This question already has answers here:
golang - marshal PKCS8 private key?
(2 answers)
Closed 5 years ago.
I want to generate tls certificates.
So first I need a Private Key.
-----BEGIN PRIVATE KEY-----
BASE64 ENCODED DATA
-----END PRIVATE KEY-----
But, I can generate RSA Private Key
// "crypto/rsa"
rsa.GenerateKey(cryptorand.Reader, 2048)
which gives me following
-----BEGIN RSA PRIVATE KEY-----
BASE64 ENCODED DATA
-----END RSA PRIVATE KEY-----
And I can't use it. I need PKCS#8 Private Key start with BEGIN PRIVATE KEY
How can I generate PKCS#8 Private Key?
Or Is there any way to convert PKCS#1 to PKCS#8 Key?
I don't know how exactly you get literal -----BEGIN RSA PRIVATE KEY-----
Go stdlib crypto do not has PKCS#8 marshaller but there is generic asn1.Marchal() in encoding/asn1 and PKCS#8 standard(rfc5208) provide ASN#1 syntax definition, so you can do something like:
import (
"crypto/rsa"
"crypto/x509"
"encoding/asn1"
)
type Pkcs8Key struct {
Version int
PrivateKeyAlgorithm []asn1.ObjectIdentifier
PrivateKey []byte
}
func RsaToPkcs8(key *rsa.PrivateKey) ([]byte, error) {
var pkey Pkcs8Key
pkey.Version = 0
pkey.PrivateKeyAlgorithm = make([]asn1.ObjectIdentifier, 1)
pkey.PrivateKeyAlgorithm[0] = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 1, 1}
pkey.PrivateKey = x509.MarshalPKCS1PrivateKey(key)
return asn1.Marshal(pkey)
}
Here's a solution based on the custom PKCS#8 marshal function in this answer:
package main
import (
"crypto/rand"
"crypto/rsa"
"crypto/x509"
"encoding/asn1"
"encoding/pem"
"fmt"
)
type PKCS8Key struct {
Version int
PrivateKeyAlgorithm []asn1.ObjectIdentifier
PrivateKey []byte
}
func MarshalPKCS8PrivateKey(key *rsa.PrivateKey) ([]byte, error) {
var pkey PKCS8Key
pkey.Version = 0
pkey.PrivateKeyAlgorithm = make([]asn1.ObjectIdentifier, 1)
pkey.PrivateKeyAlgorithm[0] = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 1, 1}
pkey.PrivateKey = x509.MarshalPKCS1PrivateKey(key)
return asn1.Marshal(pkey)
}
func main() {
// Generate the private key.
privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
fatal(err)
// Encode the private key into PEM data.
bytes, err := MarshalPKCS8PrivateKey(privateKey)
fatal(err)
privatePem := pem.EncodeToMemory(
&pem.Block{
Type: "PRIVATE KEY",
Bytes: bytes,
},
)
fmt.Printf("%s\n", privatePem)
// -----BEGIN PRIVATE KEY-----
// MIIEvAIBADALBgkqhkiG9w0BAQEEggSoMIIEpAIBAAKCAQEAz5xD5cdqdE0PMmk1
// 4YN6Tj0ybTsvS5C95ogQmBJ4bGxiuGPR5JtIc+UmT8bnCHtK5xnHiP+gPWunwmhS
// ...
// qpb1NZsMLz2lRXqx+3Pq7Q==
// -----END PRIVATE KEY-----
}
func fatal(err error) {
if err != nil {
panic(err)
}
}
Related
I'm trying to migrate some python code to golang.
The code needs to get the value of unstructuredName from the ssl certificates subject.
Here is how it works in python:
from cryptography import x509
from cryptography.x509.oid import NameOID
from cryptography.hazmat.backends import default_backend
pem = b"""\
-----BEGIN CERTIFICATE-----
MIIDcTCCAlmgAwIBAgIUNjbltje6I/S9PJN8KgIxyi2Iw58wDQYJKoZIhvcNAQEL
BQAwSTEUMBIGA1UEAwwLZXhhbXBsZS5jb20xFjAUBgNVBAoMDUV4YW1wbGUsIElu
Yy4xGTAXBgNVBAsMEEV4YW1wbGUgRGl2aXNpb24wHhcNMjIxMTI5MTU1NDMxWhcN
MzcxMTI2MTU1NDMxWjCBmzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3Ju
aWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xGjAYBgNVBAoMEVNvbWUgT3JnYW5p
emF0aW9uMR4wHAYDVQQDDBVzb21lLm9yZ2FuaXphdGlvbi5jb20xIzAhBgkqhkiG
9w0BCQIMFHNvbWUgYWRkaXRpb25hbCBpbmZvMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyqprugdiaERkAHbx06WobPekkZ8CFyiR6dv8D49eqHO1xmCp
aVotFJSj5cktUH64885LfTCghUdPcw+rIh0fB8tOleBUA9yIMUqbYFnRgLrz7U+g
bkgyQO7w0PsB7tgUKI7esEEcvWSoygWyZKSiUZBSQOAuEcJxog7GMR6QiUtmiLaq
DY0Wwlir7iakX0Qlq8iHFY6yNf2aghET6IC9tGbkifO6HWLEP4gBWwtIvCd94l6L
6rNpGtYXHSmlaEL0jn/4QPADciXDrBnAhFfzBrqyO7SYNqJUiENXEvq+7ESIqibV
RKvt9HpAj+O/Ij4z+Z6Xys8sE3RE4FSNSdXphQIDAQABMA0GCSqGSIb3DQEBCwUA
A4IBAQCH6vxtrqUBFVgahnmjPSHci3JCaz/X9hL2QgXNTzAS3rLJBd6OrC+3ITli
vzJlWryl1hzTxFEcj3EtVG1AckNOHX0RCFggNBSQSOz6oaaZlS6BAkChbRUqmHfG
iCDK8A1pV1cr/SPBe/UjSkbG548JpqCSWEUL1jNDsNzZmjuXy+FTM2PDYiSRbGxY
Y0SpkxAhuKltblzghh1KIMU7UutEUXDGMlCCYEY9/ibWTKa9J/WNjC0CQC13jLe8
PqVLIeXIoVSkTsgbzwYxW2P+M6QbjRC83OORwm8GnEj1k2yX6JmnzLifidFiT/h6
M2Y3gjYqfGexupmK9toEejZPj1RB
-----END CERTIFICATE-----
"""
cert = x509.load_pem_x509_certificate(pem, default_backend())
unstructured_name = cert.subject.get_attributes_for_oid(NameOID.UNSTRUCTURED_NAME)[0].value
print(unstructured_name)
This code prints the value ("some additional info" in this case) of unstructuredName.
My attempt in go looks like this:
package main
import (
"crypto/x509"
"encoding/pem"
"fmt"
"log"
)
const certRaw = `-----BEGIN CERTIFICATE-----
MIIDcTCCAlmgAwIBAgIUNjbltje6I/S9PJN8KgIxyi2Iw58wDQYJKoZIhvcNAQEL
BQAwSTEUMBIGA1UEAwwLZXhhbXBsZS5jb20xFjAUBgNVBAoMDUV4YW1wbGUsIElu
Yy4xGTAXBgNVBAsMEEV4YW1wbGUgRGl2aXNpb24wHhcNMjIxMTI5MTU1NDMxWhcN
MzcxMTI2MTU1NDMxWjCBmzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3Ju
aWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xGjAYBgNVBAoMEVNvbWUgT3JnYW5p
emF0aW9uMR4wHAYDVQQDDBVzb21lLm9yZ2FuaXphdGlvbi5jb20xIzAhBgkqhkiG
9w0BCQIMFHNvbWUgYWRkaXRpb25hbCBpbmZvMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyqprugdiaERkAHbx06WobPekkZ8CFyiR6dv8D49eqHO1xmCp
aVotFJSj5cktUH64885LfTCghUdPcw+rIh0fB8tOleBUA9yIMUqbYFnRgLrz7U+g
bkgyQO7w0PsB7tgUKI7esEEcvWSoygWyZKSiUZBSQOAuEcJxog7GMR6QiUtmiLaq
DY0Wwlir7iakX0Qlq8iHFY6yNf2aghET6IC9tGbkifO6HWLEP4gBWwtIvCd94l6L
6rNpGtYXHSmlaEL0jn/4QPADciXDrBnAhFfzBrqyO7SYNqJUiENXEvq+7ESIqibV
RKvt9HpAj+O/Ij4z+Z6Xys8sE3RE4FSNSdXphQIDAQABMA0GCSqGSIb3DQEBCwUA
A4IBAQCH6vxtrqUBFVgahnmjPSHci3JCaz/X9hL2QgXNTzAS3rLJBd6OrC+3ITli
vzJlWryl1hzTxFEcj3EtVG1AckNOHX0RCFggNBSQSOz6oaaZlS6BAkChbRUqmHfG
iCDK8A1pV1cr/SPBe/UjSkbG548JpqCSWEUL1jNDsNzZmjuXy+FTM2PDYiSRbGxY
Y0SpkxAhuKltblzghh1KIMU7UutEUXDGMlCCYEY9/ibWTKa9J/WNjC0CQC13jLe8
PqVLIeXIoVSkTsgbzwYxW2P+M6QbjRC83OORwm8GnEj1k2yX6JmnzLifidFiT/h6
M2Y3gjYqfGexupmK9toEejZPj1RB
-----END CERTIFICATE-----
`
func main() {
block, rest := pem.Decode([]byte(certRaw))
if block == nil {
log.Fatalf("Decode CA PEM, %v", rest)
}
cert, err := x509.ParseCertificate(block.Bytes)
if err != nil {
log.Fatalf("parse certificate")
}
fmt.Println(cert.Subject.String())
// Unmarshall and print value of unstructuredName (oid: 1.2.840.113549.1.9.2)
// ???
}
Go Playground: https://go.dev/play/p/VwkpDbNpQ78
I couldn't find a function to get the attribute by oid. When I print out the whole subject I see that the value is still (DER?) encoded.
How can I decode or unmarshal the value of the unstructuredName?
Thanks a lot.
I don't think the Go standard lib has a function to get the attribute by the oid. However, it doesn't look like it's very hard to write one yourself. The code below is based on this related answer (and the code in your question).
Here's the updated go playground - https://go.dev/play/p/NtfZ6Kl_Vl0.
package main
import (
"crypto/x509"
"encoding/pem"
"fmt"
"log"
)
const certRaw = `-----BEGIN CERTIFICATE-----
MIIDcTCCAlmgAwIBAgIUNjbltje6I/S9PJN8KgIxyi2Iw58wDQYJKoZIhvcNAQEL
BQAwSTEUMBIGA1UEAwwLZXhhbXBsZS5jb20xFjAUBgNVBAoMDUV4YW1wbGUsIElu
Yy4xGTAXBgNVBAsMEEV4YW1wbGUgRGl2aXNpb24wHhcNMjIxMTI5MTU1NDMxWhcN
MzcxMTI2MTU1NDMxWjCBmzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3Ju
aWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xGjAYBgNVBAoMEVNvbWUgT3JnYW5p
emF0aW9uMR4wHAYDVQQDDBVzb21lLm9yZ2FuaXphdGlvbi5jb20xIzAhBgkqhkiG
9w0BCQIMFHNvbWUgYWRkaXRpb25hbCBpbmZvMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyqprugdiaERkAHbx06WobPekkZ8CFyiR6dv8D49eqHO1xmCp
aVotFJSj5cktUH64885LfTCghUdPcw+rIh0fB8tOleBUA9yIMUqbYFnRgLrz7U+g
bkgyQO7w0PsB7tgUKI7esEEcvWSoygWyZKSiUZBSQOAuEcJxog7GMR6QiUtmiLaq
DY0Wwlir7iakX0Qlq8iHFY6yNf2aghET6IC9tGbkifO6HWLEP4gBWwtIvCd94l6L
6rNpGtYXHSmlaEL0jn/4QPADciXDrBnAhFfzBrqyO7SYNqJUiENXEvq+7ESIqibV
RKvt9HpAj+O/Ij4z+Z6Xys8sE3RE4FSNSdXphQIDAQABMA0GCSqGSIb3DQEBCwUA
A4IBAQCH6vxtrqUBFVgahnmjPSHci3JCaz/X9hL2QgXNTzAS3rLJBd6OrC+3ITli
vzJlWryl1hzTxFEcj3EtVG1AckNOHX0RCFggNBSQSOz6oaaZlS6BAkChbRUqmHfG
iCDK8A1pV1cr/SPBe/UjSkbG548JpqCSWEUL1jNDsNzZmjuXy+FTM2PDYiSRbGxY
Y0SpkxAhuKltblzghh1KIMU7UutEUXDGMlCCYEY9/ibWTKa9J/WNjC0CQC13jLe8
PqVLIeXIoVSkTsgbzwYxW2P+M6QbjRC83OORwm8GnEj1k2yX6JmnzLifidFiT/h6
M2Y3gjYqfGexupmK9toEejZPj1RB
-----END CERTIFICATE-----
`
func main() {
block, rest := pem.Decode([]byte(certRaw))
if block == nil {
log.Fatalf("Decode CA PEM, %v", rest)
}
cert, err := x509.ParseCertificate(block.Bytes)
if err != nil {
log.Fatalf("parse certificate")
}
// 1.2.840.113549.1.9.2
var oidUnstructuredName = []int{1, 2, 840, 113549, 1, 9, 2}
var unstructuredName string
for _, n := range cert.Subject.Names {
if n.Type.Equal(oidUnstructuredName) {
if v, ok := n.Value.(string); ok {
unstructuredName = v
}
}
}
fmt.Println(unstructuredName)
}
I read through a few examples to generate DSA keys for OpenSSH in Go. And my clean code snippet and outputs are listed below.
It has two problems:
for 2048-bit length, the public key can't be loaded via ssh.ParseAuthorizedKey, for error: "ssh: no key found".
OpenSSH client and GitHub SSH can't accept it.
Code snippets:
// GenerateDSAKeys generates DSA public and private key pair with given size for SSH.
func GenerateDSAKeys(bitSize int, passphrase string) (pubKey string, privKey string, err error) {
params := new(dsa.Parameters)
// see http://golang.org/pkg/crypto/dsa/#ParameterSizes
if err = dsa.GenerateParameters(params, rand.Reader, dsaSizeFromLength(bitSize)); err != nil {
return
}
var privateKey dsa.PrivateKey
privateKey.PublicKey.Parameters = *params
// this generates a public & private key pair
if err = dsa.GenerateKey(&privateKey, rand.Reader); err != nil {
return
}
// generate public key
var publicKey ssh.PublicKey
if publicKey, err = ssh.NewPublicKey(&privateKey.PublicKey); err != nil {
return
}
// encode public key
pubBytes := ssh.MarshalAuthorizedKey(publicKey)
// encode private key
var (
bytes []byte
privBytes []byte
)
if bytes, err = asn1.Marshal(privateKey); err != nil {
return
}
privBytes, err = encodePEMBlock(&pem.Block{
Type: "DSA PRIVATE KEY",
Bytes: bytes,
}, passphrase)
if err != nil {
return
}
return string(pubBytes), string(privBytes), nil
}
func dsaSizeFromLength(l int) dsa.ParameterSizes {
switch l {
case 1024:
return dsa.L1024N160
case 2048:
return dsa.L2048N224
case 3072:
return dsa.L3072N256
default:
return dsa.L2048N256
}
}
Output for 1024:
bash-3.2$ cat id_dsa.pub
ssh-dss AAAAB3NzaC1kc3MAAACBAIbuW6wh5hU2W96tEyo7xPDZmslWnsyQBYtf4SSTeHOMTNTxznlMujjkmCuqKJ04BlHFi+ner2qzCd1GkzGhHrretQw1z5Ew8ysAGsmbb9Yc6BMTyhJkrQ2lIR5Vmqa9Ukx0PM/HdXa6GieYZWxyabN5IjN4SESXZ6G7Jb4StwCfAAAAFQCnj+WurTgW5aXGYePwhBYAWX01WwAAAIBHQpZSsJGKsEII7Oe6RMz5ek27ydHPnrLDqVOmEKqHrIrsYXoTHaMOLW+fvsDBC3q0EWMBNgu4IAZe3eL2Gx2r94+DS+GTfECWiJ3+O76DTAwDcB6fXxdYxG88nJMzCkcMZEmOjbIpuiGP5NC+OOqBv2DEHw7YEWs8Kx4T71mE0AAAAIEAhg/OB98FTcYX/gXEclKqqDByHzHIt71Y7DFZnxnmd4DFEZp/WzJ6VT2jTNMyWKRT9h0SITORLKNxTCM3ZLhQYVBinOsjIzZ8YlYYOxTn2mWntWzmsdhUeBx+aNCwuhz/cMHjbhWJWVXRDfgzPf9IHtF1FLgjtMiz6/xwzAMEPlE= vej#Vej-Work-MBP.local
bash-3.2$ cat id_dsa
-----BEGIN DSA PRIVATE KEY-----
MIIBwDCCAaYwggEeAoGBAIbuW6wh5hU2W96tEyo7xPDZmslWnsyQBYtf4SSTeHOM
TNTxznlMujjkmCuqKJ04BlHFi+ner2qzCd1GkzGhHrretQw1z5Ew8ysAGsmbb9Yc
6BMTyhJkrQ2lIR5Vmqa9Ukx0PM/HdXa6GieYZWxyabN5IjN4SESXZ6G7Jb4StwCf
AhUAp4/lrq04FuWlxmHj8IQWAFl9NVsCgYBHQpZSsJGKsEII7Oe6RMz5ek27ydHP
nrLDqVOmEKqHrIrsYXoTHaMOLW+fvsDBC3q0EWMBNgu4IAZe3eL2Gx2r94+DS+GT
fECWiJ3+O76DTAwDcB6fXxdYxG88nJMzCkcMZEmOjbIpuiGP5NC+OOqBv2DEHw7Y
EWs8Kx4T71mE0AKBgQCGD84H3wVNxhf+BcRyUqqoMHIfMci3vVjsMVmfGeZ3gMUR
mn9bMnpVPaNM0zJYpFP2HRIhM5Eso3FMIzdkuFBhUGKc6yMjNnxiVhg7FOfaZae1
bOax2FR4HH5o0LC6HP9wweNuFYlZVdEN+DM9/0ge0XUUuCO0yLPr/HDMAwQ+UQIU
RhBIeYLqxL4PJgENdgtjfjxDX80=
-----END DSA PRIVATE KEY-----
For 2048, output:
bash-3.2$ cat id_dsa.pub
ssh-dss AAAAB3NzaC1kc3MAAAEBAKbfrtje1KqerXL0DFg35Ouou2NP08vsuqCbv/cr65X2/AMaDy/Zdikq1rHw1ScWzre0vGTDwnGsFJgNDf3p0ckJqxMN9kop+8a+M1nuQ39LnkHATM+x58jgJaC06VZisLQuMoJvzdOlMPKb1v9TKfSiI0XZujhS5RVl4DkqABEXFsNXOHTIGDXToq80IPf0KV01qvOGBnICzhPkXw5HcCF9rmVD5aPfADjHZfUTt9PJfFcPk06mmfvpOEBfWgaluIDp0Wf5DsKu0RxlZVm4x3iP43hQfJ8NaFRyOKhNxd0r5t5SDUubF2Z37v0QNIvLZPrKsE0AywNkDZ66bf3HigMAAAAdAMjEhWBLtQ+nWfJIO16rpLQZQKBpXePefLrztpUAAAEALJsfHywD5PSfeFUGs901I1Z/yvOuyHQFxJGXEAQJ08CBAGvwcGA1M41sDnbrbOFm8ol91xcnUqW0HMlwDpdHIBxgytlnKlsEw69GqCx1dJAv8LnDokK/zV406I0LLwXzQ3QvfSMtM3VDsIA/jInd273LlXFEG4dmkG1mIP7SBgbzy7jZ4LpH5y8ZSUMFlZ4dXTURj4TAe/ByScaXoVO8QDLaZq5EiSRAomUxLvnwTNJHt/YqQog5EWhQNBUKp5HbPS7pk+KujaUpYwXNZZuhqjp4dmaBYppwCZnrqvsHKq6p8BCt4ZQ/589q0D1Mx0pbgI/sQLvib5jSHJ0jKq7xrAAAAQBzxG2gTr89VeVJBMsconclvXw7vYDxQGBGhZBmKQ6e/s8swxJzzUbpRzoeYGEL1nE28e4Apw6pQFY3XkuvklYTwNHPLwG/5FJV7fc2HJgwVg8/wf5hUrzqlKK9Xhjm2369iKnGig/u28e79oOWgdbqfrjWpNih/aVL60ApdWgxmxC61PGppJ2AXNubaDynhMOx1q+lSH+unu+kLml+c+lbqwZYXmI0t+gFzyyu+pL8DpVEhAG8P/AMCXMDR3JmQhWF7fKiP1QdDMidUODM8keVQaK5txIp9EUAThk0ErigG5ZsIL5V2Z4UistlwQ4WiZYJmz/IlD50+PtkjwBFiA6z vej#Vej-Work-MBP.local
bash-3.2$ cat id_dsa
-----BEGIN DSA PRIVATE KEY-----
MIIDUzCCAzAwggIoAoIBAQCm367Y3tSqnq1y9AxYN+TrqLtjT9PL7Lqgm7/3K+uV
9vwDGg8v2XYpKtax8NUnFs63tLxkw8JxrBSYDQ396dHJCasTDfZKKfvGvjNZ7kN/
S55BwEzPsefI4CWgtOlWYrC0LjKCb83TpTDym9b/Uyn0oiNF2bo4UuUVZeA5KgAR
FxbDVzh0yBg106KvNCD39CldNarzhgZyAs4T5F8OR3Ahfa5lQ+Wj3wA4x2X1E7fT
yXxXD5NOppn76ThAX1oGpbiA6dFn+Q7CrtEcZWVZuMd4j+N4UHyfDWhUcjioTcXd
K+beUg1Lmxdmd+79EDSLy2T6yrBNAMsDZA2eum39x4oDAh0AyMSFYEu1D6dZ8kg7
XquktBlAoGld4958uvO2lQKCAQAsmx8fLAPk9J94VQaz3TUjVn/K867IdAXEkZcQ
BAnTwIEAa/BwYDUzjWwOduts4WbyiX3XFydSpbQcyXAOl0cgHGDK2WcqWwTDr0ao
LHV0kC/wucOiQr/NXjTojQsvBfNDdC99Iy0zdUOwgD+Mid3bvcuVcUQbh2aQbWYg
/tIGBvPLuNngukfnLxlJQwWVnh1dNRGPhMB78HJJxpehU7xAMtpmrkSJJECiZTEu
+fBM0ke39ipCiDkRaFA0FQqnkds9LumT4q6NpSljBc1lm6GqOnh2ZoFimnAJmeuq
+wcqrqnwEK3hlD/nz2rQPUzHSluAj+xAu+JvmNIcnSMqrvGsAoIBAHPEbaBOvz1V
5UkEyxyidyW9fDu9gPFAYEaFkGYpDp7+zyzDEnPNRulHOh5gYQvWcTbx7gCnDqlA
VjdeS6+SVhPA0c8vAb/kUlXt9zYcmDBWDz/B/mFSvOqUor1eGObbfr2IqcaKD+7b
x7v2g5aB1up+uNak2KH9pUvrQCl1aDGbELrU8amknYBc25toPKeEw7HWr6VIf66e
76QuaX5z6VurBlheYjS36AXPLK76kvwOlUSEAbw/8AwJcwNHcmZCFYXt8qI/VB0M
yJ1Q4MzyR5VBorm3Ein0RQBOGTQSuKAblmwgvlXZnhSKy2XBDhaJlgmbP8iUPnT4
+2SPAEWIDrMCHQDGpe828eiBg56q0tQup2r3UpgiXevRNEuF0Gbw
-----END DSA PRIVATE KEY-----
Can you please tell me how resolve it, and make it works?
OpenSSH stopped supporting DSA (aka ssh-dss) by default over 5 years ago; see
https://security.stackexchange.com/questions/112802/why-openssh-deprecated-dsa-keys
https://security.stackexchange.com/questions/146379/does-ssh-support-dsa-with-2048-bit-keys
https://superuser.com/questions/1016989/ssh-dsa-keys-no-longer-work-
https://unix.stackexchange.com/questions/247612/ssh-keeps-skipping-my-pubkey-
You can reenable it on your client following instructions on Qs like those or the openssh website or documentation, but github won't accept it so you can't make that work. (You could set up your own server, and use it there.)
I don't know why some go code (library?) doesn't accept the 2048-bit publickey -- if you give a reference I could try to loook -- but (both) your privatekey files are incorrect, I'm guessing due to the structuring used in crypto/dsa shown at your link. The key is being marshalled (serialized) to ASN.1 as nested sequences, namely SEQUENCE { pub = SEQUENCE { params = SEQUENCE {p,q,g}, y }, x } which conceptually is a reasonable structure, but the PEM (or pseudo-PEM) type DSA PRIVATE KEY is de-facto defined by SSLeay-now-OpenSSL as using a single level: SEQUENCE { p,q,g, y, x } .
I'm trying to generate ECDSA Key Pair for SSH with Go, but I find that the private key format is different from ssh-keygen and can't be accepted by GitHub.
Here's the 256-bit key pair generated via ssh-keygen -t ecdsa -b 256:
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOJWUhO+waiB+aKvXO0xC5XTL6P/X/TIzQ4hgdXkDfmAfntOj/HXRIu4GulCvJgUoyTiF5Qt9j9gK6Z17szUv3s= root#9e5eef4b58c5
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS
1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQTiVlITvsGogfmir1ztMQuV0y+j/1/0
yM0OIYHV5A35gH57To/x10SLuBrpQryYFKMk4heULfY/YCumde7M1L97AAAAsDs42wc7ON
sHAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOJWUhO+waiB+aKv
XO0xC5XTL6P/X/TIzQ4hgdXkDfmAfntOj/HXRIu4GulCvJgUoyTiF5Qt9j9gK6Z17szUv3
sAAAAgOpAIXW6rZQqgYZboSJXojH2diS26wfm6P3hn8cQVZrwAAAARcm9vdEA5ZTVlZWY0
YjU4YzUBAgMEBQYH
-----END OPENSSH PRIVATE KEY-----
Here's the generator code in Go:
// GenerateECDSAKeys generates ECDSA public and private key pair with given size for SSH.
func GenerateECDSAKeys(bitSize int) (pubKey string, privKey string, err error) {
// generate private key
var privateKey *ecdsa.PrivateKey
if privateKey, err = ecdsa.GenerateKey(curveFromLength(bitSize), rand.Reader); err != nil {
return
}
// encode public key
var (
bytes []byte
publicKey ssh.PublicKey
)
if publicKey, err = ssh.NewPublicKey(privateKey.Public()); err != nil {
return
}
pubBytes := ssh.MarshalAuthorizedKey(publicKey)
// encode private key
if bytes, err = x509.MarshalECPrivateKey(privateKey); err != nil {
return
}
privBytes := pem.EncodeToMemory(&pem.Block{
Type: "ECDSA PRIVATE KEY",
Bytes: bytes,
})
return string(pubBytes), string(privBytes), nil
}
func curveFromLength(l int) elliptic.Curve {
switch l {
case 224:
return elliptic.P224()
case 256:
return elliptic.P256()
case 348:
return elliptic.P384()
case 521:
return elliptic.P521()
}
return elliptic.P384()
}
And generated result:
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNYTtNRlEKh/harLSfIsSziDkEQ8E7OJ7azhTBJi1Qx+fDa6dGg9f/vudGEizJ5d9TINVLTP+Jemwg6FBhajiVA=
-----BEGIN ECDSA PRIVATE KEY-----
MHcCAQEEIEGZZ/4aD6tf0sc1ovyctlGWRSFp7RGw5ovRONZKLg4eoAoGCCqGSM49
AwEHoUQDQgAE1hO01GUQqH+FqstJ8ixLOIOQRDwTs4ntrOFMEmLVDH58Nrp0aD1/
++50YSLMnl31Mg1UtM/4l6bCDoUGFqOJUA==
-----END ECDSA PRIVATE KEY-----
So why SSH private key was so different after the generation, and how to make it works?
OpenSSH uses different formats for private EC keys, the SEC1 (as generated by your Go code), the PKCS#8 or the newer OpenSSH format (as generated with the ssh-keygen command). This is described here, which also contains a more detailed explanation of the OpenSSH format. The SEC1 format is explained e.g. in this post.
The current Go code generates a SEC1 key with wrong header and footer. This turned out to be the cause of the problem! To fix the bug, ECDSA must be replaced by EC in header and footer:
-----BEGIN EC PRIVATE KEY-----
...
-----END EC PRIVATE KEY-----
i.e. in the Go code in the EncodeToMemory() call Type: "ECDSA PRIVATE KEY" must be replaced by Type: "EC PRIVATE KEY".
Note that a conversion between the formats is also possible e.g. with ssh-keygen. For instance
ssh-keygen -p -N "" -f data.key
converts the SEC1 key contained in data.key to the OpenSSH format, see here.
I have public key stored in a variable of type interface{}
-----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDdlatRjRjogo3WojgGHFHYLugdUWAY9iR3fy4arWNA1KoS8kVw33cJibXr8bvwUAUparCwlvdbH6dvEOfou0/gCFQsHUfQrSDv+MuSUMAe8jzKE4qW+jK+xQU9a03GUnKHkkle+Q0pX/g6jXZ7r1/xAK5Do2kQ+X5xK9cipRgEKwIDAQAB
-----END PUBLIC KEY-----
Is there anyway I can convert this into type *rsa.PublicKey in golang. It might involve some intermediate step like converting interface{} to string first may be.
In general you would decode a pem file (assuming this is in a x509) cert using the crypto/x509 library. The provided example in the documentation is as follows:
package main
import (
"crypto/dsa"
"crypto/ecdsa"
"crypto/rsa"
"crypto/x509"
"encoding/pem"
"fmt"
)
func main() {
const pubPEM = `
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlRuRnThUjU8/prwYxbty
WPT9pURI3lbsKMiB6Fn/VHOKE13p4D8xgOCADpdRagdT6n4etr9atzDKUSvpMtR3
CP5noNc97WiNCggBjVWhs7szEe8ugyqF23XwpHQ6uV1LKH50m92MbOWfCtjU9p/x
qhNpQQ1AZhqNy5Gevap5k8XzRmjSldNAFZMY7Yv3Gi+nyCwGwpVtBUwhuLzgNFK/
yDtw2WcWmUU7NuC8Q6MWvPebxVtCfVp/iQU6q60yyt6aGOBkhAX0LpKAEhKidixY
nP9PNVBvxgu3XZ4P36gZV6+ummKdBVnc3NqwBLu5+CcdRdusmHPHd5pHf4/38Z3/
6qU2a/fPvWzceVTEgZ47QjFMTCTmCwNt29cvi7zZeQzjtwQgn4ipN9NibRH/Ax/q
TbIzHfrJ1xa2RteWSdFjwtxi9C20HUkjXSeI4YlzQMH0fPX6KCE7aVePTOnB69I/
a9/q96DiXZajwlpq3wFctrs1oXqBp5DVrCIj8hU2wNgB7LtQ1mCtsYz//heai0K9
PhE4X6hiE0YmeAZjR0uHl8M/5aW9xCoJ72+12kKpWAa0SFRWLy6FejNYCYpkupVJ
yecLk/4L1W0l6jQQZnWErXZYe0PNFcmwGXy1Rep83kfBRNKRy5tvocalLlwXLdUk
AIU+2GKjyT3iMuzZxxFxPFMCAwEAAQ==
-----END PUBLIC KEY-----`
block, _ := pem.Decode([]byte(pubPEM))
if block == nil {
panic("failed to parse PEM block containing the public key")
}
pub, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
panic("failed to parse DER encoded public key: " + err.Error())
}
switch pub := pub.(type) {
case *rsa.PublicKey:
fmt.Println("pub is of type RSA:", pub)
case *dsa.PublicKey:
fmt.Println("pub is of type DSA:", pub)
case *ecdsa.PublicKey:
fmt.Println("pub is of type ECDSA:", pub)
default:
panic("unknown type of public key")
}
}
I'm not really sure about the encoding you have there though. The following might help you past that hurdle:
RSA Public Key format
you can use:
rsaPublickey, _ := pub.(*rsa.PublicKey)
to convert to rsa.PublicKey
I'm new in Go and having hard time to figure it out how crypto package works.
Basicly I need to sign a string with pem key and get sha1 of that like the equivalent code in C# in below.
Thanks
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.FromXmlString(“<RSAKeyValue><Modulus>oQRshGhLf2Fh...”);
byte[] signMain = rsa.SignData(Encoding.UTF8.GetBytes(data), new SHA1CryptoServiceProvider());
C# code
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;
namespace RSASHA1
{
class Program
{
static void Main(string[] args)
{
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.FromXmlString("<RSAKeyValue><Modulus>n9t+R7Zmn4VLaWmixLnUkxfQmwDHqRmtlC3mR0YJ9ntUpqLPIkbZgGbuCM8jzmt3kTs4UIufzxQfim1v8avBYDkijxKRN4/g2juS9IqmWjvdV4CrxfTVGXudiuzeqI3wzoaHY4BmMdhmOA46GV6pifAVeQnJb6Hp6/F9bwi1kFE=</Modulus><Exponent>AQAB</Exponent><P>+ow3plgxHR5BcBApdHu93bLQJHD+DbcUV6qKSHMfQNosjDb6IiPUd6kfHI34DIldot6ooI+AUqZYIqW57J7llw==</P><Q>o1YL/4UkELk5nmU30NA7gLmnZm+bynt9rR2yjkU55SP60tqO5/72aXak/RrSih1BC6WfJxEr2OLMWud6t8wGVw==</Q><DP>U8vXxPPUIVgALNnK86F7RA3NHZMI9U9ZJ2TrcQXH2yndIlw01nxDUG4o8KTu5EqBHbr4jRLRqVLnQVdKUsBmKw==</DP><DQ>XeJJxzeaQVqWOetoJ8hpS1ZrWD/yxnIxDN6zEX/NBV6m/6fM2KD+tiQSNcHDHswt5Snvzx7ZmzLRz7aaHSdSxQ==</DQ><InverseQ>j/DPSjRS09ephgGgiSBFcpxDc+54n6Fo2M2zLhMj/lBoO8klbNPB4YlwFHJjEh9EpbLB1Zwi7XjL2weFX2Ws+g==</InverseQ><D>HRtdMfePVgpyQb5fSczAXQwgCqkosaygQ3PcEyw4ki3AqxrH9mjKH6weOXJmBabhvYr35QqXTaBPYegtUubALda87T7cviK1rCPN18vv+eU4MT9TADQyj9HeYvp7fUfjEfaIaf/QpAXwSRrF/n9CsM1ef4aZX4XFd2uv2SH7yVU=</D></RSAKeyValue>");
byte[] signMain = rsa.SignData(Encoding.UTF8.GetBytes("hello"), new SHA1CryptoServiceProvider());
StringBuilder hex = new StringBuilder(signMain.Length * 2);
foreach (byte b in signMain) hex.AppendFormat("{0:x2}", b);
Console.Write(hex.ToString());
Console.ReadLine();
}
}
}
Go code for keys generated in OpenSSL < 1.0 and OpenSSL >= 1.0
package main
import (
"encoding/pem"
"fmt"
"crypto/sha1"
"crypto/rsa"
"crypto/rand"
"crypto/x509"
"crypto"
"encoding/hex"
)
var openssl_10_key string = `-----BEGIN PRIVATE KEY-----
MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMipwvuAvELnymqg2cdNTX+Df341aT6iZC/5qSv+U2a6tr/sqoIRd4Hi5TQFB0yPcbqL5NhIz8CjrA7k7WROH6F10OKfhPgyxBxRARLSqfVdflFb9WF3BlJeOgHti8j24a38gUsqx42nkbLJM6tmlYqSOSZWR3jPx7ZuqgSNO+G5AgMBAAECgYAGXKN+HjTzZhS1ae4dphmSTmGVzcaAohAzf5XZrp5UTN0lNP3e69DYwSnR8WR4cx/NWBWxHPXa1+Jiz01B3dw3NgdcK9YhheDJEzBjMV8kizqTV2GrwGrc04JI/77uBZdj8bUx3pIhwWOK6ShmhveuPE8Q3EfeZ5g+yKvkF4YTNQJBAPhyENG0qp36VWLyHC4tY7j35tTjYuhTNDsmPI/BNYaSIGzGGfKZweAouUsetk3BQe4fgDHdU+wT+uvArvUPua8CQQDOw8A8K44qUuNLnUUhbTpK0MNXNxA25oOwHHTCqFQLxarZGKj7KqBYiT4bR9TesvfXz2IpvvMOf4UWs57aBL0XAkEArTEnFGkzf0lheMZ6ap5tpCX8nm+dJYPLJ2iyUyxHGfaH8AvxTrNs+cypzvor7+xG/66p+RjnRe1vwCTkUiWSNQJBAMqNhaLsYEciED0hAnoukO59+P9Vl/LQe61pExEm6b7mk+o9eD0lkxNoz4jWI7lOxfGK3fVbdKx9TBnjOPkHr10CQBW22VQhzg75LsrqNeiVGMDXRtlPueSICfxYxXCiDVc0SLi9RpCGo8fsiB+Uk9ENnLk6/vW1/H9IqtS7rQbNy64=
-----END PRIVATE KEY-----`
var openssl_09_key string = `-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDIqcL7gLxC58pqoNnHTU1/g39+NWk+omQv+akr/lNmura/7KqCEXeB4uU0BQdMj3G6i+TYSM/Ao6wO5O1kTh+hddDin4T4MsQcUQES0qn1XX5RW/VhdwZSXjoB7YvI9uGt/IFLKseNp5GyyTOrZpWKkjkmVkd4z8e2bqoEjTvhuQIDAQABAoGABlyjfh4082YUtWnuHaYZkk5hlc3GgKIQM3+V2a6eVEzdJTT93uvQ2MEp0fFkeHMfzVgVsRz12tfiYs9NQd3cNzYHXCvWIYXgyRMwYzFfJIs6k1dhq8Bq3NOCSP++7gWXY/G1Md6SIcFjiukoZob3rjxPENxH3meYPsir5BeGEzUCQQD4chDRtKqd+lVi8hwuLWO49+bU42LoUzQ7JjyPwTWGkiBsxhnymcHgKLlLHrZNwUHuH4Ax3VPsE/rrwK71D7mvAkEAzsPAPCuOKlLjS51FIW06StDDVzcQNuaDsBx0wqhUC8Wq2Rio+yqgWIk+G0fU3rL3189iKb7zDn+FFrOe2gS9FwJBAK0xJxRpM39JYXjGemqebaQl/J5vnSWDyydoslMsRxn2h/AL8U6zbPnMqc76K+/sRv+uqfkY50Xtb8Ak5FIlkjUCQQDKjYWi7GBHIhA9IQJ6LpDuffj/VZfy0HutaRMRJum+5pPqPXg9JZMTaM+I1iO5TsXxit31W3SsfUwZ4zj5B69dAkAVttlUIc4O+S7K6jXolRjA10bZT7nkiAn8WMVwog1XNEi4vUaQhqPH7IgflJPRDZy5Ov71tfx/SKrUu60Gzcuu
-----END RSA PRIVATE KEY-----`
func main() {
h := sha1.New()
h.Write([]byte("hello"))
sum := h.Sum(nil)
// For RSA keys generated with OpenSSL < 1.0
pem09, _ := pem.Decode([]byte(openssl_09_key))
privateKey09, _ := x509.ParsePKCS1PrivateKey(pem09.Bytes)
sig, _ := rsa.SignPKCS1v15(rand.Reader, privateKey09, crypto.SHA1, sum)
fmt.Println("OpenSSL < 1.0", hex.EncodeToString(sig))
// For RSA keys generated with OpenSSL >= 1.0
pem10, _ := pem.Decode([]byte(openssl_10_key))
privateKey10I, _ := x509.ParsePKCS8PrivateKey(pem10.Bytes)
privateKey10 := privateKey10I.(*rsa.PrivateKey)
sig, _ = rsa.SignPKCS1v15(rand.Reader, privateKey10, crypto.SHA1, sum)
fmt.Println("OpenSSL >= 1.0", hex.EncodeToString(sig))
}