dongwo6477
dongwo6477
2015-10-23 11:33

从PEM文件加载(生成的OpenSSL)DSA私钥

  • openssl
已采纳

I'm trying to load a dsa private key in my program, Here is how I approached it:

  1. I create a dsa key pair using openssl:

    openssl dsaparam -genkey 2048 -out dsakey.pem
    
  2. I use the following function to parse the pem file

    func getDSAPrivateKeyFromPemFile(pemfilepath string) (recoveredprivateKey *dsa.PrivateKey, err error) {
    pemfile, err := os.Open(pemfilepath)
    if err != nil {
        return nil, err
    }
    recoveredbytes, err := ioutil.ReadAll(pemfile)
    if err != nil {
        return nil, err
    }
    
    recoveredpemdsaparameteres, rest := pem.Decode(recoveredbytes)
    if recoveredpemdsaparameteres == nil {
        return nil, errors.New("No pem recovered")
    }
    
    _, err = asn1.Unmarshal(append(recoveredpemdsaparameteres.Bytes, recoveredpemdsaprivatekey.Bytes...), recoveredprivateKey)
    if err != nil {
        return nil, err
     }
     fmt.Printf("PEM:%v
    ", recoveredpemdsaparameteres)
    
     recoveredpemdsaprivatekey, _ := pem.Decode(rest)
     fmt.Printf("PEM:%v
    ", recoveredpemdsaprivatekey)
     pemfile.Close()
    }
    

When I call this function if fails:

panic: reflect: call of reflect.Value.Type on zero Value

goroutine 1 [running]:
reflect.Value.Type(0x0, 0x0, 0x0, 0x0, 0x0)
    /usr/local/go/src/reflect/value.go:1664 +0x7b
encoding/asn1.parseField(0x0, 0x0, 0x0, 0xc8200b0600, 0x58b, 0x600, 0x0, 0x0, 0x0, 0x0, ...)
    /usr/local/go/src/encoding/asn1/asn1.go:558 +0xbd
encoding/asn1.UnmarshalWithParams(0xc8200b0600, 0x58b, 0x600, 0x1383e0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ...)
    /usr/local/go/src/encoding/asn1/asn1.go:957 +0x16e
encoding/asn1.Unmarshal(0xc8200b0600, 0x58b, 0x600, 0x1383e0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
    /usr/local/go/src/encoding/asn1/asn1.go:950 +0x8f
main.getDSAPrivateKeyFromPemFile(0x1e7fa0, 0x26, 0x0, 0x0, 0x0)

However, I can perfectly see my dsa key in output:

PEM:&{DSA PARAMETERS map[] [48 130 2 45 2 130...]}
PEM:&{DSA PRIVATE KEY map[] [48 130 3 86 2 1 0 ...]}

The problem is in fact how to unmarshal pem bytes to dsa.PrivateKey. Any ideas?

P.S: I was not able to find any example of loading DSA private key pem file over the internet.

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享
  • 邀请回答

1条回答

  • duanmajing9332 duanmajing9332 6年前

    After spending couple of hours, I managed to fix my problem I post my finding so it may save someone's time:

    First I reviewed my pem file encoding using this great online tool: http://lapo.it/asn1js/. Only then I realized go is expecting the pem file to have different structure... Not nice! Aftwerwards, it was not hard to relate each value within the file to the corresponding dsa.PrivateKey struct. So, I made a new struct and named it MyPrivateKey with the same order as the pem file:

    type MyPrivateKey struct {
        E1, P, Q, G, Y, X *big.Int
    }
    

    Then, instead of trying to unmarshal directly to dsa.PrivateKey, I unmarshaled the asn1 encoded value to my self made struct. And magically it worked. Here is the modified func:

    func getDSAPrivateKeyFromPemFile(pemFilePath string) (privateKey *dsa.PrivateKey, err error) {
        pemfile, err := os.Open(pemFilePath)
    
        if err != nil {
            return nil, err
        }
        recoveredBytes, err := ioutil.ReadAll(pemfile)
        if err != nil {
            return nil, err
        }
        pemfile.Close()
    
        pemDSAParameters, rest := pem.Decode(recoveredBytes)
        if pemDSAParameters == nil {
            return nil, errors.New("No pem recovered")
        }
        pemDSAPrivateKey, _ := pem.Decode(rest)
        keyParameters := dsa.Parameters{G: big.NewInt(0), P: big.NewInt(0), Q: big.NewInt(0)}
        _, err = asn1.Unmarshal(pemDSAParameters.Bytes, &keyParameters)
        if err != nil {
            return nil, err
        }
        //fmt.Printf("
    
    
    
    
    
    P:%x
    
    G:%x
    
    Q:%x
    
    
    
    
    
    ", keyParameters.P, keyParameters.G, keyParameters.Q)
        myPrivateKey := MyPrivateKey{}
        _, err = asn1.Unmarshal(pemDSAPrivateKey.Bytes, &myPrivateKey)
        if err != nil {
            return nil, err
        }
        //fmt.Printf("
    private
    E1:%x
    
    P:%x
    
    Q:%x
    
    G:%x
    
    Y:%x
    X:%x
    
    
    
    ", myPrivateKey.E1, myPrivateKey.P, myPrivateKey.Q, myPrivateKey.G, myPrivateKey.Y, myPrivateKey.X)
        privateKey = &dsa.PrivateKey{}
        privateKey.Parameters = keyParameters
        privateKey.X = myPrivateKey.X
    
        return privateKey, nil
    }
    

    Maybe there was a much easier way to this all and I simply overlooked! If you know a better way please be my guest! Otherwise, I believe go should handle this kind of issues in the standard libraries.

    点赞 评论 复制链接分享