Skip to main content

非对称 加密

const (
	PEM_BEGIN = "-----BEGIN RSA PRIVATE KEY-----\n"
	PEM_END   = "\n-----END RSA PRIVATE KEY-----"
)

func FormatPrivateKey(privateKey string) string {
	if !strings.HasPrefix(privateKey, PEM_BEGIN) {
		privateKey = PEM_BEGIN + privateKey
	}
	if !strings.HasSuffix(privateKey, PEM_END) {
		privateKey = privateKey + PEM_END
	}
	return privateKey
}


func RsaSign(signContent string, privateKey string, hash crypto.Hash) string {
	shaNew := hash.New()
	shaNew.Write([]byte(signContent))
	hashed := shaNew.Sum(nil)
	priKey, err := ParsePrivateKey(privateKey, "PKCS1")
	if err != nil {
		panic(err)
	}

	signature, err := rsa.SignPKCS1v15(rand.Reader, priKey, hash, hashed)
	if err != nil {
		panic(err)
	}
	return base64.StdEncoding.EncodeToString(signature)
}
func ParsePrivateKey(privateKey, keyType string) (*rsa.PrivateKey, error) {
	privateKey = FormatPrivateKey(privateKey)
	// 2、解码私钥字节,生成加密对象
	block, _ := pem.Decode([]byte(privateKey))
	if block == nil {
		return nil, errors.New("私钥信息错误!")
	}
	var priKey *rsa.PrivateKey
	var err error

	// 3、解析DER编码的私钥,生成私钥对象
	if keyType == "PKCS1" {
		priKey, err = x509.ParsePKCS1PrivateKey(block.Bytes)
		if err != nil {
			return nil, err
		}
	} else if keyType == "PKCS8" {
		prkI, err := x509.ParsePKCS8PrivateKey([]byte(privateKey))
		if err != nil {
			return nil, err
		}
		priKey = prkI.(*rsa.PrivateKey)
		//ciphertext := ""
		//rsa.DecryptPKCS1v15(rand.Reader, priKey, []byte(ciphertext))
	} else {
		return nil, fmt.Errorf("unsupport private key type")
	}

	return priKey, nil
}