怎么用 GO 实现 RSA 的公钥加密私钥解密呢

不是私钥加密公钥解密

回答:

import (

"crypto/rand"

"crypto/rsa"

"crypto/x509"

"encoding/pem"

"errors"

)

// 加密

func RsaEncrypt(publicKey []byte, origData []byte) ([]byte, error) {

block, _ := pem.Decode(publicKey)

if block == nil {

return nil, errors.New("public key error")

}

pubInterface, err := x509.ParsePKIXPublicKey(block.Bytes)

if err != nil {

return nil, err

}

pub := pubInterface.(*rsa.PublicKey)

return rsa.EncryptPKCS1v15(rand.Reader, pub, origData)

}

// 解密

func RsaDecrypt(privateKey []byte, ciphertext []byte) ([]byte, error) {

block, _ := pem.Decode(privateKey)

if block == nil {

return nil, errors.New("private key error!")

}

priv, err := x509.ParsePKCS1PrivateKey(block.Bytes)

if err != nil {

return nil, err

}

return rsa.DecryptPKCS1v15(rand.Reader, priv, ciphertext)

}

回答:

公钥解密,私钥加密,原生go的实现: https://gist.github.com/yanue...

// pure-go  implementation missing in 'crypto/rsa' package of openssl functions RSA_public_encrypt and RSA_private_decrypt.

// see: https://github.com/buf1024/golib/blob/master/crypt/rsa.go

package rsa

import (

"crypto"

"crypto/rsa"

"errors"

"fmt"

"math/big"

)

// copy from crypto/rsa/pkcs1v5.go

var hashPrefixes = map[crypto.Hash][]byte{

crypto.MD5: {0x30, 0x20, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x05, 0x05, 0x00, 0x04, 0x10},

crypto.SHA1: {0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14},

crypto.SHA224: {0x30, 0x2d, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04, 0x05, 0x00, 0x04, 0x1c},

crypto.SHA256: {0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20},

crypto.SHA384: {0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, 0x00, 0x04, 0x30},

crypto.SHA512: {0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40},

crypto.MD5SHA1: {}, // A special TLS case which doesn't use an ASN1 prefix.

crypto.RIPEMD160: {0x30, 0x20, 0x30, 0x08, 0x06, 0x06, 0x28, 0xcf, 0x06, 0x03, 0x00, 0x31, 0x04, 0x14},

}

// copy from crypto/rsa/pkcs1v5.go

func encrypt(c *big.Int, pub *rsa.PublicKey, m *big.Int) *big.Int {

e := big.NewInt(int64(pub.E))

c.Exp(m, e, pub.N)

return c

}

// copy from crypto/rsa/pkcs1v5.go

func pkcs1v15HashInfo(hash crypto.Hash, inLen int) (hashLen int, prefix []byte, err error) {

// Special case: crypto.Hash(0) is used to indicate that the data is

// signed directly.

if hash == 0 {

return inLen, nil, nil

}

hashLen = hash.Size()

if inLen != hashLen {

return 0, nil, errors.New("crypto/rsa: input must be hashed message")

}

prefix, ok := hashPrefixes[hash]

if !ok {

return 0, nil, errors.New("crypto/rsa: unsupported hash function")

}

return

}

// copy from crypto/rsa/pkcs1v5.go

func leftPad(input []byte, size int) (out []byte) {

n := len(input)

if n > size {

n = size

}

out = make([]byte, size)

copy(out[len(out)-n:], input)

return

}

// un LeftPad

func unLeftPad(input []byte) (out []byte) {

n := len(input)

t := 2

for i := 2; i < n; i++ {

if input[i] == 0xff {

t = t + 1

} else {

if input[i] == input[0] {

t = t + int(input[1])

}

break

}

}

out = make([]byte, n-t)

copy(out, input[t:])

return

}

// copy&modified from crypto/rsa/pkcs1v5.go

func publicDecrypt(pub *rsa.PublicKey, hash crypto.Hash, hashed []byte, sig []byte) (out []byte, err error) {

hashLen, prefix, err := pkcs1v15HashInfo(hash, len(hashed))

if err != nil {

return nil, err

}

tLen := len(prefix) + hashLen

k := (pub.N.BitLen() + 7) / 8

if k < tLen+11 {

return nil, fmt.Errorf("length illegal")

}

c := new(big.Int).SetBytes(sig)

m := encrypt(new(big.Int), pub, c)

em := leftPad(m.Bytes(), k)

out = unLeftPad(em)

err = nil

return

}

// pure-go realization of RSA_private_encrypt

func rsaPrivateEncrypt(pri *rsa.PrivateKey, data []byte) ([]byte, error) {

signData, err := rsa.SignPKCS1v15(nil, pri, crypto.Hash(0), data)

if err != nil {

return nil, err

}

return signData, nil

}

// pure-go realization of RSA_public_decrypt

func rsaPublicDecrypt(pub *rsa.PublicKey, data []byte) ([]byte, error) {

decData, err := publicDecrypt(pub, crypto.Hash(0), nil, data)

if err != nil {

return nil, err

}

return decData, nil

}

以上是 怎么用 GO 实现 RSA 的公钥加密私钥解密呢 的全部内容, 来源链接: www.h5w3.com/183796.html

回到顶部