├── rsa.go ├── rsa_test.go ├── README.md └── rsa_ext.go /rsa.go: -------------------------------------------------------------------------------- 1 | package gorsa 2 | 3 | import ( 4 | "bytes" 5 | "crypto/rsa" 6 | "errors" 7 | "io/ioutil" 8 | ) 9 | 10 | var RSA = &RSASecurity{} 11 | 12 | type RSASecurity struct { 13 | pubStr string //公钥字符串 14 | priStr string //私钥字符串 15 | pubkey *rsa.PublicKey //公钥 16 | prikey *rsa.PrivateKey //私钥 17 | } 18 | 19 | // 设置公钥 20 | func (rsas *RSASecurity) SetPublicKey(pubStr string) (err error) { 21 | rsas.pubStr = pubStr 22 | rsas.pubkey, err = rsas.GetPublickey() 23 | return err 24 | } 25 | 26 | // 设置私钥 27 | func (rsas *RSASecurity) SetPrivateKey(priStr string) (err error) { 28 | rsas.priStr = priStr 29 | rsas.prikey, err = rsas.GetPrivatekey() 30 | return err 31 | } 32 | 33 | // *rsa.PublicKey 34 | func (rsas *RSASecurity) GetPrivatekey() (*rsa.PrivateKey, error) { 35 | return getPriKey([]byte(rsas.priStr)) 36 | } 37 | 38 | // *rsa.PrivateKey 39 | func (rsas *RSASecurity) GetPublickey() (*rsa.PublicKey, error) { 40 | return getPubKey([]byte(rsas.pubStr)) 41 | } 42 | 43 | // 公钥加密 44 | func (rsas *RSASecurity) PubKeyENCTYPT(input []byte) ([]byte, error) { 45 | if rsas.pubkey == nil { 46 | return []byte(""), errors.New(`Please set the public key in advance`) 47 | } 48 | output := bytes.NewBuffer(nil) 49 | err := pubKeyIO(rsas.pubkey, bytes.NewReader(input), output, true) 50 | if err != nil { 51 | return []byte(""), err 52 | } 53 | return ioutil.ReadAll(output) 54 | } 55 | 56 | // 公钥解密 57 | func (rsas *RSASecurity) PubKeyDECRYPT(input []byte) ([]byte, error) { 58 | if rsas.pubkey == nil { 59 | return []byte(""), errors.New(`Please set the public key in advance`) 60 | } 61 | output := bytes.NewBuffer(nil) 62 | err := pubKeyIO(rsas.pubkey, bytes.NewReader(input), output, false) 63 | if err != nil { 64 | return []byte(""), err 65 | } 66 | return ioutil.ReadAll(output) 67 | } 68 | 69 | // 私钥加密 70 | func (rsas *RSASecurity) PriKeyENCTYPT(input []byte) ([]byte, error) { 71 | if rsas.prikey == nil { 72 | return []byte(""), errors.New(`Please set the private key in advance`) 73 | } 74 | output := bytes.NewBuffer(nil) 75 | err := priKeyIO(rsas.prikey, bytes.NewReader(input), output, true) 76 | if err != nil { 77 | return []byte(""), err 78 | } 79 | return ioutil.ReadAll(output) 80 | } 81 | 82 | // 私钥解密 83 | func (rsas *RSASecurity) PriKeyDECRYPT(input []byte) ([]byte, error) { 84 | if rsas.prikey == nil { 85 | return []byte(""), errors.New(`Please set the private key in advance`) 86 | } 87 | output := bytes.NewBuffer(nil) 88 | err := priKeyIO(rsas.prikey, bytes.NewReader(input), output, false) 89 | if err != nil { 90 | return []byte(""), err 91 | } 92 | 93 | return ioutil.ReadAll(output) 94 | } 95 | -------------------------------------------------------------------------------- /rsa_test.go: -------------------------------------------------------------------------------- 1 | package gorsa 2 | 3 | import ( 4 | "testing" 5 | ) 6 | 7 | func init() { 8 | 9 | } 10 | 11 | var Pubkey = `-----BEGIN 公钥----- 12 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+89V7vpOj1rG6bTAKYM 13 | 56qmFLwNCBVDJ3MltVVtxVUUByqc5b6u909MmmrLBqS//PWC6zc3wZzU1+ayh8xb 14 | UAEZuA3EjlPHIaFIVIz04RaW10+1xnby/RQE23tDqsv9a2jv/axjE/27b62nzvCW 15 | eItu1kNQ3MGdcuqKjke+LKhQ7nWPRCOd/ffVqSuRvG0YfUEkOz/6UpsPr6vrI331 16 | hWRB4DlYy8qFUmDsyvvExe4NjZWblXCqkEXRRAhi2SQRCl3teGuIHtDUxCskRIDi 17 | aMD+Qt2Yp+Vvbz6hUiqIWSIH1BoHJer/JOq2/O6X3cmuppU4AdVNgy8Bq236iXvr 18 | MQIDAQAB 19 | -----END 公钥----- 20 | ` 21 | 22 | var Pirvatekey = `-----BEGIN 私钥----- 23 | MIIEpAIBAAKCAQEAk+89V7vpOj1rG6bTAKYM56qmFLwNCBVDJ3MltVVtxVUUByqc 24 | 5b6u909MmmrLBqS//PWC6zc3wZzU1+ayh8xbUAEZuA3EjlPHIaFIVIz04RaW10+1 25 | xnby/RQE23tDqsv9a2jv/axjE/27b62nzvCWeItu1kNQ3MGdcuqKjke+LKhQ7nWP 26 | RCOd/ffVqSuRvG0YfUEkOz/6UpsPr6vrI331hWRB4DlYy8qFUmDsyvvExe4NjZWb 27 | lXCqkEXRRAhi2SQRCl3teGuIHtDUxCskRIDiaMD+Qt2Yp+Vvbz6hUiqIWSIH1BoH 28 | Jer/JOq2/O6X3cmuppU4AdVNgy8Bq236iXvrMQIDAQABAoIBAQCCbxZvHMfvCeg+ 29 | YUD5+W63dMcq0QPMdLLZPbWpxMEclH8sMm5UQ2SRueGY5UBNg0WkC/R64BzRIS6p 30 | jkcrZQu95rp+heUgeM3C4SmdIwtmyzwEa8uiSY7Fhbkiq/Rly6aN5eB0kmJpZfa1 31 | 6S9kTszdTFNVp9TMUAo7IIE6IheT1x0WcX7aOWVqp9MDXBHV5T0Tvt8vFrPTldFg 32 | IuK45t3tr83tDcx53uC8cL5Ui8leWQjPh4BgdhJ3/MGTDWg+LW2vlAb4x+aLcDJM 33 | CH6Rcb1b8hs9iLTDkdVw9KirYQH5mbACXZyDEaqj1I2KamJIU2qDuTnKxNoc96HY 34 | 2XMuSndhAoGBAMPwJuPuZqioJfNyS99x++ZTcVVwGRAbEvTvh6jPSGA0k3cYKgWR 35 | NnssMkHBzZa0p3/NmSwWc7LiL8whEFUDAp2ntvfPVJ19Xvm71gNUyCQ/hojqIAXy 36 | tsNT1gBUTCMtFZmAkUsjqdM/hUnJMM9zH+w4lt5QM2y/YkCThoI65BVbAoGBAMFI 37 | GsIbnJDNhVap7HfWcYmGOlWgEEEchG6Uq6Lbai9T8c7xMSFc6DQiNMmQUAlgDaMV 38 | b6izPK4KGQaXMFt5h7hekZgkbxCKBd9xsLM72bWhM/nd/HkZdHQqrNAPFhY6/S8C 39 | IjRnRfdhsjBIA8K73yiUCsQlHAauGfPzdHET8ktjAoGAQdxeZi1DapuirhMUN9Zr 40 | kr8nkE1uz0AafiRpmC+cp2Hk05pWvapTAtIXTo0jWu38g3QLcYtWdqGa6WWPxNOP 41 | NIkkcmXJjmqO2yjtRg9gevazdSAlhXpRPpTWkSPEt+o2oXNa40PomK54UhYDhyeu 42 | akuXQsD4mCw4jXZJN0suUZMCgYAgzpBcKjulCH19fFI69RdIdJQqPIUFyEViT7Hi 43 | bsPTTLham+3u78oqLzQukmRDcx5ddCIDzIicMfKVf8whertivAqSfHytnf/pMW8A 44 | vUPy5G3iF5/nHj76CNRUbHsfQtv+wqnzoyPpHZgVQeQBhcoXJSm+qV3cdGjLU6OM 45 | HgqeaQKBgQCnmL5SX7GSAeB0rSNugPp2GezAQj0H4OCc8kNrHK8RUvXIU9B2zKA2 46 | z/QUKFb1gIGcKxYr+LqQ25/+TGvINjuf6P3fVkHL0U8jOG0IqpPJXO3Vl9B8ewWL 47 | cFQVB/nQfmaMa4ChK0QEUe+Mqi++MwgYbRHx1lIOXEfUJO+PXrMekw== 48 | -----END 私钥----- 49 | ` 50 | 51 | func Test_SetPublicKey(t *testing.T) { 52 | if err := RSA.SetPublicKey(Pubkey); err != nil { 53 | t.Error(err) 54 | } 55 | } 56 | 57 | func Test_SetPrivateKey(t *testing.T) { 58 | if err := RSA.SetPrivateKey(Pirvatekey); err != nil { 59 | t.Error(err) 60 | } 61 | } 62 | 63 | // 公钥加密私钥解密 64 | func Test_PubENCTYPTPriDECRYPT(t *testing.T) { 65 | if err := RSA.SetPublicKey(Pubkey); err != nil { 66 | t.Error(err) 67 | } 68 | if err := RSA.SetPrivateKey(Pirvatekey); err != nil { 69 | t.Error(err) 70 | } 71 | pubenctypt, err := RSA.PubKeyENCTYPT([]byte(`hello world`)) 72 | if err != nil { 73 | t.Error(err) 74 | } 75 | 76 | pridecrypt, err := RSA.PriKeyDECRYPT(pubenctypt) 77 | if err != nil { 78 | t.Error(err) 79 | } 80 | if string(pridecrypt) != `hello world` { 81 | t.Error(`不符合预期`) 82 | } 83 | } 84 | 85 | // 公钥解密私钥加密 86 | func Test_PriENCTYPTPubDECRYPT(t *testing.T) { 87 | if err := RSA.SetPublicKey(Pubkey); err != nil { 88 | t.Error(err) 89 | } 90 | if err := RSA.SetPrivateKey(Pirvatekey); err != nil { 91 | t.Error(err) 92 | } 93 | prienctypt, err := RSA.PriKeyENCTYPT([]byte(`hello world`)) 94 | if err != nil { 95 | t.Error(err) 96 | } 97 | pubdecrypt, err := RSA.PubKeyDECRYPT(prienctypt) 98 | if err != nil { 99 | t.Error(err) 100 | } 101 | if string(pubdecrypt) != `hello world` { 102 | t.Error(`不符合预期`) 103 | } 104 | } 105 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ## gorsa 2 | 3 | gorsa 支持rsa公钥加密私钥解密;支持rsa公钥解密私钥加密。 4 | 5 | ## gorsa 使用方法 6 | 7 | 使用方法: `go get github.com/farmerx/gorsa` 8 | 9 | ```vim 10 | package main 11 | 12 | import ( 13 | "log" 14 | 15 | "errors" 16 | 17 | "github.com/farmerx/gorsa" 18 | ) 19 | 20 | var Pubkey = `-----BEGIN 公钥----- 21 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+89V7vpOj1rG6bTAKYM 22 | 56qmFLwNCBVDJ3MltVVtxVUUByqc5b6u909MmmrLBqS//PWC6zc3wZzU1+ayh8xb 23 | UAEZuA3EjlPHIaFIVIz04RaW10+1xnby/RQE23tDqsv9a2jv/axjE/27b62nzvCW 24 | eItu1kNQ3MGdcuqKjke+LKhQ7nWPRCOd/ffVqSuRvG0YfUEkOz/6UpsPr6vrI331 25 | hWRB4DlYy8qFUmDsyvvExe4NjZWblXCqkEXRRAhi2SQRCl3teGuIHtDUxCskRIDi 26 | aMD+Qt2Yp+Vvbz6hUiqIWSIH1BoHJer/JOq2/O6X3cmuppU4AdVNgy8Bq236iXvr 27 | MQIDAQAB 28 | -----END 公钥----- 29 | ` 30 | 31 | var Pirvatekey = `-----BEGIN 私钥----- 32 | MIIEpAIBAAKCAQEAk+89V7vpOj1rG6bTAKYM56qmFLwNCBVDJ3MltVVtxVUUByqc 33 | 5b6u909MmmrLBqS//PWC6zc3wZzU1+ayh8xbUAEZuA3EjlPHIaFIVIz04RaW10+1 34 | xnby/RQE23tDqsv9a2jv/axjE/27b62nzvCWeItu1kNQ3MGdcuqKjke+LKhQ7nWP 35 | RCOd/ffVqSuRvG0YfUEkOz/6UpsPr6vrI331hWRB4DlYy8qFUmDsyvvExe4NjZWb 36 | lXCqkEXRRAhi2SQRCl3teGuIHtDUxCskRIDiaMD+Qt2Yp+Vvbz6hUiqIWSIH1BoH 37 | Jer/JOq2/O6X3cmuppU4AdVNgy8Bq236iXvrMQIDAQABAoIBAQCCbxZvHMfvCeg+ 38 | YUD5+W63dMcq0QPMdLLZPbWpxMEclH8sMm5UQ2SRueGY5UBNg0WkC/R64BzRIS6p 39 | jkcrZQu95rp+heUgeM3C4SmdIwtmyzwEa8uiSY7Fhbkiq/Rly6aN5eB0kmJpZfa1 40 | 6S9kTszdTFNVp9TMUAo7IIE6IheT1x0WcX7aOWVqp9MDXBHV5T0Tvt8vFrPTldFg 41 | IuK45t3tr83tDcx53uC8cL5Ui8leWQjPh4BgdhJ3/MGTDWg+LW2vlAb4x+aLcDJM 42 | CH6Rcb1b8hs9iLTDkdVw9KirYQH5mbACXZyDEaqj1I2KamJIU2qDuTnKxNoc96HY 43 | 2XMuSndhAoGBAMPwJuPuZqioJfNyS99x++ZTcVVwGRAbEvTvh6jPSGA0k3cYKgWR 44 | NnssMkHBzZa0p3/NmSwWc7LiL8whEFUDAp2ntvfPVJ19Xvm71gNUyCQ/hojqIAXy 45 | tsNT1gBUTCMtFZmAkUsjqdM/hUnJMM9zH+w4lt5QM2y/YkCThoI65BVbAoGBAMFI 46 | GsIbnJDNhVap7HfWcYmGOlWgEEEchG6Uq6Lbai9T8c7xMSFc6DQiNMmQUAlgDaMV 47 | b6izPK4KGQaXMFt5h7hekZgkbxCKBd9xsLM72bWhM/nd/HkZdHQqrNAPFhY6/S8C 48 | IjRnRfdhsjBIA8K73yiUCsQlHAauGfPzdHET8ktjAoGAQdxeZi1DapuirhMUN9Zr 49 | kr8nkE1uz0AafiRpmC+cp2Hk05pWvapTAtIXTo0jWu38g3QLcYtWdqGa6WWPxNOP 50 | NIkkcmXJjmqO2yjtRg9gevazdSAlhXpRPpTWkSPEt+o2oXNa40PomK54UhYDhyeu 51 | akuXQsD4mCw4jXZJN0suUZMCgYAgzpBcKjulCH19fFI69RdIdJQqPIUFyEViT7Hi 52 | bsPTTLham+3u78oqLzQukmRDcx5ddCIDzIicMfKVf8whertivAqSfHytnf/pMW8A 53 | vUPy5G3iF5/nHj76CNRUbHsfQtv+wqnzoyPpHZgVQeQBhcoXJSm+qV3cdGjLU6OM 54 | HgqeaQKBgQCnmL5SX7GSAeB0rSNugPp2GezAQj0H4OCc8kNrHK8RUvXIU9B2zKA2 55 | z/QUKFb1gIGcKxYr+LqQ25/+TGvINjuf6P3fVkHL0U8jOG0IqpPJXO3Vl9B8ewWL 56 | cFQVB/nQfmaMa4ChK0QEUe+Mqi++MwgYbRHx1lIOXEfUJO+PXrMekw== 57 | -----END 私钥----- 58 | ` 59 | 60 | // 初始化设置公钥和私钥 61 | func init() { 62 | if err := gorsa.RSA.SetPublicKey(Pubkey); err != nil { 63 | log.Fatalln(`set public key :`, err) 64 | } 65 | if err := gorsa.RSA.SetPrivateKey(Pirvatekey); err != nil { 66 | log.Fatalln(`set private key :`, err) 67 | } 68 | } 69 | 70 | func main() { 71 | // 公钥加密私钥解密 72 | if err := applyPubEPriD(); err != nil { 73 | log.Println(err) 74 | } 75 | // 公钥解密私钥加密 76 | if err := applyPriEPubD(); err != nil { 77 | log.Println(err) 78 | } 79 | } 80 | 81 | // 公钥加密私钥解密 82 | func applyPubEPriD() error { 83 | pubenctypt, err := gorsa.RSA.PubKeyENCTYPT([]byte(`hello world`)) 84 | if err != nil { 85 | return err 86 | } 87 | 88 | pridecrypt, err := gorsa.RSA.PriKeyDECRYPT(pubenctypt) 89 | if err != nil { 90 | return err 91 | } 92 | if string(pridecrypt) != `hello world` { 93 | return errors.New(`解密失败`) 94 | } 95 | return nil 96 | } 97 | 98 | // 公钥解密私钥加密 99 | func applyPriEPubD() error { 100 | prienctypt, err := gorsa.RSA.PriKeyENCTYPT([]byte(`hello world`)) 101 | if err != nil { 102 | return err 103 | } 104 | 105 | pubdecrypt, err := gorsa.RSA.PubKeyDECRYPT(prienctypt) 106 | if err != nil { 107 | return err 108 | } 109 | if string(pubdecrypt) != `hello world` { 110 | return errors.New(`解密失败`) 111 | } 112 | return nil 113 | } 114 | 115 | ``` 116 | 117 | 118 | 119 | 120 | -------------------------------------------------------------------------------- /rsa_ext.go: -------------------------------------------------------------------------------- 1 | package gorsa 2 | 3 | import ( 4 | "bytes" 5 | "crypto/rand" 6 | "crypto/rsa" 7 | "crypto/x509" 8 | "encoding/pem" 9 | "errors" 10 | "io" 11 | "io/ioutil" 12 | "math/big" 13 | ) 14 | 15 | var ( 16 | ErrDataToLarge = errors.New("message too long for RSA public key size") 17 | ErrDataLen = errors.New("data length error") 18 | ErrDataBroken = errors.New("data broken, first byte is not zero") 19 | ErrKeyPairDismatch = errors.New("data is not encrypted by the private key") 20 | ErrDecryption = errors.New("decryption error") 21 | ErrPublicKey = errors.New("get public key error") 22 | ErrPrivateKey = errors.New("get private key error") 23 | ) 24 | 25 | // 设置公钥 26 | func getPubKey(publickey []byte) (*rsa.PublicKey, error) { 27 | // decode public key 28 | block, _ := pem.Decode(publickey) 29 | if block == nil { 30 | return nil, errors.New("get public key error") 31 | } 32 | // x509 parse public key 33 | pub, err := x509.ParsePKIXPublicKey(block.Bytes) 34 | if err != nil { 35 | return nil, err 36 | } 37 | return pub.(*rsa.PublicKey), err 38 | } 39 | 40 | // 设置私钥 41 | func getPriKey(privatekey []byte) (*rsa.PrivateKey, error) { 42 | block, _ := pem.Decode(privatekey) 43 | if block == nil { 44 | return nil, errors.New("get private key error") 45 | } 46 | pri, err := x509.ParsePKCS1PrivateKey(block.Bytes) 47 | if err == nil { 48 | return pri, nil 49 | } 50 | pri2, err := x509.ParsePKCS8PrivateKey(block.Bytes) 51 | if err != nil { 52 | return nil, err 53 | } 54 | return pri2.(*rsa.PrivateKey), nil 55 | } 56 | 57 | // 公钥加密或解密byte 58 | func pubKeyByte(pub *rsa.PublicKey, in []byte, isEncrytp bool) ([]byte, error) { 59 | k := (pub.N.BitLen() + 7) / 8 60 | if isEncrytp { 61 | k = k - 11 62 | } 63 | if len(in) <= k { 64 | if isEncrytp { 65 | return rsa.EncryptPKCS1v15(rand.Reader, pub, in) 66 | } else { 67 | return pubKeyDecrypt(pub, in) 68 | } 69 | } else { 70 | iv := make([]byte, k) 71 | out := bytes.NewBuffer(iv) 72 | if err := pubKeyIO(pub, bytes.NewReader(in), out, isEncrytp); err != nil { 73 | return nil, err 74 | } 75 | return ioutil.ReadAll(out) 76 | } 77 | } 78 | 79 | // 私钥加密或解密byte 80 | func priKeyByte(pri *rsa.PrivateKey, in []byte, isEncrytp bool) ([]byte, error) { 81 | k := (pri.N.BitLen() + 7) / 8 82 | if isEncrytp { 83 | k = k - 11 84 | } 85 | if len(in) <= k { 86 | if isEncrytp { 87 | return priKeyEncrypt(rand.Reader, pri, in) 88 | } else { 89 | return rsa.DecryptPKCS1v15(rand.Reader, pri, in) 90 | } 91 | } else { 92 | iv := make([]byte, k) 93 | out := bytes.NewBuffer(iv) 94 | if err := priKeyIO(pri, bytes.NewReader(in), out, isEncrytp); err != nil { 95 | return nil, err 96 | } 97 | return ioutil.ReadAll(out) 98 | } 99 | } 100 | 101 | // 公钥加密或解密Reader 102 | func pubKeyIO(pub *rsa.PublicKey, in io.Reader, out io.Writer, isEncrytp bool) (err error) { 103 | k := (pub.N.BitLen() + 7) / 8 104 | if isEncrytp { 105 | k = k - 11 106 | } 107 | buf := make([]byte, k) 108 | var b []byte 109 | size := 0 110 | for { 111 | size, err = in.Read(buf) 112 | if err != nil { 113 | if err == io.EOF { 114 | return nil 115 | } 116 | return err 117 | } 118 | if size < k { 119 | b = buf[:size] 120 | } else { 121 | b = buf 122 | } 123 | if isEncrytp { 124 | b, err = rsa.EncryptPKCS1v15(rand.Reader, pub, b) 125 | } else { 126 | b, err = pubKeyDecrypt(pub, b) 127 | } 128 | if err != nil { 129 | return err 130 | } 131 | if _, err = out.Write(b); err != nil { 132 | return err 133 | } 134 | } 135 | return nil 136 | } 137 | 138 | // 私钥加密或解密Reader 139 | func priKeyIO(pri *rsa.PrivateKey, r io.Reader, w io.Writer, isEncrytp bool) (err error) { 140 | k := (pri.N.BitLen() + 7) / 8 141 | if isEncrytp { 142 | k = k - 11 143 | } 144 | buf := make([]byte, k) 145 | var b []byte 146 | size := 0 147 | for { 148 | size, err = r.Read(buf) 149 | if err != nil { 150 | if err == io.EOF { 151 | return nil 152 | } 153 | return err 154 | } 155 | if size < k { 156 | b = buf[:size] 157 | } else { 158 | b = buf 159 | } 160 | if isEncrytp { 161 | b, err = priKeyEncrypt(rand.Reader, pri, b) 162 | } else { 163 | b, err = rsa.DecryptPKCS1v15(rand.Reader, pri, b) 164 | } 165 | if err != nil { 166 | return err 167 | } 168 | if _, err = w.Write(b); err != nil { 169 | return err 170 | } 171 | } 172 | return nil 173 | } 174 | 175 | // 公钥解密 176 | func pubKeyDecrypt(pub *rsa.PublicKey, data []byte) ([]byte, error) { 177 | k := (pub.N.BitLen() + 7) / 8 178 | if k != len(data) { 179 | return nil, ErrDataLen 180 | } 181 | m := new(big.Int).SetBytes(data) 182 | if m.Cmp(pub.N) > 0 { 183 | return nil, ErrDataToLarge 184 | } 185 | m.Exp(m, big.NewInt(int64(pub.E)), pub.N) 186 | d := leftPad(m.Bytes(), k) 187 | if d[0] != 0 { 188 | return nil, ErrDataBroken 189 | } 190 | if d[1] != 0 && d[1] != 1 { 191 | return nil, ErrKeyPairDismatch 192 | } 193 | var i = 2 194 | for ; i < len(d); i++ { 195 | if d[i] == 0 { 196 | break 197 | } 198 | } 199 | i++ 200 | if i == len(d) { 201 | return nil, nil 202 | } 203 | return d[i:], nil 204 | } 205 | 206 | // 私钥加密 207 | func priKeyEncrypt(rand io.Reader, priv *rsa.PrivateKey, hashed []byte) ([]byte, error) { 208 | tLen := len(hashed) 209 | k := (priv.N.BitLen() + 7) / 8 210 | if k < tLen+11 { 211 | return nil, ErrDataLen 212 | } 213 | em := make([]byte, k) 214 | em[1] = 1 215 | for i := 2; i < k-tLen-1; i++ { 216 | em[i] = 0xff 217 | } 218 | copy(em[k-tLen:k], hashed) 219 | m := new(big.Int).SetBytes(em) 220 | c, err := decrypt(rand, priv, m) 221 | if err != nil { 222 | return nil, err 223 | } 224 | copyWithLeftPad(em, c.Bytes()) 225 | return em, nil 226 | } 227 | 228 | // 从crypto/rsa复制 229 | var bigZero = big.NewInt(0) 230 | var bigOne = big.NewInt(1) 231 | 232 | // 从crypto/rsa复制 233 | func encrypt(c *big.Int, pub *rsa.PublicKey, m *big.Int) *big.Int { 234 | e := big.NewInt(int64(pub.E)) 235 | c.Exp(m, e, pub.N) 236 | return c 237 | } 238 | 239 | // 从crypto/rsa复制 240 | func decrypt(random io.Reader, priv *rsa.PrivateKey, c *big.Int) (m *big.Int, err error) { 241 | if c.Cmp(priv.N) > 0 { 242 | err = ErrDecryption 243 | return 244 | } 245 | var ir *big.Int 246 | if random != nil { 247 | var r *big.Int 248 | 249 | for { 250 | r, err = rand.Int(random, priv.N) 251 | if err != nil { 252 | return 253 | } 254 | if r.Cmp(bigZero) == 0 { 255 | r = bigOne 256 | } 257 | var ok bool 258 | ir, ok = modInverse(r, priv.N) 259 | if ok { 260 | break 261 | } 262 | } 263 | bigE := big.NewInt(int64(priv.E)) 264 | rpowe := new(big.Int).Exp(r, bigE, priv.N) 265 | cCopy := new(big.Int).Set(c) 266 | cCopy.Mul(cCopy, rpowe) 267 | cCopy.Mod(cCopy, priv.N) 268 | c = cCopy 269 | } 270 | if priv.Precomputed.Dp == nil { 271 | m = new(big.Int).Exp(c, priv.D, priv.N) 272 | } else { 273 | m = new(big.Int).Exp(c, priv.Precomputed.Dp, priv.Primes[0]) 274 | m2 := new(big.Int).Exp(c, priv.Precomputed.Dq, priv.Primes[1]) 275 | m.Sub(m, m2) 276 | if m.Sign() < 0 { 277 | m.Add(m, priv.Primes[0]) 278 | } 279 | m.Mul(m, priv.Precomputed.Qinv) 280 | m.Mod(m, priv.Primes[0]) 281 | m.Mul(m, priv.Primes[1]) 282 | m.Add(m, m2) 283 | 284 | for i, values := range priv.Precomputed.CRTValues { 285 | prime := priv.Primes[2+i] 286 | m2.Exp(c, values.Exp, prime) 287 | m2.Sub(m2, m) 288 | m2.Mul(m2, values.Coeff) 289 | m2.Mod(m2, prime) 290 | if m2.Sign() < 0 { 291 | m2.Add(m2, prime) 292 | } 293 | m2.Mul(m2, values.R) 294 | m.Add(m, m2) 295 | } 296 | } 297 | if ir != nil { 298 | m.Mul(m, ir) 299 | m.Mod(m, priv.N) 300 | } 301 | 302 | return 303 | } 304 | 305 | // 从crypto/rsa复制 306 | func copyWithLeftPad(dest, src []byte) { 307 | numPaddingBytes := len(dest) - len(src) 308 | for i := 0; i < numPaddingBytes; i++ { 309 | dest[i] = 0 310 | } 311 | copy(dest[numPaddingBytes:], src) 312 | } 313 | 314 | // 从crypto/rsa复制 315 | func nonZeroRandomBytes(s []byte, rand io.Reader) (err error) { 316 | _, err = io.ReadFull(rand, s) 317 | if err != nil { 318 | return 319 | } 320 | for i := 0; i < len(s); i++ { 321 | for s[i] == 0 { 322 | _, err = io.ReadFull(rand, s[i:i+1]) 323 | if err != nil { 324 | return 325 | } 326 | s[i] ^= 0x42 327 | } 328 | } 329 | return 330 | } 331 | 332 | // 从crypto/rsa复制 333 | func leftPad(input []byte, size int) (out []byte) { 334 | n := len(input) 335 | if n > size { 336 | n = size 337 | } 338 | out = make([]byte, size) 339 | copy(out[len(out)-n:], input) 340 | return 341 | } 342 | 343 | // 从crypto/rsa复制 344 | func modInverse(a, n *big.Int) (ia *big.Int, ok bool) { 345 | g := new(big.Int) 346 | x := new(big.Int) 347 | y := new(big.Int) 348 | g.GCD(x, y, a, n) 349 | if g.Cmp(bigOne) != 0 { 350 | return 351 | } 352 | if x.Cmp(bigOne) < 0 { 353 | x.Add(x, n) 354 | } 355 | return x, true 356 | } 357 | --------------------------------------------------------------------------------