How to use fingerPrint method of x509 Package

Best K6 code snippet using x509.fingerPrint

x509memstore.go

Source:x509memstore.go

1package trustmanager2import (3	"crypto/x509"4	"errors"5	"github.com/Sirupsen/logrus"6)7// X509MemStore implements X509Store as an in-memory object with no persistence8type X509MemStore struct {9	validate       Validator10	fingerprintMap map[CertID]*x509.Certificate11	nameMap        map[string][]CertID12}13// NewX509MemStore returns a new X509MemStore.14func NewX509MemStore() *X509MemStore {15	validate := ValidatorFunc(func(cert *x509.Certificate) bool { return true })16	return &X509MemStore{17		validate:       validate,18		fingerprintMap: make(map[CertID]*x509.Certificate),19		nameMap:        make(map[string][]CertID),20	}21}22// NewX509FilteredMemStore returns a new X509Memstore that validates certificates23// that are added.24func NewX509FilteredMemStore(validate func(*x509.Certificate) bool) *X509MemStore {25	s := &X509MemStore{26		validate:       ValidatorFunc(validate),27		fingerprintMap: make(map[CertID]*x509.Certificate),28		nameMap:        make(map[string][]CertID),29	}30	return s31}32// AddCert adds a certificate to the store33func (s *X509MemStore) AddCert(cert *x509.Certificate) error {34	if cert == nil {35		return errors.New("adding nil Certificate to X509Store")36	}37	if !s.validate.Validate(cert) {38		return &ErrCertValidation{}39	}40	certID, err := fingerprintCert(cert)41	if err != nil {42		return err43	}44	logrus.Debug("Adding cert with certID: ", certID)45	// In this store we overwrite the certificate if it already exists46	s.fingerprintMap[certID] = cert47	name := string(cert.RawSubject)48	s.nameMap[name] = append(s.nameMap[name], certID)49	return nil50}51// RemoveCert removes a certificate from a X509MemStore.52func (s *X509MemStore) RemoveCert(cert *x509.Certificate) error {53	if cert == nil {54		return errors.New("removing nil Certificate to X509Store")55	}56	certID, err := fingerprintCert(cert)57	if err != nil {58		return err59	}60	delete(s.fingerprintMap, certID)61	name := string(cert.RawSubject)62	// Filter the fingerprint out of this name entry63	fpList := s.nameMap[name]64	newfpList := fpList[:0]65	for _, x := range fpList {66		if x != certID {67			newfpList = append(newfpList, x)68		}69	}70	s.nameMap[name] = newfpList71	return nil72}73// RemoveAll removes all the certificates from the store74func (s *X509MemStore) RemoveAll() error {75	for _, cert := range s.fingerprintMap {76		if err := s.RemoveCert(cert); err != nil {77			return err78		}79	}80	return nil81}82// AddCertFromPEM adds a certificate to the store from a PEM blob83func (s *X509MemStore) AddCertFromPEM(pemBytes []byte) error {84	cert, err := LoadCertFromPEM(pemBytes)85	if err != nil {86		return err87	}88	return s.AddCert(cert)89}90// AddCertFromFile tries to adds a X509 certificate to the store given a filename91func (s *X509MemStore) AddCertFromFile(originFilname string) error {92	cert, err := LoadCertFromFile(originFilname)93	if err != nil {94		return err95	}96	return s.AddCert(cert)97}98// GetCertificates returns an array with all of the current X509 Certificates.99func (s *X509MemStore) GetCertificates() []*x509.Certificate {100	certs := make([]*x509.Certificate, len(s.fingerprintMap))101	i := 0102	for _, v := range s.fingerprintMap {103		certs[i] = v104		i++105	}106	return certs107}108// GetCertificatePool returns an x509 CertPool loaded with all the certificates109// in the store.110func (s *X509MemStore) GetCertificatePool() *x509.CertPool {111	pool := x509.NewCertPool()112	for _, v := range s.fingerprintMap {113		pool.AddCert(v)114	}115	return pool116}117// GetCertificateByCertID returns the certificate that matches a certain certID118func (s *X509MemStore) GetCertificateByCertID(certID string) (*x509.Certificate, error) {119	return s.getCertificateByCertID(CertID(certID))120}121// getCertificateByCertID returns the certificate that matches a certain certID or error122func (s *X509MemStore) getCertificateByCertID(certID CertID) (*x509.Certificate, error) {123	// If it does not look like a hex encoded sha256 hash, error124	if len(certID) != 64 {125		return nil, errors.New("invalid Subject Key Identifier")126	}127	// Check to see if this subject key identifier exists128	if cert, ok := s.fingerprintMap[CertID(certID)]; ok {129		return cert, nil130	}131	return nil, &ErrNoCertificatesFound{query: string(certID)}132}133// GetCertificatesByCN returns all the certificates that match a specific134// CommonName135func (s *X509MemStore) GetCertificatesByCN(cn string) ([]*x509.Certificate, error) {136	var certs []*x509.Certificate137	if ids, ok := s.nameMap[cn]; ok {138		for _, v := range ids {139			cert, err := s.getCertificateByCertID(v)140			if err != nil {141				// This error should never happen. This would mean that we have142				// an inconsistent X509MemStore143				return nil, err144			}145			certs = append(certs, cert)146		}147	}148	if len(certs) == 0 {149		return nil, &ErrNoCertificatesFound{query: cn}150	}151	return certs, nil152}153// GetVerifyOptions returns VerifyOptions with the certificates within the KeyStore154// as part of the roots list. This never allows the use of system roots, returning155// an error if there are no root CAs.156func (s *X509MemStore) GetVerifyOptions(dnsName string) (x509.VerifyOptions, error) {157	// If we have no Certificates loaded return error (we don't want to rever to using158	// system CAs).159	if len(s.fingerprintMap) == 0 {160		return x509.VerifyOptions{}, errors.New("no root CAs available")161	}162	opts := x509.VerifyOptions{163		DNSName: dnsName,164		Roots:   s.GetCertificatePool(),165	}166	return opts, nil167}...

root_darwin_arm_gen.go

Source:root_darwin_arm_gen.go

1// Copyright 2015 The Go Authors. All rights reserved.2// Use of this source code is governed by a BSD-style3// license that can be found in the LICENSE file.4// +build ignore5// Generates root_darwin_armx.go.6//7// As of iOS 8, there is no API for querying the system trusted X.509 root8// certificates. We could use SecTrustEvaluate to verify that a trust chain9// exists for a certificate, but the x509 API requires returning the entire10// chain.11//12// Apple publishes the list of trusted root certificates for iOS on13// support.apple.com. So we parse the list and extract the certificates from14// an OS X machine and embed them into the x509 package.15package main16import (17	"bytes"18	"crypto/sha256"19	"crypto/x509"20	"encoding/hex"21	"encoding/pem"22	"flag"23	"fmt"24	"go/format"25	"io/ioutil"26	"log"27	"net/http"28	"os/exec"29	"regexp"30	"strings"31)32var output = flag.String("output", "root_darwin_armx.go", "file name to write")33func main() {34	certs, err := selectCerts()35	if err != nil {36		log.Fatal(err)37	}38	buf := new(bytes.Buffer)39	fmt.Fprintf(buf, "// Code generated by root_darwin_arm_gen --output %s; DO NOT EDIT.\n", *output)40	fmt.Fprintf(buf, "%s", header)41	fmt.Fprintf(buf, "const systemRootsPEM = `\n")42	for _, cert := range certs {43		b := &pem.Block{44			Type:  "CERTIFICATE",45			Bytes: cert.Raw,46		}47		if err := pem.Encode(buf, b); err != nil {48			log.Fatal(err)49		}50	}51	fmt.Fprintf(buf, "`")52	source, err := format.Source(buf.Bytes())53	if err != nil {54		log.Fatal("source format error:", err)55	}56	if err := ioutil.WriteFile(*output, source, 0644); err != nil {57		log.Fatal(err)58	}59}60func selectCerts() ([]*x509.Certificate, error) {61	ids, err := fetchCertIDs()62	if err != nil {63		return nil, err64	}65	scerts, err := sysCerts()66	if err != nil {67		return nil, err68	}69	var certs []*x509.Certificate70	for _, id := range ids {71		if c, ok := scerts[id.fingerprint]; ok {72			certs = append(certs, c)73		} else {74			fmt.Printf("WARNING: cannot find certificate: %s (fingerprint: %s)\n", id.name, id.fingerprint)75		}76	}77	return certs, nil78}79func sysCerts() (certs map[string]*x509.Certificate, err error) {80	cmd := exec.Command("/usr/bin/security", "find-certificate", "-a", "-p", "/System/Library/Keychains/SystemRootCertificates.keychain")81	data, err := cmd.Output()82	if err != nil {83		return nil, err84	}85	certs = make(map[string]*x509.Certificate)86	for len(data) > 0 {87		var block *pem.Block88		block, data = pem.Decode(data)89		if block == nil {90			break91		}92		if block.Type != "CERTIFICATE" || len(block.Headers) != 0 {93			continue94		}95		cert, err := x509.ParseCertificate(block.Bytes)96		if err != nil {97			continue98		}99		fingerprint := sha256.Sum256(cert.Raw)100		certs[hex.EncodeToString(fingerprint[:])] = cert101	}102	return certs, nil103}104type certID struct {105	name        string106	fingerprint string107}108// fetchCertIDs fetches IDs of iOS X509 certificates from apple.com.109func fetchCertIDs() ([]certID, error) {110	// Download the iOS 11 support page. The index for all iOS versions is here:111	// https://support.apple.com/en-us/HT204132112	resp, err := http.Get("https://support.apple.com/en-us/HT208125")113	if err != nil {114		return nil, err115	}116	defer resp.Body.Close()117	body, err := ioutil.ReadAll(resp.Body)118	if err != nil {119		return nil, err120	}121	text := string(body)122	text = text[strings.Index(text, "<div id=trusted"):]123	text = text[:strings.Index(text, "</div>")]124	var ids []certID125	cols := make(map[string]int)126	for i, rowmatch := range regexp.MustCompile("(?s)<tr>(.*?)</tr>").FindAllStringSubmatch(text, -1) {127		row := rowmatch[1]128		if i == 0 {129			// Parse table header row to extract column names130			for i, match := range regexp.MustCompile("(?s)<th>(.*?)</th>").FindAllStringSubmatch(row, -1) {131				cols[match[1]] = i132			}133			continue134		}135		values := regexp.MustCompile("(?s)<td>(.*?)</td>").FindAllStringSubmatch(row, -1)136		name := values[cols["Certificate name"]][1]137		fingerprint := values[cols["Fingerprint (SHA-256)"]][1]138		fingerprint = strings.ReplaceAll(fingerprint, "<br>", "")139		fingerprint = strings.ReplaceAll(fingerprint, "\n", "")140		fingerprint = strings.ReplaceAll(fingerprint, " ", "")141		fingerprint = strings.ToLower(fingerprint)142		ids = append(ids, certID{143			name:        name,144			fingerprint: fingerprint,145		})146	}147	return ids, nil148}149const header = `150// Copyright 2015 The Go Authors. All rights reserved.151// Use of this source code is governed by a BSD-style152// license that can be found in the LICENSE file.153// +build cgo154// +build darwin155// +build arm arm64 ios156package x509157func loadSystemRoots() (*CertPool, error) {158	p := NewCertPool()159	p.AppendCertsFromPEM([]byte(systemRootsPEM))160	return p, nil161}162`...

fingerPrint

Using AI Code Generation

1import (2func main() {3    cert, err := ioutil.ReadFile("cert.pem")4    if err != nil {5        fmt.Println(err)6    }7    block, _ := pem.Decode(cert)8    if block == nil {9        fmt.Println("failed to parse certificate PEM")10    }11    x509Cert, err := x509.ParseCertificate(block.Bytes)12    if err != nil {13        fmt.Println("failed to parse certificate: " + err.Error())14    }15    fingerprint := x509Cert.Fingerprint(x509.MD5WithRSA)16    fmt.Println(fingerprint)17}

fingerPrint

Using AI Code Generation

1import (2func main() {3	cert, err := x509.ParseCertificate([]byte(certPEM))4	if err != nil {5		fmt.Println(err)6	}7	fmt.Println(cert.Fingerprint(x509.MD5WithRSA))8}9import (10func main() {11	cert, err := x509.ParseCertificate([]byte(certPEM))12	if err != nil {13		fmt.Println(err)14	}15	fmt.Println(cert.Fingerprint(x509.SHA1WithRSA))16}17import (18func main() {19	cert, err := x509.ParseCertificate([]byte(certPEM))20	if err != nil {21		fmt.Println(err)22	}23	fmt.Println(cert.Fingerprint(x509.SHA256WithRSA))24}25import (26func main() {27	cert, err := x509.ParseCertificate([]byte(certPEM))28	if err != nil {29		fmt.Println(err)30	}31	fmt.Println(cert.Fingerprint(x509.SHA384WithRSA))32}33import (34func main() {35	cert, err := x509.ParseCertificate([]byte(certPEM))36	if err != nil {37		fmt.Println(err)38	}39	fmt.Println(cert.Fingerprint(x509.SHA512WithRSA))40}41import (42func main() {43	cert, err := x509.ParseCertificate([]byte(certPEM))44	if err != nil {45		fmt.Println(err)46	}47	fmt.Println(cert.Fingerprint(x509.SHA1WithRSA))48}49import (

fingerPrint

Using AI Code Generation

1import (2func main() {3	cert, err := ioutil.ReadFile("cert.pem")4	if err != nil {5		panic(err)6	}7	block, _ := pem.Decode(cert)8	if block == nil {9		panic("failed to parse certificate PEM")10	}11	certificate, err := x509.ParseCertificate(block.Bytes)12	if err != nil {13		panic("failed to parse certificate: " + err.Error())14	}15	fmt.Println(certificate)16	fmt.Println(certificate.Fingerprint(x509.MD5WithRSA))17}18        Version: 3 (0x2)19        Serial Number: 1 (0x1)

fingerPrint

Using AI Code Generation

1import (2func main() {3    cert, err := os.ReadFile("./cert.pem")4    if err != nil {5        fmt.Println(err)6    }7    parsedCert, err := x509.ParseCertificate(cert)8    if err != nil {9        fmt.Println(err)10    }11    fingerprint := parsedCert.Fingerprint(x509.MD5WithRSA)12    fmt.Println(hex.EncodeToString(fingerprint))13}

fingerPrint

Using AI Code Generation

1import (2func main() {3    cert, err := ioutil.ReadFile("cert.pem")4    if err != nil {5        fmt.Println(err)6    }7    block, _ := pem.Decode(cert)8    if block == nil {9        fmt.Println("failed to parse certificate PEM")10    }11    x509cert, err := x509.ParseCertificate(block.Bytes)12    if err != nil {13        fmt.Println(err)14    }15    fingerPrint := x509cert.Fingerprint(x509.SHA256)16    fmt.Println(hex.EncodeToString(fingerPrint))17}18import (19func main() {20    cert, err := ioutil.ReadFile("cert.pem")21    if err != nil {22        fmt.Println(err)23    }24    block, _ := pem.Decode(cert)25    if block == nil {26        fmt.Println("failed to parse certificate PEM")27    }28    x509cert, err := x509.ParseCertificate(block.Bytes)29    if err != nil {30        fmt.Println(err)31    }32    fingerPrint := x509cert.Fingerprint(x509.SHA256)

fingerPrint

Using AI Code Generation

1import (2func main() {3    cert, err := ioutil.ReadFile("cert.pem")4    if err != nil {5        log.Fatal(err)6    }7    block, _ := pem.Decode(cert)8    if block == nil {9        log.Fatal("failed to parse certificate PEM")10    }11    certificate, err := x509.ParseCertificate(block.Bytes)12    if err != nil {13        log.Fatal(err)14    }15    fmt.Println(certificate.Fingerprint)16}17GoLang: x509.Certificate.Verify() Method18GoLang: x509.Certificate.CheckSignature() Method19GoLang: x509.Certificate.CheckSignatureFrom() Method20GoLang: x509.Certificate.Equal() Method21GoLang: x509.Certificate.CheckSignatureFrom() Method22GoLang: x509.Certificate.CheckSignature() Method23GoLang: x509.Certificate.Verify() Method24GoLang: x509.Certificate.CheckSignature() Method25GoLang: x509.Certificate.CheckSignatureFrom() Method26GoLang: x509.Certificate.Equal() Method27GoLang: x509.Certificate.CheckSignatureFrom() Method28GoLang: x509.Certificate.CheckSignature() Method29GoLang: x509.Certificate.Verify() Method30GoLang: x509.Certificate.CheckSignature() Method31GoLang: x509.Certificate.CheckSignatureFrom() Method32GoLang: x509.Certificate.Equal() Method33GoLang: x509.Certificate.CheckSignatureFrom() Method34GoLang: x509.Certificate.CheckSignature() Method35GoLang: x509.Certificate.Verify() Method36GoLang: x509.Certificate.CheckSignature() Method37GoLang: x509.Certificate.CheckSignatureFrom() Method38GoLang: x509.Certificate.Equal() Method

Automation Testing Tutorials

Learn to execute automation testing from scratch with LambdaTest Learning Hub. Right from setting up the prerequisites to run your first automation test, to following best practices and diving deeper into advanced test scenarios. LambdaTest Learning Hubs compile a list of step-by-step guides to help you be proficient with different test automation frameworks i.e. Selenium, Cypress, TestNG etc.