php RSA openssl_private_encrypt(): key param is not a valid private key 报错

环境:php 7.32

开头连接符与结尾连接符 用 \n 连接即可

<div class="post-text" itemprop="text"> <p>I'm trying to implement <a href="http://docs.opscode.com/api_chef_server.html" rel="nofollow noreferrer">Chef API client</a> in Go, but stuck trying to create correct request header RSA signature. According to <a href="http://docs.opscode.com/api_chef_server.html" rel="nofollow noreferrer">documentation</a>:</p> <blockquote> <p>A canonical header is signed with the private key used by the client machine from which the request is sent, and is also encoded using Base64.</p> </blockquote> <p>The following ruby call to <code>OpenSSL::PKey::RSA.private_encrypt()</code> can be found in <code>mixlib-authentication</code> <a href="https://github.com/opscode/mixlib-authentication/blob/master/lib/mixlib/authentication/signedheaderauth.rb#L94" rel="nofollow noreferrer">gem code</a>, it uses <a href="http://ruby-doc.org/stdlib-1.9.2/libdoc/openssl/rdoc/OpenSSL/PKey/RSA.html#method-i-private_encrypt" rel="nofollow noreferrer">OpenSSL bindings</a>, <code>private_encrypt()</code> method calls <code>RSA_private_encrypt</code> <a href="http://www.openssl.org/docs/crypto/RSA_private_encrypt.html" rel="nofollow noreferrer">openssl function</a>.</p> <p>Unfortunately, I cannot find matching function in Go's standard library; <a href="http://golang.org/pkg/crypto/rsa/" rel="nofollow noreferrer"><code>crypto/rsa</code></a> looks close, but it only implements conventional cryptography methods: encryption with <em>public</em> key, hash signing with <em>private</em> key. OpenSSL's <code>RSA_private_encrypt</code> does the opposite: it encrypts (small) message with private key (akin to creating a signature from message hash).</p> <p>This "signing" can also be achieved with this command:</p> <pre><code>openssl rsautl -sign -inkey path/to/private/key.pem \ -in file/to/encrypt -out encrypted/output </code></pre> <p>Are there any native Go libraries to achieve the same result as OpenSSL's <code>RSA_private_encrypt</code>, or the only way is using Cgo to call this function from OpenSSL library? Maybe I'm missing something. My idea was implementing the client without any non-go dependencies.</p> <p>I'm a Go newbie, so I'm not sure I can dive into <code>crypto/rsa</code> module sources.</p> <hr> <p>Found the <a href="https://stackoverflow.com/questions/3107143/how-do-i-encrypt-with-an-rsa-private-key-read-from-a-pem-file-using-the-go-progr">similar question</a>, but <a href="https://stackoverflow.com/a/3114679/229034">the answer</a> to use <code>SignPKCS1v15</code> is obviously wrong (this <a href="http://golang.org/pkg/crypto/rsa/#SignPKCS1v15" rel="nofollow noreferrer">function encrypts message's hash, not the message itself</a>).</p> </div>
©️2020 CSDN 皮肤主题: 大白 设计师:CSDN官方博客 返回首页