我想在golang解密rsa怎么办?
JavinYang opened this issue · comments
JavinYang commented
// 解密
func RsaDecrypt(ciphertext []byte) ([]byte, error) {
//解密
block, _ := pem.Decode(privateKey)
if block == nil {
return nil, errors.New("private key error!")
}
//解析PKCS1格式的私钥
priv, err := x509.ParsePKCS1PrivateKey(block.Bytes)
if err != nil {
return nil, err
}
// 解密
return rsa.DecryptPKCS1v15(rand.Reader, priv, ciphertext)
}
用这种方式调用rsa.DecryptPKCS1v15的时候解析错误 。是不是规则不同?
Liping Ruan commented
PKCS1?
目前只支持PKCS8,你可以调用PKCS8的解密方法。
如果你确实需要PKCS1的话我可以更新一个版本支持PKCS1。
Liping Ruan commented
@JavinYang hello
我测试了一下, 主要问题在于加密 padding 上.
经过修改双向加解密都没问题, 下面我给出示例吧.
JavaScript 代码
const rsa = new util.Signature.RSA ( );
// 这句非常重要, 默认是 pkcs1-oaep
rsa.keys.setOptions({encryptionScheme:'pkcs1'});
rsa.setPublicKey ( `-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCWqTKhFKAV2rVreVXa69d4znlP
oiJ4ad0yJejAMnNqxLhKSirj5oE6gyo9k/UXJverM3lWOf7lv7IjgJd/5exzvBn6
0VHnwESdeT88duH76LfurX6Ov6vPjFnRzHh/F8Pfu7ueUWK42gt2Qq8/moWDkbA6
E3Tk3HHUU9ZXoBi9cwIDAQAB
-----END PUBLIC KEY-----` );
rsa.setPrivateKey ( `-----BEGIN PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJapMqEUoBXatWt5
Vdrr13jOeU+iInhp3TIl6MAyc2rEuEpKKuPmgTqDKj2T9Rcm96szeVY5/uW/siOA
l3/l7HO8GfrRUefARJ15Pzx24fvot+6tfo6/q8+MWdHMeH8Xw9+7u55RYrjaC3ZC
rz+ahYORsDoTdOTccdRT1legGL1zAgMBAAECgYBiezEMGCZYgsEqAoM7egQ8BINJ
qYrsuQ6M1DjjQVcuiG6KqRaGKEt6yvhWjhucSa2FLD15Pqm+1mKEUG83fDzlmwVP
HdcJ3ChBnEQn+oa+r86TtSCWOFK8LYfkaRcZwGYUuImPgfBUkpZ2bqZmRGX1sRjz
qo4Gs4hlqjcGqwPKGQJBAOD1NwwOV2ffAMRb/najiQgjSg1SoCGAfH3Ys5+T/tYC
m2hy0m5WP2G+lDWoO7GNz6IarXRABu/x+qKlIiwwl18CQQCrc2Tx1kLZYRb80IY6
JU6YMYSyymdok/V0gw3tVhK/BaFLSv7K1FurNV+0Zn+EF/pcb8iD07Kkrk+/ZhDl
7fZtAkEAkbbk4D9N6K9vnMGGE60cbxQEvJp/tRO4EABVYZGIqXFo3wA5RFVDmvnK
oPMHL5yPGQ60ui9bDwOr+LyEZSFYewJAYIdNlCMP7BePu7Mjf2U1xNZMYeU3J1f2
YCzREIjfcREYaK3GmifJnLEmOwliTdq6KIT/Hcl40OMbHyW16d56WQJACw8o5Ujz
n1TDkWLRUyplXqf9TExEHzkkTs5je4R0b4YVUHLR0gPbl5JAyejHkwxz24pBYqPJ
f5cbn/y0zJWT/w==
-----END PRIVATE KEY-----` );
let uncrypted = 'hello world';
// 拿着这个 encrypted 可以去 golang 里面解密
let encrypted = rsa.encrypt ( uncrypted );
console.log ( '\n源数据 => ', uncrypted );
console.log ( '\n加密数据 => ', encrypted );
Golang 代码
package main
import (
"fmt"
"github.com/wenzhenxi/gorsa"
)
// 一样的公钥
var PublicKey = `-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCWqTKhFKAV2rVreVXa69d4znlP
oiJ4ad0yJejAMnNqxLhKSirj5oE6gyo9k/UXJverM3lWOf7lv7IjgJd/5exzvBn6
0VHnwESdeT88duH76LfurX6Ov6vPjFnRzHh/F8Pfu7ueUWK42gt2Qq8/moWDkbA6
E3Tk3HHUU9ZXoBi9cwIDAQAB
-----END PUBLIC KEY-----
`
// 一样的私钥
var PirvateKey = `-----BEGIN PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJapMqEUoBXatWt5
Vdrr13jOeU+iInhp3TIl6MAyc2rEuEpKKuPmgTqDKj2T9Rcm96szeVY5/uW/siOA
l3/l7HO8GfrRUefARJ15Pzx24fvot+6tfo6/q8+MWdHMeH8Xw9+7u55RYrjaC3ZC
rz+ahYORsDoTdOTccdRT1legGL1zAgMBAAECgYBiezEMGCZYgsEqAoM7egQ8BINJ
qYrsuQ6M1DjjQVcuiG6KqRaGKEt6yvhWjhucSa2FLD15Pqm+1mKEUG83fDzlmwVP
HdcJ3ChBnEQn+oa+r86TtSCWOFK8LYfkaRcZwGYUuImPgfBUkpZ2bqZmRGX1sRjz
qo4Gs4hlqjcGqwPKGQJBAOD1NwwOV2ffAMRb/najiQgjSg1SoCGAfH3Ys5+T/tYC
m2hy0m5WP2G+lDWoO7GNz6IarXRABu/x+qKlIiwwl18CQQCrc2Tx1kLZYRb80IY6
JU6YMYSyymdok/V0gw3tVhK/BaFLSv7K1FurNV+0Zn+EF/pcb8iD07Kkrk+/ZhDl
7fZtAkEAkbbk4D9N6K9vnMGGE60cbxQEvJp/tRO4EABVYZGIqXFo3wA5RFVDmvnK
oPMHL5yPGQ60ui9bDwOr+LyEZSFYewJAYIdNlCMP7BePu7Mjf2U1xNZMYeU3J1f2
YCzREIjfcREYaK3GmifJnLEmOwliTdq6KIT/Hcl40OMbHyW16d56WQJACw8o5Ujz
n1TDkWLRUyplXqf9TExEHzkkTs5je4R0b4YVUHLR0gPbl5JAyejHkwxz24pBYqPJ
f5cbn/y0zJWT/w==
-----END PRIVATE KEY-----
`
func main() {
var uncrypted = `hello world`
// JavaScript 里面的 encrypted 密文或者下面被注释掉的代码
var encrypted = ``
// encrypted, encryptError := gorsa.PublicEncrypt ( uncrypted, PublicKey )
// fmt.Println ( encryptError );
decrypted, decryptError := gorsa.PriKeyDecrypt ( encrypted, PirvateKey )
fmt.Println ( decryptError );
fmt.Println ( "\n源数据 => " + uncrypted )
fmt.Println ( "\n加密数据 => " + encrypted )
fmt.Println ( "\n解密数据 => " + decrypted + "\n" )
}
JoysWorks commented
你好,目前这个支持PKCS1吗
Liping Ruan commented
@JoysWorks 支持
生成pkcs1密钥:
let { privateKey, publicKey } = Signature.RSA.generateKeys ( 1024, 'pkcs1' );
https://github.com/lipingruan/fucking-util-signature-uni/blob/master/lib/rsa.js#L22
以及参考上面的代码.