无法读取RSA密钥。

huangapple
go评论62阅读模式
英文:

Unable to Read RSA Key

问题

我需要从文件中读取一个RSA私钥来对JWT进行签名。我正在使用openssl生成私钥。在解密私钥时出现了长度过大的错误。

openssl genrsa -des3 -out jwt-private.pem 2048

func main() {

penbhytes := `-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,A30B805A7CC6454D

AOrhSmQZSXu1EjxeJzYlFy2nz6ScUPDqCXEnupExzqFsIFxT4EaJaT+PYSzjVfIq
RwVfzUxPpAUJ1Ch++s+0tKpKrCaPQdNJthMH1mYEb7WCH8wzVmU473Tlw/jKzrNm
BzVei4YT+xRi15+etlv0uuXBGcKcMDD13LQS5qfIrEJI6Eei0LGtKqL++eZDt/Nz
+5R7JP07R0BCXaK+4b+op1mpbbSuxoHTJBkSqd2Aqp4uCyNNGHmm6bBlBuItUYeK
DAGkUK0iqjUTtiCNsuSr0L288BFZj/y4t2b5gydeaZguVTFYta5TcDTHbZ+R7/yH
cx8GeijKzYsLoNfE3BIypNMBBClQJfSgumwky1couZTIh18ik8wQySvtbMo5zav+
zIRrbaGuGY3pInE5zE7k2okilgVnnjBzCQQOxwgXEp5pysRU06CmjbGtt66FvuoE
KNDhsHJJX1g8LkqivjVOo2ueBrmLItBJh5fS2gPQIVR7hFj3UcYLH/qY0sVqY7aR
Nf3g0RsUSJWWnJShdoI4zzQNFoZcaTvbbfQc45n1BBNwxmMDNGUL0xQFiioPiiSm
D1I01jQarKnBvSgWzK81XiaHkRC25Ni1vMjdZATsXpfjao0q1YPzqchdegW1N8rR
97JZQzirbxV4n0opupX7fs3Xqlnk9SVhr1nHdYMpia0MFfnhhoUiKLAlIzuGJqz6
5245JgJ2edecuZQ1SM2HrvLSnmq93b4OUafZrCo6vBZiw0EXFPA/BUfz9+PtFzH2
CQ4MAeJFs0L8bdPA5XVpyA6p8wTIgmKYT64TOFIzaBCtkJcDBnlNKrEZ/Qu7PUbq
Miz7uQSXBGOI5myEYR0GUhLGbImQz+RpkwNygunjFgBgC7IGFzUfEYpguaUloFPm
Xgc8/1C6XStluW7f8h7b/K/+U3sCpHKzJdvQz7rptuhs6wtvPVLJse1Ja8E0CnN6
7S/frRILd9Wal1sRrrZM7fRNYUXCM/3Fz72W55Vp3oKzas4ziBywUvg4LWC4R4yr
31pJms+fyjAxTX3eSuBsdLGrtWKxxri+oUYooR6oDAiVCVT9llZwXuOcaPzH7A2x
AbA+g/6t3Qx+zNZ9aMKrBTvsaRThW9AU6Dn9P2X7lyRtR/WMHf+R72vfcNfaGyu6
Komn4kXhbDdIMvEVSlAF3lSnA1KE/0B3vWEO8q2Vxp66/OCArzX21hUjJr21JT7U
7YJ6hHQOpdQoZA+2G7Gef1FTiyKYWN9c0UmAdiaKATwwZtu17/lT8oWRZfkp3sUz
tPLJ08GD91mWq3ExsjTUGWTKAQSp+SDTEJ0SFEw/CH2dhSY/q03eM4cNawVdfDEM
+50NwHzCiiddLGDASFxKbtkLXZa4xxhg5GTv2F9ObXzKPisM7ipTBC52/EvLU1vP
Rg92CUoBES2JEhS3M6f0hWdFjKMFaMsdOXKyEzytg31bSPDw0BoKV9a7LKSWhsUk
7U+gxl84sDUwEZ6jRqRnOrt9gR4FC/m3Z/Fv8KYy1dgyIO2vlprXfHAxlxRWnBAh
SfTAKja37lLgaMY84EBxsXKayMhWfGIKAb5WABjZcQcdntV2tIVtZjmZPeP/NA57
-----END RSA PRIVATE KEY-----`

//使用下面的代码解密私钥

data, _ := pem.Decode([]byte(pembytes))
privateKeyImported, err := x509.ParsePKCS1PrivateKey(data.Bytes)
if err != nil {
	fmt.Println(err)
	os.Exit(1)
}

}

出现错误,长度过大。

英文:

I need to read in an RSA private key from a file to sign a JWT. I am using the openssl to generate a private key. When decrypting the private key getting length too large error

openssl genrsa -des3 -out jwt-private.pem 2048

func main() {

  penbhytes := `-----BEGIN RSA PRIVATE KEY-----
    Proc-Type: 4,ENCRYPTED
    DEK-Info: DES-EDE3-CBC,A30B805A7CC6454D
    
    AOrhSmQZSXu1EjxeJzYlFy2nz6ScUPDqCXEnupExzqFsIFxT4EaJaT+PYSzjVfIq
    RwVfzUxPpAUJ1Ch++s+0tKpKrCaPQdNJthMH1mYEb7WCH8wzVmU473Tlw/jKzrNm
    BzVei4YT+xRi15+etlv0uuXBGcKcMDD13LQS5qfIrEJI6Eei0LGtKqL++eZDt/Nz
    +5R7JP07R0BCXaK+4b+op1mpbbSuxoHTJBkSqd2Aqp4uCyNNGHmm6bBlBuItUYeK
    DAGkUK0iqjUTtiCNsuSr0L288BFZj/y4t2b5gydeaZguVTFYta5TcDTHbZ+R7/yH
    cx8GeijKzYsLoNfE3BIypNMBBClQJfSgumwky1couZTIh18ik8wQySvtbMo5zav+
    zIRrbaGuGY3pInE5zE7k2okilgVnnjBzCQQOxwgXEp5pysRU06CmjbGtt66FvuoE
    KNDhsHJJX1g8LkqivjVOo2ueBrmLItBJh5fS2gPQIVR7hFj3UcYLH/qY0sVqY7aR
    Nf3g0RsUSJWWnJShdoI4zzQNFoZcaTvbbfQc45n1BBNwxmMDNGUL0xQFiioPiiSm
    D1I01jQarKnBvSgWzK81XiaHkRC25Ni1vMjdZATsXpfjao0q1YPzqchdegW1N8rR
    97JZQzirbxV4n0opupX7fs3Xqlnk9SVhr1nHdYMpia0MFfnhhoUiKLAlIzuGJqz6
    5245JgJ2edecuZQ1SM2HrvLSnmq93b4OUafZrCo6vBZiw0EXFPA/BUfz9+PtFzH2
    CQ4MAeJFs0L8bdPA5XVpyA6p8wTIgmKYT64TOFIzaBCtkJcDBnlNKrEZ/Qu7PUbq
    Miz7uQSXBGOI5myEYR0GUhLGbImQz+RpkwNygunjFgBgC7IGFzUfEYpguaUloFPm
    Xgc8/1C6XStluW7f8h7b/K/+U3sCpHKzJdvQz7rptuhs6wtvPVLJse1Ja8E0CnN6
    7S/frRILd9Wal1sRrrZM7fRNYUXCM/3Fz72W55Vp3oKzas4ziBywUvg4LWC4R4yr
    31pJms+fyjAxTX3eSuBsdLGrtWKxxri+oUYooR6oDAiVCVT9llZwXuOcaPzH7A2x
    AbA+g/6t3Qx+zNZ9aMKrBTvsaRThW9AU6Dn9P2X7lyRtR/WMHf+R72vfcNfaGyu6
    Komn4kXhbDdIMvEVSlAF3lSnA1KE/0B3vWEO8q2Vxp66/OCArzX21hUjJr21JT7U
    7YJ6hHQOpdQoZA+2G7Gef1FTiyKYWN9c0UmAdiaKATwwZtu17/lT8oWRZfkp3sUz
    tPLJ08GD91mWq3ExsjTUGWTKAQSp+SDTEJ0SFEw/CH2dhSY/q03eM4cNawVdfDEM
    +50NwHzCiiddLGDASFxKbtkLXZa4xxhg5GTv2F9ObXzKPisM7ipTBC52/EvLU1vP
    Rg92CUoBES2JEhS3M6f0hWdFjKMFaMsdOXKyEzytg31bSPDw0BoKV9a7LKSWhsUk
    7U+gxl84sDUwEZ6jRqRnOrt9gR4FC/m3Z/Fv8KYy1dgyIO2vlprXfHAxlxRWnBAh
    SfTAKja37lLgaMY84EBxsXKayMhWfGIKAb5WABjZcQcdntV2tIVtZjmZPeP/NA57
    -----END RSA PRIVATE KEY-----`

    //using below code to decrypt the private key

    data, _ := pem.Decode([]byte(pembytes))
    privateKeyImported, err := x509.ParsePKCS1PrivateKey(data.Bytes)
    if err != nil {
    	fmt.Println(err)
    	os.Exit(1)
    }
}

Getting error as length too large

答案1

得分: 7

密钥上标明它已加密,Proc-Type: 4,ENCRYPTED,因此您必须使用生成密钥时输入的密码先对其进行解密。

data, _ := pem.Decode([]byte(pembytes))
if data == nil {
	log.Fatalf("bad key data, not PEM-encoded?")
}

pemBytes, err := x509.DecryptPEMBlock(data, []byte("somePassword"))
if err != nil {
	log.Fatalf("failed to decrypt block: %v", err)
}

privateKeyImported, err := x509.ParsePKCS1PrivateKey(pemBytes)
if err != nil {
	log.Fatalf("failed to parse private key: %v", err)
}
英文:

The key says it's encrypted, Proc-Type: 4,ENCRYPTED so you must first decrypt it with the password you entered when generating the key.

data, _ := pem.Decode([]byte(pembytes))
if data == nil {
	log.Fatalf("bad key data, not PEM-encoded?")
}

pemBytes, err := x509.DecryptPEMBlock(data, []byte("somePassword"))
if err != nil {
	log.Fatalf("failed to decrypt block: %v", err)
}

privateKeyImported, err := x509.ParsePKCS1PrivateKey(pemBytes)
if err != nil {
	log.Fatalf("failed to parse private key: %v", err)
}

huangapple
  • 本文由 发表于 2021年6月17日 14:31:47
  • 转载请务必保留本文链接:https://go.coder-hub.com/68014090.html
  • go
  • jwe
  • jwt
  • pem
  • rsa
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定