Last active
June 8, 2022 10:38
-
-
Save cp-sumi-k/50ebc3eb37bfc6455139c9231770ae01 to your computer and use it in GitHub Desktop.
https://medium.com/canopas/golang-handling-appstore-server-to-server-v2-notifications-ef1e8eb05118- verify_cert
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| func verifyCert(certByte []byte, intermediateCert []byte) error { | |
| roots := x509.NewCertPool() // new empty set of certificate pool | |
| ok := roots.AppendCertsFromPEM([]byte(APP_STORE_NOTIFICATION_ROOT_CERT)) // parse and append app store certificate to certPool | |
| if !ok { | |
| return errors.New("failed to parse root certificate") | |
| } | |
| interCert, err := x509.ParseCertificate(intermediateCert) // parse and append intermediate X5c certificate | |
| if err != nil { | |
| return errors.New("failed to parse intermediate certificate") | |
| } | |
| intermediate := x509.NewCertPool() | |
| intermediate.AddCert(interCert) | |
| cert, err := x509.ParseCertificate(certByte) // parse X5c certificate | |
| if err != nil { | |
| return err | |
| } | |
| opts := x509.VerifyOptions{ // append certificate pool to verify options of x509 | |
| Roots: roots, | |
| Intermediates: intermediate, | |
| } | |
| if _, err := cert.Verify(opts); err != nil { // verify X5c certificate using app store certificate resides in opts | |
| return err | |
| } | |
| return nil | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment