GitHub/proxypin
1
0
Fork 0
mirror of https://github.com/wanghongenpin/proxypin.git synced 2026-06-03 17:25:48 +08:00
Code Issues Packages Projects Releases 1 Wiki Activity
Files
b1a17eb349307254b773b06ec1b21f52eccb0208
proxypin/test/cert_test.dart
wanghongenpin b1a17eb349 Export Root Certificate P12 (#185)
2024-07-25 00:29:55 +08:00

62 lines
2.3 KiB
Dart
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
import 'dart:io';
import 'dart:math';
import 'package:basic_utils/basic_utils.dart';
import 'package:network_proxy/network/util/x509.dart';
void main() async {
var caPem = await File('assets/certs/ca.crt').readAsString();
//生成 公钥和私钥
var caRoot = X509Utils.x509CertificateFromPem(caPem);
var generateRSAKeyPair = CryptoUtils.generateRSAKeyPair();
var serverPubKey = generateRSAKeyPair.publicKey as RSAPublicKey;
var serverPriKey = generateRSAKeyPair.privateKey as RSAPrivateKey;
//保存私钥
var serverPriKeyPem = CryptoUtils.encodeRSAPrivateKeyToPem(serverPriKey);
print(serverPriKeyPem);
await File('assets/certs/server.key').writeAsString(serverPriKeyPem);
var rsaPrivateKeyFromPem = CryptoUtils.rsaPrivateKeyFromPem(serverPriKeyPem);
print(rsaPrivateKeyFromPem);
var crt = generate(caRoot, serverPubKey, serverPriKey);
print(crt);
await File('assets/certs/server.crt').writeAsString(crt);
//TLS服务器证书必须包含ExtendedKeyUsageEKU扩展该扩展包含id-kp-serverAuth OID。
X509Utils.generateSelfSignedCertificate(serverPriKey, CryptoUtils.encodeRSAPublicKeyToPem(serverPubKey), 825,
serialNumber: Random().nextInt(1000000).toString(),
issuer: {
'C': 'CN',
'ST': 'BJ',
'L': 'Beijing',
'O': 'Proxy',
'OU': 'ProxyPin',
'CN': 'ProxyPin CA (${Platform.localHostname})'
},
extKeyUsage: [
ExtendedKeyUsage.SERVER_AUTH
]);
var generatePkcs12 = Pkcs12Utils.generatePkcs12(serverPriKeyPem, [crt], password: '123456');
await File('C:\\Users\\wanghongen\\Downloads\\server.p12').writeAsBytes(generatePkcs12);
}
/// 生成证书
String generate(X509CertificateData caRoot, RSAPublicKey serverPubKey, RSAPrivateKey caPriKey) {
//根据CA证书subject来动态生成目标服务器证书的issuer和subject
Map<String, String> x509Subject = {
'C': 'CN',
'ST': 'BJ',
'L': 'Beijing',
'O': 'Proxy',
'OU': 'ProxyPin',
};
x509Subject['CN'] = 'ProxyPin CA (${Platform.localHostname})';
var csrPem = X509Generate.generateSelfSignedCertificate(caRoot, serverPubKey, caPriKey, 825,
extKeyUsage: [ExtendedKeyUsage.SERVER_AUTH],
sans: [x509Subject['CN']!],
serialNumber: Random().nextInt(1000000).toString(),
subject: x509Subject);
return csrPem;
}
Reference in New Issue View Git Blame Copy Permalink