diff --git a/aes/aescbc.go b/aes/aescbc.go new file mode 100644 index 0000000..d369093 --- /dev/null +++ b/aes/aescbc.go @@ -0,0 +1,116 @@ +package aes + +import ( + "crypto/aes" + "crypto/cipher" + "encoding/base64" + "encoding/hex" + "runtime" + + log "github.com/sirupsen/logrus" + "github.com/wumansgy/goEncrypt" +) + +/** +eencrypt + Note: the key length is 16 bytes +*/ + +func init() { + log.SetFormatter(&log.JSONFormatter{}) + log.SetReportCaller(true) +} + +// encrypt +func AesCbcEncrypt(plainText, key, ivAes []byte) ([]byte, error) { + if len(key) != 16 && len(key) != 24 && len(key) != 32 { + return nil, goEncrypt.ErrKeyLengthSixteen + } + block, err := aes.NewCipher(key) + if err != nil { + return nil, err + } + paddingText := goEncrypt.PKCS5Padding(plainText, block.BlockSize()) + + var iv []byte + if len(ivAes) != 0 { + if len(ivAes) != block.BlockSize() { + return nil, goEncrypt.ErrIvAes + } else { + iv = ivAes + } + } else { + iv = []byte(goEncrypt.Ivaes) + } // To initialize the vector, it needs to be the same length as block.blocksize + blockMode := cipher.NewCBCEncrypter(block, iv) + cipherText := make([]byte, len(paddingText)) + blockMode.CryptBlocks(cipherText, paddingText) + return cipherText, nil +} + +// decrypt +func AesCbcDecrypt(cipherText, key, ivAes []byte) ([]byte, error) { + if len(key) != 16 && len(key) != 24 && len(key) != 32 { + return nil, goEncrypt.ErrKeyLengthSixteen + } + block, err := aes.NewCipher(key) + if err != nil { + return nil, err + } + + defer func() { + if err := recover(); err != nil { + switch err.(type) { + case runtime.Error: + log.Errorf("runtime err=%v,Check that the key or text is correct", err) + default: + log.Errorf("error=%v,check the cipherText ", err) + } + } + }() + var iv []byte + if len(ivAes) != 0 { + if len(ivAes) != block.BlockSize() { + return nil, goEncrypt.ErrIvAes + } else { + iv = ivAes + } + } else { + iv = []byte(goEncrypt.Ivaes) + } + blockMode := cipher.NewCBCDecrypter(block, iv) + paddingText := make([]byte, len(cipherText)) + blockMode.CryptBlocks(paddingText, cipherText) + + plainText, err := goEncrypt.PKCS5UnPadding(paddingText, block.BlockSize()) + if err != nil { + return nil, err + } + return plainText, nil +} + +func AesCbcEncryptBase64(plainText, key, ivAes []byte) (string, error) { + encryBytes, err := AesCbcEncrypt(plainText, key, ivAes) + return base64.StdEncoding.EncodeToString(encryBytes), err +} + +func AesCbcEncryptHex(plainText, key, ivAes []byte) (string, error) { + encryBytes, err := AesCbcEncrypt(plainText, key, ivAes) + return hex.EncodeToString(encryBytes), err +} + +func AesCbcDecryptByBase64(cipherTextBase64 string, key, ivAes []byte) ([]byte, error) { + plainTextBytes, err := base64.StdEncoding.DecodeString(cipherTextBase64) + if err != nil { + return []byte{}, err + } + return AesCbcDecrypt(plainTextBytes, key, ivAes) +} + +func AesCbcDecryptByHex(cipherTextHex string, key, ivAes []byte) ([]byte, error) { + plainTextBytes, err := hex.DecodeString(cipherTextHex) + if err != nil { + return []byte{}, err + } + return AesCbcDecrypt(plainTextBytes, key, ivAes) +} diff --git a/aes/aescbc_test.go b/aes/aescbc_test.go new file mode 100644 index 0000000..0e8404e --- /dev/null +++ b/aes/aescbc_test.go @@ -0,0 +1,57 @@ +package aes + +import ( + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestAesCbc(t *testing.T) { + var ( + key = "111" + key16 = "1234567812345678" + key24 = "123456781234567812345678" + key32 = "12345678123456781234567812345678" + plaintext = "TestAesCbc" + badiv = "11111" + goodiv = "1234567812345678" + ) + cipherBytes, err := AesCbcEncrypt([]byte(plaintext), []byte(key16), nil) + assert.Nil(t, err) + text, err := AesCbcDecrypt(cipherBytes, []byte(key16), nil) + assert.Nil(t, err) + assert.Equal(t, string(text), plaintext) + + _, err = AesCbcDecrypt(cipherBytes, []byte(key24), nil) + assert.NotNil(t, err) + text, err = AesCbcDecrypt([]byte("badtext"), []byte(key24), nil) + assert.Equal(t,string(text),"") + + cipherBytes, err = AesCbcEncrypt([]byte(plaintext), []byte(key24), nil) + assert.Nil(t, err) + text, err = AesCbcDecrypt(cipherBytes, []byte(key24), nil) + assert.Nil(t, err) + assert.Equal(t, string(text), plaintext) + + cipherBytes, err = AesCbcEncrypt([]byte(plaintext), []byte(key32), nil) + assert.Nil(t, err) + text, err = AesCbcDecrypt(cipherBytes, []byte(key32), nil) + assert.Nil(t, err) + assert.Equal(t, string(text), plaintext) + + cipherBytes, err = AesCbcEncrypt([]byte(plaintext), []byte(key), nil) + assert.NotNil(t, err) + text, err = AesCbcDecrypt(cipherBytes, []byte(key), nil) + assert.NotNil(t, err) + + cipherBytes, err = AesCbcEncrypt([]byte(plaintext), []byte(key16), []byte(badiv)) + assert.NotNil(t, err) + text, err = AesCbcDecrypt(cipherBytes, []byte(key16), []byte(badiv)) + assert.NotNil(t, err) + + cipherBytes, err = AesCbcEncrypt([]byte(plaintext), []byte(key16), []byte(goodiv)) + assert.Nil(t, err) + text, err = AesCbcDecrypt(cipherBytes, []byte(key16), []byte(goodiv)) + assert.Nil(t, err) + assert.Equal(t, string(text), plaintext) +} diff --git a/aes/aesctr.go b/aes/aesctr.go new file mode 100644 index 0000000..5e8a209 --- /dev/null +++ b/aes/aesctr.go @@ -0,0 +1,105 @@ +package aes + +import ( + "crypto/aes" + "crypto/cipher" + "encoding/base64" + "encoding/hex" + "runtime" + + log "github.com/sirupsen/logrus" + "github.com/wumansgy/goEncrypt" +) + +/* + AES CTR mode encryption and decryption +*/ +func AesCtrEncrypt(plainText, key, ivAes []byte) ([]byte, error) { + if len(key) != 16 && len(key) != 24 && len(key) != 32 { + return nil, goEncrypt.ErrKeyLengthSixteen + } + block, err := aes.NewCipher(key) + if err != nil { + return nil, err + } + var iv []byte + if len(ivAes) != 0 { + if len(ivAes) != block.BlockSize() { + return nil, goEncrypt.ErrIvAes + } else { + iv = ivAes + } + } else { + iv = []byte(goEncrypt.Ivaes) + } + stream := cipher.NewCTR(block, iv) + + cipherText := make([]byte, len(plainText)) + stream.XORKeyStream(cipherText, plainText) + + return cipherText, nil +} + +func AesCtrDecrypt(cipherText, key, ivAes []byte) ([]byte, error) { + if len(key) != 16 && len(key) != 24 && len(key) != 32 { + return nil, goEncrypt.ErrKeyLengthSixteen + } + block, err := aes.NewCipher(key) + if err != nil { + return nil, err + } + + defer func() { + if err := recover(); err != nil { + switch err.(type) { + case runtime.Error: + log.Errorf("runtime err=%v,Check that the key or text is correct", err) + default: + log.Errorf("error=%v,check the cipherText ", err) + } + } + }() + + var iv []byte + if len(ivAes) != 0 { + if len(ivAes) != block.BlockSize() { + return nil, goEncrypt.ErrIvAes + } else { + iv = ivAes + } + } else { + iv = []byte(goEncrypt.Ivaes) + } + stream := cipher.NewCTR(block, iv) + + plainText := make([]byte, len(cipherText)) + stream.XORKeyStream(plainText, cipherText) + + return plainText, nil +} + +func AesCtrEncryptBase64(plainText, key, ivAes []byte) (string, error) { + encryBytes, err := AesCtrEncrypt(plainText, key, ivAes) + return base64.StdEncoding.EncodeToString(encryBytes), err +} + +func AesCtrEncryptHex(plainText, key, ivAes []byte) (string, error) { + encryBytes, err := AesCtrEncrypt(plainText, key, ivAes) + return hex.EncodeToString(encryBytes), err +} + +func AesCtrDecryptByBase64(cipherTextBase64 string, key, ivAes []byte) ([]byte, error) { + plainTextBytes, err := base64.StdEncoding.DecodeString(cipherTextBase64) + if err != nil { + return []byte{}, err + } + return AesCtrDecrypt(plainTextBytes, key, ivAes) +} + +func AesCtrDecryptByHex(cipherTextHex string, key, ivAes []byte) ([]byte, error) { + plainTextBytes, err := hex.DecodeString(cipherTextHex) + if err != nil { + return []byte{}, err + } + return AesCtrDecrypt(plainTextBytes, key, ivAes) +} \ No newline at end of file diff --git a/aes/aesctr_test.go b/aes/aesctr_test.go new file mode 100644 index 0000000..922655b --- /dev/null +++ b/aes/aesctr_test.go @@ -0,0 +1,38 @@ +package aes + +import ( + "github.com/stretchr/testify/assert" + "testing" +) + +func TestAesCtr(t *testing.T) { + var ( + key = "111" + key16 = "1234567812345678" + key24 = "123456781234567812345678" + key32 = "12345678123456781234567812345678" + plaintext = "TestAesCtr" + ) + cipherBytes, err := AesCtrEncrypt([]byte(plaintext), []byte(key16), nil) + assert.Nil(t, err) + text, err := AesCtrDecrypt(cipherBytes, []byte(key16), nil) + assert.Nil(t, err) + assert.Equal(t, string(text), plaintext) + + cipherBytes, err = AesCtrEncrypt([]byte(plaintext), []byte(key24), nil) + assert.Nil(t, err) + text, err = AesCtrDecrypt(cipherBytes, []byte(key24), nil) + assert.Nil(t, err) + assert.Equal(t, string(text), plaintext) + + cipherBytes, err = AesCtrEncrypt([]byte(plaintext), []byte(key32), nil) + assert.Nil(t, err) + text, err = AesCtrDecrypt(cipherBytes, []byte(key32), nil) + assert.Nil(t, err) + assert.Equal(t, string(text), plaintext) + + cipherBytes, err = AesCtrEncrypt([]byte(plaintext), []byte(key), nil) + assert.NotNil(t, err) + text, err = AesCtrDecrypt(cipherBytes, []byte(key), nil) + assert.NotNil(t, err) +} \ No newline at end of file diff --git a/aes/aesecb.go b/aes/aesecb.go new file mode 100644 index 0000000..bca6e2e --- /dev/null +++ b/aes/aesecb.go @@ -0,0 +1,130 @@ +package aes + +import ( + "crypto/aes" + "crypto/cipher" + "encoding/base64" + "encoding/hex" + + "github.com/wumansgy/goEncrypt" +) + +/* + Ecb is not recommended,use cbc +*/ +type aesEcb struct { + b cipher.Block + blockSize int +} + +func newECB(b cipher.Block) *aesEcb { + return &aesEcb{ + b: b, + blockSize: b.BlockSize(), + } +} + +type ecbEncrypter aesEcb + +func newECBEncrypter(b cipher.Block) cipher.BlockMode { + return (*ecbEncrypter)(newECB(b)) +} + +func (x *ecbEncrypter) BlockSize() int { return x.blockSize } + +func (x *ecbEncrypter) CryptBlocks(dst, src []byte) { + if len(src)%x.blockSize != 0 { + return + } + if len(dst) < len(src) { + return + } + + for len(src) > 0 { + x.b.Encrypt(dst, src[:x.blockSize]) + src = src[x.blockSize:] + dst = dst[x.blockSize:] + } +} + +type ecbDecrypter aesEcb + +func newECBDecrypter(b cipher.Block) cipher.BlockMode { + return (*ecbDecrypter)(newECB(b)) +} + +func (x *ecbDecrypter) BlockSize() int { + return x.blockSize +} + +func (x *ecbDecrypter) CryptBlocks(dst, src []byte) { + if len(src)%x.blockSize != 0 { + return + } + if len(dst) < len(src) { + return + } + + for len(src) > 0 { + x.b.Decrypt(dst, src[:x.blockSize]) + src = src[x.blockSize:] + dst = dst[x.blockSize:] + } +} + +func AesEcbEncrypt(plainText, key []byte) ([]byte, error) { + if len(key) != 16 && len(key) != 24 && len(key) != 32 { + return nil, goEncrypt.ErrKeyLengthSixteen + } + block, err := aes.NewCipher(key) + if err != nil { + return nil, err + } + + paddingText := goEncrypt.PKCS5Padding(plainText, block.BlockSize()) + + crypted := make([]byte, len(paddingText)) + encrypter := newECBEncrypter(block) + encrypter.CryptBlocks(crypted, paddingText) + + return crypted, nil +} + +func AesEcbDecrypt(plainText, key []byte) ([]byte, error) { + block, err := aes.NewCipher(key) + if err != nil { + return nil, err + } + + ecbDecrypter := newECBDecrypter(block) + decrypted := make([]byte, len(plainText)) + ecbDecrypter.CryptBlocks(decrypted, plainText) + + return goEncrypt.PKCS5UnPadding(decrypted, ecbDecrypter.BlockSize()) +} + +func AesEcbEncryptBase64(plainText, key []byte) (string, error) { + encryBytes, err := AesEcbEncrypt(plainText, key) + return base64.StdEncoding.EncodeToString(encryBytes), err +} + +func AesEcbEncryptHex(plainText, key []byte) (string, error) { + encryBytes, err := AesEcbEncrypt(plainText, key) + return hex.EncodeToString(encryBytes), err +} + +func AesEcbDecryptByBase64(cipherTextBase64 string, key []byte) ([]byte, error) { + plainTextBytes, err := base64.StdEncoding.DecodeString(cipherTextBase64) + if err != nil { + return []byte{}, err + } + return AesEcbDecrypt(plainTextBytes, key) +} + +func AesEcbDecryptByHex(cipherTextHex string, key []byte) ([]byte, error) { + plainTextBytes, err := hex.DecodeString(cipherTextHex) + if err != nil { + return []byte{}, err + } + return AesEcbDecrypt(plainTextBytes, key) +} diff --git a/aes/aesecb_test.go b/aes/aesecb_test.go new file mode 100644 index 0000000..fbeae86 --- /dev/null +++ b/aes/aesecb_test.go @@ -0,0 +1,18 @@ +package aes + +import ( + "github.com/stretchr/testify/assert" + "testing" +) + +func TestAesEcb(t *testing.T) { + var ( + key = "1234567812345678" + plaintext = "TestAesEcb" + ) + cipherBytes, err := AesEcbEncrypt([]byte(plaintext),[]byte(key)) + assert.Nil(t, err) + text, err := AesEcbDecrypt(cipherBytes,[]byte(key)) + assert.Nil(t, err) + assert.Equal(t, string(text), plaintext) +} diff --git a/aescbc.go b/aescbc.go deleted file mode 100644 index 3332325..0000000 --- a/aescbc.go +++ /dev/null @@ -1,91 +0,0 @@ -package goEncrypt - -import ( - "crypto/aes" - "crypto/cipher" - "log" - "runtime" -) - -/* -@Time : 2018/11/1 22:53 -@Author : wuman -@File : AES_CBC -@Software: GoLand -*/ -/** -eencrypt - Note: the key length is 16 bytes -*/ - -func init() { - log.SetFlags(log.Ldate | log.Lshortfile) -} - -// encrypt -func AesCbcEncrypt(plainText, key, ivAes []byte) ([]byte, error) { - if len(key) != 16 && len(key) != 24 && len(key) != 32 { - return nil, ErrKeyLengthSixteen - } - block, err := aes.NewCipher(key) - if err != nil { - return nil, err - } - paddingText := PKCS5Padding(plainText, block.BlockSize()) - - var iv []byte - if len(ivAes) != 0 { - if len(ivAes) != 16 { - return nil, ErrIvAes - } else { - iv = ivAes - } - } else { - iv = []byte(ivaes) - } // To initialize the vector, it needs to be the same length as block.blocksize - blockMode := cipher.NewCBCEncrypter(block, iv) - cipherText := make([]byte, len(paddingText)) - blockMode.CryptBlocks(cipherText, paddingText) - return cipherText, nil -} - -// decrypt -func AesCbcDecrypt(cipherText, key, ivAes []byte) ([]byte, error) { - if len(key) != 16 && len(key) != 24 && len(key) != 32 { - return nil, ErrKeyLengthSixteen - } - block, err := aes.NewCipher(key) - if err != nil { - return nil, err - } - - defer func() { - if err := recover(); err != nil { - switch err.(type) { - case runtime.Error: - log.Println("runtime err:", err, "Check that the key or text is correct") - default: - log.Println("error:", err) - } - } - }() - var iv []byte - if len(ivAes) != 0 { - if len(ivAes) != 16 { - return nil, ErrIvAes - } else { - iv = ivAes - } - } else { - iv = []byte(ivaes) - } - blockMode := cipher.NewCBCDecrypter(block, iv) - paddingText := make([]byte, len(cipherText)) - blockMode.CryptBlocks(paddingText, cipherText) - - plainText, err := PKCS5UnPadding(paddingText) - if err != nil { - return nil, err - } - return plainText, nil -} diff --git a/aesctr.go b/aesctr.go deleted file mode 100644 index f5a20d0..0000000 --- a/aesctr.go +++ /dev/null @@ -1,67 +0,0 @@ -package goEncrypt - -import ( - "crypto/aes" - "crypto/cipher" -) - -/* -@Time : 2018/11/1 22:53 -@Author : wuman -@File : AES_CTR -@Software: GoLand -*/ -/* - AES CTR mode encryption and decryption -*/ -func AesCtrEncrypt(plainText, key, ivAes []byte) ([]byte, error) { - if len(key) != 16 && len(key) != 24 && len(key) != 32 { - return nil, ErrKeyLengthSixteen - } - block, err := aes.NewCipher(key) - if err != nil { - return nil, err - } - var iv []byte - if len(ivAes) != 0 { - if len(ivAes) != 16 { - return nil, ErrIvAes - } else { - iv = ivAes - } - } else { - iv = []byte(ivaes) - } - stream := cipher.NewCTR(block, iv) - - cipherText := make([]byte, len(plainText)) - stream.XORKeyStream(cipherText, plainText) - - return cipherText, nil -} - -func AesCtrDecrypt(cipherText, key, ivAes []byte) ([]byte, error) { - if len(key) != 16 && len(key) != 24 && len(key) != 32 { - return nil, ErrKeyLengthSixteen - } - block, err := aes.NewCipher(key) - if err != nil { - return nil, err - } - var iv []byte - if len(ivAes) != 0 { - if len(ivAes) != 16 { - return nil, ErrIvAes - } else { - iv = ivAes - } - } else { - iv = []byte(ivaes) - } - stream := cipher.NewCTR(block, iv) - - plainText := make([]byte, len(cipherText)) - stream.XORKeyStream(plainText, cipherText) - - return plainText, nil -} diff --git a/des/descbc.go b/des/descbc.go new file mode 100644 index 0000000..756bbd8 --- /dev/null +++ b/des/descbc.go @@ -0,0 +1,117 @@ +package des + +import ( + "crypto/cipher" + "crypto/des" + "encoding/base64" + "encoding/hex" + "runtime" + + log "github.com/sirupsen/logrus" + "github.com/wumansgy/goEncrypt" +) + +/** +1. Group plaintext + DES CBC mode encryption and decryption, is an 8-byte block encryption + If the group is not an integer multiple of 8, you need to consider completing the 8 bits2. +*/ +func init() { + log.SetFormatter(&log.JSONFormatter{}) + log.SetReportCaller(true) +} + +func DesCbcEncrypt(plainText, key, ivDes []byte) ([]byte, error) { + if len(key) != 8 { + return nil, goEncrypt.ErrKeyLengtheEight + } + block, err := des.NewCipher(key) + if err != nil { + return nil, err + } + paddingText := goEncrypt.PKCS5Padding(plainText, block.BlockSize()) + + var iv []byte + if len(ivDes) != 0 { + if len(ivDes) != block.BlockSize() { + return nil, goEncrypt.ErrIvDes + } else { + iv = ivDes + } + } else { + iv = []byte(goEncrypt.Ivdes) + } // Initialization vector + blockMode := cipher.NewCBCEncrypter(block, iv) + + cipherText := make([]byte, len(paddingText)) + blockMode.CryptBlocks(cipherText, paddingText) + return cipherText, nil +} + +func DesCbcDecrypt(cipherText, key, ivDes []byte) ([]byte, error) { + if len(key) != 8 { + return nil, goEncrypt.ErrKeyLengtheEight + } + block, err := des.NewCipher(key) + if err != nil { + return nil, err + } + + defer func() { + if err := recover(); err != nil { + switch err.(type) { + case runtime.Error: + log.Errorf("runtime err=%v,Check that the key or text is correct", err) + default: + log.Errorf("error=%v,check the cipherText ", err) + } + } + }() + + var iv []byte + if len(ivDes) != 0 { + if len(ivDes) != block.BlockSize() { + return nil, goEncrypt.ErrIvDes + } else { + iv = ivDes + } + } else { + iv = []byte(goEncrypt.Ivdes) + } // Initialization vector + blockMode := cipher.NewCBCDecrypter(block, iv) + + plainText := make([]byte, len(cipherText)) + blockMode.CryptBlocks(plainText, cipherText) + + unPaddingText, err := goEncrypt.PKCS5UnPadding(plainText, block.BlockSize()) + if err != nil { + return nil, err + } + return unPaddingText, nil +} + +func DesCbcEncryptBase64(plainText, key, ivAes []byte) (string, error) { + encryBytes, err := DesCbcEncrypt(plainText, key, ivAes) + return base64.StdEncoding.EncodeToString(encryBytes), err +} + +func DesCbcEncryptHex(plainText, key, ivAes []byte) (string, error) { + encryBytes, err := DesCbcEncrypt(plainText, key, ivAes) + return hex.EncodeToString(encryBytes), err +} + +func DesCbcDecryptByBase64(cipherTextBase64 string, key, ivAes []byte) ([]byte, error) { + plainTextBytes, err := base64.StdEncoding.DecodeString(cipherTextBase64) + if err != nil { + return []byte{}, err + } + return DesCbcDecrypt(plainTextBytes, key, ivAes) +} + +func DesCbcDecryptByHex(cipherTextHex string, key, ivAes []byte) ([]byte, error) { + plainTextBytes, err := hex.DecodeString(cipherTextHex) + if err != nil { + return []byte{}, err + } + return DesCbcDecrypt(plainTextBytes, key, ivAes) +} diff --git a/des/descbc_test.go b/des/descbc_test.go new file mode 100644 index 0000000..81a5354 --- /dev/null +++ b/des/descbc_test.go @@ -0,0 +1,35 @@ +package des + +import ( + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestDesCbc(t *testing.T) { + var ( + key = "111" + key8 = "12345678" + plaintext = "TestDesCbc" + badiv = "11111" + goodiv = "12345678" + ) + cipherBytes, err := DesCbcEncrypt([]byte(plaintext), []byte(key8), nil) + assert.Nil(t, err) + text, err := DesCbcDecrypt(cipherBytes, []byte(key8), nil) + assert.Nil(t, err) + assert.Equal(t, string(text), plaintext) + + cipherBytes, err = DesCbcEncrypt([]byte(plaintext), []byte(key), nil) + assert.NotNil(t, err) + + cipherBytes, err = DesCbcEncrypt([]byte(plaintext), []byte(key8), []byte(badiv)) + assert.NotNil(t, err) + + cipherBytes, err = DesCbcEncrypt([]byte(plaintext), []byte(key8), []byte(goodiv)) + assert.Nil(t, err) + text, err = DesCbcDecrypt(cipherBytes, []byte(key8), []byte(goodiv)) + assert.Nil(t, err) + assert.Equal(t, string(text), plaintext) + +} diff --git a/des/tripledes_test.go b/des/tripledes_test.go new file mode 100644 index 0000000..55d8c2f --- /dev/null +++ b/des/tripledes_test.go @@ -0,0 +1,35 @@ +package des + +import ( + "github.com/stretchr/testify/assert" + "testing" +) + +func TestTripleDesCbc(t *testing.T) { + var ( + key24 = "123456781234567812345678" + plaintext = "TestTripleDes" + badiv = "11111" + goodiv = "12345678" + ) + cipherBytes, err := TripleDesEncrypt([]byte(plaintext), []byte(key24), nil) + assert.Nil(t, err) + text, err := TripleDesDecrypt(cipherBytes, []byte(key24), nil) + assert.Nil(t, err) + assert.Equal(t, string(text), plaintext) + assert.NotEqual(t, string(text), "test") + + cipherBytes, err = TripleDesEncrypt([]byte(plaintext), []byte(key24), []byte(goodiv)) + assert.Nil(t, err) + text, err = TripleDesDecrypt(cipherBytes, []byte(key24), []byte(goodiv)) + assert.Nil(t, err) + assert.Equal(t, string(text), plaintext) + assert.NotEqual(t, string(text), "test") + + cipherBytes, err = TripleDesEncrypt([]byte(plaintext), []byte(key24), []byte(badiv)) + assert.NotNil(t, err) + + cipherBytes, err = TripleDesEncrypt([]byte(plaintext), []byte(badiv), []byte(badiv)) + assert.NotNil(t, err) + +} diff --git a/des/tripledescbc.go b/des/tripledescbc.go new file mode 100644 index 0000000..050f5f6 --- /dev/null +++ b/des/tripledescbc.go @@ -0,0 +1,115 @@ +package des + +import ( + "crypto/cipher" + "crypto/des" + "encoding/base64" + "encoding/hex" + "runtime" + + log "github.com/sirupsen/logrus" + "github.com/wumansgy/goEncrypt" +) + +/** + Triple des encryption and decryption + algorithm : Encryption: key one encryption -> key two decryption -> key three encryption + Decryption: key three decryption -> key two encryption -> key one decryption +*/ +func TripleDesEncrypt(plainText, key, ivDes []byte) ([]byte, error) { + if len(key) != 24 { + return nil, goEncrypt.ErrKeyLengthTwentyFour + } + block, err := des.NewTripleDESCipher(key) + if err != nil { + return nil, err + } + paddingText := goEncrypt.PKCS5Padding(plainText, block.BlockSize()) + + var iv []byte + if len(ivDes) != 0 { + if len(ivDes) != block.BlockSize() { + return nil, goEncrypt.ErrIvDes + } else { + iv = ivDes + } + } else { + iv = []byte(goEncrypt.Ivdes) + } + blockMode := cipher.NewCBCEncrypter(block, iv) + + cipherText := make([]byte, len(paddingText)) + blockMode.CryptBlocks(cipherText, paddingText) + return cipherText, nil +} + +func TripleDesDecrypt(cipherText, key, ivDes []byte) ([]byte, error) { + if len(key) != 24 { + return nil, goEncrypt.ErrKeyLengthTwentyFour + } + // 1. Specifies that the 3des decryption algorithm creates and returns a cipher.Block interface using the TDEA algorithm。 + block, err := des.NewTripleDESCipher(key) + if err != nil { + return nil, err + } + + // 2. Delete the filling + // Before deleting, prevent the user from entering different keys twice and causing panic, so do an error handling + defer func() { + if err := recover(); err != nil { + switch err.(type) { + case runtime.Error: + log.Errorf("runtime err=%v,Check that the key or text is correct", err) + default: + log.Errorf("error=%v,check the cipherText ", err) + } + } + }() + + var iv []byte + if len(ivDes) != 0 { + if len(ivDes) != block.BlockSize() { + return nil, goEncrypt.ErrIvDes + } else { + iv = ivDes + } + } else { + iv = []byte(goEncrypt.Ivdes) + } + blockMode := cipher.NewCBCDecrypter(block, iv) + + paddingText := make([]byte, len(cipherText)) // + blockMode.CryptBlocks(paddingText, cipherText) + + plainText, err := goEncrypt.PKCS5UnPadding(paddingText, block.BlockSize()) + if err != nil { + return nil, err + } + return plainText, nil +} + +func TripleDesEncryptBase64(plainText, key, ivAes []byte) (string, error) { + encryBytes, err := TripleDesEncrypt(plainText, key, ivAes) + return base64.StdEncoding.EncodeToString(encryBytes), err +} + +func TripleDesEncryptHex(plainText, key, ivAes []byte) (string, error) { + encryBytes, err := TripleDesEncrypt(plainText, key, ivAes) + return hex.EncodeToString(encryBytes), err +} + +func TripleDesDecryptByBase64(cipherTextBase64 string, key, ivAes []byte) ([]byte, error) { + plainTextBytes, err := base64.StdEncoding.DecodeString(cipherTextBase64) + if err != nil { + return []byte{}, err + } + return TripleDesDecrypt(plainTextBytes, key, ivAes) +} + +func TripleDesDecryptByHex(cipherTextHex string, key, ivAes []byte) ([]byte, error) { + plainTextBytes, err := hex.DecodeString(cipherTextHex) + if err != nil { + return []byte{}, err + } + return TripleDesDecrypt(plainTextBytes, key, ivAes) +} diff --git a/descbc.go b/descbc.go deleted file mode 100644 index 0835752..0000000 --- a/descbc.go +++ /dev/null @@ -1,92 +0,0 @@ -package goEncrypt - -import ( - "crypto/cipher" - "crypto/des" - "log" - "runtime" -) - -/* -@Time : 2018/11/1 21:28 -@Author : wuman -@File : DES_CBC -@Software: GoLand -*/ -/** -1. Group plaintext - DES CBC mode encryption and decryption, is an 8-byte block encryption - If the group is not an integer multiple of 8, you need to consider completing the 8 bits2. -*/ -func init() { - log.SetFlags(log.Ldate | log.Lshortfile) -} - -func DesCbcEncrypt(plainText, key, ivDes []byte) ([]byte, error) { - if len(key) != 8 { - return nil, ErrKeyLengtheEight - } - block, err := des.NewCipher(key) - if err != nil { - return nil, err - } - paddingText := PKCS5Padding(plainText, block.BlockSize()) - - var iv []byte - if len(ivDes) != 0 { - if len(ivDes) != 8 { - return nil, ErrIvDes - } else { - iv = ivDes - } - } else { - iv = []byte(ivdes) - } // Initialization vector - blockMode := cipher.NewCBCEncrypter(block, iv) - - cipherText := make([]byte, len(paddingText)) - blockMode.CryptBlocks(cipherText, paddingText) - return cipherText, nil -} - -func DesCbcDecrypt(cipherText, key, ivDes []byte) ([]byte, error) { - if len(key) != 8 { - return nil, ErrKeyLengtheEight - } - block, err := des.NewCipher(key) - if err != nil { - return nil, err - } - - defer func() { - if err := recover(); err != nil { - switch err.(type) { - case runtime.Error: - log.Println("runtime err:", err, "Check that the key or text is correct") - default: - log.Println("error:", err) - } - } - }() - - var iv []byte - if len(ivDes) != 0 { - if len(ivDes) != 8 { - return nil, ErrIvDes - } else { - iv = ivDes - } - } else { - iv = []byte(ivdes) - } // Initialization vector - blockMode := cipher.NewCBCDecrypter(block, iv) - - plainText := make([]byte, len(cipherText)) - blockMode.CryptBlocks(plainText, cipherText) - - unPaddingText, err := PKCS5UnPadding(plainText) - if err != nil { - return nil, err - } - return unPaddingText, nil -} diff --git a/dh/dh.go b/dh/dh.go new file mode 100644 index 0000000..9403f6f --- /dev/null +++ b/dh/dh.go @@ -0,0 +1,8 @@ +package dh + +import "testing" + + +func TestDh(t *testing.T) { + +} \ No newline at end of file diff --git a/dh/dh_test.go b/dh/dh_test.go new file mode 100644 index 0000000..6867766 --- /dev/null +++ b/dh/dh_test.go @@ -0,0 +1 @@ +package dh diff --git a/ecc/ecc_test.go b/ecc/ecc_test.go new file mode 100644 index 0000000..c48f9b8 --- /dev/null +++ b/ecc/ecc_test.go @@ -0,0 +1,107 @@ +package ecc + +import ( + "github.com/stretchr/testify/assert" + "testing" +) + +var ( + msg = "床前明月光,疑是地上霜,举头望明月,低头思故乡" + base64PubKey = "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAElJ+LbZBekYTu/Md4T/j3DJsmJFf/3wLLmfUR7sLXCzS1PsDpHIC0QXRdVVdzS9BmP5GdtpesR4Oeh7g0TBBoLA==" + base64PriKey = "MHcCAQEEIKPH4RlH9IQYwalxykgwlZkV9JjxQW2mHM+oGp4dxkMGoAoGCCqGSM49AwEHoUQDQgAElJ+LbZBekYTu/Md4T/j3DJsmJFf/3wLLmfUR7sLXCzS1PsDpHIC0QXRdVVdzS9BmP5GdtpesR4Oeh7g0TBBoLA==" + + hexPubKey = "3059301306072a8648ce3d020106082a8648ce3d030107034200043d39b48322518e8c6053ff63ef0426537fb1d5e16d128802c4c54104d61f84605b6bfa3266cc7f38968c0174d672e3690e50a93c819589f6d0f6bb44a57bcee8" + hexPriKey = "30770201010420af9497e1c61ffe6019592a25f22a12e079e87d935b01bd2dc6d817744053a849a00a06082a8648ce3d030107a144034200043d39b48322518e8c6053ff63ef0426537fb1d5e16d128802c4c54104d61f84605b6bfa3266cc7f38968c0174d672e3690e50a93c819589f6d0f6bb44a57bcee8" +) + +func TestEccEncryptBase64(t *testing.T) { + base64Key, err := GenerateEccKeyBase64() + assert.Nil(t, err) + + cipherText, err := EccEncryptToBase64([]byte(msg), base64PubKey) + assert.Nil(t, err) + _, err = EccEncryptToBase64([]byte(msg), base64PriKey) + assert.NotNil(t, err) + plainText, err := EccDecryptByBase64(cipherText, base64PriKey) + assert.Nil(t, err) + assert.Equal(t, msg, string(plainText)) + + cipherText, err = EccEncryptToBase64([]byte(msg), base64Key.PublicKey) + assert.Nil(t, err) + plainText, err = EccDecryptByBase64(cipherText, base64Key.PrivateKey) + assert.Nil(t, err) + assert.Equal(t, msg, string(plainText)) + _, err = EccDecryptByBase64(cipherText, base64Key.PublicKey) + assert.NotNil(t, err) + _, err = EccDecryptByBase64("badText", base64Key.PrivateKey) + assert.NotNil(t, err) + _, err = EccDecryptByBase64(cipherText, "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAElJ") + assert.NotNil(t, err) + +} + +func TestEccEncryptHex(t *testing.T) { + hexKey, err := GenerateEccKeyHex() + assert.Nil(t, err) + + cipherText, err := EccEncryptToHex([]byte(msg), hexPubKey) + assert.Nil(t, err) + _, err = EccEncryptToHex([]byte(msg), hexPriKey) + assert.NotNil(t, err) + plainText, err := EccDecryptByHex(cipherText, hexPriKey) + assert.Nil(t, err) + assert.Equal(t, msg, string(plainText)) + + cipherText, err = EccEncryptToHex([]byte(msg), hexKey.PublicKey) + assert.Nil(t, err) + plainText, err = EccDecryptByHex(cipherText, hexKey.PrivateKey) + assert.Nil(t, err) + assert.Equal(t, msg, string(plainText)) + _, err = EccDecryptByHex(cipherText, hexKey.PublicKey) + assert.NotNil(t, err) + _, err = EccDecryptByHex("badText", hexKey.PrivateKey) + assert.NotNil(t, err) + _, err = EccDecryptByHex(cipherText, "3059301306072a8648ce3d020106082a8648ce3d03") + assert.NotNil(t, err) + +} + +func TestEccSignBase64(t *testing.T) { + base64Key, err := GenerateEccKeyBase64() + assert.Nil(t, err) + + rText, sText, err := EccSignBase64([]byte(msg), base64Key.PrivateKey) + assert.Nil(t, err) + _, _, err = EccSignBase64([]byte(msg), base64Key.PublicKey) + assert.NotNil(t, err) + _, _, err = EccSignBase64([]byte(msg), base64PubKey) + assert.NotNil(t, err) + + res := EccVerifySignBase64([]byte(msg), rText, sText, base64Key.PublicKey) + assert.Equal(t, res, true) + + res = EccVerifySignBase64([]byte(msg), rText, sText, base64Key.PrivateKey) + assert.Equal(t, res, false) + res = EccVerifySignBase64([]byte(msg), sText, rText, base64Key.PrivateKey) + assert.Equal(t, res, false) +} + +func TestEccSignHex(t *testing.T) { + hexKey, err := GenerateEccKeyHex() + assert.Nil(t, err) + + rText, sText, err := EccSignHex([]byte(msg), hexKey.PrivateKey) + assert.Nil(t, err) + _, _, err = EccSignHex([]byte(msg), hexKey.PublicKey) + assert.NotNil(t, err) + _, _, err = EccSignHex([]byte(msg), hexPubKey) + assert.NotNil(t, err) + + res := EccVerifySignHex([]byte(msg), rText, sText, hexKey.PublicKey) + assert.Equal(t, res, true) + + res = EccVerifySignHex([]byte(msg), rText, sText, hexKey.PrivateKey) + assert.Equal(t, res, false) + res = EccVerifySignHex([]byte(msg), sText, rText, hexKey.PrivateKey) + assert.Equal(t, res, false) +} diff --git a/ecc/ecccrypt.go b/ecc/ecccrypt.go new file mode 100644 index 0000000..1b60e00 --- /dev/null +++ b/ecc/ecccrypt.go @@ -0,0 +1,117 @@ +package ecc + +import ( + "crypto/ecdsa" + "crypto/rand" + "crypto/x509" + "encoding/base64" + "encoding/hex" + "runtime" + + log "github.com/sirupsen/logrus" +) + +func init() { + log.SetFormatter(&log.JSONFormatter{}) + log.SetReportCaller(true) +} + +// The public key and plaintext are passed in for encryption +func eccEncrypt(plainText, pubKey []byte) (cipherText []byte, err error) { + defer func() { + if err := recover(); err != nil { + switch err.(type) { + case runtime.Error: + log.Errorf("runtime err=%v,Check that the key or text is correct", err) + default: + log.Errorf("error=%v,check the cipherText ", err) + } + } + }() + tempPublicKey, err := x509.ParsePKIXPublicKey(pubKey) + if err != nil { + return nil, err + } + // Decode to get the private key in the ecdsa package + publicKey1 := tempPublicKey.(*ecdsa.PublicKey) + // Convert to the public key in the ecies package in the ethereum package + publicKey := ImportECDSAPublic(publicKey1) + cipherText, err = Encrypt(rand.Reader, publicKey, plainText, nil, nil) + return cipherText, err + +} + +// The private key and plaintext are passed in for decryption +func eccDecrypt(cipherText, priKey []byte) (msg []byte, err error) { + defer func() { + if err := recover(); err != nil { + switch err.(type) { + case runtime.Error: + log.Errorf("runtime err=%v,Check that the key or text is correct", err) + default: + log.Errorf("error=%v,check the cipherText ", err) + } + } + }() + tempPrivateKey, err := x509.ParseECPrivateKey(priKey) + if err != nil { + return nil, err + } + // Decode to get the private key in the ecdsa package + // Convert to the private key in the ecies package in the ethereum package + privateKey := ImportECDSA(tempPrivateKey) + plainText, err := privateKey.Decrypt(cipherText, nil, nil) + if err != nil { + return nil, err + } + return plainText, nil +} + +func EccEncryptToBase64(plainText []byte, base64PubKey string) (base64CipherText string, err error) { + pub, err := base64.StdEncoding.DecodeString(base64PubKey) + if err != nil { + return "", err + } + cipherBytes, err := eccEncrypt(plainText, pub) + if err != nil { + return "", err + } + return base64.StdEncoding.EncodeToString(cipherBytes), nil +} + +// +func EccDecryptByBase64(base64CipherText, base64PriKey string) (plainText []byte, err error) { + privateBytes, err := base64.StdEncoding.DecodeString(base64PriKey) + if err != nil { + return nil, err + } + cipherTextBytes, err := base64.StdEncoding.DecodeString(base64CipherText) + if err != nil { + return nil, err + } + return eccDecrypt(cipherTextBytes, privateBytes) +} + +func EccEncryptToHex(plainText []byte, hexPubKey string) (hexCipherText string, err error) { + pub, err := hex.DecodeString(hexPubKey) + if err != nil { + return "", err + } + cipherBytes, err := eccEncrypt(plainText, pub) + if err != nil { + return "", err + } + return hex.EncodeToString(cipherBytes), nil +} + +func EccDecryptByHex(hexCipherText, hexPriKey string) (plainText []byte, err error) { + privateBytes, err := hex.DecodeString(hexPriKey) + if err != nil { + return nil, err + } + cipherTextBytes, err := hex.DecodeString(hexCipherText) + if err != nil { + return nil, err + } + return eccDecrypt(cipherTextBytes, privateBytes) +} diff --git a/ecc/eccsign.go b/ecc/eccsign.go new file mode 100644 index 0000000..d13bc8b --- /dev/null +++ b/ecc/eccsign.go @@ -0,0 +1,124 @@ +package ecc + +import ( + "crypto/ecdsa" + "crypto/rand" + "crypto/x509" + "encoding/base64" + "encoding/hex" + "math/big" + "runtime" + + log "github.com/sirupsen/logrus" + "github.com/wumansgy/goEncrypt/hash" +) + +func eccSign(msg []byte, priKey []byte) (rSign []byte, sSign []byte, err error) { + defer func() { + if err := recover(); err != nil { + switch err.(type) { + case runtime.Error: + log.Errorf("runtime err=%v,Check that the key or text is correct", err) + default: + log.Errorf("error=%v,check the cipherText ", err) + } + } + }() + privateKey, err := x509.ParseECPrivateKey(priKey) + if err != nil { + return nil, nil, err + } + resultHash := hash.Sha256(msg) + r, s, err := ecdsa.Sign(rand.Reader, privateKey, resultHash) + if err != nil { + return nil, nil, err + } + + rText, err := r.MarshalText() + if err != nil { + return nil, nil, err + } + sText, err := s.MarshalText() + if err != nil { + return nil, nil, err + } + return rText, sText, nil +} + +func eccVerifySign(msg []byte, pubKey []byte, rText, sText []byte) bool { + defer func() { + if err := recover(); err != nil { + switch err.(type) { + case runtime.Error: + log.Errorf("runtime err=%v,Check that the key or text is correct", err) + default: + log.Errorf("error=%v,check the cipherText ", err) + } + } + }() + publicKeyInterface, _ := x509.ParsePKIXPublicKey(pubKey) + publicKey := publicKeyInterface.(*ecdsa.PublicKey) + resultHash := hash.Sha256(msg) + + var r, s big.Int + r.UnmarshalText(rText) + s.UnmarshalText(sText) + result := ecdsa.Verify(publicKey, resultHash, &r, &s) + return result +} + +func EccSignBase64(msg []byte, base64PriKey string) (base64rSign, base64sSign string, err error) { + priBytes, err := base64.StdEncoding.DecodeString(base64PriKey) + if err != nil { + return "", "", err + } + rSign, sSign, err := eccSign(msg, priBytes) + if err != nil { + return "", "", err + } + return base64.StdEncoding.EncodeToString(rSign), base64.StdEncoding.EncodeToString(sSign), nil +} + +func EccVerifySignBase64(msg []byte, base64rSign, base64sSign, base64PubKey string) bool { + rSignBytes, err := base64.StdEncoding.DecodeString(base64rSign) + if err != nil { + return false + } + sSignBytes, err := base64.StdEncoding.DecodeString(base64sSign) + if err != nil { + return false + } + pubBytes, err := base64.StdEncoding.DecodeString(base64PubKey) + if err != nil { + return false + } + return eccVerifySign(msg, pubBytes, rSignBytes, sSignBytes) +} + +func EccSignHex(msg []byte, hexPriKey string) (hexrSign, hexsSign string, err error) { + priBytes, err := hex.DecodeString(hexPriKey) + if err != nil { + return "", "", err + } + rSign, sSign, err := eccSign(msg, priBytes) + if err != nil { + return "", "", err + } + return hex.EncodeToString(rSign), hex.EncodeToString(sSign), nil +} + +func EccVerifySignHex(msg []byte, hexrSign, hexsSign, hexPubKey string) bool { + rSignBytes, err := hex.DecodeString(hexrSign) + if err != nil { + return false + } + sSignBytes, err := hex.DecodeString(hexsSign) + if err != nil { + return false + } + pubBytes, err := hex.DecodeString(hexPubKey) + if err != nil { + return false + } + return eccVerifySign(msg, pubBytes, rSignBytes, sSignBytes) +} diff --git a/ecies.go b/ecc/ecies.go similarity index 98% rename from ecies.go rename to ecc/ecies.go index 8991c25..b435bf6 100644 --- a/ecies.go +++ b/ecc/ecies.go @@ -27,22 +27,22 @@ // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -package goEncrypt +package ecc import ( + "crypto" + "crypto/aes" "crypto/cipher" "crypto/ecdsa" "crypto/elliptic" "crypto/hmac" + "crypto/sha256" + "crypto/sha512" "crypto/subtle" "fmt" "hash" "io" "math/big" - "crypto" - "crypto/sha256" - "crypto/aes" - "crypto/sha512" ) var ( @@ -378,9 +378,9 @@ func ParamsFromCurve(curve elliptic.Curve) (params *ECIESParams) { } var paramsFromCurve = map[elliptic.Curve]*ECIESParams{ //ethcrypto.S256(): ECIES_AES128_SHA256, - elliptic.P256(): ECIES_AES128_SHA256, - elliptic.P384(): ECIES_AES256_SHA384, - elliptic.P521(): ECIES_AES256_SHA512, + elliptic.P256(): ECIES_AES128_SHA256, + elliptic.P384(): ECIES_AES256_SHA384, + elliptic.P521(): ECIES_AES256_SHA512, } var ( ECIES_AES128_SHA256 = &ECIESParams{ diff --git a/ecc/getecckey.go b/ecc/getecckey.go new file mode 100644 index 0000000..b1c0ba8 --- /dev/null +++ b/ecc/getecckey.go @@ -0,0 +1,54 @@ +package ecc + +import ( + "crypto/ecdsa" + "crypto/elliptic" + "crypto/rand" + "crypto/x509" + "encoding/base64" + "encoding/hex" +) + +type EccKey struct { + PrivateKey string + PublicKey string +} + +func GenerateEccKeyHex() (EccKey, error) { + privateKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) + if err != nil { + return EccKey{}, err + } + privateBytes, err := x509.MarshalECPrivateKey(privateKey) + if err != nil { + return EccKey{}, err + } + publicBytes, err := x509.MarshalPKIXPublicKey(&privateKey.PublicKey) + if err != nil { + return EccKey{}, err + } + + return EccKey{ + PrivateKey: hex.EncodeToString(privateBytes), + PublicKey: hex.EncodeToString(publicBytes), + }, nil +} + +func GenerateEccKeyBase64() (EccKey, error) { + privateKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) + if err != nil { + return EccKey{}, err + } + privateBytes, err := x509.MarshalECPrivateKey(privateKey) + if err != nil { + return EccKey{}, err + } + publicBytes, err := x509.MarshalPKIXPublicKey(&privateKey.PublicKey) + if err != nil { + return EccKey{}, err + } + return EccKey{ + PrivateKey: base64.StdEncoding.EncodeToString(privateBytes), + PublicKey: base64.StdEncoding.EncodeToString(publicBytes), + }, nil +} diff --git a/ecccrypt.go b/ecccrypt.go deleted file mode 100644 index 48cf3fd..0000000 --- a/ecccrypt.go +++ /dev/null @@ -1,74 +0,0 @@ -package goEncrypt - -import ( - "log" - "crypto/rand" - "encoding/pem" - "runtime" - "crypto/x509" - "crypto/ecdsa" -) - -/* -@Time : 2018/11/4 16:43 -@Author : wuman -@File : EccCrypt -@Software: GoLand -*/ -func init(){ - log.SetFlags(log.Ldate|log.Lshortfile) -} -// The public key and plaintext are passed in for encryption -func EccEncrypt(plainText,key []byte)( cryptText []byte,err error){ - block, _:= pem.Decode(key) - defer func(){ - if err:=recover();err!=nil{ - switch err.(type){ - case runtime.Error: - log.Println("runtime err:",err,"Check that the key is correct") - default: - log.Println("error:",err) - } - } - }() - tempPublicKey, err := x509.ParsePKIXPublicKey(block.Bytes) - if err!=nil{ - return nil,err - } - // Decode to get the private key in the ecdsa package - publicKey1:=tempPublicKey.(*ecdsa.PublicKey) - // Convert to the public key in the ecies package in the ethereum package - publicKey:=ImportECDSAPublic(publicKey1) - crypttext,err:=Encrypt(rand.Reader, publicKey, plainText, nil, nil) - - return crypttext,err - - -} -// The private key and plaintext are passed in for decryption -func EccDecrypt(cryptText,key []byte)( msg []byte,err error){ - block, _:= pem.Decode(key) - defer func(){ - if err:=recover();err!=nil{ - switch err.(type){ - case runtime.Error: - log.Println("runtime err:",err,"Check that the key is correct") - default: - log.Println("error:",err) - } - } - }() - tempPrivateKey, err := x509.ParseECPrivateKey(block.Bytes) - if err!=nil{ - return nil,err - } - // Decode to get the private key in the ecdsa package - // Convert to the private key in the ecies package in the ethereum package - privateKey:=ImportECDSA(tempPrivateKey) - - plainText,err:=privateKey.Decrypt(cryptText,nil,nil) - if err!=nil{ - return nil,err - } - return plainText,nil -} \ No newline at end of file diff --git a/eccsign.go b/eccsign.go deleted file mode 100644 index 339b28a..0000000 --- a/eccsign.go +++ /dev/null @@ -1,85 +0,0 @@ -package goEncrypt - -import ( - "crypto/sha256" - "crypto/rand" - "encoding/pem" - "crypto/x509" - "log" - "runtime" - "crypto/ecdsa" - "math/big" -) - -/* -@Time : 2018/11/4 18:51 -@Author : wuman -@File : EccSign -@Software: GoLand -*/ - -func init(){ - log.SetFlags(log.Ldate|log.Lshortfile) -} - -func EccSign(msg []byte,Key []byte)([]byte,[]byte, error){ - block, _ := pem.Decode(Key) - - defer func(){ - if err:=recover();err!=nil{ - switch err.(type){ - case runtime.Error: - log.Println("runtime err:",err,"Check that the key is correct") - default: - log.Println("error:",err) - } - } - }() - privateKey, err := x509.ParseECPrivateKey(block.Bytes) - if err!=nil{ - return nil,nil,err - } - myhash := sha256.New() - myhash.Write(msg) - resultHash := myhash.Sum(nil) - - r, s, err := ecdsa.Sign(rand.Reader, privateKey, resultHash) - if err!=nil{ - return nil,nil,err - } - - rText, err := r.MarshalText() - if err!=nil{ - return nil,nil,err - } - sText, err := s.MarshalText() - if err!=nil{ - return nil,nil,err - } - return rText,sText,nil -} - -func EccVerifySign(msg []byte,Key []byte,rText,sText []byte) bool { - block, _ := pem.Decode(Key) - defer func(){ - if err:=recover();err!=nil{ - switch err.(type){ - case runtime.Error: - log.Println("runtime err:",err,"Check that the key is correct") - default: - log.Println("error:",err) - } - } - }() - publicKeyInterface, _ := x509.ParsePKIXPublicKey(block.Bytes) - publicKey:=publicKeyInterface.(*ecdsa.PublicKey) - myhash := sha256.New() - myhash.Write(msg) - resultHash := myhash.Sum(nil) - - var r,s big.Int - r.UnmarshalText(rText) - s.UnmarshalText(sText) - result := ecdsa.Verify(publicKey, resultHash, &r, &s) - return result -} \ No newline at end of file diff --git a/getecckey.go b/getecckey.go deleted file mode 100644 index 2ad67b1..0000000 --- a/getecckey.go +++ /dev/null @@ -1,64 +0,0 @@ -package goEncrypt - -import ( - "crypto/ecdsa" - "crypto/elliptic" - "crypto/rand" - "crypto/x509" - "encoding/pem" - "os" - "log" -) - -/* -@Time : 2018/11/4 16:22 -@Author : wuman -@File : GetECCKey -@Software: GoLand -*/ -func init(){ - log.SetFlags(log.Ldate|log.Lshortfile) -} - -func GetEccKey()error{ - privateKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) - if err!=nil{ - return err - } - - x509PrivateKey, err := x509.MarshalECPrivateKey(privateKey) - if err!=nil{ - return err - } - - block := pem.Block{ - Type: eccPrivateKeyPrefix, - Bytes: x509PrivateKey, - } - file, err := os.Create(eccPrivateFileName) - if err!=nil{ - return err - } - defer file.Close() - if err=pem.Encode(file, &block);err!=nil{ - return err - } - - x509PublicKey, err := x509.MarshalPKIXPublicKey(&privateKey.PublicKey) - if err!=nil { - return err - } - publicBlock := pem.Block{ - Type: eccPublicKeyPrefix, - Bytes: x509PublicKey, - } - publicFile, err := os.Create(eccPublishFileName) - if err!=nil { - return err - } - defer publicFile.Close() - if err=pem.Encode(publicFile,&publicBlock);err!=nil{ - return err - } - return nil -} \ No newline at end of file diff --git a/getrsakey.go b/getrsakey.go deleted file mode 100644 index 8201dbc..0000000 --- a/getrsakey.go +++ /dev/null @@ -1,62 +0,0 @@ -package goEncrypt - -import ( - "crypto/rsa" - "crypto/rand" - "crypto/x509" - "os" - "encoding/pem" -) - -/* -@Time : 2018/11/2 18:44 -@Author : wuman -@File : getkey -@Software: GoLand -*/ -/* - Asymmetric encryption requires the generation of a pair of keys rather than a key, so before encryption here you need to get a pair of keys, public and private, respectively - Generate the public and private keys all at once - Encryption: plaintext to the power E Mod N to output ciphertext - Decryption: ciphertext to the power D Mod N outputs plaintext - - Encryption operations take a long time? Encryption is faster - - The data is encrypted and cannot be easily decrypted -*/ - -func GetRsaKey()error{ - privateKey, err:= rsa.GenerateKey(rand.Reader, 2048) - if err!=nil{ - return err - } - x509PrivateKey := x509.MarshalPKCS1PrivateKey(privateKey) - privateFile, err := os.Create(privateFileName) - if err!=nil{ - return err - } - defer privateFile.Close() - privateBlock := pem.Block{ - Type:privateKeyPrefix, - Bytes:x509PrivateKey, - } - - if err=pem.Encode(privateFile,&privateBlock);err!=nil{ - return err - } - publicKey := privateKey.PublicKey - x509PublicKey, err := x509.MarshalPKIXPublicKey(&publicKey) - if err != nil { - panic(err) - } - publicFile,_ :=os.Create(publicFileName) - defer publicFile.Close() - publicBlock := pem.Block{ - Type:publicKeyPrefix, - Bytes:x509PublicKey, - } - if err=pem.Encode(publicFile,&publicBlock);err!=nil{ - return err - } - return nil -} \ No newline at end of file diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..7368a11 --- /dev/null +++ b/go.mod @@ -0,0 +1,8 @@ +module github.com/wumansgy/goEncrypt + +go 1.16 + +require ( + github.com/sirupsen/logrus v1.8.1 + github.com/stretchr/testify v1.8.0 +) diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..4904fed --- /dev/null +++ b/go.sum @@ -0,0 +1,20 @@ +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/sirupsen/logrus v1.8.1 h1:dJKuHgqk1NNQlqoA6BTlM1Wf9DOH3NBjQyu0h9+AZZE= +github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +golang.org/x/sys v0.0.0-20191026070338-33540a1f6037 h1:YyJpGZS1sBuBCzLAR1VEpK193GlqGZbnPFnPV/5Rsb4= +golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/hash/sha1.go b/hash/sha1.go new file mode 100644 index 0000000..624e6be --- /dev/null +++ b/hash/sha1.go @@ -0,0 +1,16 @@ +package hash + +import ( + "crypto/sha1" + "encoding/hex" +) + +func Sha1Hex(data []byte) string { + return hex.EncodeToString(Sha1(data)) +} + +func Sha1(data []byte) []byte { + digest := sha1.New() + digest.Write(data) + return digest.Sum(nil) +} diff --git a/hash/sha256.go b/hash/sha256.go new file mode 100644 index 0000000..bb36d52 --- /dev/null +++ b/hash/sha256.go @@ -0,0 +1,17 @@ +package hash + +import ( + "crypto/sha256" + "encoding/hex" +) + + +func Sha256Hex(data []byte) string { + return hex.EncodeToString(Sha256(data)) +} + +func Sha256(data []byte) []byte { + digest := sha256.New() + digest.Write(data) + return digest.Sum(nil) +} diff --git a/sha512.go b/hash/sha512.go similarity index 69% rename from sha512.go rename to hash/sha512.go index 32022d5..b20eb66 100644 --- a/sha512.go +++ b/hash/sha512.go @@ -1,16 +1,10 @@ -package goEncrypt +package hash import ( "crypto/sha512" "encoding/hex" ) -/* -@Time : 2018/11/2 17:05 -@Author : wuman -@File : sha512 -@Software: GoLand -*/ func Sha512Hex(data []byte)string{ return hex.EncodeToString(Sha512(data)) diff --git a/hash/sha_test.go b/hash/sha_test.go new file mode 100644 index 0000000..3a73eb5 --- /dev/null +++ b/hash/sha_test.go @@ -0,0 +1,42 @@ +package hash + +import ( + "testing" + + "github.com/stretchr/testify/assert" +) + +const ( + shaData = "sha text" + + sha1Hex = "d61babc269a1ccf83d8d08583fdf513eedeb55e6" + sha256Hex = "65294d857d822c8b73af70c78cf6fc4325a0bf28c2efbbcd07c55b19eaf20d20" + sha512Hex = "b4d5cda7b08feeca4ce2bf17e1ffab7d13e5234faca54ae46f4f87f66200a3bbc07b4b37b095eaf3bca2f8dba707bc259af3fe6e6e0b925a43915c9f351d92be" +) + +func TestSha1Hex(t *testing.T) { + actual := Sha1Hex([]byte(shaData)) + assert.Equal(t, sha1Hex, actual) +} + +func TestSha256Hex(t *testing.T) { + actual := Sha256Hex([]byte(shaData)) + assert.Equal(t, sha256Hex, actual) +} + +func TestSha512Hex(t *testing.T) { + actual := Sha512Hex([]byte(shaData)) + assert.Equal(t, sha512Hex, actual) +} + +func BenchmarkSha256(b *testing.B) { + for i := 0; i < b.N; i++ { + Sha256Hex([]byte(shaData)) + } +} + +func BenchmarkSha512(b *testing.B) { + for i := 0; i < b.N; i++ { + Sha512Hex([]byte(shaData)) + } +} diff --git a/he/he.go b/he/he.go new file mode 100644 index 0000000..962e1b8 --- /dev/null +++ b/he/he.go @@ -0,0 +1,3 @@ +package he + +// todo diff --git a/he/he_test.go b/he/he_test.go new file mode 100644 index 0000000..edd65cb --- /dev/null +++ b/he/he_test.go @@ -0,0 +1 @@ +package he diff --git a/pkcs5padding.go b/pkcs5padding.go index 6973655..7fe8f45 100644 --- a/pkcs5padding.go +++ b/pkcs5padding.go @@ -5,7 +5,7 @@ import ( ) /* -@Time : 2018/11/1 21:16 +@Time : 2018/11/1 21:16 @Author : wuman @File : padding @Software: GoLand @@ -16,22 +16,22 @@ import ( If des algorithm is used, the block size is 8 bytes With the AES algorithm, 16 bytes of fast size are filled in A tool for populating data when using block encryption mode - */ +*/ // It is populated using pkcs5 -func PKCS5Padding(plainText []byte, blockSize int) []byte{ - padding := blockSize - (len(plainText)%blockSize) +func PKCS5Padding(plainText []byte, blockSize int) []byte { + padding := blockSize - (len(plainText) % blockSize) padText := bytes.Repeat([]byte{byte(padding)}, padding) newText := append(plainText, padText...) return newText } -func PKCS5UnPadding(plainText []byte)([]byte,error){ +func PKCS5UnPadding(plainText []byte, blockSize int) ([]byte, error) { length := len(plainText) - number:= int(plainText[length-1]) - if number>length{ - return nil,ErrPaddingSize + number := int(plainText[length-1]) + if number >= length || number > blockSize { + return nil, ErrPaddingSize } - return plainText[:length-number],nil -} \ No newline at end of file + return plainText[:length-number], nil +} diff --git a/rsa/getrsakey.go b/rsa/getrsakey.go new file mode 100644 index 0000000..af8c0a5 --- /dev/null +++ b/rsa/getrsakey.go @@ -0,0 +1,55 @@ +package rsa + +import ( + "crypto/rand" + "crypto/rsa" + "crypto/x509" + "encoding/base64" + "encoding/hex" + + "github.com/wumansgy/goEncrypt" +) + +/* + Asymmetric encryption requires the generation of a pair of keys rather than a key, so before encryption here you need to get a pair of keys, public and private, respectively + Generate the public and private keys all at once + Encryption: plaintext to the power E Mod N to output ciphertext + Decryption: ciphertext to the power D Mod N outputs plaintext + + Encryption operations take a long time? Encryption is faster + + The data is encrypted and cannot be easily decrypted +*/ + +type RsaKey struct { + PrivateKey string + PublicKey string +} + +func GenerateRsaKeyHex(bits int) (RsaKey, error) { + if bits != 1024 && bits != 2048 { + return RsaKey{}, goEncrypt.ErrRsaBits + } + privateKey, err := rsa.GenerateKey(rand.Reader, bits) + if err != nil { + return RsaKey{}, err + } + return RsaKey{ + PrivateKey: hex.EncodeToString(x509.MarshalPKCS1PrivateKey(privateKey)), + PublicKey: hex.EncodeToString(x509.MarshalPKCS1PublicKey(&privateKey.PublicKey)), + }, nil +} + +func GenerateRsaKeyBase64(bits int) (RsaKey, error) { + if bits != 1024 && bits != 2048 { + return RsaKey{}, goEncrypt.ErrRsaBits + } + privateKey, err := rsa.GenerateKey(rand.Reader, bits) + if err != nil { + return RsaKey{}, err + } + return RsaKey{ + PrivateKey: base64.StdEncoding.EncodeToString(x509.MarshalPKCS1PrivateKey(privateKey)), + PublicKey: base64.StdEncoding.EncodeToString(x509.MarshalPKCS1PublicKey(&privateKey.PublicKey)), + }, nil +} diff --git a/rsa/rsa_test.go b/rsa/rsa_test.go new file mode 100644 index 0000000..4c2a62e --- /dev/null +++ b/rsa/rsa_test.go @@ -0,0 +1,220 @@ +package rsa + +import ( + "testing" + + "github.com/stretchr/testify/assert" +) + +var ( + msg = "床前明月光,疑是地上霜,举头望明月,低头思故乡" + base64PubKey1024 = "MIGJAoGBAL8Om9dxnaqfKarF4bewdCTXmymXt4K5FBf3FPT413bq/3zoAaHTWUfzNBmrcAW+rYr5tXDPD+WncqKqI9yo+zW+w+mgOOkSbQsGUDQuah5B4tRNBgV533w+ljSGM+7PxgOhapFyh2vwD/BGQ4GafrZeU2hyHXQDgfL95dfrsbI/AgMBAAE=" + base64PriKey1024 = "MIICWwIBAAKBgQC/DpvXcZ2qnymqxeG3sHQk15spl7eCuRQX9xT0+Nd26v986AGh01lH8zQZq3AFvq2K+bVwzw/lp3KiqiPcqPs1vsPpoDjpEm0LBlA0LmoeQeLUTQYFed98PpY0hjPuz8YDoWqRcodr8A/wRkOBmn62XlNoch10A4Hy/eXX67GyPwIDAQABAoGAYgaDzOk9ROJ+xWDb65w8Kv74XEG8ZPTCq30ZIoteOWRfC14aIEZI45KTo6wDQN9ROSHfhu6mMGVWesEivz9wC4K/Qt5D0wxxQudx5NU8pHj9eDl5OIuWzk5YwjV92rDIl+b/XdeF3HqnphZzzbI9ad0PEbOH2v49wcEh4W7xDMkCQQDtY6vTCOM7faYzyJ5PRg39/sJRPgCyp9zD1VsYvX2Hb9pwpd7/tGWr6sVURACsGpO1fvzBFttrnEZ2dD83SunTAkEAzgkQQRalH/AAEbEZXnal6qmZC50f7dCAIF3i54MnzQsUgg/fcciWJcgz4+gRihtZxOiPVTJO4T0g/9waeeWGZQJAOZqpFEGg2kvIK+Kvv67RMGREhPBVvQSMxpycSWmZ72aODC3D6iq9TTVgAu2peBnO5AjXjodcYUV/t7jHqkQsbwJAAuU7tj50OZus1JLRkXNHZ6HUhcZCgZwRgOLw4mIEeCw0sJM6h6XS/lru58AGJxO1UkAWa5MWarHqOc5FDPt9xQJAU32KUvN2KbchqOqLKCP59dBDMQorv/Y8Ej7whQ//iBhO0APXBBzchM3D948+PRdL3R0be2jJ5eBJTdWNp3BsdQ==" + base64PubKey2048 = "MIIBCgKCAQEA7MnuJs/PIF/lARA3P5KKLwul1sUnlQYBY0mZyi7dgIqDAbfOWAvfGMjryTOqiQ2D06hBKNc5BZXMtD5H3oipDUzGMbtlb+VwnX7xaqWDJlwH1/ZJ/IAkV8fBPukRNhNoeGSdTVPpS9oq3M9w3L1x71wgI77Lnv4lBGDvIi4Qc3etReErWIMrCbttRjv2zXTSJv9r9VCVBQcUJvQDf9Ad3eVwT6Q5iC9frJui8e1psYhfeiqhB2Wo4TUCKnU+6ZaYt3lHgJQ0RTGh0CssoCU56z6DZu9PjsReCNKhGBAN2S/KhrdbQHU+JQzMnNOBkdzfyzLSHz8+c3lgWSTx3uYfMQIDAQAB" + base64PriKey2048 = "MIIEpQIBAAKCAQEA7MnuJs/PIF/lARA3P5KKLwul1sUnlQYBY0mZyi7dgIqDAbfOWAvfGMjryTOqiQ2D06hBKNc5BZXMtD5H3oipDUzGMbtlb+VwnX7xaqWDJlwH1/ZJ/IAkV8fBPukRNhNoeGSdTVPpS9oq3M9w3L1x71wgI77Lnv4lBGDvIi4Qc3etReErWIMrCbttRjv2zXTSJv9r9VCVBQcUJvQDf9Ad3eVwT6Q5iC9frJui8e1psYhfeiqhB2Wo4TUCKnU+6ZaYt3lHgJQ0RTGh0CssoCU56z6DZu9PjsReCNKhGBAN2S/KhrdbQHU+JQzMnNOBkdzfyzLSHz8+c3lgWSTx3uYfMQIDAQABAoIBAQC6Wb0UTG2M5As9B/8DCBe6KKeOW8Dn9j73XcArrzBhbiDmJDq/bjBYuB9gTEoE7F74Hy2Qr7jPnXHp1C4Jg3HP5sD/+KQ/KMm1GWdzb+jEMp91pf3aOxre/nUmRpRmA2YvgbeOWOB88qjS+GqxPmLBZrZgi1KCwS5uwL7SHoCR7XUb1YnGBD6sGKTPu6food58PkDBlpIk0W/9v8qjSoktwto4fR3onyWC39lEJRViYIZqBhRi0v2jByJLMGtHnFhByhNjQD8lRr+0LG5ih4PAhlwlA/Hw4jGfGQErE9GJhWVb+DZqicA8WDRWI9rowAK6s3mqV3NCq+LwcpqFnq1FAoGBAPn7PnwxZM3MVjIhLe2WT6ENQXXajYsmcweW/V8sDA0ZJi1rQH/nfeXodkjN9R5jmSAQpbTR9hKZv3EHUOfxKjOMIOHDylCxeDKcaqGt49lra/G5w5HZwbD2IUrwCCJ1bLiNotgeHV4ISGrbjUTFSwXikNaRc31hkSinKWSXnlk/AoGBAPJ9X6ebCPVZHWAmfzMUqQpV3t++togv+JmCM2wj+NCTId2G3dL2ZFfKj9ZbHLQTXwkehN22Ad4cMafHaKoO9t3CvSeVXuZYFD2oSIxrr86ym6exRS3P/bmZbXCuP2ry4Oax3yDec8vFjBFvRvT62rUU0kPpeauqvG1MgxbKL3uPAoGBAL8KwH0fLn+Mys7yxmvNNLvLKpzL0uJmFwDU5nvmaKtV7fRGA/v7yR58InGPXOXFjg+QSWNAFoOuljzmL3Giv/K3A6YmACbdChP7sA4xm3DchJkus4RyW3FHGLhxanYTMWx1ad8qXJ0xTU7EzViiQqyTsscYT5+hgdMEtUCYEr73AoGAZ1HsM+nnA0MZNSKyB/3BmNnFwOfttlFaR24moukg1x4Zy93vHjhFwPJaHydrL38hey05x44Jda3lqmtYuTzvCsYy+m62pMbauPq/DrXDjvqjP+xUYZTBsxcgfmaANv2Nvj4DqGmgRS7C45raTP+luIpKnQ0Z/n8dEiULpeY4HRkCgYEAs63wYb0EsFsAPTjYqiAo3n7MofaPbt2VvCG+6T6cNubHScA3vU1kah3YoxEhvQdAVUd5yC59+KfgINJitI9RjeOqULBpA22rFmVtQVaYlABRzrFW4gwPgZtuPoFr4th1fd+5CM4SxYffO9FtcpLUPx6COxLejgTNeo301r7TepE=" + + hexPubKey1024 = "30818902818100a751e464a258e5b55c3b3595a14c342d5f9f19e03ad09f814638ea67694a685bc3fc080a1f512473f47615ee2e392d3b31d7c7b03d6f9be3c9ff86c1ce462a3b772bfec18499b056ce81aef04968a74b3d4bdca820b1a20891889b5e46a7e20d6efa6c875f7240212f7b595e61abf989731e7b730f0a3d30b8c6d582cff13b4f0203010001" + hexPriKey1024 = "3082025d02010002818100a751e464a258e5b55c3b3595a14c342d5f9f19e03ad09f814638ea67694a685bc3fc080a1f512473f47615ee2e392d3b31d7c7b03d6f9be3c9ff86c1ce462a3b772bfec18499b056ce81aef04968a74b3d4bdca820b1a20891889b5e46a7e20d6efa6c875f7240212f7b595e61abf989731e7b730f0a3d30b8c6d582cff13b4f020301000102818050cbf3cd40b44ae084143770f4fdd6685eb7768857fe6c37c1d0342911a813b2d475fcefde659183c8f5c8eb4638e805a0b10145b2b515832f050c6ec40c0fd1f56a83fdcca2182e738922cc07261dfe890a185e2f90f6739643b3213355de5e2e88309e211e09270620e2eb6c927948de04e4c92b6aa7397737b683336b4b59024100d49d78a609f3a88abcc61bf66cb592df8b0fa203900eccf64a7c3d417fa67dfd4afa86c18e5a8153e48136323d27147d77d8f96d3c8eaf56014a07c4c4bc02f5024100c9764d2815cd09ca70020b7ae2c5fbafc6637776a8bb91acf01a57b6f2420ceef9bf1c12bb39e97d0356edb96eeeccd53d3dbc5879f288923598e44585d842b3024100a224510cf6cbedbd9806d0ee55ab070e1963db9f31ee479a8fe53d65c4ee786881149b4de2bcdca1d8c23d4d84db57c1f372f18cbfc0e4b0071da8dd03578a3d02403798c43639bdf9e3ba017675953b99f7aa422ce7bc2cf748c8821c8eca505c0d5f32d4667ef0be74d78517d9c2b97821a8e2eea56412008a88ec06a3010aeb6d0241008955162a805c6275045e5865f7e6aa57a1523ae327596a2e2fbbf6b7025bff51339898962b1a14b3c8e5fd675163f7f3cae100d78cdf689f06987e09d2d1a241" + hexPubKey2048 = "3082010a0282010100db8766d4dfc732b9a9b4ac1a243f9426cb0e65f75be04db5a7f0d50c799287eeac8216c8e3db510f974b7c150ec955260bbec8f89226e30f969e3505949cab1dbac6d333239332f82eeba33c64337b7704b29a118d1c19d15f84c810cf1ef3966c0584840ddcdbc04c361eafbb5bd5da67e93a39e6125eedd375f1ba28a95299cc2504d5a6073caeaf83b0e17b01eb9b4cddce80c34e97667cd7c2d31e88855759b454596ac83f3c3f5ea5e5ec1268d747595bf2c18790b9ee3622449b86c4c31bbf3ceacda8337741646e7e9415d9cbf26f468d125b7062f27f4fea7e63cb40e8104501efcb149fdfc9173c4720ed7594323d22c8d43213dadc5207c409e9e30203010001" + hexPriKey2048 = "308204a30201000282010100db8766d4dfc732b9a9b4ac1a243f9426cb0e65f75be04db5a7f0d50c799287eeac8216c8e3db510f974b7c150ec955260bbec8f89226e30f969e3505949cab1dbac6d333239332f82eeba33c64337b7704b29a118d1c19d15f84c810cf1ef3966c0584840ddcdbc04c361eafbb5bd5da67e93a39e6125eedd375f1ba28a95299cc2504d5a6073caeaf83b0e17b01eb9b4cddce80c34e97667cd7c2d31e88855759b454596ac83f3c3f5ea5e5ec1268d747595bf2c18790b9ee3622449b86c4c31bbf3ceacda8337741646e7e9415d9cbf26f468d125b7062f27f4fea7e63cb40e8104501efcb149fdfc9173c4720ed7594323d22c8d43213dadc5207c409e9e302030100010282010041a76d099d2365f840d8d7dfb9978a274ff32e6b9bfea93efacafbec8f2f5397fddfaa10ca947cd9bcd5c67645c5d0c16021ded8f85cc8eb9090202b5b16bfd65455c234391f7ccedcb97c48436f622d662a44099bba1bbe926293b2f33ebe7aee33783e462717519b7954141a648cc094f31b86d558092bf761feb93e0fe5b3ab65b7d3bfdb855ffafd312662d78d4b6fc8c86d085ca2859dcea7c47455bf78ba1317a501bc3490b1463fca7e3ec5d8579139648d46696164803587ae8bba5f2f327d2a62a1b4faf3c3a530f3062af658cdd4bd87d04ecf1116c4e3350b060740d7217cf58d0dddf69ce034ff54dff0f9ac548f0d6ffc79507b7eb20c55f38102818100e0420eab79319069072f6d0df3bf6f94affdaf8d50caa1094579a2dd7750f9d9c8b54a5f981e2df99af607eaf09ffd69b74d3a5175f63fff6cb892132cd837a47c7dfe8843c90dfa77d0aa4f728a08f40d034f75c1d1baf9a2f7a96cd99babface9a162d287953d9297d6fd665633ff1f4db543982aaa2468445f2145fbc68f702818100fa99fc4f7b6ba6e5bb2c9bf80c3299a9723043074a43df58d2caee2e8bea973698fdf8bbd7a9fc31a37b694ecf05b2635b427419ff9099fa7b333e96867602a1f1fd29f21c355b07a5062b91a97fb8a5b11f4d4051d1edd81238fef7c45c5a62a3d3c67f36c89e2693411da7ece59a362ca5175d70ce86b1caed1cb1004e57750281804ce479713409d99119849a68e9459f75a4ee5fee1d608cdcc7f48ff24dc1f71944675ccbf03590dfffd1121fed477e356c434f96b4d2ad58e0275cf6b42ea2cd845e131317e2ed270f43fdd165dd8c7a59a7e3ebe57c0b172358b5bffbd113a3d8891ec777143abac02e2155aac7e01a0f31d0ec33305c99bf2ad87941e6313b02818100eb85370d182897a5872128c099ee205e90f3ecbaf8400bb3b6008493786a148d7a820e77b3fb8d0ab5e3b1982096f10dd1e205adbd73905349e0626d2397db678a3f6d619ec342774fd019b87f3d8b3325e10e4069e54b8c6babe76cc2be2d30515a224ec3150f15a0056db2b9c11c0ad8309c61f438157d190379989c7a04550281804a005d7aed10e75cf149a4645392fef8da4499904e947db0b0fd06faaa7eb3f39a7e4bdc997a654f009be62ca32893d7bde393fd0b2b81a06ea0f5504dea3438b23670765ba073dea1a669697c4d4f192cc68a9fe0a6cb35711535e859c36c8fa5e086cbd874e13b7cc0e8b018c21b72cff697e85a1ab7fad4a62af7458542cb" +) + +func TestRsaEncryptBase64(t *testing.T) { + base64Key1024, err := GenerateRsaKeyBase64(1024) + assert.Nil(t, err) + base64Key2048, err := GenerateRsaKeyBase64(2048) + assert.Nil(t, err) + _, err = GenerateRsaKeyBase64(204811) + assert.NotNil(t, err) + + // good + base64CipherText, err := RsaEncryptToBase64([]byte(msg), base64Key1024.PublicKey) + assert.Nil(t, err) + // bad + _, err = RsaEncryptToBase64([]byte(msg), "badkey") + assert.NotNil(t, err) + _, err = RsaEncryptToBase64([]byte(msg), hexPubKey1024) + assert.NotNil(t, err) + // good + plainText, err := RsaDecryptByBase64(base64CipherText, base64Key1024.PrivateKey) + assert.Nil(t, err) + assert.Equal(t, string(plainText), msg) + // bad priKey + _, err = RsaDecryptByBase64(base64CipherText, "badPriKey") + assert.NotNil(t, err) + _, err = RsaDecryptByBase64(base64CipherText, base64Key2048.PublicKey) + assert.NotNil(t, err) + _, err = RsaDecryptByBase64(base64CipherText, base64Key2048.PrivateKey) + assert.NotNil(t, err) + _, err = RsaDecryptByBase64(base64CipherText, hexPriKey1024) + assert.NotNil(t, err) + _, err = RsaDecryptByBase64(base64CipherText, hexPriKey2048) + assert.NotNil(t, err) + _, err = RsaDecryptByBase64(base64CipherText, hexPubKey1024) + assert.NotNil(t, err) + _, err = RsaDecryptByBase64("badtext", base64Key1024.PrivateKey) + assert.NotNil(t, err) + + // good + base64CipherText, err = RsaEncryptToBase64([]byte(msg), base64Key2048.PublicKey) + assert.Nil(t, err) + plainText, err = RsaDecryptByBase64(base64CipherText, base64Key2048.PrivateKey) + assert.Nil(t, err) + assert.Equal(t, string(plainText), msg) + + // good + base64CipherText, err = RsaEncryptToBase64([]byte(msg), base64PubKey1024) + assert.Nil(t, err) + plainText, err = RsaDecryptByBase64(base64CipherText, base64PriKey1024) + assert.Nil(t, err) + assert.Equal(t, string(plainText), msg) + + // good + base64CipherText, err = RsaEncryptToBase64([]byte(msg), base64PubKey2048) + assert.Nil(t, err) + plainText, err = RsaDecryptByBase64(base64CipherText, base64PriKey2048) + assert.Nil(t, err) + assert.Equal(t, string(plainText), msg) +} + +func TestRsaEncryptHex(t *testing.T) { + hexKey1024, err := GenerateRsaKeyHex(1024) + assert.Nil(t, err) + hexKey2048, err := GenerateRsaKeyHex(2048) + assert.Nil(t, err) + _, err = GenerateRsaKeyHex(2048111) + assert.NotNil(t, err) + + // good + hexCipherText, err := RsaEncryptToHex([]byte(msg), hexKey1024.PublicKey) + assert.Nil(t, err) + // bad + _, err = RsaEncryptToHex([]byte(msg), "badkey") + assert.NotNil(t, err) + // good + plainText, err := RsaDecryptByHex(hexCipherText, hexKey1024.PrivateKey) + assert.Nil(t, err) + assert.Equal(t, string(plainText), msg) + // bad + _, err = RsaDecryptByHex(hexCipherText, "badkey") + assert.NotNil(t, err) + // bad priKey + _, err = RsaDecryptByHex(hexCipherText, hexPriKey2048) + assert.NotNil(t, err) + _, err = RsaDecryptByHex(hexCipherText, hexPriKey1024) + assert.NotNil(t, err) + _, err = RsaDecryptByHex(hexCipherText, base64PriKey2048) + assert.NotNil(t, err) + _, err = RsaDecryptByHex(hexCipherText, base64PriKey1024) + assert.NotNil(t, err) + _, err = RsaDecryptByHex("ssss", hexKey1024.PrivateKey) + assert.NotNil(t, err) + + // good + hexCipherText, err = RsaEncryptToHex([]byte(msg), hexKey2048.PublicKey) + assert.Nil(t, err) + plainText, err = RsaDecryptByHex(hexCipherText, hexKey2048.PrivateKey) + assert.Nil(t, err) + assert.Equal(t, string(plainText), msg) + + // good + hexCipherText, err = RsaEncryptToHex([]byte(msg), hexPubKey1024) + assert.Nil(t, err) + plainText, err = RsaDecryptByHex(hexCipherText, hexPriKey1024) + assert.Nil(t, err) + assert.Equal(t, string(plainText), msg) + + // good + hexCipherText, err = RsaEncryptToHex([]byte(msg), hexPubKey2048) + assert.Nil(t, err) + plainText, err = RsaDecryptByHex(hexCipherText, hexPriKey2048) + assert.Nil(t, err) + assert.Equal(t, string(plainText), msg) + +} + +func TestRsaSignBase64(t *testing.T) { + base64Key1024, err := GenerateRsaKeyBase64(1024) + assert.Nil(t, err) + base64Key2048, err := GenerateRsaKeyBase64(2048) + assert.Nil(t, err) + _, err = GenerateRsaKeyBase64(204811) + assert.NotNil(t, err) + + base64Sign1024, err := RsaSignBase64([]byte(msg), base64Key1024.PrivateKey) + assert.Nil(t, err) + _, err = RsaSignBase64([]byte(msg), hexPriKey2048) + assert.NotNil(t, err) + res := RsaVerifySignBase64([]byte(msg), base64Sign1024, base64Key1024.PublicKey) + assert.Equal(t, res, true) + res = RsaVerifySignBase64([]byte(msg), base64Sign1024, base64Key2048.PublicKey) + assert.Equal(t, res, false) + res = RsaVerifySignBase64([]byte(msg), "11111", "badpubkey") + assert.Equal(t, res, false) + res = RsaVerifySignBase64([]byte(msg), "11111", base64Key1024.PublicKey) + assert.Equal(t, res, false) + res = RsaVerifySignBase64([]byte(msg), base64Sign1024, base64Key2048.PublicKey) + assert.Equal(t, res, false) + + base64Sign2048, err := RsaSignBase64([]byte(msg), base64Key2048.PrivateKey) + assert.Nil(t, err) + res = RsaVerifySignBase64([]byte(msg), base64Sign2048, base64Key2048.PublicKey) + assert.Equal(t, res, true) + res = RsaVerifySignBase64([]byte(msg), base64Sign2048, base64Key1024.PublicKey) + assert.Equal(t, res, false) + res = RsaVerifySignBase64([]byte(msg), "11111", "badpubkey") + assert.Equal(t, res, false) + res = RsaVerifySignBase64([]byte(msg), base64Sign2048, base64Key1024.PublicKey) + assert.Equal(t, res, false) + res = RsaVerifySignBase64([]byte(msg), base64Sign2048, base64Key1024.PrivateKey) + assert.Equal(t, res, false) + res = RsaVerifySignBase64([]byte(msg), base64Sign2048, base64Key2048.PrivateKey) + assert.Equal(t, res, false) + +} + +func TestRsaSignHex(t *testing.T) { + hexKey1024, err := GenerateRsaKeyHex(1024) + assert.Nil(t, err) + hexKey2048, err := GenerateRsaKeyHex(2048) + assert.Nil(t, err) + _, err = GenerateRsaKeyHex(2048111) + assert.NotNil(t, err) + + hexSign1024, err := RsaSignHex([]byte(msg), hexKey1024.PrivateKey) + assert.Nil(t, err) + _, err = RsaSignHex([]byte(msg), hexKey1024.PublicKey) + assert.NotNil(t, err) + res := RsaVerifySignHex([]byte(msg), hexSign1024, hexKey1024.PublicKey) + assert.Equal(t, res, true) + res = RsaVerifySignHex([]byte(msg), hexSign1024, hexKey2048.PublicKey) + assert.Equal(t, res, false) + res = RsaVerifySignHex([]byte(msg), "11111", "badpubkey") + assert.Equal(t, res, false) + res = RsaVerifySignHex([]byte(msg), "282010100db", hexKey1024.PublicKey) + assert.Equal(t, res, false) + res = RsaVerifySignHex([]byte(msg), hexSign1024, hexKey2048.PublicKey) + assert.Equal(t, res, false) + + hexSign2048, err := RsaSignHex([]byte(msg), hexKey2048.PrivateKey) + assert.Nil(t, err) + _, err = RsaSignHex([]byte(msg), hexPubKey2048) + assert.NotNil(t, err) + res = RsaVerifySignHex([]byte(msg), hexSign2048, hexKey2048.PublicKey) + assert.Equal(t, res, true) + res = RsaVerifySignHex([]byte(msg), hexSign2048, hexKey1024.PublicKey) + assert.Equal(t, res, false) + res = RsaVerifySignHex([]byte(msg), "0a0282010100d", "badpubkey") + assert.Equal(t, res, false) + res = RsaVerifySignHex([]byte(msg), "0a0282010100d", hexKey1024.PublicKey) + assert.Equal(t, res, false) + res = RsaVerifySignHex([]byte(msg), "xxxx", "badpubkey") + assert.Equal(t, res, false) + res = RsaVerifySignHex([]byte(msg), hexSign2048, hexKey1024.PublicKey) + assert.Equal(t, res, false) + res = RsaVerifySignHex([]byte(msg), hexSign2048, hexKey1024.PrivateKey) + assert.Equal(t, res, false) + res = RsaVerifySignHex([]byte(msg), hexSign2048, hexKey2048.PrivateKey) + assert.Equal(t, res, false) + +} diff --git a/rsa/rsacrypt.go b/rsa/rsacrypt.go new file mode 100644 index 0000000..3ed9e60 --- /dev/null +++ b/rsa/rsacrypt.go @@ -0,0 +1,114 @@ +package rsa + +import ( + "crypto/rand" + "crypto/rsa" + "crypto/x509" + "encoding/base64" + "encoding/hex" + "runtime" + + log "github.com/sirupsen/logrus" +) + +/* + Operation with rsa encryption +*/ +func init() { + log.SetFormatter(&log.JSONFormatter{}) + log.SetReportCaller(true) +} + +func rsaEncrypt(plainText, publicKey []byte) (cipherText []byte, err error) { + defer func() { + if err := recover(); err != nil { + switch err.(type) { + case runtime.Error: + log.Errorf("runtime err=%v,Check that the key or text is correct", err) + default: + log.Errorf("error=%v,check the cipherText ", err) + } + } + }() + pub, err := x509.ParsePKCS1PublicKey(publicKey) + if err != nil { + return nil, err + } + + cipherText, err = rsa.EncryptPKCS1v15(rand.Reader, pub, plainText) + if err != nil { + return nil, err + } + return cipherText, nil +} + +func rsaDecrypt(cryptText, privateKey []byte) (plainText []byte, err error) { + defer func() { + if err := recover(); err != nil { + switch err.(type) { + case runtime.Error: + log.Errorf("runtime err=%v,Check that the key or text is correct", err) + default: + log.Errorf("error=%v,check the cipherText ", err) + } + } + }() + pri, err := x509.ParsePKCS1PrivateKey(privateKey) + if err != nil { + return []byte{}, err + } + plainText, err = rsa.DecryptPKCS1v15(rand.Reader, pri, cryptText) + if err != nil { + return []byte{}, err + } + return plainText, nil +} + +func RsaEncryptToBase64(plainText []byte, base64PubKey string) (base64CipherText string, err error) { + pub, err := base64.StdEncoding.DecodeString(base64PubKey) + if err != nil { + return "", err + } + cipherBytes, err := rsaEncrypt(plainText, pub) + if err != nil { + return "", err + } + return base64.StdEncoding.EncodeToString(cipherBytes), nil +} + +// +func RsaDecryptByBase64(base64CipherText, base64PriKey string) (plainText []byte, err error) { + privateBytes, err := base64.StdEncoding.DecodeString(base64PriKey) + if err != nil { + return nil, err + } + cipherTextBytes, err := base64.StdEncoding.DecodeString(base64CipherText) + if err != nil { + return nil, err + } + return rsaDecrypt(cipherTextBytes, privateBytes) +} + +func RsaEncryptToHex(plainText []byte, hexPubKey string) (hexCipherText string, err error) { + pub, err := hex.DecodeString(hexPubKey) + if err != nil { + return "", err + } + cipherBytes, err := rsaEncrypt(plainText, pub) + if err != nil { + return "", err + } + return hex.EncodeToString(cipherBytes), nil +} + +func RsaDecryptByHex(hexCipherText, hexPriKey string) (plainText []byte, err error) { + privateBytes, err := hex.DecodeString(hexPriKey) + if err != nil { + return nil, err + } + cipherTextBytes, err := hex.DecodeString(hexCipherText) + if err != nil { + return nil, err + } + return rsaDecrypt(cipherTextBytes, privateBytes) +} diff --git a/rsa/rsasign.go b/rsa/rsasign.go new file mode 100644 index 0000000..7df24af --- /dev/null +++ b/rsa/rsasign.go @@ -0,0 +1,102 @@ +package rsa + +import ( + "crypto" + "crypto/rand" + "crypto/rsa" + "crypto/x509" + "encoding/base64" + "encoding/hex" + "runtime" + + log "github.com/sirupsen/logrus" + "github.com/wumansgy/goEncrypt/hash" +) + +func rsaSign(msg, priKey []byte) (sign []byte, err error) { + defer func() { + if err := recover(); err != nil { + switch err.(type) { + case runtime.Error: + log.Errorf("runtime err=%v,Check that the key or text is correct", err) + default: + log.Errorf("error=%v,check the cipherText ", err) + } + } + }() + privateKey, err := x509.ParsePKCS1PrivateKey(priKey) + hashed := hash.Sha256(msg) + sign, err = rsa.SignPKCS1v15(rand.Reader, privateKey, crypto.SHA256, hashed) + if err != nil { + return nil, err + } + return sign, nil +} + +func rsaVerifySign(msg []byte, sign []byte, pubKey []byte) bool { + defer func() { + if err := recover(); err != nil { + switch err.(type) { + case runtime.Error: + log.Errorf("runtime err=%v,Check that the key or text is correct", err) + default: + log.Errorf("error=%v,check the cipherText ", err) + } + } + }() + publicKey, err := x509.ParsePKCS1PublicKey(pubKey) + if err != nil { + return false + } + hashed := hash.Sha256(msg) + result := rsa.VerifyPKCS1v15(publicKey, crypto.SHA256, hashed, sign) + return result == nil +} + +func RsaSignBase64(msg []byte, base64PriKey string) (base64Sign string, err error) { + priBytes, err := base64.StdEncoding.DecodeString(base64PriKey) + if err != nil { + return "", err + } + sign, err := rsaSign(msg, priBytes) + if err != nil { + return "", err + } + return base64.StdEncoding.EncodeToString(sign), nil +} + +func RsaVerifySignBase64(msg []byte, base64Sign, base64PubKey string) bool { + signBytes, err := base64.StdEncoding.DecodeString(base64Sign) + if err != nil { + return false + } + pubBytes, err := base64.StdEncoding.DecodeString(base64PubKey) + if err != nil { + return false + } + return rsaVerifySign(msg, signBytes, pubBytes) +} + +func RsaSignHex(msg []byte, hexPriKey string) (hexSign string, err error) { + priBytes, err := hex.DecodeString(hexPriKey) + if err != nil { + return "", err + } + sign, err := rsaSign(msg, priBytes) + if err != nil { + return "", err + } + return hex.EncodeToString(sign), nil +} + +func RsaVerifySignHex(msg []byte, hexSign, hexPubKey string) bool { + signBytes, err := hex.DecodeString(hexSign) + if err != nil { + return false + } + pubBytes, err := hex.DecodeString(hexPubKey) + if err != nil { + return false + } + return rsaVerifySign(msg, signBytes, pubBytes) +} diff --git a/rsacrypt.go b/rsacrypt.go deleted file mode 100644 index e203db6..0000000 --- a/rsacrypt.go +++ /dev/null @@ -1,73 +0,0 @@ -package goEncrypt - -import ( - "encoding/pem" - "crypto/x509" - "crypto/rsa" - "crypto/rand" - "runtime" - "log" -) - -/* -@Time : 2018/11/2 19:04 -@Author : wuman -@File : rsacrypt -@Software: GoLand -*/ - -/* - Operation with rsa encryption -*/ -func init(){ - log.SetFlags(log.Ldate|log.Lshortfile) -} - -func RsaEncrypt(plainText ,key []byte)(cryptText []byte,err error){ - block, _:= pem.Decode(key) - defer func(){ - if err:=recover();err!=nil{ - switch err.(type){ - case runtime.Error: - log.Println("runtime err:",err,"Check that the key is correct") - default: - log.Println("error:",err) - } - } - }() - publicKeyInterface,err := x509.ParsePKIXPublicKey(block.Bytes) - if err!=nil{ - return nil,err - } - publicKey := publicKeyInterface.(*rsa.PublicKey) - - cipherText, err := rsa.EncryptPKCS1v15(rand.Reader, publicKey, plainText) - if err!=nil{ - return nil,err - } - return cipherText,nil -} - -func RsaDecrypt(cryptText ,key []byte)(plainText []byte,err error){ - block, _ := pem.Decode(key) - - defer func(){ - if err:=recover();err!=nil{ - switch err.(type){ - case runtime.Error: - log.Println("runtime err:",err,"Check that the key is correct") - default: - log.Println("error:",err) - } - } - }() - privateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes) - if err!=nil{ - return []byte{},err - } - plainText,err= rsa.DecryptPKCS1v15(rand.Reader, privateKey, cryptText) - if err!=nil{ - return []byte{},err - } - return plainText,nil -} \ No newline at end of file diff --git a/rsasign.go b/rsasign.go deleted file mode 100644 index 1b0b9cf..0000000 --- a/rsasign.go +++ /dev/null @@ -1,67 +0,0 @@ -package goEncrypt - -import ( - "encoding/pem" - "crypto/x509" - "runtime" - "crypto/sha256" - "crypto/rsa" - "crypto/rand" - "crypto" - "log" -) - -/* -@Time : 2018/11/4 17:13 -@Author : wuman -@File : RsaSign -@Software: GoLand -*/ - -func init(){ - log.SetFlags(log.Ldate|log.Lshortfile) -} - -func RsaSign(msg ,Key []byte)(cryptText []byte,err error){ - block, _ := pem.Decode(Key) - defer func(){ - if err:=recover();err!=nil{ - switch err.(type){ - case runtime.Error: - log.Println("runtime err:",err,"Check that the key is correct") - default: - log.Println("error:",err) - } - } - }() - privateKey,err := x509.ParsePKCS1PrivateKey(block.Bytes) - myHash := sha256.New() - myHash.Write(msg) - hashed := myHash.Sum(nil) - sign, err := rsa.SignPKCS1v15(rand.Reader, privateKey, crypto.SHA256, hashed) - if err!=nil{ - return nil,err - } - return sign,nil -} - -func RsaVerifySign(msg []byte,sign []byte,Key []byte)bool{ - block, _ := pem.Decode(Key) - defer func(){ - if err:=recover();err!=nil{ - switch err.(type){ - case runtime.Error: - log.Println("runtime err:",err,"Check that the key is correct") - default: - log.Println("error:",err) - } - } - }() - publicInterface,_ := x509.ParsePKIXPublicKey(block.Bytes) - publicKey:=publicInterface.(*rsa.PublicKey) - myHash := sha256.New() - myHash.Write(msg) - hashed := myHash.Sum(nil) - result := rsa.VerifyPKCS1v15(publicKey, crypto.SHA256, hashed, sign) - return result == nil -} \ No newline at end of file diff --git a/sha256.go b/sha256.go deleted file mode 100644 index 86e42de..0000000 --- a/sha256.go +++ /dev/null @@ -1,23 +0,0 @@ -package goEncrypt - -import ( - "crypto/sha256" - "encoding/hex" -) - -/* -@Time : 2018/11/2 17:05 -@Author : wuman -@File : sha256 -@Software: GoLand -*/ - -func Sha256Hex(data []byte)string{ - return hex.EncodeToString(Sha256(data)) -} - -func Sha256(data []byte)[]byte{ - digest:=sha256.New() - digest.Write(data) - return digest.Sum(nil) -} \ No newline at end of file diff --git a/tripledescbc.go b/tripledescbc.go deleted file mode 100644 index 4c012e2..0000000 --- a/tripledescbc.go +++ /dev/null @@ -1,91 +0,0 @@ -package goEncrypt - -import ( - "crypto/cipher" - "crypto/des" - "log" - "runtime" -) - -/* -@Time : 2018/11/1 22:50 -@Author : wuman -@File : TripleDES_CBC -@Software: GoLand -*/ -/** - Triple des encryption and decryption - algorithm : Encryption: key one encryption -> key two decryption -> key three encryption - Decryption: key three decryption -> key two encryption -> key one decryption -*/ -func TripleDesEncrypt(plainText, key, ivDes []byte) ([]byte, error) { - if len(key) != 24 { - return nil, ErrKeyLengthTwentyFour - } - block, err := des.NewTripleDESCipher(key) - if err != nil { - return nil, err - } - paddingText := PKCS5Padding(plainText, block.BlockSize()) - - var iv []byte - if len(ivDes) != 0 { - if len(ivDes) != 8 { - return nil, ErrIvDes - } else { - iv = ivDes - } - } else { - iv = []byte(ivdes) - } - blockMode := cipher.NewCBCEncrypter(block, iv) - - cipherText := make([]byte, len(paddingText)) - blockMode.CryptBlocks(cipherText, paddingText) - return cipherText, nil -} - -func TripleDesDecrypt(cipherText, key, ivDes []byte) ([]byte, error) { - if len(key) != 24 { - return nil, ErrKeyLengthTwentyFour - } - // 1. Specifies that the 3des decryption algorithm creates and returns a cipher.Block interface using the TDEA algorithm。 - block, err := des.NewTripleDESCipher(key) - if err != nil { - return nil, err - } - - // 2. Delete the filling - // Before deleting, prevent the user from entering different keys twice and causing panic, so do an error handling - defer func() { - if err := recover(); err != nil { - switch err.(type) { - case runtime.Error: - log.Println("runtime error:", err, "Check that the key is correct") - default: - log.Println("error:", err) - } - } - }() - - var iv []byte - if len(ivDes) != 0 { - if len(ivDes) != 8 { - return nil, ErrIvDes - } else { - iv = ivDes - } - } else { - iv = []byte(ivdes) - } - blockMode := cipher.NewCBCDecrypter(block, iv) - - paddingText := make([]byte, len(cipherText)) // - blockMode.CryptBlocks(paddingText, cipherText) - - plainText, err := PKCS5UnPadding(paddingText) - if err != nil { - return nil, err - } - return plainText, nil -} diff --git a/utils.go b/utils.go index 0b7b6de..d359760 100644 --- a/utils.go +++ b/utils.go @@ -10,11 +10,12 @@ var ( ErrPaddingSize=errors.New("padding size error please check the secret key or iv") ErrIvAes=errors.New("a sixteen-length ivaes is required") ErrIvDes=errors.New("a eight-length ivdes key is required") + ErrRsaBits=errors.New("bits 1024 or 2048") ) const ( - ivaes="wumansgy12345678" - ivdes="wumansgy" + Ivaes="wumansgy12345678" + Ivdes="wumansgy" privateFileName="private.pem" publicFileName="public.pem"