How to create RSA private key with passphrase in Go?

Issue

How to create RSA private key with passphrase in Go?

I read the documentation for the crypto package but I was unable to piece together a solution from it.

Solution

First step, generate a private key.
Second step, convert it to PEM format. Third step, encrypt the PEM.

All can be done using Golang’s standard library, which is very complete. The code is nothing difficult so I put it here. All there is to it is to know which functions to use.

import (
    "crypto/rand"
    "crypto/rsa"
    "crypto/x509"
    "encoding/pem"
)

func PrivateKeyToEncryptedPEM(bits int, pwd string) ([]byte, error) {
    // Generate the key of length bits
    key, err := rsa.GenerateKey(rand.Reader, bits)
    if err != nil {
        return nil, err
    }

    // Convert it to pem
    block := &pem.Block{
        Type:  "RSA PRIVATE KEY",
        Bytes: x509.MarshalPKCS1PrivateKey(key),
    }

    // Encrypt the pem
    if pwd != "" {
        block, err = x509.EncryptPEMBlock(rand.Reader, block.Type, block.Bytes, []byte(pwd), x509.PEMCipherAES256)
        if err != nil {
            return nil, err
        }
    }

    return pem.EncodeToMemory(block), nil
}

Answered By – T. Claverie

Answer Checked By – Candace Johnson (GoLangFix Volunteer)

Leave a Reply

Your email address will not be published.