Beispiel #1
0
func (pk *PrivateKey) parseRSAPrivateKey(data []byte) (err error) {
	rsaPub := pk.PublicKey.PublicKey.(*rsa.PublicKey)
	rsaPriv := new(rsa.PrivateKey)
	rsaPriv.PublicKey = *rsaPub

	buf := bytes.NewBuffer(data)
	d, _, err := readMPI(buf)
	if err != nil {
		return
	}
	p, _, err := readMPI(buf)
	if err != nil {
		return
	}
	q, _, err := readMPI(buf)
	if err != nil {
		return
	}

	rsaPriv.D = new(big.Int).SetBytes(d)
	rsaPriv.Primes = make([]*big.Int, 2)
	rsaPriv.Primes[0] = new(big.Int).SetBytes(p)
	rsaPriv.Primes[1] = new(big.Int).SetBytes(q)
	if err := rsaPriv.Validate(); err != nil {
		return err
	}
	rsaPriv.Precompute()
	pk.PrivateKey = rsaPriv
	pk.Encrypted = false
	pk.encryptedData = nil

	return nil
}
Beispiel #2
0
func NewRsaEncrypt(privateKeyInput io.Reader, keyBytes int, newHash func() hash.Hash) (*RsaEncrypt, error) {
	data, err := ioutil.ReadAll(privateKeyInput)
	if err != nil {
		return nil, err
	}

	var block *pem.Block
	if block, _ = pem.Decode(data); block == nil || block.Type != "RSA PRIVATE KEY" {
		return nil, errors.New("wrong private key")
	}

	var privateKey *rsa.PrivateKey
	if privateKey, err = x509.ParsePKCS1PrivateKey(block.Bytes); err != nil {
		return nil, err
	}

	privateKey.Precompute()
	if err = privateKey.Validate(); err != nil {
		return nil, err
	}
	h := newHash()
	r := &RsaEncrypt{
		privateKey:  privateKey,
		keyBytes:    keyBytes,
		maxMsgBytes: keyBytes - (h.Size()*2 + 2),
		newHash:     newHash,
	}
	return r, nil
}
Beispiel #3
0
//Generate is use to create a pair of keys (Private and Public) you can specify if you want to save them in a file,
// the path is defined by PrivateKeyPath and PublicKeyPath global variable
func Generate(identifier string, save bool) (*rsa.PrivateKey, *rsa.PublicKey, error) {
	var publickey *rsa.PublicKey
	var privatekey *rsa.PrivateKey

	privatekey, err := rsa.GenerateKey(rand.Reader, 1024)

	if err != nil {
		return nil, nil, err
	}

	privatekey.Precompute()
	err = privatekey.Validate()

	if err != nil {
		return nil, nil, err
	}

	publickey = &privatekey.PublicKey

	if save == true {
		savePrivateKey(privatekey, PrivateKeyPath)
		savePublicKey(publickey, identifier, PublicKeyPath)
	}
	return privatekey, publickey, nil
}
Beispiel #4
0
// NewKeyChain sets up a new keychain based on the RSA private key passed
// in. It ensures the returned keychain is valid.
func NewKeyChain(prv *rsa.PrivateKey) (kc *KeyChain, err error) {
	if err = prv.Validate(); err != nil {
		return
	}
	kc = new(KeyChain)
	kc.Private = prv
	kc.Public = make([]*PubKey, 0)
	return
}
Beispiel #5
0
func GetKey() rsa.PrivateKey {

	var placeholder []byte
	var mykey MyKey
	var key rsa.PrivateKey
	stmt, err := db.Prepare("SELECT key FROM key")
	if err != nil {
		fmt.Println("While SELECTing", err)
	}
	err = stmt.Exec()
	if err != nil {
		fmt.Println("While running Exec()", err)
	}
	for {
		if !stmt.Next() {
			break
		} else {

			stmt.Scan(&placeholder)
			//fmt.Println("Getting key:",string(placeholder))
			err = json.Unmarshal(placeholder, &mykey)
			if err != nil {
				fmt.Println(err)
				os.Exit(1)
			}
			d := big.NewInt(0)
			p := big.NewInt(0)
			q := big.NewInt(0)
			n := big.NewInt(0)
			d.SetString(mykey.D, 10)
			p.SetString(mykey.P, 10)
			q.SetString(mykey.Q, 10)
			n.SetString(mykey.PublicKey.N, 10)

			pubkey := rsa.PublicKey{N: n, E: mykey.PublicKey.E}
			key = rsa.PrivateKey{D: d, P: p, Q: q, PublicKey: pubkey}
			//fmt.Println("KEY:",key)
			err = key.Validate()
			if err != nil {
				fmt.Println("key errors:", err)
			} else {
				//fmt.Println("key looks valid")
			}
		}
	}
	return key
}
Beispiel #6
0
// ParsePKCS1PrivateKey returns an RSA private key from its ASN.1 PKCS#1 DER encoded form.
func ParsePKCS1PrivateKey(der []byte) (*rsa.PrivateKey, error) {
	var priv pkcs1PrivateKey
	rest, err := asn1.Unmarshal(der, &priv)
	if len(rest) > 0 {
		return nil, asn1.SyntaxError{Msg: "trailing data"}
	}
	if err != nil {
		return nil, err
	}

	if priv.Version > 1 {
		return nil, errors.New("x509: unsupported private key version")
	}

	if priv.N.Sign() <= 0 || priv.D.Sign() <= 0 || priv.P.Sign() <= 0 || priv.Q.Sign() <= 0 {
		return nil, errors.New("x509: private key contains zero or negative value")
	}

	key := new(rsa.PrivateKey)
	key.PublicKey = rsa.PublicKey{
		E: priv.E,
		N: priv.N,
	}

	key.D = priv.D
	key.Primes = make([]*big.Int, 2+len(priv.AdditionalPrimes))
	key.Primes[0] = priv.P
	key.Primes[1] = priv.Q
	for i, a := range priv.AdditionalPrimes {
		if a.Prime.Sign() <= 0 {
			return nil, errors.New("x509: private key contains zero or negative prime")
		}
		key.Primes[i+2] = a.Prime
		// We ignore the other two values because rsa will calculate
		// them as needed.
	}

	err = key.Validate()
	if err != nil {
		return nil, err
	}
	key.Precompute()

	return key, nil
}
Beispiel #7
0
// SplitPrivateKey takes an existing rsa.PrivateKey and splits it into two mrsa.PrivateKeys.
// The value of D for the first key is chosen uniformly, and the value for D of the second key
// is thus fixed.
func SplitPrivateKey(k *rsa.PrivateKey) (*PrivateKey, *PrivateKey, error) {

	k1 := &PrivateKey{PublicKey: PublicKey(k.PublicKey)}
	k2 := &PrivateKey{PublicKey: PublicKey(k.PublicKey)}

	err := k.Validate()

	if err != nil {
		return nil, nil, err
	}

	k1.D, err = rand.Int(rand.Reader, k.D)

	if err != nil {
		return nil, nil, err
	}

	k2.D = new(big.Int).Sub(k.D, k1.D)

	return k1, k2, nil
}
Beispiel #8
0
// GenerateKeys creates a public and private key for the current transfer
// returns both
func GenerateKeys() (*rsa.PublicKey, *rsa.PrivateKey) {
	var publicKey *rsa.PublicKey
	var privateKey *rsa.PrivateKey
	var err error

	// Generate Private Key
	if privateKey, err = rsa.GenerateKey(rand.Reader, 1024); err != nil {
		log.Fatal(err)
	}

	// Validate Private Key -- Sanity checks on the key
	if err = privateKey.Validate(); err != nil {
		log.Fatal(err)
	}

	// Precompute some calculations speeds up private key operations in the future
	privateKey.Precompute()

	//Public key address (of an RSA key)
	publicKey = &privateKey.PublicKey

	return publicKey, privateKey
}
func TestRsa() {

	var private_key *rsa.PrivateKey
	var public_key *rsa.PublicKey
	var plain_text, encrypted, decrypted, label []byte
	var err error

	plain_text = []byte("Plain text message to be encrypted")

	//Generate Private Key
	if private_key, err = rsa.GenerateKey(rand.Reader, 1024); err != nil {
		log.Fatal(err)
	}
	fmt.Println(private_key)

	// Precompute some calculations -- Calculations that speed up private key operations in the future
	private_key.Precompute()

	//Validate Private Key -- Sanity checks on the key
	if err = private_key.Validate(); err != nil {
		log.Fatal(err)
	}

	//Public key address (of an RSA key)
	public_key = &private_key.PublicKey

	encrypted = Encrypt_oaep(public_key, plain_text, label)
	decrypted = Decrypt_oaep(private_key, encrypted, label)

	fmt.Printf("OAEP Encrypted [%s] to \n[%x]\n", string(plain_text), encrypted)
	fmt.Printf("OAEP Decrypted [%x] to \n[%s]\n", encrypted, decrypted)

	// To use existing private key (Skipping the GenerateKey, Precompute, Validation steps shown above)
	// This reads pem file and retrieves the public, private key needed to encrypt data
	//use_exsiting_keys()

}
	BeforeEach(func() {
		bits = 2048

		privateKey, publicKey = GenerateKeys(bits)
	})

	Describe("GenerateKeys function", func() {
		It("private key", func() {
			var privKey *rsa.PrivateKey

			block, _ = pem.Decode([]byte(privateKey))

			privKey, err = x509.ParsePKCS1PrivateKey(block.Bytes)
			Expect(err).To(BeNil())

			err = privKey.Validate()
			Expect(err).To(BeNil())

			// public key
			pub := privKey.PublicKey
			pubDer, _ := x509.MarshalPKIXPublicKey(&pub)

			pubBlk := pem.Block{
				Type:    "PUBLIC KEY",
				Headers: nil,
				Bytes:   pubDer,
			}

			// Resultant public key in PEM format.
			pubPem := string(pem.EncodeToMemory(&pubBlk))
			Expect(pubPem).To(Equal(publicKey))