gd-backend
/
gd_auth_check


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351
							package utils

import (
	"bytes"
	"crypto"
	"crypto/aes"
	"fmt"

	//"crypto/aes"
	"crypto/cipher"
	"crypto/des"
	"crypto/rand"
	"crypto/rsa"
	"crypto/sha1"
	"crypto/x509"
	"encoding/base64"
	"encoding/pem"
	"errors"
	//"io"
	"strings"
	//"fmt"
)

const CRYPTO_KEY = "3D28BP43U3Y1B4N6REQW3F319DD23464"

//des加密
func DesEncrypt(key, iv, plainText []byte) ([]byte, error) {
	block, err := des.NewCipher(key)
	if err != nil {
		return nil, err
	}

	blockSize := block.BlockSize()
	origData := pkcs5Padding(plainText, blockSize)
	blockMode := cipher.NewCBCEncrypter(block, iv)
	cryted := make([]byte, len(origData))
	blockMode.CryptBlocks(cryted, origData)
	return cryted, nil
}

//des解密
func DesDecrypt(key, iv, cipherText []byte) ([]byte, error) {
	block, err := des.NewCipher(key)
	if err != nil {
		return nil, err
	}

	blockMode := cipher.NewCBCDecrypter(block, iv)
	origData := make([]byte, len(cipherText))
	blockMode.CryptBlocks(origData, cipherText)
	origData = pkcs5UnPadding(origData)
	return origData, nil
}

//func AesEncrypt(key []byte, plaintext string) (string, error) {
//	block, err := aes.NewCipher(key)
//	if err != nil {
//		return "", err
//	}
//	ciphertext := make([]byte, aes.BlockSize+len(plaintext))
//	iv := ciphertext[:aes.BlockSize]
//	if _, err := io.ReadFull(rand.Reader, iv); err != nil {
//		return "", err
//	}
//	cipher.NewCFBEncrypter(block, iv).XORKeyStream(ciphertext[aes.BlockSize:],
//		[]byte(plaintext))
//
//	return base64.StdEncoding.EncodeToString(ciphertext), nil
//}
//
//func AesDecrypt(key []byte, cipherText string) (string, error) {
//	// ciphertext, err := hex.DecodeString(cipherText)
//	ciphertext, err := base64.StdEncoding.DecodeString(cipherText)
//	if err != nil {
//		return "", err
//	}
//	block, err := aes.NewCipher(key)
//	if err != nil {
//		return "", err
//	}
//	if len(ciphertext) < aes.BlockSize {
//		return "", errors.New("ciphertext too short")
//	}
//	iv := ciphertext[:aes.BlockSize]
//	ciphertext = ciphertext[aes.BlockSize:]
//	cipher.NewCFBDecrypter(block, iv).XORKeyStream(ciphertext, ciphertext)
//	return string(ciphertext), nil
//}
//
//func AesEncrypt1(origData, key []byte) ([]byte, error) {
//	block, err := aes.NewCipher(key)
//	if err != nil {
//		return nil, err
//	}
//	blockSize := block.BlockSize()
//	origData = pkcs5Padding(origData, blockSize)
//	// origData = ZeroPadding(origData, block.BlockSize())
//	blockMode := cipher.NewCBCEncrypter(block, key[:blockSize])
//	crypted := make([]byte, len(origData))
//	// 根据CryptBlocks方法的说明，如下方式初始化crypted也可以
//	// crypted := origData
//	blockMode.CryptBlocks(crypted, origData)
//
//	return crypted, nil
//}
//
//func AesDecrypt1(crypted, key []byte) ([]byte, error) {
//	block, err := aes.NewCipher(key)
//	if err != nil {
//		return nil, err
//	}
//	blockSize := block.BlockSize()
//	blockMode := cipher.NewCBCDecrypter(block, key[:blockSize])
//	origData := make([]byte, len(crypted))
//	// origData := crypted
//	blockMode.CryptBlocks(origData, crypted)
//	origData = pkcs5UnPadding(origData)
//	// origData = ZeroUnPadding(origData)
//	return origData, nil
//}
//
//func AesEncrypt2(origData, key []byte) ([]byte, error) {
//	txt := string(origData)
//	block, err := aes.NewCipher(key)
//	if err != nil {
//		return nil, err
//	}
//	encrypter := cipher.NewECBEncrypter(block)
//	blockSize := block.BlockSize()
//	origData = pkcs5Padding(origData, blockSize)
//
//	dest := make([]byte, (len(txt)/len(key)+1)*len(key))
//	encrypter.CryptBlocks(dest, origData)
//	return dest, nil
//}
//
//func AesDecrypt2(crypted, key []byte) ([]byte, error) {
//	block, err := aes.NewCipher(key)
//	if err != nil {
//		return nil, err
//	}
//
//	blockMode := cipher.NewECBDecrypter(block)
//	origData := make([]byte, len(crypted))
//	// origData := crypted
//	blockMode.CryptBlocks(origData, crypted)
//	origData = pkcs5UnPadding(origData)
//	// origData = ZeroUnPadding(origData)
//	return origData, nil
//}

func RSASign(data string, privKey string) (string, error) {
	pemBlock, _ := pem.Decode([]byte(privKey))

	if pemBlock == nil {
		return "", errors.New("PARSE PRIVATE KEY FAILED")
	}

	if pemBlock.Type != "RSA PRIVATE KEY" {
		return "", errors.New("RSA PRIVATE KEY")
	}

	key, err := x509.ParsePKCS1PrivateKey(pemBlock.Bytes)

	if err != nil {
		return "", err
	}

	h := sha1.New()
	h.Write([]byte(data))

	signature, err := rsa.SignPKCS1v15(rand.Reader, key, crypto.SHA1, h.Sum(nil))
	if err != nil {
		return "", err
	}

	return string(Base64Encode(signature)), nil
}

func SignPKCS1v15(src, key []byte, hash crypto.Hash) ([]byte, error) {
	var h = hash.New()
	h.Write(src)
	var hashed = h.Sum(nil)

	var err error
	var block *pem.Block
	block, _ = pem.Decode(key)
	if block == nil {
		return nil, errors.New("private key error")
	}

	var pri *rsa.PrivateKey
	pri, err = x509.ParsePKCS1PrivateKey(block.Bytes)
	if err != nil {
		return nil, err
	}
	return rsa.SignPKCS1v15(rand.Reader, pri, hash, hashed)
}

func SignRSA2(keys []string, param map[string]string, privateKey []byte) (s string, err error) {
	var pList = make([]string, 0, 0)
	for _, key := range keys {
		var value = strings.TrimSpace(param[key])
		if len(value) > 0 {
			pList = append(pList, key+"="+value)
		}
	}

	var src = strings.Join(pList, "&")
	sig, err := SignPKCS1v15([]byte(src), privateKey, crypto.SHA256)
	if err != nil {
		return "", err
	}
	s = base64.StdEncoding.EncodeToString(sig)
	return s, nil
}

func VerifyPKCS1v15(src, sig, key []byte, hash crypto.Hash) error {
	var h = hash.New()
	h.Write(src)
	var hashed = h.Sum(nil)

	var err error
	var block *pem.Block
	block, _ = pem.Decode(key)
	if block == nil {
		return errors.New("public key error")
	}

	var pubInterface interface{}
	pubInterface, err = x509.ParsePKIXPublicKey(block.Bytes)
	if err != nil {
		return err
	}
	var pub = pubInterface.(*rsa.PublicKey)

	return rsa.VerifyPKCS1v15(pub, hash, hashed, sig)
}

func pkcs5Padding(src []byte, blockSize int) []byte {
	padding := blockSize - len(src)%blockSize
	padtext := bytes.Repeat([]byte{byte(padding)}, padding)
	return append(src, padtext...)
}

func pkcs5UnPadding(src []byte) []byte {
	length := len(src)
	unpadding := int(src[length-1])
	return src[:(length - unpadding)]
}

func AesDecrypt(crypted, key []byte) ([]byte, error) {
	block, err := aes.NewCipher(key)
	if err != nil {
		return nil, err
	}
	blockMode := NewECBDecrypter(block)
	origData := make([]byte, len(crypted))
	blockMode.CryptBlocks(origData, crypted)
	origData = PKCS5UnPadding(origData)
	return origData, nil
}

func AesEncrypt(src, key string) ([]byte, error) {
	block, err := aes.NewCipher([]byte(key))
	if err != nil {
		return nil, err
	}

	ecb := NewECBEncrypter(block)
	content := []byte(src)
	content = PKCS5Padding(content, block.BlockSize())
	crypted := make([]byte, len(content))
	ecb.CryptBlocks(crypted, content)

	return crypted, nil
}

func PKCS5Padding(ciphertext []byte, blockSize int) []byte {
	padding := blockSize - len(ciphertext)%blockSize
	padtext := bytes.Repeat([]byte{byte(padding)}, padding)
	return append(ciphertext, padtext...)
}

func PKCS5UnPadding(origData []byte) []byte {
	length := len(origData)
	unpadding := int(origData[length-1])
	return origData[:(length - unpadding)]
}

type ecb struct {
	b         cipher.Block
	blockSize int
}

func newECB(b cipher.Block) *ecb {
	return &ecb{
		b:         b,
		blockSize: b.BlockSize(),
	}
}

type ecbEncrypter ecb

// NewECBEncrypter returns a BlockMode which encrypts in electronic code book mode, using the given Block.
func NewECBEncrypter(b cipher.Block) cipher.BlockMode {
	return (*ecbEncrypter)(newECB(b))
}

func (x *ecbEncrypter) BlockSize() int { return x.blockSize }

func (x *ecbEncrypter) CryptBlocks(dst, src []byte) {
	if len(src)%x.blockSize != 0 {
		fmt.Println("crypto/cipher: input not full blocks")
		return
	}
	if len(dst) < len(src) {
		fmt.Println("crypto/cipher: output smaller than input")
		return
	}
	for len(src) > 0 {
		x.b.Encrypt(dst, src[:x.blockSize])
		src = src[x.blockSize:]
		dst = dst[x.blockSize:]
	}
}

type ecbDecrypter ecb

// NewECBDecrypter returns a BlockMode which decrypts in electronic code book mode, using the given Block.
func NewECBDecrypter(b cipher.Block) cipher.BlockMode {
	return (*ecbDecrypter)(newECB(b))
}

func (x *ecbDecrypter) BlockSize() int { return x.blockSize }

func (x *ecbDecrypter) CryptBlocks(dst, src []byte) {
	if len(src)%x.blockSize != 0 {
		fmt.Println("crypto/cipher: input not full blocks")
		return
	}
	if len(dst) < len(src) {
		fmt.Println("crypto/cipher: output smaller than input")
		return
	}
	for len(src) > 0 {
		x.b.Decrypt(dst, src[:x.blockSize])
		src = src[x.blockSize:]
		dst = dst[x.blockSize:]
	}
}