Public key encryption

Public key encryption and decryption requires two keys: one to encrypt and a second one to decrypt. The encryption key is usually made public in some way so that anyone can encrypt messages to you. The decryption key must stay private, otherwise everyone would be able to decrypt those messages! Public key systems are asymmetric, with different keys for different uses.

There are many public key encryption systems supported by Go. A typical one is the RSA scheme.

A program generating RSA private and public keys is 

  1. /* GenRSAKeys
  2.  */
  4. package main
  6. import (
  7.     "crypto/rand"
  8.     "crypto/rsa"
  9.     "crypto/x509"
  10.     "encoding/gob"
  11.     "encoding/pem"
  12.     "fmt"
  13.     "os"
  14. )
  16. func main() {
  17.     reader := rand.Reader
  18.     bitSize := 512
  19.     key, err := rsa.GenerateKey(reader, bitSize)
  20.     checkError(err)
  22.     fmt.Println("Private key primes", key.Primes[0].String(), key.Primes[1].String())
  23.     fmt.Println("Private key exponent", key.D.String())
  25.     publicKey := key.PublicKey
  26.     fmt.Println("Public key modulus", publicKey.N.String())
  27.     fmt.Println("Public key exponent", publicKey.E)
  29.     saveGobKey("private.key", key)
  30.     saveGobKey("public.key", publicKey)
  32.     savePEMKey("private.pem", key)
  33. }
  35. func saveGobKey(fileName string, key interface{}) {
  36.     outFile, err := os.Create(fileName)
  37.     checkError(err)
  38.     encoder := gob.NewEncoder(outFile)
  39.     err = encoder.Encode(key)
  40.     checkError(err)
  41.     outFile.Close()
  42. }
  44. func savePEMKey(fileName string, key *rsa.PrivateKey) {
  46.     outFile, err := os.Create(fileName)
  47.     checkError(err)
  49.     var privateKey = &pem.Block{Type: "RSA PRIVATE KEY",
  50.         Bytes: x509.MarshalPKCS1PrivateKey(key)}
  52.     pem.Encode(outFile, privateKey)
  54.     outFile.Close()
  55. }
  57. func checkError(err error) {
  58.     if err != nil {
  59.         fmt.Println("Fatal error ", err.Error())
  60.         os.Exit(1)
  61.     }
  62. }

The program also saves the certificates using gob serialisation. They can be read back by this program:

  1. /* LoadRSAKeys
  2.  */
  4. package main
  6. import (
  7.     "crypto/rsa"
  8.     "encoding/gob"
  9.     "fmt"
  10.     "os"
  11. )
  13. func main() {
  14.     var key rsa.PrivateKey
  15.     loadKey("private.key", &key)
  17.     fmt.Println("Private key primes", key.Primes[0].String(), key.Primes[1].String())
  18.     fmt.Println("Private key exponent", key.D.String())
  20.     var publicKey rsa.PublicKey
  21.     loadKey("public.key", &publicKey)
  23.     fmt.Println("Public key modulus", publicKey.N.String())
  24.     fmt.Println("Public key exponent", publicKey.E)
  25. }
  27. func loadKey(fileName string, key interface{}) {
  28.     inFile, err := os.Open(fileName)
  29.     checkError(err)
  30.     decoder := gob.NewDecoder(inFile)
  31.     err = decoder.Decode(key)
  32.     checkError(err)
  33.     inFile.Close()
  34. }
  36. func checkError(err error) {
  37.     if err != nil {
  38.         fmt.Println("Fatal error ", err.Error())
  39.         os.Exit(1)
  40.     }
  41. }