• Golang-RSA加密解密-数据无大小限制


    Go 实现

    package xrsa
    import (
        "encoding/pem"
        "encoding/base64"
        "crypto/x509"
        "crypto/rsa"
        "crypto/rand"
        "errors"
        "crypto"
        "io"
        "bytes"
        "encoding/asn1"
    )
    const (
        CHAR_SET = "UTF-8"
        BASE_64_FORMAT = "UrlSafeNoPadding"
        RSA_ALGORITHM_KEY_TYPE = "PKCS8"
        RSA_ALGORITHM_SIGN = crypto.SHA256
    )
    type XRsa struct {
        publicKey *rsa.PublicKey
        privateKey *rsa.PrivateKey
    }
    // 生成密钥对
    func CreateKeys(publicKeyWriter, privateKeyWriter io.Writer, keyLength int) error {
        // 生成私钥文件
        privateKey, err := rsa.GenerateKey(rand.Reader, keyLength)
        if err != nil {
            return err
        }
        derStream := MarshalPKCS8PrivateKey(privateKey)
        block := &pem.Block{
            Type:  "PRIVATE KEY",
            Bytes: derStream,
        }
        err = pem.Encode(privateKeyWriter, block)
        if err != nil {
            return err
        }
        // 生成公钥文件
        publicKey := &privateKey.PublicKey
        derPkix, err := x509.MarshalPKIXPublicKey(publicKey)
        if err != nil {
            return err
        }
        block = &pem.Block{
            Type:  "PUBLIC KEY",
            Bytes: derPkix,
        }
        err = pem.Encode(publicKeyWriter, block)
        if err != nil {
            return err
        }
        return nil
    }
    func NewXRsa(publicKey []byte, privateKey []byte) (*XRsa, error) {
        block, _ := pem.Decode(publicKey)
        if block == nil {
            return nil, errors.New("public key error")
        }
        pubInterface, err := x509.ParsePKIXPublicKey(block.Bytes)
        if err != nil {
            return nil, err
        }
        pub := pubInterface.(*rsa.PublicKey)
        block, _ = pem.Decode(privateKey)
        if block == nil {
            return nil, errors.New("private key error!")
        }
        priv, err := x509.ParsePKCS8PrivateKey(block.Bytes)
        if err != nil {
            return nil, err
        }
        pri, ok := priv.(*rsa.PrivateKey)
        if ok {
            return &XRsa {
                publicKey: pub,
                privateKey: pri,
            }, nil
        } else {
            return nil, errors.New("private key not supported")
        }
    }
    // 公钥加密
    func (r *XRsa) PublicEncrypt(data string) (string, error) {
        partLen := r.publicKey.N.BitLen() / 8 - 11
        chunks := split([]byte(data), partLen)
        buffer := bytes.NewBufferString("")
        for _, chunk := range chunks {
            bytes, err := rsa.EncryptPKCS1v15(rand.Reader, r.publicKey, chunk)
            if err != nil {
                return "", err
            }
            buffer.Write(bytes)
        }
        return base64.RawURLEncoding.EncodeToString(buffer.Bytes()), nil
    }
    // 私钥解密
    func (r *XRsa) PrivateDecrypt(encrypted string) (string, error) {
        partLen := r.publicKey.N.BitLen() / 8
        raw, err := base64.RawURLEncoding.DecodeString(encrypted)
        chunks := split([]byte(raw), partLen)
        buffer := bytes.NewBufferString("")
        for _, chunk := range chunks {
            decrypted, err := rsa.DecryptPKCS1v15(rand.Reader, r.privateKey, chunk)
            if err != nil {
                return "", err
            }
            buffer.Write(decrypted)
        }
        return buffer.String(), err
    }
    // 数据加签
    func (r *XRsa) Sign(data string) (string, error) {
        h := RSA_ALGORITHM_SIGN.New()
        h.Write([]byte(data))
        hashed := h.Sum(nil)
        sign, err := rsa.SignPKCS1v15(rand.Reader, r.privateKey, RSA_ALGORITHM_SIGN, hashed)
        if err != nil {
            return "", err
        }
        return base64.RawURLEncoding.EncodeToString(sign), err
    }
    // 数据验签
    func (r *XRsa) Verify(data string, sign string) error {
        h := RSA_ALGORITHM_SIGN.New()
        h.Write([]byte(data))
        hashed := h.Sum(nil)
        decodedSign, err := base64.RawURLEncoding.DecodeString(sign)
        if err != nil {
            return err
        }
        return rsa.VerifyPKCS1v15(r.publicKey, RSA_ALGORITHM_SIGN, hashed, decodedSign)
    }
    func MarshalPKCS8PrivateKey(key *rsa.PrivateKey) []byte {
        info := struct {
            Version             int
            PrivateKeyAlgorithm []asn1.ObjectIdentifier
            PrivateKey          []byte
        }{}
        info.Version = 0
        info.PrivateKeyAlgorithm = make([]asn1.ObjectIdentifier, 1)
        info.PrivateKeyAlgorithm[0] = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 1, 1}
        info.PrivateKey = x509.MarshalPKCS1PrivateKey(key)
        k, _ := asn1.Marshal(info)
        return k
    }
    func split(buf []byte, lim int) [][]byte {
        var chunk []byte
        chunks := make([][]byte, 0, len(buf)/lim+1)
        for len(buf) >= lim {
            chunk, buf = buf[:lim], buf[lim:]
            chunks = append(chunks, chunk)
        }
        if len(buf) > 0 {
            chunks = append(chunks, buf[:len(buf)])
        }
        return chunks
    }

    Php实现

    if (! function_exists('url_safe_base64_encode')) {
        function url_safe_base64_encode ($data) {
            return str_replace(array('+','/', '='),array('-','_', ''), base64_encode($data));
        }
    }
     
    if (! function_exists('url_safe_base64_decode')) {
        function url_safe_base64_decode ($data) {
            $base_64 = str_replace(array('-','_'),array('+','/'), $data);
            return base64_decode($base_64);
        }
    }
     
    class XRsa
    {
        const CHAR_SET = "UTF-8";
        const BASE_64_FORMAT = "UrlSafeNoPadding";
        const RSA_ALGORITHM_KEY_TYPE = OPENSSL_KEYTYPE_RSA;
        const RSA_ALGORITHM_SIGN = OPENSSL_ALGO_SHA256;
     
        protected $public_key;
        protected $private_key;
        protected $key_len;
     
        public function __construct($pub_key, $pri_key = null)
        {
            $this->public_key = $pub_key;
            $this->private_key = $pri_key;
     
            $pub_id = openssl_get_publickey($this->public_key);
            $this->key_len = openssl_pkey_get_details($pub_id)['bits'];
        }
     
        /*
         * 创建密钥对
         */
        public static function createKeys($key_size = 2048)
        {
            $config = array(
                "private_key_bits" => $key_size,
                "private_key_type" => self::RSA_ALGORITHM_KEY_TYPE,
            );
            $res = openssl_pkey_new($config);
            openssl_pkey_export($res, $private_key);
            $public_key_detail = openssl_pkey_get_details($res);
            $public_key = $public_key_detail["key"];
     
            return [
                "public_key" => $public_key,
                "private_key" => $private_key,
            ];
        }
     
        /*
         * 公钥加密
         */
        public function publicEncrypt($data)
        {
            $encrypted = '';
            $part_len = $this->key_len / 8 - 11;
            $parts = str_split($data, $part_len);
     
            foreach ($parts as $part) {
                $encrypted_temp = '';
                openssl_public_encrypt($part, $encrypted_temp, $this->public_key);
                $encrypted .= $encrypted_temp;
            }
     
            return url_safe_base64_encode($encrypted);
        }
     
        /*
         * 私钥解密
         */
        public function privateDecrypt($encrypted)
        {
            $decrypted = "";
            $part_len = $this->key_len / 8;
            $base64_decoded = url_safe_base64_decode($encrypted);
            $parts = str_split($base64_decoded, $part_len);
     
            foreach ($parts as $part) {
                $decrypted_temp = '';
                openssl_private_decrypt($part, $decrypted_temp,$this->private_key);
                $decrypted .= $decrypted_temp;
            }
            return $decrypted;
        }
     
        /*
         * 私钥加密
         */
        public function privateEncrypt($data)
        {
            $encrypted = '';
            $part_len = $this->key_len / 8 - 11;
            $parts = str_split($data, $part_len);
     
            foreach ($parts as $part) {
                $encrypted_temp = '';
                openssl_private_encrypt($part, $encrypted_temp, $this->private_key);
                $encrypted .= $encrypted_temp;
            }
     
            return url_safe_base64_encode($encrypted);
        }
     
        /*
         * 公钥解密
         */
        public function publicDecrypt($encrypted)
        {
            $decrypted = "";
            $part_len = $this->key_len / 8;
            $base64_decoded = url_safe_base64_decode($encrypted);
            $parts = str_split($base64_decoded, $part_len);
     
            foreach ($parts as $part) {
                $decrypted_temp = '';
                openssl_public_decrypt($part, $decrypted_temp,$this->public_key);
                $decrypted .= $decrypted_temp;
            }
            return $decrypted;
        }
     
        /*
         * 数据加签
         */
        public function sign($data)
        {
            openssl_sign($data, $sign, $this->private_key, self::RSA_ALGORITHM_SIGN);
     
            return url_safe_base64_encode($sign);
        }
     
        /*
         * 数据签名验证
         */
        public function verify($data, $sign)
        {
            $pub_id = openssl_get_publickey($this->public_key);
            $res = openssl_verify($data, url_safe_base64_decode($sign), $pub_id, self::RSA_ALGORITHM_SIGN);
     
            return $res;
        }
    }
  • 相关阅读:
    python中神之bug
    常用好的软件
    远程登录
    centos7改静态ip
    SpringMVC归纳
    mysql数据库操作手册
    MyBatis归纳
    Maven归纳
    maven操作手册
    java知识库
  • 原文地址:https://www.cnblogs.com/akidongzi/p/12036165.html
Copyright © 2020-2023  润新知