[go-nuts] Re: x509.ParsePKCS1PrivateKey fails to parse key generated with openssl

Tue, 21 Apr 2020 09:47:27 -0700 

I had to do the same thing in order to create a JWT for salesforce 
integration and the caveat was that the pem file
was encoded, this worked for me, notice as stated above pem.Decode() is 
needed.

package auth

import (
        "crypto/x509"
        "encoding/pem"
        "fmt"
        jwt "github.com/dgrijalva/jwt-go"
        "io/ioutil"
        "time"
)

func createToken() (token string, err error) {
        claims := jwt.StandardClaims{
                Issuer:    "client_id",
                Subject:   "em...@gmail.com",
                Audience:  "https://login.salesforce.com";,
                ExpiresAt: time.Now().Add(time.Minute * 3).Unix(),
        }

        at := jwt.NewWithClaims(jwt.SigningMethodRS256, claims)
        crt, err := ioutil.ReadFile("test-crt/private_key.pem")
        if err != nil {
                panic(err)
        }
        block, _ := pem.Decode(crt)
        if block == nil {
                fmt.Println("No PEM blob found")
        }
        signKey, err := x509.ParsePKCS8PrivateKey(block.Bytes)
        if err != nil {
                panic(err)
        }
        token, err = at.SignedString(signKey)
        if err != nil {
                return
        }
        return
}



On Tuesday, April 21, 2020 at 11:08:22 AM UTC-5, James Mackerel wrote:
>
> Hi, 
>
> Please take a look at <
> https://stackoverflow.com/questions/48958304/pkcs1-and-pkcs8-format-for-rsa-private-key
> >.
>
> If this is your code to parse your private key:
>
>     f, err := os.Open(file)
>>     if err != nil {
>>         return nil, err
>>     }
>>     buf, err := ioutil.ReadAll(f)
>>     if err != nil {
>>         return nil, err
>>     }
>>     p, _ := pem.Decode(buf)
>>     if p == nil {
>>         return nil, errors.New("no pem block found")
>>     }
>>     return x509.ParsePKCS1PrivateKey(p.
>> Bytes)
>>
>
> I tried your commands. key.pem seems like a pkcs8 encoded key, and 
> rsakey.pem seems like a pkcs1 key. That
> may be the reason why you got an error when you try to parse a pkcs8 
> private key with ParsePKCS1PrivateKey.
>
> James
>

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/golang-nuts/752d5e21-7d7d-4ce7-a85d-994ccd8b3d7e%40googlegroups.com.

Reply via email to