secret

package module
v0.0.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 4, 2021 License: MIT Imports: 31 Imported by: 5

README

secret

usual encryption algorithm written in go

Function
Cipher
Type Mode Padding
DES ECB/CBC PKCS5/PKCS7/Zero/None
3DES ECB/CBC PKCS5/PKCS7/Zero/None
AES ECB/CBC PKCS5/PKCS7/Zero/None
DES CFB/OFB/CTR/GCM
3DES CFB/OFB/CTR/GCM
AES CFB/OFB/CTR/GCM
RC4 - -
RSA Encrypt/Decrypt/Sign/Verify -
Hash
Name
Hash
DoubleHash
Sign&&Verify
Name Description
ECC(ECDSA) Sign/Verify
DSA Sign/Verify
EdDSA Sign/Verify
Example
package main

import (
	"crypto/rand"
	"fmt"
	"github.com/pyihe/secret"
	"io"
)

func main() {
    var c = secret.NewCipher()
    var nonce = make([]byte, 12) // 随机向量
    _, _ = io.ReadFull(rand.Reader, nonce)
    //encrypt
    var encryptReq = &secret.SymRequest{
        PlainData:   "I Love China!",
        Key:         []byte("1234567812345678"),
        Type:        secret.SymTypeAES,
        ModeType:    secret.BlockModeGCM,
        PaddingType: secret.PaddingTypeNoPadding,
        AddData:     []byte("this is additional data"),
        Nonce:       nonce,
    }
    cipherStr, err := c.SymEncryptToString(encryptReq)
    if err != nil {
        //handle err
    }
    
    //decrypt
    //if decrypts in another server with GCM mode, then your need to set nonce to decrypt
    var decryptReq = &secret.SymRequest{
        PlainData:   nil,
        CipherData:  cipherStr,
        Key:         []byte("1234567812345678"),
        Type:        secret.SymTypeAES,
        ModeType:    secret.BlockModeGCM,
        PaddingType: secret.PaddingTypeNoPadding,
        AddData:     []byte("this is additional data"),
        Nonce:       nonce, // this value must be the same with encryptReq
    }
    plainBytes, err := c.SymDecrypt(decryptReq)
    if err != nil {
        //handle err
    }
    //unmarshal plainBytes or use it directly
    
    //c.SetRSAKey(privateKey, secret.PKCSLevel1) to set key if key is already exist
    _, _, err = c.GenerateRSAKey(4096, "../conf", secret.PKCSLevel1)
    if err != nil {
        //handle err
    }
    
    cipherStr, err = c.RSAEncryptToString(plainBytes, secret.RSAEncryptTypeOAEP, nil)
    if err != nil {
        //handle err
    }
    plainBytes, err = c.RSADecrypt(cipherStr, secret.RSAEncryptTypeOAEP, nil)
    if err != nil {
        //handle err
    }
    //output: I Love China!
    fmt.Printf("%s\n", plainBytes)
}

Documentation

Index

Constants

View Source 
const (
	SymTypeDES symType = iota + 1
	SymTypeTripleDes
	SymTypeAES
)
View Source 
const (
	BlockModeECB blockMode = iota + 1
	BlockModeCBC
	BlockModeCFB
	BlockModeOFB
	BlockModeCTR
	BlockModeGCM
)
View Source 
const (
	PaddingTypeNoPadding paddingType = iota //接口不对数据进行填充处理,需要自己手动填充(加解密双方自行定义填充方式)
	PaddingTypePKCS5                        //PKCS5
	PaddingTypePKCS7                        //PKCS7
	PaddingTypeZeros                        //用0作为填充
)
View Source 
const (
	PKCSLevel1 pKCSLevel = iota + 1 //PKCS#1
	PKCSLevel8                      //PKCS#8
)
View Source 
const (
	RSAEncryptTypeOAEP     rSAEncryptType = iota + 1 //使用RSA-OAEP算法加密, 推荐使用
	RSAEncryptTypePKCS1v15                           //使用PKCS#1 v1.5规定的填充方案和RSA算法加密,加密的数据量有限
)
View Source 
const (
	RSASignTypePKCS1v15 rSASignType = iota + 1
	RSASignTypePSS
)
View Source 
const (
	ECCCurveTypeP224 eccCurveType = iota + 1
	ECCCurveTypeP256
	ECCCurveTypeP384
	ECCCurveTypeP521
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Cipher 

type Cipher interface {
	//RC4
	//加密,返回[]byte
	RC4EncryptToBytes(data interface{}, key []byte) ([]byte, error)
	//加密,返回base64 string
	RC4EncryptToString(data interface{}, key []byte) (string, error)
	//解密[]byte
	RC4Decrypt(encryptData interface{}, key []byte) ([]byte, error)

	//AES/DES/3DES
	//加密,返回[]byte
	SymEncryptToBytes(request *SymRequest) (encryptData []byte, err error)
	//加密,返回base64 string
	SymEncryptToString(request *SymRequest) (encryptString string, err error)
	//解密[]byte
	SymDecrypt(request *SymRequest) (originalData []byte, err error)

	//RSA
	//设置私钥
	SetRSAPrivateKey(privateFile interface{}, pkcsLevel pKCSLevel) error
	//设置公钥
	SetRSAPublicKey(publicData interface{}, level pKCSLevel) error
	//生成密钥对
	GenerateRSAKey(bits int, saveDir string, pkcsLevel pKCSLevel) (privateFile, publicFile string, err error)
	//加密,返回[]byte
	RSAEncryptToBytes(data interface{}, rsaType rSAEncryptType, label []byte) (cipherBytes []byte, err error)
	//加密,返回base64 string
	RSAEncryptToString(data interface{}, rsaType rSAEncryptType, label []byte) (cipherString string, err error)
	//解密
	RSADecrypt(cipherBytes interface{}, rsaType rSAEncryptType, label []byte) (data []byte, err error)
	//签名, 返回[]byte
	RSASignToBytes(data interface{}, signType rSASignType, hashType crypto.Hash) (signBytes []byte, err error)
	//签名, 返回string
	RSASignToString(data interface{}, signType rSASignType, hashType crypto.Hash) (signString string, err error)
	//验证签名结果
	RSAVerify(signBytes interface{}, data interface{}, signType rSASignType, hashType crypto.Hash) (ok bool, err error)
}

对称加密器(包括DES/3DES/AES/RC4)

func NewCipher 

func NewCipher() Cipher

type Hasher 

type Hasher interface {
	HashToString(data interface{}, hashType crypto.Hash) (hashString string, err error)
	HashToBytes(data interface{}, hashType crypto.Hash) (hashBytes []byte, err error)
	DoubleHashToString(data interface{}, hashType crypto.Hash) (hashString string, err error)
	DoubleHashToBytes(data interface{}, hashType crypto.Hash) (hashBytes []byte, err error)
	MAC(hashType crypto.Hash, message, key []byte) (mac []byte)
	MacToString(hashType crypto.Hash, message, key []byte) (mac string)
	CheckMac(hashType crypto.Hash, message, key, mac []byte) bool
}

hash

func NewHasher 

func NewHasher() Hasher

type Signer 

type Signer interface {
	//ECC椭圆曲线签名
	SetECCKey(privateFile string) error
	GenerateECCKey(curveType eccCurveType, saveDir string) (privateFile, publicFile string, err error)
	EccSignToBytes(data interface{}, hashType crypto.Hash) ([]byte, error)
	EccSignToString(data interface{}, hashType crypto.Hash) (string, error)
	EccVerify(signData interface{}, originalData interface{}, hashType crypto.Hash) (ok bool, err error)

	//DSA签名
	GenerateDSAKey(size dsa.ParameterSizes) (err error)
	GetDSAPrivateKey() *dsa.PrivateKey
	DSASignToBytes(data interface{}, hashType crypto.Hash) ([]byte, error)
	DSASignToString(data interface{}, hashType crypto.Hash) (string, error)
	DSAVerify(data interface{}, signed interface{}, hashType crypto.Hash) (bool, error)

	//Ed25519签名
	GetEd25519Key() (ed25519.PublicKey, ed25519.PrivateKey)
	Ed25519SignToBytes(data interface{}) ([]byte, error)
	Ed25519SignToString(data interface{}) (string, error)
	Ed25519Verify(data interface{}, signed interface{}) (bool, error)
}

数字签名

func NewSigner 

func NewSigner() Signer

type SymRequest 

type SymRequest struct {
	PlainData   interface{} //明文,用于加密
	CipherData  interface{} //密文,用于解密,两种类型:[]byte或者string
	Key         []byte      //密钥
	Type        symType     //加密类型
	ModeType    blockMode   //分组方式
	PaddingType paddingType //填充方式
	Iv          []byte      //iv
	AddData     []byte      //GCM模式下额外的验证数据, 如果使用GCM模式, 需要将nonce传递给解密方
	Nonce       []byte      // GCM模式下的加密、解密随机向量
}

对称加密消息请求

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.