-
Notifications
You must be signed in to change notification settings - Fork 25
/
sym.go
85 lines (66 loc) · 1.66 KB
/
sym.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
package pkcs
import(
"io"
"errors"
"encoding/asn1"
)
// 加密接口
type Cipher interface {
// oid
OID() asn1.ObjectIdentifier
// 值大小
KeySize() int
// 是否有 KeyLength
HasKeyLength() bool
// 密码是否需要 Bmp 处理
NeedBmpPassword() bool
// 加密, 返回: [加密后数据, 参数, error]
Encrypt(rand io.Reader, key, plaintext []byte) ([]byte, []byte, error)
// 解密
Decrypt(key, params, ciphertext []byte) ([]byte, error)
}
// 泛型适配对称加密
// T 为对应参数结构
type Sym[T any] struct {
cipher Cipher
}
func NewSym[T any](cipher Cipher) *Sym[T] {
return &Sym[T]{
cipher,
}
}
// oid
func (this *Sym[T]) OID() asn1.ObjectIdentifier {
if this.cipher == nil {
return asn1.ObjectIdentifier{}
}
return this.cipher.OID()
}
// 加密
func (this *Sym[T]) Encrypt(rand io.Reader, key, plaintext []byte) (encrypted []byte, params T, err error) {
if this.cipher == nil {
err = errors.New("pkcs: invalid cipher")
return
}
var paramBytes []byte
encrypted, paramBytes, err = this.cipher.Encrypt(rand, key, plaintext)
if err != nil {
return
}
_, err = asn1.Unmarshal(paramBytes, ¶ms)
if err != nil {
return
}
return encrypted, params, nil
}
// 解密
func (this *Sym[T]) Decrypt(key []byte, params T, ciphertext []byte) ([]byte, error) {
if this.cipher == nil {
return nil, errors.New("pkcs: invalid cipher")
}
paramBytes, err := asn1.Marshal(params)
if err != nil {
return nil, err
}
return this.cipher.Decrypt(key, paramBytes, ciphertext)
}