/
rsa.go
143 lines (135 loc) · 2.9 KB
/
rsa.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
package utils_go
import (
"crypto"
"crypto/rand"
"crypto/rsa"
"crypto/sha256"
"crypto/x509"
"encoding/pem"
"errors"
"os"
)
var (
privateKey []byte
publicKey []byte
)
func init() {
//GenRsaKey(2048)
//var err error
//publicKey, err = ioutil.ReadFile("public.pem")
//if err != nil {
// os.Exit(-1)
//}
//privateKey, err = ioutil.ReadFile("private.pem")
//if err != nil {
// os.Exit(-1)
//}
//fmt.Printf("%s\n", publicKey)
//fmt.Printf("%s\n", privateKey)
}
//生成 私钥和公钥文件
func GenRsaKey(bits int) error {
//生成私钥文件
privateKey, err := rsa.GenerateKey(rand.Reader, bits)
if err != nil {
return err
}
derStream := x509.MarshalPKCS1PrivateKey(privateKey)
block := &pem.Block{
Type: "RSA PRIVATE KEY",
Bytes: derStream,
}
file, err := os.Create("private.pem")
if err != nil {
return err
}
err = pem.Encode(file, block)
if err != nil {
return err
}
//生成公钥文件
publicKey := &privateKey.PublicKey
defPkix, err := x509.MarshalPKIXPublicKey(publicKey)
if err != nil {
return err
}
block = &pem.Block{
Type: "RSA PUBLIC KEY",
Bytes: defPkix,
}
file, err = os.Create("public.pem")
if err != nil {
return err
}
err = pem.Encode(file, block)
if err != nil {
return err
}
return nil
}
//私钥签名
func RsaSign(data []byte) ([]byte, error) {
h := sha256.New()
h.Write(data)
hashed := h.Sum(nil)
//获取私钥
block, _ := pem.Decode(privateKey)
if block == nil {
return nil, errors.New("private key error")
}
//解析PKCS1格式的私钥
priv, err := x509.ParsePKCS1PrivateKey(block.Bytes)
if err != nil {
return nil, err
}
return rsa.SignPKCS1v15(rand.Reader, priv, crypto.SHA256, hashed)
}
//公钥验证
func RsaSignVer(data []byte, signature []byte) error {
hashed := sha256.Sum256(data)
block, _ := pem.Decode(publicKey)
if block == nil {
return errors.New("public key error")
}
// 解析公钥
pubInterface, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
return err
}
// 类型断言
pub := pubInterface.(*rsa.PublicKey)
//验证签名
return rsa.VerifyPKCS1v15(pub, crypto.SHA256, hashed[:], signature)
}
// 公钥加密
func RsaEncrypt(data []byte) ([]byte, error) {
//解密pem格式的公钥
block, _ := pem.Decode(publicKey)
if block == nil {
return nil, errors.New("public key error")
}
// 解析公钥
pubInterface, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
return nil, err
}
// 类型断言
pub := pubInterface.(*rsa.PublicKey)
//加密
return rsa.EncryptPKCS1v15(rand.Reader, pub, data)
}
// 私钥解密
func RsaDecrypt(ciphertext []byte) ([]byte, error) {
//获取私钥
block, _ := pem.Decode(privateKey)
if block == nil {
return nil, errors.New("private key error!")
}
//解析PKCS1格式的私钥
priv, err := x509.ParsePKCS1PrivateKey(block.Bytes)
if err != nil {
return nil, err
}
// 解密
return rsa.DecryptPKCS1v15(rand.Reader, priv, ciphertext)
}