函数x509.ParsePKCS8PrivateKey返回rsa.privateKey。但无法在encryptPKCS1v15函数中使用。

huangapple go评论127阅读模式
英文:

the function x509.ParsePKCS8PrivateKey return rsa.privateKey. But can't use in the encryptPKCS1v15 function

问题

const strPrivateKey = "30820b82020100300d06092a864886f70d010101050004820b6c30820b680201000282028100acfc585f43ca36ec2dddc518b5c7d1303b658faec58b634aff16ce4b7930b93a23517f8d9c8a260f4e2eb44b01da5b6588fefe63acb68c15677"

decoded, err := hex.DecodeString(strPrivateKey)
if err != nil {
    return ""
}
privateKey, err := x509.ParsePKCS8PrivateKey(decoded)
if err != nil {
    return ""
}

encypt, err := rsa.EncryptPKCS1v15(rand.Reader, &privateKey.PublicKey, data)
if err != nil {
    fmt.Println(err)
    return ""
}
privateKey.PublicKey未定义(类型any没有PublicKey字段或方法)
英文:
const strPrivateKey = "30820b82020100300d06092a864886f70d010101050004820b6c30820b680201000282028100acfc585f43ca36ec2dddc518b5c7d1303b658faec58b634aff16ce4b7930b93a23517f8d9c8a260f4e2eb44b01da5b6588fefe63acb68c15677"

decoded, err := hex.DecodeString(strPrivateKey)
if err != nil {
    return ""
}
privateKey, err := x509.ParsePKCS8PrivateKey(decoded)
if err != nil {
    return ""
}

encypt, err := rsa.EncryptPKCS1v15(rand.Reader, &privateKey.PublicKey, data)
if err != nil {
    fmt.Println(err)
    return ""
}

privateKey.PublicKey undefined (type any has no field or method PublicKey)

答案1

得分: 1

根据文档(https://pkg.go.dev/crypto/x509@go1.19.3#ParsePKCS8PrivateKey):

func ParsePKCS8PrivateKey(der []byte) (key any, err error)

...
它返回一个*rsa.PrivateKey、一个*ecdsa.PrivateKey或一个ed25519.PrivateKey。将来可能支持更多类型。

你应该使用type assertion来检查密钥的类型:

switch privateKey := privateKey.(type) {
case *rsa.PrivateKey:
	// ...
case *ecdsa.PrivateKey:
	// ...
case ed25519.PrivateKey:
	// ...
default:
	panic("unknown key")
}

由于rsa.EncryptPKCS1v15期望一个*rsa.PublicKey,你的代码可以这样写:

if privateKey, ok := privateKey.(*rsa.PrivateKey); ok {
	encypt, err := rsa.EncryptPKCS1v15(rand.Reader, &privateKey.PublicKey, data)
}

顺便说一下,提供的strPrivateKey是无效的(encoding/hex: odd length hex string)。你可以从https://github.com/golang/go/blob/1c05968c9a5d6432fc6f30196528f8f37287dd3d/src/crypto/x509/pkcs8_test.go#L52-L124获取一些有效的私钥。

英文:

According to the doc (https://pkg.go.dev/crypto/x509@go1.19.3#ParsePKCS8PrivateKey):

> func ParsePKCS8PrivateKey(der []byte) (key any, err error)
>
> ...
> It returns a *rsa.PrivateKey, a *ecdsa.PrivateKey, or a ed25519.PrivateKey. More types might be supported in the future.

You should use type assertion to check the type of the key:

switch privateKey := privateKey.(type) {
case *rsa.PrivateKey:
	// ...
case *ecdsa.PrivateKey:
	// ...
case ed25519.PrivateKey:
	// ...
default:
	panic("unknown key")
}

Since rsa.EncryptPKCS1v15 expects a *rsa.PublicKey, your code can be written like this:

if privateKey, ok := privateKey.(*rsa.PrivateKey); ok {
	encypt, err := rsa.EncryptPKCS1v15(rand.Reader, &privateKey.PublicKey, data)
}

BTW, the provided strPrivateKey is invalid (encoding/hex: odd length hex string). You can get some valid private keys from https://github.com/golang/go/blob/1c05968c9a5d6432fc6f30196528f8f37287dd3d/src/crypto/x509/pkcs8_test.go#L52-L124

答案2

得分: 0

*正确答案。我解析了privateKey.(rsa.PrivateKey)

decodedString, err := hex.DecodeString(utility.StrPrivateKey)
if err != nil {
    return err
}
pkcs8PrivateKey, err := x509.ParsePKCS8PrivateKey(decodedString)
if err != nil {
    return err
}
privateKey := pkcs8PrivateKey.(*rsa.PrivateKey)
英文:

*correct answer. I resolved privateKey.(rsa.PrivateKey)

decodedString, err := hex.DecodeString(utility.StrPrivateKey)
if err != nil {
    return err
}
pkcs8PrivateKey, err := x509.ParsePKCS8PrivateKey(decodedString)
if err != nil {
    return err
}
privateKey := pkcs8PrivateKey.(*rsa.PrivateKey)

huangapple
  • 本文由 发表于 2022年11月7日 14:50:30
  • 转载请务必保留本文链接:https://go.coder-hub.com/74342889.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定