Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How create rsa private key with passphrase in golang [closed]

Tags:

cryptography

go

rsa

How to create RSA private key with passphrase in Go?

I read the documentation for the crypto package but I was unable to piece together a solution from it.

like image 797
Miol Avatar asked May 19 '16 07:05

Miol

People also ask

How do I use a passphrase as a private key?

A passphrase is a word or phrase that protects private key files. It prevents unauthorized users from encrypting them. Usually it's just the secret encryption/decryption key used for Ciphers. To change the passphrase you simply have to read it with the old pass-phrase and write it again, specifying the new pass-phrase.

What is passphrase in RSA private key?

The passphrase is just a key used to encrypt the file that contains the RSA key, using a symmetric cipher (usually DES or 3DES). In order to use the key for public-key encryption, you first need to decrypt its file using the decryption key. ssh does this automatically by asking your for the passphrase.

Do I need a passphrase for ssh key?

SSH uses private/public key pairs to protect your communication with the server. SSH passphrases protect your private key from being used by someone who doesn't know the passphrase. Without a passphrase, anyone who gains access to your computer has the potential to copy your private key.

1 Answers

First step, generate a private key. Second step, convert it to PEM format. Third step, encrypt the PEM.

All can be done using Golang's standard library, which is very complete. The code is nothing difficult so I put it here. All there is to it is to know which functions to use.

import (
    "crypto/rand"
    "crypto/rsa"
    "crypto/x509"
    "encoding/pem"
)

func PrivateKeyToEncryptedPEM(bits int, pwd string) ([]byte, error) {
    // Generate the key of length bits
    key, err := rsa.GenerateKey(rand.Reader, bits)
    if err != nil {
        return nil, err
    }

    // Convert it to pem
    block := &pem.Block{
        Type:  "RSA PRIVATE KEY",
        Bytes: x509.MarshalPKCS1PrivateKey(key),
    }

    // Encrypt the pem
    if pwd != "" {
        block, err = x509.EncryptPEMBlock(rand.Reader, block.Type, block.Bytes, []byte(pwd), x509.PEMCipherAES256)
        if err != nil {
            return nil, err
        }
    }

    return pem.EncodeToMemory(block), nil
}
like image 142
T. Claverie Avatar answered Sep 20 '22 05:09

T. Claverie
Sign in to Comment

Related questions

Golang declaring variables as NULLs
Detect if JSON file has field
How to create a three-dimensional array in Golang
Go / golang - does it have equivalent of python "pip install" to install packages?
How to compare 2 functions in Go?
Convert UTC string to time object
Reading content from http.Get in Golang
Go lang access denied
Converting all snake_case keys in a json to camelCase keys
Golang: forever channel
How to know if goroutine still exist?
How to run golang-migrate with docker-compose?
Golang: what is atomic read used for?
Silence user input in Scan function
How to compare two string values in Go in a case insensitive manner?
Does gorm.Open() create a new connection pool every time it's called?
GO - net/http - how to get request string and method
How to access flags outside of main package?
How do I package a Go program so that it is self sufficient?
Get All keys From redis in go

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!