当前位置: 首页>>代码示例>>Golang>>正文

Golang x509.ParseECPrivateKey函数代码示例

本文整理汇总了Golang中crypto/x509.ParseECPrivateKey函数的典型用法代码示例。如果您正苦于以下问题:Golang ParseECPrivateKey函数的具体用法?Golang ParseECPrivateKey怎么用?Golang ParseECPrivateKey使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了ParseECPrivateKey函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。

示例1: checkKey

func checkKey(jobs <-chan string, wg *sync.WaitGroup, block *pem.Block) {
	// https://github.com/golang/go/issues/10171
	// golang's fix? expand the documentation ...
	defer wg.Done()
	for passwordStr := range jobs {
		password := []byte(passwordStr)
		key, err := x509.DecryptPEMBlock(block, password)
		if err == nil {
			// we now have a candidate, is it random noise or is can be parsed?
			// for some reason ParseRawPrivateKey fails so its brute force time
			// https://github.com/golang/go/issues/8581 - ed25519 are not currently supported by Golang
			_, err := ssh.ParseDSAPrivateKey(key)
			if err == nil {
				printNDie(password)
			}
			// not DSA? maybe RSA
			_, err = x509.ParsePKCS1PrivateKey(key)
			if err == nil {
				printNDie(password)
			}
			// ECDSA?
			_, err = x509.ParseECPrivateKey(key)
			if err == nil {
				printNDie(password)
			}
		}
	}
}
开发者ID:a-yiorgos,项目名称:delaporter,代码行数:28,代码来源:delaporter.go

示例2: DecodePrivateKey

// DecodePrivateKey decodes a PEM-encoded ECDSA private key.
func DecodePrivateKey(encodedKey []byte) (*ecdsa.PrivateKey, error) {
	var skippedTypes []string
	var block *pem.Block

	for {
		block, encodedKey = pem.Decode(encodedKey)

		if block == nil {
			return nil, fmt.Errorf("failed to find EC PRIVATE KEY in PEM data after skipping types %v", skippedTypes)
		}

		if block.Type == "EC PRIVATE KEY" {
			break
		} else {
			skippedTypes = append(skippedTypes, block.Type)
			continue
		}
	}

	privKey, err := x509.ParseECPrivateKey(block.Bytes)
	if err != nil {
		return nil, err
	}

	return privKey, nil
}
开发者ID:ericchiang,项目名称:dex,代码行数:27,代码来源:marshal.go

示例3: ParsePEMPrivateKey

// ParsePEMPrivateKey returns a data.PrivateKey from a PEM encoded private key. It
// only supports RSA (PKCS#1) and attempts to decrypt using the passphrase, if encrypted.
func ParsePEMPrivateKey(pemBytes []byte, passphrase string) (*data.PrivateKey, error) {
	block, _ := pem.Decode(pemBytes)
	if block == nil {
		return nil, errors.New("no valid private key found")
	}

	switch block.Type {
	case "RSA PRIVATE KEY":
		var privKeyBytes []byte
		var err error

		if x509.IsEncryptedPEMBlock(block) {
			privKeyBytes, err = x509.DecryptPEMBlock(block, []byte(passphrase))
			if err != nil {
				return nil, errors.New("could not decrypt private key")
			}
		} else {
			privKeyBytes = block.Bytes
		}

		rsaPrivKey, err := x509.ParsePKCS1PrivateKey(privKeyBytes)
		if err != nil {
			return nil, fmt.Errorf("could not parse DER encoded key: %v", err)
		}

		tufRSAPrivateKey, err := RSAToPrivateKey(rsaPrivKey, data.RSAKey)
		if err != nil {
			return nil, fmt.Errorf("could not convert rsa.PrivateKey to data.PrivateKey: %v", err)
		}

		return tufRSAPrivateKey, nil
	case "EC PRIVATE KEY":
		var privKeyBytes []byte
		var err error

		if x509.IsEncryptedPEMBlock(block) {
			privKeyBytes, err = x509.DecryptPEMBlock(block, []byte(passphrase))
			if err != nil {
				return nil, errors.New("could not decrypt private key")
			}
		} else {
			privKeyBytes = block.Bytes
		}

		ecdsaPrivKey, err := x509.ParseECPrivateKey(privKeyBytes)
		if err != nil {
			return nil, fmt.Errorf("could not parse DER encoded private key: %v", err)
		}

		tufECDSAPrivateKey, err := ECDSAToPrivateKey(ecdsaPrivKey, data.ECDSAKey)
		if err != nil {
			return nil, fmt.Errorf("could not convert ecdsa.PrivateKey to data.PrivateKey: %v", err)
		}

		return tufECDSAPrivateKey, nil

	default:
		return nil, fmt.Errorf("unsupported key type %q", block.Type)
	}
}
开发者ID:RichardScothern,项目名称:notary,代码行数:62,代码来源:x509utils.go

示例4: Sign

// Sign calculates a signature for a byte array hash using hex-encoded private key
// It is supposed that a hash is calculated for an original message to sign
// Signature is a hex-encoded JSON
func Sign(hash []byte, private_key_hex string) (signature_hex string, err error) {
	// decode private key from hex
	private_key_bytes, err := hex.DecodeString(private_key_hex)
	if err != nil {
		return "", err
	}

	// x509 parse private key
	private_key, err := x509.ParseECPrivateKey(private_key_bytes)
	if err != nil {
		return "", err
	}

	// sign
	r, s, err := ecdsa.Sign(rand.Reader, private_key, hash)
	if err != nil {
		return "", err
	}

	// prepare a signature structure to marshal into json
	signature := &signature{
		R: r,
		S: s,
	}

	// marshal to json
	signature_json, err := json.Marshal(signature)
	if err != nil {
		return "", err
	}

	// encode to hex
	signature_hex = hex.EncodeToString(signature_json)
	return signature_hex, nil
}
开发者ID:vgorin,项目名称:cryptogo,代码行数:38,代码来源:ecdsa.go

示例5: LoadCertKeyFromEncPkg

func LoadCertKeyFromEncPkg(encpkg []byte, passwd string) (*CertKey, error) {
	blk, _ := pem.Decode(encpkg)
	if blk == nil {
		return nil, errors.New("Invalid PEM data")
	}
	if blk.Type != pkgTypeStr {
		return nil, errors.New("PEM type is not " + pkgTypeStr)
	}
	decrypted_pem, err := x509.DecryptPEMBlock(blk, []byte(passwd))
	if err != nil {
		return nil, err
	}
	key_pem, rest := pem.Decode(decrypted_pem)
	if blk == nil {
		return nil, errors.New("decrypted content is not PEM")
	}
	cert_pem, _ := pem.Decode(rest)
	if blk == nil {
		return nil, errors.New("Can't find the cert PEM")
	}
	if _, ok := supportedKeyTypes[key_pem.Type]; !ok {
		return nil, errors.New("Unsupported Key types")
	}
	if cert_pem.Type != "CERTIFICATE" {
		return nil, errors.New("Can't find certificate in decrypted PEM data")
	}
	var ck CertKey
	switch key_pem.Type {
	case "RSA PRIVATE KEY":
		rsack := new(RSACertKey)
		priv_key, err := x509.ParsePKCS1PrivateKey(key_pem.Bytes)
		if err != nil {
			return nil, err
		}
		rsack.key = priv_key
		cert, err := x509.ParseCertificates(cert_pem.Bytes)
		if err != nil {
			return nil, err
		}
		rsack.cert = *cert[0]
		ck = rsack
		return &ck, nil
	case "EC PRIVATE KEY":
		ecck := new(ECCertKey)
		priv_key, err := x509.ParseECPrivateKey(key_pem.Bytes)
		if err != nil {
			return nil, err
		}
		ecck.key = priv_key
		cert, err := x509.ParseCertificates(cert_pem.Bytes)
		if err != nil {
			return nil, err
		}
		ecck.cert = *cert[0]
		ck = ecck
		return &ck, nil
	}
	return nil, errors.New("Unussal error, you shouldn't see this")

}
开发者ID:hujun-open,项目名称:manpass,代码行数:60,代码来源:pki.go

示例6: ParseAndEncode

// ParseAndEncode takes key, certificate, and optional password
// as []byte and parses them to get a suitable format to encode them
func ParseAndEncode(key, cert, password []byte) string {
	var file string
	certBlock, _ := pem.Decode(cert)
	certBytes := certBlock.Bytes
	certificate, err := x509.ParseCertificate(certBytes)
	if err != nil {
		return file
	}

	block, _ := pem.Decode(key)
	privKey := block.Bytes
	if block.Type == "RSA PRIVATE KEY" {
		pkcsKey, err := x509.ParsePKCS1PrivateKey(privKey)
		if err != nil {
			return file
		}
		file = Encode(pkcsKey, certificate, password)
	} else if block.Type == "EC PRIVATE KEY" {
		ecKey, err := x509.ParseECPrivateKey(privKey)
		if err != nil {
			return file
		}
		file = Encode(ecKey, certificate, password)
	}

	return file
}
开发者ID:haneric21,项目名称:cfssl,代码行数:29,代码来源:pkcs12.go

示例7: loadECertAndEnrollmentPrivateKey

func loadECertAndEnrollmentPrivateKey(enrollmentID string, password string) ([]byte, *ecdsa.PrivateKey, error) {
	cooked, err := ioutil.ReadFile("./test_resources/key_" + enrollmentID + ".dump")
	if err != nil {
		return nil, nil, err
	}

	block, _ := pem.Decode(cooked)
	decryptedBlock, err := x509.DecryptPEMBlock(block, []byte(password))
	if err != nil {
		return nil, nil, err
	}

	enrollmentPrivateKey, err := x509.ParseECPrivateKey(decryptedBlock)
	if err != nil {
		return nil, nil, err
	}

	if err != nil {
		return nil, nil, err
	}

	ecertRaw, err := ioutil.ReadFile("./test_resources/ecert_" + enrollmentID + ".dump")
	if err != nil {
		return nil, nil, err
	}

	return ecertRaw, enrollmentPrivateKey, nil
}
开发者ID:yoshiharay,项目名称:fabric,代码行数:28,代码来源:tca_test.go

示例8: FinishKEX

// FinishKEX verifies the signed public key. If it is valid, it will
// carry out an ECDH key agreement, zeroise the private key, and store
// the shared key.
func (kex *Session) FinishKEX(signer *ecdsa.PublicKey, signed []byte) error {
	var skey signedKey
	rest, err := asn1.Unmarshal(signed, &skey)
	if err != nil {
		return err
	} else if len(rest) != 0 {
		return errors.New("eckex: trailing data in key exchange")
	}

	hashed := sha256.Sum256(skey.Public)

	if !ecdsa.Verify(signer, hashed[:], skey.R, skey.S) {
		return errors.New("eckex: verification failure")
	}

	pub, err := unpackECPKIX(skey.Public)
	if err != nil {
		return err
	}

	priv, err := x509.ParseECPrivateKey(kex.priv)
	util.Zero(kex.priv)
	if err != nil {
		return err
	}

	kex.shared, err = nistecdh.ECDH(priv, pub)
	kex.shared = kex.shared[:32]
	return err
}
开发者ID:jmptrader,项目名称:gocrypto,代码行数:33,代码来源:eckex.go

示例9: ParsePrivateKeyPEM

// ParsePrivateKeyPEM parses and returns a PEM-encoded private
// key. The private key may be either an unencrypted PKCS#8, PKCS#1,
// or elliptic private key.
func ParsePrivateKeyPEM(keyPEM []byte) (key interface{}, err error) {
	keyDER, _ := pem.Decode(keyPEM)
	if keyDER == nil {
		return nil, cferr.New(cferr.PrivateKeyError, cferr.DecodeFailed, nil)
	}
	if procType, ok := keyDER.Headers["Proc-Type"]; ok {
		if strings.Contains(procType, "ENCRYPTED") {
			return nil, cferr.New(cferr.PrivateKeyError, cferr.Encrypted, nil)
		}
	}
	key, err = x509.ParsePKCS8PrivateKey(keyDER.Bytes)
	if err != nil {
		key, err = x509.ParsePKCS1PrivateKey(keyDER.Bytes)
		if err != nil {
			key, err = x509.ParseECPrivateKey(keyDER.Bytes)
			if err != nil {
				// We don't include the actual error into the final error.
				// The reason might be we don't want to leak any info about
				// the private key.
				return nil, cferr.New(cferr.PrivateKeyError, cferr.ParseFailed, nil)
			}
		}
	}
	return
}
开发者ID:kalw,项目名称:cfssl,代码行数:28,代码来源:helpers.go

示例10: addKey

// addKey parses an SSH private key for execd. It takes in the SSH server configuration and the key to add.
// It returns an error if the key is unsupported by execd.
func addKey(conf *ssh.ServerConfig, block *pem.Block) (err error) {
	var key interface{}

	switch block.Type {
	case "RSA PRIVATE KEY":
		key, err = x509.ParsePKCS1PrivateKey(block.Bytes)
	case "EC PRIVATE KEY":
		key, err = x509.ParseECPrivateKey(block.Bytes)
	case "DSA PRIVATE KEY":
		key, err = ssh.ParseDSAPrivateKey(block.Bytes)
	default:
		return fmt.Errorf("unsupported key type %q", block.Type)
	}
	if err != nil {
		return err
	}

	signer, err := ssh.NewSignerFromKey(key)
	if err != nil {
		return err
	}

	conf.AddHostKey(signer)

	return nil
}
开发者ID:mehulsbhatt,项目名称:flitter,代码行数:28,代码来源:execd.go

示例11: TestECDSAGenerateKeyAndCSR

func TestECDSAGenerateKeyAndCSR(t *testing.T) {
	var si = SubjectInfo{
		Country:    "US",
		CommonName: "localhost",
	}

	pemKey, csr, err := GenerateKeyAndCSR(ECDSA, 256, &si)
	if err != nil {
		t.Fatalf("%v", err)
	}

	p, _ := pem.Decode(pemKey)
	if p == nil {
		t.Fatal("csr: invalid PEM-encoded ECDSA key")
	} else if p.Type != "EC PRIVATE KEY" {
		t.Fatal("csr: invalid PEM-encoded ECDSA key")
	}

	priv, err := x509.ParseECPrivateKey(p.Bytes)
	if err != nil {
		t.Fatal("csr: invalid PEM-encoded ECDSA key")
	} else if priv.Curve != elliptic.P256() {
		t.Fatal("csr: invalid PEM-encoded ECDSA key")
	}

	_, err = ParseCertificateRequest(csr)
	if err != nil {
		t.Fatalf("%v", err)
	}
}
开发者ID:postfix,项目名称:csr,代码行数:30,代码来源:keygen_test.go

示例12: importPrivateKeyfromPEM

// import private key from pem format
func importPrivateKeyfromPEM(pemsec []byte) *ecdsa.PrivateKey {
	block, _ := pem.Decode(pemsec)
	//log.Print(block)
	sec, _ := x509.ParseECPrivateKey(block.Bytes)
	//log.Print(sec)
	return sec
}
开发者ID:hyg,项目名称:go.sample,代码行数:8,代码来源:main.go

示例13: ParsePrivateKey

// ParsePublicKey parses a PEM encoded private key. Currently, only
// PKCS#1, RSA and ECDSA private keys are supported.
func ParsePrivateKey(pemBytes []byte) (Signer, error) {
	block, _ := pem.Decode(pemBytes)
	if block == nil {
		return nil, errors.New("ssh: no key found")
	}

	var rawkey interface{}
	switch block.Type {
	case "RSA PRIVATE KEY":
		rsa, err := x509.ParsePKCS1PrivateKey(block.Bytes)
		if err != nil {
			return nil, err
		}
		rawkey = rsa
	case "EC PRIVATE KEY":
		ec, err := x509.ParseECPrivateKey(block.Bytes)
		if err != nil {
			return nil, err
		}
		rawkey = ec

		// TODO(hanwen): find doc for format and implement PEM parsing
		// for DSA keys.
	default:
		return nil, fmt.Errorf("ssh: unsupported key type %q", block.Type)
	}

	return NewSignerFromKey(rawkey)
}
开发者ID:AndreasBriese,项目名称:go.crypto,代码行数:31,代码来源:keys.go

示例14: ParsePrivateKeyDER

// ParsePrivateKeyDER parses a PKCS #1, PKCS #8, or elliptic curve
// DER-encoded private key. The key must not be in PEM format.
func ParsePrivateKeyDER(keyDER []byte) (key crypto.Signer, err error) {
	generalKey, err := x509.ParsePKCS8PrivateKey(keyDER)
	if err != nil {
		generalKey, err = x509.ParsePKCS1PrivateKey(keyDER)
		if err != nil {
			generalKey, err = x509.ParseECPrivateKey(keyDER)
			if err != nil {
				// We don't include the actual error into
				// the final error. The reason might be
				// we don't want to leak any info about
				// the private key.
				return nil, cferr.New(cferr.PrivateKeyError,
					cferr.ParseFailed)
			}
		}
	}

	switch generalKey.(type) {
	case *rsa.PrivateKey:
		return generalKey.(*rsa.PrivateKey), nil
	case *ecdsa.PrivateKey:
		return generalKey.(*ecdsa.PrivateKey), nil
	}

	// should never reach here
	return nil, cferr.New(cferr.PrivateKeyError, cferr.ParseFailed)
}
开发者ID:kisom,项目名称:cfssl,代码行数:29,代码来源:derhelpers.go

示例15: LoadPrivateKey

// LoadPrivateKey loads a private key from PEM/DER-encoded data.
func LoadPrivateKey(data []byte) (interface{}, error) {
	input := data

	block, _ := pem.Decode(data)
	if block != nil {
		input = block.Bytes
	}

	var priv interface{}
	priv, err0 := x509.ParsePKCS1PrivateKey(input)
	if err0 == nil {
		return priv, nil
	}

	priv, err1 := x509.ParsePKCS8PrivateKey(input)
	if err1 == nil {
		return priv, nil
	}

	priv, err2 := x509.ParseECPrivateKey(input)
	if err2 == nil {
		return priv, nil
	}

	return nil, fmt.Errorf("square/go-jose: parse error, got '%s', '%s' and '%s'", err0, err1, err2)
}
开发者ID:CometKim,项目名称:platform,代码行数:27,代码来源:utils.go


注:本文中的crypto/x509.ParseECPrivateKey函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。