Skip to content

Commit

Permalink
feat: add aes functions
Browse files Browse the repository at this point in the history
  • Loading branch information
leeqvip committed Feb 11, 2022
1 parent dbfc31a commit 57b03f1
Show file tree
Hide file tree
Showing 3 changed files with 203 additions and 0 deletions.
18 changes: 18 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,11 @@

A functions wrapping of OpenSSL library for symmetric and asymmetric encryption and decryption

- [AES](#AES)
- [DES](#DES)
- [3DES](#DES)
- [RSA](#RSA)

## Installation

The only requirement is the [Go Programming Language](https://golang.org/dl/)
Expand Down Expand Up @@ -80,6 +85,19 @@ openssl.Des3CBCEncrypt(src, key, iv, openssl.PKCS7_PADDING)
openssl.Des3CBCDecrypt(src, key, iv, openssl.PKCS7_PADDING)
```

### RSA

```go
openssl.RSAGenerateKey(bits int, out io.Writer)
openssl.RSAGeneratePublicKey(priKey []byte, out io.Writer)

openssl.RSAEncrypt(src, pubKey []byte) ([]byte, error)
openssl.RSADecrypt(src, priKey []byte) ([]byte, error)

openssl.RSASign(src []byte, priKey []byte) ([]byte, error)
openssl.RSAVerify(src, sign, pubKey []byte) error
```

## License

This project is licensed under the [Apache 2.0 license](LICENSE).
Expand Down
133 changes: 133 additions & 0 deletions rsa.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,133 @@
package openssl

import (
"crypto"
"crypto/rand"
"crypto/rsa"
"crypto/sha256"
"crypto/x509"
"encoding/pem"
"errors"
"io"
)

// RSAGenerateKey generate RSA private key
func RSAGenerateKey(bits int, out io.Writer) error {
privateKey, err := rsa.GenerateKey(rand.Reader, bits)
if err != nil {
return err
}

X509PrivateKey := x509.MarshalPKCS1PrivateKey(privateKey)

privateBlock := pem.Block{Type: "RSA PRIVATE KEY", Bytes: X509PrivateKey}

return pem.Encode(out, &privateBlock)
}

// RSAGeneratePublicKey generate RSA public key
func RSAGeneratePublicKey(priKey []byte, out io.Writer) error {
block, _ := pem.Decode(priKey)
// x509 parse
privateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
if err != nil {
return err
}
publicKey := privateKey.PublicKey
X509PublicKey, err := x509.MarshalPKIXPublicKey(&publicKey)
if err != nil {
return err
}

publicBlock := pem.Block{Type: "RSA PUBLIC KEY", Bytes: X509PublicKey}

return pem.Encode(out, &publicBlock)
}

// RSAEncrypt RSA encrypt
func RSAEncrypt(src, pubKey []byte) ([]byte, error) {
block, _ := pem.Decode(pubKey)
// x509 parse
publicKeyInterface, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
return nil, err
}

publicKey, ok := publicKeyInterface.(*rsa.PublicKey)
if !ok {
return nil, errors.New("the kind of key is not a rsa.PublicKey")
}
// encrypt
dst, err := rsa.EncryptPKCS1v15(rand.Reader, publicKey, src)
if err != nil {
return nil, err
}

return dst, nil
}

// RSADecrypt RSA decrypt
func RSADecrypt(src, priKey []byte) ([]byte, error) {
block, _ := pem.Decode(priKey)
// x509 parse
privateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
if err != nil {
return nil, err
}

dst, err := rsa.DecryptPKCS1v15(rand.Reader, privateKey, src)
if err != nil {
return nil, err
}

return dst, nil
}

// RSASign RSA sign, use crypto.SHA256
func RSASign(src []byte, priKey []byte) ([]byte, error) {
block, _ := pem.Decode(priKey)
// x509 parse
privateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
if err != nil {
return nil, err
}

hash := sha256.New()
_, err = hash.Write(src)
if err != nil {
return nil, err
}

bytes := hash.Sum(nil)
sign, err := rsa.SignPKCS1v15(rand.Reader, privateKey, crypto.SHA256, bytes)
if err != nil {
return nil, err
}

return sign, nil
}

// RSAVerify RSA Verify
func RSAVerify(src, sign, pubKey []byte) error {
block, _ := pem.Decode(pubKey)
// x509 parse
publicKeyInterface, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
return err
}

publicKey, ok := publicKeyInterface.(*rsa.PublicKey)
if !ok {
return errors.New("the kind of key is not a rsa.PublicKey")
}

hash := sha256.New()
_, err = hash.Write(src)
if err != nil {
return err
}

bytes := hash.Sum(nil)

return rsa.VerifyPKCS1v15(publicKey, crypto.SHA256, bytes, sign)
}
52 changes: 52 additions & 0 deletions rsa_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
package openssl

import (
"bytes"
"encoding/base64"
"github.com/stretchr/testify/assert"
"testing"
)

func TestRSAEncrypt(t *testing.T) {
priBuf := bytes.NewBuffer(nil)
err := RSAGenerateKey(2048, priBuf)
assert.NoError(t, err)
t.Logf("private key: %s\n", priBuf.Bytes())

pubBuf := bytes.NewBuffer(nil)
err = RSAGeneratePublicKey(priBuf.Bytes(), pubBuf)
assert.NoError(t, err)
t.Logf("public key: %s\n", pubBuf.Bytes())

src := []byte("123456")
dst, err := RSAEncrypt(src, pubBuf.Bytes())
assert.NoError(t, err)
t.Logf("encrypt out: %s\n", base64.RawStdEncoding.EncodeToString(dst))

dst, err = RSADecrypt(dst, priBuf.Bytes())
assert.NoError(t, err)

assert.Equal(t, src, dst)

t.Logf("src: %s \ndst:%s", src, dst)
}

func TestRSASign(t *testing.T) {
priBuf := bytes.NewBuffer(nil)
err := RSAGenerateKey(2048, priBuf)
assert.NoError(t, err)
t.Logf("private key: %s\n", priBuf.Bytes())

pubBuf := bytes.NewBuffer(nil)
err = RSAGeneratePublicKey(priBuf.Bytes(), pubBuf)
assert.NoError(t, err)
t.Logf("public key: %s\n", pubBuf.Bytes())

src := []byte("123456")
sign, err := RSASign(src, priBuf.Bytes())
assert.NoError(t, err)
t.Logf("sign out: %s\n", base64.RawStdEncoding.EncodeToString(sign))

err = RSAVerify(src, sign, pubBuf.Bytes())
assert.NoError(t, err)
}

0 comments on commit 57b03f1

Please sign in to comment.