tangping/goProject
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
master
goProject/trunk/goutil/securityUtil/rsa.go
皮蛋13361098506 1b77f62820 初始化项目
2025-01-06 16:01:02 +08:00

252 lines
5.5 KiB
Go
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

package securityUtil
import (
"crypto"
"crypto/rand"
"crypto/rsa"
"crypto/sha1"
"crypto/x509"
"encoding/base64"
"encoding/pem"
"errors"
"fmt"
"strings"
)
// RsaSha256验证签名
// publicKey:公钥
// source:原字符串
// targetSign:用以验证的目标签名会进行Base64解码
// 返回值返回nil为成功
func VerifyRsaWithSha256(publicKey, source, targetSign string) error {
//未加标记的PEM密钥加上公钥标记
if !strings.HasPrefix(publicKey, "-") {
publicKey = fmt.Sprintf(`-----BEGIN PUBLIC KEY-----
%s
-----END PUBLIC KEY-----`, publicKey)
}
//base64解码目标签名
signBuf, err := base64.StdEncoding.DecodeString(targetSign)
if err != nil {
return err
}
//解码公钥
block, _ := pem.Decode([]byte(publicKey))
if block == nil {
return fmt.Errorf("RSA.VerifyRsaWithSha256,Block is nil,public key error!")
}
//转化为公钥对象
pubObj, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
return err
}
pub := pubObj.(*rsa.PublicKey)
//验证签名
err = rsa.VerifyPKCS1v15(pub, crypto.SHA256, Sha256Bytes([]byte(source)), signBuf)
return err
}
// RsaSha1验证签名
// publicKey:公钥
// source:原字符串
// targetSign:用以验证的目标签名会进行Base64解码
// 返回值返回nil为成功
func VerifyRsaWithSha1(publicKey, source, targetSign string) error {
//未加标记的PEM密钥加上公钥标记
if !strings.HasPrefix(publicKey, "-") {
publicKey = fmt.Sprintf(`-----BEGIN PUBLIC KEY-----
%s
-----END PUBLIC KEY-----`, publicKey)
}
//base64解码目标签名
signBuf, err := base64.StdEncoding.DecodeString(targetSign)
if err != nil {
return err
}
//解码公钥
block, _ := pem.Decode([]byte(publicKey))
if block == nil {
return fmt.Errorf("RSA.VerifyRsaWithSha1,Block is nil,public key error!")
}
//转化为公钥对象
pubObj, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
return err
}
pub := pubObj.(*rsa.PublicKey)
//验证签名
err = rsa.VerifyPKCS1v15(pub, crypto.SHA1, Sha1StringToBytes(source), signBuf)
return err
}
// 对字符数组进行SHA1加密
// b:输入字符数组
// 返回值sha1加密后的原数据
func Sha1StringToBytes(b string) []byte {
if len(b) == 0 {
panic(errors.New("input []byte can't be empty"))
}
sha1Instance := sha1.New()
sha1Instance.Write([]byte(b))
result := sha1Instance.Sum(nil)
return result
}
func packageData(originalData []byte, packageSize int) (r [][]byte) {
var src = make([]byte, len(originalData))
copy(src, originalData)
r = make([][]byte, 0)
if len(src) <= packageSize {
return append(r, src)
}
for len(src) > 0 {
var p = src[:packageSize]
r = append(r, p)
src = src[packageSize:]
if len(src) <= packageSize {
r = append(r, src)
break
}
}
return r
}
// RSAEncrypt 数据加密
// plaintext:待加密的数据
// key:公钥
// 返回值:
// []byte:加密后的数据
// error:错误信息
func RSAEncrypt(plaintext, key []byte) ([]byte, error) {
var err error
var block *pem.Block
block, _ = pem.Decode(key)
if block == nil {
return nil, errors.New("public key error")
}
var pubInterface interface{}
pubInterface, err = x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
return nil, err
}
var pub = pubInterface.(*rsa.PublicKey)
var data = packageData(plaintext, pub.N.BitLen()/8-11)
var cipherData []byte = make([]byte, 0, 0)
for _, d := range data {
var c, e = rsa.EncryptPKCS1v15(rand.Reader, pub, d)
if e != nil {
return nil, e
}
cipherData = append(cipherData, c...)
}
return cipherData, nil
}
// RSADecrypt 数据解密
// plaintext:待解密的数据
// key:私钥
// 返回值:
// []byte:解密后的数据
// error:错误信息
func RSADecrypt(ciphertext, key []byte) ([]byte, error) {
var err error
var block *pem.Block
block, _ = pem.Decode(key)
if block == nil {
return nil, errors.New("private key error")
}
var pri *rsa.PrivateKey
pri, err = x509.ParsePKCS1PrivateKey(block.Bytes)
if err != nil {
return nil, err
}
var data = packageData(ciphertext, pri.PublicKey.N.BitLen()/8)
var plainData []byte = make([]byte, 0, 0)
for _, d := range data {
var p, e = rsa.DecryptPKCS1v15(rand.Reader, pri, d)
if e != nil {
return nil, e
}
plainData = append(plainData, p...)
}
return plainData, nil
}
// 基于RSA PKCS1V15进行签名
// src:待签名的原始字符串
// key:签名用的私钥
// hash:签名配置
// 返回值:
// []byte:得到的签名字节流
// error:错误信息
func SignPKCS1v15(src, key []byte, hash crypto.Hash) ([]byte, error) {
var h = hash.New()
h.Write(src)
var hashed = h.Sum(nil)
var err error
var block *pem.Block
block, _ = pem.Decode(key)
if block == nil {
return nil, errors.New("private key error")
}
var pri *rsa.PrivateKey
pri, err = x509.ParsePKCS1PrivateKey(block.Bytes)
if err != nil {
return nil, err
}
return rsa.SignPKCS1v15(rand.Reader, pri, hash, hashed)
}
// 验证RSA PKCS1V15进行签名
// src:待签名的原始字符串
// sig:签名字节流
// key:签名用的私钥
// hash:签名配置
// 返回值:
// error:错误信息
func VerifyPKCS1v15(src, sig, key []byte, hash crypto.Hash) error {
var h = hash.New()
h.Write(src)
var hashed = h.Sum(nil)
var err error
var block *pem.Block
block, _ = pem.Decode(key)
if block == nil {
return errors.New("public key error")
}
var pubInterface interface{}
pubInterface, err = x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
return err
}
var pub = pubInterface.(*rsa.PublicKey)
return rsa.VerifyPKCS1v15(pub, hash, hashed, sig)
}
Reference in New Issue View Git Blame Copy Permalink