go - How to create .der file in golang same as openssl do

Collectives™ on Stack Overflow

Find centralized, trusted content and collaborate around the technologies you use most.

Learn more about Collectives

Teams

Q&A for work

Connect and share knowledge within a single location that is structured and easy to search.

Learn more about Teams Actually, the OpenSSL statement extracts the public X.509 DER encoded key from a private PKCS#8 PEM encoded key. This can be achieved with the functions


    ParsePKCS8PrivateKey()

and


    MarshalPKIXPublicKey()

from the X509 package. – Topaco Dec 6, 2021 at 8:52

You might consider a library like google/trillian , which does include a MustMarshalPublicPEMToDER(keyPEM string) []byte function.

// MustMarshalPublicPEMToDER reads a PEM-encoded public key and returns it in DER encoding.
// If an error occurs, it panics.
func MustMarshalPublicPEMToDER(keyPEM string) []byte {
    block, _ := pem.Decode([]byte(keyPEM))
    key, err := x509.ParsePKIXPublicKey(block.Bytes)
    if err != nil {
        panic(err)
    keyDER, err := x509.MarshalPKIXPublicKey(key)
    if err != nil {
        panic(err)
    return keyDER
As the comment of this function shows, this reads a PEM-encoded public key.
As noted by Topaco, you would need crypto/x509#ParsePKCS8PrivateKey in order to read a private PKCS#8 PEM encoded key.

The marshal part does not change.
        Thanks for contributing an answer to Stack Overflow!
Please be sure to answer the question. Provide details and share your research!
But avoid …
Asking for help, clarification, or responding to other answers.
Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.