-
Notifications
You must be signed in to change notification settings - Fork 0
/
rsa.go
127 lines (117 loc) · 3.32 KB
/
rsa.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
package note
import (
"crypto/rand"
"crypto/rsa"
"crypto/x509"
"encoding/pem"
)
/*
* @CreateTime: 2021/1/13 18:58
* @Author: JemmyHu <hujm20151021@gmail.com>
* @Description: rsa
1. GenRsaKey returns publicKey and privateKey
2. RsaEncrypt input data needed to encrypt and publicKey, output data that has been encrypted
3. RsaDecrypt input encrypted data and privateKey, output the decrypted data
*/
// RSAGenKey generate rsa key pair.
func RSAGenKey(bits int) (pubKey, prvKey []byte, err error) {
/*
generate privateKey
*/
// 1、get a privateKey
privateKey, err := rsa.GenerateKey(rand.Reader, bits)
if err != nil {
return nil, nil, err
}
// 2、Marshal the privateKey
privateStream := x509.MarshalPKCS1PrivateKey(privateKey)
// 3、put the marshaled privateKey into a Block
block1 := &pem.Block{
Type: "private key",
Bytes: privateStream,
}
prvKey = pem.EncodeToMemory(block1)
/*
genarate publicKey from privateKey
*/
publicKey := privateKey.PublicKey
publicStream, err := x509.MarshalPKIXPublicKey(&publicKey)
block2 := &pem.Block{
Type: "public key",
Bytes: publicStream,
}
pubKey = pem.EncodeToMemory(block2)
return pubKey, prvKey, nil
}
// RSAEncrypt use publicKey to encrypt source data.
func RSAEncrypt(src []byte, pubKey []byte) (res []byte, err error) {
block, _ := pem.Decode(pubKey)
// unmarshal publicKey
keyInit, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
return
}
publicKey := keyInit.(*rsa.PublicKey)
// encrypt data with publicKey
res, err = rsa.EncryptPKCS1v15(rand.Reader, publicKey, src)
return
}
// RSADecrypt decrypt encrypted data with private key.
func RSADecrypt(encryptedSrc []byte, prvKey []byte) (res []byte, err error) {
// decode the privateKey
block, _ := pem.Decode(prvKey)
blockBytes := block.Bytes
privateKey, err := x509.ParsePKCS1PrivateKey(blockBytes)
// decrypt by privateKey
res, err = rsa.DecryptPKCS1v15(rand.Reader, privateKey, encryptedSrc)
return
}
// --------------------------------
// RSAGenKeyWithPwd generate rsa pair key with specified password
func RSAGenKeyWithPwd(bits int, pwd string) (pubKey, prvKey []byte, err error) {
/*
generate privateKey
*/
privateKey, err := rsa.GenerateKey(rand.Reader, bits)
if err != nil {
return nil, nil, err
}
privateStream := x509.MarshalPKCS1PrivateKey(privateKey)
block1 := &pem.Block{
Type: "private key",
Bytes: privateStream,
}
// use optional password
if pwd != "" {
block1, err = x509.EncryptPEMBlock(rand.Reader, block1.Type, block1.Bytes, []byte(pwd), x509.PEMCipherAES256)
if err != nil {
return nil, nil, err
}
}
prvKey = pem.EncodeToMemory(block1)
/*
generate publuicKey from privateKey
*/
publicKey := privateKey.PublicKey
publicStream, err := x509.MarshalPKIXPublicKey(&publicKey)
block2 := &pem.Block{
Type: "public key",
Bytes: publicStream,
}
pubKey = pem.EncodeToMemory(block2)
return pubKey, prvKey, nil
}
// RSADecryptWithPwd decrypt src with private key and password
func RSADecryptWithPwd(src []byte, prvKey []byte, pwd string) (res []byte, err error) {
block, _ := pem.Decode(prvKey)
blockBytes := block.Bytes
if pwd != "" {
blockBytes, err = x509.DecryptPEMBlock(block, []byte(pwd))
if err != nil {
return nil, err
}
}
privateKey, err := x509.ParsePKCS1PrivateKey(blockBytes)
res, err = rsa.DecryptPKCS1v15(rand.Reader, privateKey, src)
return
}