Eli's Blog

1. 加密字符串格式

密钥、密文、签名的加密字符串格式

1.1 hex

1
2
3
hex.DecodeString(s string)

hex.EncodeToString(src []byte) string

1.2 base64

1
2
3
base64.StdEncoding.DecodeString(s string) ([]byte, error)

base64.StdEncoding.EncodeToString(src []byte) string

2. 私钥格式

2.1 PKCS1

1
x509.ParsePKCS1PrivateKey(der []byte) (key interface{}, err error)

2.2 PKCS8

1
x509.ParsePCKS8PrivateKey(der []byte) (key interface{}, err error)

3. SHA算法

3.1 SHA1

1
2
3
hash := sha1.New()
hash.Write([]byte(plainText))
cipherText, err := rsa.SignPKCS1v15(rand.Reader, prvKey, crypto.SHA1, hash.Sum(nil))

3.2 SHA256

1
2
3
hash := sha256.New()
hash.Write([]byte(plainText))
cipherText, err := rsa.SignPKCS1v15(rand.Reader, prvKey, crypto.SHA256, hash.Sum(nil))

4. RSA

4.1 加密

1
rsa.EncryptPKCS1v15(rand io.Reader, pub *PublicKey, plaintext []byte) ([]byte, error)

4.2 解密

1
rsa.DecryptPKCS1v15(rand io.Reader, priv *PrivateKey, ciphertext []byte) ([]byte, error)

4.3 签名

1
rsa.SignPKCS1v15(rand io.Reader, priv *PrivateKey, hash crypto.Hash, hashed []byte) ([]byte, error)

4.4 验签

1
rsa.VerifyPKCS1v15(pub *PublicKey, hash crypto.Hash, hashed []byte, sig []byte) error

5. 应用示例

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
import (
	"crypto"
	"crypto/rand"
	"crypto/rsa"
	"crypto/sha1"
	"crypto/x509"
	"encoding/base64"
	"encoding/hex"
)

func RsaEncryptWithSha1Base64(plaintext, publicKey string) (string, error) {
	key, _ := base64.StdEncoding.DecodeString(publicKey)
	pubKey, _ := x509.ParsePKIXPublicKey(key)

	ciphertext, err := rsa.EncryptPKCS1v15(rand.Reader, pubKey.(*rsa.PublicKey), []byte(plaintext))
	if err != nil {
		return "", err
	}

	return base64.StdEncoding.EncodeToString(ciphertext), nil
}

func RsaDecryptWithSha1Base64(ciphertext, privateKey string) (string, error) {
	ciphertextBytes, err := base64.StdEncoding.DecodeString(ciphertext)
	if err != nil {
		return "", err
	}

	key, _ := base64.StdEncoding.DecodeString(privateKey)
	prvKey, _ := x509.ParsePKCS1PrivateKey(key)
	plaintext, err := rsa.DecryptPKCS1v15(rand.Reader, prvKey, ciphertextBytes)

	return string(plaintext), err
}

func RsaSignWithSha1Hex(data, privateKey string) (string, error) {
	key, err := hex.DecodeString(privateKey)
	if err != nil {
		return "", err
	}

	prvKey, err := x509.ParsePKCS8PrivateKey(key)
	if err != nil {
		return "", err
	}

	hash := sha1.New()
	hash.Write([]byte(data))

	signature, err := rsa.SignPKCS1v15(rand.Reader, prvKey.(*rsa.PrivateKey), crypto.SHA1, hash.Sum(nil))
	if err != nil {
		return "", err
	}

	return hex.EncodeToString(signature), nil
}

func RsaVerifySignWithSha1Base64(data, signature, publicKey string) error {
	sign, err := base64.StdEncoding.DecodeString(signature)
	if err != nil {
		return err
	}

	key, _ := base64.StdEncoding.DecodeString(publicKey)
	pubKey, err := x509.ParsePKIXPublicKey(key)
	if err != nil {
		return err
	}

	hash := sha1.New()
	hash.Write([]byte(data))

	return rsa.VerifyPKCS1v15(pubKey.(*rsa.PublicKey), crypto.SHA1, hash.Sum(nil), sign)
}

 上一页

rpc