From f1afb68089af449d15a0d48350139a59ffb619bf Mon Sep 17 00:00:00 2001 From: =?utf8?q?=E5=88=98=E6=B4=AA=E9=9D=92?= Date: Fri, 20 Sep 2019 12:35:33 +0800 Subject: [PATCH] =?utf8?q?chore:=20=E9=83=A8=E7=BD=B2=E6=97=B6=EF=BC=8Cjwt?= =?utf8?q?=E6=89=80=E9=9C=80=E7=9A=84=E5=85=AC=E7=A7=81=E9=92=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit --- certs/jwt/jwt_private_key.pem | 15 ++++++ certs/jwt/jwt_private_key_pkcs8.pem | 16 ++++++ certs/jwt/jwt_public_key.pem | 6 +++ certs/jwt/readme.md | 84 +++++++++++++++++++++++++++++ 4 files changed, 121 insertions(+) create mode 100644 certs/jwt/jwt_private_key.pem create mode 100644 certs/jwt/jwt_private_key_pkcs8.pem create mode 100644 certs/jwt/jwt_public_key.pem create mode 100644 certs/jwt/readme.md diff --git a/certs/jwt/jwt_private_key.pem b/certs/jwt/jwt_private_key.pem new file mode 100644 index 0000000..dab30cf --- /dev/null +++ b/certs/jwt/jwt_private_key.pem @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXgIBAAKBgQD1GfdJ43Cy7Mmjwi1L6TSLXLyGK25PvsJWEeJ9zM6PWkHBS+FJ +bs/Jd+ITyIVugwelq5pFOrFJgyXbhCaqi1BYIRgKJbriK1hKIaQ+VVuUmPEhB0xZ +rthlkCGcUITq2crzfxpLQCS1SexsinCwmmwOZ2ZTxcSCUmrrWxYMP41QrwIDAQAB +AoGAL+eATp+2YjIngusrwT92NprMegi5CbsF7p6WPvItmRUR7v6urJSM5hqZRDaX +5a6UawvsHgXHqs+IMaxVhlWuQPljxC0YsjdOuT4XSL6Pd4fmQEPOAKnD1K82aR9n +TYA9ytM/PbGfmutE96fIdtNyPc7NY2WNFjQ/x1cO8JKXnhECQQD71rc78Y1cDCQ4 +4mOBjL6pDuACB4JvmI9Z+ywc6H0gtXpwzhDA95vs66RLrcss75ASkbM7oRacuTNf +2hppIh+ZAkEA+SbAUa0LgFBvHxaokNnOYAJjWvabQP+Nj84iOFv0snuPTKcQ2Ult +pYOr8zZIa3yCJdb2JAAhZTDv/DpVTAg/hwJBANeJawV4tP1kvtOYnoVQChXyzzGt +b6tHLNlcKOMM75rA92v4UUp2IRNikhjbQ5rP5cSewoF0W0ADGb8dkaENPXECQQDE +RwfpECboXfU8i5AeFMglEJyO84mZaflumZiRx7d8yCQ64b4/Pz52zsUuY8wniT3K +a48bC1NDsYrNrHK35COPAkEA1yHlCEIJIis8pjn9czZ+1Yvwj0UUiukrpZHYYsg2 +oLpnXVffz5Vp4wPY4W7Nsvz9iSzWhbFojKsc8ZX/nSukFQ== +-----END RSA PRIVATE KEY----- diff --git a/certs/jwt/jwt_private_key_pkcs8.pem b/certs/jwt/jwt_private_key_pkcs8.pem new file mode 100644 index 0000000..c9f2d79 --- /dev/null +++ b/certs/jwt/jwt_private_key_pkcs8.pem @@ -0,0 +1,16 @@ +-----BEGIN PRIVATE KEY----- +MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAPUZ90njcLLsyaPC +LUvpNItcvIYrbk++wlYR4n3Mzo9aQcFL4Uluz8l34hPIhW6DB6WrmkU6sUmDJduE +JqqLUFghGAoluuIrWEohpD5VW5SY8SEHTFmu2GWQIZxQhOrZyvN/GktAJLVJ7GyK +cLCabA5nZlPFxIJSautbFgw/jVCvAgMBAAECgYAv54BOn7ZiMieC6yvBP3Y2msx6 +CLkJuwXunpY+8i2ZFRHu/q6slIzmGplENpflrpRrC+weBceqz4gxrFWGVa5A+WPE +LRiyN065PhdIvo93h+ZAQ84AqcPUrzZpH2dNgD3K0z89sZ+a60T3p8h203I9zs1j +ZY0WND/HVw7wkpeeEQJBAPvWtzvxjVwMJDjiY4GMvqkO4AIHgm+Yj1n7LBzofSC1 +enDOEMD3m+zrpEutyyzvkBKRszuhFpy5M1/aGmkiH5kCQQD5JsBRrQuAUG8fFqiQ +2c5gAmNa9ptA/42PziI4W/Sye49MpxDZSW2lg6vzNkhrfIIl1vYkACFlMO/8OlVM +CD+HAkEA14lrBXi0/WS+05iehVAKFfLPMa1vq0cs2Vwo4wzvmsD3a/hRSnYhE2KS +GNtDms/lxJ7CgXRbQAMZvx2RoQ09cQJBAMRHB+kQJuhd9TyLkB4UyCUQnI7ziZlp ++W6ZmJHHt3zIJDrhvj8/PnbOxS5jzCeJPcprjxsLU0Oxis2scrfkI48CQQDXIeUI +QgkiKzymOf1zNn7Vi/CPRRSK6SulkdhiyDagumddV9/PlWnjA9jhbs2y/P2JLNaF +sWiMqxzxlf+dK6QV +-----END PRIVATE KEY----- diff --git a/certs/jwt/jwt_public_key.pem b/certs/jwt/jwt_public_key.pem new file mode 100644 index 0000000..65f064c --- /dev/null +++ b/certs/jwt/jwt_public_key.pem @@ -0,0 +1,6 @@ +-----BEGIN PUBLIC KEY----- +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD1GfdJ43Cy7Mmjwi1L6TSLXLyG +K25PvsJWEeJ9zM6PWkHBS+FJbs/Jd+ITyIVugwelq5pFOrFJgyXbhCaqi1BYIRgK +JbriK1hKIaQ+VVuUmPEhB0xZrthlkCGcUITq2crzfxpLQCS1SexsinCwmmwOZ2ZT +xcSCUmrrWxYMP41QrwIDAQAB +-----END PUBLIC KEY----- diff --git a/certs/jwt/readme.md b/certs/jwt/readme.md new file mode 100644 index 0000000..0913d3f --- /dev/null +++ b/certs/jwt/readme.md @@ -0,0 +1,84 @@ +# readme.md + + +## 使用 openssl 生成 公私钥 + +进入 certs/jwt 目录下 + +1. 生成私钥 App Private Key + +必须为 RSA2(SHA256) + +```bash +openssl genrsa -out jwt_private_key.pem 1024 +``` + +2. 将私钥转换为 PKCS8 格式 + +```bash +openssl pkcs8 -topk8 -inform PEM -in jwt_private_key.pem -outform PEM -nocrypt -out jwt_private_key_pkcs8.pem +``` + +3. 导出公钥 App Public Key + +```bash +openssl rsa -in jwt_private_key.pem -pubout -out jwt_public_key.pem +``` + +4. 将 jwt_public_key.pem 中的内容,去除换行和空格,转成字符串。 + +处理前: +```language +-----BEGIN PUBLIC KEY----- +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBr5wUHXSlLSFU17T4wDX8ehAI +2nnZxCc2SnpgfNwuR3jvViSVyr+Pd6JJEeMcl397qKjWqFD/CRlUSB/UEPQRxxbB +XVlXRB289KE9xteDk04bU17ILgX8Vz/7LFRLn2CpaCSICfWENhoMRJm7xIAodrI3 +FugvRF/6jdTQis2LcQIDAQAB +-----END PUBLIC KEY----- +``` +处理后: +```language +-----BEGIN PUBLIC KEY----- +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBr5wUHXSlLSFU17T4wDX8ehAI2nnZxCc2SnpgfNwuR3jvViSVyr+Pd6JJEeMcl397qKjWqFD/CRlUSB/UEPQRxxbBXVlXRB289KE9xteDk04bU17ILgX8Vz/7LFRLn2CpaCSICfWENhoMRJm7xIAodrI3FugvRF/6jdTQis2LcQIDAQAB +-----END PUBLIC KEY----- +``` + +4. 将 jwt_private_key_pkcs8.pem 中的内容,去除换行和空格,转成字符串。 + +处理前: +```language +-----BEGIN PRIVATE KEY----- +MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMGvnBQddKUtIVTX +tPjANfx6EAjaednEJzZKemB83C5HeO9WJJXKv493okkR4xyXf3uoqNaoUP8JGVRI +H9QQ9BHHFsFdWVdEHbz0oT3G14OTThtTXsguBfxXP/ssVEufYKloJIgJ9YQ2GgxE +mbvEgCh2sjcW6C9EX/qN1NCKzYtxAgMBAAECgYBKBSjq7w7jCUpRuFYrMpnvMV7r +Y0NqG/K4ZuI5+b3T2fC31v4IWQG4fIoCztky1hscUSqlTpIVxY5ujVnMm+YKMXs+ +qW2zyUdvoqUbFNAZstYatg6FQ7QlwXMDnIzlq6w5lEofsO46+0kH/d9IX+cPN0nH +04J1UKwg0ugyjYVUAQJBAP8di+ECIJkVTbi96JWMCfK1eYdxwe+8DEd7kcW2P6qU +/0fxP6qExkbFqPWQbJVNvOKmH5tVW5oi4Q7vaT4MzJECQQDCW4kMG7a6yBKRWZ1/ +hAixqumBv5FFCnL/yzqH6a5n8tb91vcQCwBGfu+YeQt8zVI56BTP4AJDF5KQu1vq +kcDhAkEA+YaHu2QeSDzrEShG5obbcBaKMK1WmEqg5AX8FZrleM5VRqOztvA5Ex3f +3ZgObJZlinYb8g2yE/fLk5UdpgBU0QJAFw+FU0p2g/L5QQXBCkBAR9RfoGV6dxam +TnNunnG7n9nQaI35Ao5LmhG1nAHAuy4hc311+rQ5kHxbh5Czd0GUAQJBALxZpqPZ +y7LrKmTbVLAdd0K1dQ3jWUsqk5HXwlxzrmmypn5ut41zwZQl0znyrv7XcfDZ6dqR +hh20uoiJ/Hfky6A= +-----END PRIVATE KEY----- +``` +处理后: +```language +-----BEGIN PRIVATE KEY----- +MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMGvnBQddKUtIVTXtPjANfx6EAjaednEJzZKemB83C5HeO9WJJXKv493okkR4xyXf3uoqNaoUP8JGVRIH9QQ9BHHFsFdWVdEHbz0oT3G14OTThtTXsguBfxXP/ssVEufYKloJIgJ9YQ2GgxEmbvEgCh2sjcW6C9EX/qN1NCKzYtxAgMBAAECgYBKBSjq7w7jCUpRuFYrMpnvMV7rY0NqG/K4ZuI5+b3T2fC31v4IWQG4fIoCztky1hscUSqlTpIVxY5ujVnMm+YKMXs+qW2zyUdvoqUbFNAZstYatg6FQ7QlwXMDnIzlq6w5lEofsO46+0kH/d9IX+cPN0nH04J1UKwg0ugyjYVUAQJBAP8di+ECIJkVTbi96JWMCfK1eYdxwe+8DEd7kcW2P6qU/0fxP6qExkbFqPWQbJVNvOKmH5tVW5oi4Q7vaT4MzJECQQDCW4kMG7a6yBKRWZ1/hAixqumBv5FFCnL/yzqH6a5n8tb91vcQCwBGfu+YeQt8zVI56BTP4AJDF5KQu1vqkcDhAkEA+YaHu2QeSDzrEShG5obbcBaKMK1WmEqg5AX8FZrleM5VRqOztvA5Ex3f3ZgObJZlinYb8g2yE/fLk5UdpgBU0QJAFw+FU0p2g/L5QQXBCkBAR9RfoGV6dxamTnNunnG7n9nQaI35Ao5LmhG1nAHAuy4hc311+rQ5kHxbh5Czd0GUAQJBALxZpqPZy7LrKmTbVLAdd0K1dQ3jWUsqk5HXwlxzrmmypn5ut41zwZQl0znyrv7XcfDZ6dqRhh20uoiJ/Hfky6A= +-----END PRIVATE KEY----- +``` + + +5. (可选)将pem内容进行 base64 编码后,配置到k8s + +echo -n '-----BEGIN PUBLIC KEY----- +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBr5wUHXSlLSFU17T4wDX8ehAI2nnZxCc2SnpgfNwuR3jvViSVyr+Pd6JJEeMcl397qKjWqFD/CRlUSB/UEPQRxxbBXVlXRB289KE9xteDk04bU17ILgX8Vz/7LFRLn2CpaCSICfWENhoMRJm7xIAodrI3FugvRF/6jdTQis2LcQIDAQAB +-----END PUBLIC KEY-----' |base64 + + +echo -n '-----BEGIN PRIVATE KEY----- +MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMGvnBQddKUtIVTXtPjANfx6EAjaednEJzZKemB83C5HeO9WJJXKv493okkR4xyXf3uoqNaoUP8JGVRIH9QQ9BHHFsFdWVdEHbz0oT3G14OTThtTXsguBfxXP/ssVEufYKloJIgJ9YQ2GgxEmbvEgCh2sjcW6C9EX/qN1NCKzYtxAgMBAAECgYBKBSjq7w7jCUpRuFYrMpnvMV7rY0NqG/K4ZuI5+b3T2fC31v4IWQG4fIoCztky1hscUSqlTpIVxY5ujVnMm+YKMXs+qW2zyUdvoqUbFNAZstYatg6FQ7QlwXMDnIzlq6w5lEofsO46+0kH/d9IX+cPN0nH04J1UKwg0ugyjYVUAQJBAP8di+ECIJkVTbi96JWMCfK1eYdxwe+8DEd7kcW2P6qU/0fxP6qExkbFqPWQbJVNvOKmH5tVW5oi4Q7vaT4MzJECQQDCW4kMG7a6yBKRWZ1/hAixqumBv5FFCnL/yzqH6a5n8tb91vcQCwBGfu+YeQt8zVI56BTP4AJDF5KQu1vqkcDhAkEA+YaHu2QeSDzrEShG5obbcBaKMK1WmEqg5AX8FZrleM5VRqOztvA5Ex3f3ZgObJZlinYb8g2yE/fLk5UdpgBU0QJAFw+FU0p2g/L5QQXBCkBAR9RfoGV6dxamTnNunnG7n9nQaI35Ao5LmhG1nAHAuy4hc311+rQ5kHxbh5Czd0GUAQJBALxZpqPZy7LrKmTbVLAdd0K1dQ3jWUsqk5HXwlxzrmmypn5ut41zwZQl0znyrv7XcfDZ6dqRhh20uoiJ/Hfky6A= +-----END PRIVATE KEY-----' |base64 -- 2.17.1