From da76ca3a120c71b7590595cbfd54907467efb3a2 Mon Sep 17 00:00:00 2001 From: kanade Date: Fri, 1 Apr 2022 17:59:51 +0800 Subject: [PATCH] init --- .gitignore | 1 + README.md | 1 + go.mod | 3 ++ rsa.go | 126 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 131 insertions(+) create mode 100644 .gitignore create mode 100644 README.md create mode 100644 go.mod create mode 100644 rsa.go diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..723ef36 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.idea \ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 0000000..fd45240 --- /dev/null +++ b/README.md @@ -0,0 +1 @@ +### rsa工具包 \ No newline at end of file diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..54d2905 --- /dev/null +++ b/go.mod @@ -0,0 +1,3 @@ +module git.oa00.com/go/rsa + +go 1.17 diff --git a/rsa.go b/rsa.go new file mode 100644 index 0000000..002204f --- /dev/null +++ b/rsa.go @@ -0,0 +1,126 @@ +package rsa + +import ( + "bytes" + "crypto" + "crypto/rand" + "crypto/rsa" + "crypto/sha1" + "crypto/x509" + "encoding/base64" + "fmt" +) + +//Secret defines the private key type +type Secret uint + +const ( + PKCS1 Secret = iota + PKCS8 +) + +// SignWithSha1Base64 @Title 签名 采用sha1算法进行签名并输出为Base64格式 +func SignWithSha1Base64(data string, privateKey *rsa.PrivateKey) (string, error) { + h := sha1.New() + h.Write([]byte(data)) + hash := h.Sum(nil) + signature, err := rsa.SignPKCS1v15(rand.Reader, privateKey, crypto.SHA1, hash[:]) + if err != nil { + return "", err + } + out := base64.StdEncoding.EncodeToString(signature) + return out, nil +} + +// EncryptWithSha1Base64 @Title 加密 采用sha1算法加密后转base64格式 +func EncryptWithSha1Base64(originalData string, publicKey *rsa.PublicKey) (string, error) { + partLen := publicKey.N.BitLen()/8 - 11 + chunks := split([]byte(originalData), partLen) + buff := bytes.NewBufferString("") + for _, chunk := range chunks { + encryptedData, err := rsa.EncryptPKCS1v15(rand.Reader, publicKey, chunk) + if err != nil { + return "", err + } + buff.Write(encryptedData) + } + return base64.StdEncoding.EncodeToString(buff.Bytes()), nil +} + +// DecryptWithSha1Base64 @Title 解密 对采用sha1算法加密后转base64格式的数据进行解密 +func DecryptWithSha1Base64(encryptedData string, privateKey *rsa.PrivateKey) (string, error) { + encryptedDecodeBytes, err := base64.StdEncoding.DecodeString(encryptedData) + if err != nil { + return "", err + } + partLen := privateKey.PublicKey.N.BitLen() / 8 + chunks := split(encryptedDecodeBytes, partLen) + buffer := bytes.NewBufferString("") + for _, chunk := range chunks { + decrypted, err := rsa.DecryptPKCS1v15(rand.Reader, privateKey, chunk) + if err != nil { + return "", err + } + buffer.Write(decrypted) + } + return buffer.String(), err +} + +func split(buf []byte, lim int) [][]byte { + var chunk []byte + chunks := make([][]byte, 0, len(buf)/lim+1) + for len(buf) >= lim { + chunk, buf = buf[:lim], buf[lim:] + chunks = append(chunks, chunk) + } + if len(buf) > 0 { + chunks = append(chunks, buf[:len(buf)]) + } + return chunks +} + +//ParsePrivateKey parses private key bytes to rsa privateKey +func ParsePrivateKey(privateKeyDecoded string, keyType Secret) (*rsa.PrivateKey, error) { + decodeString, err := base64.StdEncoding.DecodeString(privateKeyDecoded) + if err != nil { + return nil, err + } + switch keyType { + case PKCS1: + return x509.ParsePKCS1PrivateKey(decodeString) + case PKCS8: + keyParsed, err := x509.ParsePKCS8PrivateKey(decodeString) + return keyParsed.(*rsa.PrivateKey), err + default: + return &rsa.PrivateKey{}, fmt.Errorf("secretInfo PrivateKeyDataType unsupport") + } +} + +//ParsePublicKey parses public key bytes to rsa publicKey +func ParsePublicKey(privateKeyDecoded string) (*rsa.PublicKey, error) { + decodeString, err := base64.StdEncoding.DecodeString(privateKeyDecoded) + if err != nil { + return nil, err + } + publicKey, err := x509.ParsePKIXPublicKey(decodeString) + if err != nil { + return nil, err + } + return publicKey.(*rsa.PublicKey), nil +} + +// ParseCertificate 解析证书 +func ParseCertificate(certString string) (*x509.Certificate, error) { + decodeString, _ := base64.StdEncoding.DecodeString(certString) + return x509.ParseCertificate(decodeString) +} + +// RsaEncrypt @Title Rsa加密 +func RsaEncrypt(origData []byte, publicKey *rsa.PublicKey) ([]byte, error) { + return rsa.EncryptPKCS1v15(rand.Reader, publicKey, origData) +} + +// RsaDecrypt @Title Rsa解密 +func RsaDecrypt(ciphertext []byte, privateKey *rsa.PrivateKey) ([]byte, error) { + return rsa.DecryptPKCS1v15(rand.Reader, privateKey, ciphertext) +}