I have .p12 extension which contains certificate and passkey. Then I extract cert and key in PEM using these commands:
openssl pkcs12 -in <filename>.p12 -clcerts -nokeys -out passcertificate.pem -passin pass:<password>
openssl pkcs12 -in Certificates.p12 -nocerts -out passkey.pem -passin pass:<password> -passout pass:<password_out>
After all I sign file with private key and intermediate cert to get signature.
openssl smime -binary -sign -certfile <intermediate>.pem -signer passcertificate.pem -inkey passkey.pem -in manifest.json -out signature -outform DER -passin pass:<password_out>
Is this possible to reproduce these steps in Go using standard library?
// read file content to be signed
content, err := ioutil.ReadFile(".../path_to_file/manifest.json")
if err != nil {
//
}
// read .p12 file
buf, err := ioutil.ReadFile(".../path_to_file/Certificate.p12")
if err != nil {
//
}
// extract key and cert
pk, cert, err := pkcs12.Decode(buf, password)
if err != nil {
return err
}
privateKey := pk.(*rsa.PrivateKey)
// create hash
h := crypto.SHA256.New()
_, err = h.Write(content)
if err != nil {
//
}
hashed := h.Sum(nil)
// how to pass intermediate cert??
sign, err := rsa.SignPKCS1v15(rand.Reader, privateKey, crypto.SHA256,
hashed)
if err != nil {
return err
}
sig := base64.RawURLEncoding.EncodeToString(sign)
