123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351 |
- package utils
- import (
- "bytes"
- "crypto"
- "crypto/aes"
- "fmt"
- //"crypto/aes"
- "crypto/cipher"
- "crypto/des"
- "crypto/rand"
- "crypto/rsa"
- "crypto/sha1"
- "crypto/x509"
- "encoding/base64"
- "encoding/pem"
- "errors"
- //"io"
- "strings"
- //"fmt"
- )
- const CRYPTO_KEY = "3D28BP43U3Y1B4N6REQW3F319DD23464"
- //des加密
- func DesEncrypt(key, iv, plainText []byte) ([]byte, error) {
- block, err := des.NewCipher(key)
- if err != nil {
- return nil, err
- }
- blockSize := block.BlockSize()
- origData := pkcs5Padding(plainText, blockSize)
- blockMode := cipher.NewCBCEncrypter(block, iv)
- cryted := make([]byte, len(origData))
- blockMode.CryptBlocks(cryted, origData)
- return cryted, nil
- }
- //des解密
- func DesDecrypt(key, iv, cipherText []byte) ([]byte, error) {
- block, err := des.NewCipher(key)
- if err != nil {
- return nil, err
- }
- blockMode := cipher.NewCBCDecrypter(block, iv)
- origData := make([]byte, len(cipherText))
- blockMode.CryptBlocks(origData, cipherText)
- origData = pkcs5UnPadding(origData)
- return origData, nil
- }
- //func AesEncrypt(key []byte, plaintext string) (string, error) {
- // block, err := aes.NewCipher(key)
- // if err != nil {
- // return "", err
- // }
- // ciphertext := make([]byte, aes.BlockSize+len(plaintext))
- // iv := ciphertext[:aes.BlockSize]
- // if _, err := io.ReadFull(rand.Reader, iv); err != nil {
- // return "", err
- // }
- // cipher.NewCFBEncrypter(block, iv).XORKeyStream(ciphertext[aes.BlockSize:],
- // []byte(plaintext))
- //
- // return base64.StdEncoding.EncodeToString(ciphertext), nil
- //}
- //
- //func AesDecrypt(key []byte, cipherText string) (string, error) {
- // // ciphertext, err := hex.DecodeString(cipherText)
- // ciphertext, err := base64.StdEncoding.DecodeString(cipherText)
- // if err != nil {
- // return "", err
- // }
- // block, err := aes.NewCipher(key)
- // if err != nil {
- // return "", err
- // }
- // if len(ciphertext) < aes.BlockSize {
- // return "", errors.New("ciphertext too short")
- // }
- // iv := ciphertext[:aes.BlockSize]
- // ciphertext = ciphertext[aes.BlockSize:]
- // cipher.NewCFBDecrypter(block, iv).XORKeyStream(ciphertext, ciphertext)
- // return string(ciphertext), nil
- //}
- //
- //func AesEncrypt1(origData, key []byte) ([]byte, error) {
- // block, err := aes.NewCipher(key)
- // if err != nil {
- // return nil, err
- // }
- // blockSize := block.BlockSize()
- // origData = pkcs5Padding(origData, blockSize)
- // // origData = ZeroPadding(origData, block.BlockSize())
- // blockMode := cipher.NewCBCEncrypter(block, key[:blockSize])
- // crypted := make([]byte, len(origData))
- // // 根据CryptBlocks方法的说明,如下方式初始化crypted也可以
- // // crypted := origData
- // blockMode.CryptBlocks(crypted, origData)
- //
- // return crypted, nil
- //}
- //
- //func AesDecrypt1(crypted, key []byte) ([]byte, error) {
- // block, err := aes.NewCipher(key)
- // if err != nil {
- // return nil, err
- // }
- // blockSize := block.BlockSize()
- // blockMode := cipher.NewCBCDecrypter(block, key[:blockSize])
- // origData := make([]byte, len(crypted))
- // // origData := crypted
- // blockMode.CryptBlocks(origData, crypted)
- // origData = pkcs5UnPadding(origData)
- // // origData = ZeroUnPadding(origData)
- // return origData, nil
- //}
- //
- //func AesEncrypt2(origData, key []byte) ([]byte, error) {
- // txt := string(origData)
- // block, err := aes.NewCipher(key)
- // if err != nil {
- // return nil, err
- // }
- // encrypter := cipher.NewECBEncrypter(block)
- // blockSize := block.BlockSize()
- // origData = pkcs5Padding(origData, blockSize)
- //
- // dest := make([]byte, (len(txt)/len(key)+1)*len(key))
- // encrypter.CryptBlocks(dest, origData)
- // return dest, nil
- //}
- //
- //func AesDecrypt2(crypted, key []byte) ([]byte, error) {
- // block, err := aes.NewCipher(key)
- // if err != nil {
- // return nil, err
- // }
- //
- // blockMode := cipher.NewECBDecrypter(block)
- // origData := make([]byte, len(crypted))
- // // origData := crypted
- // blockMode.CryptBlocks(origData, crypted)
- // origData = pkcs5UnPadding(origData)
- // // origData = ZeroUnPadding(origData)
- // return origData, nil
- //}
- func RSASign(data string, privKey string) (string, error) {
- pemBlock, _ := pem.Decode([]byte(privKey))
- if pemBlock == nil {
- return "", errors.New("PARSE PRIVATE KEY FAILED")
- }
- if pemBlock.Type != "RSA PRIVATE KEY" {
- return "", errors.New("RSA PRIVATE KEY")
- }
- key, err := x509.ParsePKCS1PrivateKey(pemBlock.Bytes)
- if err != nil {
- return "", err
- }
- h := sha1.New()
- h.Write([]byte(data))
- signature, err := rsa.SignPKCS1v15(rand.Reader, key, crypto.SHA1, h.Sum(nil))
- if err != nil {
- return "", err
- }
- return string(Base64Encode(signature)), nil
- }
- func SignPKCS1v15(src, key []byte, hash crypto.Hash) ([]byte, error) {
- var h = hash.New()
- h.Write(src)
- var hashed = h.Sum(nil)
- var err error
- var block *pem.Block
- block, _ = pem.Decode(key)
- if block == nil {
- return nil, errors.New("private key error")
- }
- var pri *rsa.PrivateKey
- pri, err = x509.ParsePKCS1PrivateKey(block.Bytes)
- if err != nil {
- return nil, err
- }
- return rsa.SignPKCS1v15(rand.Reader, pri, hash, hashed)
- }
- func SignRSA2(keys []string, param map[string]string, privateKey []byte) (s string, err error) {
- var pList = make([]string, 0, 0)
- for _, key := range keys {
- var value = strings.TrimSpace(param[key])
- if len(value) > 0 {
- pList = append(pList, key+"="+value)
- }
- }
- var src = strings.Join(pList, "&")
- sig, err := SignPKCS1v15([]byte(src), privateKey, crypto.SHA256)
- if err != nil {
- return "", err
- }
- s = base64.StdEncoding.EncodeToString(sig)
- return s, nil
- }
- func VerifyPKCS1v15(src, sig, key []byte, hash crypto.Hash) error {
- var h = hash.New()
- h.Write(src)
- var hashed = h.Sum(nil)
- var err error
- var block *pem.Block
- block, _ = pem.Decode(key)
- if block == nil {
- return errors.New("public key error")
- }
- var pubInterface interface{}
- pubInterface, err = x509.ParsePKIXPublicKey(block.Bytes)
- if err != nil {
- return err
- }
- var pub = pubInterface.(*rsa.PublicKey)
- return rsa.VerifyPKCS1v15(pub, hash, hashed, sig)
- }
- func pkcs5Padding(src []byte, blockSize int) []byte {
- padding := blockSize - len(src)%blockSize
- padtext := bytes.Repeat([]byte{byte(padding)}, padding)
- return append(src, padtext...)
- }
- func pkcs5UnPadding(src []byte) []byte {
- length := len(src)
- unpadding := int(src[length-1])
- return src[:(length - unpadding)]
- }
- func AesDecrypt(crypted, key []byte) ([]byte, error) {
- block, err := aes.NewCipher(key)
- if err != nil {
- return nil, err
- }
- blockMode := NewECBDecrypter(block)
- origData := make([]byte, len(crypted))
- blockMode.CryptBlocks(origData, crypted)
- origData = PKCS5UnPadding(origData)
- return origData, nil
- }
- func AesEncrypt(src, key string) ([]byte, error) {
- block, err := aes.NewCipher([]byte(key))
- if err != nil {
- return nil, err
- }
- ecb := NewECBEncrypter(block)
- content := []byte(src)
- content = PKCS5Padding(content, block.BlockSize())
- crypted := make([]byte, len(content))
- ecb.CryptBlocks(crypted, content)
- return crypted, nil
- }
- func PKCS5Padding(ciphertext []byte, blockSize int) []byte {
- padding := blockSize - len(ciphertext)%blockSize
- padtext := bytes.Repeat([]byte{byte(padding)}, padding)
- return append(ciphertext, padtext...)
- }
- func PKCS5UnPadding(origData []byte) []byte {
- length := len(origData)
- unpadding := int(origData[length-1])
- return origData[:(length - unpadding)]
- }
- type ecb struct {
- b cipher.Block
- blockSize int
- }
- func newECB(b cipher.Block) *ecb {
- return &ecb{
- b: b,
- blockSize: b.BlockSize(),
- }
- }
- type ecbEncrypter ecb
- // NewECBEncrypter returns a BlockMode which encrypts in electronic code book mode, using the given Block.
- func NewECBEncrypter(b cipher.Block) cipher.BlockMode {
- return (*ecbEncrypter)(newECB(b))
- }
- func (x *ecbEncrypter) BlockSize() int { return x.blockSize }
- func (x *ecbEncrypter) CryptBlocks(dst, src []byte) {
- if len(src)%x.blockSize != 0 {
- fmt.Println("crypto/cipher: input not full blocks")
- return
- }
- if len(dst) < len(src) {
- fmt.Println("crypto/cipher: output smaller than input")
- return
- }
- for len(src) > 0 {
- x.b.Encrypt(dst, src[:x.blockSize])
- src = src[x.blockSize:]
- dst = dst[x.blockSize:]
- }
- }
- type ecbDecrypter ecb
- // NewECBDecrypter returns a BlockMode which decrypts in electronic code book mode, using the given Block.
- func NewECBDecrypter(b cipher.Block) cipher.BlockMode {
- return (*ecbDecrypter)(newECB(b))
- }
- func (x *ecbDecrypter) BlockSize() int { return x.blockSize }
- func (x *ecbDecrypter) CryptBlocks(dst, src []byte) {
- if len(src)%x.blockSize != 0 {
- fmt.Println("crypto/cipher: input not full blocks")
- return
- }
- if len(dst) < len(src) {
- fmt.Println("crypto/cipher: output smaller than input")
- return
- }
- for len(src) > 0 {
- x.b.Decrypt(dst, src[:x.blockSize])
- src = src[x.blockSize:]
- dst = dst[x.blockSize:]
- }
- }
|