Strona główna Odkrywaj Pomoc
Zarejestruj się Zaloguj się
wanghongzhi
/
easydo-echo_win7
1
0
Forkuj 0
Pliki Problemy 0 Oczekujące zmiany 0 Wiki
Gałąź: master
Gałęzie Tagi
easydo-echo_...
/
utils
/
rsa.go

rsa.go 2.4 KB
Bezpośredni odnośnik Historia Czysty

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 
  1. package utils
    2. 

  2. 

  3. import (
    4. 

  4. 	"crypto/rand"
    5. 

  5. 	"crypto/rsa"
    6. 

  6. 	"crypto/x509"
    7. 

  7. 	"encoding/base64"
    8. 

  8. 	"errors"
    9. 

  9. 	"fmt"
    10. 

  10. 

  11. 	"golang.org/x/crypto/bcrypt"
    12. 

  12. )
    13. 

  13. 

  14. const (
    15. 

  15. 	privateKeyText = "MIIBUwIBADANBgkqhkiG9w0BAQEFAASCAT0wggE5AgEAAkEA0vfvyTdGJkdbHkB8mp0f3FE0GYP3AYPaJF7jUd1M0XxFSE2ceK3k2kw20YvQ09NJKk+OMjWQl9WitG9pB6tSCQIDAQABAkA2SimBrWC2/wvauBuYqjCFwLvYiRYqZKThUS3MZlebXJiLB+Ue/gUifAAKIg1avttUZsHBHrop4qfJCwAI0+YRAiEA+W3NK/RaXtnRqmoUUkb59zsZUBLpvZgQPfj1MhyHDz0CIQDYhsAhPJ3mgS64NbUZmGWuuNKp5coY2GIj/zYDMJp6vQIgUueLFXv/eZ1ekgz2Oi67MNCk5jeTF2BurZqNLR3MSmUCIFT3Q6uHMtsB9Eha4u7hS31tj1UWE+D+ADzp59MGnoftAiBeHT7gDMuqeJHPL4b+kC+gzV4FGTfhR9q3tTbklZkD2A=="
    16. 

  16. )
    17. 

  17. 

  18. // privateKeyText: Base64编码的PKCS#8格式RSA私钥字符串
    19. 

  19. // text: Base64编码的密文字符串
    20. 

  20. func DecryptByPrivateKey(text string) (string, error) {
    21. 

  21. 	// 1. Base64解码私钥文本
    22. 

  22. 	privateKeyBytes, err := base64.StdEncoding.DecodeString(privateKeyText)
    23. 

  23. 	if err != nil {
    24. 

  24. 		return "", fmt.Errorf("私钥Base64解码失败: %w", err)
    25. 

  25. 	}
    26. 

  26. 

  27. 	// 2. 解析PKCS#8格式的私钥(对应Java的PKCS8EncodedKeySpec)
    28. 

  28. 	key, err := x509.ParsePKCS8PrivateKey(privateKeyBytes)
    29. 

  29. 	if err != nil {
    30. 

  30. 		return "", fmt.Errorf("解析PKCS#8私钥失败: %w", err)
    31. 

  31. 	}
    32. 

  32. 

  33. 	// 3. 断言为RSA私钥
    34. 

  34. 	privateKey, ok := key.(*rsa.PrivateKey)
    35. 

  35. 	if !ok {
    36. 

  36. 		return "", errors.New("私钥类型不是RSA")
    37. 

  37. 	}
    38. 

  38. 

  39. 	// 4. Base64解密密文
    40. 

  40. 	cipherText, err := base64.StdEncoding.DecodeString(text)
    41. 

  41. 	if err != nil {
    42. 

  42. 		return "", fmt.Errorf("密文Base64解码失败: %w", err)
    43. 

  43. 	}
    44. 

  44. 

  45. 	// 5. RSA解密(Java默认是RSA/ECB/PKCS1Padding,对应Go的PKCS1v15填充)
    46. 

  46. 	plainText, err := rsa.DecryptPKCS1v15(rand.Reader, privateKey, cipherText)
    47. 

  47. 	if err != nil {
    48. 

  48. 		return "", fmt.Errorf("RSA解密失败: %w", err)
    49. 

  49. 	}
    50. 

  50. 

  51. 	// 6. 转换为字符串返回
    52. 

  52. 	return string(plainText), nil
    53. 

  53. }
    54. 

  54. 

  55. // EncodePassword 等价于Java的passwordEncoder.encode(),返回哈希后的密码字符串
    56. 

  56. func EncodePassword(rawPassword string) (string, error) {
    57. 

  57. 	// 生成盐值(cost取值4-31,值越高加密越慢越安全,默认10,与Java BCryptPasswordEncoder一致)
    58. 

  58. 	salt, err := bcrypt.GenerateFromPassword([]byte(rawPassword), bcrypt.DefaultCost)
    59. 

  59. 	if err != nil {
    60. 

  60. 		return "", fmt.Errorf("encode password failed: %w", err)
    61. 

  61. 	}
    62. 

  62. 	return string(salt), nil
    63. 

  63. }
    64. 

  64. 

  65. // VerifyPassword 等价于Java的passwordEncoder.matches(),验证密码是否匹配
    66. 

  66. func VerifyPassword(rawPassword, encodedPassword string) bool {
    67. 

  67. 	err := bcrypt.CompareHashAndPassword([]byte(encodedPassword), []byte(rawPassword))
    68. 

  68. 	return err == nil
    69. 

  69. }
    70.