crypto.go 6.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245
  1. package utils
  2. import (
  3. "bytes"
  4. "crypto"
  5. //"crypto/aes"
  6. "crypto/cipher"
  7. "crypto/des"
  8. "crypto/rand"
  9. "crypto/rsa"
  10. "crypto/sha1"
  11. "crypto/x509"
  12. "encoding/base64"
  13. "encoding/pem"
  14. "errors"
  15. //"io"
  16. "strings"
  17. //"fmt"
  18. )
  19. //des加密
  20. func DesEncrypt(key, iv, plainText []byte) ([]byte, error) {
  21. block, err := des.NewCipher(key)
  22. if err != nil {
  23. return nil, err
  24. }
  25. blockSize := block.BlockSize()
  26. origData := pkcs5Padding(plainText, blockSize)
  27. blockMode := cipher.NewCBCEncrypter(block, iv)
  28. cryted := make([]byte, len(origData))
  29. blockMode.CryptBlocks(cryted, origData)
  30. return cryted, nil
  31. }
  32. //des解密
  33. func DesDecrypt(key, iv, cipherText []byte) ([]byte, error) {
  34. block, err := des.NewCipher(key)
  35. if err != nil {
  36. return nil, err
  37. }
  38. blockMode := cipher.NewCBCDecrypter(block, iv)
  39. origData := make([]byte, len(cipherText))
  40. blockMode.CryptBlocks(origData, cipherText)
  41. origData = pkcs5UnPadding(origData)
  42. return origData, nil
  43. }
  44. //func AesEncrypt(key []byte, plaintext string) (string, error) {
  45. // block, err := aes.NewCipher(key)
  46. // if err != nil {
  47. // return "", err
  48. // }
  49. // ciphertext := make([]byte, aes.BlockSize+len(plaintext))
  50. // iv := ciphertext[:aes.BlockSize]
  51. // if _, err := io.ReadFull(rand.Reader, iv); err != nil {
  52. // return "", err
  53. // }
  54. // cipher.NewCFBEncrypter(block, iv).XORKeyStream(ciphertext[aes.BlockSize:],
  55. // []byte(plaintext))
  56. //
  57. // return base64.StdEncoding.EncodeToString(ciphertext), nil
  58. //}
  59. //
  60. //func AesDecrypt(key []byte, cipherText string) (string, error) {
  61. // // ciphertext, err := hex.DecodeString(cipherText)
  62. // ciphertext, err := base64.StdEncoding.DecodeString(cipherText)
  63. // if err != nil {
  64. // return "", err
  65. // }
  66. // block, err := aes.NewCipher(key)
  67. // if err != nil {
  68. // return "", err
  69. // }
  70. // if len(ciphertext) < aes.BlockSize {
  71. // return "", errors.New("ciphertext too short")
  72. // }
  73. // iv := ciphertext[:aes.BlockSize]
  74. // ciphertext = ciphertext[aes.BlockSize:]
  75. // cipher.NewCFBDecrypter(block, iv).XORKeyStream(ciphertext, ciphertext)
  76. // return string(ciphertext), nil
  77. //}
  78. //
  79. //func AesEncrypt1(origData, key []byte) ([]byte, error) {
  80. // block, err := aes.NewCipher(key)
  81. // if err != nil {
  82. // return nil, err
  83. // }
  84. // blockSize := block.BlockSize()
  85. // origData = pkcs5Padding(origData, blockSize)
  86. // // origData = ZeroPadding(origData, block.BlockSize())
  87. // blockMode := cipher.NewCBCEncrypter(block, key[:blockSize])
  88. // crypted := make([]byte, len(origData))
  89. // // 根据CryptBlocks方法的说明,如下方式初始化crypted也可以
  90. // // crypted := origData
  91. // blockMode.CryptBlocks(crypted, origData)
  92. //
  93. // return crypted, nil
  94. //}
  95. //
  96. //func AesDecrypt1(crypted, key []byte) ([]byte, error) {
  97. // block, err := aes.NewCipher(key)
  98. // if err != nil {
  99. // return nil, err
  100. // }
  101. // blockSize := block.BlockSize()
  102. // blockMode := cipher.NewCBCDecrypter(block, key[:blockSize])
  103. // origData := make([]byte, len(crypted))
  104. // // origData := crypted
  105. // blockMode.CryptBlocks(origData, crypted)
  106. // origData = pkcs5UnPadding(origData)
  107. // // origData = ZeroUnPadding(origData)
  108. // return origData, nil
  109. //}
  110. //
  111. //func AesEncrypt2(origData, key []byte) ([]byte, error) {
  112. // txt := string(origData)
  113. // block, err := aes.NewCipher(key)
  114. // if err != nil {
  115. // return nil, err
  116. // }
  117. // encrypter := cipher.NewECBEncrypter(block)
  118. // blockSize := block.BlockSize()
  119. // origData = pkcs5Padding(origData, blockSize)
  120. //
  121. // dest := make([]byte, (len(txt)/len(key)+1)*len(key))
  122. // encrypter.CryptBlocks(dest, origData)
  123. // return dest, nil
  124. //}
  125. //
  126. //func AesDecrypt2(crypted, key []byte) ([]byte, error) {
  127. // block, err := aes.NewCipher(key)
  128. // if err != nil {
  129. // return nil, err
  130. // }
  131. //
  132. // blockMode := cipher.NewECBDecrypter(block)
  133. // origData := make([]byte, len(crypted))
  134. // // origData := crypted
  135. // blockMode.CryptBlocks(origData, crypted)
  136. // origData = pkcs5UnPadding(origData)
  137. // // origData = ZeroUnPadding(origData)
  138. // return origData, nil
  139. //}
  140. func RSASign(data string, privKey string) (string, error) {
  141. pemBlock, _ := pem.Decode([]byte(privKey))
  142. if pemBlock == nil {
  143. return "", errors.New("PARSE PRIVATE KEY FAILED")
  144. }
  145. if pemBlock.Type != "RSA PRIVATE KEY" {
  146. return "", errors.New("RSA PRIVATE KEY")
  147. }
  148. key, err := x509.ParsePKCS1PrivateKey(pemBlock.Bytes)
  149. if err != nil {
  150. return "", err
  151. }
  152. h := sha1.New()
  153. h.Write([]byte(data))
  154. signature, err := rsa.SignPKCS1v15(rand.Reader, key, crypto.SHA1, h.Sum(nil))
  155. if err != nil {
  156. return "", err
  157. }
  158. return string(Base64Encode(signature)), nil
  159. }
  160. func SignPKCS1v15(src, key []byte, hash crypto.Hash) ([]byte, error) {
  161. var h = hash.New()
  162. h.Write(src)
  163. var hashed = h.Sum(nil)
  164. var err error
  165. var block *pem.Block
  166. block, _ = pem.Decode(key)
  167. if block == nil {
  168. return nil, errors.New("private key error")
  169. }
  170. var pri *rsa.PrivateKey
  171. pri, err = x509.ParsePKCS1PrivateKey(block.Bytes)
  172. if err != nil {
  173. return nil, err
  174. }
  175. return rsa.SignPKCS1v15(rand.Reader, pri, hash, hashed)
  176. }
  177. func SignRSA2(keys []string, param map[string]string, privateKey []byte) (s string, err error) {
  178. var pList = make([]string, 0, 0)
  179. for _, key := range keys {
  180. var value = strings.TrimSpace(param[key])
  181. if len(value) > 0 {
  182. pList = append(pList, key+"="+value)
  183. }
  184. }
  185. var src = strings.Join(pList, "&")
  186. sig, err := SignPKCS1v15([]byte(src), privateKey, crypto.SHA256)
  187. if err != nil {
  188. return "", err
  189. }
  190. s = base64.StdEncoding.EncodeToString(sig)
  191. return s, nil
  192. }
  193. func VerifyPKCS1v15(src, sig, key []byte, hash crypto.Hash) error {
  194. var h = hash.New()
  195. h.Write(src)
  196. var hashed = h.Sum(nil)
  197. var err error
  198. var block *pem.Block
  199. block, _ = pem.Decode(key)
  200. if block == nil {
  201. return errors.New("public key error")
  202. }
  203. var pubInterface interface{}
  204. pubInterface, err = x509.ParsePKIXPublicKey(block.Bytes)
  205. if err != nil {
  206. return err
  207. }
  208. var pub = pubInterface.(*rsa.PublicKey)
  209. return rsa.VerifyPKCS1v15(pub, hash, hashed, sig)
  210. }
  211. func pkcs5Padding(src []byte, blockSize int) []byte {
  212. padding := blockSize - len(src)%blockSize
  213. padtext := bytes.Repeat([]byte{byte(padding)}, padding)
  214. return append(src, padtext...)
  215. }
  216. func pkcs5UnPadding(src []byte) []byte {
  217. length := len(src)
  218. unpadding := int(src[length-1])
  219. return src[:(length - unpadding)]
  220. }