huangjiajun
/
community_team
1
0
派生 0
代码 工单 0 合并请求 0 版本发布 0 百科 动态
附近小店
您最多选择25个主题 主题必须以字母或数字开头,可以包含连字符 (-),并且长度不得超过35个字符
23 提交
1 分支
2.3 MiB
 
 
 
目录树: d99edbc520
分支列表 标签列表
${ item.name }
创建分支 ${ searchTerm }
从 'd99edbc520'
${ noResults }
community_team/app/utils/rsa.go

232 行
5.2 KiB
原始文件 Blame 文件历史 

  1. package utils

  2. 

  3. import (

  4. 	"bytes"

  5. 	"crypto"

  6. 	"crypto/rand"

  7. 	"crypto/rsa"

  8. 	"crypto/sha256"

  9. 	"crypto/x509"

  10. 	"encoding/base64"

  11. 	"encoding/pem"

  12. 	"errors"

  13. 	"fmt"

  14. 	"io/ioutil"

  15. 	"log"

  16. 	"os"

  17. 	"strings"

  18. )

  19. 

  20. // 生成私钥文件 TODO 未指定路径

  21. func RsaKeyGen(bits int) error {

  22. 	privateKey, err := rsa.GenerateKey(rand.Reader, bits)

  23. 	if err != nil {

  24. 		return err

  25. 	}

  26. 	derStream := x509.MarshalPKCS1PrivateKey(privateKey)

  27. 	block := &pem.Block{

  28. 		Type:  "RSA PRIVATE KEY",

  29. 		Bytes: derStream,

  30. 	}

  31. 	priFile, err := os.Create("private.pem")

  32. 	if err != nil {

  33. 		return err

  34. 	}

  35. 	err = pem.Encode(priFile, block)

  36. 	priFile.Close()

  37. 	if err != nil {

  38. 		return err

  39. 	}

  40. 	// 生成公钥文件

  41. 	publicKey := &privateKey.PublicKey

  42. 	derPkix, err := x509.MarshalPKIXPublicKey(publicKey)

  43. 	if err != nil {

  44. 		return err

  45. 	}

  46. 	block = &pem.Block{

  47. 		Type:  "PUBLIC KEY",

  48. 		Bytes: derPkix,

  49. 	}

  50. 	pubFile, err := os.Create("public.pem")

  51. 	if err != nil {

  52. 		return err

  53. 	}

  54. 	err = pem.Encode(pubFile, block)

  55. 	pubFile.Close()

  56. 	if err != nil {

  57. 		return err

  58. 	}

  59. 	return nil

  60. }

  61. 

  62. // 生成私钥文件, 返回 privateKey , publicKey, error

  63. func RsaKeyGenText(bits int) (string, string, error) { // bits 字节位 1024/2048

  64. 	privateKey, err := rsa.GenerateKey(rand.Reader, bits)

  65. 	if err != nil {

  66. 		return "", "", err

  67. 	}

  68. 	derStream := x509.MarshalPKCS1PrivateKey(privateKey)

  69. 	block := &pem.Block{

  70. 		Type:  "RSA PRIVATE KEY",

  71. 		Bytes: derStream,

  72. 	}

  73. 	priBuff := bytes.NewBuffer(nil)

  74. 	err = pem.Encode(priBuff, block)

  75. 	if err != nil {

  76. 		return "", "", err

  77. 	}

  78. 	// 生成公钥文件

  79. 	publicKey := &privateKey.PublicKey

  80. 	derPkix, err := x509.MarshalPKIXPublicKey(publicKey)

  81. 	if err != nil {

  82. 		return "", "", err

  83. 	}

  84. 	block = &pem.Block{

  85. 		Type:  "PUBLIC KEY",

  86. 		Bytes: derPkix,

  87. 	}

  88. 	pubBuff := bytes.NewBuffer(nil)

  89. 	err = pem.Encode(pubBuff, block)

  90. 	if err != nil {

  91. 		return "", "", err

  92. 	}

  93. 	return priBuff.String(), pubBuff.String(), nil

  94. }

  95. 

  96. // 加密

  97. func RsaEncrypt(rawData, publicKey []byte) ([]byte, error) {

  98. 	block, _ := pem.Decode(publicKey)

  99. 	if block == nil {

  100. 		return nil, errors.New("public key error")

  101. 	}

  102. 	pubInterface, err := x509.ParsePKIXPublicKey(block.Bytes)

  103. 	if err != nil {

  104. 		return nil, err

  105. 	}

  106. 	pub := pubInterface.(*rsa.PublicKey)

  107. 	return rsa.EncryptPKCS1v15(rand.Reader, pub, rawData)

  108. }

  109. 

  110. // 公钥加密

  111. func RsaEncrypts(data, keyBytes []byte) []byte {

  112. 	//解密pem格式的公钥

  113. 	block, _ := pem.Decode(keyBytes)

  114. 	if block == nil {

  115. 		panic(errors.New("public key error"))

  116. 	}

  117. 	// 解析公钥

  118. 	pubInterface, err := x509.ParsePKIXPublicKey(block.Bytes)

  119. 	if err != nil {

  120. 		panic(err)

  121. 	}

  122. 	// 类型断言

  123. 	pub := pubInterface.(*rsa.PublicKey)

  124. 	//加密

  125. 	ciphertext, err := rsa.EncryptPKCS1v15(rand.Reader, pub, data)

  126. 	if err != nil {

  127. 		panic(err)

  128. 	}

  129. 	return ciphertext

  130. }

  131. 

  132. // 解密

  133. func RsaDecrypt(cipherText, privateKey []byte) ([]byte, error) {

  134. 	block, _ := pem.Decode(privateKey)

  135. 	if block == nil {

  136. 		return nil, errors.New("private key error")

  137. 	}

  138. 	priv, err := x509.ParsePKCS1PrivateKey(block.Bytes)

  139. 	if err != nil {

  140. 		return nil, err

  141. 	}

  142. 	return rsa.DecryptPKCS1v15(rand.Reader, priv, cipherText)

  143. }

  144. func SyRsaEncrypt(signStr, signature, privateKeyBytes string) error {

  145. 	h := sha256.New()

  146. 	h.Write([]byte(signStr))

  147. 	d := h.Sum(nil)

  148. 	sign, _ := base64.StdEncoding.DecodeString(signature)

  149. 	pub, err := ParsePKIXPublicKey(privateKeyBytes)

  150. 	err = rsa.VerifyPKCS1v15(pub, crypto.SHA256, d, sign)

  151. 	if err != nil {

  152. 		return err

  153. 	}

  154. 

  155. 	return nil

  156. }

  157. func FormatPublicKey(publicKey string) (pKey string) {

  158. 	var buffer strings.Builder

  159. 	buffer.WriteString("-----BEGIN PUBLIC KEY-----\n")

  160. 	rawLen := 64

  161. 	keyLen := len(publicKey)

  162. 	raws := keyLen / rawLen

  163. 	temp := keyLen % rawLen

  164. 	if temp > 0 {

  165. 		raws++

  166. 	}

  167. 	start := 0

  168. 	end := start + rawLen

  169. 	for i := 0; i < raws; i++ {

  170. 		if i == raws-1 {

  171. 			buffer.WriteString(publicKey[start:])

  172. 		} else {

  173. 			buffer.WriteString(publicKey[start:end])

  174. 		}

  175. 		buffer.WriteByte('\n')

  176. 		start += rawLen

  177. 		end = start + rawLen

  178. 	}

  179. 	buffer.WriteString("-----END PUBLIC KEY-----\n")

  180. 	pKey = buffer.String()

  181. 	return

  182. }

  183. 

  184. func ParsePKIXPublicKey(privateKey string) (*rsa.PublicKey, error) {

  185. 

  186. 	privateKey = FormatPublicKey(privateKey)

  187. 	// 2、解码私钥字节,生成加密对象

  188. 	block, _ := pem.Decode([]byte(privateKey))

  189. 	if block == nil {

  190. 

  191. 		return nil, errors.New("私钥信息错误!")

  192. 	}

  193. 	// 3、解析DER编码的私钥,生成私钥对象

  194. 	priKey, err := x509.ParsePKIXPublicKey(block.Bytes)

  195. 	if err != nil {

  196. 

  197. 		return nil, err

  198. 	}

  199. 	return priKey.(*rsa.PublicKey), nil

  200. }

  201. 

  202. // 从证书获取公钥

  203. func OpensslPemGetPublic(pathOrString string) (interface{}, error) {

  204. 	var certPem []byte

  205. 	var err error

  206. 	if IsFile(pathOrString) && Exists(pathOrString) {

  207. 		certPem, err = ioutil.ReadFile(pathOrString)

  208. 		if err != nil {

  209. 			return nil, err

  210. 		}

  211. 		if string(certPem) == "" {

  212. 			return nil, errors.New("empty pem file")

  213. 		}

  214. 	} else {

  215. 		if pathOrString == "" {

  216. 			return nil, errors.New("empty pem string")

  217. 		}

  218. 		certPem = StringToSlice(pathOrString)

  219. 	}

  220. 	block, rest := pem.Decode(certPem)

  221. 	if block == nil || block.Type != "PUBLIC KEY" {

  222. 		//log.Fatal("failed to decode PEM block containing public key")

  223. 		return nil, errors.New("failed to decode PEM block containing public key")

  224. 	}

  225. 	pub, err := x509.ParsePKIXPublicKey(block.Bytes)

  226. 	if err != nil {

  227. 		log.Fatal(err)

  228. 	}

  229. 	fmt.Printf("Got a %T, with remaining data: %q", pub, rest)

  230. 	return pub, nil

  231. }