dougan4884 2017-02-08 05:32
浏览 599
已采纳

如何在Golang SSH中使用加密的私钥

I would appreciate pointers because I cannot work out how to decrypt an encrypted key in order to use it with golang ssh. I'm attempting to mash together two other sources of code (including this one) but unable to get this to work.

I think I'm getting to a DER but need to marshall this back to PEM in order to use it with crypto/ssh

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,D7C72273BE168626E5B2D1BC72E56326
...
-----END RSA PRIVATE KEY-----

I read it:

key, err := ioutil.ReadFile(privateKey)
if err != nil {
    log.Fatalf("Unable to read private key: %v", err)
}

With an unencrypted (!) key, I can then:

signer, err := ssh.ParsePrivateKey(key)
if err != nil {
    log.Fatalf("Unable to parse private key: %v", err)
}

config := &ssh.ClientConfig{
    User: username,
    Auth: []ssh.AuthMethod{
        ssh.PublicKeys(signer),
    },
}

And this would work.

I reused some code that I think gets me the decrypted PEM as a DER:

func decrypt(key []byte, password []byte) []byte {
    block, rest := pem.Decode(key)
    if len(rest) > 0 {
        log.Fatalf("Extra data included in key")
    }
    der, err := x509.DecryptPEMBlock(block, password)
    if err != nil {
        log.Fatalf("Decrypt failed: %v", err)
    }
    return der
}

But, how do I get from the DER to a signer?

Or, what's the best way to solve this?

  • 写回答

3条回答 默认 最新

    报告相同问题?

    相关推荐 更多相似问题

    悬赏问题

    • ¥20 有没有认识硅云的研发 求介绍
    • ¥15 unittest __import__加载名为‘1’的model无法找到
    • ¥30 魔术师读心术猜数字实验
    • ¥15 关于#Python#的问题,如何解决?
    • ¥15 CMD 生成TXT内容输出成一行
    • ¥20 关于#pandas#的问题,如何解决?(语言-python)
    • ¥30 c语言设计井字棋小游戏
    • ¥15 关于属性关联的双极容度多属性决策vikor方法的公式
    • ¥15 10吨190马力爆炸品运输车,以80km/h的速度行驶1个小时输出的动能或者做的功是多少?
    • ¥15 《phthon编程从入门到实践》第十八章,从django入手,learning_log,ModuleNotFoundError: No module named 'learning_logs