Skip to content

Commit

Permalink
修复解密 pkcs8 错误
Browse files Browse the repository at this point in the history
  • Loading branch information
@deatil
deatil committed Aug 8, 2022
1 parent 8b18587 commit fb599d6
Show file tree
Hide file tree
Showing 10 changed files with 236 additions and 207 deletions.
30 changes: 17 additions & 13 deletions cryptobin/dh/dh/dh_from.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,24 +46,28 @@ func (this Dh) FromPublicKey(key []byte) Dh {
}

// 生成密钥
func (this Dh) GenerateKey(typ string) Dh {
var param dh.Parameters
func (this Dh) GenerateKey(name string) Dh {
var param dh.GroupID

switch typ {
case "P512":
param = dh.P512()
case "P1024":
param = dh.P1024()
case "P2048_2":
param = dh.P2048_2()
switch name {
case "P1001":
param = dh.P1001
case "P1002":
param = dh.P1002
case "P1536":
param = dh.P1536
case "P2048":
param = dh.P2048()
param = dh.P2048
case "P3072":
param = dh.P3072()
param = dh.P3072
case "P4096":
param = dh.P4096()
param = dh.P4096
case "P6144":
param = dh.P6144
case "P8192":
param = dh.P8192
default:
param = dh.P2048()
param = dh.P2048
}

this.privateKey, this.publicKey, this.Error = dh.GenerateKey(param, rand.Reader)
Expand Down
215 changes: 92 additions & 123 deletions dhd/dh/dh.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,20 @@ import (
"errors"
"crypto"
"math/big"
crypto_rand "crypto/rand"
)

// 分组 id
type GroupID uint

const (
P1001 GroupID = 1 + iota
P1002
P1536
P2048
P3072
P4096
P6144
P8192
)

var zero *big.Int = big.NewInt(0)
Expand Down Expand Up @@ -52,7 +65,12 @@ func (this *PrivateKey) Public() crypto.PublicKey {
}

// 生成证书
func GenerateKey(param Parameters, rand io.Reader) (*PrivateKey, *PublicKey, error) {
func GenerateKey(groupID GroupID, rand io.Reader) (*PrivateKey, *PublicKey, error) {
param, err := GetMODPGroup(groupID)
if err != nil {
return nil, nil, err
}

if param.P == nil {
err := errors.New("crypto/dh: prime is nil")
return nil, nil, err
Expand All @@ -62,15 +80,14 @@ func GenerateKey(param Parameters, rand io.Reader) (*PrivateKey, *PublicKey, err
return nil, nil, err
}

if rand == nil {
rand = crypto_rand.Reader
}

min := big.NewInt(int64(param.P.BitLen() + 1))
bytes := make([]byte, (param.P.BitLen()+7)/8)

private := &PrivateKey{}
private.PublicKey.Parameters = param
private.PublicKey.Parameters = Parameters{
P: param.P,
G: param.G,
}

for private.X == nil {
_, err := io.ReadFull(rand, bytes)
Expand Down Expand Up @@ -106,131 +123,83 @@ func ComputeSecret(private *PrivateKey, peersPublic *PublicKey) *big.Int {
return secret
}

func IsSafePrimeGroup(param Parameters, n int) bool {
func IsSafePrimeGroup(param Group, n int) bool {
q := new(big.Int).Sub(param.P, one)
q = q.Div(q, two)

return q.ProbablyPrime(n)
}

// DH groups defined in https://www.ietf.org/rfc/rfc3526.txt
const (
// The 2048 bit prime form 3.
rfc3526_2048G = "02"
rfc3526_2048P = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3" +
"404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BF" +
"B5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C6" +
"2F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28" +
"FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF"

// The 3072 bit prime form 4.
rfc3526_3072G = "02"
rfc3526_3072P = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3" +
"404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BF" +
"B5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C6" +
"2F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28" +
"FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1" +
"CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA0" +
"6D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B8" +
"2D120A93AD2CAFFFFFFFFFFFFFFFF"

// The 4096 bit prime form 5.
rfc3526_4096G = "02"
rfc3526_4096P = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3" +
"404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BF" +
"B5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C6" +
"2F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28" +
"FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1" +
"CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA0" +
"6D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B8" +
"2D120A92108011A723C12A787E6D788719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB04DE8EF" +
"92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B" +
"05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199FFFFFFFFFFFFFFFF"

// ==========

// The 512 bit prime
rfc3526_512G = "02"
rfc3526_512P = "DAF00FD157678582D295554714D3FBE6B4CB639C31202B6040BB395D7C1326CAADCE1393B5C06BEB441227FD80E8397613181909B66564DC360D8557357971E3"

// The 1024 bit prime
rfc3526_1024G = "02"
rfc3526_1024P = "E3C82FD592C82ABDD5A3AB4271E8298A16D7A77337C2205514B2016AFA6849325F736D876EB0A7B0B5C895CA526D8EF81F54850A05272B05DF75A2276938976586EFD45668028C97A2D974EEFFB52E0C5FFE8D7C81DC9285A77BAC30987E1BCB7FB21367D9C0DE6F8D339B9A161E15A96FB89D68BFE4B51E5D8B35ED11D5BF63"

// The 2048 bit prime
rfc3526_2048G2 = "02"
rfc3526_2048P2 = "D646294E051E6B2AB3BA057F489DF6A58E1CE5D542B4436A19AE49AF2B08A73B08F0F3DD7B0F1B0839D8140561DFB3994A663AAA624F4DE9E8E2A9803588592841C5E5F1E11ADBCA75DF78F369A8F7598262794F144F49E7655C07702A951903CD2FA553100B05D41641A97541DA6D8253126B3A378718FB370C51F39D2F732CAFD07357A5C9B1E9C7CFA9CD82C49C920C157B4356C4FF9CF57C37122C9C0D4809A1FC17595073FE1574411B72DD37E57E2A41E8B868898206E9BD409FF74C065922DFB24E047D8FFFB11F56039044E281B60351FE6E518B9FAEA6E705A9949EE6BF8FAA053591C561C097165621D7017348910B78F3A298FCACF49C8C174853"
)

// described in RFC 3526 (3.). The prime is a 2048 bit value.
func P2048() Parameters {
p, _ := new(big.Int).SetString(rfc3526_2048P, 16)
g, _ := new(big.Int).SetString(rfc3526_2048G, 16)

ret := Parameters{
P: p,
G: g,
}
return ret
}

// described in RFC 3526 (4.). The prime is a 3072 bit value.
func P3072() Parameters {
p, _ := new(big.Int).SetString(rfc3526_3072P, 16)
g, _ := new(big.Int).SetString(rfc3526_3072G, 16)

ret := Parameters{
P: p,
G: g,
}
return ret
}

// described in RFC 3526 (5.). The prime is a 4096 bit value.
func P4096() Parameters {
p, _ := new(big.Int).SetString(rfc3526_2048P, 16)
g, _ := new(big.Int).SetString(rfc3526_2048G, 16)

ret := Parameters{
P: p,
G: g,
}

return ret
}

// 512, 适配网络在线生成
func P512() Parameters {
p, _ := new(big.Int).SetString(rfc3526_512P, 16)
g, _ := new(big.Int).SetString(rfc3526_512G, 16)
// 分组数据
type Group struct {
// The prime
P *big.Int

ret := Parameters{
P: p,
G: g,
}
return ret
// The generator
G *big.Int
}

// 1024, 适配网络在线生成
func P1024() Parameters {
p, _ := new(big.Int).SetString(rfc3526_1024P, 16)
g, _ := new(big.Int).SetString(rfc3526_1024G, 16)

ret := Parameters{
P: p,
G: g,
// Current minimum recommendation is 2048 bit with id=14.
func GetMODPGroup(groupID GroupID) (group *Group, err error) {
switch groupID {
case P1001:
p, _ := new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF", 16)
group = &Group{
G: big.NewInt(2),
P: p,
}
case P1002:
p, _ := new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF", 16)
group = &Group{
G: big.NewInt(2),
P: p,
}
// 1536-bit
case P1536:
p, _ := new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF", 16)
group = &Group{
G: big.NewInt(2),
P: p,
}
// 2048-bit
case P2048:
p, _ := new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF", 16)
group = &Group{
G: big.NewInt(2),
P: p,
}
// 3072-bit
case P3072:
p, _ := new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF", 16)
group = &Group{
G: big.NewInt(2),
P: p,
}
// 4096-bit
case P4096:
p, _ := new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199FFFFFFFFFFFFFFFF", 16)
group = &Group{
G: big.NewInt(2),
P: p,
}
// 6144-bit
case P6144:
p, _ := new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C93402849236C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AACC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E6DCC4024FFFFFFFFFFFFFFFF", 16)
group = &Group{
G: big.NewInt(2),
P: p,
}
// 8192-bit
case P8192:
p, _ := new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C93402849236C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AACC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E6DBE115974A3926F12FEE5E438777CB6A932DF8CD8BEC4D073B931BA3BC832B68D9DD300741FA7BF8AFC47ED2576F6936BA424663AAB639C5AE4F5683423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD922222E04A4037C0713EB57A81A23F0C73473FC646CEA306B4BCBC8862F8385DDFA9D4B7FA2C087E879683303ED5BDD3A062B3CF5B3A278A66D2A13F83F44F82DDF310EE074AB6A364597E899A0255DC164F31CC50846851DF9AB48195DED7EA1B1D510BD7EE74D73FAF36BC31ECFA268359046F4EB879F924009438B481C6CD7889A002ED5EE382BC9190DA6FC026E479558E4475677E9AA9E3050E2765694DFC81F56E880B96E7160C980DD98EDD3DFFFFFFFFFFFFFFFF", 16)
group = &Group{
G: big.NewInt(2),
P: p,
}
default:
group = nil
err = errors.New("DH: Unknown group")
}
return ret
}

// 2048, 适配网络在线生成
func P2048_2() Parameters {
p, _ := new(big.Int).SetString(rfc3526_2048P2, 16)
g, _ := new(big.Int).SetString(rfc3526_2048G2, 16)

ret := Parameters{
P: p,
G: g,
}
return ret
return
}
2 changes: 1 addition & 1 deletion docs/dhd.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ func main() {
fs := filesystem.New()

// 生成证书
// 可用参数 [P512 | P1024 | P2048_2 | P2048 | P3072 | P4096]
// 可用参数 [P1001 | P1002 | P1536 | P2048 | P3072 | P4096 | P6144 | P8192]
obj := cryptobin_dh.New().
GenerateKey("P512")

Expand Down
Loading

0 comments on commit fb599d6

Please sign in to comment.