Skip to content

Instantly share code, notes, and snippets.

@huanghantao

huanghantao/RSAUtil.go

Last active March 3, 2019 02:52
Show Gist options
  • Save huanghantao/5e655fdb16582e5bc4f1fa33a12fe54c to your computer and use it in GitHub Desktop.
Save huanghantao/5e655fdb16582e5bc4f1fa33a12fe54c to your computer and use it in GitHub Desktop.
Download ZIP
RSAUtil
Raw
RSAUtil.go
package RSAUtil
import (
"crypto"
"crypto/rand"
"crypto/rsa"
"crypto/sha256"
"crypto/x509"
"encoding/pem"
"errors"
"log"
)
func GenerateKeyPair(bits int) (*rsa.PrivateKey, *rsa.PublicKey) {
privkey, err := rsa.GenerateKey(rand.Reader, bits)
if err != nil {
log.Fatal(err)
}
return privkey, &privkey.PublicKey
}
func PrivateKeyToBytes(priv *rsa.PrivateKey) []byte {
privBytes := pem.EncodeToMemory(
&pem.Block{
Type: "RSA PRIVATE KEY",
Bytes: x509.MarshalPKCS1PrivateKey(priv),
},
)
return privBytes
}
func PublicKeyToBytes(pub *rsa.PublicKey) []byte {
pubASN1, err := x509.MarshalPKIXPublicKey(pub)
if err != nil {
log.Fatal(err)
}
pubBytes := pem.EncodeToMemory(&pem.Block{
Type: "RSA PUBLIC KEY",
Bytes: pubASN1,
})
return pubBytes
}
func BytesToPrivateKey(priv []byte) *rsa.PrivateKey {
block, _ := pem.Decode(priv)
enc := x509.IsEncryptedPEMBlock(block)
b := block.Bytes
var err error
if enc {
log.Println("is encrypted pem block")
b, err = x509.DecryptPEMBlock(block, nil)
if err != nil {
log.Fatal(err)
}
}
key, err := x509.ParsePKCS1PrivateKey(b)
if err != nil {
log.Fatal(err)
}
return key
}
func BytesToPublicKey(pub []byte) *rsa.PublicKey {
block, _ := pem.Decode(pub)
enc := x509.IsEncryptedPEMBlock(block)
b := block.Bytes
var err error
if enc {
log.Println("is encrypted pem block")
b, err = x509.DecryptPEMBlock(block, nil)
if err != nil {
log.Fatal(err)
}
}
ifc, err := x509.ParsePKIXPublicKey(b)
if err != nil {
log.Fatal(err)
}
key, ok := ifc.(*rsa.PublicKey)
if !ok {
log.Fatal("not ok")
}
return key
}
func EncryptWithPublicKey(origData []byte, pubKey []byte) ([]byte, error) {
block, _ := pem.Decode(pubKey)
if block == nil {
return nil, errors.New("public key error")
}
pubInterface, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
return nil, err
}
pub := pubInterface.(*rsa.PublicKey)
return rsa.EncryptPKCS1v15(rand.Reader, pub, origData)
}
func DecryptWithPrivateKey(ciphertext []byte, privKey []byte) ([]byte, error) {
block, _ := pem.Decode(privKey)
if block == nil {
return nil, errors.New("private key error!")
}
priv, err := x509.ParsePKCS1PrivateKey(block.Bytes)
if err != nil {
return nil, err
}
return rsa.DecryptPKCS1v15(rand.Reader, priv, ciphertext)
}
func Sign(origData []byte, privateKey *rsa.PrivateKey) ([]byte, error) {
h := sha256.New()
h.Write(origData)
digest := h.Sum(nil)
s, err := rsa.SignPKCS1v15(nil, privateKey, crypto.SHA256, digest)
if err != nil {
log.Fatal("rsaSign SignPKCS1v15 error")
}
return s, nil
}
func SignVerify(origData []byte, signedData []byte, publicKey []byte) error {
hashed := sha256.Sum256(origData)
block, _ := pem.Decode(publicKey)
if block == nil {
return errors.New("public key error")
}
pubInterface, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
return err
}
pub := pubInterface.(*rsa.PublicKey)
return rsa.VerifyPKCS1v15(pub, crypto.SHA256, hashed[:], signedData)
}
func GetPublicKeyFromCrt(crt []byte) *rsa.PublicKey {
block, _ := pem.Decode(crt)
var cert *x509.Certificate
cert, _ = x509.ParseCertificate(block.Bytes)
rsaPublicKey := cert.PublicKey.(*rsa.PublicKey)
return rsaPublicKey
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment