I have to translate PHP code to Golang and I encoutered this problem.
Of course Go can load x509 private keys, but there is no "do-what-I-want" function, such as openssl_pkey_get_private.
After PEM decoding the key (and possibly decrypting it), use one of the Parse*PrivateKey functions in the x509 package:
package main
import (
"crypto"
"crypto/x509"
"encoding/pem"
"fmt"
"io/ioutil"
"log"
"strings"
)
func main() {
pemBytes, err := ioutil.ReadFile("sample.key.pem")
check(err)
block := firstPrivateKey(pemBytes)
if block == nil {
log.Fatal("No private key in input")
}
derBytes := block.Bytes
if x509.IsEncryptedPEMBlock(block) {
derBytes, err = x509.DecryptPEMBlock(block, []byte("password"))
check(err)
}
var key crypto.PrivateKey
switch block.Type {
case "RSA PRIVATE KEY":
key, err = x509.ParsePKCS1PrivateKey(derBytes) // or PKCS8
check(err)
case "EC PRIVATE KEY":
key, err = x509.ParseECPrivateKey(derBytes)
check(err)
default:
log.Fatal("Unsupported key type")
}
fmt.Println(key)
}
func firstPrivateKey(pemBytes []byte) *pem.Block {
var block *pem.Block
for len(pemBytes) > 0 {
block, pemBytes = pem.Decode(pemBytes)
if strings.HasSuffix(block.Type, " PRIVATE KEY") {
return block
}
}
return nil
}
func check(err error) {
if err != nil {
log.Fatal(err)
}
}