php RSA openssl_private_encrypt(): key param is not a valid private key 报错

环境:php 7.32

开头连接符与结尾连接符 用 \n 连接即可

<div class="post-text" itemprop="text"> <p>I'm trying to implement <a href="" rel="nofollow noreferrer">Chef API client</a> in Go, but stuck trying to create correct request header RSA signature. According to <a href="" rel="nofollow noreferrer">documentation</a>:</p> <blockquote> <p>A canonical header is signed with the private key used by the client machine from which the request is sent, and is also encoded using Base64.</p> </blockquote> <p>The following ruby call to <code>OpenSSL::PKey::RSA.private_encrypt()</code> can be found in <code>mixlib-authentication</code> <a href="" rel="nofollow noreferrer">gem code</a>, it uses <a href="" rel="nofollow noreferrer">OpenSSL bindings</a>, <code>private_encrypt()</code> method calls <code>RSA_private_encrypt</code> <a href="" rel="nofollow noreferrer">openssl function</a>.</p> <p>Unfortunately, I cannot find matching function in Go's standard library; <a href="" rel="nofollow noreferrer"><code>crypto/rsa</code></a> looks close, but it only implements conventional cryptography methods: encryption with <em>public</em> key, hash signing with <em>private</em> key. OpenSSL's <code>RSA_private_encrypt</code> does the opposite: it encrypts (small) message with private key (akin to creating a signature from message hash).</p> <p>This "signing" can also be achieved with this command:</p> <pre><code>openssl rsautl -sign -inkey path/to/private/key.pem \ -in file/to/encrypt -out encrypted/output </code></pre> <p>Are there any native Go libraries to achieve the same result as OpenSSL's <code>RSA_private_encrypt</code>, or the only way is using Cgo to call this function from OpenSSL library? Maybe I'm missing something. My idea was implementing the client without any non-go dependencies.</p> <p>I'm a Go newbie, so I'm not sure I can dive into <code>crypto/rsa</code> module sources.</p> <hr> <p>Found the <a href="">similar question</a>, but <a href="">the answer</a> to use <code>SignPKCS1v15</code> is obviously wrong (this <a href="" rel="nofollow noreferrer">function encrypts message's hash, not the message itself</a>).</p> </div>
©️2020 CSDN 皮肤主题: 大白 设计师:CSDN官方博客 返回首页