From cfcb2686f9b2684cbff349ec84585504fc944a71 Mon Sep 17 00:00:00 2001 From: deatil <2217957370@qq.com> Date: Tue, 20 Feb 2024 12:55:41 +0800 Subject: [PATCH] =?UTF-8?q?=E5=AE=8C=E5=96=84=E6=96=87=E6=A1=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cryptobin/ed448/create.go | 16 +-- docs/dsa.md | 157 +++++++++++++++++++-------- docs/ecdh.md | 117 +++++++++++++------- docs/ecdsa.md | 67 +++++++++--- docs/ed448.md | 141 +++++++++++++++++------- docs/eddsa.md | 142 +++++++++++++++++------- docs/elgamal.md | 222 ++++++++++++++++++++++++++------------ docs/encrypt.md | 9 +- docs/rsa.md | 80 +++++++++----- docs/sm2.md | 18 +++- gm/sm2/marshal.go | 8 +- 11 files changed, 678 insertions(+), 299 deletions(-) diff --git a/cryptobin/ed448/create.go b/cryptobin/ed448/create.go index 9edb4872..c33f233e 100644 --- a/cryptobin/ed448/create.go +++ b/cryptobin/ed448/create.go @@ -5,24 +5,24 @@ import ( "crypto/rand" "encoding/pem" + "github.com/deatil/go-cryptobin/pkcs8" "github.com/deatil/go-cryptobin/ed448" - cryptobin_pkcs8 "github.com/deatil/go-cryptobin/pkcs8" ) type ( // 配置 - Opts = cryptobin_pkcs8.Opts + Opts = pkcs8.Opts // PBKDF2 配置 - PBKDF2Opts = cryptobin_pkcs8.PBKDF2Opts + PBKDF2Opts = pkcs8.PBKDF2Opts // Scrypt 配置 - ScryptOpts = cryptobin_pkcs8.ScryptOpts + ScryptOpts = pkcs8.ScryptOpts ) var ( // 获取 Cipher 类型 - GetCipherFromName = cryptobin_pkcs8.GetCipherFromName + GetCipherFromName = pkcs8.GetCipherFromName // 获取 hash 类型 - GetHashFromName = cryptobin_pkcs8.GetHashFromName + GetHashFromName = pkcs8.GetHashFromName ) // 生成私钥 pem 数据 @@ -55,7 +55,7 @@ func (this ED448) CreatePrivateKeyWithPassword(password string, opts ...any) ED4 return this.AppendError(err) } - opt, err := cryptobin_pkcs8.ParseOpts(opts...) + opt, err := pkcs8.ParseOpts(opts...) if err != nil { return this.AppendError(err) } @@ -67,7 +67,7 @@ func (this ED448) CreatePrivateKeyWithPassword(password string, opts ...any) ED4 } // 生成加密数据 - privateBlock, err := cryptobin_pkcs8.EncryptPEMBlock( + privateBlock, err := pkcs8.EncryptPEMBlock( rand.Reader, "ENCRYPTED PRIVATE KEY", x509PrivateKey, diff --git a/docs/dsa.md b/docs/dsa.md index e67ec79e..3944bd71 100644 --- a/docs/dsa.md +++ b/docs/dsa.md @@ -1,70 +1,135 @@ ### DSA 使用说明 -* 使用 [pkcs1 / pkcs8] 证书,默认为 pkcs1 证书 +* 包引入 / import pkg ~~~go -package main - import ( - "fmt" - - "github.com/deatil/lakego-filesystem/filesystem" - cryptobin_dsa "github.com/deatil/go-cryptobin/cryptobin/dsa" + "github.com/deatil/go-cryptobin/cryptobin/dsa" ) +~~~ -func main() { - // 文件管理器 - fs := filesystem.New() +* 数据输入方式 / input funcs +~~~go +FromBytes(data []byte) +FromString(data string) +FromBase64String(data string) +FromHexString(data string) +~~~ + +* 数据输出方式 / output funcs +~~~go +ToBytes() +ToString() +ToBase64String() +ToHexString() +~~~ + +* 获取 error / get error +~~~go +Error() +~~~ - // 生成证书 +* 生成证书 / make keys +~~~go +func main() { // 可用参数 [L1024N160 | L2048N224 | L2048N256 | L3072N256] - dsa := cryptobin_dsa.New().GenerateKey("L2048N256") - dsaPriKey := dsa. + obj := dsa.New().GenerateKey("L2048N256") + + // 生成私钥 + // create private key + var PriKeyPem string = obj. CreatePrivateKey(). // CreatePrivateKeyWithPassword("123", "AES256CBC"). + // CreatePKCS1PrivateKey(). + // CreatePKCS1PrivateKeyWithPassword("123", "AES256CBC"). // CreatePKCS8PrivateKey(). - // CreatePKCS8PrivateKeyWithPassword("123", "AES256CBC"). + // CreatePKCS8PrivateKeyWithPassword("123", "AES256CBC", "SHA256"). + // CreateXMLPrivateKey(). ToKeyString() - dsaPubKey := dsa. - CreatePublicKey(). + + // 自定义私钥加密类型 + // use custom encrypt options + var PriKeyPem string = obj. + CreatePKCS8PrivateKeyWithPassword("123", rsa.Opts{ + Cipher: rsa.GetCipherFromName("AES256CBC"), + KDFOpts: rsa.ScryptOpts{ + CostParameter: 1 << 15, + BlockSize: 8, + ParallelizationParameter: 1, + SaltSize: 8, + }, + }). + ToKeyString() + + // 生成公钥 + // create public key + var PubKeyPem string = obj. + CreatePKCS1PublicKey(). // CreatePKCS8PublicKey(). + // CreateXMLPublicKey(). ToKeyString() - fs.Put("./runtime/key/dsa", dsaPriKey) - fs.Put("./runtime/key/dsa.pub", dsaPubKey) +} +~~~ + +* 签名验证 / sign data +~~~go +func main() { + obj := dsa.New() + + // 待签名数据 + // no sign data + var data string = "..." - // 验证 - dsa := cryptobin_dsa.New() + // 签名数据 + // sign data + var sigBase64String string = "..." - dsaPri, _ := fs.Get("./runtime/key/dsa") - dsacypt := dsa. - FromString("test-pass"). - FromPrivateKey([]byte(dsaPri)). - // FromPrivateKeyWithPassword([]byte(dsaPri), "123"). - // FromPKCS8PrivateKey([]byte(dsaPri)). - // FromPKCS8PrivateKeyWithPassword([]byte(dsaPri), "123"). + // 私钥签名 + // private key sign data + var priKeyPem string = "" + sigBase64String = obj. + FromString(data). + FromPrivateKey([]byte(priKeyPem)). + // FromPrivateKeyWithPassword([]byte(priKeyPem), "123"). + // FromPKCS1PrivateKey([]byte(priKeyPem)). + // FromPKCS1PrivateKeyWithPassword([]byte(priKeyPem), "123"). + // FromPKCS8PrivateKey([]byte(priKeyPem)). + // FromPKCS8PrivateKeyWithPassword([]byte(priKeyPem), "123"). + // FromXMLPrivateKey([]byte(priKeyXML)). + SetSignHash("SHA256"). Sign(). ToBase64String() - dsaPub, _ := fs.Get("./runtime/key/dsa.pub") - dsacyptde := dsa. - FromBase64String("MjkzNzYzMDE1NjgzNDExMTM0ODE1MzgxOTAxMDIxNzQ0Nzg3NTc3NTAxNTU2MDIwNzg4OTc1MzY4Mzc0OTE5NzcyOTg3NjI1MTc2OTErNDgzNDU3NDAyMzYyODAzMDM3MzE1NjE1NDk1NDEzOTQ4MDQ3NDQ3ODA0MDE4NDY5NDA1OTA3ODExNjM1Mzk3MDEzOTY4MTM5NDg2NDc="). - FromPublicKey([]byte(dsaPub)). - // FromPKCS8PublicKey([]byte(dsaPub)). - Verify([]byte("test-pass")). + + // 公钥验证 + // public key verify signed data + var pubKeyPem string = "" + var res bool = obj. + FromBase64String(sigBase64String). + FromPublicKey([]byte(pubKeyPem)). + // FromPKCS1PublicKey([]byte(pubKeyPem)). + // FromPKCS8PublicKey([]byte(pubKeyPem)). + // FromXMLPublicKey([]byte(pubKeyXML)). + SetSignHash("SHA256"). + Verify([]byte(data)). ToVerify() +} +~~~ - // 检测私钥公钥是否匹配 - pri, _ := fs.Get(prifile) - pub, _ := fs.Get(pubfile) +* 检测私钥公钥是否匹配 / Check KeyPair +~~~go +func main() { + var prikeyPem string = "..." + var pubkeyPem string = "..." - res := cryptobin_dsa.New(). - FromPKCS8PrivateKey([]byte(pri)). - // FromPrivateKey([]byte(pri)). - // FromPrivateKeyWithPassword([]byte(pri), "123"). - // FromPKCS8PrivateKeyWithPassword([]byte(pri), "123"). - // FromPublicKey([]byte(pub)). - FromPKCS8PublicKey([]byte(pub)). + var res bool = dsa.New(). + // FromPrivateKey([]byte(prikeyPem)). + // FromPrivateKeyWithPassword([]byte(prikeyPem), "123"). + // FromPKCS1PrivateKey([]byte(prikeyPem)). + // FromPKCS1PrivateKeyWithPassword([]byte(prikeyPem), "123"). + FromPKCS8PrivateKey([]byte(prikeyPem)). + // FromPKCS8PrivateKeyWithPassword([]byte(prikeyPem), "123"). + // FromPublicKey([]byte(pubkeyPem)). + // FromPKCS1PublicKey([]byte(pubkeyPem)). + FromPKCS8PublicKey([]byte(pubkeyPem)). CheckKeyPair() - - fmt.Printf("check res: %#v", res) - } ~~~ diff --git a/docs/ecdh.md b/docs/ecdh.md index 4d7c82a0..e4e0c390 100644 --- a/docs/ecdh.md +++ b/docs/ecdh.md @@ -1,67 +1,104 @@ ### ECDH 使用文档 -该版本使用 go 标准库,go 最低版本需要 `1.20.1`。 - +* 包引入 / import pkg +~~~go +import ( + "github.com/deatil/go-cryptobin/cryptobin/ecdh" +) +~~~ -* ecdh 使用 +* 数据输入方式 / input funcs ~~~go -package main +FromBytes(data []byte) +FromString(data string) +FromBase64String(data string) +FromHexString(data string) +~~~ -import ( - "fmt" +* 数据输出方式 / output funcs +~~~go +ToBytes() +ToString() +ToBase64String() +ToHexString() +~~~ - "github.com/deatil/lakego-filesystem/filesystem" - cryptobin_ecdh "github.com/deatil/go-cryptobin/cryptobin/ecdh" -) +* 获取 error / get error +~~~go +Error() +~~~ +* 生成证书 / make keys +~~~go func main() { - // 文件管理器 - fs := filesystem.New() - - // 生成证书 // 可用参数 [P521 | P384 | P256 | X25519] - obj := cryptobin_ecdh.New(). - SetCurve("P256"). - GenerateKey() + obj := ecdh.New(). + SetCurve("P256"). + GenerateKey() + + // 私钥密码 + // privatekey password + var psssword string = "" - objPriKey := obj. + // 生成私钥 + // create private key + var PriKeyPem string = obj. CreatePrivateKey(). - // CreatePrivateKeyWithPassword("123", "AES256CBC"). + // CreatePrivateKeyWithPassword(psssword, "DESEDE3CBC"). ToKeyString() - objPubKey := obj. + + // 自定义私钥加密类型 + // use custom encrypt options + var PriKeyPem string = obj. + CreatePrivateKeyWithPassword(psssword, sm2.Opts{ + Cipher: sm2.GetCipherFromName("AES256CBC"), + KDFOpts: sm2.ScryptOpts{ + CostParameter: 1 << 15, + BlockSize: 8, + ParallelizationParameter: 1, + SaltSize: 8, + }, + }). + ToKeyString() + + // 生成公钥 + // create public key + var PubKeyPem string = obj. CreatePublicKey(). ToKeyString() - fs.Put("./runtime/key/ecdh/ecdh", objPriKey) - fs.Put("./runtime/key/ecdh/ecdh.pub", objPubKey) +} +~~~ - // 生成对称加密密钥 - obj := cryptobin_ecdh.New() +* 生成对称加密密钥 +~~~go +func main() { + var prikeyPem1 string = "..." + var pubkeyPem1 string = "..." - objPri1, _ := fs.Get("./runtime/key/ecdh/ecdh") - objPub1, _ := fs.Get("./runtime/key/ecdh/ecdh.pub") + var prikeyPem2 string = "..." + var pubkeyPem2 string = "..." - objPri2, _ := fs.Get("./runtime/key/ecdh/ecdh2") - objPub2, _ := fs.Get("./runtime/key/ecdh/ecdh2.pub") + // 私钥密码 + // privatekey password + var psssword string = "" - objSecret1 := obj. - FromPrivateKey([]byte(objPri1)). - // FromPrivateKeyWithPassword([]byte(objPri1), "123"). - FromPublicKey([]byte(objPub2)). + var secret1 string = obj. + FromPrivateKey([]byte(prikeyPem1)). + // FromPrivateKeyWithPassword([]byte(prikeyPem1), psssword). + FromPublicKey([]byte(pubkeyPem2)). CreateSecretKey(). ToHexString() - objSecret2 := obj. - FromPrivateKey([]byte(objPri2)). - // FromPrivateKeyWithPassword([]byte(objPri2), "123"). - FromPublicKey([]byte(objPub1)). + var secret2 string = obj. + FromPrivateKey([]byte(prikeyPem2)). + // FromPrivateKeyWithPassword([]byte(prikeyPem2), psssword). + FromPublicKey([]byte(pubkeyPem1)). CreateSecretKey(). ToHexString() - dhStatus := false - if objSecret1 == objSecret2) { - dhStatus = true + status := false + if secret1 == secret2) { + status = true } - - fmt.Println("生成的密钥是否相同结果: ", dhStatus) } ~~~ diff --git a/docs/ecdsa.md b/docs/ecdsa.md index 752a0bdf..03cd48ca 100644 --- a/docs/ecdsa.md +++ b/docs/ecdsa.md @@ -7,15 +7,34 @@ import ( ) ~~~ -* 数据输入方式 -`FromBytes(data []byte)`, `FromString(data string)`, `FromBase64String(data string)`, `FromHexString(data string)` +* 数据输入方式 / input funcs +~~~go +FromBytes(data []byte) +FromString(data string) +FromBase64String(data string) +FromHexString(data string) +~~~ + +* 数据输出方式 / output funcs +~~~go +ToBytes() +ToString() +ToBase64String() +ToHexString() +~~~ -* 数据输出方式 -`ToBytes()`, `ToString()`, `ToBase64String()`, `ToHexString()`, +* 获取 error / get error +~~~go +Error() +~~~ * 生成证书 ~~~go func main() { + // 私钥密码 + // privatekey password + var psssword string = "" + // 生成证书 // 可选参数 [P521 | P384 | P256 | P224] ec := ecdsa.GenerateKey("P521") @@ -23,11 +42,11 @@ func main() { // 生成私钥 PEM 证书 privateKeyString := ec. CreatePrivateKey(). - // CreatePrivateKeyWithPassword("123", "AES256CBC"). + // CreatePrivateKeyWithPassword(psssword, "AES256CBC"). // CreatePKCS1PrivateKey() // CreatePKCS1PrivateKeyWithPassword(password string, opts ...string) // CreatePKCS8PrivateKey(). - // CreatePKCS8PrivateKeyWithPassword("123", "AES256CBC", "SHA256"). + // CreatePKCS8PrivateKeyWithPassword(psssword, "AES256CBC", "SHA256"). ToKeyString() // 生成公钥 PEM 证书 @@ -41,27 +60,36 @@ func main() { 签名验证支持以下方式 ~~~ -sep符号分割: Sign(separator ...string) / Verify(data []byte, separator ...string) -ASN1方式: SignASN1() / VerifyASN1(data []byte) -字节组合: SignBytes() / VerifyBytes(data []byte) +符号分割: +Sign(separator ...string) / Verify(data []byte, separator ...string) + +ASN1编码: +SignASN1() / VerifyASN1(data []byte) + +字节拼接: +SignBytes() / VerifyBytes(data []byte) ~~~ 示例 ~~~go func main() { + // 私钥密码 + // privatekey password + var psssword string = "" + // 私钥签名 var pri []byte = []byte("...") var base64signedString string = ecdsa. FromString("test-pass"). FromPrivateKey(pri). - // FromPrivateKeyWithPassword(pri, "123"). + // FromPrivateKeyWithPassword(pri, psssword). // FromPKCS1PrivateKey(pri). - // FromPKCS1PrivateKeyWithPassword(pri, "123"). + // FromPKCS1PrivateKeyWithPassword(pri, psssword). // FromPKCS8PrivateKey(pri). - // FromPKCS8PrivateKeyWithPassword(pri, "123"). + // FromPKCS8PrivateKeyWithPassword(pri, psssword). Sign(). ToBase64String() - + // 公钥验证 var pub []byte = []byte("...") var base64signedString string = "..." @@ -75,7 +103,7 @@ func main() { * 加密解密 -ECDSA 加密使用自身的 ECDH 生成密钥,使用 AES 对称加密解密数据 +ECDSA 加密使用自身的 ECDH 生成的密钥,使用 AES 对称加密解密数据 ~~~go func main() { @@ -116,11 +144,20 @@ Vu0zCh5hkl/0r9vPzPeqGpHJv3eJw/zF+gZWxn2LvLcKkQTcGutSwVdVRQ== * 检测私钥公钥是否匹配 ~~~go func main() { + // 私钥密码 + // privatekey password + var psssword string = "" + var prikeyPem []byte = []byte("...") var pubkeyPem []byte = []byte("...") var res bool = ecdsa.New(). - FromPrivateKey(prikey). + FromPrivateKey(pri). + // FromPrivateKeyWithPassword(pri, psssword). + // FromPKCS1PrivateKey(pri). + // FromPKCS1PrivateKeyWithPassword(pri, psssword). + // FromPKCS8PrivateKey(pri). + // FromPKCS8PrivateKeyWithPassword(pri, psssword). FromPublicKey(pubkey). CheckKeyPair() } diff --git a/docs/ed448.md b/docs/ed448.md index 0b4c6720..1f76561c 100644 --- a/docs/ed448.md +++ b/docs/ed448.md @@ -1,45 +1,98 @@ ### ED448 使用说明 -* 使用 +* 包引入 / import pkg ~~~go -package main - import ( - "fmt" - "github.com/deatil/go-cryptobin/cryptobin/ed448" - "github.com/deatil/lakego-filesystem/filesystem" ) +~~~ + +* 数据输入方式 / input funcs +~~~go +FromBytes(data []byte) +FromString(data string) +FromBase64String(data string) +FromHexString(data string) +~~~ + +* 数据输出方式 / output funcs +~~~go +ToBytes() +ToString() +ToBase64String() +ToHexString() +~~~ + +* 获取 error / get error +~~~go +Error() +~~~ +* 生成证书 / make keys +~~~go func main() { - // 文件管理器 - fs := filesystem.New() + obj := ed448.New().GenerateKey() - // 生成证书 - obj := ed448. - New(). - GenerateKey() + // 私钥密码 + // privatekey password + var psssword string = "" - objPriKey := obj. + // 生成私钥 + // create private key + var PriKeyPem string = obj. CreatePrivateKey(). - // CreatePrivateKeyWithPassword("123", "AES256CBC"). + // CreatePrivateKeyWithPassword(psssword, "DESEDE3CBC"). + ToKeyString() + + // 自定义私钥加密类型 + // use custom encrypt options + var PriKeyPem string = obj. + CreatePrivateKeyWithPassword(psssword, sm2.Opts{ + Cipher: sm2.GetCipherFromName("AES256CBC"), + KDFOpts: sm2.ScryptOpts{ + CostParameter: 1 << 15, + BlockSize: 8, + ParallelizationParameter: 1, + SaltSize: 8, + }, + }). ToKeyString() - objPubKey := obj. + + // 生成公钥 + // create public key + var PubKeyPem string = obj. CreatePublicKey(). ToKeyString() - fs.Put("./runtime/key/ed448", objPriKey) - fs.Put("./runtime/key/ed448.pub", objPubKey) +} +~~~ + +* 签名验证 / sign data +~~~go +func main() { + // 待签名数据 + // no sign data + var data string = "..." + + // 签名数据 + // sign data + var sigBase64String string = "..." - // 验证 - obj2 := ed448.New() + // 私钥密码 + // privatekey password + var psssword string = "" - ctx := "123sedrftd35" + // ctx 数据 + var ctx string = "" - obj2Pri, _ := fs.Get("./runtime/key/ed448") - obj2cypt := obj2. - FromString("test-pass"). - FromPrivateKey([]byte(obj2Pri)). - // FromPrivateKeyWithPassword([]byte(obj2Pri), "123"). + obj := ed448.New() + + // 私钥签名 + // private key sign data + var priKeyPem string = "" + sigBase64String = obj. + FromString(data). + FromPrivateKey([]byte(priKeyPem)). + // FromPrivateKeyWithPassword([]byte(priKeyPem), psssword). // 其他设置, 默认为 ED448 模式, ctx 为空 // SetOptions("ED448", ""). // SetOptions("ED448", ctx). @@ -47,27 +100,35 @@ func main() { Sign(). ToBase64String() - obj2Pub, _ := fs.Get("./runtime/key/ed448.pub") - obj2cyptde := obj2. - FromBase64String("MjkzNzYzMDE1NjgzNDExMTM0ODE1MzgxOTAxMDIxNzQ0Nzg3NTc3NTAxNTU2MDIwNzg4OTc1MzY4Mzc0OTE5NzcyOTg3NjI1MTc2OTErNDgzNDU3NDAyMzYyODAzMDM3MzE1NjE1NDk1NDEzOTQ4MDQ3NDQ3ODA0MDE4NDY5NDA1OTA3ODExNjM1Mzk3MDEzOTY4MTM5NDg2NDc="). - FromPublicKey([]byte(obj2Pub)). + // 公钥验证 + // public key verify signed data + var pubKeyPem string = "" + var res bool = obj. + FromBase64String(sigBase64String). + FromPublicKey([]byte(pubKeyPem)). + // 其他设置, 默认为 ED448 模式, ctx 为空 // SetOptions("ED448", ""). // SetOptions("ED448", ctx). // SetOptions("ED448Ph", ctx). - Verify([]byte("test-pass")). + Verify([]byte(data)). ToVerify() +} +~~~ - // 检测私钥公钥是否匹配 - pri, _ := fs.Get(prifile) - pub, _ := fs.Get(pubfile) - - res := ed448. - New(). - FromPrivateKey([]byte(pri)). - FromPublicKey([]byte(pub)). - CheckKeyPair() +* 检测私钥公钥是否匹配 / Check KeyPair +~~~go +func main() { + var prikeyPem string = "..." + var pubkeyPem string = "..." - fmt.Printf("check res: %#v", res) + // 私钥密码 + // privatekey password + var psssword string = "" + var res bool = ed448.New(). + FromPrivateKey([]byte(prikeyPem)). + // FromPrivateKeyWithPassword([]byte(prikeyPem), psssword). + FromPublicKey([]byte(pubkeyPem)). + CheckKeyPair() } ~~~ diff --git a/docs/eddsa.md b/docs/eddsa.md index 3384b8cf..8a81f5cf 100644 --- a/docs/eddsa.md +++ b/docs/eddsa.md @@ -1,45 +1,98 @@ ### EdDSA 使用说明 -* 使用 +* 包引入 / import pkg ~~~go -package main - import ( - "fmt" - - cryptobin "github.com/deatil/go-cryptobin/cryptobin/eddsa" - "github.com/deatil/lakego-filesystem/filesystem" + "github.com/deatil/go-cryptobin/cryptobin/eddsa" ) +~~~ + +* 数据输入方式 / input funcs +~~~go +FromBytes(data []byte) +FromString(data string) +FromBase64String(data string) +FromHexString(data string) +~~~ + +* 数据输出方式 / output funcs +~~~go +ToBytes() +ToString() +ToBase64String() +ToHexString() +~~~ + +* 获取 error / get error +~~~go +Error() +~~~ +* 生成证书 / make keys +~~~go func main() { - // 文件管理器 - fs := filesystem.New() + obj := eddsa.New().GenerateKey() - // 生成证书 - obj := cryptobin. - NewEdDSA(). - GenerateKey() + // 私钥密码 + // privatekey password + var psssword string = "" - objPriKey := obj. + // 生成私钥 + // create private key + var PriKeyPem string = obj. CreatePrivateKey(). - // CreatePrivateKeyWithPassword("123", "AES256CBC"). + // CreatePrivateKeyWithPassword(psssword, "DESEDE3CBC"). + ToKeyString() + + // 自定义私钥加密类型 + // use custom encrypt options + var PriKeyPem string = obj. + CreatePrivateKeyWithPassword(psssword, sm2.Opts{ + Cipher: sm2.GetCipherFromName("AES256CBC"), + KDFOpts: sm2.ScryptOpts{ + CostParameter: 1 << 15, + BlockSize: 8, + ParallelizationParameter: 1, + SaltSize: 8, + }, + }). ToKeyString() - objPubKey := obj. + + // 生成公钥 + // create public key + var PubKeyPem string = obj. CreatePublicKey(). ToKeyString() - fs.Put("./runtime/key/eddsa", objPriKey) - fs.Put("./runtime/key/eddsa.pub", objPubKey) +} +~~~ + +* 签名验证 / sign data +~~~go +func main() { + // 待签名数据 + // no sign data + var data string = "..." + + // 签名数据 + // sign data + var sigBase64String string = "..." - // 验证 - obj2 := cryptobin.NewEdDSA() + // 私钥密码 + // privatekey password + var psssword string = "" - ctx := "123sedrftd35" + // ctx 数据 + var ctx string = "" - obj2Pri, _ := fs.Get("./runtime/key/eddsa") - obj2cypt := obj2. - FromString("test-pass"). - FromPrivateKey([]byte(obj2Pri)). - // FromPrivateKeyWithPassword([]byte(obj2Pri), "123"). + obj := eddsa.New() + + // 私钥签名 + // private key sign data + var priKeyPem string = "" + sigBase64String = obj. + FromString(data). + FromPrivateKey([]byte(priKeyPem)). + // FromPrivateKeyWithPassword([]byte(priKeyPem), psssword). // 其他设置, 默认为 Ed25519 模式 // SetOptions("Ed25519ph", ctx). // SetOptions("Ed25519ctx", ctx). @@ -47,26 +100,35 @@ func main() { Sign(). ToBase64String() - obj2Pub, _ := fs.Get("./runtime/key/eddsa.pub") - obj2cyptde := obj2. - FromBase64String("MjkzNzYzMDE1NjgzNDExMTM0ODE1MzgxOTAxMDIxNzQ0Nzg3NTc3NTAxNTU2MDIwNzg4OTc1MzY4Mzc0OTE5NzcyOTg3NjI1MTc2OTErNDgzNDU3NDAyMzYyODAzMDM3MzE1NjE1NDk1NDEzOTQ4MDQ3NDQ3ODA0MDE4NDY5NDA1OTA3ODExNjM1Mzk3MDEzOTY4MTM5NDg2NDc="). - FromPublicKey([]byte(obj2Pub)). + // 公钥验证 + // public key verify signed data + var pubKeyPem string = "" + var res bool = obj. + FromBase64String(sigBase64String). + FromPublicKey([]byte(pubKeyPem)). + // 其他设置, 默认为 Ed25519 模式 // SetOptions("Ed25519ph", ctx). // SetOptions("Ed25519ctx", ctx). // SetOptions("Ed25519"). - Verify([]byte("test-pass")). + Verify([]byte(data)). ToVerify() +} +~~~ - // 检测私钥公钥是否匹配 - pri, _ := fs.Get(prifile) - pub, _ := fs.Get(pubfile) - - res := cryptobin_eddsa.New(). - FromPrivateKey([]byte(pri)). - FromPublicKey([]byte(pub)). - CheckKeyPair() +* 检测私钥公钥是否匹配 / Check KeyPair +~~~go +func main() { + var prikeyPem string = "..." + var pubkeyPem string = "..." - fmt.Printf("check res: %#v", res) + // 私钥密码 + // privatekey password + var psssword string = "" + var res bool = eddsa.New(). + FromPrivateKey([]byte(prikeyPem)). + // FromPrivateKeyWithPassword([]byte(prikeyPem), psssword). + FromPublicKey([]byte(pubkeyPem)). + CheckKeyPair() } ~~~ diff --git a/docs/elgamal.md b/docs/elgamal.md index 7c037f35..ced01d89 100644 --- a/docs/elgamal.md +++ b/docs/elgamal.md @@ -1,101 +1,181 @@ ### ElGamal 使用说明 -* 使用 [pkcs1 / pkcs8] 证书,默认为 pkcs1 证书 +* 包引入 / import pkg ~~~go -package main - import ( - "fmt" - - "github.com/deatil/lakego-filesystem/filesystem" "github.com/deatil/go-cryptobin/cryptobin/elgamal" ) +~~~ + +* 数据输入方式 / input funcs +~~~go +FromBytes(data []byte) +FromString(data string) +FromBase64String(data string) +FromHexString(data string) +~~~ +* 数据输出方式 / output funcs +~~~go +ToBytes() +ToString() +ToBase64String() +ToHexString() +~~~ + +* 获取 error / get error +~~~go +Error() +~~~ + +* 生成证书 / make keys +~~~go func main() { - // 文件管理器 - fs := filesystem.New() + obj := elgamal.New().GenerateKey(256, 64) + + // 私钥密码 + // privatekey password + var psssword string = "" - // 生成证书 - elg := elgamal.New().GenerateKey(256, 64) - elgPriKey := elg. + // 生成私钥 + // create private key + var PriKeyPem string = obj. CreatePrivateKey(). - // CreatePrivateKeyWithPassword("123", "DESEDE3CBC"). + // CreatePrivateKeyWithPassword(psssword, "DESEDE3CBC"). // CreatePKCS1PrivateKey(). - // CreatePKCS1PrivateKeyWithPassword("123", "DESEDE3CBC"). + // CreatePKCS1PrivateKeyWithPassword(psssword, "DESEDE3CBC"). // CreatePKCS8PrivateKey(). - // CreatePKCS8PrivateKeyWithPassword("123", "AES256CBC"). + // CreatePKCS8PrivateKeyWithPassword(psssword, "AES256CBC"). + ToKeyString() + + // 自定义私钥加密类型 + // use custom encrypt options + var PriKeyPem string = obj. + CreatePKCS8PrivateKeyWithPassword(psssword, sm2.Opts{ + Cipher: sm2.GetCipherFromName("AES256CBC"), + KDFOpts: sm2.ScryptOpts{ + CostParameter: 1 << 15, + BlockSize: 8, + ParallelizationParameter: 1, + SaltSize: 8, + }, + }). ToKeyString() - elgPubKey := elg. + + // 生成公钥 + // create public key + var PubKeyPem string = obj. CreatePublicKey(). // CreatePKCS1PublicKey(). // CreatePKCS8PublicKey(). ToKeyString() - fs.Put("./runtime/key/elg", elgPriKey) - fs.Put("./runtime/key/elg.pub", elgPubKey) - - // 验证 - elg := elgamal.New() - - elgPri, _ := fs.Get("./runtime/key/elg") - elgcypt := elg. - FromString("test-pass"). - FromPrivateKey([]byte(elgPri)). - // FromPrivateKeyWithPassword([]byte(elgPri), "123"). - // FromPKCS1PrivateKey([]byte(elgPri)). - // FromPKCS1PrivateKeyWithPassword([]byte(elgPri), "123"). - // FromPKCS8PrivateKey([]byte(elgPri)). - // FromPKCS8PrivateKeyWithPassword([]byte(elgPri), "123"). +} +~~~ + +* 签名验证 / sign data +~~~go +func main() { + // 待签名数据 + // no sign data + var data string = "..." + + // 签名数据 + // sign data + var sigBase64String string = "..." + + // 私钥密码 + // privatekey password + var psssword string = "" + + obj := elgamal.New() + + // 私钥签名 + // private key sign data + var priKeyPem string = "" + sigBase64String = obj. + FromString(data). + FromPrivateKey([]byte(priKeyPem)). + // FromPrivateKeyWithPassword([]byte(priKeyPem), psssword). + // FromPKCS1PrivateKey([]byte(priKeyPem)). + // FromPKCS1PrivateKeyWithPassword([]byte(priKeyPem), psssword). + // FromPKCS8PrivateKey([]byte(priKeyPem)). + // FromPKCS8PrivateKeyWithPassword([]byte(priKeyPem), psssword). Sign(). ToBase64String() - elgPub, _ := fs.Get("./runtime/key/elg.pub") - elgcyptde := elg. - FromBase64String("MjkzNzYzMDE1NjgzNDExMTM0ODE1MzgxOTAxMDIxNzQ0Nzg3NTc3NTAxNTU2MDIwNzg4OTc1MzY4Mzc0OTE5NzcyOTg3NjI1MTc2OTErNDgzNDU3NDAyMzYyODAzMDM3MzE1NjE1NDk1NDEzOTQ4MDQ3NDQ3ODA0MDE4NDY5NDA1OTA3ODExNjM1Mzk3MDEzOTY4MTM5NDg2NDc="). - FromPublicKey([]byte(elgPub)). - // FromPKCS1PublicKey([]byte(elgPub)). - // FromPKCS8PublicKey([]byte(elgPub)). - Verify([]byte("test-pass")). + + // 公钥验证 + // public key verify signed data + var pubKeyPem string = "" + var res bool = obj. + FromBase64String(sigBase64String). + FromPublicKey([]byte(pubKeyPem)). + // FromPKCS1PublicKey([]byte(pubKeyPem)). + // FromPKCS8PublicKey([]byte(pubKeyPem)). + Verify([]byte(data)). ToVerify() +} +~~~ + +* 加密解密 - 公钥加密/私钥解密 / Encrypt with public key +~~~go +func main() { + obj := elgamal.New() + + // 待加密数据 + // no sign data + var data string = "..." - // 加密解密 - elg := elgamal.New() + // 私钥密码 + // privatekey password + var psssword string = "" - elgPub, _ := fs.Get("./runtime/key/elg.pub") - elgcypt := elg. - FromString("test-pass"). - FromPublicKey([]byte(elgPub)). - // FromPKCS1PublicKey([]byte(elgPub)). - // FromPKCS8PublicKey([]byte(elgPub)). + // 公钥加密 + // public key Encrypt data + var pubKeyPem string = "" + var enData string = obj. + FromString(data). + FromPublicKey([]byte(pubKeyPem)). + // FromPKCS1PublicKey([]byte(pubKeyPem)). + // FromPKCS8PublicKey([]byte(pubKeyPem)). Encrypt(). ToBase64String() - elgPri, _ := fs.Get("./runtime/key/elg") - elgcyptde := elg. - FromBase64String("MjkzNzYzMDE1NjgzNDExMTM0ODE1MzgxOTAxMDIxNzQ0Nzg3NTc3NTAxNTU2MDIwNzg4OTc1MzY4Mzc0OTE5NzcyOTg3NjI1MTc2OTErNDgzNDU3NDAyMzYyODAzMDM3MzE1NjE1NDk1NDEzOTQ4MDQ3NDQ3ODA0MDE4NDY5NDA1OTA3ODExNjM1Mzk3MDEzOTY4MTM5NDg2NDc="). - FromPrivateKey([]byte(elgPri)). - // FromPrivateKeyWithPassword([]byte(elgPri), "123"). - // FromPKCS1PrivateKey([]byte(elgPri)). - // FromPKCS1PrivateKeyWithPassword([]byte(elgPri), "123"). - // FromPKCS8PrivateKey([]byte(elgPri)). - // FromPKCS8PrivateKeyWithPassword([]byte(elgPri), "123"). + + // 私钥解密 + // private key Decrypt data + var priKeyPem string = "" + var deData string = obj. + FromBase64String(enData). + FromPrivateKey([]byte(priKeyPem)). + // FromPrivateKeyWithPassword([]byte(priKeyPem), psssword). + // FromPKCS1PrivateKey([]byte(priKeyPem)). + // FromPKCS1PrivateKeyWithPassword([]byte(priKeyPem), psssword). + // FromPKCS8PrivateKey([]byte(priKeyPem)). + // FromPKCS8PrivateKeyWithPassword([]byte(priKeyPem), psssword). Decrypt(). - ToVerify() + ToString() +} +~~~ - // 检测私钥公钥是否匹配 - pri, _ := fs.Get(prifile) - pub, _ := fs.Get(pubfile) - - res := elgamal.New(). - FromPrivateKey([]byte(pri)). - // FromPrivateKeyWithPassword([]byte(pri), "123"). - FromPublicKey([]byte(pub)). - // FromPKCS1PrivateKey([]byte(pri)). - // FromPKCS1PrivateKeyWithPassword([]byte(pri), "123"). - // FromPKCS1PublicKey([]byte(pub)). - // FromPKCS8PrivateKey([]byte(pri)). - // FromPKCS8PrivateKeyWithPassword([]byte(pri), "123"). - // FromPKCS8PublicKey([]byte(pub)). - CheckKeyPair() +* 检测私钥公钥是否匹配 / Check KeyPair +~~~go +func main() { + var prikeyPem string = "..." + var pubkeyPem string = "..." - fmt.Printf("check res: %#v", res) + // 私钥密码 + // privatekey password + var psssword string = "" + var res bool = elgamal.New(). + // FromPrivateKey([]byte(prikeyPem)). + // FromPrivateKeyWithPassword([]byte(prikeyPem), psssword). + // FromPKCS1PrivateKey([]byte(prikeyPem)). + // FromPKCS1PrivateKeyWithPassword([]byte(prikeyPem), psssword). + FromPKCS8PrivateKey([]byte(prikeyPem)). + // FromPKCS8PrivateKeyWithPassword([]byte(prikeyPem), psssword). + // FromPublicKey([]byte(pubkeyPem)). + // FromPKCS1PublicKey([]byte(pubkeyPem)). + FromPKCS8PublicKey([]byte(pubkeyPem)). + CheckKeyPair() } ~~~ diff --git a/docs/encrypt.md b/docs/encrypt.md index 4ea41eae..736e1050 100644 --- a/docs/encrypt.md +++ b/docs/encrypt.md @@ -1,11 +1,4 @@ -### 使用方法 - -* 对称加密的 `key` 和输入输出数据通常都为大端数据(BigEndian)。 -* 本库对称加密数据以标准数据类型为依据,不提供大端小端的不同输入和输出。 -* 通俗的说就是只实现了对称加密文档提供的标准数据类型的输入和输出,不做额外的数据类型转换。 - - -### 开始使用 +### 对称加密使用说明 ~~~go package main diff --git a/docs/rsa.md b/docs/rsa.md index a634af3e..c9b5a47b 100644 --- a/docs/rsa.md +++ b/docs/rsa.md @@ -12,17 +12,33 @@ import ( ~~~ * 数据输入方式 / input funcs -`FromBytes(data []byte)`, `FromString(data string)`, `FromBase64String(data string)`, `FromHexString(data string)` +~~~go +FromBytes(data []byte) +FromString(data string) +FromBase64String(data string) +FromHexString(data string) +~~~ * 数据输出方式 / output funcs -`ToBytes()`, `ToString()`, `ToBase64String()`, `ToHexString()`, +~~~go +ToBytes() +ToString() +ToBase64String() +ToHexString() +~~~ * 获取 error / get error -`Error()` +~~~go +Error() +~~~ * 生成证书 / make keys ~~~go func main() { + // 私钥密码 + // privatekey password + var psssword string = "" + // bits = 512 | 1024 | 2048 | 4096 obj := rsa.New(). GenerateKey(2048) @@ -32,18 +48,18 @@ func main() { // create private key var PriKeyPem string = obj. CreatePrivateKey(). - // CreatePrivateKeyWithPassword("123", "AES256CBC"). + // CreatePrivateKeyWithPassword(psssword, "AES256CBC"). // CreatePKCS1PrivateKey(). - // CreatePKCS1PrivateKeyWithPassword("123", "AES256CBC"). + // CreatePKCS1PrivateKeyWithPassword(psssword, "AES256CBC"). // CreatePKCS8PrivateKey(). - // CreatePKCS8PrivateKeyWithPassword("123", "AES256CBC", "SHA256"). + // CreatePKCS8PrivateKeyWithPassword(psssword, "AES256CBC", "SHA256"). // CreateXMLPrivateKey(). ToKeyString() // 自定义私钥加密类型 // use custom encrypt options var PriKeyPem string = obj. - CreatePKCS8PrivateKeyWithPassword("123", rsa.Opts{ + CreatePKCS8PrivateKeyWithPassword(psssword, rsa.Opts{ Cipher: rsa.GetCipherFromName("AES256CBC"), KDFOpts: rsa.ScryptOpts{ CostParameter: 1 << 15, @@ -68,32 +84,36 @@ func main() { ~~~go func main() { obj := rsa.New() - + // 待签名数据 // no sign data var data string = "..." - + // 签名数据 // sign data var sigBase64String string = "..." + // 私钥密码 + // privatekey password + var psssword string = "" + // 私钥签名 // private key sign data var priKeyPem string = "" sigBase64String = obj. FromString(data). FromPrivateKey([]byte(priKeyPem)). - // FromPrivateKeyWithPassword([]byte(priKeyPem), "123"). + // FromPrivateKeyWithPassword([]byte(priKeyPem), psssword). // FromPKCS1PrivateKey([]byte(priKeyPem)). - // FromPKCS1PrivateKeyWithPassword([]byte(priKeyPem), "123"). + // FromPKCS1PrivateKeyWithPassword([]byte(priKeyPem), psssword). // FromPKCS8PrivateKey([]byte(priKeyPem)). - // FromPKCS8PrivateKeyWithPassword([]byte(priKeyPem), "123"). + // FromPKCS8PrivateKeyWithPassword([]byte(priKeyPem), psssword). // FromXMLPrivateKey([]byte(priKeyXML)). SetSignHash("SHA256"). Sign(). // SignPSS(). ToBase64String() - + // 公钥验证 // public key verify signed data var pubKeyPem string = "" @@ -114,11 +134,15 @@ func main() { ~~~go func main() { obj := rsa.New() - + // 待加密数据 // no sign data var data string = "..." + // 私钥密码 + // privatekey password + var psssword string = "" + // 公钥加密 // public key Encrypt data var pubKeyPem string = "" @@ -138,11 +162,11 @@ func main() { var deData string = obj. FromBase64String(enData). FromPrivateKey([]byte(priKeyPem)). - // FromPrivateKeyWithPassword([]byte(priKeyPem), "123"). + // FromPrivateKeyWithPassword([]byte(priKeyPem), psssword). // FromPKCS1PrivateKey([]byte(priKeyPem)). - // FromPKCS1PrivateKeyWithPassword([]byte(priKeyPem), "123"). + // FromPKCS1PrivateKeyWithPassword([]byte(priKeyPem), psssword). // FromPKCS8PrivateKey([]byte(priKeyPem)). - // FromPKCS8PrivateKeyWithPassword([]byte(priKeyPem), "123"). + // FromPKCS8PrivateKeyWithPassword([]byte(priKeyPem), psssword). // FromXMLPrivateKey([]byte(priKeyXML)). Decrypt(). // DecryptOAEP("SHA1") @@ -154,22 +178,26 @@ func main() { ~~~go func main() { obj := rsa.New() - + // 待加密数据 // no sign data var data string = "..." + // 私钥密码 + // privatekey password + var psssword string = "" + // 私钥加密 // private key Decrypt data var priKeyPem string = "" var enData string = obj. FromString(data). FromPrivateKey([]byte(priKeyPem)). - // FromPrivateKeyWithPassword([]byte(priKeyPem), "123"). + // FromPrivateKeyWithPassword([]byte(priKeyPem), psssword). // FromPKCS1PrivateKey([]byte(priKeyPem)). - // FromPKCS1PrivateKeyWithPassword([]byte(priKeyPem), "123"). + // FromPKCS1PrivateKeyWithPassword([]byte(priKeyPem), psssword). // FromPKCS8PrivateKey([]byte(priKeyPem)). - // FromPKCS8PrivateKeyWithPassword([]byte(priKeyPem), "123"). + // FromPKCS8PrivateKeyWithPassword([]byte(priKeyPem), psssword). // FromXMLPrivateKey([]byte(priKeyXML)). PrivateKeyEncrypt(). ToBase64String() @@ -194,13 +222,17 @@ func main() { var prikeyPem string = "..." var pubkeyPem string = "..." + // 私钥密码 + // privatekey password + var psssword string = "" + var res bool = rsa.New(). // FromPrivateKey([]byte(prikeyPem)). - // FromPrivateKeyWithPassword([]byte(prikeyPem), "123"). + // FromPrivateKeyWithPassword([]byte(prikeyPem), psssword). // FromPKCS1PrivateKey([]byte(prikeyPem)). - // FromPKCS1PrivateKeyWithPassword([]byte(prikeyPem), "123"). + // FromPKCS1PrivateKeyWithPassword([]byte(prikeyPem), psssword). FromPKCS8PrivateKey([]byte(prikeyPem)). - // FromPKCS8PrivateKeyWithPassword([]byte(prikeyPem), "123"). + // FromPKCS8PrivateKeyWithPassword([]byte(prikeyPem), psssword). // FromPublicKey([]byte(pubkeyPem)). // FromPKCS1PublicKey([]byte(pubkeyPem)). FromPKCS8PublicKey([]byte(pubkeyPem)). diff --git a/docs/sm2.md b/docs/sm2.md index d73cd722..0feb2369 100644 --- a/docs/sm2.md +++ b/docs/sm2.md @@ -8,13 +8,25 @@ import ( ~~~ * 数据输入方式 / input funcs -`FromBytes(data []byte)`, `FromString(data string)`, `FromBase64String(data string)`, `FromHexString(data string)` +~~~go +FromBytes(data []byte) +FromString(data string) +FromBase64String(data string) +FromHexString(data string) +~~~ * 数据输出方式 / output funcs -`ToBytes()`, `ToString()`, `ToBase64String()`, `ToHexString()`, +~~~go +ToBytes() +ToString() +ToBase64String() +ToHexString() +~~~ * 获取 error / get error -`Error()` +~~~go +Error() +~~~ * 生成证书 / make keys ~~~go diff --git a/gm/sm2/marshal.go b/gm/sm2/marshal.go index cfd1a1aa..d31af060 100644 --- a/gm/sm2/marshal.go +++ b/gm/sm2/marshal.go @@ -30,15 +30,15 @@ func UnmarshalSignatureASN1(sign []byte) (*big.Int, *big.Int, error) { func marshalCipherBytes(curve elliptic.Curve, c []byte, mode Mode) []byte { byteLen := (curve.Params().BitSize + 7) / 8 - // C1C3C2 密文结构: 0x04 + x + y + hash + CipherText - // C1C2C3 密文结构: 0x04 + x + y + CipherText + hash + // C1C3C2 密文结构: x + y + hash + CipherText + // C1C2C3 密文结构: x + y + CipherText + hash switch mode { case C1C2C3: c1 := make([]byte, 2*byteLen) c2 := make([]byte, len(c) - 2*byteLen - 32) c3 := make([]byte, 32) - copy(c1, c[0:]) // x1, y1 + copy(c1, c[0:]) // x1, y1 copy(c3, c[2*byteLen:]) // hash copy(c2, c[2*byteLen+32:]) // 密文 @@ -74,7 +74,7 @@ func unmarshalCipherBytes(curve elliptic.Curve, data []byte, mode Mode) ([]byte, c2 := make([]byte, len(data) - 2*byteLen - 32) c3 := make([]byte, 32) - copy(c1, data[0:]) // x1, y1 + copy(c1, data[0:]) // x1, y1 copy(c2, data[2*byteLen:]) // 密文 copy(c3, data[len(data) - 32:]) // hash