Pretty close, you need to encode in base64 (and divide with endlines,
add header, etc.)
https://play.golang.org/p/zvxfiLwp3h
On 05/07/16 11:22, bentonrobe...@gmail.com wrote:
Hello.
I am trying to write code that takes the encrypted private half of an
SSH key plus its password, and output the decrypted secret key. I
think I am using crypto/x509 and encoding/pem correctly to decrypt the
data – if I change the password, the expected error results – but I
can't seem to get at the same text that would be printed by openssl
rsa -in ./test.key. Here's that almost-working example, with an
embedded key that's encrypted with the word "testpass":
|
packagemain
import(
"crypto/x509"
"encoding/pem"
"fmt"
"os"
)
func main(){
PASSWORD :=[]byte(`testpass`)
CRYPTO_TEXT :=[]byte(`-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,D8CAD500D219AD23A4A3AA911A7EB230
+H1lGhWVpWsMH2BtKcfokvXGdbMCw9KhObnlq7gx0HwkT2CjWkV9gsg1ybJhxYiF
1u3TxfPotrXcbRmTXOM42HmnheM/Ti7taQh2Vxf2rIkcaEm2siMT6O16kMt6CAUp
iVOiuG3XV5BXODQDHGkVor+WJh1ReT6ZCsSzGLk8/3OaBryoxJkSE0ydY1i3HU4E
8RQwKYas1rSfURfUDvCL8wUYkJfd4qzVvgkrrSTicZzU2RTkSxGO6wHmxOoX5cEs
DPEQkUjqmsf35c+CYTWrojB8eKqVavuD64+RBssJnTdfc9jlZEi+o+1LJDyJrJd+
73D/cyoHHj0Wr01gPrPpQOD6x1HAedp1beqT3N3jNt5z3r9tEdVNYNCnSnb9WnlI
5wkS4XsmBz7BD0rAku5qMgel3BWYbZTee+5BQ3Ft60nj+iKngJe1/tupMrKD31Db
o+/cmWaeneWi/xxB7z/lmo++u25ECCxcRqdTbjhdAAKb2Yjwb3K8phwyRvcMF4+Z
/HH/RTJTLb8DvF0sfjgkZMcn8dF2HQxy8cMf1jVF4+UlaPHcKsAXEBjooJkzuVrC
ZMGlScWcMvh4VfB0wL7t5jnf3FEfaR9KR3rzAhm+XLDF0Zzol8tOk7CKr0covL1S
TBpbQ8u1XGXtEt/NVkwB4Q7QOCeAxGSb0HMciKEN7uclA6AwZ+wBqzfMxqHzOL6z
9ecUlq/pypAh56gLJyWOivQBSrHkUdMBr6/VNtLHB1NZOFq2fIPBaWuhN/69Lhj4
rzq5p0YlE+ivIlg1SkH3BbX/59acKMfXNjfyuZG4If4EUCPzgcsQb8QWNAYlOfr1
g/35tc3wpEenrGqtQE9rwPeD+ArhecUZ9iMtjohL+si7bgxGBHyp+a1eN8irN0rh
rToOYTq+9xnpI4sQp+D0oZZ+B7EVTLL7EYGNfAvroDPl/sIuHPtc4Cns7MgRH4Z9
F7Lvd0lSEbMOL+uVdkhR4/AjIiv9aLsv4O/0NTsqDwG0evjFt5G1hLDelMaqaGeL
jz3eOv8IvL4ueqp1KTOD7ofT62GOj4tR8z4RE2uhHl5ummrI+7G3/2iAQeuWRlTQ
DafjhU2NSN+TIGzaCn3Kghmj5Wwl3tXIqf8JRDenBIl2RxsczyDxn0UtKn61DOXB
dQLvSn0YRU+q0F7GJPp/FjWiekPhj3UkWyEFEX+Py5+QHx2CxOvsh0Nd1iKLjn/w
wEpIHuny/rPuz7e+W3y883IQhEBToqFa8QwX3V60kfwpfffYoF6M/dFe3gOkOt5o
KQGuZFtfoxUdie4TFZqhqF2fCYBNPmySKJy+aH8qom9ITcvHaUGvGZKBuA9C0qJy
rON/oWs8Fi5Cl+Vi8Eu0Qi2v3lepsUmeiA5wc6S6voJsE/RL1OPiw4wpKZqhpwdz
kqQe1YAlfpw2uLs67ugeNZUraeJYRgJihL+M0X1z99eoaMD0xU6mwhtI5b1V6dkD
lEbCbnAznehhU59zM4ZNc65ZQHpqdrmjYd6CiuZ5sMvI9c8UKvFWj2Rn8MY3kV+b
2wSPDF/dbJ1M6oLTvGshXviRRMgrRFTc2GMy5fbSb8Zqex57SQ0QXqQJ9FQZCIMJ
-----END RSA PRIVATE KEY-----`)
pemBlock,_ :=pem.Decode(CRYPTO_TEXT)
ifpemBlock !=nil{
ifx509.IsEncryptedPEMBlock(pemBlock){
fmt.Printf("Decrypting private PEM data...\n")
clearText,err :=x509.DecryptPEMBlock(pemBlock,PASSWORD)
iferr ==nil{
fmt.Printf("clearText (len %d): %s\n",len(clearText),clearText)
}else{
fmt.Printf("Error decrypting PEM-encoded secret: %s\n",err)
os.Exit(2)
}
pkcsData,err :=x509.ParsePKCS1PrivateKey(clearText)
iferr !=nil{
fmt.Printf("ERROR parsing PKCS data: %s!",err)
os.Exit(3)
}
fmt.Printf("PKCS data: %v\n",pkcsData)
}
}
os.Exit(0)
}
|
Thanks in advance to anyone who can help me produce the plain text of
the decrypted private key, as if decrypted with command-line openssl.
Sincerely,
- benton
--
You received this message because you are subscribed to the Google
Groups "golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to golang-nuts+unsubscr...@googlegroups.com
<mailto:golang-nuts+unsubscr...@googlegroups.com>.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to golang-nuts+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
