-
Star
(118)
You must be signed in to star a gist -
Fork
(31)
You must be signed in to fork a gist
-
-
Save sdorra/1c95de8cb80da31610d2ad767cd6f251 to your computer and use it in GitHub Desktop.
| /* | |
| * Genarate rsa keys. | |
| */ | |
| package main | |
| import ( | |
| "crypto/rand" | |
| "crypto/rsa" | |
| "crypto/x509" | |
| "encoding/asn1" | |
| "encoding/gob" | |
| "encoding/pem" | |
| "fmt" | |
| "os" | |
| ) | |
| func main() { | |
| reader := rand.Reader | |
| bitSize := 2048 | |
| key, err := rsa.GenerateKey(reader, bitSize) | |
| checkError(err) | |
| publicKey := key.PublicKey | |
| saveGobKey("private.key", key) | |
| savePEMKey("private.pem", key) | |
| saveGobKey("public.key", publicKey) | |
| savePublicPEMKey("public.pem", publicKey) | |
| } | |
| func saveGobKey(fileName string, key interface{}) { | |
| outFile, err := os.Create(fileName) | |
| checkError(err) | |
| defer outFile.Close() | |
| encoder := gob.NewEncoder(outFile) | |
| err = encoder.Encode(key) | |
| checkError(err) | |
| } | |
| func savePEMKey(fileName string, key *rsa.PrivateKey) { | |
| outFile, err := os.Create(fileName) | |
| checkError(err) | |
| defer outFile.Close() | |
| var privateKey = &pem.Block{ | |
| Type: "PRIVATE KEY", | |
| Bytes: x509.MarshalPKCS1PrivateKey(key), | |
| } | |
| err = pem.Encode(outFile, privateKey) | |
| checkError(err) | |
| } | |
| func savePublicPEMKey(fileName string, pubkey rsa.PublicKey) { | |
| asn1Bytes, err := asn1.Marshal(pubkey) | |
| checkError(err) | |
| var pemkey = &pem.Block{ | |
| Type: "PUBLIC KEY", | |
| Bytes: asn1Bytes, | |
| } | |
| pemfile, err := os.Create(fileName) | |
| checkError(err) | |
| defer pemfile.Close() | |
| err = pem.Encode(pemfile, pemkey) | |
| checkError(err) | |
| } | |
| func checkError(err error) { | |
| if err != nil { | |
| fmt.Println("Fatal error ", err.Error()) | |
| os.Exit(1) | |
| } | |
| } |
You can also replace asn1Bytes, err := asn1.Marshal(pubkey) with asn1Bytes, err := x509.MarshalPKIXPublicKey(&pubkey) if you want DER-encoded PKIX format.
A fantastic example. Very precise...
Thanks.
In fact, for the code to work properly, the change suggested by Xeoncross must be made.
Thank you all
if any one knows how to save in .der format ?
Very well done, thank you. The only thing I would add are permissions on the private key file for ssh.
Awesome example. Thanks
Nice, but fails when using the generated public key to verify jwt token with https://github.com/dgrijalva/jwt-go. @xeoncross comment fixes the error.
@sdorra Why does the code example generate same private and public key while the code is executing one more time ?
@muratsplat If you run it on play.golang.org it will always produce the same result. If you don't check the errors you might find that O_CREATE fails on the second run because the file already exists.
Sorry I forgot the test result is cached on the test. That reason make to show same result. You are right.
@xeoncross thanks for feedback..
Amazing! This and the comments saved me a bunch of time implementing this, especially @ugokoli's comment about jwt-go
For PKCS#1 Formatting, the lable should be starts with RSA PRIVATE KEY instead of PRIVATE KEY. Nice code snippets 😃
var privateKey = &pem.Block{
Type: "RSA PRIVATE KEY",
Bytes: x509.MarshalPKCS1PrivateKey(key),
}
yo man, after a single look at your code i felt like it's really beatiful and ... i love u bruh thx for that implementation!
You can also replace
asn1Bytes, err := asn1.Marshal(pubkey)withasn1Bytes, err := x509.MarshalPKIXPublicKey(&pubkey)if you want DER-encoded PKIX format.
Thanks a lot
brilliant example, exactly to the point.