需求:golang生成秘鑰對,秘鑰有密碼
package main
import (
"crypto/rand"
"crypto/rsa"
"crypto/x509"
"encoding/pem"
"fmt"
"os"
)
func generateRSAKey(pripath, pubpath, passwd string) error {
privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
return err
}
//通過x509標准將得到的ras私鑰序列化為ASN.1 的 DER編碼字符串
x509PrivateKey := x509.MarshalPKCS1PrivateKey(privateKey)
//使用pem格式對x509輸出的內容進行編碼
privateFile, err := os.Create(pripath)
if err != nil {
return err
}
defer privateFile.Close()
//構建一個pem.Block結構體對象
//privateBlock := pem.Block{Type: "RSA Private Key", Bytes: X509PrivateKey}
privateBlock, err := x509.EncryptPEMBlock(rand.Reader, "RSA Private Key", x509PrivateKey, []byte(passwd), x509.PEMCipherAES256)
if err != nil {
return err
}
//將數據保存到文件
err = pem.Encode(privateFile, privateBlock)
if err != nil {
return err
}
//X509對公鑰編碼
X509PublicKey, err := x509.MarshalPKIXPublicKey(&privateKey.PublicKey)
if err != nil {
return err
}
//pem格式編碼
publicFile, err := os.Create(pubpath)
if err != nil {
return err
}
defer publicFile.Close()
//創建一個pem.Block結構體對象
publicBlock := pem.Block{Type: "RSA Public Key", Bytes: X509PublicKey}
//將數據保存到文件
err = pem.Encode(publicFile, &publicBlock)
if err != nil {
return err
}
return nil
}
func genkey(name, passwd string) error {
err := generateRSAKey(name+".pri", name+".pub", passwd)
if err != nil {
fmt.Println("Rsa key gen failed", err)
return err
}
fmt.Printf("Gen privatekey: %s, publickey: %s\n", name+".pri", name+".pub")
return nil
}
func main() {
genkey("rsa", "password")
}