diff --git a/dri/rsa/deencrypt.go b/dri/rsa/deencrypt.go new file mode 100644 index 0000000..a590cfa --- /dev/null +++ b/dri/rsa/deencrypt.go @@ -0,0 +1,143 @@ +package rsa + +import ( + "crypto/rand" + "crypto/rsa" + "crypto/x509" + "encoding/asn1" + "encoding/pem" + "fmt" + "os" +) + +func FileGet(path string) []byte { + file, err := os.Open(path) + if err != nil { + panic(err) + } + defer file.Close() + //读取文件的内容 + info, _ := file.Stat() + buf := make([]byte, info.Size()) + file.Read(buf) + return buf +} + +//RSA加密 +// plainText 要加密的数据 +// path 公钥匙文件地址 +func RSA_Encrypt(plainText []byte, buf []byte) []byte { + //pem解码 + block, _ := pem.Decode(buf) + //x509解码 + + publicKeyInterface, err := x509.ParsePKIXPublicKey(block.Bytes) + if err != nil { + panic(err) + } + //类型断言 + publicKey := publicKeyInterface.(*rsa.PublicKey) + //对明文进行加密 + cipherText, err := rsa.EncryptPKCS1v15(rand.Reader, publicKey, plainText) + if err != nil { + panic(err) + } + //返回密文 + return cipherText +} + +//RSA解密 +// cipherText 需要解密的byte数据 +// path 私钥文件路径 +func RSA_Decrypt(cipherText []byte, buf []byte) []byte { + + //pem解码 + block, _ := pem.Decode(buf) + //X509解码 + private, err := x509.ParsePKCS8PrivateKey(block.Bytes) + + if err != nil { + panic(err) + } + //对密文进行解密 + //plainText,_:=rsa.DecryptPKCS1v15(rand.Reader,privateKey,cipherText) + + v, err := rsa.DecryptPKCS1v15(rand.Reader, private.(*rsa.PrivateKey), cipherText) + //返回明文 + return v +} +func MarshalPKCS8PrivateKey(key *rsa.PrivateKey) []byte { + info := struct { + Version int + PrivateKeyAlgorithm []asn1.ObjectIdentifier + PrivateKey []byte + }{} + info.Version = 0 + info.PrivateKeyAlgorithm = make([]asn1.ObjectIdentifier, 1) + info.PrivateKeyAlgorithm[0] = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 1, 1} + info.PrivateKey = x509.MarshalPKCS1PrivateKey(key) + + k, err := asn1.Marshal(info) + if err != nil { + panic(err.Error()) + } + return k +} + +func Demo() { + //生成密钥对,保存到文件 + GenerateRSAKey(2048, "./") + //加密 + data := []byte("hello world") + encrypt := RSA_Encrypt(data, FileGet("public.pem")) + fmt.Println(string(encrypt)) + + // 解密 + decrypt := RSA_Decrypt(encrypt, FileGet("private.pem")) + fmt.Println(string(decrypt)) +} + +//生成RSA私钥和公钥,保存到文件中 +// bits 证书大小 +func GenerateRSAKey(bits int, path string) { + //GenerateKey函数使用随机数据生成器random生成一对具有指定字位数的RSA密钥 + //Reader是一个全局、共享的密码用强随机数生成器 + privateKey, err := rsa.GenerateKey(rand.Reader, bits) + if err != nil { + panic(err) + } + //保存私钥 + //通过x509标准将得到的ras私钥序列化为ASN.1 的 DER编码字符串 + X509PrivateKey := x509.MarshalPKCS1PrivateKey(privateKey) + //使用pem格式对x509输出的内容进行编码 + //创建文件保存私钥 + privateFile, err := os.Create(path + "private.pem") + if err != nil { + panic(err) + } + defer privateFile.Close() + //构建一个pem.Block结构体对象 + privateBlock := pem.Block{Type: "RSA Private Key", Bytes: X509PrivateKey} + //将数据保存到文件 + pem.Encode(privateFile, &privateBlock) + + //保存公钥 + //获取公钥的数据 + publicKey := privateKey.PublicKey + //X509对公钥编码 + X509PublicKey, err := x509.MarshalPKIXPublicKey(&publicKey) + if err != nil { + panic(err) + } + //pem格式编码 + //创建用于保存公钥的文件 + publicFile, err := os.Create(path + "public.pem") + if err != nil { + panic(err) + } + defer publicFile.Close() + //创建一个pem.Block结构体对象 + publicBlock := pem.Block{Type: "RSA Public Key", Bytes: X509PublicKey} + //保存到文件 + pem.Encode(publicFile, &publicBlock) +} diff --git a/example/app/init.go b/example/app/init.go index 48849ae..aa21204 100644 --- a/example/app/init.go +++ b/example/app/init.go @@ -4,11 +4,17 @@ import ( . "../../../hotime" . "../../../hotime/common" "bytes" + "crypto/rand" + "crypto/rsa" "crypto/sha256" + "crypto/x509" + "encoding/base64" "encoding/hex" + "encoding/pem" "fmt" "io/ioutil" "net/http" + "net/url" "time" ) @@ -82,3 +88,34 @@ func tencentSendYzm(umobile, code string) error { fmt.Println("response Body:", string(body)) return nil } + +var privateKey = `-----BEGIN RSA Private Key----- +MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAJJuFUH/4m9H5hCCzxtd9BxpjWlG9gbejqiJpV0XJKaU1V7xDBJasswxPY7Zc15RoxWClPoKPwKrbWKm49dgBJebJq5xd4sLCSbboxRkKxpRiJHMZ4LJjYa5h9Ei9RyfoUzqGHqH4UrDy3m3IwPiP19cIBqoU50shyQf92ZpcGZhAgMBAAECgYEAiadU8pODoUs82x6tZbPALQmJN4PO+wwznfqv6sA74yGdKECAMazz0oMjtGt1SiCCqFD2jcweCftvvELZg3mvNg1V0vRQRD1ZCA8HDp8DXm20d11K3+RX39tR4KgyyM3HsSEhkUDujMxKIpYjyiB5iEtV7Ja9bZ2fROszq+mUIqUCQQDQQf6vWRMLBqfnDcU77vuDGOhXbjkF2ytLxLW3fbKaW3GWvC3n93zPM+mcvWSXgkl448+jFjpMktm1Vn+w+YX3AkEAs/+bbRbod6AcVbLu8C5E44qDRoRpu+LF7Cphp8tlSAIRjm2yGP5acMWGRUtH9MF2QJYPF0PgDzdmUSVqWnCAZwJBALnSuRri4wAKn1SmT+ALfLZcSiyBODZGeppv2ijw6qWahH8YR+ncRaxoyMFHqPMbmM1akJIXqktbGREaLnPOIb8CQQCdJycJaL3Qa98xR4dr9cm5rF6PO96g5w6M8jfO6ztjUkMHymh7f99wpFRlvaN2Y06edyV315ARWPohEPy5N44zAkBlLuDHLm1TkTTAfdlL5r2OcdjpaJYloTdn05Mp3+J+w1zTX8k6Mz8lFZtLUcoMeTfQ9rm/+u2KwxS8NljtSZWH +-----END RSA Private Key----- +` + +func RSA_Decrypt(cipherTextBase64 string) string { + cipherText, _ := base64.StdEncoding.DecodeString(cipherTextBase64) + buf := []byte(privateKey) + //pem解码 + block, _ := pem.Decode(buf) + //X509解码 + private, err := x509.ParsePKCS8PrivateKey(block.Bytes) + + if err != nil { + return "" + } + //对密文进行解密 + //plainText,_:=rsa.DecryptPKCS1v15(rand.Reader,privateKey,cipherText) + + v, err := rsa.DecryptPKCS1v15(rand.Reader, private.(*rsa.PrivateKey), cipherText) + if err != nil { + return "" + } + //返回明文 + v1, err1 := url.QueryUnescape(string(v)) + if err1 != nil { + return "" + } + return v1 +} diff --git a/example/app/user.go b/example/app/user.go index 65b6752..566ae8d 100644 --- a/example/app/user.go +++ b/example/app/user.go @@ -13,6 +13,45 @@ var userCtr = Ctr{ "test": func(this *Context) { this.Session("id", 1) }, + //自带的登录 + "login": func(this *Context) { + + phone := RSA_Decrypt(this.Req.FormValue("phone")) + idcard := RSA_Decrypt(this.Req.FormValue("idcard")) + name := RSA_Decrypt(this.Req.FormValue("name")) + + if len(phone) != 11 || + len(idcard) != 18 || + len(name) < 1 { + this.Display(3, "数据校验不通过") + } + + user := this.Db.Get("user", "*", Map{"phone": phone}) + + if user == nil { + user = Map{"phone": phone, "idcard": idcard, "name": name, "create_time": time.Now().Unix(), "modify_time": time.Now().Unix()} + user["id"] = this.Db.Insert("user", user) + + } else { + user["phone"] = phone + user["idcard"] = idcard + user["name"] = name + user["modify_time"] = time.Now().Unix() + re := this.Db.Update("user", user, Map{"id": user.GetCeilInt64("id")}) + if re == 0 { + this.Display(4, "系统错误") + return + } + } + + if user.GetCeilInt64("id") == 0 { + this.Display(5, "登录失败") + return + } + this.Session("id", user.GetCeilInt("id")) + this.Display(0, "登录成功") + + }, "add": func(this *Context) { if this.Req.FormValue("code") != this.Session("code").ToStr() || this.Req.FormValue("phone") != this.Session("phone").ToStr() { @@ -48,6 +87,7 @@ var userCtr = Ctr{ } this.Session("id", user.GetCeilInt("id")) + this.Session("code", nil) this.Display(0, "登录成功") }, diff --git a/example/bzyy.exe b/example/bzyy.exe index 1e94fc3..ef7c079 100644 Binary files a/example/bzyy.exe and b/example/bzyy.exe differ