本文整理汇总了Golang中crypto/x509.ParsePKCS8PrivateKey函数的典型用法代码示例。如果您正苦于以下问题:Golang ParsePKCS8PrivateKey函数的具体用法?Golang ParsePKCS8PrivateKey怎么用?Golang ParsePKCS8PrivateKey使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了ParsePKCS8PrivateKey函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Golang代码示例。
示例1: TestRoundTripPkcs8Ecdsa
func TestRoundTripPkcs8Ecdsa(t *testing.T) {
privateKey, err := ecdsa.GenerateKey(elliptic.P224(), rand.Reader)
if err != nil {
t.Fatalf("failed to generate a private key: %s", err)
}
bytes, err := marshalPKCS8PrivateKey(privateKey)
if err != nil {
t.Fatalf("failed to marshal private key: %s", err)
}
key, err := x509.ParsePKCS8PrivateKey(bytes)
if err != nil {
t.Fatalf("failed to parse private key: %s", err)
}
actualPrivateKey, ok := key.(*ecdsa.PrivateKey)
if !ok {
t.Fatalf("expected key to be of type *ecdsa.PrivateKey, but actual was %T", key)
}
// sanity check, not exhaustive
if actualPrivateKey.D.Cmp(privateKey.D) != 0 {
t.Errorf("private key's D did not round trip")
}
if actualPrivateKey.X.Cmp(privateKey.X) != 0 {
t.Errorf("private key's X did not round trip")
}
if actualPrivateKey.Y.Cmp(privateKey.Y) != 0 {
t.Errorf("private key's Y did not round trip")
}
if actualPrivateKey.Curve.Params().B.Cmp(privateKey.Curve.Params().B) != 0 {
t.Errorf("private key's Curve.B did not round trip")
}
}
开发者ID:boumenot,项目名称:packer,代码行数:35,代码来源:pkcs8_test.go
示例2: open
func open(keyfile string) (*rsa.PrivateKey, error) {
bytes, err := ioutil.ReadFile(keyfile)
if err != nil {
return nil, err
}
block, _ := pem.Decode(bytes)
if block == nil {
return nil, fmt.Errorf("%s: no valid PEM data found", keyfile)
} else if block.Type != "PRIVATE KEY" {
return nil, fmt.Errorf("%s: expected PRIVATE KEY, got %s", keyfile, block.Type)
}
key, err := x509.ParsePKCS8PrivateKey(block.Bytes)
if err != nil {
return nil, err
}
rsaKey, ok := key.(*rsa.PrivateKey)
if !ok {
return nil, fmt.Errorf("")
} else {
return rsaKey, nil
}
}
开发者ID:ConradIrwin,项目名称:pkcs15tool,代码行数:27,代码来源:main.go
示例3: parseRsaPrivateKey
func parseRsaPrivateKey(path string) (*rsa.PrivateKey, error) {
privateKeyData, err := ioutil.ReadFile(path)
if err != nil {
log.Fatalln("failed", err)
}
block, _ := pem.Decode(privateKeyData)
if block == nil {
panic("failed to decode a pem block from private key pem")
}
privatePkcs1Key, errPkcs1 := x509.ParsePKCS1PrivateKey(block.Bytes)
if errPkcs1 == nil {
return privatePkcs1Key, nil
}
privatePkcs8Key, errPkcs8 := x509.ParsePKCS8PrivateKey(block.Bytes)
if errPkcs8 == nil {
privatePkcs8RsaKey, ok := privatePkcs8Key.(*rsa.PrivateKey)
if !ok {
return nil, fmt.Errorf("Pkcs8 contained non-RSA key. Expected RSA key.")
}
return privatePkcs8RsaKey, nil
}
return nil, fmt.Errorf("Failed to parse private key as Pkcs#1 or Pkcs#8. (%s). (%s).", errPkcs1, errPkcs8)
}
开发者ID:colemickens,项目名称:azkube-kvbs,代码行数:27,代码来源:main.go
示例4: parseKey
func parseKey(path string) (crypto.PublicKey, error) {
buf, err := ioutil.ReadFile(path)
if err != nil {
return nil, errors.New("failed to open key file \"" + path + "\"")
}
block, _ := pem.Decode(buf)
if block.Type != "PRIVATE KEY" && strings.HasSuffix(block.Type, " PRIVATE KEY") == false {
return nil, errors.New("private key PEM does not appear to contain a private key blob")
}
der := block.Bytes
if key, err := x509.ParsePKCS1PrivateKey(der); err == nil {
return key, nil
}
if key, err := x509.ParsePKCS8PrivateKey(der); err == nil {
switch key := key.(type) {
case *rsa.PrivateKey, *ecdsa.PrivateKey:
return key, nil
default:
return nil, errors.New("crypto/tls: found unknown private key type in PKCS#8 wrapping")
}
}
if key, err := x509.ParseECPrivateKey(der); err == nil {
return key, nil
}
return nil, errors.New("failed to parse private key")
}
开发者ID:ghaskins,项目名称:go-cluster,代码行数:30,代码来源:certificate.go
示例5: ParsePrivateKeyPEM
// ParsePrivateKeyPEM parses and returns a PEM-encoded private
// key. The private key may be either an unencrypted PKCS#8, PKCS#1,
// or elliptic private key.
func ParsePrivateKeyPEM(keyPEM []byte) (key interface{}, err error) {
keyDER, _ := pem.Decode(keyPEM)
if keyDER == nil {
return nil, cferr.New(cferr.PrivateKeyError, cferr.DecodeFailed, nil)
}
if procType, ok := keyDER.Headers["Proc-Type"]; ok {
if strings.Contains(procType, "ENCRYPTED") {
return nil, cferr.New(cferr.PrivateKeyError, cferr.Encrypted, nil)
}
}
key, err = x509.ParsePKCS8PrivateKey(keyDER.Bytes)
if err != nil {
key, err = x509.ParsePKCS1PrivateKey(keyDER.Bytes)
if err != nil {
key, err = x509.ParseECPrivateKey(keyDER.Bytes)
if err != nil {
// We don't include the actual error into the final error.
// The reason might be we don't want to leak any info about
// the private key.
return nil, cferr.New(cferr.PrivateKeyError, cferr.ParseFailed, nil)
}
}
}
return
}
开发者ID:kalw,项目名称:cfssl,代码行数:28,代码来源:helpers.go
示例6: DecryptRSA
//DecryptRSA decrypt given []byte with RSA algorithm
func DecryptRSA(data []byte) []byte {
if data == nil {
return nil
}
privateKey := []byte(PrivateKey)
if !ginutil.IsProduction() {
privateKey = []byte(TestPrivateKey)
}
block, _ := pem.Decode(privateKey)
if block == nil {
return nil
}
privInterface, err := x509.ParsePKCS8PrivateKey(block.Bytes)
if err != nil {
return nil
}
priv := privInterface.(*rsa.PrivateKey)
decrypted := make([]byte, 0, len(data))
for i := 0; i < len(data); i += 128 {
if i+128 < len(data) {
partial, err1 := rsa.DecryptPKCS1v15(rand.Reader, priv, data[i:i+128])
if err1 != nil {
return nil
}
decrypted = append(decrypted, partial...)
} else {
partial, err1 := rsa.DecryptPKCS1v15(rand.Reader, priv, data[i:])
if err1 != nil {
return nil
}
decrypted = append(decrypted, partial...)
}
}
return decrypted
}
开发者ID:jameswei,项目名称:zmopenapi-sdk-golang,代码行数:36,代码来源:crypto_util.go
示例7: LoadPrivateKey
// LoadPrivateKey loads a private key from PEM/DER-encoded data.
func LoadPrivateKey(data []byte) (interface{}, error) {
input := data
block, _ := pem.Decode(data)
if block != nil {
input = block.Bytes
}
var priv interface{}
priv, err0 := x509.ParsePKCS1PrivateKey(input)
if err0 == nil {
return priv, nil
}
priv, err1 := x509.ParsePKCS8PrivateKey(input)
if err1 == nil {
return priv, nil
}
priv, err2 := x509.ParseECPrivateKey(input)
if err2 == nil {
return priv, nil
}
return nil, fmt.Errorf("square/go-jose: parse error, got '%s', '%s' and '%s'", err0, err1, err2)
}
开发者ID:CometKim,项目名称:platform,代码行数:27,代码来源:utils.go
示例8: loadKey
func loadKey(reader io.Reader) (interface{}, error) {
data, err := ioutil.ReadAll(reader)
if err != nil {
return nil, err
}
for len(data) > 0 {
var block *pem.Block
block, data = pem.Decode(data)
if block == nil {
break
}
switch block.Type {
case "RSA PRIVATE KEY":
return x509.ParsePKCS1PrivateKey(block.Bytes)
case "PRIVATE KEY":
return x509.ParsePKCS8PrivateKey(block.Bytes)
case "RSA PUBLIC KEY":
fallthrough
case "PUBLIC KEY":
return x509.ParsePKIXPublicKey(block.Bytes)
}
}
return nil, errors.New("no key found")
}
开发者ID:keyphact,项目名称:pso2-go,代码行数:31,代码来源:cipher.go
示例9: ParsePrivateKeyDER
// ParsePrivateKeyDER parses a PKCS #1, PKCS #8, or elliptic curve
// DER-encoded private key. The key must not be in PEM format.
func ParsePrivateKeyDER(keyDER []byte) (key crypto.Signer, err error) {
generalKey, err := x509.ParsePKCS8PrivateKey(keyDER)
if err != nil {
generalKey, err = x509.ParsePKCS1PrivateKey(keyDER)
if err != nil {
generalKey, err = x509.ParseECPrivateKey(keyDER)
if err != nil {
// We don't include the actual error into
// the final error. The reason might be
// we don't want to leak any info about
// the private key.
return nil, cferr.New(cferr.PrivateKeyError,
cferr.ParseFailed)
}
}
}
switch generalKey.(type) {
case *rsa.PrivateKey:
return generalKey.(*rsa.PrivateKey), nil
case *ecdsa.PrivateKey:
return generalKey.(*ecdsa.PrivateKey), nil
}
// should never reach here
return nil, cferr.New(cferr.PrivateKeyError, cferr.ParseFailed)
}
开发者ID:kisom,项目名称:cfssl,代码行数:29,代码来源:derhelpers.go
示例10: AlipayPrivateKeySign
// 通过Alipay的商户私钥进行签名
func AlipayPrivateKeySign(privateKeyStr string, content []byte) (sign string, err error) {
der, err := base64.StdEncoding.DecodeString(privateKeyStr)
if err != nil {
return
}
privatekey, err := x509.ParsePKCS8PrivateKey(der)
if err != nil {
return
}
hashType := crypto.SHA1
if !hashType.Available() {
err = errors.New("unsupport sha1")
return
}
h := hashType.New()
h.Write(content)
digest := h.Sum(nil)
_privatekey := privatekey.(*rsa.PrivateKey)
signature, err := rsa.SignPKCS1v15(rand.Reader, _privatekey, crypto.SHA1, digest)
if err != nil {
return
}
sign = base64.StdEncoding.EncodeToString(signature)
return
}
开发者ID:89hmdys,项目名称:alipay-wireless,代码行数:32,代码来源:sign.go
示例11: AddPEMKey
func (k *Keychain) AddPEMKey(privateKeyPath string) error {
var rsakey interface{}
var err error
keyContent, err := ioutil.ReadFile(privateKeyPath)
if err != nil {
return err
}
block, _ := pem.Decode([]byte(keyContent))
if block == nil {
return errors.New("no block in key")
}
rsakey, err = x509.ParsePKCS1PrivateKey(block.Bytes)
if err != nil {
rsakey, err = x509.ParsePKCS8PrivateKey(block.Bytes)
}
if err != nil {
return err
}
k.keys = append(k.keys, rsakey)
return nil
}
开发者ID:tomzhang,项目名称:golang-devops-stuff,代码行数:27,代码来源:keychain.go
示例12: ReadNextKey
/*
Reads and returns the next DER-encoded private key from r,
which may optionally be base64 encoded (PEM format)
and may be preceded by "garbage" (PEM headers).
This function takes care not to read more bytes than
necessary which allows the function to be called
multiple times on a stream of concatenated keys.
*/
func ReadNextKey(in io.Reader) (crypto.Signer, error) {
data, err := ReadNextSEQUENCE(in)
if err != nil {
return nil, err
}
key1, err1 := x509.ParseECPrivateKey(data)
key2, err2 := x509.ParsePKCS1PrivateKey(data)
key3, err3 := x509.ParsePKCS8PrivateKey(data)
if err1 == nil {
return key1, nil
}
if err2 == nil {
return key2, nil
}
if err3 != nil {
return nil, err3
}
switch key := key3.(type) {
case *rsa.PrivateKey:
return key, nil
case *ecdsa.PrivateKey:
return key, nil
}
return nil, fmt.Errorf("Unknown key type in PKCS8 container")
}
开发者ID:tomzhang,项目名称:certifidog,代码行数:33,代码来源:der.go
示例13: parseCakey
func parseCakey(cakeyfile *string) (*rsa.PrivateKey, error) {
cakeybytes, err := ioutil.ReadFile(*cakeyfile)
if err != nil {
return nil, err
}
cakeyblock, _ := pem.Decode(cakeybytes)
if cakeyblock == nil {
return nil, fmt.Errorf("Not valid CA key %s", *cakeyfile)
}
der := cakeyblock.Bytes
// Try to parse as PKCS1
cakey1, err := x509.ParsePKCS1PrivateKey(der)
if err == nil {
return cakey1, err
}
// Otherwise try PKCS8
cakey8, err := x509.ParsePKCS8PrivateKey(der)
if err != nil {
return nil, err
}
switch k := cakey8.(type) {
case *rsa.PrivateKey:
return k, nil
default:
return nil, fmt.Errorf("CA key %s not an PKCS8 RSA private key", cakeyfile)
}
}
开发者ID:securitykiss-com,项目名称:gossl,代码行数:30,代码来源:gossl.go
示例14: FuzzPKCS
func FuzzPKCS(data []byte) int {
score := 0
if k, err := x509.ParsePKCS1PrivateKey(data); err == nil {
score = 1
data1 := x509.MarshalPKCS1PrivateKey(k)
k1, err := x509.ParsePKCS1PrivateKey(data1)
if err != nil {
panic(err)
}
if !fuzz.DeepEqual(k, k1) {
panic("keys are not equal")
}
}
if k0, err := x509.ParsePKCS8PrivateKey(data); err == nil {
score = 1
if k, ok := k0.(*rsa.PrivateKey); ok {
data1 := x509.MarshalPKCS1PrivateKey(k)
k1, err := x509.ParsePKCS1PrivateKey(data1)
if err != nil {
panic(err)
}
if !fuzz.DeepEqual(k, k1) {
panic("keys are not equal")
}
}
}
return score
}
开发者ID:sjn1978,项目名称:go-fuzz,代码行数:28,代码来源:main.go
示例15: SignRSA
//SignWithRSA sign given encrypted data with RSA algorithm
func SignRSA(raw []byte, algorithm crypto.Hash) []byte {
if raw == nil {
return nil
}
privateKey := []byte(PrivateKey)
if !ginutil.IsProduction() {
privateKey = []byte(TestPrivateKey)
}
block, _ := pem.Decode(privateKey)
if block == nil {
return nil
}
privInterface, err := x509.ParsePKCS8PrivateKey(block.Bytes)
if err != nil {
return nil
}
priv := privInterface.(*rsa.PrivateKey)
var data []byte
if algorithm == crypto.SHA1 {
data = EncryptSHA(raw)
} else {
data = EncryptMD5(EncryptSHA(raw))
}
signed, err := rsa.SignPKCS1v15(rand.Reader, priv, algorithm, data)
if err != nil {
return nil
}
return signed
}
开发者ID:jameswei,项目名称:zmopenapi-sdk-golang,代码行数:30,代码来源:crypto_util.go
示例16: NewGCS
func NewGCS(name string, info map[string]string) (Backend, error) {
b := &gcsBackend{
name: name,
bucketName: info["bucket"],
}
keyJSON := []byte(info["key"])
if b.bucketName == "" {
return nil, fmt.Errorf("blobstore: missing Google Cloud Storage bucket param for %s", name)
}
if len(keyJSON) == 0 {
return nil, fmt.Errorf("blobstore: missing Google Cloud Storage key JSON param for %s", name)
}
jwtToken, err := google.JWTConfigFromJSON(keyJSON, "https://www.googleapis.com/auth/devstorage.read_write")
if err != nil {
return nil, fmt.Errorf("blobstore: error loading Google Cloud Storage JSON key: %s", err)
}
tokenSource := jwtToken.TokenSource(context.Background())
// Test getting an OAuth token so we can disambiguate an issue with the
// token and an issue with the bucket permissions below.
if _, err := tokenSource.Token(); err != nil {
return nil, fmt.Errorf("blobstore: error getting Google Cloud Storage OAuth token: %s", err)
}
pemBlock, _ := pem.Decode(jwtToken.PrivateKey)
privateKey, err := x509.ParsePKCS8PrivateKey(pemBlock.Bytes)
if err != nil {
return nil, fmt.Errorf("blobstore: error decoding Google Cloud Storage private key: %s", err)
}
rsaPrivateKey, ok := privateKey.(*rsa.PrivateKey)
if !ok {
return nil, fmt.Errorf("blobstore: unexpected Google Cloud Storage key type: %T", privateKey)
}
b.signOpts = func() *storage.SignedURLOptions {
return &storage.SignedURLOptions{
GoogleAccessID: jwtToken.Email,
SignBytes: func(b []byte) ([]byte, error) {
digest := sha256.Sum256(b)
return rsa.SignPKCS1v15(rand.Reader, rsaPrivateKey, crypto.SHA256, digest[:])
},
Method: "GET",
Expires: time.Now().Add(10 * time.Minute),
}
}
client, err := storage.NewClient(context.Background(), option.WithTokenSource(tokenSource))
if err != nil {
return nil, fmt.Errorf("blobstore: error creating Google Cloud Storage client: %s", err)
}
b.bucket = client.Bucket(b.bucketName)
_, err = b.bucket.Attrs(context.Background())
if err != nil {
return nil, fmt.Errorf("blobstore: error checking Google Cloud Storage bucket %q existence, ensure that it exists and Owner access for %s is included the bucket ACL: %q", b.bucketName, jwtToken.Email, err)
}
return b, nil
}
开发者ID:ably-forks,项目名称:flynn,代码行数:59,代码来源:gcs.go
示例17: X509KeyPair
// X509KeyPair parses a public/private key pair from a pair of
// PEM encoded data.
func X509KeyPair(certPEMBlock, keyPEMBlock []byte) (cert Certificate, err error) {
var certDERBlock *pem.Block
for {
certDERBlock, certPEMBlock = pem.Decode(certPEMBlock)
if certDERBlock == nil {
break
}
if certDERBlock.Type == "CERTIFICATE" {
cert.Certificate = append(cert.Certificate, certDERBlock.Bytes)
}
}
if len(cert.Certificate) == 0 {
err = errors.New("crypto/tls: failed to parse certificate PEM data")
return
}
keyDERBlock, _ := pem.Decode(keyPEMBlock)
if keyDERBlock == nil {
err = errors.New("crypto/tls: failed to parse key PEM data")
return
}
// OpenSSL 0.9.8 generates PKCS#1 private keys by default, while
// OpenSSL 1.0.0 generates PKCS#8 keys. We try both.
var key *rsa.PrivateKey
if key, err = x509.ParsePKCS1PrivateKey(keyDERBlock.Bytes); err != nil {
var privKey interface{}
if privKey, err = x509.ParsePKCS8PrivateKey(keyDERBlock.Bytes); err != nil {
err = errors.New("crypto/tls: failed to parse key: " + err.Error())
return
}
var ok bool
if key, ok = privKey.(*rsa.PrivateKey); !ok {
err = errors.New("crypto/tls: found non-RSA private key in PKCS#8 wrapping")
return
}
}
cert.PrivateKey = key
// We don't need to parse the public key for TLS, but we so do anyway
// to check that it looks sane and matches the private key.
x509Cert, err := x509.ParseCertificate(cert.Certificate[0])
if err != nil {
return
}
if x509Cert.PublicKeyAlgorithm != x509.RSA || x509Cert.PublicKey.(*rsa.PublicKey).N.Cmp(key.PublicKey.N) != 0 {
err = errors.New("crypto/tls: private key does not match public key")
return
}
return
}
开发者ID:khia,项目名称:httpcache,代码行数:58,代码来源:tls.go
示例18: parsePKCSPrivateKey
// parsePKCSPrivateKey attempts to decode a RSA private key first using PKCS1
// encoding, and then PKCS8 encoding.
func parsePKCSPrivateKey(buf []byte) (interface{}, error) {
// attempt PKCS1 parsing
key, err := x509.ParsePKCS1PrivateKey(buf)
if err != nil {
// attempt PKCS8 parsing
return x509.ParsePKCS8PrivateKey(buf)
}
return key, nil
}
开发者ID:knq,项目名称:pemutil,代码行数:12,代码来源:pemutil.go
示例19: parsePKCS8PrivateKey
// parsePKCS8PrivateKey parses the provided private key in the PKCS#8 format.
func parsePKCS8PrivateKey(data []byte) (*ecdsa.PrivateKey, error) {
key, err := x509.ParsePKCS8PrivateKey(data)
if err != nil {
return nil, err
}
eckey, ok := key.(*ecdsa.PrivateKey)
if !ok {
return nil, fmt.Errorf("not an ECDSA private key")
}
return eckey, nil
}
开发者ID:vanadium,项目名称:go.jni,代码行数:12,代码来源:crypto_util.go
示例20: ParsePKCS8Key
func ParsePKCS8Key(publicKey, privateKey []byte) (Key, error) {
puk, err := x509.ParsePKIXPublicKey(publicKey)
if err != nil {
return nil, err
}
prk, err := x509.ParsePKCS8PrivateKey(privateKey)
if err != nil {
return nil, err
}
return &key{publicKey: puk.(*rsa.PublicKey), privateKey: prk.(*rsa.PrivateKey)}, nil
}
开发者ID:89hmdys,项目名称:toast,代码行数:12,代码来源:key.go
注:本文中的crypto/x509.ParsePKCS8PrivateKey函数示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论