golang 如何获取pem格式RSA公私钥长度
因在做license注册机制当中,有对根据本地RSApem密钥文件判断出RSA的公私密钥长度的需求(即:根据pem内容判断出RSA密钥是1024位或者2048位,或者其他位数等),因此个人通过思考,摸索整理出一个方法,予以记录,备用,分享。
packagemain
import(
"crypto/rsa"
"crypto/x509"
"encoding/pem"
"errors"
"fmt"
"io/ioutil"
"os"
)
//全局变量
varprivateKey,publicKey[]byte
funcinit(){
varerrerror
publicKey,err=ioutil.ReadFile("public.pem")
iferr!=nil{
os.Exit(-1)
}
privateKey,err=ioutil.ReadFile("private.pem")
iferr!=nil{
os.Exit(-1)
}
}
/**
*@brief获取RSA公钥长度
*@param[in]PubKey RSA公钥
*@return成功返回RSA公钥长度,失败返回error 错误信息
*/
funcGetPubKeyLen(PubKey[]byte)(int,error){
ifPubKey==nil{
return0,errors.New("inputargumentserror")
}
block,_:=pem.Decode(PubKey)
ifblock==nil{
return0,errors.New("publicrsaKeyerror")
}
pubInterface,err:=x509.ParsePKIXPublicKey(block.Bytes)
iferr!=nil{
return0,err
}
pub:=pubInterface.(*rsa.PublicKey)
returnpub.N.BitLen(),nil
}
/**
*@brief获取RSA私钥长度
*@param[in]PriKey RSA私钥
*@return成功返回RSA私钥长度,失败返回error 错误信息
*/
funcGetPriKeyLen(PriKey[]byte)(int,error){
ifPriKey==nil{
return0,errors.New("inputargumentserror")
}
block,_:=pem.Decode(PriKey)
ifblock==nil{
return0,errors.New("privatersaKeyerror!")
}
priv,err:=x509.ParsePKCS1PrivateKey(block.Bytes)
iferr!=nil{
return0,err
}
returnpriv.N.BitLen(),nil
}
funcmain(){
//获取rsa公钥长度
PubKeyLen,_:=GetPubKeyLen(publicKey)
fmt.Println("pbulickeylenis",PubKeyLen)
//获取rsa私钥长度
PriKeyLen,_:=GetPriKeyLen(privateKey)
fmt.Println("privatekeylenis",PriKeyLen)
}
附录:以下程序是产生RSA公私密钥的程序,附件,方便测试。
packagemain
import(
"crypto/rand"
"crypto/rsa"
"crypto/x509"
"encoding/pem"
"flag"
"log"
"os"
)
funcmain(){
varbitsint
flag.IntVar(&bits,"b",1024,"密钥长度,默认为1024位")
flag.Parse()
iferr:=GenRsaKey(bits);err!=nil{
log.Fatal("密钥文件生成失败!")
}
log.Println("密钥文件生成成功!")
}
funcGenRsaKey(bitsint)error{
//生成私钥文件
privateKey,err:=rsa.GenerateKey(rand.Reader,bits)
iferr!=nil{
returnerr
}
derStream:=x509.MarshalPKCS1PrivateKey(privateKey)
block:=&pem.Block{
Type:"私钥",
Bytes:derStream,
}
file,err:=os.Create("private.pem")
iferr!=nil{
returnerr
}
err=pem.Encode(file,block)
iferr!=nil{
returnerr
}
//生成公钥文件
publicKey:=&privateKey.PublicKey
derPkix,err:=x509.MarshalPKIXPublicKey(publicKey)
iferr!=nil{
returnerr
}
block=&pem.Block{
Type:"公钥",
Bytes:derPkix,
}
file,err=os.Create("public.pem")
iferr!=nil{
returnerr
}
err=pem.Encode(file,block)
iferr!=nil{
returnerr
}
returnnil
}
补充:golang使用RSA生成公私钥,加密,解密,并使用SHA256进行签名,验证
话不多说直接上代码:
packagemain
import(
"crypto"
"crypto/rand"
"crypto/rsa"
"crypto/sha256"
"crypto/x509"
"encoding/hex"
"encoding/pem"
"errors"
"fmt"
)
funcmain(){
//rsa密钥文件产生
fmt.Println("-------------------------------获取RSA公私钥-----------------------------------------")
prvKey,pubKey:=GenRsaKey()
fmt.Println(string(prvKey))
fmt.Println(string(pubKey))
fmt.Println("-------------------------------进行签名与验证操作-----------------------------------------")
vardata="卧了个槽,这么神奇的吗??!!!ԅ(¯﹃¯ԅ)!!!!!!)"
fmt.Println("对消息进行签名操作...")
signData:=RsaSignWithSha256([]byte(data),prvKey)
fmt.Println("消息的签名信息:",hex.EncodeToString(signData))
fmt.Println("\n对签名信息进行验证...")
ifRsaVerySignWithSha256([]byte(data),signData,pubKey){
fmt.Println("签名信息验证成功,确定是正确私钥签名!!")
}
fmt.Println("-------------------------------进行加密解密操作-----------------------------------------")
ciphertext:=RsaEncrypt([]byte(data),pubKey)
fmt.Println("公钥加密后的数据:",hex.EncodeToString(ciphertext))
sourceData:=RsaDecrypt(ciphertext,prvKey)
fmt.Println("私钥解密后的数据:",string(sourceData))
}
//RSA公钥私钥产生
funcGenRsaKey()(prvkey,pubkey[]byte){
//生成私钥文件
privateKey,err:=rsa.GenerateKey(rand.Reader,1024)
iferr!=nil{
panic(err)
}
derStream:=x509.MarshalPKCS1PrivateKey(privateKey)
block:=&pem.Block{
Type:"RSAPRIVATEKEY",
Bytes:derStream,
}
prvkey=pem.EncodeToMemory(block)
publicKey:=&privateKey.PublicKey
derPkix,err:=x509.MarshalPKIXPublicKey(publicKey)
iferr!=nil{
panic(err)
}
block=&pem.Block{
Type:"PUBLICKEY",
Bytes:derPkix,
}
pubkey=pem.EncodeToMemory(block)
return
}
//签名
funcRsaSignWithSha256(data[]byte,keyBytes[]byte)[]byte{
h:=sha256.New()
h.Write(data)
hashed:=h.Sum(nil)
block,_:=pem.Decode(keyBytes)
ifblock==nil{
panic(errors.New("privatekeyerror"))
}
privateKey,err:=x509.ParsePKCS1PrivateKey(block.Bytes)
iferr!=nil{
fmt.Println("ParsePKCS8PrivateKeyerr",err)
panic(err)
}
signature,err:=rsa.SignPKCS1v15(rand.Reader,privateKey,crypto.SHA256,hashed)
iferr!=nil{
fmt.Printf("Errorfromsigning:%s\n",err)
panic(err)
}
returnsignature
}
//验证
funcRsaVerySignWithSha256(data,signData,keyBytes[]byte)bool{
block,_:=pem.Decode(keyBytes)
ifblock==nil{
panic(errors.New("publickeyerror"))
}
pubKey,err:=x509.ParsePKIXPublicKey(block.Bytes)
iferr!=nil{
panic(err)
}
hashed:=sha256.Sum256(data)
err=rsa.VerifyPKCS1v15(pubKey.(*rsa.PublicKey),crypto.SHA256,hashed[:],signData)
iferr!=nil{
panic(err)
}
returntrue
}
//公钥加密
funcRsaEncrypt(data,keyBytes[]byte)[]byte{
//解密pem格式的公钥
block,_:=pem.Decode(keyBytes)
ifblock==nil{
panic(errors.New("publickeyerror"))
}
//解析公钥
pubInterface,err:=x509.ParsePKIXPublicKey(block.Bytes)
iferr!=nil{
panic(err)
}
//类型断言
pub:=pubInterface.(*rsa.PublicKey)
//加密
ciphertext,err:=rsa.EncryptPKCS1v15(rand.Reader,pub,data)
iferr!=nil{
panic(err)
}
returnciphertext
}
//私钥解密
funcRsaDecrypt(ciphertext,keyBytes[]byte)[]byte{
//获取私钥
block,_:=pem.Decode(keyBytes)
ifblock==nil{
panic(errors.New("privatekeyerror!"))
}
//解析PKCS1格式的私钥
priv,err:=x509.ParsePKCS1PrivateKey(block.Bytes)
iferr!=nil{
panic(err)
}
//解密
data,err:=rsa.DecryptPKCS1v15(rand.Reader,priv,ciphertext)
iferr!=nil{
panic(err)
}
returndata
}
运行结果:
-------------------------------获取RSA公私钥----------------------------------------- -----BEGINRSAPRIVATEKEY----- MIICXAIBAAKBgQCgPwlGJrWqTYaoMkI8jXkEI8ewQ7E57G2Fi91WTXMMK7X6GsT9 VmnRcq++Rk/VS+4IPBlfWyVRg0NfQDyuKjed21fUPa9AIbpYWHgP/tojyeYC1+Ra Xncrt9kLp7nW4FZMJmzwU9hfxIB0nhDQqhJenjdBZuYZfkICfMqyqbVkAwIDAQAB AoGAJRcSDXOuPrHdBhdD74ILTaL+eFTis3Z+zxdVbsFUbK+9WhtSFxUmPv1dohvi JIuDl9JZSRHurFRGhsh2gxVwc7JXwWfD0DmD8dvdzr8q85Jml9YVZ7uhHFqSO4cY I7dlBOd7Uwjnc39E/d+1E/kWVNfKt7opPHgt02zOHLSxkbECQQDS7H3myu3oLOi0 Slpd1MmmHVOo2cqJ1b3H6E8JtEjmHGswWTYvQNAe4yZ+Kffsp5LUYujedncPKvEj 4G+iz44bAkEAwn4Bx30FKTri/tybgSnCWKwTGSX479829Xucrm5pYU/3D5/PeJQL Ra4YSyg2/hU3ZBrue6CdzYJgGXNGEWhAOQJBALMlOB4A96X+FruidzRA2fBj8j10 lakSSHl1H0RfwpbnRkcvTm0+AEZrqbL4lGGFRplrVNw2BBN25o8RPeArp0cCQEhu kw0PI1fqhVUzJXqh6a4KT4aDHMWAlMAxi/VuSzKhjDo2Yxbd06DcqFF9JZXUou9W FFDYTUyW7GEuC/85mwkCQCOEjUQX0C3JCSr6fyZIjpEr+znyc9eFHyBp+533Ur4g eFu2ewJ3ufJiUBmEj1rEQku8W7h9DS2rXl10IiSwUAA= -----ENDRSAPRIVATEKEY----- -----BEGINPUBLICKEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCgPwlGJrWqTYaoMkI8jXkEI8ew Q7E57G2Fi91WTXMMK7X6GsT9VmnRcq++Rk/VS+4IPBlfWyVRg0NfQDyuKjed21fU Pa9AIbpYWHgP/tojyeYC1+RaXncrt9kLp7nW4FZMJmzwU9hfxIB0nhDQqhJenjdB ZuYZfkICfMqyqbVkAwIDAQAB -----ENDPUBLICKEY----- -------------------------------进行签名与验证操作----------------------------------------- 对消息进行签名操作... 消息的签名信息:24a29efbc27e7b84c3b0eed683af28915381b2a0312f5383143cd2006b804d3a16c2b4750fb1857445b46664b795b6cefd402c5cf25e0f28116b7b50f5c16e80af9f9481def0161c6dac7a5d05c56595b891d84091e444ef4012ba1a0efd5cd2ff17c6dfdc109a2a3349ae2523217706a03042ea16d84fcf7d3dae37ee36d2e8 对签名信息进行验证... 签名信息验证成功,确定是正确私钥签名!! -------------------------------进行加密解密操作----------------------------------------- 公钥加密后的数据:2b34d46a62317f4f5e5c8618671831c0970cef2eeddc0d3aca02e1d5b411a067844e1250a1f69cbb1cbcb0cb1964af85836faa346f9ce9fac2710d4fa18e49ee1c4c73496183952fa95a54dd2d633b115504f0a365bac6d022399059a53f51c474e5e4f0f8eefde61bb85d5d812b67114f5d419c33496acaf11d3d84828733f7 私钥解密后的数据:卧了个槽,这么神奇的吗??!!!ԅ(¯﹃¯ԅ)!!!!!!)
以上为个人经验,希望能给大家一个参考,也希望大家多多支持毛票票。如有错误或未考虑完全的地方,望不吝赐教。