简介
在一些应用中,需要加密解密,增加安全性。
RSA是目前使用最广泛的公钥密码体制之一。
代码
定义一个rsa的包,然后就直接调用这个包
package rsa
?
import (
"crypto/rand"
"crypto/rsa"
"crypto/x509"
"encoding/base64"
"encoding/pem"
"fmt"
"io/ioutil"
"os"
?
"github.com/pkg/errors"
)
?
// Key rsa密钥对
type Key struct {
PrivateKey *rsa.PrivateKey
PublicKey *rsa.PublicKey
}
?
// LoadKey 加载RSA
func LoadKey(privateKeyPath, publicKeyPath string) (key Key, err error) {
privateKey, err := ioutil.ReadFile(privateKeyPath)
if err != nil {
panic(err)
}
block, _ := pem.Decode(privateKey)
if block == nil {
err = errors.New("private key error")
return
}
priv, err := x509.ParsePKCS1PrivateKey(block.Bytes)
if err != nil {
err = errors.Wrap(err, fmt.Sprintf("Parse private key error:%s", err))
return
}
publicKey, err := ioutil.ReadFile(publicKeyPath)
if err != nil {
return
}
block, _ = pem.Decode(publicKey)
if block == nil {
err = errors.New("public key error")
return
}
public, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
err = errors.Wrap(err, fmt.Sprintf("Parse public key error:%s", err))
return
}
publicKeyContent, ok := public.(*rsa.PublicKey)
if !ok {
err = errors.New("inviliad public key")
return
}
key.PrivateKey = priv
key.PublicKey = publicKeyContent
return
}
?
// GenKey 生产密钥对
func GenKey(bits int) (key Key, err error) {
privateKey, err := rsa.GenerateKey(rand.Reader, bits)
if err != nil {
return
}
key.PrivateKey = privateKey
// 生成公钥
publicKey := &privateKey.PublicKey
key.PublicKey = publicKey
return
}
?
// GenKeyFile 生产密钥对文件
func GenKeyFile(bits int, privateKeyPath, publicKeyPath string) error {
privateKey, err := rsa.GenerateKey(rand.Reader, bits)
if err != nil {
return err
}
derStream := x509.MarshalPKCS1PrivateKey(privateKey)
block := &pem.Block{
Type: "RSA PRIVATE KEY",
Bytes: derStream,
}
file, err := os.Create(privateKeyPath)
if err != nil {
return err
}
err = pem.Encode(file, block)
if err != nil {
return err
}
// 生成公钥文件
publicKey := &privateKey.PublicKey
derPkix, err := x509.MarshalPKIXPublicKey(publicKey)
if err != nil {
return err
}
block = &pem.Block{
Type: "RSA PUBLIC KEY",
Bytes: derPkix,
}
file, err = os.Create(publicKeyPath)
if err != nil {
return err
}
err = pem.Encode(file, block)
if err != nil {
return err
}
return nil
}
?
// Decrypt rsa解密
func (key *Key) Decrypt(ciphertext []byte) (content []byte, err error) {
content, err = rsa.DecryptPKCS1v15(rand.Reader, key.PrivateKey, ciphertext)
return
}
?
// DecryptBase64 rsa解密
func (key *Key) DecryptBase64(encryptPwd string) (content []byte, err error) {
ciphertext, err := base64.StdEncoding.DecodeString(encryptPwd)
if err != nil {
return
}
content, err = rsa.DecryptPKCS1v15(rand.Reader, key.PrivateKey, ciphertext)
return
}
?
// Encrypt 加密密文
func (key *Key) Encrypt(content string) (encodeConent []byte, err error) {
encodeConent, err = rsa.EncryptPKCS1v15(rand.Reader, key.PublicKey, []byte(content))
return
}
?测试
GenKeyFile 函数可以产生对应的密钥对,使用的时候只要加载对应的密钥对就可以开始使用了。
package main
?
import (
"fmt"
"rsa"
)
?
func main() {
privateKeyPath := "/tmp/private.pem"
publicKeyPath := "/tmp/public.pem"
rsaKey, err := rsa.LoadKey(privateKeyPath, publicKeyPath)
if err != nil {
fmt.Println(err)
return
}
a, err := rsaKey.Encrypt("root")
if err != nil {
fmt.Println(err)
return
}
content, err := rsaKey.Decrypt(a)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(content))
content, err = rsaKey.DecryptBase64("C+qqN53012tg44VjDDRtrJzQ/I6UMpRCVD7GR9Wv6AK6M/LjWy62XbECKURAw0LMfTKjqJTp7PSPFeAkpt22xHoZnkGXjVJ+6jU+YaI8glMb26Mk/G9QVbC+bBQ7fFW7+KqBjCnDm+aSYEqbV2zadk1RCUX/B/uDUQZK5hyliS0=")
fmt.Println(string(content), err)
}
?