You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

127 lines
3.5 KiB

3 years ago
package rsa
import (
"bytes"
"crypto"
"crypto/rand"
"crypto/rsa"
"crypto/sha1"
"crypto/x509"
"encoding/base64"
"fmt"
)
//Secret defines the private key type
type Secret uint
const (
PKCS1 Secret = iota
PKCS8
)
// SignWithSha1Base64 @Title 签名 采用sha1算法进行签名并输出为Base64格式
func SignWithSha1Base64(data string, privateKey *rsa.PrivateKey) (string, error) {
h := sha1.New()
h.Write([]byte(data))
hash := h.Sum(nil)
signature, err := rsa.SignPKCS1v15(rand.Reader, privateKey, crypto.SHA1, hash[:])
if err != nil {
return "", err
}
out := base64.StdEncoding.EncodeToString(signature)
return out, nil
}
// EncryptWithSha1Base64 @Title 加密 采用sha1算法加密后转base64格式
func EncryptWithSha1Base64(originalData string, publicKey *rsa.PublicKey) (string, error) {
partLen := publicKey.N.BitLen()/8 - 11
chunks := split([]byte(originalData), partLen)
buff := bytes.NewBufferString("")
for _, chunk := range chunks {
encryptedData, err := rsa.EncryptPKCS1v15(rand.Reader, publicKey, chunk)
if err != nil {
return "", err
}
buff.Write(encryptedData)
}
return base64.StdEncoding.EncodeToString(buff.Bytes()), nil
}
// DecryptWithSha1Base64 @Title 解密 对采用sha1算法加密后转base64格式的数据进行解密
func DecryptWithSha1Base64(encryptedData string, privateKey *rsa.PrivateKey) (string, error) {
encryptedDecodeBytes, err := base64.StdEncoding.DecodeString(encryptedData)
if err != nil {
return "", err
}
partLen := privateKey.PublicKey.N.BitLen() / 8
chunks := split(encryptedDecodeBytes, partLen)
buffer := bytes.NewBufferString("")
for _, chunk := range chunks {
decrypted, err := rsa.DecryptPKCS1v15(rand.Reader, privateKey, chunk)
if err != nil {
return "", err
}
buffer.Write(decrypted)
}
return buffer.String(), err
}
func split(buf []byte, lim int) [][]byte {
var chunk []byte
chunks := make([][]byte, 0, len(buf)/lim+1)
for len(buf) >= lim {
chunk, buf = buf[:lim], buf[lim:]
chunks = append(chunks, chunk)
}
if len(buf) > 0 {
chunks = append(chunks, buf[:len(buf)])
}
return chunks
}
//ParsePrivateKey parses private key bytes to rsa privateKey
func ParsePrivateKey(privateKeyDecoded string, keyType Secret) (*rsa.PrivateKey, error) {
decodeString, err := base64.StdEncoding.DecodeString(privateKeyDecoded)
if err != nil {
return nil, err
}
switch keyType {
case PKCS1:
return x509.ParsePKCS1PrivateKey(decodeString)
case PKCS8:
keyParsed, err := x509.ParsePKCS8PrivateKey(decodeString)
return keyParsed.(*rsa.PrivateKey), err
default:
return &rsa.PrivateKey{}, fmt.Errorf("secretInfo PrivateKeyDataType unsupport")
}
}
//ParsePublicKey parses public key bytes to rsa publicKey
func ParsePublicKey(privateKeyDecoded string) (*rsa.PublicKey, error) {
decodeString, err := base64.StdEncoding.DecodeString(privateKeyDecoded)
if err != nil {
return nil, err
}
publicKey, err := x509.ParsePKIXPublicKey(decodeString)
if err != nil {
return nil, err
}
return publicKey.(*rsa.PublicKey), nil
}
// ParseCertificate 解析证书
func ParseCertificate(certString string) (*x509.Certificate, error) {
decodeString, _ := base64.StdEncoding.DecodeString(certString)
return x509.ParseCertificate(decodeString)
}
// RsaEncrypt @Title Rsa加密
func RsaEncrypt(origData []byte, publicKey *rsa.PublicKey) ([]byte, error) {
return rsa.EncryptPKCS1v15(rand.Reader, publicKey, origData)
}
// RsaDecrypt @Title Rsa解密
func RsaDecrypt(ciphertext []byte, privateKey *rsa.PrivateKey) ([]byte, error) {
return rsa.DecryptPKCS1v15(rand.Reader, privateKey, ciphertext)
}