estebanbacl · September 1, 2021 19:22
diff --git a/main_trustcertificate.go b/main_trustcertificate.go
 package main

 import (
 	"bytes"
 	"crypto/tls"
 	"crypto/x509"
 	"encoding/base64"
 	"encoding/json"
 	"encoding/pem"
 	"fmt"
 	"io/ioutil"
 	"log"
 	"net/http"
 )

 var bundle = []byte(`
 -----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
 DEK-Info: DES-EDE3-CBC,95CCDB826FFE772F
 /H8peUP8zEPAuhm+sUdAN4/xLaA66w72p52jmg+V37b1YjOq2BNHhdijVuaU6fd5
 kvCTfV84ya+95FW6Nc7dDLOF/jam3c+V/6Zls7/1NoYnoA4P4QM3nAOoxx1F2FtI
 UKLHm+VHLG2Mq7yH91uRIUYemIwx+Rw9jk47OMfwC87DsEbPLVXKuvx0fT3tfyV/
 4C3ZiCNNQxstHykCxQvyuU6zZOTV3j7BBa0kQewWDTRby6UqsL//f29wJu8pYmW8
 hDvhGzvfNM+FsCZu5HyRUG8Fs/OS1mRHY0HznhI34ilZEIbhvwfd7QvIkNZwdrqh
 JYWPauFq9ljI/kbuILBm6XRT3dZdeMH6jC3w5igPgWVQrt/cIlpvdtFhA6hn+uxe
 s2HEZTFul3QBLJBUf2zwpoCs8spzN+cAvNSdDAFb3Bszs7JJHc3Dpw==
 -----END RSA PRIVATE KEY-----
 -----BEGIN CERTIFICATE-----
 MIIDwTCCAqkCCQCtAmRsONsSlDANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMC
 QVIxDjAMBgNVBAgMBUJTIEFTMR4wHAYDVQQKDBVCYW5jbyBJbmR1c3RyaWFsIFMu
 eopSMBWY4L74ZIXfqEKfJKdHGr9Qic2J9PSkqcAbca+kxn/WTrrwD5QxnYYoxL8D
 RBar1yc=
 -----END CERTIFICATE-----
 `)

 type Credentials struct {
 	Username string `json:"username"`
 	Password string `json:"password"`
 }

 func main() {

 	// CertificateBundleKey in base64 
 	var CertificateBundleKey = "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktORCBDRVJUSUZJQ0FURS0tLS0t"
 	fmt.Println(CertificateBundleKey)
 	data, _ := base64.StdEncoding.DecodeString(CertificateBundleKey)
 	bundle := []byte(string(data))

 	keyBlock, certsPEM := pem.Decode(bundle)

 	fmt.Println(x509.IsEncryptedPEMBlock(keyBlock)) // Output: true

 	// Decrypt key
 	keyDER, err := x509.DecryptPEMBlock(keyBlock, []byte(" --- PASSPHRASE --- "))
 	if err != nil {
 		log.Fatal(err)
 	}

 	// Update keyBlock with the plaintext bytes and clear the now obsolete
 	// headers.
 	keyBlock.Bytes = keyDER
 	keyBlock.Headers = nil

 	// Turn the key back into PEM format so we can leverage tls.X509KeyPair,
 	// which will deal with the intricacies of error handling, different key
 	// types, certificate chains, etc.
 	keyPEM := pem.EncodeToMemory(keyBlock)

 	cert, err := tls.X509KeyPair(certsPEM, keyPEM)
 	if err != nil {
 		log.Fatal(err)
 	}

 	config := &tls.Config{
 		Certificates:       []tls.Certificate{cert},
 		Renegotiation:      tls.RenegotiateOnceAsClient,
 		InsecureSkipVerify: true,
 	}

 	config.BuildNameToCertificate()
 	transport := &http.Transport{TLSClientConfig: config}
 	client := &http.Client{Transport: transport}

 	data2, _ := json.Marshal(map[string]string{
 		"username": `-- USER BIND --`,
 		"password": `-- PASSWORD --`,
 	})

 	// SEND REQUEST, JWT 
 	httpRequest, err := http.NewRequest("POST", "https:dominio.com.la/v1/login/jwt", bytes.NewBuffer(data2))
 	if err != nil {
 		fmt.Println("Error in construction")
 	}
 	httpRequest.Header.Add("content-type", "application/json")
 	resp, err := client.Do(httpRequest)
 	fmt.Println(resp.Status)

 	f, err := ioutil.ReadAll(resp.Body)
 	if err != nil {
 		log.Println(err)
 	}
 	resp.Body.Close()
 	if err != nil {
 		log.Fatal(err)
 	}

  fmt.Println(string(f))

 }
	package main

	import (
	"bytes"
	"crypto/tls"
	"crypto/x509"
	"encoding/base64"
	"encoding/json"
	"encoding/pem"
	"fmt"
	"io/ioutil"
	"log"
	"net/http"
	)

	var bundle = []byte(`
	-----BEGIN RSA PRIVATE KEY-----
	Proc-Type: 4,ENCRYPTED
	DEK-Info: DES-EDE3-CBC,95CCDB826FFE772F
	/H8peUP8zEPAuhm+sUdAN4/xLaA66w72p52jmg+V37b1YjOq2BNHhdijVuaU6fd5
	kvCTfV84ya+95FW6Nc7dDLOF/jam3c+V/6Zls7/1NoYnoA4P4QM3nAOoxx1F2FtI
	UKLHm+VHLG2Mq7yH91uRIUYemIwx+Rw9jk47OMfwC87DsEbPLVXKuvx0fT3tfyV/
	4C3ZiCNNQxstHykCxQvyuU6zZOTV3j7BBa0kQewWDTRby6UqsL//f29wJu8pYmW8
	hDvhGzvfNM+FsCZu5HyRUG8Fs/OS1mRHY0HznhI34ilZEIbhvwfd7QvIkNZwdrqh
	JYWPauFq9ljI/kbuILBm6XRT3dZdeMH6jC3w5igPgWVQrt/cIlpvdtFhA6hn+uxe
	s2HEZTFul3QBLJBUf2zwpoCs8spzN+cAvNSdDAFb3Bszs7JJHc3Dpw==
	-----END RSA PRIVATE KEY-----
	-----BEGIN CERTIFICATE-----
	MIIDwTCCAqkCCQCtAmRsONsSlDANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMC
	QVIxDjAMBgNVBAgMBUJTIEFTMR4wHAYDVQQKDBVCYW5jbyBJbmR1c3RyaWFsIFMu
	eopSMBWY4L74ZIXfqEKfJKdHGr9Qic2J9PSkqcAbca+kxn/WTrrwD5QxnYYoxL8D
	RBar1yc=
	-----END CERTIFICATE-----
	`)

	type Credentials struct {
	Username string `json:"username"`
	Password string `json:"password"`
	}

	func main() {

	// CertificateBundleKey in base64
	var CertificateBundleKey = "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktORCBDRVJUSUZJQ0FURS0tLS0t"
	fmt.Println(CertificateBundleKey)
	data, _ := base64.StdEncoding.DecodeString(CertificateBundleKey)
	bundle := []byte(string(data))

	keyBlock, certsPEM := pem.Decode(bundle)

	fmt.Println(x509.IsEncryptedPEMBlock(keyBlock)) // Output: true

	// Decrypt key
	keyDER, err := x509.DecryptPEMBlock(keyBlock, []byte(" --- PASSPHRASE --- "))
	if err != nil {
	log.Fatal(err)
	}

	// Update keyBlock with the plaintext bytes and clear the now obsolete
	// headers.
	keyBlock.Bytes = keyDER
	keyBlock.Headers = nil

	// Turn the key back into PEM format so we can leverage tls.X509KeyPair,
	// which will deal with the intricacies of error handling, different key
	// types, certificate chains, etc.
	keyPEM := pem.EncodeToMemory(keyBlock)

	cert, err := tls.X509KeyPair(certsPEM, keyPEM)
	if err != nil {
	log.Fatal(err)
	}

	config := &tls.Config{
	Certificates: []tls.Certificate{cert},
	Renegotiation: tls.RenegotiateOnceAsClient,
	InsecureSkipVerify: true,
	}

	config.BuildNameToCertificate()
	transport := &http.Transport{TLSClientConfig: config}
	client := &http.Client{Transport: transport}

	data2, _ := json.Marshal(map[string]string{
	"username": `-- USER BIND --`,
	"password": `-- PASSWORD --`,
	})

	// SEND REQUEST, JWT
	httpRequest, err := http.NewRequest("POST", "https:dominio.com.la/v1/login/jwt", bytes.NewBuffer(data2))
	if err != nil {
	fmt.Println("Error in construction")
	}
	httpRequest.Header.Add("content-type", "application/json")
	resp, err := client.Do(httpRequest)
	fmt.Println(resp.Status)

	f, err := ioutil.ReadAll(resp.Body)
	if err != nil {
	log.Println(err)
	}
	resp.Body.Close()
	if err != nil {
	log.Fatal(err)
	}

	fmt.Println(string(f))

	}