Golang : Encrypt and decrypt data with x509 crypto

This is a simple tutorial demonstrating how to encrypt and decrypt string data with Golang's crypto/x509 package. We will use the EncryptPEMBlock and DecryptPEMBlock functions.

The source code :

 package main

 import (
 "fmt"
 "crypto/rand"
 "crypto/x509"
 "os"
 )

 func main() {

 blockType := "RSA PRIVATE KEY"
 password := []byte("password")


 // see http://golang.org/pkg/crypto/x509/#pkg-constants
 cipherType := x509.PEMCipherAES256

 EncryptedPEMBlock, err := x509.EncryptPEMBlock(rand.Reader,
 blockType,
 []byte("secret message"),
 password,
 cipherType)

 if err != nil {
 fmt.Println(err)
 os.Exit(1)
 }


 // check if encryption is successful or not

 if !x509.IsEncryptedPEMBlock(EncryptedPEMBlock) {
 fmt.Println("PEM Block is not encrypted!")
 os.Exit(1)
 }


 if EncryptedPEMBlock.Type != blockType {
 fmt.Println("Block type is wrong!")
 os.Exit(1)
 }

 fmt.Printf("Encrypted block \n%v\n", EncryptedPEMBlock)

 fmt.Printf("Encrypted Block Headers Info : %v\n", EncryptedPEMBlock.Headers)

 DecryptedPEMBlock, err := x509.DecryptPEMBlock(EncryptedPEMBlock, password)

 if err != nil {
 fmt.Println(err)
 os.Exit(1)
 }

 fmt.Printf("Decrypted block message is :  \n%s\n", DecryptedPEMBlock)

 }

Sample output :

Encrypted block &{RSA PRIVATE KEY map[Proc-Type:4,ENCRYPTED DEK-Info:AES-256-CBC,9f08b2afcf44a3115f8eacc78600a108] [133 90 249 15 68 167 149 212 114 250 51 248 47 5 137 144]}

Encrypted Block Headers Info : map[Proc-Type:4,ENCRYPTED DEK-Info:AES-256-CBC,9f08b2afcf44a3115f8eacc78600a108]

Decrypted block message is : secret message

Golang : Encrypt and decrypt data with x509 crypto

See also : Golang : Create x509 certificate, private and public keys

By Adam Ng

Advertisement

Tutorials