RSA非对称加密算法实现:Golang
RSA是1977年由罗纳德·李维斯特(Ron Rivest)、阿迪·萨莫尔(Adi Shamir)和伦纳德·阿德曼(Leonard Adleman)一起提出的。当时他们三人都在麻省理工学院工作。RSA就是他们三人姓氏开头字母拼在一起组成的。
RSA解决了对称加密的一个不足,比如AES算法加密和解密时使用的是同一个秘钥,因此这个秘钥不能公开,因此对于需要公开秘钥的场合,我们需要在加密和解密过程中使用不同的秘钥,加密使用的公钥可以公开,解密使用的私钥要保密,这就是非对称加密的好处。
常用的开发语言来实现RSA加密:
公钥与私钥
公钥与私钥是成对的,一般的,我们认为的是公钥加密、私钥解密、私钥签名、公钥验证,有人说成私钥加密,公钥解密时不对的。
公钥与私钥的生成有多种方式,可以通过程序生成(下文具体实现),可以通过openssl工具:
# 生成一个私钥,推荐使用1024位的秘钥,秘钥以pem格式保存到-out参数指定的文件中,采用PKCS1格式 openssl genrsa -out rsa.pem 1024 # 生成与私钥对应的公钥,生成的是Subject Public Key,一般配合PKCS8格式私钥使用 openssl rsa -in rsa.pem -pubout -out rsa.pub
RSA生成公钥与私钥一般有两种格式:PKCS1和PKCS8,上面的命令生成的秘钥是PKCS1格式的,而公钥是Subject Public Key,一般配合PKCS8格式私钥使用,所以就可能会涉及到PKCS1和PKCS8之间的转换:
# PKCS1格式私钥转换为PKCS8格式私钥,私钥直接输出到-out参数指定的文件中 openssl pkcs8 -topk8 -inform PEM -in rsa.pem -outform pem -nocrypt -out rsa_pkcs8.pem # PKCS8格式私钥转换为PKCS1格式私钥,私钥直接输出到-out参数指定的文件中 openssl rsa -in rsa_pkcs8.pem -out rsa_pkcs1.pem # PKCS1格式公钥转换为PKCS8格式公钥,转换后的内容直接输出 openssl rsa -pubin -in rsa.pub -RSAPublicKey_out # PKCS8格式公钥转换为PKCS1格式公钥,转换后的内容直接输出 openssl rsa -RSAPublicKey_in -pubout -in rsa.pub
现实中,我们往往从pem、crt、pfx文件获取公私和私钥,crt、pfx的制作可以参考:简单的制作ssl证书,并在nginx和IIS中使用,或者使用现成的:https://pan.baidu.com/s/1MJ5YmuZiLBnf-DfNR_6D7A (提取码:c6tj),密码都是:123456
Golang实现
为了方便读取pem、crt、pfx文件中的公私和私钥,这里我使用了第三方的包:golang.org/x/crypto/pkcs12,可以使用go get安装:go get -u golang.org/x/crypto/pkcs12
安装之后,封装一个工具包rsautil.go:
package rsautil import ( "crypto" "crypto/rand" "crypto/rsa" "crypto/x509" "crypto/x509/pkix" "encoding/asn1" "encoding/pem" "fmt" "golang.org/x/crypto/pkcs12" "io" "io/ioutil" "os" "strconv" ) //从Pem文件中读取秘钥 func ReadFromPem(pemFile string) ([]byte, error) { buffer, err := ioutil.ReadFile(pemFile) if err != nil { return nil, err } block, _ := pem.Decode(buffer) return block.Bytes, nil } //从pfx文件中读取公私密钥(需要安装golang.org/x/crypto/pkcs12) func ReadFromPfx(pfxFile, password string, usePKCS8 bool) ([]byte, []byte) { buffer, err := ioutil.ReadFile(pfxFile) if err != nil { panic(err) } privateKeyInterface, certificate, err := pkcs12.Decode(buffer, password) if err != nil { panic(err) } privateKey := privateKeyInterface.(*rsa.PrivateKey) publicKey := certificate.PublicKey.(*rsa.PublicKey) var ( privateKeyBuffer []byte publicKeyBuffer []byte ) if usePKCS8 { privateKeyBuffer, err = x509.MarshalPKCS8PrivateKey(privateKey) if err != nil { panic(err) } publicKeyBuffer, err = x509.MarshalPKIXPublicKey(publicKey) if err != nil { panic(err) } } else { privateKeyBuffer = x509.MarshalPKCS1PrivateKey(privateKey) publicKeyBuffer = x509.MarshalPKCS1PublicKey(publicKey) } return publicKeyBuffer, privateKeyBuffer } //从crt中读取公钥 func ReadPublicKeyFromCrt(crtFile string, usePKCS8 bool) ([]byte, error) { buffer, err := ioutil.ReadFile(crtFile) if err != nil { return nil, err } certDERBlock, _ := pem.Decode(buffer) certificate, err := x509.ParseCertificate(certDERBlock.Bytes) if err != nil { return nil, err } publicKey := certificate.PublicKey.(*rsa.PublicKey) var publicKeyBuffer []byte if usePKCS8 { publicKeyBuffer, err = x509.MarshalPKIXPublicKey(publicKey) } else { publicKeyBuffer = x509.MarshalPKCS1PublicKey(publicKey) } if err != nil { return nil, err } return publicKeyBuffer, nil } //将秘钥写入Pem文件 func WriteToPem(isPrivateKey bool, buffer []byte, pemFile string) error { var _type string if isPrivateKey { _type = "RSA PRIVATE KEY" } else { _type = "RSA PUBLIC KEY" } block := &pem.Block{ Type: _type, //这个字符串随便写 Bytes: buffer, } file, err := os.Create(pemFile) if err != nil { return err } return pem.Encode(file, block) } //Pkcs1转换为Pkcs8 func Pkcs1ToPkcs8(isPrivateKey bool, buffer []byte) []byte { var ( oid = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 1, 1} info interface{} ) if isPrivateKey { val := struct { Version int Algo []asn1.ObjectIdentifier PrivateKey []byte }{} val.Version = 0 val.Algo = []asn1.ObjectIdentifier{oid} val.PrivateKey = buffer info = val } else { val := struct { Algo pkix.AlgorithmIdentifier BitString asn1.BitString }{} val.Algo.Algorithm = oid val.Algo.Parameters = asn1.NullRawValue val.BitString.Bytes = buffer val.BitString.BitLength = 8 * len(buffer) info = val } b, err := asn1.Marshal(info) if err != nil { panic(err) } return b } //Pkcs8转换为Pkcs1 func Pkcs8ToPkcs1(isPrivateKey bool, buffer []byte) []byte { if isPrivateKey { val := struct { Version int Algo pkix.AlgorithmIdentifier PrivateKey []byte }{} _, err := asn1.Unmarshal(buffer, &val) if err != nil { panic(err) } return val.PrivateKey } else { val := struct { Algo pkix.AlgorithmIdentifier BitString asn1.BitString }{} _, err := asn1.Unmarshal(buffer, &val) if err != nil { panic(err) } return val.BitString.Bytes } } //生成公私钥 //usePKCS8:是否使用pkcs8 func GenerateRsaKey(usePKCS8 bool) ([]byte, []byte) { //生成私钥 privateKey, err := rsa.GenerateKey(rand.Reader, 1024) //1024位 if err != nil { panic(err) } //公钥 publicKey := privateKey.PublicKey var ( privateKeyBuffer []byte publicKeyBuffer []byte ) if usePKCS8 { privateKeyBuffer, err = x509.MarshalPKCS8PrivateKey(privateKey) if err != nil { panic(err) } publicKeyBuffer, err = x509.MarshalPKIXPublicKey(&publicKey) if err != nil { panic(err) } } else { privateKeyBuffer = x509.MarshalPKCS1PrivateKey(privateKey) publicKeyBuffer = x509.MarshalPKCS1PublicKey(&publicKey) } return publicKeyBuffer, privateKeyBuffer } func parsePkcsKey(buffer []byte, isPrivateKey, usePKCS8 bool) (interface{}, error) { var ( err error keyInterface interface{} ) if isPrivateKey { if usePKCS8 { keyInterface, err = x509.ParsePKCS8PrivateKey(buffer) } else { keyInterface, err = x509.ParsePKCS1PrivateKey(buffer) } } else { if usePKCS8 { keyInterface, err = x509.ParsePKIXPublicKey(buffer) } else { keyInterface, err = x509.ParsePKCS1PublicKey(buffer) } } if err != nil { return nil, err } return keyInterface, nil } //RSA加密 func RsaEncrypt(value string, publicKey []byte, usePKCS8 bool) (string, error) { keyInterface, err := parsePkcsKey(publicKey, false, usePKCS8) if err != nil { return "", err } rsaPublicKey := keyInterface.(*rsa.PublicKey) buffer, err := rsa.EncryptPKCS1v15(rand.Reader, rsaPublicKey, []byte(value)) if err != nil { return "", err } //以hex格式数值输出 encryptText := fmt.Sprintf("%x", buffer) return encryptText, nil } //RSA解密 func RsaDecrypt(value string, privateKey []byte, usePKCS8 bool) (string, error) { //将hex格式数据转换为byte切片 valueBytes := []byte(value) var buffer = make([]byte, len(valueBytes)/2) for i := 0; i < len(buffer); i++ { b, err := strconv.ParseInt(value[i*2:i*2+2], 16, 10) if err != nil { return "", err } buffer[i] = byte(b) } keyInterface, err := parsePkcsKey(privateKey, true, usePKCS8) if err != nil { return "", err } key := keyInterface.(*rsa.PrivateKey) buffer, err = rsa.DecryptPKCS1v15(rand.Reader, key, buffer) return string(buffer), nil } //RSA签名 func Sign(value string, privateKey []byte, hash crypto.Hash, usePKCS8 bool) (string, error) { keyInterface, err := parsePkcsKey(privateKey, true, usePKCS8) if err != nil { return "", err } key := keyInterface.(*rsa.PrivateKey) var _hash = hash.New() if _, err := io.WriteString(_hash, value); err != nil { return "", err } hashed := _hash.Sum(nil) result, err := rsa.SignPKCS1v15(rand.Reader, key, hash, hashed) if err != nil { return "", err } //以hex格式数值输出 encryptText := fmt.Sprintf("%x", result) return encryptText, nil } //RSA验证签名 func Verify(value string, publicKey []byte, signature string, hash crypto.Hash, usePKCS8 bool) error { //将hex格式数据转换为byte切片 valueBytes := []byte(signature) var buffer = make([]byte, len(valueBytes)/2) for i := 0; i < len(buffer); i++ { b, err := strconv.ParseInt(signature[i*2:i*2+2], 16, 10) if err != nil { return err } buffer[i] = byte(b) } keyInterface, err := parsePkcsKey(publicKey, false, usePKCS8) if err != nil { return err } key := keyInterface.(*rsa.PublicKey) var _hash = hash.New() if _, err := io.WriteString(_hash, value); err != nil { return err } hashed := _hash.Sum(nil) return rsa.VerifyPKCS1v15(key, hash, hashed, buffer) }
可以使用生成RSA的公私秘钥:
//生成Rsa publicKey, privateKey := rsautil.GenerateRsaKey(usePKCS8)
生成秘钥后,需要保存,一般保存到pem文件中:
//保存到Pem文件,filePath是文件目录 rsautil.WriteToPem(false, publicKey, filepath.Join(filePath, "rsa.pub")) rsautil.WriteToPem(true, privateKey, filepath.Join(filePath, "rsa.pem"))
从pem文件中读取:
//从Pem文件读取秘钥,filePath是文件目录 publicKey, _ := rsautil.ReadFromPem(filepath.Join(filePath, "rsa.pub")) privateKey, _ := rsautil.ReadFromPem(filepath.Join(filePath, "rsa.pem"))
还可以从crt证书中读取公钥,而crt文件不包含私钥,因此需要单独获取私钥:
//从crt文件中读取公钥,filePath是文件目录 publicKey, _ := rsautil.ReadPublicKeyFromCrt(filepath.Join(filePath, "demo.crt"), usePKCS8) privateKey, _ := rsautil.ReadFromPem(filepath.Join(filePath, "demo.key"))
pfx文件中包含了公钥和私钥,可以很方便就读取到:
//从pfx文件中读取秘钥,filePath是文件目录 publicKey, privateKey := rsautil.ReadFromPfx(filepath.Join(filePath, "demo.pfx"), "123456", usePKCS8)
有时候我们还可能需要进行秘钥的转换:
//Pkcs8格式公钥转换为Pkcs1格式公钥 publicKey = rsautil.Pkcs8ToPkcs1(false, publicKey) // Pkcs8格式私钥转换为Pkcs1格式私钥 privateKey = rsautil.Pkcs8ToPkcs1(true, privateKey) // Pkcs1格式公钥转换为Pkcs8格式公钥 publicKey = rsautil.Pkcs1ToPkcs8(false, publicKey) // Pkcs1格式私钥转换为Pkcs8格式私钥 privateKey = rsautil.Pkcs1ToPkcs8(true, privateKey)
有了公钥和私钥,接下就就能实现加密、解密、签名、验证签名等操作了:
encryptText, _ := rsautil.RsaEncrypt(text, publicKey, usePKCS8) fmt.Printf("【%s】经过【RSA】加密后:%s\n", text, encryptText) decryptText, _ := rsautil.RsaDecrypt(encryptText, privateKey, usePKCS8) fmt.Printf("【%s】经过【RSA】解密后:%s\n", encryptText, decryptText) signature, _ := rsautil.Sign(text, privateKey, crypto.MD5, usePKCS8) fmt.Printf("【%s】经过【RSA】签名后:%s\n", text, signature) result := rsautil.Verify(text, publicKey, signature, crypto.MD5, usePKCS8) == nil fmt.Printf("【%s】的签名【%s】经过【RSA】验证后结果是:"+strconv.FormatBool(result), text, signature)
完整的demo代码:
package main import ( "crypto" "demo/rsautil" "fmt" "os" "path/filepath" "strconv" ) func main() { text := "上山打老虎" usePKCS8 := true // usePKCS8=true表示是否成PKCS8格式的公私秘钥,否则乘车PKCS1格式的公私秘钥 path, _ := os.Executable() filePath := filepath.Dir(path) fmt.Printf("文件路径:%s\n", filePath) // 存放pem,crt,pfx等文件的目录 //生成Rsa publicKey, privateKey := rsautil.GenerateRsaKey(usePKCS8) //从Pem文件读取秘钥,filePath是文件目录 //publicKey, _ := rsautil.ReadFromPem(filepath.Join(filePath, "rsa.pub")) //privateKey, _ := rsautil.ReadFromPem(filepath.Join(filePath, "rsa.pem")) //从pfx文件中读取秘钥,filePath是文件目录 //publicKey, privateKey := rsautil.ReadFromPfx(filepath.Join(filePath, "demo.pfx"), "123456", usePKCS8) //从crt文件中读取公钥,filePath是文件目录 //publicKey, _ := rsautil.ReadPublicKeyFromCrt(filepath.Join(filePath, "demo.crt"), usePKCS8) //privateKey, _ := rsautil.ReadFromPem(filepath.Join(filePath, "demo.key")) //保存到Pem文件,filePath是文件目录 rsautil.WriteToPem(false, publicKey, filepath.Join(filePath, "rsa.pub")) rsautil.WriteToPem(true, privateKey, filepath.Join(filePath, "rsa.pem")) //Pkcs8格式公钥转换为Pkcs1格式公钥 publicKey = rsautil.Pkcs8ToPkcs1(false, publicKey) // Pkcs8格式私钥转换为Pkcs1格式私钥 privateKey = rsautil.Pkcs8ToPkcs1(true, privateKey) // Pkcs1格式公钥转换为Pkcs8格式公钥 publicKey = rsautil.Pkcs1ToPkcs8(false, publicKey) // Pkcs1格式私钥转换为Pkcs8格式私钥 privateKey = rsautil.Pkcs1ToPkcs8(true, privateKey) encryptText, _ := rsautil.RsaEncrypt(text, publicKey, usePKCS8) fmt.Printf("【%s】经过【RSA】加密后:%s\n", text, encryptText) decryptText, _ := rsautil.RsaDecrypt(encryptText, privateKey, usePKCS8) fmt.Printf("【%s】经过【RSA】解密后:%s\n", encryptText, decryptText) signature, _ := rsautil.Sign(text, privateKey, crypto.MD5, usePKCS8) fmt.Printf("【%s】经过【RSA】签名后:%s\n", text, signature) result := rsautil.Verify(text, publicKey, signature, crypto.MD5, usePKCS8) == nil fmt.Printf("【%s】的签名【%s】经过【RSA】验证后结果是:"+strconv.FormatBool(result), text, signature) }