stackoom
  简体   繁体   中英

Parse curve25519 keys generated using openssl in Go

 原文  2019-10-01 19:50:41       go/ openssl/ curve-25519

Question

Using OpenSSL version 1.1 and or later, I'm able to generate a curve25519 key:

openssl genpkey -algorithm x25519

This produces a private key of the form:

-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VuBCIEIDgk3GuFMIaUJd3m95jn/Z8oU+cK9FzPoidIDn/bqRlk
-----END PRIVATE KEY-----

I want to parse this key file in Go and potentially use it using golang.org/x/crypto/nacl/box . Looking at crypto/x509 documentation, I can't find a parsing function that parses curve25519. Anyone have an idea?

I tried:

pKey := `-----BEGIN PUBLIC KEY-----
MCowBQYDK2VuAyEAfLLsWKkI/7EmTOkSf4fyHuRHDnKk6qNncWDzV8jlIUU=
-----END PUBLIC KEY-----`

block, _ := pem.Decode([]byte(pKey))
key, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
    fmt.Println(err)
}

I get the error unknown public key algorithm .

2 answers

solution1
 1 ACCPTED  2019-10-02 21:46:12

Since there is currently no way to parse X25519 keys in the standard library, you may have to do this “by hand”.

You could do it “properly” by using the encoding/asn1 library to decode the keys , but in this case there is a simpler way.

It turns out that for both the private and public keys the actual key is just the last 32 bytes of the base64 decoded block of the key.

So you can just do:

block, _ := pem.Decode([]byte(pemString))
key := block.Bytes[len(block.Bytes)-32:]

This will work for both public and private keys, and will give you a 32 byte []byte containing the appropriate key.

solution2
 0  2019-10-01 20:25:22

Your inline key value is malform due to the tab/spaces before -----END PUBLIC KEY-----

As a result block is nil and cause the follow-up function to segfault.

Here's a quick fix for the decoding piece:

pKey := `-----BEGIN PRIVATE KEY-----
MCowBQYDK2VuAyEAfLLsWKkI/7EmTOkSf4fyHuRHDnKk6qNncWDzV8jlIUU=
-----END PRIVATE KEY-----`

block, _ := pem.Decode([]byte(pKey))

if block == nil || block.Type != "PRIVATE KEY" {
    log.Fatal("failed to decode PEM block containing private key")

}

key, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
    log.Println("Parse PKI Error:", err)
    return
}

Playground: https://play.golang.org/p/O2wk8rmKGWH

Note: ParsePKIXPublicKey function does not recognize this key algorithm.

2009/11/10 23:00:00 Parse PKI Error: x509: unknown public key algorithm

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Golang curve25519 pubkey generator How do I add two curve25519 points How do I sign a curve25519 key in golang? Parse Go time stamp using Go Parse JSON having sibling dynamic keys alongside with static in Go Get public key from private ED25519 Go Cannot find module providing package ed25519 in Go language Get names of all keys in the collection using Go Creating or using GPG or SSH keys directly in Go parse simple terraform file using go
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM