rMqc +0rL6CrtFWfEJ2owiWdo69z5vRYb52NUCjSi7UTR2SVud8UhHgsEJlmPWw2t0/lRang0a9coAeSSmxPsC +Dn8s7ED3O0pY+Ync3nCLBY0oEaQ/RqyoaOR5J9HOYW3MtOu8S1Y2syxjz6pZaG56AYQuagL5EZToGOYS +KnCnQFCH7nAVkfe+YTR3saMw7sWh8Q2RyZ/HdUBs6JhAHZ4k91JKiUEYJJvoOxpHYmVg5jJ5LUbEEnP5 +p6QQVs9Af/CJZISXukEmRLo/A8sPKUNwuKyJ/JbCXD8Uda073fD7SxEbWBBUZfsZzPwFA+MV8dWNxtNj +tSoT/c1JMZVX42ziPzFrjU+O23NXqcss2MELnPa95ZP5ktyNu4OXStQ6KX+MGWNLQciq2w60Mi4zRzh0 +oJF92zdLZpJBXTfEwqjHGV6UOADeU4GkfQ0id26pm4/lGRLVRmLm+oH9ssLwCjWqgpWyO1kaLwRd5AAJ +rzLcaDTwX/tjtRvgDDPqfNnpWhmlMefCfT9ElzC7+CNCUJxbUooWiOFajsPYuG2BMrsY0Pt2bId/DYnT +vGNCp7cUx2U8CGa/py+jFb4HV5hAzroZ3O6f8HJ2LSMzdQX447U5dRapanH4A4sbLVoHNw2gTDlMz34K +t2Z7p4ybtxjMzBtyI9N8ENmd81WdXlyhYa80c2qMJydvkS48ZT4nA+PRpoBlaviEK3tbcZo4Gzi5iukF +KQ0yAXs+cNB2EbarhWJOkjN8YkpuuU19fI+f3iMvPZz9JdFrvIw5bAvWz9bUwDE8MBcGCSqGSIb3DQEJ +FDEKHggAZAB3AHQAdDAhBgkqhkiG9w0BCRUxFAQSVGltZSAxNzM1Mjk2MzI2NzE0MIIDoQYJKoZIhvcN +AQcGoIIDkjCCA44CAQAwggOHBgkqhkiG9w0BBwEwZgYJKoZIhvcNAQUNMFkwOAYJKoZIhvcNAQUMMCsE +FG49tvTznDMEgsB/WwlZ4rhWi9y3AgInEAIBIDAMBggqhkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQdPSY +Y8877NtGpBS8aNXm3oCCAxA01XF6z88wD2KWJE7JUwzwvqLLE8247S5qWrFZeRz46GBgKekAgXlUqJGo +27uHqgdL8gEv2ss6l/TNmnd+UM1TORUDNWHafL+JALxeQHjz1YRopIjdYha05y67MH+GItB6AyytQoPD +2MDVFK2aZWP9ItvhRuBKlMrDr/o4Jw64Tbeb3MVkml8ExaugCUYPKHmxF5iZct5lgHMhyQLwSMQ/erix +yJ+48wz9lVkJ+ha9rlzhylXQ6PVt4idNgQmz3v2l+lbYzDPVKYqWWnzt/o/DYhWxCYjkuPnkStYcro/j +WiOg+qKPzWjMgxvDi3KcClv3xOtsr/3dyNUqFxqYGjOKjzh5Jb4NMeQ1Twgo3c1XjUctL5VPeZORhMZF +h6AAYPpWGYq+6YFjXix11lIKDe80h3c9a/zypiXjlOQ1jPHHeXJudI4178nfryfL9puJ9LaZPH1emuLI +I4d7UVDzad/Z35zBPmOOijArBZhsgNOIIhLTWDaPrzgGL6MyziJWTpRrJWnX10n5Iw7WdRbJWvxH8EwM +Xsv2AMLDVXsSIUvu4qLtMd0H7Iy0bIzcundVfEFVqsRSNP4isegIxvAHKwpuVz40J5ijPXbd0iz9V9Ih +aoHybyaC1ZrAMkl3R+7nqYjQd9CO0N3zKpVbcd/mTRkysKRQnrURQYj7OHCfd/beJHfVoupbiScTmbXT +8xW5h3e+xQOngNsfUqVGo/sIpiPXHyJXWV7UcNKyq9raT3wnXect5WB14BnJiL6HRS0/UBS6ujgijwd7 +ZgtUWf4d49ohHE16Z0JLTxKIfj0urH/LBeDU9/SDGBiaLGfCY8I6e1uSgxW1wVhb4gchJS/d0zoMHBPo +xnrIqRALF1Ll9uqe75DFVgZ1GEkIpJcDGSfCsF/0Cj0XFbe4JE+6SdgJvPcl5dloZlvtUw9dC7N71xNk +1CHmEcfc3wxhRRPuRXfDpFFdNBfKfppBq4EMMH9mfYv1txGYpA0RwGiQrg8VkVpx11ethiA+SZUWQmVr +UEbbeGn5yyyO6do4y2skDxWDdrfJME0wMTANBglghkgBZQMEAgEFAAQgnxOBf2GzQk7JR4wCSUwO7Wlm +/yqXeaZ9KeHCRjysa/kEFB4Lu9AY18WW29GvlU7ElCHPJHNTAgInEA== +-----END Data----- +` + +func Test_JKS_PKCS12_Check(t *testing.T) { + assertError := cryptobin_test.AssertErrorT(t) + assertNotEmpty := cryptobin_test.AssertNotEmptyT(t) + + pfxData := decodePEM(testJKS_PKCS12) + + password := "123456" + + privateKey, cert, err := Decode(pfxData, password) + + assertError(err, "Test_JKS_PKCS12_Check-pfxData") + assertNotEmpty(privateKey, "Test_JKS_PKCS12_Check-pfxData") + assertNotEmpty(cert, "Test_JKS_PKCS12_Check-pfxData") +} + +func Test_JKS_PKCS12_Check2(t *testing.T) { + assertError := cryptobin_test.AssertErrorT(t) + assertNotEmpty := cryptobin_test.AssertNotEmptyT(t) + + pfxData := decodePEM(testJKS_PKCS12) + + password := "123456" + + p12, err := LoadFromBytes(pfxData, password) + if err != nil { + t.Fatal(err) + } + + privateKey, attrs, err := p12.GetPrivateKey() + + // t.Errorf("%v \n", attrs.Names()) + // t.Errorf("%v \n", attrs.String()) + + assertError(err, "Test_JKS_PKCS12_Check2-pfxData") + assertNotEmpty(privateKey, "Test_JKS_PKCS12_Check2-pfxData") + assertNotEmpty(attrs, "Test_JKS_PKCS12_Check2-pfxData") + + privateKeys, err := p12.GetAllPrivateKey() + + assertError(err, "Test_JKS_PKCS12_Check2-GetAllPrivateKey") + assertNotEmpty(privateKeys, "Test_JKS_PKCS12_Check2-GetAllPrivateKey") + + privateKeyBytes, err := p12.GetAllPrivateKeyBytes() + + assertError(err, "Test_JKS_PKCS12_Check2-GetAllPrivateKeyBytes") + assertNotEmpty(privateKeyBytes, "Test_JKS_PKCS12_Check2-GetAllPrivateKeyBytes") +}