从苹果下载椭圆曲线私钥 .p8证书文件
将下载的 p8 证书文件转 pkcs8 pem
openssl pkcs8 -nocrypt -in SubscriptionKey_9W8K7WAK6U.p8 -out SubscriptionKey.pem
openssl pkcs8 -topk8 -inform PEM -outform DER -in SubscriptionKey.pem -nocrypt > ec_private_pkcs8.pem
go jwt 签名
签名算法选用ES256
import (
"github.com/dgrijalva/jwt-go"
"crypto/x509"
)
func main() {
token := &jwt.Token{
Header: map[string]interface{}{
"typ": "JWT",
"kid": "苹果后台获取",
"alg": jwt.SigningMethodES256.Alg(),
},
Claims: jwt.MapClaims{
"iss": "苹果后台获取",
"iat": time.Now().Unix(),
"exp": time.Now().Add(3600 * time.Second).Unix(),
"aud": "appstoreconnect-v1",
"bid": "app包名",
},
Method: jwt.SigningMethodES256,
}
privatePem, err = ioutil.ReadFile("./ec_private_pkcs8.pem")
ecdsaKey, err := x509.ParsePKCS8PrivateKey(privatePem)
if err != nil {
t.Log("ecdsaKey Error...", err)
return
}
tk, err := token.SignedString(ecdsaKey)
t.Log("token...", tk, err)
}
