Update crypto

1. Add Md5 encrypt 2. Add NewKeyRSA 3. Update aes with key, iv
3 years ago · b9fe8c9ef2
parent 066f6829bd
commit b9fe8c9ef2
6 changed files with 146 additions and 82 deletions
--- a/crypto/aes.go
+++ b/crypto/aes.go
@ -0,0 +1,47 @@
+package crypto
+
+import (
+	"bytes"
+	"crypto/aes"
+	"crypto/cipher"
+)
+
+func paddingPKCS7(ciphertext []byte, blockSize int) []byte {
+	padding := blockSize - len(ciphertext)%blockSize
+	padtext := bytes.Repeat([]byte{byte(padding)}, padding)
+	return append(ciphertext, padtext...)
+}
+
+func unpaddingPKCS7(origData []byte) []byte {
+	length := len(origData)
+	unpadding := int(origData[length-1])
+	return origData[:(length - unpadding)]
+}
+
+//EncryptAES 加密函式
+func EncryptAES(plaintext, key, iv []byte) ([]byte, error) {
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, err
+	}
+	blockSize := block.BlockSize()
+	plaintext = paddingPKCS7(plaintext, blockSize)
+	blockMode := cipher.NewCBCEncrypter(block, iv)
+	crypted := make([]byte, len(plaintext))
+	blockMode.CryptBlocks(crypted, plaintext)
+	return crypted, nil
+}
+
+// DecryptAES 解密函式
+func DecryptAES(ciphertext, key, iv []byte) ([]byte, error) {
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, err
+	}
+	blockSize := block.BlockSize()
+	blockMode := cipher.NewCBCDecrypter(block, iv[:blockSize])
+	origData := make([]byte, len(ciphertext))
+	blockMode.CryptBlocks(origData, ciphertext)
+	origData = unpaddingPKCS7(origData)
+	return origData, nil
+}
--- a/crypto/crypto.go
+++ b/crypto/crypto.go
@ -1,19 +1,20 @@
 package crypto

 import (
-	"crypto/rand"
-	"crypto/rsa"
+	"crypto/md5"
 	"crypto/sha1"
 	"crypto/sha256"
-	"crypto/x509"
-	"encoding/pem"
-	"errors"
 	"fmt"
-
-	"github.com/Luzifer/go-openssl/v3"
-	"golang.org/x/crypto/bcrypt"
 )

+// MD5 回傳md5加密
+func MD5(v string) string {
+	h := md5.New()
+	h.Write([]byte(v))
+	bs := h.Sum(nil)
+	return fmt.Sprintf("%x", bs)
+}
+
 // SHA1 回傳sha1加密
 func SHA1(v string) string {
 	h := sha1.New()
@ -29,73 +30,3 @@ func SHA256(v string) string {
 	bs := h.Sum(nil)
 	return fmt.Sprintf("%x", bs)
 }
-
-// EncryptPassword 加密密碼
-func EncryptPassword(pwd string) (string, error) {
-	hash, err := bcrypt.GenerateFromPassword([]byte(pwd), bcrypt.DefaultCost)
-	if err != nil {
-		return "", err
-	}
-
-	return string(hash), nil
-}
-
-// CheckPassword 檢查密碼
-func CheckPassword(pwd, hash string) error {
-	return bcrypt.CompareHashAndPassword([]byte(hash), []byte(pwd))
-}
-
-// EncryptAES aes加密
-func EncryptAES(value, key string) ([]byte, error) {
-	o := openssl.New()
-
-	enc, err := o.EncryptBytes(key, []byte(value), openssl.DigestMD5Sum)
-	if err != nil {
-		return nil, err
-	}
-
-	return enc, nil
-}
-
-// DecryptAES aes解密
-func DecryptAES(value, key string) ([]byte, error) {
-	o := openssl.New()
-
-	dec, err := o.DecryptBytes(key, []byte(value), openssl.DigestMD5Sum)
-	if err != nil {
-		return nil, err
-	}
-
-	return dec, nil
-}
-
-// EncryptRSA rsa加密
-func EncryptRSA(value, publicKey []byte) ([]byte, error) {
-	block, _ := pem.Decode(publicKey)
-	if block == nil {
-		return nil, errors.New("public key error")
-	}
-
-	pubInterface, err := x509.ParsePKIXPublicKey(block.Bytes)
-	if err != nil {
-		return nil, err
-	}
-
-	pub := pubInterface.(*rsa.PublicKey)
-	return rsa.EncryptPKCS1v15(rand.Reader, pub, value)
-}
-
-// DecryptRSA rsa解密
-func DecryptRSA(ciphertext, privateKey []byte) ([]byte, error) {
-	block, _ := pem.Decode(privateKey)
-	if block == nil {
-		return nil, errors.New("private key error")
-	}
-
-	priv, err := x509.ParsePKCS1PrivateKey(block.Bytes)
-	if err != nil {
-		return nil, err
-	}
-
-	return rsa.DecryptPKCS1v15(rand.Reader, priv, ciphertext)
-}
--- a/crypto/password.go
+++ b/crypto/password.go
@ -0,0 +1,20 @@
+package crypto
+
+import (
+	"golang.org/x/crypto/bcrypt"
+)
+
+// EncryptPassword 加密密碼
+func EncryptPassword(pwd string) (string, error) {
+	hash, err := bcrypt.GenerateFromPassword([]byte(pwd), bcrypt.DefaultCost)
+	if err != nil {
+		return "", err
+	}
+
+	return string(hash), nil
+}
+
+// CheckPassword 檢查密碼
+func CheckPassword(pwd, hash string) error {
+	return bcrypt.CompareHashAndPassword([]byte(hash), []byte(pwd))
+}
--- a/crypto/rsa.go
+++ b/crypto/rsa.go
@ -0,0 +1,70 @@
+package crypto
+
+import (
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/x509"
+	"encoding/pem"
+	"errors"
+)
+
+func NewKeyRSA(bitSize int) (pubPEM []byte, keyPEM []byte, err error) {
+	// Generate RSA key.
+	key, err := rsa.GenerateKey(rand.Reader, bitSize)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	// Extract public component.
+	pubBytes, err := x509.MarshalPKIXPublicKey(key.Public())
+	if err != nil {
+		return nil, nil, err
+	}
+	pubPEM = pem.EncodeToMemory(
+		&pem.Block{
+			Type:  "RSA PUBLIC KEY",
+			Bytes: pubBytes,
+		},
+	)
+
+	// Encode private key to PKCS#1 ASN.1 PEM.
+	keyPEM = pem.EncodeToMemory(
+		&pem.Block{
+			Type:  "RSA PRIVATE KEY",
+			Bytes: x509.MarshalPKCS1PrivateKey(key),
+		},
+	)
+
+	return pubPEM, keyPEM, nil
+}
+
+// EncryptRSA rsa加密
+func EncryptRSA(value, publicKey []byte) ([]byte, error) {
+	block, _ := pem.Decode(publicKey)
+	if block == nil {
+		return nil, errors.New("public key error")
+	}
+
+	pubInterface, err := x509.ParsePKIXPublicKey(block.Bytes)
+	if err != nil {
+		return nil, err
+	}
+
+	pub := pubInterface.(*rsa.PublicKey)
+	return rsa.EncryptPKCS1v15(rand.Reader, pub, value)
+}
+
+// DecryptRSA rsa解密
+func DecryptRSA(ciphertext, privateKey []byte) ([]byte, error) {
+	block, _ := pem.Decode(privateKey)
+	if block == nil {
+		return nil, errors.New("private key error")
+	}
+
+	priv, err := x509.ParsePKCS1PrivateKey(block.Bytes)
+	if err != nil {
+		return nil, err
+	}
+
+	return rsa.DecryptPKCS1v15(rand.Reader, priv, ciphertext)
+}
--- a/go.mod
+++ b/go.mod
@ -3,7 +3,6 @@ module git.simts.cc/common/lib
 go 1.14

 require (
-	github.com/Luzifer/go-openssl/v3 v3.1.0
 	github.com/dgrijalva/jwt-go v3.2.0+incompatible
 	github.com/mojocn/base64Captcha v1.3.1
 	go.uber.org/zap v1.15.0
--- a/go.sum
+++ b/go.sum
@ -1,7 +1,5 @@
 github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
-github.com/Luzifer/go-openssl/v3 v3.1.0 h1:QqKqo6kYXGGUsvtUoCpRZm8lHw+jDfhbzr36gVj+/gw=
-github.com/Luzifer/go-openssl/v3 v3.1.0/go.mod h1:liy3FXuuS8hfDlYh1T+l78AwQ/NjZflJz0NDvjKhwDs=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@ -36,7 +34,6 @@ go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9E
 go.uber.org/zap v1.15.0 h1:ZZCA22JRF2gQE5FoNmhmrf7jeJJ2uhqDUNRYKm8dvmM=
 go.uber.org/zap v1.15.0/go.mod h1:Mb2vm2krFEG5DV0W9qcHBYFtp/Wku1cvYaqPsS/WYfc=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529 h1:iMGN4xG0cnqj3t+zOM8wUB0BiPKHEwSxEZCvzcbZuvk=
 golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=