package utils import ( "bytes" "crypto" //"crypto/aes" "crypto/cipher" "crypto/des" "crypto/rand" "crypto/rsa" "crypto/sha1" "crypto/x509" "encoding/base64" "encoding/pem" "errors" //"io" "strings" //"fmt" ) //des加密 func DesEncrypt(key, iv, plainText []byte) ([]byte, error) { block, err := des.NewCipher(key) if err != nil { return nil, err } blockSize := block.BlockSize() origData := pkcs5Padding(plainText, blockSize) blockMode := cipher.NewCBCEncrypter(block, iv) cryted := make([]byte, len(origData)) blockMode.CryptBlocks(cryted, origData) return cryted, nil } //des解密 func DesDecrypt(key, iv, cipherText []byte) ([]byte, error) { block, err := des.NewCipher(key) if err != nil { return nil, err } blockMode := cipher.NewCBCDecrypter(block, iv) origData := make([]byte, len(cipherText)) blockMode.CryptBlocks(origData, cipherText) origData = pkcs5UnPadding(origData) return origData, nil } //func AesEncrypt(key []byte, plaintext string) (string, error) { // block, err := aes.NewCipher(key) // if err != nil { // return "", err // } // ciphertext := make([]byte, aes.BlockSize+len(plaintext)) // iv := ciphertext[:aes.BlockSize] // if _, err := io.ReadFull(rand.Reader, iv); err != nil { // return "", err // } // cipher.NewCFBEncrypter(block, iv).XORKeyStream(ciphertext[aes.BlockSize:], // []byte(plaintext)) // // return base64.StdEncoding.EncodeToString(ciphertext), nil //} // //func AesDecrypt(key []byte, cipherText string) (string, error) { // // ciphertext, err := hex.DecodeString(cipherText) // ciphertext, err := base64.StdEncoding.DecodeString(cipherText) // if err != nil { // return "", err // } // block, err := aes.NewCipher(key) // if err != nil { // return "", err // } // if len(ciphertext) < aes.BlockSize { // return "", errors.New("ciphertext too short") // } // iv := ciphertext[:aes.BlockSize] // ciphertext = ciphertext[aes.BlockSize:] // cipher.NewCFBDecrypter(block, iv).XORKeyStream(ciphertext, ciphertext) // return string(ciphertext), nil //} // //func AesEncrypt1(origData, key []byte) ([]byte, error) { // block, err := aes.NewCipher(key) // if err != nil { // return nil, err // } // blockSize := block.BlockSize() // origData = pkcs5Padding(origData, blockSize) // // origData = ZeroPadding(origData, block.BlockSize()) // blockMode := cipher.NewCBCEncrypter(block, key[:blockSize]) // crypted := make([]byte, len(origData)) // // 根据CryptBlocks方法的说明,如下方式初始化crypted也可以 // // crypted := origData // blockMode.CryptBlocks(crypted, origData) // // return crypted, nil //} // //func AesDecrypt1(crypted, key []byte) ([]byte, error) { // block, err := aes.NewCipher(key) // if err != nil { // return nil, err // } // blockSize := block.BlockSize() // blockMode := cipher.NewCBCDecrypter(block, key[:blockSize]) // origData := make([]byte, len(crypted)) // // origData := crypted // blockMode.CryptBlocks(origData, crypted) // origData = pkcs5UnPadding(origData) // // origData = ZeroUnPadding(origData) // return origData, nil //} // //func AesEncrypt2(origData, key []byte) ([]byte, error) { // txt := string(origData) // block, err := aes.NewCipher(key) // if err != nil { // return nil, err // } // encrypter := cipher.NewECBEncrypter(block) // blockSize := block.BlockSize() // origData = pkcs5Padding(origData, blockSize) // // dest := make([]byte, (len(txt)/len(key)+1)*len(key)) // encrypter.CryptBlocks(dest, origData) // return dest, nil //} // //func AesDecrypt2(crypted, key []byte) ([]byte, error) { // block, err := aes.NewCipher(key) // if err != nil { // return nil, err // } // // blockMode := cipher.NewECBDecrypter(block) // origData := make([]byte, len(crypted)) // // origData := crypted // blockMode.CryptBlocks(origData, crypted) // origData = pkcs5UnPadding(origData) // // origData = ZeroUnPadding(origData) // return origData, nil //} func RSASign(data string, privKey string) (string, error) { pemBlock, _ := pem.Decode([]byte(privKey)) if pemBlock == nil { return "", errors.New("PARSE PRIVATE KEY FAILED") } if pemBlock.Type != "RSA PRIVATE KEY" { return "", errors.New("RSA PRIVATE KEY") } key, err := x509.ParsePKCS1PrivateKey(pemBlock.Bytes) if err != nil { return "", err } h := sha1.New() h.Write([]byte(data)) signature, err := rsa.SignPKCS1v15(rand.Reader, key, crypto.SHA1, h.Sum(nil)) if err != nil { return "", err } return string(Base64Encode(signature)), nil } func SignPKCS1v15(src, key []byte, hash crypto.Hash) ([]byte, error) { var h = hash.New() h.Write(src) var hashed = h.Sum(nil) var err error var block *pem.Block block, _ = pem.Decode(key) if block == nil { return nil, errors.New("private key error") } var pri *rsa.PrivateKey pri, err = x509.ParsePKCS1PrivateKey(block.Bytes) if err != nil { return nil, err } return rsa.SignPKCS1v15(rand.Reader, pri, hash, hashed) } func SignRSA2(keys []string, param map[string]string, privateKey []byte) (s string, err error) { var pList = make([]string, 0, 0) for _, key := range keys { var value = strings.TrimSpace(param[key]) if len(value) > 0 { pList = append(pList, key+"="+value) } } var src = strings.Join(pList, "&") sig, err := SignPKCS1v15([]byte(src), privateKey, crypto.SHA256) if err != nil { return "", err } s = base64.StdEncoding.EncodeToString(sig) return s, nil } func VerifyPKCS1v15(src, sig, key []byte, hash crypto.Hash) error { var h = hash.New() h.Write(src) var hashed = h.Sum(nil) var err error var block *pem.Block block, _ = pem.Decode(key) if block == nil { return errors.New("public key error") } var pubInterface interface{} pubInterface, err = x509.ParsePKIXPublicKey(block.Bytes) if err != nil { return err } var pub = pubInterface.(*rsa.PublicKey) return rsa.VerifyPKCS1v15(pub, hash, hashed, sig) } func pkcs5Padding(src []byte, blockSize int) []byte { padding := blockSize - len(src)%blockSize padtext := bytes.Repeat([]byte{byte(padding)}, padding) return append(src, padtext...) } func pkcs5UnPadding(src []byte) []byte { length := len(src) unpadding := int(src[length-1]) return src[:(length - unpadding)] }