开发人员,我在 Go 中编写了一段代码来解析 CRL 中的 IDP 扩展信息,但在解析 DistributionPoint 时遇到了错误。我已经尝试了几次,但一直无法让它工作。您能帮我确定这段代码有什么问题吗? package main
import (
“crypto/x509”,
“crypto/x509/pkix”,
“encoding/asn1”,
“flag”,
“fmt”
, “os”
)
type IssuingDistributionPoint struct {
DistributionPoint asn1.RawValue 'asn1:“optional,tag:0,explicit”'
OnlyContainsUserCerts bool 'asn1:“optional,tag:1”'
OnlyContainsCACerts bool 'asn1:“optional,tag:2”'
OnlySomeReasons asn1.BitString 'asn1:“optional,tag:3”'
IndirectCRL bool 'asn1:“optional,tag:4”'
OnlyContainsAttributeCerts bool 'asn1:“optional,tag:5”'
}
键入 GeneralNames []asn1.RawValue
函数 main() {
1.命令行标志处理
crlFilePath := 标志。String(“crl”, “”, “CRL file path”)
标志。Parse()
if *crlFilePath == “” {
fmt.Println(“CRL file path is required”)
os.退出(1)
}
2.文件读取
derBytes,错误 := os.ReadFile(*crlFilePath)
if err != nil {
fmt.Printf(“无法读取文件: %v\n”, err)
os.退出(1)
}
3.CRL 解析
crl,err := x509。ParseRevocationList(derBytes)
if err != nil {
fmt.Printf(“CRL 解析失败: %v\n”, err)
os.退出(1)
}
oidIssuingDistributionPoint := asn1.ObjectIdentifier{2, 5, 29, 28}
4._, ext := 范围 crl 的扩展处理
。扩展 {
if ext.Id.Equal(oidIssuingDistributionPoint) {
var idp IssuingDistributionPoint
if _, err := asn1.Unmarshal(ext.值,&idp);err != nil {
fmt.Printf(“无法解码 IDP 扩展名: %v\n”, err)
continue
}
5.打印 IDP flags
fmt.printf(“IDP 扩展标志:\n”)
fmt.Printf(“ OnlyContainsUserCerts: %t\n”, idp.OnlyContainsUserCerts)
fmt.Printf(“ OnlyContainsCACerts: %t\n”, idp.OnlyContainsCACerts)
fmt 的 API 中。Printf(“ IndirectCRL: %t\n”, idp.间接 CRL)
6.
如果 len(idp.DistributionPoint.Bytes) > 0 {
Unpack outer explicit tag
var explicitTag struct {
Raw asn1.RawContent 'asn1:“tag:0,explicit”'
}
如果 _, err := asn1.Unmarshal(idp.DistributionPoint.Bytes 和 explicitTag);err
!= nil {
fmt.printf(“卸载失败ck explicit tag: %v\n“, err)
continue
}
解析 GeneralNames
var generalNames GeneralNames
if _, err := asn1.解组 (explicitTag.Raw, &generalNames);err != nil {
fmt.Printf(“无法解析 GeneralNames: %v\n”, err)
continue
}
7.处理 URI 和 DirectoryName
for _, rawGN := range generalNames {
switch rawGN.Tag {
case 6: // URI
var uri string
if _, err := asn1.解组 (rawGN.Bytes, &uri);err != nil {
fmt.Printf(“解析 URI 失败: %v\n”, err)
continue
}
fmt.Printf(“ URI: %s\n”, uri)
case 4: // DirectoryName
var rdnSeq pkix.RDNSequence
if _, err := asn1.解组(rawGN.Bytes, &rdnSeq);err != nil {
fmt.Printf(“解析目录名称失败: %v\n”, err)
continue
}
var name pkix.名称
name。FillFromRDNSequence(&rdnSeq)
fmt.printf(“ DirectoryName: %s\n”, 名称.字符串 ()
}
}
}
}
}
}
--
You received this message because you are subscribed to the Google Groups
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to golang-nuts+unsubscr...@googlegroups.com.
To view this discussion visit
https://groups.google.com/d/msgid/golang-nuts/81d2147f-caa6-4f15-85fe-4ec2c97733a4n%40googlegroups.com.
crl_IDP_Normal.der
Description: application/x509-ca-cert
