kaz/subject_key_identifier.go

## subject_key_identifier.go
package main

import (
	"bytes"
	"crypto/sha1"
	"crypto/x509"
	"crypto/x509/pkix"
	"encoding/asn1"
	"encoding/hex"
	"encoding/pem"
	"fmt"
)

var data = []byte(`
-----BEGIN CERTIFICATE-----
MIIDNTCCAh2gAwIBAgIJAJ3pKHCWixRYMA0GCSqGSIb3DQEBCwUAMBYxFDASBgNV
BAMMC0Vhc3ktUlNBIENBMB4XDTIwMDMwNTA1MzE1M1oXDTMwMDMwMzA1MzE1M1ow
FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQCz0aPKxXN6n3bioRFfmRFvFcRkxVlV+QeZd3zT6z0Dz7sysGai72wk
WHlFgtclEPIXrpG4gVGSZT4g7yCMYmRJL0BEwFY81RJfzAyk9tSn9P/XozVQmKkA
CCdqh8962jZi2VKChdF+x8CbSsy0ahpps7pF24iaWXPA+sKPCFcDS6sIGjLCSmFN
FN1cvFx31n/sK/BiTqi7ECSx7xa/cCHcHCcb4CZrgPgs/FMPDORazIeiqvGYGSkY
IjLb5frR3zzYeIVbf3qCMRbACK0+2TgRNFcYs/x/NnzqpSWA3iu0NaY8kTX40fqh
KFQsnzUGaTWaJ7sN4BqTELC4bywVFLn3AgMBAAGjgYUwgYIwHQYDVR0OBBYEFAJK
Dea7FPR4U5dRkX9CddhHFwuFMEYGA1UdIwQ/MD2AFAJKDea7FPR4U5dRkX9CddhH
FwuFoRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIJAJ3pKHCWixRYMAwGA1Ud
EwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQChc48TRWxw
rqKZ6aFrQ876Sf2QOxm//BUtpgo4tQz6Bo+VUTYyaLaPZ3ou9ou3B2pwPMNo2vns
FAbo8u1vQLtRf18Dqi4R4V+3QMAE51TubMrm5fHEFpIL3e7OxpeY+hFVDmzuhXwE
JL9KYReXfXtZzKpPSP8LvUU5lwEfm6YD1WHqvLv6Qe47JZfuu68DCTSWN2qAeSJk
qPu09DcHt1gkDI/216aGn0w7J9mSG4mRGaJa+1mmMFzgzEgsSu/LX0dNEhgYTkJr
YnfNu8r5E/c8u58SliRMJYFGohlgdbrdrE+5kVqQvYGOsBbpq6gfl87Slm8VUi8i
L33kRbJsyJZz
-----END CERTIFICATE-----
`)

func main() {
	block, _ := pem.Decode(data)
	cert, err := x509.ParseCertificate(block.Bytes)
	if err != nil {
		panic(err)
	}

	var pkInfo struct {
		Algo      pkix.AlgorithmIdentifier
		BitString asn1.BitString
	}
	if _, err := asn1.Unmarshal(cert.RawSubjectPublicKeyInfo, &pkInfo); err != nil {
		panic(err)
	}

	ski := sha1.Sum(pkInfo.BitString.Bytes)
	if bytes.Compare(ski[:], cert.SubjectKeyId) == 0 {
		fmt.Println("[OK]")
	} else {
		fmt.Println("[NG]")
	}

	fmt.Println("Excected : " + hex.EncodeToString(cert.SubjectKeyId))
	fmt.Println("Actual   : " + hex.EncodeToString(ski[:]))
}
	package main

	import (
	"bytes"
	"crypto/sha1"
	"crypto/x509"
	"crypto/x509/pkix"
	"encoding/asn1"
	"encoding/hex"
	"encoding/pem"
	"fmt"
	)

	var data = []byte(`
	-----BEGIN CERTIFICATE-----
	MIIDNTCCAh2gAwIBAgIJAJ3pKHCWixRYMA0GCSqGSIb3DQEBCwUAMBYxFDASBgNV
	BAMMC0Vhc3ktUlNBIENBMB4XDTIwMDMwNTA1MzE1M1oXDTMwMDMwMzA1MzE1M1ow
	FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
	ggEKAoIBAQCz0aPKxXN6n3bioRFfmRFvFcRkxVlV+QeZd3zT6z0Dz7sysGai72wk
	WHlFgtclEPIXrpG4gVGSZT4g7yCMYmRJL0BEwFY81RJfzAyk9tSn9P/XozVQmKkA
	CCdqh8962jZi2VKChdF+x8CbSsy0ahpps7pF24iaWXPA+sKPCFcDS6sIGjLCSmFN
	FN1cvFx31n/sK/BiTqi7ECSx7xa/cCHcHCcb4CZrgPgs/FMPDORazIeiqvGYGSkY
	IjLb5frR3zzYeIVbf3qCMRbACK0+2TgRNFcYs/x/NnzqpSWA3iu0NaY8kTX40fqh
	KFQsnzUGaTWaJ7sN4BqTELC4bywVFLn3AgMBAAGjgYUwgYIwHQYDVR0OBBYEFAJK
	Dea7FPR4U5dRkX9CddhHFwuFMEYGA1UdIwQ/MD2AFAJKDea7FPR4U5dRkX9CddhH
	FwuFoRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIJAJ3pKHCWixRYMAwGA1Ud
	EwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQChc48TRWxw
	rqKZ6aFrQ876Sf2QOxm//BUtpgo4tQz6Bo+VUTYyaLaPZ3ou9ou3B2pwPMNo2vns
	FAbo8u1vQLtRf18Dqi4R4V+3QMAE51TubMrm5fHEFpIL3e7OxpeY+hFVDmzuhXwE
	JL9KYReXfXtZzKpPSP8LvUU5lwEfm6YD1WHqvLv6Qe47JZfuu68DCTSWN2qAeSJk
	qPu09DcHt1gkDI/216aGn0w7J9mSG4mRGaJa+1mmMFzgzEgsSu/LX0dNEhgYTkJr
	YnfNu8r5E/c8u58SliRMJYFGohlgdbrdrE+5kVqQvYGOsBbpq6gfl87Slm8VUi8i
	L33kRbJsyJZz
	-----END CERTIFICATE-----
	`)

	func main() {
	block, _ := pem.Decode(data)
	cert, err := x509.ParseCertificate(block.Bytes)
	if err != nil {
	panic(err)
	}

	var pkInfo struct {
	Algo pkix.AlgorithmIdentifier
	BitString asn1.BitString
	}
	if _, err := asn1.Unmarshal(cert.RawSubjectPublicKeyInfo, &pkInfo); err != nil {
	panic(err)
	}

	ski := sha1.Sum(pkInfo.BitString.Bytes)
	if bytes.Compare(ski[:], cert.SubjectKeyId) == 0 {
	fmt.Println("[OK]")
	} else {
	fmt.Println("[NG]")
	}

	fmt.Println("Excected : " + hex.EncodeToString(cert.SubjectKeyId))
	fmt.Println("Actual : " + hex.EncodeToString(ski[:]))
	}