I have to translate PHP code to Golang and I encoutered this problem.
1条回答 默认 最新
- douzhan8652 2018-05-22 11:39关注
Of course Go can load x509 private keys, but there is no "do-what-I-want" function, such as openssl_pkey_get_private.
After PEM decoding the key (and possibly decrypting it), use one of the Parse*PrivateKey functions in the x509 package:
package main import ( "crypto" "crypto/x509" "encoding/pem" "fmt" "io/ioutil" "log" "strings" ) func main() { pemBytes, err := ioutil.ReadFile("sample.key.pem") check(err) block := firstPrivateKey(pemBytes) if block == nil { log.Fatal("No private key in input") } derBytes := block.Bytes if x509.IsEncryptedPEMBlock(block) { derBytes, err = x509.DecryptPEMBlock(block, []byte("password")) check(err) } var key crypto.PrivateKey switch block.Type { case "RSA PRIVATE KEY": key, err = x509.ParsePKCS1PrivateKey(derBytes) // or PKCS8 check(err) case "EC PRIVATE KEY": key, err = x509.ParseECPrivateKey(derBytes) check(err) default: log.Fatal("Unsupported key type") } fmt.Println(key) } func firstPrivateKey(pemBytes []byte) *pem.Block { var block *pem.Block for len(pemBytes) > 0 { block, pemBytes = pem.Decode(pemBytes) if strings.HasSuffix(block.Type, " PRIVATE KEY") { return block } } return nil } func check(err error) { if err != nil { log.Fatal(err) } }
本回答被题主选为最佳回答 , 对您是否有帮助呢?解决 无用评论 打赏 举报