如何在Go中使用RSA密钥加密和解密明文文本?

huangapple go评论90阅读模式
英文:

How to encrypt and decrypt plain text with a RSA keys in Go?

问题

我正在尝试编写一个实用程序,使用RSA密钥对加密和解密纯文本文件。RSA密钥是使用ssh-keygen生成的,并存储在.ssh中,与通常情况相同。

我在使用Go语言的crypto和crypto/rsa包时遇到了一些困难。这些包的文档有点稀少(因为我对加密还不熟悉),而且示例很少。我查看了rsa_test.go文件,希望能找到一些线索,但只让我更加困惑。

简而言之,我想从.ssh中的id_rsa和id_rsa.pub文件中加载公钥/私钥对,并使用它们来加密/解密纯文本文件。

提前谢谢!

英文:

I am trying to write a utility program which encrypts and decrypts plain text files using a RSA key pair. The RSA keys were generated with ssh-keygen and are stored in .ssh, as usual.

I am having trouble understanding how to do that with the Go language crypto and crypto/rsa packages? The documentation on those is a little sparse (even more so because I am new to encryption) and there are very few examples. I checked the rsa_test.go file for any clues, but it only confused me more.

In short I am trying to load the public/private key pair from the id_rsa and id_rsa.pub files in .ssh and use them to encrypt/decrypt a plain text file.

Thank you in advance!

答案1

得分: 21

请注意,RSA不是设计成块密码的。通常情况下,RSA用于加密一个对称密钥,然后使用该密钥来加密数据。然而,下面是一个可以使用RSA私钥加密数据并可以自行解密的程序:

package main

import (
    "crypto/rand"
    "crypto/rsa"
    "crypto/sha1"
    "crypto/x509"
    "encoding/pem"
    "flag"
    "io/ioutil"
    "log"
)

// 命令行标志
var (
    keyFile = flag.String("key", "id_rsa", "RSA私钥文件路径")
    inFile  = flag.String("in", "in.txt", "输入文件路径")
    outFile = flag.String("out", "out.txt", "输出文件路径")
    label   = flag.String("label", "", "要使用的标签(默认为文件名)")
    decrypt = flag.Bool("decrypt", false, "解密而不是加密")
)

func main() {
    flag.Parse()

    // 读取输入文件
    in, err := ioutil.ReadFile(*inFile)
    if err != nil {
        log.Fatalf("输入文件:%s", err)
    }

    // 读取私钥
    pemData, err := ioutil.ReadFile(*keyFile)
    if err != nil {
        log.Fatalf("读取密钥文件:%s", err)
    }

    // 提取PEM编码的数据块
    block, _ := pem.Decode(pemData)
    if block == nil {
        log.Fatalf("密钥数据有误:%s", "非PEM编码")
    }
    if got, want := block.Type, "RSA PRIVATE KEY"; got != want {
        log.Fatalf("未知密钥类型 %q,期望 %q", got, want)
    }

    // 解码RSA私钥
    priv, err := x509.ParsePKCS1PrivateKey(block.Bytes)
    if err != nil {
        log.Fatalf("私钥有误:%s", err)
    }

    var out []byte
    if *decrypt {
        if *label == "" {
            *label = *outFile
        }
        // 解密数据
        out, err = rsa.DecryptOAEP(sha1.New(), rand.Reader, priv, in, []byte(*label))
        if err != nil {
            log.Fatalf("解密:%s", err)
        }
    } else {
        if *label == "" {
            *label = *inFile
        }
        out, err = rsa.EncryptOAEP(sha1.New(), rand.Reader, &priv.PublicKey, in, []byte(*label))
        if err != nil {
            log.Fatalf("加密:%s", err)
        }
    }

    // 将数据写入输出文件
    if err := ioutil.WriteFile(*outFile, out, 0600); err != nil {
        log.Fatalf("写入输出:%s", err)
    }
}
英文:

Keep in mind that RSA is not designed to be a block cipher. Usually RSA is used to encrypt a symmetric key that is then used to encrypt the data. With that in mind, however, here is a program which can use an RSA private key to encrypt data that can be decrypted by itself:

package main

import (
    "crypto/rand"
    "crypto/rsa"
    "crypto/sha1"
    "crypto/x509"
    "encoding/pem"
    "flag"
    "io/ioutil"
    "log"
)

// Command-line flags
var (
    keyFile = flag.String("key", "id_rsa", "Path to RSA private key")
    inFile  = flag.String("in", "in.txt", "Path to input file")
    outFile = flag.String("out", "out.txt", "Path to output file")
    label   = flag.String("label", "", "Label to use (filename by default)")
    decrypt = flag.Bool("decrypt", false, "Decrypt instead of encrypting")
)

func main() {
    flag.Parse()

    // Read the input file
    in, err := ioutil.ReadFile(*inFile)
    if err != nil {
        log.Fatalf("input file: %s", err)
    }

    // Read the private key
    pemData, err := ioutil.ReadFile(*keyFile)
    if err != nil {
        log.Fatalf("read key file: %s", err)
    }

    // Extract the PEM-encoded data block
    block, _ := pem.Decode(pemData)
    if block == nil {
        log.Fatalf("bad key data: %s", "not PEM-encoded")
    }
    if got, want := block.Type, "RSA PRIVATE KEY"; got != want {
        log.Fatalf("unknown key type %q, want %q", got, want)
    }

    // Decode the RSA private key
    priv, err := x509.ParsePKCS1PrivateKey(block.Bytes)
    if err != nil {
        log.Fatalf("bad private key: %s", err)
    }

    var out []byte
    if *decrypt {
        if *label == "" {
            *label = *outFile
        }
        // Decrypt the data
        out, err = rsa.DecryptOAEP(sha1.New(), rand.Reader, priv, in, []byte(*label))
        if err != nil {
            log.Fatalf("decrypt: %s", err)
        }
    } else {
        if *label == "" {
            *label = *inFile
        }
        out, err = rsa.EncryptOAEP(sha1.New(), rand.Reader, &priv.PublicKey, in, []byte(*label))
        if err != nil {
            log.Fatalf("encrypt: %s", err)
        }
    }

    // Write data to output file
    if err := ioutil.WriteFile(*outFile, out, 0600); err != nil {
        log.Fatalf("write output: %s", err)
    }
}

huangapple
  • 本文由 发表于 2013年1月19日 01:56:12
  • 转载请务必保留本文链接:https://go.coder-hub.com/14404757.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定