-
Notifications
You must be signed in to change notification settings - Fork 0
/
rsa.go
147 lines (132 loc) · 3.6 KB
/
rsa.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
package kit
import (
"crypto"
"crypto/rand"
"crypto/rsa"
"crypto/x509"
"encoding/base64"
"encoding/pem"
"errors"
"fmt"
"strings"
)
var (
begin_rsa_private_key = "-----BEGIN RSA PRIVATE KEY-----"
end_rsa_private_key = "-----END RSA PRIVATE KEY-----"
begin_public_key = "-----BEGIN PUBLIC KEY-----"
end_public_key = "-----END PUBLIC KEY-----"
)
//RSA签名
//signContent:签名内容
//privateKey:私钥
//hs:签名算法
func RsaSign(signContent []byte, privateKey string, hs crypto.Hash) ([]byte, error) {
hashed := hs.New()
hashed.Write(signContent)
priKey, err := parsePrivateKey(privateKey)
if err != nil {
return nil, err
}
return rsa.SignPKCS1v15(rand.Reader, priKey, hs, hashed.Sum(nil))
}
//RSA验签
//signContent:签名内容
//publicKey:公钥
//sign:RsaSign()的签名结果
//hs:签名算法
func VerifyRsaSign(signContent, sign []byte, publicKey string, hs crypto.Hash) (bool, error) {
pk, err := parsePublicKey(publicKey)
if err != nil {
return false, err
}
hashed := hs.New()
hashed.Write(signContent)
err = rsa.VerifyPKCS1v15(pk, hs, hashed.Sum(nil), sign)
if err != nil {
return false, err
}
return true, nil
}
//RSA加密
func RsaEncrypt(msg []byte, publicKey string) ([]byte, error) {
key, err := parsePublicKey(publicKey)
if err != nil {
return nil, err
}
return rsa.EncryptPKCS1v15(rand.Reader, key, msg)
}
//RSA加密并转换为base64
func RsaEncryptToBase64(msg []byte, publicKey string) string {
if bt, err := RsaEncrypt(msg, publicKey); err != nil {
fmt.Println("signgo.RsaEncryptToBase64.RsaEncrypt", err.Error())
} else {
return base64.StdEncoding.EncodeToString(bt)
}
return ""
}
//RSA解密
func RsaDecrypt(ciphertext []byte, privateKey string) ([]byte, error) {
key, err := parsePrivateKey(privateKey)
if err != nil {
return nil, err
}
if err != nil {
return nil, err
}
return rsa.DecryptPKCS1v15(rand.Reader, key, ciphertext)
}
//RSA解密 RsaEncryptToBase64(RSA加密并转换为base64) 后的结果
func RsaDecryptFromBase64(str string, privateKey string) string {
if bt, err := base64.StdEncoding.DecodeString(str); err != nil {
fmt.Println("signgo.RsaDecryptFromBase64", err.Error())
} else {
if bt, err := RsaDecrypt(bt, privateKey); err != nil {
fmt.Println("signgo.RsaDecryptFromBase64", err.Error())
} else {
return string(bt)
}
}
return ""
}
func parsePublicKey(publicKey string) (*rsa.PublicKey, error) {
publicKey = formatPublicKey(publicKey)
block, _ := pem.Decode([]byte(publicKey))
if block == nil {
return nil, errors.New("publicKey error")
}
pubKey, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
return nil, err
}
return pubKey.(*rsa.PublicKey), nil
}
func formatPublicKey(publicKey string) string {
if !strings.HasPrefix(publicKey, begin_public_key) {
publicKey = begin_public_key + "\n" + publicKey
}
if !strings.HasSuffix(publicKey, end_public_key) {
publicKey = publicKey + "\n" + end_public_key
}
return publicKey
}
func parsePrivateKey(privateKey string) (*rsa.PrivateKey, error) {
privateKey = formatPrivateKey(privateKey)
block, _ := pem.Decode([]byte(privateKey))
if block == nil {
return nil, errors.New("privateKey error")
}
priKey, err := x509.ParsePKCS8PrivateKey(block.Bytes)
if err != nil {
return nil, err
}
return priKey.(*rsa.PrivateKey), nil
}
func formatPrivateKey(privateKey string) string {
if !strings.HasPrefix(privateKey, begin_rsa_private_key) {
privateKey = begin_rsa_private_key + "\n" + privateKey
}
if !strings.HasSuffix(privateKey, end_rsa_private_key) {
privateKey = privateKey + "\n" + end_rsa_private_key
}
return privateKey
}