FAQ
Hi

I'm creating a package to build Apple passbook files and I need to sign a
file using private key and certificate.

I'm not sure where to begin however.

Ruby code to do the same thing is below, can this be done with the Go
standard library?

def sign_manifest
puts "Signing the manifest"
# Import the certificates
p12_certificate = OpenSSL::PKCS12::new(File.read(self.certificate_url),
self.certificate_password)
wwdr_certificate =
OpenSSL::X509::Certificate.new(File.read(self.wwdr_intermediate_certificate_path))

# Sign the data
flag = OpenSSL::PKCS7::BINARY|OpenSSL::PKCS7::DETACHED
signed = OpenSSL::PKCS7::sign(p12_certificate.certificate,
p12_certificate.key, File.read(self.manifest_url), [wwdr_certificate], flag)

# Create an output path for the signed data
self.signature_url = self.temporary_path + "/signature"

# Write out the data
File.open(self.signature_url, "w") do |f|
f.syswrite signed.to_der
end
end

Thanks
Ryan

--

Search Discussions

  • Agl at Oct 5, 2012 at 7:08 pm

    On Friday, October 5, 2012 12:27:37 PM UTC-4, Ryan Slade wrote:

    I'm creating a package to build Apple passbook files and I need to sign a
    file using private key and certificate.

    I'm not sure where to begin however.
    I'm afraid that we don't have support for either PKCS#7, nor PKCS#12 in the
    standard libraries. I'm not aware of any Go code that does it either.

    You can, of course, shell out or use cgo to do this via OpenSSL, as Ruby
    does. But I'm afraid that PKCS#7 (especially) represents the very worst of
    architecture astronaut design and we're unlikely to support it naively any
    time soon.


    Cheers

    AGL

    --
  • Ryan Slade at Oct 6, 2012 at 6:37 pm
    Ah, ok. Thanks for letting me know.

    Probably going to be easiest to shell out.
    On Friday, 5 October 2012 20:08:25 UTC+1, agl wrote:
    On Friday, October 5, 2012 12:27:37 PM UTC-4, Ryan Slade wrote:

    I'm creating a package to build Apple passbook files and I need to sign a
    file using private key and certificate.

    I'm not sure where to begin however.
    I'm afraid that we don't have support for either PKCS#7, nor PKCS#12 in
    the standard libraries. I'm not aware of any Go code that does it either.

    You can, of course, shell out or use cgo to do this via OpenSSL, as Ruby
    does. But I'm afraid that PKCS#7 (especially) represents the very worst of
    architecture astronaut design and we're unlikely to support it naively any
    time soon.


    Cheers

    AGL
    --

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupgolang-nuts @
categoriesgo
postedOct 5, '12 at 4:27p
activeOct 6, '12 at 6:37p
posts3
users2
websitegolang.org

2 users in discussion

Ryan Slade: 2 posts Agl: 1 post

People

Translate

site design / logo © 2022 Grokbase